Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Computer might be infected, looks to be Zero Access


  • Please log in to reply
26 replies to this topic

#1 ThatGuyJake

ThatGuyJake

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:12:42 PM

Posted 13 October 2012 - 05:42 PM

Yesterday I had a suspicious pop-up saying Adobe Flash need to update to the same version I have. It kept popping up about every 10 minutes so I assumed it was malware and googled the issue. I found a previous thread of someone with the same problem and I followed the instructions given to them(I know this is a no-no, but I usually solve all my issues this way.)

I ran Mbam, Tdsskiller, which both came up with infections and I cured them. I ran adwcleaner which found a bunch of files and keys, my Mozilla firefox files were especially corrupt.

adw detected zeroaccess files and deleted them. I no longer have services.exe running which is a good sign. I just want to be sure I'm all cleaned up.

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:42 PM

Posted 13 October 2012 - 05:44 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 ThatGuyJake

ThatGuyJake
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:12:42 PM

Posted 13 October 2012 - 05:49 PM

Here is the Tdsskiller

15:46:14.0980 0164 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
15:46:15.0443 0164 ============================================================
15:46:15.0443 0164 Current date / time: 2012/10/13 15:46:15.0443
15:46:15.0443 0164 SystemInfo:
15:46:15.0443 0164
15:46:15.0443 0164 OS Version: 6.1.7600 ServicePack: 0.0
15:46:15.0443 0164 Product type: Workstation
15:46:15.0443 0164 ComputerName: ROBINHOOD
15:46:15.0444 0164 UserName: Collin
15:46:15.0444 0164 Windows directory: C:\Windows
15:46:15.0444 0164 System windows directory: C:\Windows
15:46:15.0444 0164 Running under WOW64
15:46:15.0444 0164 Processor architecture: Intel x64
15:46:15.0444 0164 Number of processors: 4
15:46:15.0444 0164 Page size: 0x1000
15:46:15.0444 0164 Boot type: Normal boot
15:46:15.0444 0164 ============================================================
15:46:16.0993 0164 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x700FC, SectorsPerTrack: 0x13, TracksPerCylinder: 0xE0, Type 'K0', Flags 0x00000040
15:46:17.0000 0164 Drive \Device\Harddisk1\DR1 - Size: 0x3C200000 (0.94 Gb), SectorSize: 0x200, Cylinders: 0x7A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
15:46:17.0007 0164 ============================================================
15:46:17.0007 0164 \Device\Harddisk0\DR0:
15:46:17.0008 0164 MBR partitions:
15:46:17.0008 0164 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
15:46:17.0008 0164 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746D3800
15:46:17.0008 0164 \Device\Harddisk1\DR1:
15:46:17.0011 0164 MBR partitions:
15:46:17.0011 0164 ============================================================
15:46:17.0075 0164 C: <-> \Device\Harddisk0\DR0\Partition2
15:46:17.0075 0164 ============================================================
15:46:17.0075 0164 Initialize success
15:46:17.0075 0164 ============================================================
15:46:19.0718 4008 ============================================================
15:46:19.0718 4008 Scan started
15:46:19.0718 4008 Mode: Manual;
15:46:19.0718 4008 ============================================================
15:46:21.0525 4008 ================ Scan system memory ========================
15:46:21.0525 4008 System memory - ok
15:46:21.0525 4008 ================ Scan services =============================
15:46:21.0626 4008 [ 1B00662092F9F9568B995902F0CC40D5 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
15:46:21.0627 4008 1394ohci - ok
15:46:21.0654 4008 [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
15:46:21.0656 4008 ACPI - ok
15:46:21.0677 4008 [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
15:46:21.0677 4008 AcpiPmi - ok
15:46:21.0712 4008 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
15:46:21.0715 4008 adp94xx - ok
15:46:21.0735 4008 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
15:46:21.0737 4008 adpahci - ok
15:46:21.0743 4008 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
15:46:21.0744 4008 adpu320 - ok
15:46:21.0762 4008 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:46:21.0763 4008 AeLookupSvc - ok
15:46:21.0784 4008 [ B9384E03479D2506BC924C16A3DB87BC ] AFD C:\Windows\system32\drivers\afd.sys
15:46:21.0786 4008 AFD - ok
15:46:21.0799 4008 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
15:46:21.0799 4008 agp440 - ok
15:46:21.0803 4008 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
15:46:21.0804 4008 ALG - ok
15:46:21.0818 4008 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
15:46:21.0818 4008 aliide - ok
15:46:21.0830 4008 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\DRIVERS\amdide.sys
15:46:21.0830 4008 amdide - ok
15:46:21.0842 4008 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
15:46:21.0843 4008 AmdK8 - ok
15:46:21.0991 4008 [ AA69BE58D58D5C9674720BF0A000927D ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
15:46:22.0014 4008 amdkmdag - ok
15:46:22.0049 4008 [ 961A81A84FDD700E361E8294528A37BA ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
15:46:22.0051 4008 amdkmdap - ok
15:46:22.0062 4008 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
15:46:22.0062 4008 AmdPPM - ok
15:46:22.0077 4008 [ 7A4B413614C055935567CF88A9734D38 ] amdsata C:\Windows\system32\DRIVERS\amdsata.sys
15:46:22.0078 4008 amdsata - ok
15:46:22.0091 4008 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
15:46:22.0092 4008 amdsbs - ok
15:46:22.0106 4008 [ B4AD0CACBAB298671DD6F6EF7E20679D ] amdxata C:\Windows\system32\DRIVERS\amdxata.sys
15:46:22.0106 4008 amdxata - ok
15:46:22.0116 4008 [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID C:\Windows\system32\drivers\appid.sys
15:46:22.0116 4008 AppID - ok
15:46:22.0132 4008 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
15:46:22.0132 4008 AppIDSvc - ok
15:46:22.0163 4008 [ D065BE66822847B7F127D1F90158376E ] Appinfo C:\Windows\System32\appinfo.dll
15:46:22.0163 4008 Appinfo - ok
15:46:22.0266 4008 [ 20F6F19FE9E753F2780DC2FA083AD597 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:46:22.0267 4008 Apple Mobile Device - ok
15:46:22.0293 4008 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
15:46:22.0294 4008 AppMgmt - ok
15:46:22.0307 4008 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
15:46:22.0308 4008 arc - ok
15:46:22.0322 4008 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
15:46:22.0323 4008 arcsas - ok
15:46:22.0370 4008 [ 997F5B51CAB25BD3FB95667E962CD3AE ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
15:46:22.0371 4008 aswTdi - ok
15:46:22.0385 4008 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:46:22.0386 4008 AsyncMac - ok
15:46:22.0394 4008 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\DRIVERS\atapi.sys
15:46:22.0394 4008 atapi - ok
15:46:22.0455 4008 [ 1DF80E29DED523F0DDCF02F3DA216C9C ] Ati External Event Utility C:\Windows\system32\Ati2evxx.exe
15:46:22.0459 4008 Ati External Event Utility - ok
15:46:22.0503 4008 [ CBD14F698DEF12EE3557604B726CB8EB ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
15:46:22.0503 4008 AtiHDAudioService - ok
15:46:22.0533 4008 [ 04A5815DF7E8B037DF674D3CCACC0C31 ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
15:46:22.0534 4008 AtiHdmiService - ok
15:46:22.0646 4008 [ AA69BE58D58D5C9674720BF0A000927D ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
15:46:22.0670 4008 atikmdag - ok
15:46:22.0798 4008 [ 09149D03629A44F4773E621C432D1D89 ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys
15:46:22.0799 4008 atksgt - ok
15:46:22.0837 4008 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:46:22.0840 4008 AudioEndpointBuilder - ok
15:46:22.0850 4008 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv C:\Windows\System32\Audiosrv.dll
15:46:22.0853 4008 AudioSrv - ok
15:46:22.0894 4008 avast! Mail Scanner - ok
15:46:22.0896 4008 avast! Web Scanner - ok
15:46:22.0920 4008 [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV C:\Windows\System32\AxInstSV.dll
15:46:22.0920 4008 AxInstSV - ok
15:46:22.0957 4008 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
15:46:22.0959 4008 b06bdrv - ok
15:46:22.0994 4008 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
15:46:22.0996 4008 b57nd60a - ok
15:46:23.0014 4008 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
15:46:23.0015 4008 BDESVC - ok
15:46:23.0037 4008 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
15:46:23.0037 4008 Beep - ok
15:46:23.0073 4008 [ 4992C609A6315671463E30F6512BC022 ] BFE C:\Windows\System32\bfe.dll
15:46:23.0076 4008 BFE - ok
15:46:23.0121 4008 [ 7F0C323FE3DA28AA4AA1BDA3F575707F ] BITS C:\Windows\System32\qmgr.dll
15:46:23.0126 4008 BITS - ok
15:46:23.0144 4008 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
15:46:23.0145 4008 blbdrive - ok
15:46:23.0231 4008 [ 1C87705CCB2F60172B0FC86B5D82F00D ] Bonjour Service C:\Program Files (x86)\Bonjour\mDNSResponder.exe
15:46:23.0233 4008 Bonjour Service - ok
15:46:23.0267 4008 [ 91CE0D3DC57DD377E690A2D324022B08 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:46:23.0268 4008 bowser - ok
15:46:23.0274 4008 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:46:23.0274 4008 BrFiltLo - ok
15:46:23.0283 4008 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:46:23.0283 4008 BrFiltUp - ok
15:46:23.0316 4008 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
15:46:23.0317 4008 BridgeMP - ok
15:46:23.0338 4008 [ 94FBC06F294D58D02361918418F996E3 ] Browser C:\Windows\System32\browser.dll
15:46:23.0339 4008 Browser - ok
15:46:23.0359 4008 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
15:46:23.0360 4008 Brserid - ok
15:46:23.0375 4008 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
15:46:23.0375 4008 BrSerWdm - ok
15:46:23.0391 4008 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
15:46:23.0391 4008 BrUsbMdm - ok
15:46:23.0402 4008 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
15:46:23.0402 4008 BrUsbSer - ok
15:46:23.0413 4008 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
15:46:23.0414 4008 BTHMODEM - ok
15:46:23.0430 4008 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
15:46:23.0431 4008 bthserv - ok
15:46:23.0535 4008 catchme - ok
15:46:23.0564 4008 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:46:23.0565 4008 cdfs - ok
15:46:23.0610 4008 [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
15:46:23.0611 4008 cdrom - ok
15:46:23.0625 4008 [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc C:\Windows\System32\certprop.dll
15:46:23.0626 4008 CertPropSvc - ok
15:46:23.0643 4008 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
15:46:23.0644 4008 circlass - ok
15:46:23.0670 4008 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
15:46:23.0672 4008 CLFS - ok
15:46:23.0758 4008 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:46:23.0759 4008 clr_optimization_v2.0.50727_32 - ok
15:46:23.0801 4008 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:46:23.0801 4008 clr_optimization_v2.0.50727_64 - ok
15:46:23.0822 4008 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
15:46:23.0822 4008 CmBatt - ok
15:46:23.0836 4008 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
15:46:23.0836 4008 cmdide - ok
15:46:23.0895 4008 [ A8515DBAD8A38992574CC04FA6907E12 ] cmuda3 C:\Windows\system32\drivers\cmudax3.sys
15:46:23.0900 4008 cmuda3 - ok
15:46:23.0922 4008 [ F95FD4CB7DA00BA2A63CE9F6B5C053E1 ] CNG C:\Windows\system32\Drivers\cng.sys
15:46:23.0924 4008 CNG - ok
15:46:23.0939 4008 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
15:46:23.0939 4008 Compbatt - ok
15:46:23.0962 4008 [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
15:46:23.0962 4008 CompositeBus - ok
15:46:23.0965 4008 COMSysApp - ok
15:46:23.0974 4008 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
15:46:23.0974 4008 crcdisk - ok
15:46:24.0041 4008 [ C8BD651E13895B93ED9EC5B4F1DF42BC ] Creative ALchemy AL6 Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
15:46:24.0042 4008 Creative ALchemy AL6 Licensing Service - ok
15:46:24.0072 4008 [ C0EAD9F8AB83D41FF07303C75589C2B8 ] Creative Audio Engine Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
15:46:24.0073 4008 Creative Audio Engine Licensing Service - ok
15:46:24.0099 4008 [ 8C57411B66282C01533CB776F98AD384 ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:46:24.0100 4008 CryptSvc - ok
15:46:24.0122 4008 [ 4A6173C2279B498CD8F57CAE504564CB ] CSC C:\Windows\system32\drivers\csc.sys
15:46:24.0125 4008 CSC - ok
15:46:24.0148 4008 [ 873FBF927C06E5CEE04DEC617502F8FD ] CscService C:\Windows\System32\cscsvc.dll
15:46:24.0152 4008 CscService - ok
15:46:24.0207 4008 [ 07BA6D17E66879018B30B6C3F976EBED ] CTAudSvcService C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
15:46:24.0208 4008 CTAudSvcService - ok
15:46:24.0232 4008 DAUpdaterSvc - ok
15:46:24.0274 4008 [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch C:\Windows\system32\rpcss.dll
15:46:24.0277 4008 DcomLaunch - ok
15:46:24.0314 4008 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
15:46:24.0316 4008 defragsvc - ok
15:46:24.0324 4008 [ 3F1DC527070ACB87E40AFE46EF6DA749 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
15:46:24.0324 4008 DfsC - ok
15:46:24.0345 4008 [ CE3B9562D997F69B330D181A8875960F ] Dhcp C:\Windows\system32\dhcpcore.dll
15:46:24.0347 4008 Dhcp - ok
15:46:24.0356 4008 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
15:46:24.0357 4008 discache - ok
15:46:24.0365 4008 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
15:46:24.0365 4008 Disk - ok
15:46:24.0380 4008 [ 676108C4E3AA6F6B34633748BD0BEBD9 ] Dnscache C:\Windows\System32\dnsrslvr.dll
15:46:24.0381 4008 Dnscache - ok
15:46:24.0402 4008 [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc C:\Windows\System32\dot3svc.dll
15:46:24.0403 4008 dot3svc - ok
15:46:24.0421 4008 [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS C:\Windows\system32\dps.dll
