Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

SMART HDD Virus Removal


  • Please log in to reply
19 replies to this topic

#1 P_lock

P_lock

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:11:54 PM

Posted 15 November 2012 - 08:43 AM

Yesterday, I was on the internet when suddenly the browser closed and my internet connection was lost. I soon discovered that this was the SMART HDD virus. I have followed the help topic on the virus (http://www.bleepingcomputer.com/virus-removal/remove-smart-hdd), and have ran Malwarebytes, but it did not detect anything. Prior to this, I also ran RKill, TDSSKiller, and RougeKiller as well as Unhide.exe by transferring the programs over via USB. I still have no internet connections and am unaware if any traces of the virus are still on my computer. I am running Windows 7. Thanks in advance for the help.

Edited by P_lock, 15 November 2012 - 08:45 AM.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:54 AM

Posted 15 November 2012 - 09:52 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 P_lock

P_lock
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:11:54 PM

Posted 15 November 2012 - 11:44 AM

I was unable to download the latest Avast! virus definitions, but still ran it as is. In normal mode, aswMBR crashed the system, so it was ran in safemode. ESET online scanner could not download. It gave the message "Cannot get update. Is proxy configured?"

TDSSkiller Log

10:28:35.0780 3740 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
10:28:35.0795 3740 ============================================================
10:28:35.0795 3740 Current date / time: 2012/11/15 10:28:35.0795
10:28:35.0795 3740 SystemInfo:
10:28:35.0795 3740
10:28:35.0795 3740 OS Version: 6.1.7601 ServicePack: 1.0
10:28:35.0795 3740 Product type: Workstation
10:28:35.0795 3740 ComputerName: KEVIN-PC
10:28:35.0795 3740 UserName: Kevin P
10:28:35.0795 3740 Windows directory: C:\Windows
10:28:35.0795 3740 System windows directory: C:\Windows
10:28:35.0795 3740 Running under WOW64
10:28:35.0795 3740 Processor architecture: Intel x64
10:28:35.0795 3740 Number of processors: 2
10:28:35.0795 3740 Page size: 0x1000
10:28:35.0795 3740 Boot type: Normal boot
10:28:35.0795 3740 ============================================================
10:28:39.0695 3740 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:28:39.0711 3740 Drive \Device\Harddisk1\DR1 - Size: 0xF7800000 (3.87 Gb), SectorSize: 0x200, Cylinders: 0x1F8, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
10:28:39.0711 3740 ============================================================
10:28:39.0711 3740 \Device\Harddisk0\DR0:
10:28:39.0711 3740 MBR partitions:
10:28:39.0711 3740 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1D4B800, BlocksNum 0x3863A030
10:28:39.0711 3740 \Device\Harddisk1\DR1:
10:28:39.0711 3740 MBR partitions:
10:28:39.0711 3740 \Device\Harddisk1\DR1\Partition1: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x7BBFC1
10:28:39.0711 3740 ============================================================
10:28:39.0742 3740 C: <-> \Device\Harddisk0\DR0\Partition1
10:28:39.0742 3740 ============================================================
10:28:39.0742 3740 Initialize success
10:28:39.0742 3740 ============================================================
10:29:05.0404 6116 ============================================================
10:29:05.0404 6116 Scan started
10:29:05.0404 6116 Mode: Manual; TDLFS;
10:29:05.0404 6116 ============================================================
10:29:07.0666 6116 ================ Scan system memory ========================
10:29:07.0666 6116 System memory - ok
10:29:07.0666 6116 ================ Scan services =============================
10:29:09.0585 6116 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
10:29:09.0585 6116 1394ohci - ok
10:29:09.0834 6116 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
10:29:09.0850 6116 ACPI - ok
10:29:09.0944 6116 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
10:29:09.0944 6116 AcpiPmi - ok
10:29:10.0318 6116 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
10:29:10.0318 6116 AdobeARMservice - ok
10:29:10.0443 6116 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
10:29:10.0490 6116 adp94xx - ok
10:29:10.0552 6116 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
10:29:10.0568 6116 adpahci - ok
10:29:10.0630 6116 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
10:29:10.0646 6116 adpu320 - ok
10:29:10.0692 6116 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
10:29:10.0692 6116 AeLookupSvc - ok
10:29:10.0848 6116 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
10:29:10.0942 6116 AFD - ok
10:29:11.0020 6116 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
10:29:11.0020 6116 agp440 - ok
10:29:11.0114 6116 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
10:29:11.0114 6116 ALG - ok
10:29:11.0238 6116 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
10:29:11.0238 6116 aliide - ok
10:29:11.0270 6116 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
10:29:11.0285 6116 amdide - ok
10:29:11.0379 6116 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
10:29:11.0394 6116 AmdK8 - ok
10:29:11.0426 6116 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
10:29:11.0426 6116 AmdPPM - ok
10:29:11.0550 6116 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
10:29:11.0550 6116 amdsata - ok
10:29:11.0628 6116 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
10:29:11.0628 6116 amdsbs - ok
10:29:11.0706 6116 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
10:29:11.0706 6116 amdxata - ok
10:29:11.0816 6116 [ 391887990CDAA83DE5C56C3FDE966DA1 ] AmUStor C:\Windows\system32\drivers\AmUStor.SYS
10:29:11.0816 6116 AmUStor - ok
10:29:11.0972 6116 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
10:29:11.0987 6116 AppID - ok
10:29:12.0034 6116 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
10:29:12.0050 6116 AppIDSvc - ok
10:29:12.0159 6116 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
10:29:12.0174 6116 Appinfo - ok
10:29:12.0549 6116 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
10:29:12.0564 6116 Apple Mobile Device - ok
10:29:12.0720 6116 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
10:29:12.0720 6116 arc - ok
10:29:12.0798 6116 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
10:29:12.0814 6116 arcsas - ok
10:29:12.0939 6116 [ EB1807795CD3EEAA3288B4A30DE254E8 ] ASLDRService C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
10:29:12.0939 6116 ASLDRService - ok
10:29:13.0095 6116 [ 2DB34EDD17D3A8DA7105A19C95A3DD68 ] ASMMAP64 C:\Program Files\ATKGFNEX\ASMMAP64.sys
10:29:13.0095 6116 ASMMAP64 - ok
10:29:13.0610 6116 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
10:29:13.0781 6116 aspnet_state - ok
10:29:13.0859 6116 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
10:29:13.0859 6116 AsyncMac - ok
10:29:13.0968 6116 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
10:29:13.0968 6116 atapi - ok
10:29:14.0140 6116 [ E857EEE6B92AAA473EBB3465ADD8F7E7 ] athr C:\Windows\system32\DRIVERS\athrx.sys
10:29:14.0218 6116 athr - ok
10:29:14.0280 6116 [ 7C157574A181B19B9DCF5F339E25337E ] ATKGFNEXSrv C:\Program Files\ATKGFNEX\GFNEXSrv.exe
10:29:14.0280 6116 ATKGFNEXSrv - ok
10:29:14.0405 6116 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:29:14.0405 6116 AudioEndpointBuilder - ok
10:29:14.0436 6116 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
10:29:14.0436 6116 AudioSrv - ok
10:29:15.0294 6116 [ F6A528DE535396C2FB1A4E3C6F00CEC4 ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
10:29:15.0341 6116 AVGIDSAgent - ok
10:29:15.0466 6116 [ 1B2E9FCDC26DC7C81D4131430E2DC936 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys
10:29:15.0466 6116 AVGIDSDriver - ok
10:29:15.0591 6116 [ 0F293406F64B48D5D2F0D3A1117F3A83 ] AVGIDSFilter C:\Windows\system32\DRIVERS\avgidsfiltera.sys
10:29:15.0591 6116 AVGIDSFilter - ok
10:29:15.0747 6116 [ CFFC3A4A638F462E0561CB368B9A7A3A ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys
10:29:15.0747 6116 AVGIDSHA - ok
10:29:16.0012 6116 [ 221FEBAB02D6C97C95558348CC354A85 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys
10:29:16.0012 6116 Avgldx64 - ok
10:29:16.0168 6116 [ A6AEC362AAE5E2DDA7445E7690CB0F33 ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys
10:29:16.0168 6116 Avgmfx64 - ok
10:29:16.0277 6116 [ 645C7F0A0E39758A0024A9B1748273C0 ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys
10:29:16.0277 6116 Avgrkx64 - ok
10:29:16.0480 6116 [ F8C3C7ED612A41B05C66358FC9786BFD ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys
10:29:16.0496 6116 Avgtdia - ok
10:29:16.0652 6116 [ EA1145DEBCD508FD25BD1E95C4346929 ] avgwd C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
10:29:16.0652 6116 avgwd - ok
10:29:16.0792 6116 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
10:29:16.0792 6116 AxInstSV - ok
10:29:16.0948 6116 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
10:29:16.0995 6116 b06bdrv - ok
10:29:17.0166 6116 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
10:29:17.0198 6116 b57nd60a - ok
10:29:17.0276 6116 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
10:29:17.0276 6116 BDESVC - ok
10:29:17.0322 6116 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
10:29:17.0322 6116 Beep - ok
10:29:17.0463 6116 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
10:29:17.0510 6116 BFE - ok
10:29:17.0697 6116 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
10:29:17.0744 6116 BITS - ok
10:29:17.0790 6116 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
10:29:17.0790 6116 blbdrive - ok
10:29:18.0056 6116 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
10:29:18.0056 6116 Bonjour Service - ok
10:29:18.0165 6116 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
10:29:18.0165 6116 bowser - ok
10:29:18.0274 6116 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
10:29:18.0274 6116 BrFiltLo - ok
10:29:18.0352 6116 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
10:29:18.0352 6116 BrFiltUp - ok
10:29:18.0414 6116 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
10:29:18.0414 6116 Browser - ok
10:29:18.0492 6116 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
10:29:18.0524 6116 Brserid - ok
10:29:18.0570 6116 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
10:29:18.0570 6116 BrSerWdm - ok
10:29:18.0633 6116 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
10:29:18.0633 6116 BrUsbMdm - ok
10:29:18.0680 6116 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
10:29:18.0680 6116 BrUsbSer - ok
10:29:18.0742 6116 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
10:29:18.0742 6116 BTHMODEM - ok
10:29:18.0867 6116 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
10:29:18.0867 6116 bthserv - ok
10:29:19.0085 6116 [ 9887CA12F407D7FBC7F48F3678F5F0B6 ] BVRPMPR5a64 C:\Windows\system32\drivers\BVRPMPR5a64.SYS
10:29:19.0085 6116 BVRPMPR5a64 - ok
10:29:19.0335 6116 catchme - ok
10:29:19.0366 6116 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
10:29:19.0366 6116 cdfs - ok
10:29:19.0444 6116 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
10:29:19.0460 6116 cdrom - ok
10:29:19.0553 6116 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
10:29:19.0553 6116 CertPropSvc - ok
10:29:19.0756 6116 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
10:29:19.0756 6116 circlass - ok
10:29:19.0834 6116 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
10:29:19.0834 6116 CLFS - ok
10:29:20.0006 6116 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:29:20.0006 6116 clr_optimization_v2.0.50727_32 - ok
10:29:20.0130 6116 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:29:20.0177 6116 clr_optimization_v2.0.50727_64 - ok
10:29:20.0583 6116 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:29:20.0832 6116 clr_optimization_v4.0.30319_32 - ok
10:29:20.0879 6116 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:29:20.0973 6116 clr_optimization_v4.0.30319_64 - ok
10:29:21.0066 6116 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
10:29:21.0066 6116 CmBatt - ok
10:29:21.0113 6116 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
10:29:21.0129 6116 cmdide - ok
10:29:21.0207 6116 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
10:29:21.0238 6116 CNG - ok
10:29:21.0332 6116 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
10:29:21.0332 6116 Compbatt - ok
10:29:21.0378 6116 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
10:29:21.0394 6116 CompositeBus - ok
10:29:21.0441 6116 COMSysApp - ok
10:29:21.0472 6116 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
10:29:21.0472 6116 crcdisk - ok
10:29:21.0612 6116 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
10:29:21.0612 6116 CryptSvc - ok
10:29:21.0893 6116 [ 50BBD6CB6377DC07B938EC920D922BA6 ] DB2 C:\PROGRA~2\IBM\SQLLIB\bin\db2syscs.exe
10:29:21.0893 6116 DB2 - ok
10:29:21.0971 6116 [ C59B0A76944161288724305CC3F800FD ] DB2DAS00 C:\Program Files (x86)\IBM\SQLLIB\\bin\db2dasrrm.exe
10:29:21.0971 6116 DB2DAS00 - ok
10:29:22.0049 6116 [ 7D8D1F9B3B3768A82DC35DAB44E68115 ] DB2GOVERNOR_DB2COPY1 C:\Program Files (x86)\IBM\SQLLIB\BIN\db2govds.exe
10:29:22.0049 6116 DB2GOVERNOR_DB2COPY1 - ok
10:29:22.0158 6116 [ DF704E6D3335EF8FF0E81EF535CC5D0C ] DB2LICD_DB2COPY1 C:\Program Files (x86)\IBM\SQLLIB\BIN\db2licd.exe
10:29:22.0158 6116 DB2LICD_DB2COPY1 - ok
10:29:22.0205 6116 [ 261A899F65A97B36D1BEA004CC3D4EBF ] DB2MGMTSVC_DB2COPY1 C:\Program Files (x86)\IBM\SQLLIB\BIN\db2mgmtsvc.exe
10:29:22.0205 6116 DB2MGMTSVC_DB2COPY1 - ok
10:29:22.0236 6116 [ 41B5079868667EA319EE3A58FE878F5D ] DB2REMOTECMD_DB2COPY1 C:\Program Files (x86)\IBM\SQLLIB\BIN\db2rcmd.exe
10:29:22.0252 6116 DB2REMOTECMD_DB2COPY1 - ok
10:29:22.0424 6116 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
10:29:22.0424 6116 DcomLaunch - ok
10:29:22.0533 6116 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
10:29:22.0580 6116 defragsvc - ok
10:29:22.0658 6116 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
10:29:22.0673 6116 DfsC - ok
10:29:22.0829 6116 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
10:29:22.0829 6116 Dhcp - ok
10:29:22.0876 6116 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
10:29:22.0876 6116 discache - ok
10:29:22.0970 6116 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
10:29:22.0970 6116 Disk - ok
10:29:23.0032 6116 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
10:29:23.0032 6116 Dnscache - ok
10:29:23.0110 6116 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
10:29:23.0126 6116 dot3svc - ok
10:29:23.0282 6116 [ B42ED0320C6E41102FDE0005154849BB ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
10:29:23.0297 6116 Dot4 - ok
10:29:23.0422 6116 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
10:29:23.0438 6116 Dot4Print - ok
10:29:23.0531 6116 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
10:29:23.0531 6116 dot4usb - ok
10:29:23.0578 6116 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
10:29:23.0578 6116 DPS - ok
10:29:23.0625 6116 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
10:29:23.0625 6116 drmkaud - ok
10:29:23.0890 6116 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
10:29:23.0906 6116 DXGKrnl - ok
10:29:23.0952 6116 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
10:29:23.0952 6116 EapHost - ok
10:29:24.0327 6116 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
10:29:24.0483 6116 ebdrv - ok
10:29:24.0498 6116 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
10:29:24.0498 6116 EFS - ok