15:46:24.0422 4008 DPS - ok
15:46:24.0456 4008 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:46:24.0456 4008 drmkaud - ok
15:46:24.0559 4008 [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
15:46:24.0560 4008 dtsoftbus01 - ok
15:46:24.0599 4008 [ 7CB7D2B73813CE05C7BC0F5F95D27CEC ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:46:24.0603 4008 DXGKrnl - ok
15:46:24.0638 4008 EagleX64 - ok
15:46:24.0652 4008 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
15:46:24.0653 4008 EapHost - ok
15:46:24.0802 4008 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
15:46:24.0818 4008 ebdrv - ok
15:46:24.0842 4008 [ 0793F40B9B8A1BDD266296409DBD91EA ] EFS C:\Windows\System32\lsass.exe
15:46:24.0843 4008 EFS - ok
15:46:24.0889 4008 [ B91D81B3B54A54CCAFC03733DBC2E29E ] ehRecvr C:\Windows\ehome\ehRecvr.exe
15:46:24.0892 4008 ehRecvr - ok
15:46:24.0902 4008 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
15:46:24.0903 4008 ehSched - ok
15:46:24.0929 4008 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
15:46:24.0931 4008 elxstor - ok
15:46:24.0943 4008 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
15:46:24.0944 4008 ErrDev - ok
15:46:24.0962 4008 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
15:46:24.0965 4008 EventSystem - ok
15:46:24.0986 4008 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
15:46:24.0987 4008 exfat - ok
15:46:25.0001 4008 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:46:25.0002 4008 fastfat - ok
15:46:25.0032 4008 [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax C:\Windows\system32\fxssvc.exe
15:46:25.0036 4008 Fax - ok
15:46:25.0043 4008 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
15:46:25.0044 4008 fdc - ok
15:46:25.0059 4008 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
15:46:25.0060 4008 fdPHost - ok
15:46:25.0066 4008 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
15:46:25.0067 4008 FDResPub - ok
15:46:25.0082 4008 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:46:25.0082 4008 FileInfo - ok
15:46:25.0086 4008 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:46:25.0086 4008 Filetrace - ok
15:46:25.0153 4008 [ 227846995AFEEFA70D328BF5334A86A5 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
15:46:25.0156 4008 FLEXnet Licensing Service - ok
15:46:25.0167 4008 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
15:46:25.0168 4008 flpydisk - ok
15:46:25.0178 4008 [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:46:25.0180 4008 FltMgr - ok
15:46:25.0207 4008 [ 8AC4CB4EA61E41009FAE9AE7B2B5DA3A ] FontCache C:\Windows\system32\FntCache.dll
15:46:25.0212 4008 FontCache - ok
15:46:25.0236 4008 [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:46:25.0236 4008 FontCache3.0.0.0 - ok
15:46:25.0268 4008 freenet - ok
15:46:25.0278 4008 freenet_2 - ok
15:46:25.0281 4008 freenet_4 - ok
15:46:25.0298 4008 freenet_5 - ok
15:46:25.0301 4008 freenet_6 - ok
15:46:25.0306 4008 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
15:46:25.0306 4008 FsDepends - ok
15:46:25.0321 4008 [ E95EF8547DE20CF0603557C0CF7A9462 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:46:25.0321 4008 Fs_Rec - ok
15:46:25.0335 4008 [ B8B2A6E1558F8F5DE5CE431C5B2C7B09 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
15:46:25.0336 4008 fvevol - ok
15:46:25.0356 4008 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
15:46:25.0356 4008 gagp30kx - ok
15:46:25.0408 4008 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:46:25.0408 4008 GEARAspiWDM - ok
15:46:25.0432 4008 [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc C:\Windows\System32\gpsvc.dll
15:46:25.0435 4008 gpsvc - ok
15:46:25.0479 4008 [ F8F0851D336C3B88DBD7232B6348E09A ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
15:46:25.0480 4008 hamachi - ok
15:46:25.0546 4008 Hamachi2Svc - ok
15:46:25.0734 4008 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
15:46:25.0735 4008 hcw85cir - ok
15:46:25.0805 4008 [ 6410F6F415B2A5A9037224C41DA8BF12 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:46:25.0807 4008 HdAudAddService - ok
15:46:25.0911 4008 [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
15:46:25.0912 4008 HDAudBus - ok
15:46:25.0930 4008 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
15:46:25.0931 4008 HidBatt - ok
15:46:25.0944 4008 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
15:46:25.0944 4008 HidBth - ok
15:46:25.0960 4008 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
15:46:25.0960 4008 HidIr - ok
15:46:25.0975 4008 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
15:46:25.0976 4008 hidserv - ok
15:46:26.0024 4008 [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
15:46:26.0025 4008 HidUsb - ok
15:46:26.0092 4008 [ FD1837DEE0A1D7F180D7B301C0656511 ] HiPatchService C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
15:46:26.0092 4008 HiPatchService - ok
15:46:26.0153 4008 [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc C:\Windows\system32\kmsvc.dll
15:46:26.0154 4008 hkmsvc - ok
15:46:26.0176 4008 [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:46:26.0178 4008 HomeGroupListener - ok
15:46:26.0199 4008 [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:46:26.0201 4008 HomeGroupProvider - ok
15:46:26.0212 4008 [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
15:46:26.0212 4008 HpSAMD - ok
15:46:26.0238 4008 [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:46:26.0241 4008 HTTP - ok
15:46:26.0254 4008 [ F17766A19145F111856378DF337A5D79 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
15:46:26.0254 4008 hwpolicy - ok
15:46:26.0283 4008 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
15:46:26.0283 4008 i8042prt - ok
15:46:26.0316 4008 [ D83EFB6FD45DF9D55E9A1AFC63640D50 ] iaStorV C:\Windows\system32\DRIVERS\iaStorV.sys
15:46:26.0317 4008 iaStorV - ok
15:46:26.0363 4008 [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:46:26.0366 4008 idsvc - ok
15:46:26.0387 4008 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
15:46:26.0387 4008 iirsp - ok
15:46:26.0417 4008 [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT C:\Windows\System32\ikeext.dll
15:46:26.0421 4008 IKEEXT - ok
15:46:26.0442 4008 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\DRIVERS\intelide.sys
15:46:26.0442 4008 intelide - ok
15:46:26.0466 4008 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
15:46:26.0467 4008 intelppm - ok
15:46:26.0474 4008 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
15:46:26.0475 4008 IPBusEnum - ok
15:46:26.0482 4008 [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:46:26.0483 4008 IpFilterDriver - ok
15:46:26.0494 4008 [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
15:46:26.0495 4008 IPMIDRV - ok
15:46:26.0498 4008 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
15:46:26.0499 4008 IPNAT - ok
15:46:26.0576 4008 [ FDF57F795098AB29AF780824315C9859 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
15:46:26.0580 4008 iPod Service - ok
15:46:26.0602 4008 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:46:26.0602 4008 IRENUM - ok
15:46:26.0609 4008 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
15:46:26.0610 4008 isapnp - ok
15:46:26.0625 4008 [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
15:46:26.0626 4008 iScsiPrt - ok
15:46:26.0644 4008 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
15:46:26.0645 4008 kbdclass - ok
15:46:26.0666 4008 [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
15:46:26.0666 4008 kbdhid - ok
15:46:26.0675 4008 [ 0793F40B9B8A1BDD266296409DBD91EA ] KeyIso C:\Windows\system32\lsass.exe
15:46:26.0676 4008 KeyIso - ok
15:46:26.0726 4008 [ 64801398A9EA492548703CC5F0109F87 ] ksaud C:\Windows\system32\drivers\ksaud.sys
15:46:26.0731 4008 ksaud - ok
15:46:26.0746 4008 [ E8B6FCC9C83535C67F835D407620BD27 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:46:26.0746 4008 KSecDD - ok
15:46:26.0764 4008 [ BBE1BF6D9B661C354D4857D5FADB943B ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
15:46:26.0765 4008 KSecPkg - ok
15:46:26.0773 4008 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
15:46:26.0774 4008 ksthunk - ok
15:46:26.0807 4008 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
15:46:26.0810 4008 KtmRm - ok
15:46:26.0846 4008 [ C926920B8978DE6ACFE9E15C709E9B57 ] LanmanServer C:\Windows\System32\srvsvc.dll
15:46:26.0848 4008 LanmanServer - ok
15:46:26.0866 4008 [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:46:26.0868 4008 LanmanWorkstation - ok
15:46:26.0915 4008 [ FA529FB35694C24BF98A9EF67C1CD9D0 ] LGBusEnum C:\Windows\system32\drivers\LGBusEnum.sys
15:46:26.0916 4008 LGBusEnum - ok
15:46:26.0960 4008 [ 94B29CE153765E768F004FB3440BE2B0 ] LGVirHid C:\Windows\system32\drivers\LGVirHid.sys
15:46:26.0960 4008 LGVirHid - ok
15:46:27.0020 4008 [ 5EA407821BB3104C31A705175AB4F309 ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys
15:46:27.0020 4008 lirsgt - ok
15:46:27.0044 4008 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:46:27.0044 4008 lltdio - ok
15:46:27.0068 4008 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:46:27.0070 4008 lltdsvc - ok
15:46:27.0080 4008 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
15:46:27.0081 4008 lmhosts - ok
15:46:27.0117 4008 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
15:46:27.0117 4008 LSI_FC - ok
15:46:27.0130 4008 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
15:46:27.0130 4008 LSI_SAS - ok
15:46:27.0137 4008 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:46:27.0137 4008 LSI_SAS2 - ok
15:46:27.0148 4008 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:46:27.0149 4008 LSI_SCSI - ok
15:46:27.0172 4008 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
15:46:27.0173 4008 luafv - ok
15:46:27.0190 4008 [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
15:46:27.0192 4008 Mcx2Svc - ok
15:46:27.0199 4008 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
15:46:27.0199 4008 megasas - ok
15:46:27.0222 4008 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
15:46:27.0225 4008 MegaSR - ok
15:46:27.0236 4008 MEMSWEEP2 - ok
15:46:27.0249 4008 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
15:46:27.0251 4008 MMCSS - ok
15:46:27.0256 4008 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
15:46:27.0257 4008 Modem - ok
15:46:27.0279 4008 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
15:46:27.0279 4008 monitor - ok
15:46:27.0291 4008 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
15:46:27.0291 4008 mouclass - ok
15:46:27.0317 4008 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
15:46:27.0318 4008 mouhid - ok
15:46:27.0329 4008 [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
15:46:27.0330 4008 mountmgr - ok
15:46:27.0394 4008 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:46:27.0395 4008 MozillaMaintenance - ok
15:46:27.0416 4008 [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio C:\Windows\system32\DRIVERS\mpio.sys
15:46:27.0418 4008 mpio - ok
15:46:27.0433 4008 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:46:27.0434 4008 mpsdrv - ok
15:46:27.0462 4008 [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:46:27.0464 4008 MRxDAV - ok
15:46:27.0484 4008 [ CFDCD8CA87C2A657DEBC150AC35B5E08 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:46:27.0485 4008 mrxsmb - ok
15:46:27.0500 4008 [ 1BEE517B220B7F024F411AEC1571DD5A ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:46:27.0503 4008 mrxsmb10 - ok
15:46:27.0512 4008 [ 6B2D5FEF385828B6E485C1C90AFB8195 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:46:27.0514 4008 mrxsmb20 - ok
15:46:27.0522 4008 [ 5C37497276E3B3A5488B23A326A754B7 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
15:46:27.0523 4008 msahci - ok
15:46:27.0652 4008 [ AB94AA7A8C00AD8D9ED6C9B8261B0C1E ] MSCamSvc C:\Program Files\Microsoft LifeCam\MSCamS64.exe
15:46:27.0669 4008 MSCamSvc - ok
15:46:27.0687 4008 [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
15:46:27.0689 4008 msdsm - ok
15:46:27.0706 4008 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
15:46:27.0708 4008 MSDTC - ok
15:46:27.0718 4008 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
15:46:27.0719 4008 Msfs - ok
15:46:27.0731 4008 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
15:46:27.0731 4008 mshidkmdf - ok
15:46:27.0734 4008 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
15:46:27.0734 4008 msisadrv - ok
15:46:27.0762 4008 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
15:46:27.0765 4008 MSiSCSI - ok
15:46:27.0767 4008 msiserver - ok
15:46:27.0789 4008 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
15:46:27.0790 4008 MSKSSRV - ok
15:46:27.0804 4008 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
15:46:27.0804 4008 MSPCLOCK - ok
15:46:27.0810 4008 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
15:46:27.0811 4008 MSPQM - ok
15:46:27.0829 4008 [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
15:46:27.0833 4008 MsRPC - ok
15:46:27.0846 4008 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
15:46:27.0847 4008 mssmbios - ok
15:46:27.0859 4008 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
15:46:27.0860 4008 MSTEE - ok
15:46:27.0872 4008 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
15:46:27.0872 4008 MTConfig - ok
15:46:27.0913 4008 [ 03B7145C889603537E9FFEABB1AD1089 ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
15:46:27.0914 4008 MTsensor - ok
15:46:27.0928 4008 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
15:46:27.0928 4008 Mup - ok
15:46:27.0952 4008 [ 4987E079A4530FA737A128BE54B63B12 ] napagent C:\Windows\system32\qagentRT.dll
15:46:27.0958 4008 napagent - ok
15:46:27.0990 4008 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
15:46:27.0994 4008 NativeWifiP - ok
15:46:28.0027 4008 [ CAD515DBD07D082BB317D9928CE8962C ] NDIS C:\Windows\system32\drivers\ndis.sys
15:46:28.0036 4008 NDIS - ok
15:46:28.0041 4008 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
15:46:28.0042 4008 NdisCap - ok
15:46:28.0056 4008 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
15:46:28.0057 4008 NdisTapi - ok
15:46:28.0060 4008 [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
15:46:28.0061 4008 Ndisuio - ok
15:46:28.0074 4008 [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
15:46:28.0076 4008 NdisWan - ok
15:46:28.0090 4008 [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
15:46:28.0091 4008 NDProxy - ok
15:46:28.0094 4008 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
15:46:28.0095 4008 NetBIOS - ok
15:46:28.0112 4008 [ 9162B273A44AB9DCE5B44362731D062A ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
15:46:28.0114 4008 NetBT - ok
15:46:28.0120 4008 [ 0793F40B9B8A1BDD266296409DBD91EA ] Netlogon C:\Windows\system32\lsass.exe
15:46:28.0121 4008 Netlogon - ok
15:46:28.0151 4008 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
15:46:28.0155 4008 Netman - ok
15:46:28.0207 4008 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
15:46:28.0213 4008 netprofm - ok
15:46:28.0242 4008 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:46:28.0244 4008 NetTcpPortSharing - ok
15:46:28.0258 4008 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
15:46:28.0259 4008 nfrd960 - ok
15:46:28.0275 4008 [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc C:\Windows\System32\nlasvc.dll
15:46:28.0279 4008 NlaSvc - ok
15:46:28.0282 4008 Normandy - ok
15:46:28.0295 4008 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
15:46:28.0296 4008 Npfs - ok
15:46:28.0304 4008 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
15:46:28.0305 4008 nsi - ok
15:46:28.0313 4008 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
15:46:28.0313 4008 nsiproxy - ok
15:46:28.0444 4008 [ 356698A13C4630D5B31C37378D469196 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
15:46:28.0461 4008 Ntfs - ok
15:46:28.0476 4008 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
15:46:28.0477 4008 Null - ok
15:46:28.0492 4008 [ 3E38712941E9BB4DDBEE00AFFE3FED3D ] nvraid C:\Windows\system32\DRIVERS\nvraid.sys
15:46:28.0494 4008 nvraid - ok
15:46:28.0521 4008 [ 477DC4D6DEB99BE37084C9AC6D013DA1 ] nvstor C:\Windows\system32\DRIVERS\nvstor.sys
15:46:28.0523 4008 nvstor - ok
15:46:28.0539 4008 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
15:46:28.0540 4008 nv_agp - ok
15:46:28.0557 4008 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
15:46:28.0558 4008 ohci1394 - ok
15:46:28.0631 4008 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:46:28.0632 4008 ose - ok
15:46:28.0664 4008 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
15:46:28.0669 4008 p2pimsvc - ok
15:46:28.0692 4008 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
15:46:28.0697 4008 p2psvc - ok
15:46:28.0707 4008 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
15:46:28.0709 4008 Parport - ok
15:46:28.0716 4008 [ 7DAA117143316C4A1537E074A5A9EAF0 ] partmgr C:\Windows\system32\drivers\partmgr.sys
15:46:28.0717 4008 partmgr - ok
15:46:28.0807 4008 [ 7C0582921913D00180EC2B8518BA135C ] pbfilter C:\Program Files\PeerBlock\pbfilter.sys
15:46:28.0807 4008 pbfilter - ok
15:46:28.0828 4008 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
15:46:28.0831 4008 PcaSvc - ok
15:46:28.0848 4008 [ F36F6504009F2FB0DFD1B17A116AD74B ] pci C:\Windows\system32\DRIVERS\pci.sys
15:46:28.0850 4008 pci - ok
15:46:28.0860 4008 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\DRIVERS\pciide.sys
15:46:28.0861 4008 pciide - ok
15:46:28.0872 4008 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
15:46:28.0875 4008 pcmcia - ok
15:46:28.0892 4008 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
15:46:28.0893 4008 pcw - ok
15:46:28.0913 4008 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:46:28.0920 4008 PEAUTH - ok
15:46:28.0951 4008 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
15:46:28.0965 4008 PeerDistSvc - ok
15:46:29.0011 4008 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
15:46:29.0012 4008 PerfHost - ok
15:46:29.0056 4008 [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla C:\Windows\system32\pla.dll
15:46:29.0071 4008 pla - ok
15:46:29.0101 4008 [ 23157D583244400E1D7FBAEE2E4B31B7 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:46:29.0106 4008 PlugPlay - ok
15:46:29.0132 4008 PnkBstrA - ok
15:46:29.0142 4008 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
15:46:29.0143 4008 PNRPAutoReg - ok
15:46:29.0164 4008 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
15:46:29.0167 4008 PNRPsvc - ok
15:46:29.0195 4008 [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:46:29.0200 4008 PolicyAgent - ok
15:46:29.0210 4008 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
15:46:29.0213 4008 Power - ok
15:46:29.0225 4008 [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
15:46:29.0226 4008 PptpMiniport - ok
15:46:29.0249 4008 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
15:46:29.0250 4008 Processor - ok
15:46:29.0267 4008 [ F381975E1F4346DE875CB07339CE8D3A ] ProfSvc C:\Windows\system32\profsvc.dll
15:46:29.0271 4008 ProfSvc - ok
15:46:29.0286 4008 [ 0793F40B9B8A1BDD266296409DBD91EA ] ProtectedStorage C:\Windows\system32\lsass.exe
15:46:29.0287 4008 ProtectedStorage - ok
15:46:29.0296 4008 [ EE992183BD8EAEFD9973F352E587A299 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
15:46:29.0297 4008 Psched - ok
15:46:29.0339 4008 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
15:46:29.0364 4008 ql2300 - ok
15:46:29.0369 4008 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
15:46:29.0371 4008 ql40xx - ok
15:46:29.0390 4008 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
15:46:29.0394 4008 QWAVE - ok
15:46:29.0410 4008 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:46:29.0411 4008 QWAVEdrv - ok
15:46:29.0501 4008 [ 6C8F17953C07F88364307FC7811C5184 ] RadeonPro Support Service C:\Program Files (x86)\RadeonPro\RadeonProSupport.exe
15:46:29.0502 4008 RadeonPro Support Service - ok
15:46:29.0547 4008 [ A55E7D0D873B2C97585B3B5926AC6ADE ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll
15:46:29.0549 4008 RapiMgr - ok
15:46:29.0569 4008 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:46:29.0570 4008 RasAcd - ok
15:46:29.0581 4008 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
15:46:29.0582 4008 RasAgileVpn - ok
15:46:29.0598 4008 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
15:46:29.0601 4008 RasAuto - ok
15:46:29.0610 4008 [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
15:46:29.0612 4008 Rasl2tp - ok
15:46:29.0630 4008 [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan C:\Windows\System32\rasmans.dll
15:46:29.0635 4008 RasMan - ok
15:46:29.0651 4008 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:46:29.0653 4008 RasPppoe - ok
15:46:29.0667 4008 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
15:46:29.0668 4008 RasSstp - ok
15:46:29.0679 4008 [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:46:29.0682 4008 rdbss - ok
15:46:29.0697 4008 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
15:46:29.0698 4008 rdpbus - ok
15:46:29.0702 4008 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
15:46:29.0703 4008 RDPCDD - ok
15:46:29.0709 4008 [ 9706B84DBABFC4B4CA46C5A82B14DFA3 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
15:46:29.0711 4008 RDPDR - ok
15:46:29.0717 4008 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
15:46:29.0717 4008 RDPENCDD - ok
15:46:29.0730 4008 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
15:46:29.0730 4008 RDPREFMP - ok
15:46:29.0734 4008 [ 8A3E6BEA1C53EA6177FE2B6EBA2C80D7 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
15:46:29.0736 4008 RDPWD - ok
15:46:29.0746 4008 [ 634B9A2181D98F15941236886164EC8B ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
15:46:29.0749 4008 rdyboost - ok
15:46:29.0771 4008 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
15:46:29.0773 4008 RemoteAccess - ok
15:46:29.0785 4008 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:46:29.0788 4008 RemoteRegistry - ok
15:46:29.0841 4008 [ 5790BCA445CC40DF8B38C2C48608AAC2 ] RimUsb C:\Windows\system32\Drivers\RimUsb_AMD64.sys
15:46:29.0842 4008 RimUsb - ok
15:46:29.0885 4008 [ C903D49655B4AAE46673F0AAA6BE0F58 ] RimVSerPort C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
15:46:29.0886 4008 RimVSerPort - ok
15:46:29.0904 4008 [ 388D3DD1A6457280F3BADBA9F3ACD6B1 ] ROOTMODEM C:\Windows\system32\Drivers\RootMdm.sys
15:46:29.0905 4008 ROOTMODEM - ok
15:46:29.0921 4008 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
15:46:29.0923 4008 RpcEptMapper - ok
15:46:29.0937 4008 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
15:46:29.0939 4008 RpcLocator - ok
15:46:29.0962 4008 [ 7266972E86890E2B30C0C322E906B027 ] RpcSs C:\Windows\System32\rpcss.dll
15:46:29.0966 4008 RpcSs - ok
15:46:29.0983 4008 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:46:29.0984 4008 rspndr - ok
15:46:30.0017 4008 [ ABCB5A38A0D85BDF69B7877E1AD1EED5 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
15:46:30.0019 4008 RTL8167 - ok
15:46:30.0033 4008 [ 88AF6E02AB19DF7FD07ECDF9C91E9AF6 ] s3cap C:\Windows\system32\DRIVERS\vms3cap.sys
15:46:30.0034 4008 s3cap - ok
15:46:30.0036 4008 [ 0793F40B9B8A1BDD266296409DBD91EA ] SamSs C:\Windows\system32\lsass.exe
15:46:30.0037 4008 SamSs - ok
15:46:30.0039 4008 SAVRKBootTasks - ok
15:46:30.0052 4008 [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
15:46:30.0065 4008 sbp2port - ok
15:46:30.0085 4008 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:46:30.0089 4008 SCardSvr - ok
15:46:30.0093 4008 [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
15:46:30.0093 4008 scfilter - ok
15:46:30.0130 4008 [ EC56B171F85C7E855E7B0588AC503EEA ] Schedule C:\Windows\system32\schedsvc.dll
15:46:30.0142 4008 Schedule - ok
15:46:30.0170 4008 [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc C:\Windows\System32\certprop.dll
15:46:30.0171 4008 SCPolicySvc - ok
15:46:30.0207 4008 [ E03B9294A9B70A214328B2B518F20DB0 ] ScreamBAudioSvc C:\Windows\system32\drivers\ScreamingBAudio64.sys
15:46:30.0208 4008 ScreamBAudioSvc - ok
15:46:30.0243 4008 [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:46:30.0246 4008 SDRSVC - ok
15:46:30.0256 4008 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:46:30.0257 4008 secdrv - ok
15:46:30.0269 4008 [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon C:\Windows\system32\seclogon.dll
15:46:30.0270 4008 seclogon - ok
15:46:30.0281 4008 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
15:46:30.0283 4008 SENS - ok
15:46:30.0295 4008 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
15:46:30.0297 4008 SensrSvc - ok
15:46:30.0303 4008 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
15:46:30.0304 4008 Serenum - ok
15:46:30.0322 4008 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
15:46:30.0323 4008 Serial - ok
15:46:30.0339 4008 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
15:46:30.0340 4008 sermouse - ok
15:46:30.0354 4008 [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv C:\Windows\system32\sessenv.dll
15:46:30.0357 4008 SessionEnv - ok
15:46:30.0373 4008 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
15:46:30.0374 4008 sffdisk - ok
15:46:30.0381 4008 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
15:46:30.0382 4008 sffp_mmc - ok
15:46:30.0390 4008 [ 5588B8C6193EB1522490C122EB94DFFA ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
15:46:30.0391 4008 sffp_sd - ok
15:46:30.0397 4008 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
15:46:30.0397 4008 sfloppy - ok
15:46:30.0410 4008 [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:46:30.0414 4008 ShellHWDetection - ok
15:46:30.0434 4008 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:46:30.0435 4008 SiSRaid2 - ok
15:46:30.0451 4008 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
15:46:30.0452 4008 SiSRaid4 - ok
15:46:30.0477 4008 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
15:46:30.0479 4008 Smb - ok
15:46:30.0499 4008 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:46:30.0501 4008 SNMPTRAP - ok
15:46:30.0511 4008 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
15:46:30.0511 4008 spldr - ok
15:46:30.0535 4008 [ 89E8550C5862999FCF482EA562B0E98E ] Spooler C:\Windows\System32\spoolsv.exe
15:46:30.0542 4008 Spooler - ok
15:46:30.0609 4008 [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc C:\Windows\system32\sppsvc.exe
15:46:30.0674 4008 sppsvc - ok
15:46:30.0679 4008 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
15:46:30.0681 4008 sppuinotify - ok
15:46:30.0762 4008 [ A15860E920B02C9A7CE8F3A6C2FF1E3A ] sptd C:\Windows\System32\Drivers\sptd.sys
15:46:30.0768 4008 sptd - ok
15:46:30.0784 4008 [ EC8F67289105BF270498095F14963464 ] srv C:\Windows\system32\DRIVERS\srv.sys
15:46:30.0790 4008 srv - ok
15:46:30.0816 4008 [ F773D2ED090B7BAA1C1A034F3CA476C8 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:46:30.0820 4008 srv2 - ok
15:46:30.0829 4008 [ 26E84D3649019C3244622E654DFCD75B ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:46:30.0831 4008 srvnet - ok
15:46:30.0851 4008 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:46:30.0854 4008 SSDPSRV - ok
15:46:30.0872 4008 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:46:30.0874 4008 SstpSvc - ok
15:46:30.0893 4008 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
15:46:30.0894 4008 stexstor - ok
15:46:31.0080 4008 [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc C:\Windows\System32\wiaservc.dll
15:46:31.0087 4008 stisvc - ok
15:46:31.0094 4008 [ FFD7A6F15B14234B5B0E5D49E7961895 ] storflt C:\Windows\system32\DRIVERS\vmstorfl.sys
15:46:31.0095 4008 storflt - ok
15:46:31.0112 4008 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
15:46:31.0114 4008 StorSvc - ok
15:46:31.0126 4008 [ 8FCCBEFC5C440B3C23454656E551B09A ] storvsc C:\Windows\system32\DRIVERS\storvsc.sys
15:46:31.0127 4008 storvsc - ok
15:46:31.0141 4008 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
15:46:31.0141 4008 swenum - ok
15:46:31.0165 4008 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
15:46:31.0171 4008 swprv - ok