10:29:24.0717 6116 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
10:29:24.0795 6116 ehRecvr - ok
10:29:24.0857 6116 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
10:29:24.0857 6116 ehSched - ok
10:29:25.0013 6116 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
10:29:25.0060 6116 elxstor - ok
10:29:25.0107 6116 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
10:29:25.0107 6116 ErrDev - ok
10:29:25.0216 6116 [ 1299D1EA00B7A4BF69C5869DCA31E0F6 ] ETD C:\Windows\system32\DRIVERS\ETD.sys
10:29:25.0216 6116 ETD - ok
10:29:25.0278 6116 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
10:29:25.0294 6116 EventSystem - ok
10:29:25.0325 6116 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
10:29:25.0325 6116 exfat - ok
10:29:26.0417 6116 [ 8C89F06DBC239492E0AAAA0B0D8645EA ] FastBootAgent C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe
10:29:26.0417 6116 FastBootAgent - ok
10:29:26.0464 6116 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
10:29:26.0464 6116 fastfat - ok
10:29:26.0698 6116 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
10:29:26.0760 6116 Fax - ok
10:29:26.0807 6116 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
10:29:26.0807 6116 fdc - ok
10:29:26.0870 6116 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
10:29:26.0870 6116 fdPHost - ok
10:29:26.0916 6116 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
10:29:26.0916 6116 FDResPub - ok
10:29:26.0963 6116 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
10:29:26.0963 6116 FileInfo - ok
10:29:26.0979 6116 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
10:29:26.0979 6116 Filetrace - ok
10:29:27.0041 6116 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
10:29:27.0041 6116 flpydisk - ok
10:29:27.0119 6116 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
10:29:27.0119 6116 FltMgr - ok
10:29:27.0260 6116 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
10:29:27.0306 6116 FontCache - ok
10:29:27.0525 6116 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:29:27.0525 6116 FontCache3.0.0.0 - ok
10:29:27.0587 6116 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
10:29:27.0587 6116 FsDepends - ok
10:29:27.0665 6116 [ 6C06701BF1DB05405804D7EB610991CE ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
10:29:27.0665 6116 fssfltr - ok
10:29:27.0946 6116 [ 4CE9DAC1518FF7E77BD213E6394B9D77 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
10:29:28.0008 6116 fsssvc - ok
10:29:28.0102 6116 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
10:29:28.0102 6116 Fs_Rec - ok
10:29:28.0164 6116 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
10:29:28.0180 6116 fvevol - ok
10:29:28.0242 6116 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
10:29:28.0242 6116 gagp30kx - ok
10:29:28.0367 6116 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
10:29:28.0367 6116 GEARAspiWDM - ok
10:29:28.0492 6116 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
10:29:28.0508 6116 gpsvc - ok
10:29:28.0570 6116 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
10:29:28.0586 6116 hcw85cir - ok
10:29:28.0710 6116 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
10:29:28.0742 6116 HdAudAddService - ok
10:29:28.0820 6116 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
10:29:28.0820 6116 HDAudBus - ok
10:29:28.0866 6116 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
10:29:28.0866 6116 HidBatt - ok
10:29:28.0898 6116 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
10:29:28.0898 6116 HidBth - ok
10:29:28.0929 6116 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
10:29:28.0929 6116 HidIr - ok
10:29:28.0960 6116 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
10:29:28.0976 6116 hidserv - ok
10:29:29.0054 6116 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
10:29:29.0054 6116 HidUsb - ok
10:29:29.0100 6116 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
10:29:29.0100 6116 hkmsvc - ok
10:29:29.0163 6116 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
10:29:29.0178 6116 HomeGroupListener - ok
10:29:29.0272 6116 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
10:29:29.0272 6116 HomeGroupProvider - ok
10:29:29.0584 6116 [ 5DA42D24712E00728CEA2342A65009B2 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
10:29:29.0600 6116 hpqcxs08 - ok
10:29:29.0693 6116 [ D86A39BF100069444D026D22D9A6E555 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
10:29:29.0693 6116 hpqddsvc - ok
10:29:29.0771 6116 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
10:29:29.0787 6116 HpSAMD - ok
10:29:29.0990 6116 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
10:29:30.0005 6116 HTTP - ok
10:29:30.0036 6116 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
10:29:30.0036 6116 hwpolicy - ok
10:29:30.0099 6116 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
10:29:30.0099 6116 i8042prt - ok
10:29:30.0161 6116 [ 1D004CB1DA6323B1F55CAEF7F94B61D9 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
10:29:30.0161 6116 iaStor - ok
10:29:30.0255 6116 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
10:29:30.0255 6116 iaStorV - ok
10:29:30.0442 6116 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:29:30.0489 6116 idsvc - ok
10:29:31.0284 6116 [ C6238C6ABD6AC99F5D152DA4E9439A3D ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
10:29:31.0534 6116 igfx - ok
10:29:31.0581 6116 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
10:29:31.0581 6116 iirsp - ok
10:29:31.0737 6116 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
10:29:31.0799 6116 IKEEXT - ok
10:29:32.0096 6116 [ 0C3CF4B3BAE28E121A1689E3538F8712 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
10:29:32.0127 6116 IntcAzAudAddService - ok
10:29:32.0220 6116 [ D485D3BD3E2179AA86853A182F70699F ] IntcHdmiAddService C:\Windows\system32\drivers\IntcHdmi.sys
10:29:32.0252 6116 IntcHdmiAddService - ok
10:29:32.0298 6116 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
10:29:32.0298 6116 intelide - ok
10:29:32.0376 6116 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
10:29:32.0376 6116 intelppm - ok
10:29:32.0408 6116 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
10:29:32.0423 6116 IPBusEnum - ok
10:29:32.0486 6116 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:29:32.0486 6116 IpFilterDriver - ok
10:29:32.0579 6116 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
10:29:32.0610 6116 iphlpsvc - ok
10:29:32.0657 6116 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
10:29:32.0673 6116 IPMIDRV - ok
10:29:32.0735 6116 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
10:29:32.0735 6116 IPNAT - ok
10:29:33.0063 6116 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
10:29:33.0110 6116 iPod Service - ok
10:29:33.0172 6116 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
10:29:33.0172 6116 IRENUM - ok
10:29:33.0219 6116 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
10:29:33.0234 6116 isapnp - ok
10:29:33.0281 6116 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
10:29:33.0297 6116 iScsiPrt - ok
10:29:33.0344 6116 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
10:29:33.0344 6116 kbdclass - ok
10:29:33.0390 6116 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
10:29:33.0406 6116 kbdhid - ok
10:29:33.0437 6116 [ E63EF8C3271D014F14E2469CE75FECB4 ] kbfiltr C:\Windows\system32\DRIVERS\kbfiltr.sys
10:29:33.0437 6116 kbfiltr - ok
10:29:33.0468 6116 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
10:29:33.0468 6116 KeyIso - ok
10:29:33.0562 6116 KL1 - ok
10:29:33.0702 6116 KLIF - ok
10:29:33.0780 6116 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
10:29:33.0780 6116 KSecDD - ok
10:29:33.0890 6116 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
10:29:33.0905 6116 KSecPkg - ok
10:29:33.0952 6116 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
10:29:33.0952 6116 ksthunk - ok
10:29:34.0092 6116 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
10:29:34.0108 6116 KtmRm - ok
10:29:34.0186 6116 [ 9C46A5421DE9D116C47155317CABB522 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
10:29:34.0202 6116 L1C - ok
10:29:34.0264 6116 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
10:29:34.0264 6116 LanmanServer - ok
10:29:34.0326 6116 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:29:34.0326 6116 LanmanWorkstation - ok
10:29:34.0404 6116 Lavasoft Kernexplorer - ok
10:29:34.0420 6116 Lbd - ok
10:29:34.0498 6116 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
10:29:34.0498 6116 lltdio - ok
10:29:34.0545 6116 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
10:29:34.0560 6116 lltdsvc - ok
10:29:34.0576 6116 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
10:29:34.0576 6116 lmhosts - ok
10:29:34.0638 6116 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
10:29:34.0638 6116 LSI_FC - ok
10:29:34.0670 6116 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
10:29:34.0685 6116 LSI_SAS - ok
10:29:34.0716 6116 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
10:29:34.0716 6116 LSI_SAS2 - ok
10:29:34.0732 6116 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
10:29:34.0748 6116 LSI_SCSI - ok
10:29:34.0794 6116 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
10:29:34.0794 6116 luafv - ok
10:29:34.0841 6116 lxcf_device - ok
10:29:34.0904 6116 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
10:29:34.0904 6116 Mcx2Svc - ok
10:29:34.0950 6116 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
10:29:34.0966 6116 megasas - ok
10:29:35.0028 6116 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
10:29:35.0060 6116 MegaSR - ok
10:29:35.0325 6116 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
10:29:35.0325 6116 Microsoft Office Groove Audit Service - ok
10:29:35.0387 6116 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
10:29:35.0387 6116 MMCSS - ok
10:29:35.0403 6116 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
10:29:35.0403 6116 Modem - ok
10:29:35.0434 6116 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
10:29:35.0434 6116 monitor - ok
10:29:35.0590 6116 [ 98A10AC4257A3BA48C9611338544EE49 ] MotoHelper C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
10:29:35.0606 6116 MotoHelper - ok
10:29:35.0637 6116 motusbdevice - ok
10:29:35.0762 6116 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
10:29:35.0762 6116 mouclass - ok
10:29:35.0793 6116 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
10:29:35.0793 6116 mouhid - ok
10:29:35.0886 6116 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
10:29:35.0886 6116 mountmgr - ok
10:29:36.0058 6116 [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
10:29:36.0058 6116 MozillaMaintenance - ok
10:29:36.0120 6116 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
10:29:36.0136 6116 mpio - ok
10:29:36.0167 6116 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
10:29:36.0167 6116 mpsdrv - ok
10:29:36.0245 6116 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
10:29:36.0261 6116 MpsSvc - ok
10:29:36.0339 6116 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
10:29:36.0354 6116 MRxDAV - ok
10:29:36.0401 6116 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
10:29:36.0401 6116 mrxsmb - ok
10:29:36.0479 6116 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:29:36.0479 6116 mrxsmb10 - ok
10:29:36.0510 6116 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:29:36.0510 6116 mrxsmb20 - ok
10:29:36.0557 6116 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
10:29:36.0557 6116 msahci - ok
10:29:36.0604 6116 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
10:29:36.0620 6116 msdsm - ok
10:29:36.0713 6116 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
10:29:36.0729 6116 MSDTC - ok
10:29:36.0760 6116 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
10:29:36.0776 6116 Msfs - ok
10:29:36.0916 6116 [ 54819FC5C79E4B2C6E896F9DE440494D ] msftesql$CSSQL05 c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\msftesql.exe
10:29:36.0916 6116 msftesql$CSSQL05 - ok
10:29:36.0963 6116 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
10:29:36.0978 6116 mshidkmdf - ok
10:29:37.0056 6116 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
10:29:37.0056 6116 msisadrv - ok
10:29:37.0119 6116 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
10:29:37.0150 6116 MSiSCSI - ok
10:29:37.0150 6116 msiserver - ok
10:29:37.0228 6116 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
10:29:37.0244 6116 MSKSSRV - ok
10:29:37.0275 6116 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
10:29:37.0275 6116 MSPCLOCK - ok
10:29:37.0306 6116 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
10:29:37.0322 6116 MSPQM - ok
10:29:37.0415 6116 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
10:29:37.0431 6116 MsRPC - ok
10:29:37.0493 6116 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
10:29:37.0493 6116 mssmbios - ok
10:29:37.0509 6116 MSSQL$CSSQL05 - ok
10:29:37.0618 6116 [ 1D89EB4E2A99CABD4E81225F4F4C4B25 ] MSSQLServerADHelper c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe
10:29:37.0618 6116 MSSQLServerADHelper - ok
10:29:37.0665 6116 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
10:29:37.0665 6116 MSTEE - ok
10:29:37.0696 6116 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
10:29:37.0696 6116 MTConfig - ok
10:29:37.0743 6116 [ 032D35C996F21D19A205A7C8F0B76F3C ] MTsensor C:\Windows\system32\DRIVERS\ATK64AMD.sys
10:29:37.0743 6116 MTsensor - ok
10:29:37.0821 6116 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
10:29:37.0821 6116 Mup - ok
10:29:37.0930 6116 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
10:29:37.0946 6116 napagent - ok
10:29:38.0086 6116 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
10:29:38.0086 6116 NativeWifiP - ok
10:29:38.0195 6116 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
10:29:38.0226 6116 NDIS - ok
10:29:38.0258 6116 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
10:29:38.0273 6116 NdisCap - ok
10:29:38.0320 6116 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
10:29:38.0336 6116 NdisTapi - ok
10:29:38.0429 6116 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
10:29:38.0429 6116 Ndisuio - ok
10:29:38.0523 6116 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
10:29:38.0554 6116 NdisWan - ok
10:29:38.0616 6116 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
10:29:38.0632 6116 NDProxy - ok
10:29:38.0757 6116 [ 2334DC48997BA203B794DF3EE70521DB ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
10:29:38.0772 6116 Net Driver HPZ12 - ok
10:29:38.0866 6116 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
10:29:38.0866 6116 NetBIOS - ok
10:29:38.0944 6116 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
10:29:38.0944 6116 NetBT - ok
10:29:38.0991 6116 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
10:29:38.0991 6116 Netlogon - ok
10:29:39.0069 6116 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
10:29:39.0084 6116 Netman - ok
10:29:39.0428 6116 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:29:39.0474 6116 NetMsmqActivator - ok
10:29:39.0506 6116 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:29:39.0521 6116 NetPipeActivator - ok
10:29:39.0630 6116 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
10:29:39.0677 6116 netprofm - ok
10:29:39.0740 6116 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:29:39.0740 6116 NetTcpActivator - ok
10:29:39.0755 6116 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:29:39.0755 6116 NetTcpPortSharing - ok
10:29:40.0582 6116 [ E72F4522801FFB8F0456924FB0017BFF ] NETw1v64 C:\Windows\system32\DRIVERS\NETw1v64.sys