15:46:31.0216 4008 [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain C:\Windows\system32\sysmain.dll
15:46:31.0239 4008 SysMain - ok
15:46:31.0248 4008 [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:46:31.0250 4008 TabletInputService - ok
15:46:31.0281 4008 [ B08740047145B9BCE15BF75CA0F9718A ] tap0901t C:\Windows\system32\DRIVERS\tap0901t.sys
15:46:31.0282 4008 tap0901t - ok
15:46:31.0302 4008 [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv C:\Windows\System32\tapisrv.dll
15:46:31.0306 4008 TapiSrv - ok
15:46:31.0321 4008 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
15:46:31.0323 4008 TBS - ok
15:46:31.0362 4008 [ 912107716BAB424C7870E8E6AF5E07E1 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:46:31.0386 4008 Tcpip - ok
15:46:31.0411 4008 [ 912107716BAB424C7870E8E6AF5E07E1 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
15:46:31.0419 4008 TCPIP6 - ok
15:46:31.0438 4008 [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:46:31.0439 4008 tcpipreg - ok
15:46:31.0457 4008 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
15:46:31.0458 4008 TDPIPE - ok
15:46:31.0468 4008 [ E4245BDA3190A582D55ED09E137401A9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
15:46:31.0469 4008 TDTCP - ok
15:46:31.0480 4008 [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:46:31.0481 4008 tdx - ok
15:46:31.0844 4008 [ FE559178000347D2CA1B7847F0379749 ] TeamViewer6 C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
15:46:31.0856 4008 TeamViewer6 - ok
15:46:31.0870 4008 [ C448651339196C0E869A355171875522 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
15:46:31.0871 4008 TermDD - ok
15:46:31.0897 4008 [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService C:\Windows\System32\termsrv.dll
15:46:31.0905 4008 TermService - ok
15:46:31.0921 4008 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
15:46:31.0923 4008 Themes - ok
15:46:31.0938 4008 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
15:46:31.0939 4008 THREADORDER - ok
15:46:31.0954 4008 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
15:46:31.0956 4008 TrkWks - ok
15:46:31.0998 4008 [ C6A1A2B4E8A7B92C11CA038369BD7DBE ] truecrypt C:\Windows\syswow64\drivers\truecrypt.sys
15:46:31.0999 4008 truecrypt - ok
15:46:32.0040 4008 [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:46:32.0041 4008 TrustedInstaller - ok
15:46:32.0056 4008 [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
15:46:32.0057 4008 tssecsrv - ok
15:46:32.0084 4008 [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:46:32.0086 4008 tunnel - ok
15:46:32.0166 4008 [ 3DB1CE045A552161EF7252988752C65F ] TunngleService C:\Program Files (x86)\Tunngle\TnglCtrl.exe
15:46:32.0173 4008 TunngleService - ok
15:46:32.0189 4008 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
15:46:32.0190 4008 uagp35 - ok
15:46:32.0206 4008 [ D47BAEAD86C65D4F4069D7CE0A4EDCEB ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:46:32.0209 4008 udfs - ok
15:46:32.0226 4008 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:46:32.0228 4008 UI0Detect - ok
15:46:32.0267 4008 [ B1D1FE35303E3AEE6D5AF69F09F12E87 ] uisp C:\Windows\system32\Drivers\usbicp.sys
15:46:32.0267 4008 uisp - ok
15:46:32.0271 4008 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
15:46:32.0272 4008 uliagpkx - ok
15:46:32.0319 4008 [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
15:46:32.0320 4008 umbus - ok
15:46:32.0329 4008 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
15:46:32.0330 4008 UmPass - ok
15:46:32.0339 4008 [ AF0AC98EE5077EB844413EB54287FDE3 ] UmRdpService C:\Windows\System32\umrdp.dll
15:46:32.0342 4008 UmRdpService - ok
15:46:32.0357 4008 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
15:46:32.0362 4008 upnphost - ok
15:46:32.0406 4008 [ AA33FC47ED58C34E6E9261E4F850B7EB ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
15:46:32.0407 4008 USBAAPL64 - ok
15:46:32.0451 4008 [ 77B01BC848298223A95D4EC23E1785A1 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
15:46:32.0452 4008 usbaudio - ok
15:46:32.0473 4008 [ B26AFB54A534D634523C4FB66765B026 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
15:46:32.0474 4008 usbccgp - ok
15:46:32.0505 4008 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
15:46:32.0507 4008 usbcir - ok
15:46:32.0524 4008 [ 2EA4AFF7BE7EB4632E3AA8595B0803B5 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
15:46:32.0525 4008 usbehci - ok
15:46:32.0538 4008 [ 4C9042B8DF86C1E8E6240C218B99B39B ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
15:46:32.0541 4008 usbhub - ok
15:46:32.0560 4008 [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
15:46:32.0561 4008 usbohci - ok
15:46:32.0564 4008 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
15:46:32.0565 4008 usbprint - ok
15:46:32.0577 4008 [ 080D3820DA6C046BE82FC8B45A893E83 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:46:32.0578 4008 USBSTOR - ok
15:46:32.0592 4008 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
15:46:32.0593 4008 usbuhci - ok
15:46:32.0634 4008 [ 70D05EE263568A742D14E1876DF80532 ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
15:46:32.0634 4008 usb_rndisx - ok
15:46:32.0651 4008 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
15:46:32.0653 4008 UxSms - ok
15:46:32.0672 4008 [ 81A9F455BF2C9180348949F7C8D93E66 ] VaneFltr C:\Windows\system32\drivers\Lachesis.sys
15:46:32.0673 4008 VaneFltr - ok
15:46:32.0686 4008 [ 0793F40B9B8A1BDD266296409DBD91EA ] VaultSvc C:\Windows\system32\lsass.exe
15:46:32.0687 4008 VaultSvc - ok
15:46:32.0725 4008 [ FD911873C0BB6945FA38C16E9A2B58F9 ] VClone C:\Windows\system32\DRIVERS\VClone.sys
15:46:32.0726 4008 VClone - ok
15:46:32.0739 4008 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
15:46:32.0739 4008 vdrvroot - ok
15:46:32.0764 4008 [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds C:\Windows\System32\vds.exe
15:46:32.0770 4008 vds - ok
15:46:32.0775 4008 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
15:46:32.0775 4008 vga - ok
15:46:32.0787 4008 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
15:46:32.0787 4008 VgaSave - ok
15:46:32.0792 4008 [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
15:46:32.0795 4008 vhdmp - ok
15:46:32.0811 4008 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\DRIVERS\viaide.sys
15:46:32.0812 4008 viaide - ok
15:46:32.0823 4008 [ 1501699D7EDA984ABC4155A7DA5738D1 ] vmbus C:\Windows\system32\DRIVERS\vmbus.sys
15:46:32.0825 4008 vmbus - ok
15:46:32.0829 4008 [ AE10C35761889E65A6F7176937C5592C ] VMBusHID C:\Windows\system32\DRIVERS\VMBusHID.sys
15:46:32.0830 4008 VMBusHID - ok
15:46:32.0848 4008 [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
15:46:32.0848 4008 volmgr - ok
15:46:32.0862 4008 [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:46:32.0865 4008 volmgrx - ok
15:46:32.0875 4008 [ 58F82EED8CA24B461441F9C3E4F0BF5C ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys
15:46:32.0878 4008 volsnap - ok
15:46:32.0908 4008 [ ABD9B4A7E2D0AE51A3B8DF1AF3152D61 ] vpcbus C:\Windows\system32\DRIVERS\vpchbus.sys
15:46:32.0910 4008 vpcbus - ok
15:46:32.0941 4008 [ 8ACDA395841538CE9713A67FE8B2A3EB ] vpcnfltr C:\Windows\system32\DRIVERS\vpcnfltr.sys
15:46:32.0941 4008 vpcnfltr - ok
15:46:32.0951 4008 [ 31924E31BC315773E6D149B157DB46D5 ] vpcusb C:\Windows\system32\DRIVERS\vpcusb.sys
15:46:32.0953 4008 vpcusb - ok
15:46:32.0970 4008 [ C5B651E52540E6F46DA66574C74B4898 ] vpcvmm C:\Windows\system32\drivers\vpcvmm.sys
15:46:32.0972 4008 vpcvmm - ok
15:46:33.0012 4008 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
15:46:33.0014 4008 vsmraid - ok
15:46:33.0051 4008 [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS C:\Windows\system32\vssvc.exe
15:46:33.0075 4008 VSS - ok
15:46:33.0110 4008 vtany - ok
15:46:33.0121 4008 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
15:46:33.0122 4008 vwifibus - ok
15:46:33.0417 4008 [ C366AE91D2CC2C1C25380061D235C36B ] VX3000 C:\Windows\system32\DRIVERS\VX3000.sys
15:46:33.0438 4008 VX3000 - ok
15:46:33.0493 4008 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
15:46:33.0498 4008 W32Time - ok
15:46:33.0513 4008 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
15:46:33.0514 4008 WacomPen - ok
15:46:33.0549 4008 [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
15:46:33.0550 4008 WANARP - ok
15:46:33.0565 4008 [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:46:33.0566 4008 Wanarpv6 - ok
15:46:33.0597 4008 [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine C:\Windows\system32\wbengine.exe
15:46:33.0613 4008 wbengine - ok
15:46:33.0630 4008 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
15:46:33.0633 4008 WbioSrvc - ok
15:46:33.0683 4008 [ 8BDA6DB43AA54E8BB5E0794541DDC209 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll
15:46:33.0687 4008 WcesComm - ok
15:46:33.0702 4008 [ 8321C2CA3B62B61B293CDA3451984468 ] wcncsvc C:\Windows\System32\wcncsvc.dll
15:46:33.0707 4008 wcncsvc - ok
15:46:33.0717 4008 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:46:33.0720 4008 WcsPlugInService - ok
15:46:33.0740 4008 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
15:46:33.0740 4008 Wd - ok
15:46:33.0759 4008 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:46:33.0765 4008 Wdf01000 - ok
15:46:33.0776 4008 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:46:33.0778 4008 WdiServiceHost - ok
15:46:33.0780 4008 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
15:46:33.0782 4008 WdiSystemHost - ok
15:46:33.0793 4008 [ 8A438CBB8C032A0C798B0C642FFBE572 ] WebClient C:\Windows\System32\webclnt.dll
15:46:33.0797 4008 WebClient - ok
15:46:33.0808 4008 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
15:46:33.0812 4008 Wecsvc - ok
15:46:33.0824 4008 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
15:46:33.0826 4008 wercplsupport - ok
15:46:33.0837 4008 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
15:46:33.0840 4008 WerSvc - ok
15:46:33.0855 4008 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
15:46:33.0856 4008 WfpLwf - ok
15:46:33.0858 4008 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
15:46:33.0859 4008 WIMMount - ok
15:46:33.0896 4008 WinDefend - ok
15:46:33.0899 4008 WinHttpAutoProxySvc - ok
15:46:33.0933 4008 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:46:33.0936 4008 Winmgmt - ok
15:46:33.0977 4008 [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM C:\Windows\system32\WsmSvc.dll
15:46:34.0018 4008 WinRM - ok
15:46:34.0114 4008 [ 817EAFF5D38674EDD7713B9DFB8E9791 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
15:46:34.0115 4008 WinUsb - ok
15:46:34.0143 4008 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
15:46:34.0153 4008 Wlansvc - ok
15:46:34.0582 4008 [ 98F138897EF4246381D197CB81846D62 ] wlidsvc c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:46:34.0614 4008 wlidsvc - ok
15:46:34.0635 4008 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
15:46:34.0635 4008 WmiAcpi - ok
15:46:34.0649 4008 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:46:34.0651 4008 wmiApSrv - ok
15:46:34.0660 4008 WMPNetworkSvc - ok
15:46:34.0663 4008 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
15:46:34.0665 4008 WPCSvc - ok
15:46:34.0677 4008 [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:46:34.0680 4008 WPDBusEnum - ok
15:46:34.0694 4008 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:46:34.0695 4008 ws2ifsl - ok
15:46:34.0727 4008 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
15:46:34.0730 4008 wscsvc - ok
15:46:34.0732 4008 WSearch - ok
15:46:34.0814 4008 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
15:46:34.0851 4008 wuauserv - ok
15:46:34.0897 4008 [ 7CADC74271DD6461C452C271B30BD378 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:46:34.0898 4008 WudfPf - ok
15:46:34.0907 4008 [ 3B197AF0FFF08AA66B6B2241CA538D64 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
15:46:34.0910 4008 WUDFRd - ok
15:46:34.0922 4008 [ B551D6637AA0E132C18AC6E504F7B79B ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:46:34.0924 4008 wudfsvc - ok
15:46:34.0936 4008 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
15:46:34.0940 4008 WwanSvc - ok
15:46:34.0994 4008 X6va006 - ok
15:46:35.0055 4008 X6va008 - ok
15:46:35.0061 4008 xsherlock - ok
15:46:35.0064 4008 xspirit - ok
15:46:35.0104 4008 [ 2EE48CFCE7CA8E0DB4C44C7476C0943B ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys
15:46:35.0105 4008 xusb21 - ok
15:46:35.0155 4008 [ 8A812A2A2D1FFF9654919BC5433104DA ] YMIDUSBW C:\Windows\system32\drivers\ymidusbx64.sys
15:46:35.0156 4008 YMIDUSBW - ok
15:46:35.0168 4008 ================ Scan global ===============================
15:46:35.0189 4008 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
15:46:35.0205 4008 [ 457B44AB6D502E55F64A867D4F35C76C ] C:\Windows\system32\winsrv.dll
15:46:35.0213 4008 [ 457B44AB6D502E55F64A867D4F35C76C ] C:\Windows\system32\winsrv.dll
15:46:35.0223 4008 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
15:46:35.0262 4008 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
15:46:35.0266 4008 [Global] - ok
15:46:35.0266 4008 ================ Scan MBR ==================================
15:46:35.0271 4008 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:46:35.0506 4008 \Device\Harddisk0\DR0 - ok
15:46:35.0564 4008 [ 98267CBBA82D6DABF6833E971F42B101 ] \Device\Harddisk1\DR1
15:46:44.0596 4008 \Device\Harddisk1\DR1 - ok
15:46:44.0596 4008 ================ Scan VBR ==================================
15:46:44.0606 4008 [ E62D2968F75F4597F406F53CE8116552 ] \Device\Harddisk0\DR0\Partition1
15:46:44.0607 4008 \Device\Harddisk0\DR0\Partition1 - ok
15:46:44.0620 4008 [ B9C39538824DFA206F900E1440EA3D96 ] \Device\Harddisk0\DR0\Partition2
15:46:44.0622 4008 \Device\Harddisk0\DR0\Partition2 - ok
15:46:44.0622 4008 ============================================================
15:46:44.0622 4008 Scan finished
15:46:44.0622 4008 ============================================================
15:46:44.0628 1744 Detected object count: 0
15:46:44.0628 1744 Actual detected object count: 0

#4 ThatGuyJake

ThatGuyJake
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:12:42 PM

Posted 13 October 2012 - 05:51 PM

And here is the aswMBR Log

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-10-13 15:49:55
-----------------------------
15:49:55.101 OS Version: Windows x64 6.1.7600
15:49:55.101 Number of processors: 4 586 0x170A
15:49:55.101 ComputerName: ROBINHOOD UserName: Collin
15:49:56.606 Initialize success
15:50:07.411 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP5T0L0-6
15:50:07.413 Disk 0 Vendor: WDC_WD10EADS-00L5B1 01.01A01 Size: 953869MB BusType: 3
15:50:07.430 Disk 0 MBR read successfully
15:50:07.431 Disk 0 MBR scan
15:50:07.433 Disk 0 Windows 7 default MBR code
15:50:07.442 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
15:50:07.456 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 953767 MB offset 206848
15:50:07.469 Disk 0 scanning C:\Windows\system32\drivers
15:50:15.282 Service scanning
15:50:25.283 Modules scanning
15:50:25.288 Disk 0 trace - called modules:
15:50:25.296 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys >>UNKNOWN [0xfffffa8006ce12c0]<<sptd.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
15:50:25.300 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007e11060]
15:50:25.303 3 CLASSPNP.SYS[fffff88000db643f] -> nt!IofCallDriver -> [0xfffffa8007b1ce40]
15:50:25.307 5 ACPI.sys[fffff88000f49781] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP5T0L0-6[0xfffffa8007b45060]
15:50:25.311 \Driver\atapi[0xfffffa8007b09cb0] -> IRP_MJ_CREATE -> 0xfffffa8006ce12c0
15:50:25.315 Scan finished successfully
15:50:35.745 Disk 0 MBR has been saved successfully to "C:\Users\Collin\Desktop\MBR.dat"
15:50:35.750 The log file has been saved successfully to "C:\Users\Collin\Desktop\aswMBR.txt"

#5 ThatGuyJake

ThatGuyJake
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:12:42 PM

Posted 13 October 2012 - 10:42 PM

The ESET Online Scanner crashed after 4 hours and 30 min. I'll run it once more to see if it was a fluke. It found about 20 infections before crashing. and It was at 99%.

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:42 PM

Posted 13 October 2012 - 10:49 PM

Try it in safemode with networking if crashes again.With ESET log post these logs too

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.

#7 ThatGuyJake

ThatGuyJake
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:12:42 PM

Posted 14 October 2012 - 04:34 AM

Here is the ESET LOG. It got to 99% then stopped on a .js file deep within my system64 folder. I suspect my version of java is the reason I got the infection.