10:29:40.0810 6116 NETw1v64 - ok
10:29:42.0297 6116 [ 4D85A450EDEF10C38882182753A49AAE ] NETw5s64 C:\Windows\system32\DRIVERS\NETw5s64.sys
10:29:42.0515 6116 NETw5s64 - ok
10:29:42.0718 6116 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
10:29:42.0734 6116 nfrd960 - ok
10:29:43.0046 6116 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
10:29:43.0061 6116 NlaSvc - ok
10:29:43.0155 6116 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
10:29:43.0155 6116 Npfs - ok
10:29:43.0217 6116 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
10:29:43.0233 6116 nsi - ok
10:29:43.0373 6116 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
10:29:43.0373 6116 nsiproxy - ok
10:29:43.0701 6116 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
10:29:43.0716 6116 Ntfs - ok
10:29:43.0763 6116 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
10:29:43.0763 6116 Null - ok
10:29:43.0826 6116 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
10:29:43.0841 6116 nvraid - ok
10:29:44.0231 6116 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
10:29:44.0325 6116 nvstor - ok
10:29:44.0387 6116 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
10:29:44.0403 6116 nv_agp - ok
10:29:44.0762 6116 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
10:29:44.0824 6116 odserv - ok
10:29:44.0871 6116 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
10:29:44.0871 6116 ohci1394 - ok
10:29:44.0964 6116 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:29:44.0964 6116 ose - ok
10:29:45.0042 6116 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
10:29:45.0042 6116 p2pimsvc - ok
10:29:45.0089 6116 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
10:29:45.0120 6116 p2psvc - ok
10:29:45.0152 6116 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
10:29:45.0152 6116 Parport - ok
10:29:45.0245 6116 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
10:29:45.0245 6116 partmgr - ok
10:29:45.0308 6116 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
10:29:45.0323 6116 PcaSvc - ok
10:29:45.0417 6116 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
10:29:45.0432 6116 pci - ok
10:29:45.0464 6116 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
10:29:45.0464 6116 pciide - ok
10:29:45.0542 6116 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
10:29:45.0557 6116 pcmcia - ok
10:29:45.0588 6116 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
10:29:45.0588 6116 pcw - ok
10:29:45.0651 6116 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
10:29:45.0666 6116 PEAUTH - ok
10:29:46.0634 6116 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
10:29:46.0758 6116 PerfHost - ok
10:29:47.0070 6116 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
10:29:47.0148 6116 pla - ok
10:29:47.0304 6116 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
10:29:47.0304 6116 PlugPlay - ok
10:29:47.0398 6116 [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
10:29:47.0398 6116 Pml Driver HPZ12 - ok
10:29:47.0476 6116 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
10:29:47.0476 6116 PNRPAutoReg - ok
10:29:47.0523 6116 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
10:29:47.0523 6116 PNRPsvc - ok
10:29:47.0616 6116 [ 4F0878FD62D5F7444C5F1C4C66D9D293 ] Point64 C:\Windows\system32\DRIVERS\point64.sys
10:29:47.0632 6116 Point64 - ok
10:29:47.0757 6116 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
10:29:47.0804 6116 PolicyAgent - ok
10:29:47.0866 6116 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
10:29:47.0882 6116 Power - ok
10:29:47.0975 6116 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
10:29:47.0975 6116 PptpMiniport - ok
10:29:48.0084 6116 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
10:29:48.0084 6116 Processor - ok
10:29:48.0225 6116 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
10:29:48.0225 6116 ProfSvc - ok
10:29:48.0256 6116 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
10:29:48.0256 6116 ProtectedStorage - ok
10:29:48.0334 6116 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
10:29:48.0334 6116 Psched - ok
10:29:48.0537 6116 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
10:29:48.0599 6116 ql2300 - ok
10:29:48.0630 6116 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
10:29:48.0646 6116 ql40xx - ok
10:29:48.0708 6116 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
10:29:48.0708 6116 QWAVE - ok
10:29:48.0740 6116 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
10:29:48.0755 6116 QWAVEdrv - ok
10:29:48.0786 6116 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
10:29:48.0786 6116 RasAcd - ok
10:29:48.0849 6116 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
10:29:48.0864 6116 RasAgileVpn - ok
10:29:48.0927 6116 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
10:29:48.0927 6116 RasAuto - ok
10:29:48.0989 6116 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
10:29:48.0989 6116 Rasl2tp - ok
10:29:49.0052 6116 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
10:29:49.0083 6116 RasMan - ok
10:29:49.0145 6116 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
10:29:49.0161 6116 RasPppoe - ok
10:29:49.0223 6116 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
10:29:49.0223 6116 RasSstp - ok
10:29:49.0348 6116 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
10:29:49.0410 6116 rdbss - ok
10:29:49.0457 6116 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
10:29:49.0457 6116 rdpbus - ok
10:29:49.0520 6116 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
10:29:49.0535 6116 RDPCDD - ok
10:29:49.0582 6116 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
10:29:49.0598 6116 RDPENCDD - ok
10:29:49.0644 6116 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
10:29:49.0644 6116 RDPREFMP - ok
10:29:49.0691 6116 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
10:29:49.0707 6116 RDPWD - ok
10:29:49.0847 6116 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
10:29:49.0863 6116 rdyboost - ok
10:29:49.0925 6116 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
10:29:49.0925 6116 RemoteAccess - ok
10:29:49.0956 6116 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
10:29:49.0972 6116 RemoteRegistry - ok
10:29:50.0253 6116 [ 35DDC1C0188C7012061F2BDFBE420764 ] Retrospect Client C:\Program Files (x86)\Retrospect\Retrospect Client\RemotSvc.exe
10:29:50.0253 6116 Retrospect Client - ok
10:29:50.0471 6116 [ A310DA0093A62D742E5C8D9C65145BF7 ] Retrospect Helper C:\Program Files (x86)\Retrospect\Retrospect Client\rthlpsvc.exe
10:29:50.0471 6116 Retrospect Helper - ok
10:29:50.0830 6116 [ E7062DBD907E0C5CEEB5ABDAF07E6B32 ] RosettaStoneDaemon C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe
10:29:50.0846 6116 RosettaStoneDaemon - ok
10:29:50.0924 6116 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
10:29:50.0924 6116 RpcEptMapper - ok
10:29:50.0955 6116 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
10:29:50.0955 6116 RpcLocator - ok
10:29:51.0080 6116 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
10:29:51.0095 6116 RpcSs - ok
10:29:51.0204 6116 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
10:29:51.0204 6116 rspndr - ok
10:29:51.0251 6116 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
10:29:51.0251 6116 SamSs - ok
10:29:51.0314 6116 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
10:29:51.0314 6116 sbp2port - ok
10:29:51.0594 6116 [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
10:29:51.0626 6116 SBSDWSCService - ok
10:29:51.0672 6116 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
10:29:51.0672 6116 SCardSvr - ok
10:29:51.0766 6116 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
10:29:51.0766 6116 scfilter - ok
10:29:51.0969 6116 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
10:29:51.0984 6116 Schedule - ok
10:29:52.0047 6116 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
10:29:52.0047 6116 SCPolicySvc - ok
10:29:52.0078 6116 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
10:29:52.0078 6116 SDRSVC - ok
10:29:52.0187 6116 [ 16A252022535B680046F6E34E136D378 ] SeaPort C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
10:29:52.0203 6116 SeaPort - ok
10:29:52.0265 6116 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
10:29:52.0281 6116 secdrv - ok
10:29:52.0328 6116 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
10:29:52.0328 6116 seclogon - ok
10:29:52.0375 6116 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
10:29:52.0375 6116 SENS - ok
10:29:52.0421 6116 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
10:29:52.0421 6116 SensrSvc - ok
10:29:52.0484 6116 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
10:29:52.0499 6116 Serenum - ok
10:29:52.0531 6116 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
10:29:52.0546 6116 Serial - ok
10:29:52.0593 6116 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
10:29:52.0609 6116 sermouse - ok
10:29:52.0655 6116 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
10:29:52.0671 6116 SessionEnv - ok
10:29:52.0702 6116 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
10:29:52.0702 6116 sffdisk - ok
10:29:52.0796 6116 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
10:29:52.0811 6116 sffp_mmc - ok
10:29:52.0843 6116 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
10:29:52.0858 6116 sffp_sd - ok
10:29:52.0905 6116 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
10:29:52.0921 6116 sfloppy - ok
10:29:53.0014 6116 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
10:29:53.0030 6116 SharedAccess - ok
10:29:53.0092 6116 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:29:53.0108 6116 ShellHWDetection - ok
10:29:53.0155 6116 [ 1BC348CF6BAA90EC8E533EF6E6A69933 ] SiSGbeLH C:\Windows\system32\DRIVERS\SiSG664.sys
10:29:53.0170 6116 SiSGbeLH - ok
10:29:53.0233 6116 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
10:29:53.0248 6116 SiSRaid2 - ok
10:29:53.0264 6116 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
10:29:53.0279 6116 SiSRaid4 - ok
10:29:53.0451 6116 [ A37740568718F245E818D0C5575B9AA9 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
10:29:53.0451 6116 SkypeUpdate - ok
10:29:53.0529 6116 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
10:29:53.0529 6116 Smb - ok
10:29:53.0638 6116 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
10:29:53.0654 6116 SNMPTRAP - ok
10:29:54.0091 6116 [ 1D8474722CDFFBB8FCA5FA12C50A05A2 ] SNP2UVC C:\Windows\system32\DRIVERS\snp2uvc.sys
10:29:54.0106 6116 SNP2UVC - ok
10:29:54.0153 6116 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
10:29:54.0153 6116 spldr - ok
10:29:54.0309 6116 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
10:29:54.0309 6116 Spooler - ok
10:29:54.0839 6116 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
10:29:54.0949 6116 sppsvc - ok
10:29:55.0011 6116 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
10:29:55.0027 6116 sppuinotify - ok
10:29:55.0198 6116 [ 86EBD8B1F23E743AAD21F4D5B4D40985 ] SQLBrowser c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
10:29:55.0198 6116 SQLBrowser - ok
10:29:55.0292 6116 [ 3C432A96363097870995E2A3C8B66ABD ] SQLWriter c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
10:29:55.0292 6116 SQLWriter - ok
10:29:55.0432 6116 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
10:29:55.0463 6116 srv - ok
10:29:55.0495 6116 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
10:29:55.0495 6116 srv2 - ok
10:29:55.0510 6116 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
10:29:55.0526 6116 srvnet - ok
10:29:55.0557 6116 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
10:29:55.0557 6116 SSDPSRV - ok
10:29:55.0588 6116 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
10:29:55.0588 6116 SstpSvc - ok
10:29:55.0604 6116 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
10:29:55.0619 6116 stexstor - ok
10:29:55.0682 6116 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
10:29:55.0713 6116 stisvc - ok
10:29:55.0760 6116 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
10:29:55.0760 6116 swenum - ok
10:29:55.0822 6116 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
10:29:55.0853 6116 swprv - ok
10:29:56.0025 6116 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
10:29:56.0072 6116 SysMain - ok
10:29:56.0119 6116 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:29:56.0134 6116 TabletInputService - ok
10:29:56.0150 6116 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
10:29:56.0150 6116 TapiSrv - ok
10:29:56.0181 6116 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
10:29:56.0181 6116 TBS - ok
10:29:56.0446 6116 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
10:29:56.0462 6116 Tcpip - ok
10:29:56.0633 6116 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
10:29:56.0649 6116 TCPIP6 - ok
10:29:56.0758 6116 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
10:29:56.0758 6116 tcpipreg - ok
10:29:56.0805 6116 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
10:29:56.0805 6116 TDPIPE - ok
10:29:56.0836 6116 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
10:29:56.0852 6116 TDTCP - ok
10:29:56.0914 6116 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
10:29:56.0914 6116 tdx - ok
10:29:56.0961 6116 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
10:29:56.0961 6116 TermDD - ok
10:29:57.0070 6116 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
10:29:57.0101 6116 TermService - ok
10:29:57.0148 6116 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
10:29:57.0148 6116 Themes - ok
10:29:57.0179 6116 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
10:29:57.0179 6116 THREADORDER - ok
10:29:57.0242 6116 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
10:29:57.0242 6116 TrkWks - ok
10:29:57.0320 6116 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:29:57.0320 6116 TrustedInstaller - ok
10:29:57.0398 6116 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
10:29:57.0398 6116 tssecsrv - ok
10:29:57.0445 6116 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
10:29:57.0460 6116 TsUsbFlt - ok
10:29:57.0538 6116 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
10:29:57.0538 6116 tunnel - ok
10:29:57.0585 6116 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
10:29:57.0601 6116 uagp35 - ok
10:29:57.0679 6116 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
10:29:57.0694 6116 udfs - ok
10:29:57.0741 6116 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
10:29:57.0757 6116 UI0Detect - ok
10:29:57.0772 6116 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
10:29:57.0772 6116 uliagpkx - ok
10:29:57.0819 6116 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
10:29:57.0819 6116 umbus - ok
10:29:57.0850 6116 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
10:29:57.0850 6116 UmPass - ok
10:29:57.0866 6116 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
10:29:57.0881 6116 upnphost - ok
10:29:57.0944 6116 [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
10:29:57.0944 6116 USBAAPL64 - ok
10:29:58.0006 6116 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
10:29:58.0006 6116 usbccgp - ok
10:29:58.0053 6116 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
10:29:58.0053 6116 usbcir - ok
10:29:58.0084 6116 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
10:29:58.0084 6116 usbehci - ok
10:29:58.0131 6116 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
10:29:58.0147 6116 usbhub - ok
10:29:58.0147 6116 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
10:29:58.0162 6116 usbohci - ok