C:\Program Files (x86)\TrendMicro\HiJackThis\backups\backup-20120121-043628-272.dll a variant of Win32/Toolbar.Widgi application cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\13.10.2012_00.36.22\zasubsys0000\file0000\tsk0000.dta Win64/Patched.B.Gen trojan deleted - quarantined
C:\TDSSKiller_Quarantine\13.10.2012_00.36.22\zasubsys0000\zafs0000\tsk0000.dta Win32/Sirefef.EZ trojan deleted - quarantined
C:\TDSSKiller_Quarantine\13.10.2012_00.36.22\zasubsys0000\zafs0000\tsk0001.dta Win64/Sirefef.W trojan deleted - quarantined
C:\TDSSKiller_Quarantine\13.10.2012_00.36.22\zasubsys0000\zafs0000\tsk0003.dta Win64/Sirefef.AL trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\13.10.2012_00.36.22\zasubsys0000\zafs0000\tsk0004.dta Win64/Sirefef.AH trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\13.10.2012_11.36.10\zasubsys0000\file0000\tsk0000.dta Win64/Patched.B.Gen trojan deleted - quarantined
C:\TDSSKiller_Quarantine\13.10.2012_11.36.10\zasubsys0000\zafs0000\tsk0000.dta Win32/Sirefef.EZ trojan deleted - quarantined
C:\TDSSKiller_Quarantine\13.10.2012_11.36.10\zasubsys0000\zafs0000\tsk0001.dta Win64/Sirefef.W trojan deleted - quarantined
C:\TDSSKiller_Quarantine\13.10.2012_11.36.10\zasubsys0000\zafs0000\tsk0003.dta Win64/Sirefef.AL trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\13.10.2012_11.36.10\zasubsys0000\zafs0000\tsk0004.dta Win64/Sirefef.AH trojan cleaned by deleting - quarantined
C:\Users\Administrator\AppData\Roaming\Microsoft\Bzyfa\bzyfa.dll a variant of Win32/Kryptik.ACUD trojan cleaned by deleting - quarantined
C:\Users\Collin\AppData\Local\Temp\Av-test.txt Eicar test file cleaned by deleting - quarantined
C:\Windows\system64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\31RQOAYT\celebritybabycraze_com[1].txt JS/Kryptik.PH trojan cleaned by deleting - quarantined
C:\Windows\system64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3PGUPLWP\index7[1].htm HTML/Iframe.B.Gen virus deleted - quarantined
C:\Windows\system64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AGDYSLLO\prom-dresses[1].txt JS/Iframe.ED trojan cleaned by deleting - quarantined
C:\Windows\system64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E5IGIM0T\celebritybabycraze_com[1].txt JS/Kryptik.PH trojan cleaned by deleting - quarantined
C:\Windows\system64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E5IGIM0T\index7[1].htm HTML/Iframe.B.Gen virus deleted - quarantined
C:\Windows\system64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I07YJGX8\index7[1].htm HTML/Iframe.B.Gen virus deleted - quarantined
C:\Windows\system64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I1MF8R2W\index7[1].htm HTML/Iframe.B.Gen virus deleted - quarantined
C:\Windows\system64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JWDR0HWD\fw_dnslink_com[3].htm HTML/Iframe.B.Gen virus deleted - quarantined
C:\Windows\system64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LGHVH716\5VWUCAWQEUWYCA03A7JGCA3E5W4HCAGKDDM9CAJL2RU0CAYDA9BBCAZARU9PCAOKG816CA56Q7Q3CAL0RGF2CAK7PXXQCAGKF9NOCA1JL91ICA3IKU7DCA19BKV0CAN55Z0H.htm HTML/Iframe.B.Gen virus deleted - quarantined
C:\Windows\system64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LGHVH716\bitesizewellness_com[1].txt JS/Kryptik.PH trojan cleaned by deleting - quarantined
C:\Windows\system64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LGHVH716\celebritybabycraze_com[1].txt JS/Kryptik.PH trojan cleaned by deleting - quarantined
C:\Windows\system64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LGHVH716\celebritybabycraze_com[2].txt JS/Kryptik.PH trojan cleaned by deleting - quarantined
C:\Windows\system64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LGHVH716\index7[1].htm HTML/Iframe.B.Gen virus deleted - quarantined
C:\Windows\system64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LGHVH716\index7[2].htm HTML/Iframe.B.Gen virus deleted - quarantined
C:\Windows\system64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q2FJDVXF\3338[1].txt JS/Kryptik.PH trojan cleaned by deleting - quarantined
C:\Windows\system64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q2FJDVXF\fw_dnslink_com[1].htm HTML/Iframe.B.Gen virus deleted - quarantined
C:\Windows\system64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q2FJDVXF\index7[2].htm HTML/Iframe.B.Gen virus deleted - quarantined


Do you still want me to run through all the steps in your previous post?

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:42 PM

Posted 14 October 2012 - 07:34 AM

Yes

#9 ThatGuyJake

ThatGuyJake
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:12:42 PM

Posted 14 October 2012 - 02:31 PM

Here is the MBAM log. I didn't delete or quarentine any of the files because they are false positives. They are just cheats for some games I play.

Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org

Database version: v2012.10.13.03

Windows 7 x64 NTFS
Internet Explorer 8.0.7600.16385
Collin :: ROBINHOOD [administrator]

10/14/2012 2:37:35 AM
mbam-log-2012-10-14 (08-44-41).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 773764
Time elapsed: 1 hour(s), 52 minute(s), 59 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 3
C:\Desktop\Crazy Stuff\amalurdemotrainer-ch\Kingdoms of Amalur Trainer.exe (RiskWare.Tool.CK) -> No action taken.
C:\Desktop\Crazy Stuff\Oldcrazy\useh4x0rheadasbasketball-ch\NBA 2K11 Trainer.exe (RiskWare.Tool.CK) -> No action taken.
C:\juj\NBA 2k12 trainer\nb12.exe (RiskWare.Tool.CK) -> No action taken.

(end)

#10 ThatGuyJake

ThatGuyJake
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:12:42 PM

Posted 14 October 2012 - 02:38 PM

and the MiniToolBox Log

MiniToolBox by Farbar Version: 23-07-2012
Ran by Collin (administrator) on 14-10-2012 at 12:33:03
Microsoft Windows 7 Professional (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

# ::1 localhost

========================= IP Configuration: ================================

Realtek RTL8168C(P)/8111C(P) Family PCI-E Gigabit Ethernet NIC (NDIS 6.20) = Local Area Connection (Connected)
TAP-Win32 Adapter V9 (Tunngle) = Tunngle (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : RobinHood
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Tunngle:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : TAP-Win32 Adapter V9 (Tunngle)
Physical Address. . . . . . . . . : 00-FF-4C-F1-5A-49
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek RTL8168C(P)/8111C(P) Family PCI-E Gigabit Ethernet NIC (NDIS 6.20)
Physical Address. . . . . . . . . : 00-26-18-3A-38-F2
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::f1e4:1c92:3948:5e50%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.102(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Saturday, October 13, 2012 8:26:12 PM
Lease Expires . . . . . . . . . . : Monday, October 15, 2012 12:25:58 PM
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DHCPv6 IAID . . . . . . . . . . . : 234890776
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-12-1C-FC-AA-00-26-18-3A-38-F2
DNS Servers . . . . . . . . . . . : 75.75.75.75
75.75.76.76
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{52654BA9-6028-413A-8C1F-3E2CAF089B98}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{4CF15A49-8F14-483B-BC09-7DA86B9A2F98}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter 6TO4 Adapter:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: cdns01.comcast.net
Address: 75.75.75.75

Name: google.com
Addresses: 2607:f8b0:400a:800::1003
173.194.33.6
173.194.33.2
173.194.33.7
173.194.33.0
173.194.33.8
173.194.33.4
173.194.33.14
173.194.33.9
173.194.33.3
173.194.33.5
173.194.33.1


Pinging google.com [173.194.33.8] with 32 bytes of data:
Reply from 173.194.33.8: bytes=32 time=14ms TTL=55
Reply from 173.194.33.8: bytes=32 time=16ms TTL=55

Ping statistics for 173.194.33.8:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 14ms, Maximum = 16ms, Average = 15ms
Server: cdns01.comcast.net
Address: 75.75.75.75

Name: yahoo.com
Addresses: 98.139.183.24
98.138.253.109
72.30.38.140


Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=88ms TTL=49
Reply from 98.138.253.109: bytes=32 time=87ms TTL=49

Ping statistics for 98.138.253.109:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 87ms, Maximum = 88ms, Average = 87ms
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 75.75.75.75

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
16...00 ff 4c f1 5a 49 ......TAP-Win32 Adapter V9 (Tunngle)
11...00 26 18 3a 38 f2 ......Realtek RTL8168C(P)/8111C(P) Family PCI-E Gigabit Ethernet NIC (NDIS 6.20)
1...........................Software Loopback Interface 1
17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
13...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.102 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.0.0 255.255.255.0 On-link 192.168.0.102 276
192.168.0.102 255.255.255.255 On-link 192.168.0.102 276
192.168.0.255 255.255.255.255 On-link 192.168.0.102 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.0.102 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.0.102 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
11 276 fe80::/64 On-link
11 276 fe80::f1e4:1c92:3948:5e50/128
On-link
1 306 ff00::/8 On-link
11 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

Catalog5 02 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

Catalog5 03 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 08 c:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog5 09 c:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog9 01 mswsock.dll [File Not found] ()
Catalog9 02 mswsock.dll [File Not found] ()
Catalog9 03 mswsock.dll [File Not found] ()
Catalog9 04 mswsock.dll [File Not found] ()
Catalog9 05 mswsock.dll [File Not found] ()
Catalog9 06 mswsock.dll [File Not found] ()
Catalog9 07 mswsock.dll [File Not found] ()
Catalog9 08 mswsock.dll [File Not found] ()
Catalog9 09 mswsock.dll [File Not found] ()
Catalog9 10 mswsock.dll [File Not found] ()
x64-Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

x64-Catalog5 02 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

x64-Catalog5 03 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog5 08 c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304] (Microsoft Corporation)
x64-Catalog5 09 c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304] (Microsoft Corporation)
x64-Catalog9 01 mswsock.dll [File Not found] ()
x64-Catalog9 02 mswsock.dll [File Not found] ()
x64-Catalog9 03 mswsock.dll [File Not found] ()
x64-Catalog9 04 mswsock.dll [File Not found] ()
x64-Catalog9 05 mswsock.dll [File Not found] ()
x64-Catalog9 06 mswsock.dll [File Not found] ()
x64-Catalog9 07 mswsock.dll [File Not found] ()
x64-Catalog9 08 mswsock.dll [File Not found] ()
x64-Catalog9 09 mswsock.dll [File Not found] ()
x64-Catalog9 10 mswsock.dll [File Not found] ()

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/14/2012 08:44:27 AM) (Source: Bonjour Service) (User: )
Description: mDNSCoreMachineSleep: mDNS_Unlock: Locking failure! mDNS_busy (1) != mDNS_reentrancy (0)

Error: (10/14/2012 08:44:26 AM) (Source: Bonjour Service) (User: )
Description: mDNSCoreMachineSleep: mDNS_Lock: Locking failure! mDNS_busy (1) != mDNS_reentrancy (0)

Error: (10/14/2012 04:59:40 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.

Error: (10/14/2012 04:59:39 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.

Error: (10/14/2012 04:59:38 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.

Error: (10/14/2012 04:59:37 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.

Error: (10/14/2012 04:59:36 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.

Error: (10/14/2012 04:59:35 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.

Error: (10/14/2012 04:59:33 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.

Error: (10/14/2012 04:59:32 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.