10:29:58.0193 6116 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
10:29:58.0193 6116 usbprint - ok
10:29:58.0256 6116 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
10:29:58.0256 6116 usbscan - ok
10:29:58.0287 6116 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:29:58.0287 6116 USBSTOR - ok
10:29:58.0318 6116 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
10:29:58.0318 6116 usbuhci - ok
10:29:58.0349 6116 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
10:29:58.0365 6116 usbvideo - ok
10:29:58.0381 6116 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
10:29:58.0381 6116 UxSms - ok
10:29:58.0412 6116 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
10:29:58.0412 6116 VaultSvc - ok
10:29:58.0427 6116 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
10:29:58.0427 6116 vdrvroot - ok
10:29:58.0474 6116 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
10:29:58.0505 6116 vds - ok
10:29:58.0552 6116 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
10:29:58.0552 6116 vga - ok
10:29:58.0583 6116 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
10:29:58.0583 6116 VgaSave - ok
10:29:58.0615 6116 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
10:29:58.0630 6116 vhdmp - ok
10:29:58.0677 6116 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
10:29:58.0677 6116 viaide - ok
10:29:58.0693 6116 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
10:29:58.0708 6116 volmgr - ok
10:29:58.0802 6116 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
10:29:58.0817 6116 volmgrx - ok
10:29:58.0864 6116 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
10:29:58.0880 6116 volsnap - ok
10:29:58.0911 6116 Vsdatant - ok
10:29:58.0942 6116 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
10:29:58.0958 6116 vsmraid - ok
10:29:59.0239 6116 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
10:29:59.0301 6116 VSS - ok
10:29:59.0317 6116 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
10:29:59.0317 6116 vwifibus - ok
10:29:59.0332 6116 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
10:29:59.0332 6116 vwififlt - ok
10:29:59.0395 6116 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
10:29:59.0395 6116 vwifimp - ok
10:29:59.0441 6116 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
10:29:59.0457 6116 W32Time - ok
10:29:59.0473 6116 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
10:29:59.0488 6116 WacomPen - ok
10:29:59.0566 6116 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
10:29:59.0566 6116 WANARP - ok
10:29:59.0566 6116 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
10:29:59.0582 6116 Wanarpv6 - ok
10:29:59.0707 6116 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
10:29:59.0753 6116 WatAdminSvc - ok
10:29:59.0894 6116 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
10:29:59.0956 6116 wbengine - ok
10:30:00.0019 6116 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
10:30:00.0034 6116 WbioSrvc - ok
10:30:00.0081 6116 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
10:30:00.0097 6116 wcncsvc - ok
10:30:00.0112 6116 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:30:00.0112 6116 WcsPlugInService - ok
10:30:00.0143 6116 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
10:30:00.0159 6116 Wd - ok
10:30:00.0190 6116 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
10:30:00.0206 6116 Wdf01000 - ok
10:30:00.0206 6116 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
10:30:00.0221 6116 WdiServiceHost - ok
10:30:00.0221 6116 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
10:30:00.0237 6116 WdiSystemHost - ok
10:30:00.0284 6116 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
10:30:00.0299 6116 WebClient - ok
10:30:00.0331 6116 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
10:30:00.0331 6116 Wecsvc - ok
10:30:00.0362 6116 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
10:30:00.0362 6116 wercplsupport - ok
10:30:00.0393 6116 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
10:30:00.0409 6116 WerSvc - ok
10:30:00.0440 6116 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
10:30:00.0440 6116 WfpLwf - ok
10:30:00.0471 6116 [ 52DED146E4797E6CCF94799E8E22BB2A ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
10:30:00.0471 6116 WimFltr - ok
10:30:00.0518 6116 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
10:30:00.0518 6116 WIMMount - ok
10:30:00.0533 6116 WinDefend - ok
10:30:00.0549 6116 WinHttpAutoProxySvc - ok
10:30:00.0752 6116 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
10:30:00.0752 6116 Winmgmt - ok
10:30:00.0845 6116 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
10:30:00.0923 6116 WinRM - ok
10:30:01.0017 6116 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
10:30:01.0017 6116 WinUsb - ok
10:30:01.0079 6116 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
10:30:01.0095 6116 Wlansvc - ok
10:30:01.0173 6116 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
10:30:01.0189 6116 wlcrasvc - ok
10:30:01.0532 6116 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
10:30:01.0547 6116 wlidsvc - ok
10:30:01.0610 6116 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
10:30:01.0610 6116 WmiAcpi - ok
10:30:01.0657 6116 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
10:30:01.0657 6116 wmiApSrv - ok
10:30:01.0688 6116 WMPNetworkSvc - ok
10:30:01.0719 6116 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
10:30:01.0735 6116 WPCSvc - ok
10:30:01.0781 6116 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
10:30:01.0781 6116 WPDBusEnum - ok
10:30:01.0828 6116 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
10:30:01.0828 6116 ws2ifsl - ok
10:30:01.0859 6116 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
10:30:01.0859 6116 wscsvc - ok
10:30:01.0875 6116 WSearch - ok
10:30:01.0984 6116 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
10:30:02.0047 6116 wuauserv - ok
10:30:02.0109 6116 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
10:30:02.0109 6116 WudfPf - ok
10:30:02.0156 6116 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
10:30:02.0156 6116 WUDFRd - ok
10:30:02.0187 6116 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
10:30:02.0203 6116 wudfsvc - ok
10:30:02.0218 6116 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
10:30:02.0234 6116 WwanSvc - ok
10:30:02.0281 6116 ================ Scan global ===============================
10:30:02.0296 6116 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
10:30:02.0359 6116 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
10:30:02.0374 6116 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
10:30:02.0421 6116 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
10:30:02.0483 6116 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
10:30:02.0499 6116 [Global] - ok
10:30:02.0499 6116 ================ Scan MBR ==================================
10:30:02.0530 6116 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
10:30:04.0761 6116 \Device\Harddisk0\DR0 - ok
10:30:04.0777 6116 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
10:30:10.0112 6116 \Device\Harddisk1\DR1 - ok
10:30:10.0112 6116 ================ Scan VBR ==================================
10:30:10.0143 6116 [ 049675177E684F0E2B7F962792A40211 ] \Device\Harddisk0\DR0\Partition1
10:30:10.0143 6116 \Device\Harddisk0\DR0\Partition1 - ok
10:30:10.0159 6116 [ 9DBDBC64B94D37CD70F8C34D25601406 ] \Device\Harddisk1\DR1\Partition1
10:30:10.0159 6116 \Device\Harddisk1\DR1\Partition1 - ok
10:30:10.0159 6116 ============================================================
10:30:10.0159 6116 Scan finished
10:30:10.0159 6116 ============================================================
10:30:10.0174 6132 Detected object count: 0
10:30:10.0174 6132 Actual detected object count: 0