System errors:
=============
Error: (10/14/2012 00:25:48 PM) (Source: atikmdag) (User: )
Description: CPLIB :: OPM - Failed the HFS

Error: (10/14/2012 02:28:50 AM) (Source: atikmdag) (User: )
Description: CPLIB :: OPM - Failed the HFS

Error: (10/13/2012 08:26:23 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (10/13/2012 08:26:23 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (10/13/2012 08:26:22 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
SAVRKBootTasks

Error: (10/13/2012 08:26:10 PM) (Source: Service Control Manager) (User: )
Description: The LogMeIn Hamachi 2.0 Tunneling Engine service failed to start due to the following error:
%%2

Error: (10/13/2012 08:26:10 PM) (Source: Service Control Manager) (User: )
Description: The Freenet background service_6 service failed to start due to the following error:
%%2

Error: (10/13/2012 08:26:10 PM) (Source: Service Control Manager) (User: )
Description: The Freenet background service_5 service failed to start due to the following error:
%%2

Error: (10/13/2012 08:26:10 PM) (Source: Service Control Manager) (User: )
Description: The Freenet background service_4 service failed to start due to the following error:
%%2

Error: (10/13/2012 08:26:10 PM) (Source: Service Control Manager) (User: )
Description: The Freenet background service_2 service failed to start due to the following error:
%%2


Microsoft Office Sessions:
=========================
Error: (10/14/2012 08:44:27 AM) (Source: Bonjour Service)(User: )
Description: mDNSCoreMachineSleep: mDNS_Unlock: Locking failure! mDNS_busy (1) != mDNS_reentrancy (0)

Error: (10/14/2012 08:44:26 AM) (Source: Bonjour Service)(User: )
Description: mDNSCoreMachineSleep: mDNS_Lock: Locking failure! mDNS_busy (1) != mDNS_reentrancy (0)

Error: (10/14/2012 04:59:40 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifestc:\Users\Collin\Desktop\esetsmartinstaller_enu.exe

Error: (10/14/2012 04:59:39 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifestc:\Users\Collin\Desktop\esetsmartinstaller_enu.exe

Error: (10/14/2012 04:59:38 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifestc:\Users\Collin\Desktop\esetsmartinstaller_enu.exe

Error: (10/14/2012 04:59:37 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifestc:\Users\Collin\Desktop\esetsmartinstaller_enu.exe

Error: (10/14/2012 04:59:36 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifestc:\Users\Collin\Desktop\esetsmartinstaller_enu.exe

Error: (10/14/2012 04:59:35 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifestc:\Users\Collin\Desktop\esetsmartinstaller_enu.exe

Error: (10/14/2012 04:59:33 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifestc:\Users\Collin\Desktop\esetsmartinstaller_enu.exe

Error: (10/14/2012 04:59:32 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifestc:\Users\Collin\Desktop\esetsmartinstaller_enu.exe


=========================== Installed Programs ============================

AC2 server emulator 0.44 by Dormine
Add or Remove Adobe Creative Suite 3 Design Premium (Version: 1.0)
Adobe AIR (Version: 1.5.2.8870)
Adobe Anchor Service CS3 (Version: 1.0)
Adobe Asset Services CS3 (Version: 3)
Adobe Bridge CS3 (Version: 2)
Adobe Bridge Start Meeting (Version: 1.0)
Adobe BridgeTalk Plugin CS3 (Version: 1.0)
Adobe Camera Raw 4.0 (Version: 4.0)
Adobe CMaps (Version: 1.0)
Adobe Color - Photoshop Specific (Version: 1.0)
Adobe Color Common Settings (Version: 1.0)
Adobe Color EU Extra Settings (Version: 1.0)
Adobe Color JA Extra Settings (Version: 1.0)
Adobe Color NA Recommended Settings (Version: 1.0)
Adobe Default Language CS3 (Version: 1.0)
Adobe Device Central CS3 (Version: 1.0)
Adobe ExtendScript Toolkit 2 (Version: 2.0)
Adobe Extension Manager CS3 (Version: 1.8)
Adobe Flash Player 10 ActiveX (Version: 10.3.183.11)
Adobe Flash Player 11 Plugin (Version: 11.4.402.287)
Adobe Fonts All (Version: 1.0)
Adobe Help Viewer CS3 (Version: 1)
Adobe InDesign CS3 Icon Handler (Version: 5.0)
Adobe Linguistics CS3 (Version: 3.0.0)
Adobe MotionPicture Color Files (Version: 1.0)
Adobe PDF Library Files (Version: 8.0)
Adobe Photoshop CS3 (Version: 10)
Adobe Reader 9.4.0 (Version: 9.4.0)
Adobe Setup (Version: 1.0)
Adobe Shockwave Player 11.6 (Version: 11.6.3.633)
Adobe SING CS3 (Version: 0.1)
Adobe Stock Photos CS3 (Version: 1.5)
Adobe Type Support (Version: 1.0)
Adobe Update Manager CS3 (Version: 5.1.0)
Adobe Version Cue CS3 Client (Version: 3)
Adobe WAS CS3 (Version: 1.0)
Adobe WinSoft Linguistics Plugin (Version: 1.0)
Adobe XMP Panels CS3 (Version: 1.0)
Age of Conan - Hyborian Adventures
AHV content for Acrobat and Flash (Version: 1)
Allods Online 1.1.02.58 (Version: 1.1.02.58)
America's Army 3
Antares Autotune VST RTAS TDM v5.08
Any DVD Converter Professional 4.0.4
Apple Application Support (Version: 1.5.2)
Apple Mobile Device Support (Version: 3.4.1.2)
Apple Software Update (Version: 2.1.3.127)
ASIO4ALL (Version: 2.10)
ATI Catalyst Install Manager (Version: 3.0.715.0)
Audacity 1.2.6
AudibleManager (Version: 2011315022.48.56.3607922)
Baldur's Gate™ II - Throne of Bhaal ™
Basketball
Battlefield 2™
Battlefield 3™ Open Beta (Version: 1.0.0.0)
Battlefield Bad Company 2 - BETA (Version: 1.0.0.1)
Battlefield Heroes
Battlelog Web Plugins (Version: 0.80.0)
BBSAK (Version: 1.9.11)
BlackBerry Desktop Software 5.0.1 (Version: 5.0.1.37)
BlackBerry Device Software Updater (Version: 5.0.1.69)
BlackBerry Device Software v4.6.0 for the BlackBerry 8220 smartphone (Version: 4.6.0.305 (Platform 4.1.0.100))
BlackBerry v4.1.0 for the 7290 Wireless Handheld (Version: 4.1.0.377 (Platform 1.8.0.154))
Blacklight Retribution (Version: 1.00.9500)
Bonjour (Version: 3.0.0.2)
Borderlands (Version: 1.0)
Borderlands 2
Brawl Busters
Build Your Own Net Dream (remove only)
BurnAware Free 2.3.8
C-Media PCI Audio Device
Call of Duty: Black Ops
Call of Duty: Black Ops - Multiplayer
CamStudio
Catalyst Control Center Core Implementation (Version: 2009.0225.1546.28221)
Catalyst Control Center Graphics Full Existing (Version: 2009.0225.1546.28221)
Catalyst Control Center Graphics Full New (Version: 2009.0225.1546.28221)
Catalyst Control Center Graphics Light (Version: 2009.0225.1546.28221)
Catalyst Control Center Graphics Previews Common (Version: 2009.0225.1546.28221)
Catalyst Control Center Graphics Previews Vista (Version: 2009.0225.1546.28221)
Catalyst Control Center HydraVision Full (Version: 2009.0225.1546.28221)
Catalyst Control Center InstallProxy (Version: 2009.0225.1546.28221)
ccc-core-static (Version: 2009.0225.1546.28221)
ccc-utility64 (Version: 2009.0225.1546.28221)
CCC Help English (Version: 2009.0225.1545.28221)
CCleaner (Version: 2.31)
Character Builder (Version: 1.10.0000)
Cheat Engine 6.1
CleanUp!
Collab
Comical 0.8
Counter-Strike 1.6
Counter-Strike: Global Offensive Beta
Counter-Strike: Source Beta
Creative ALchemy (Version: 1.41)
Creative Audio Control Panel (Version: 2.00)
Creative Karaoke Player
Creative MediaSource 5 (Version: 5.26)
Creative Sound Blaster Properties x64 Edition
Creative WaveStudio 7 (Version: 7.12)
DAEMON Tools Lite (Version: 4.45.4.0316)
DarkRadiant 1.0.0 x64
DarkSiders II version 5.1 (Version: 5.1)
Deus Ex
Deus Ex - Human Revolution version 1.0 (Version: 1.0)
Diablo III (Version: 1.0.4.11327)
Doom 3 (Version: 1.3)
Dota 2
Dragon Age: Origins (Version: 1.00)
ERUNT 1.1j
ESET Online Scanner v3
ESN Sonar (Version: 0.70.0)
Eusing Free Registry Cleaner
EVEREST Home Edition v2.20 (Version: 2.20)
Explorer Suite III
Fallout
Fallout 3 (Version: 1.00.0000)
Fallout Mod Manager 0.13.21
Fallout Mod Manager 0.9.15
Fallout New Vegas
Fallout2
FileZilla Client 3.3.0.1 (Version: 3.3.0.1)
Final Fantasy VII - Ultima Edition
FL Studio 8
FL Studio 9
Free M4a to MP3 Converter 6.1
Freenet
Freenet_2
Freenet_3
Freenet_4
Freenet_5
Freenet_6
Galaxy Fighter
GCFScape 1.7.5
GIMP 2.6.7
Gmask 1.70 English
GoldWave v5.65
Google Earth (Version: 5.2.1.1588)
Guild Wars 2
Hardcore
Harry Potter and the Order of the Phoenix™
Heroes of Newerth (Version: 0.9.0)
Hi-Rez Studios Authenticate and Update Service (Version: 3.0.0.0)
HiJackThis (Version: 1.0.0)
IL Download Manager
IrfanView (remove only) (Version: 4.27)
iTunes (Version: 10.4.0.80)
Java 7 Update 7 (64-bit) (Version: 7.0.70)
Java Auto Updater (Version: 2.0.5.1)
JDownloader 0.9 (Version: 0.9)
Just Cause 2
Kingdoms of Amalur Reckoning
League of Legends (Version: 1.0020)
League of Legends (Version: 1.0022)
League of Legends (Version: 1.3)
Live 8.1.1
Logitech G15 Keyboard Software 1.04 (Version: 1.04.153)
Logitech GamePanel Software 3.06.109 (Version: 3.06.109)
LogMeIn Hamachi (Version: 2.0.3.89)
Malwarebytes Anti-Malware version 1.65.0.1400 (Version: 1.65.0.1400)
Mass Effect (Version: 1.00)
Mass Effect 2 (Version: 1.00)
Match The Note
Mavis Beacon Teaches Typing Platinum 20 (Version: 20.00.0000)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Corporation (Version: 9.1.0.0)
Microsoft Games for Windows - LIVE Redistributable (Version: 3.5.92.0)
Microsoft Games for Windows Marketplace (Version: 3.5.50.0)
Microsoft LifeCam (Version: 3.21.263.0)
Microsoft Office Word Viewer 2003 (Version: 11.0.6506.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Xbox 360 Accessories 1.1 (Version: 1.10.123.0)
Microsoft XNA Framework Redistributable 3.1 (Version: 3.1.10527.0)
Morgan M-JPEG codec V3
MorphVOX Junior (Version: 2.7.3)
MorphVOX Pro (Version: 4.3.3)
Morrowind
Mozilla Firefox 15.0.1 (x86 en-GB) (Version: 15.0.1)
Mozilla Maintenance Service (Version: 15.0.1)
MP3 Player Recovery Tool (Version: 2.0.0.5)
MSVCRT (Version: 14.0.1468.721)
Mumble 1.2.3 (Version: 1.2.3)
NavNet (Version: 1.0)
NBA 2K12 (Version: 1.0.0)
NBA 2K13 (Version: 1.0.0)
Nexon Game Manager
Nexus Mod Manager (Version: 0.21.0)
Notepad++ (Version: 5.6.6)
NVIDIA PhysX (Version: 9.10.0513)
Oblivion (Version: 1.00.0000)
Oblivion mod manager 1.1.12
Octoshape Streaming Services
OpenAL
Opera 12.02 (Version: 12.02.1578)
Origin (Version: 8.2.6.475)
Pando Media Booster (Version: 2.6.0.1)
Pcsx2 0.9.4 Watermoose
PDF Settings (Version: 1.0)
PeerBlock 1.1 (r518) (Version: 1.1.0.518)
Penumbra Black Plague (Version: 1.0.1)
Penumbra Episode 1 (Version: 1.0.3)
Plain Sight
PoiZone
Polipo 1.0.4.1
Prince of Persia (Version: 1.0)
Prince of Persia The Sands of Time (Version: 1.00.181)
Project: Snowblind 1.0
Project64 1.6 (Version: 1.6)
PunkBuster Services (Version: 0.992)
QuickTime (Version: 7.69.80.9)
RAD Video Tools
RadeonPro 1.0 (Build 1.1.0.6)
Raidcall (Version: 6.3.0-1.0.3244.73)
Rainmeter (remove only)
Raptr
Razer Lachesis (Version: 1.10.0000)
RealAquarium
Recuva (Version: 1.37)
RIFT (Version: 1.0.0)
River IQ Game
RocketDock 1.3.5
Sawer
Shadowrun (Version: 1.00.0000)
SHOUTcast DNAS (remove only)
SHOUTcast Radio Toolbar (Version: 5.24.1.1)
SimAquarium
Skins (Version: 2009.0225.1546.28221)
Skype™ 4.2 (Version: 4.2.169)
Smite (Version: 0.1.1069.0)
Sophos Anti-Rootkit 1.5.4 (Version: 1.5.4)
Sound Blaster X-Fi Go! (Version: 1.0)
Source SDK Base 2007
Star Wars: The Old Republic (Version: 1.00)
StarCraft II Beta (Version: 0.2.0.13891)
STREET FIGHTER IV (Version: 1.00.3013)
SuddenAttack
Super Street Fighter IV: Arcade Edition (Version: 1.0.0000.129)
Switch Sound File Converter
swMSM (Version: 12.0.0.1)
System Requirements Lab (Version: 4.1.72.0)
System Shock2
Tales of Monkey Island - The Siege of Spinner Cay (Version: 1.0.0.15)
TeamViewer 6 (Version: 6.0.10194)
TES Construction Set
The Witcher Enhanced Edition (Version: 1.00.0000)
Thief - Deadly Shadows (Version: 1.00.0000)
Thief 2
Titan Quest (Version: 1.00.0000)
Titan Quest Immortal Throne (Version: 1.00.0000)
Tony Hawk's Underground (Version: 1.00.0000)
Tor 0.2.1.29
Torchlight II © Runic Games version 1 (Version: 1)
Toxic Biohazard
Toy Story 3 (Version: 1.00.0000)
Tribes Ascend Closed Beta (Version: 0.1.760.0)
TrueCrypt (Version: 6.3a)
TSLRCM 1.6
Tunngle beta
Ubisoft Game Launcher (Version: 1.0.0.0)
Vegas Pro 9.0 (64-bit) (Version: 9.0.895)
Ventrilo Client for Windows x64 (Version: 3.0.7.0)
Vidalia 0.2.10
VisComPic
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
VLC media player 1.0.1 (Version: 1.0.1)
Volume Panel
VTFEdit 1.2.5
Vuze (Version: 4.6)
Warcraft III: All Products
Windows Live Call (Version: 14.0.8064.0206)
Windows Live Communications Platform (Version: 14.0.8098.930)
Windows Live Essentials (Version: 14.0.8089.0726)
Windows Live Essentials (Version: 14.0.8089.726)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
Windows Live Messenger (Version: 14.0.8089.0726)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Mobile Device Center (Version: 6.1.6965.0)
Windows Mobile Device Center Driver Update (Version: 6.0.6783.0)
Windows XP Mode (Version: 1.3.7600.16423)
WinRAR archiver
World of Warcraft (Version: 4.2.0.14480)
Xfire (remove only)
Xvid 1.1.3 final uninstall (Version: 1.1)
Yamaha USB-MIDI Driver (Version: 3.0.4.1)
YouTube Downloader 3.3
YouTube Downloader Toolbar v4.9 (Version: 4.9)
ZEN Media Explorer
Zero Gear
ZeroOnline

========================= Memory info: ===================================

Percentage of memory in use: 16%
Total physical RAM: 8191.12 MB
Available physical RAM: 6816.96 MB
Total Pagefile: 16380.38 MB
Available Pagefile: 13730.88 MB
Total Virtual: 4095.88 MB
Available Virtual: 3954.48 MB

========================= Partitions: =====================================

2 Drive c: () (Fixed) (Total:931.41 GB) (Free:141.61 GB) NTFS
6 Drive g: (NBA 2K13) (CDROM) (Total:6.86 GB) (Free:0 GB) UDF
7 Drive h: (SB X-FI GO!) (Removable) (Total:0.94 GB) (Free:0.81 GB) FAT32

========================= Users: ========================================

User accounts for \\ROBINHOOD

Administrator Collin Guest

========================= Restore Points ==================================

13-10-2012 22:03:21 ComboFix created restore point

**** End of log ****

#11 ThatGuyJake

ThatGuyJake
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:12:42 PM

Posted 14 October 2012 - 02:43 PM

I ran ADWcleaner yesterday and it found a ton more issues then, especially with mozilla firefox. Things are looking much cleaner now.

# AdwCleaner v2.005 - Logfile created 10/14/2012 at 12:39:36
# Updated 14/10/2012 by Xplode
# Operating system : Windows 7 Professional (64 bits)
# User : Collin - ROBINHOOD
# Boot Mode : Normal
# Running from : C:\Users\Collin\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.7600.16385

[OK] Registry is clean.

-\\ Mozilla Firefox v15.0.1 (en-GB)

Profile name : default
File : C:\Users\Collin\AppData\Roaming\Mozilla\Firefox\Profiles\3iaf9ysq.default\prefs.js

[OK] File is clean.

-\\ Chromium v [Unable to get version]

File : C:\Users\Collin\AppData\Local\Chromium\User Data\Default\Preferences

[OK] File is clean.

-\\ Opera v12.2.1578.0

File : C:\Users\Collin\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [23210 octets] - [13/10/2012 15:05:27]
AdwCleaner[S2].txt - [1136 octets] - [13/10/2012 15:24:12]
AdwCleaner[S4].txt - [1067 octets] - [14/10/2012 12:39:36]

########## EOF - C:\AdwCleaner[S4].txt - [1127 octets] ##########

Edited by ThatGuyJake, 14 October 2012 - 02:44 PM.


#12 ThatGuyJake

ThatGuyJake
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:12:42 PM

Posted 14 October 2012 - 02:59 PM

And finally the JRT.


Junkware Removal Tool (JRT) by Thisisu
Version: 1.5.7 (10.14.2012)
OS: Windows 7 Professional x64
Ran by Collin on Sun 10/14/2012 at 12:44:43.40
Blog: http://thisisudax.blogspot.com
**************************************************************




*** Services: 0 Detections



*** Registry Values: 0 Detections



*** Registry Keys:

Successfully deleted: [KEY] hkey_classes_root\clsid\{3c471948-f874-49f5-b338-4f214a2ee0b1}



*** Files:

Successfully deleted: [FILE] C:\eula.1028.txt
Successfully deleted: [FILE] C:\eula.1031.txt
Successfully deleted: [FILE] C:\eula.1033.txt
Successfully deleted: [FILE] C:\eula.1036.txt
Successfully deleted: [FILE] C:\eula.1040.txt
Successfully deleted: [FILE] C:\eula.1041.txt
Successfully deleted: [FILE] C:\eula.1042.txt
Successfully deleted: [FILE] C:\eula.2052.txt
Successfully deleted: [FILE] C:\install.res.1028.dll
Successfully deleted: [FILE] C:\install.res.1031.dll
Successfully deleted: [FILE] C:\install.res.1033.dll
Successfully deleted: [FILE] C:\install.res.1036.dll
Successfully deleted: [FILE] C:\install.res.1040.dll
Successfully deleted: [FILE] C:\install.res.1041.dll
Successfully deleted: [FILE] C:\install.res.1042.dll
Successfully deleted: [FILE] C:\install.res.2052.dll
Successfully deleted: [FILE] C:\install.res.3082.dll



*** Folders: 0 Detections



*** FireFox detected and repaired

Removed the following from [PREFS.JS] :

user_pref("extensions.installCache", "[{\"name\":\"app-global\",\"addons\":{\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}\",\"mtime\":1350108679225}}},{\"name\":\"app-profile\",\"addons\":{\"battlefieldheroespatcher@ea.com\":{\"descriptor\":\"C:\\\\Users\\\\Collin\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\3iaf9ysq.default\\\\extensions\\\\battlefieldheroespatcher@ea.com\",\"mtime\":1327145027700},\"engine@conduit.com\":{\"descriptor\":\"C:\\\\Users\\\\Collin\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\3iaf9ysq.default\\\\extensions\\\\engine@conduit.com\",\"mtime\":1327145027890},\"kdejhbmtsk@kdejhbmtsk.org\":{\"descriptor\":\"C:\\\\Users\\\\Collin\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\3iaf9ysq.default\\\\extensions\\\\kdejhbmtsk@kdejhbmtsk.org.xpi\",\"mtime\":1335639315235},\"wtxpcom@mybrowserbar.com\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Common Files\\\\Spigot\\\\wtxpcom\",\"mtime\":1324434779981},\"youtubedownloader@mybrowserbar.com\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\YouTube Downloader Toolbar\\\\FF\",\"mtime\":1324180827912},\"{0b38152b-1b20-484d-a11f-5e04a9b0661f}\":{\"descriptor\":\"C:\\\\Users\\\\Collin\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\3iaf9ysq.default\\\\extensions\\\\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\",\"mtime\":1342692144475},\"{12e4c684-c03e-4e4d-85bc-0c065e7a9489}\":{\"descriptor\":\"C:\\\\Users\\\\Collin\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\3iaf9ysq.default\\\\extensions\\\\{12e4c684-c03e-4e4d-85bc-0c065e7a9489}\",\"mtime\":1327145027902},\"{3d7eb24f-2740-49df-8937-200b1cc08f8a}\":{\"descriptor\":\"C:\\\\Users\\\\Collin\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\3iaf9ysq.default\\\\extensions\\\\{3d7eb24f-2740-49df-8937-200b1cc08f8a}.xpi\",\"mtime\":1318792757663},\"{ba14329e-9550-4989-b3f2-9732e92d17cc}\":{\"descriptor\":\"C:\\\\Users\\\\Collin\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\3iaf9ysq.default\\\\extensions\\\\{ba14329e-9550-4989-b3f2-9732e92d17cc}\",\"mtime\":1347149109797},\"{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}\":{\"descriptor\":\"C:\\\\Users\\\\Collin\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\3iaf9ysq.default\\\\extensions\\\\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi\",\"mtime\":1343203839230}}}]");


*** Event Viewer Logs - Cleared





**************************************************************
Scan was completed on Sun 10/14/2012 at 12:52:43.91
End of Report

#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:42 PM

Posted 14 October 2012 - 05:14 PM

farbar service scanner log?


Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#14 ThatGuyJake

ThatGuyJake
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:12:42 PM

Posted 14 October 2012 - 08:01 PM

Oh yeah I forgot the farbar. Here it is.


Farbar Service Scanner Version: 07-10-2012
Ran by Collin (administrator) on 14-10-2012 at 18:00:40
Running from "C:\Users\Collin\Desktop"
Microsoft Windows 7 Professional (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Attempt to access Google.com returned error: Google.com is offline
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to retrieve start type of MpsSvc. The value does not exist.
Checking ImagePath: ATTENTION!=====> Unable to retrieve ImagePath of MpsSvc. The value does not exist.
Unable to retrieve ServiceDll of MpsSvc. The value does not exist.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============
Checking Start type of SharedAccess: ATTENTION!=====> Unable to retrieve start type of SharedAccess. The value does not exist.
Checking ImagePath of SharedAccess: ATTENTION!=====> Unable to retrieve ImagePath of SharedAccess. The value does not exist.
Checking ServiceDll of SharedAccess: ATTENTION!=====> Unable to retrieve ServiceDll of SharedAccess. The value does not exist.


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys
[2009-07-13 16:25] - [2009-07-13 18:45] - 1898576 ____A (Microsoft Corporation) 912107716BAB424C7870E8E6AF5E07E1

C:\Windows\System32\dnsrslvr.dll
[2009-07-13 16:21] - [2009-07-13 18:40] - 0182272 ____A (Microsoft Corporation) 676108C4E3AA6F6B34633748BD0BEBD9

C:\Windows\System32\mpssvc.dll
[2009-07-13 17:09] - [2009-07-13 18:41] - 0824832 ____A (Microsoft Corporation) AECAB449567D1846DAD63ECE49E893E3

C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll
[2009-07-13 16:36] - [2009-07-13 18:41] - 0170496 ____A (Microsoft Corporation) 765A27C3279CE11D14CB9E4F5869FCA5

C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

#15 ThatGuyJake

ThatGuyJake
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:12:42 PM

Posted 14 October 2012 - 08:08 PM

Here is the RKill

Rkill 2.0.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 10/14/2012 06:06:13 PM in x64 mode.
Windows Version: Windows 7

Checking for Windows services to stop.

* No malware services found to stop.

Checking for processes to terminate.

* No malware processes found to kill.

Checking Registry for malware related settings.

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks.

* SMTMP folder detected. Your machine is or has been infected with the Fake.HDD rogue anti-spyware program. Please see this link for more information about this type of rogue: http://www.bleepingcomputer.com/forums/topic405109.html

Restarting Explorer.exe in order to apply changes.

Program finished at: 10/14/2012 06:06:25 PM
Execution time: 0 hours(s), 0 minute(s), and 11 seconds(s)




I ran the autoruns.exe and saved it, but there is no save-as option so I don't know how to save it as a txt.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users