aswMBR Log

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2012-11-15 10:34:50
-----------------------------
10:34:50.196 OS Version: Windows x64 6.1.7601 Service Pack 1
10:34:50.196 Number of processors: 2 586 0x170A
10:34:50.211 ComputerName: KEVIN-PC UserName: Kevin P
10:34:51.912 Initialize success
10:34:58.713 AVAST engine download error: 0
10:35:02.520 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
10:35:02.535 Disk 0 Vendor: ST950032 0002 Size: 476940MB BusType: 3
10:35:02.535 Disk 0 MBR read successfully
10:35:02.551 Disk 0 MBR scan
10:35:02.551 Disk 0 Windows VISTA default MBR code
10:35:02.567 Disk 0 Partition 1 00 1C Hidd FAT32 LBA MSDOS5.0 14998 MB offset 2048
10:35:02.582 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 461940 MB offset 30717952
10:35:02.660 Disk 0 scanning C:\Windows\system32\drivers
10:35:20.288 Service scanning
10:35:43.610 Modules scanning
10:35:43.610 Disk 0 trace - called modules:
10:35:43.641 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll
10:35:43.657 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004ff1060]
10:35:43.657 3 CLASSPNP.SYS[fffff880013bd43f] -> nt!IofCallDriver -> [0xfffffa8003d2de40]
10:35:43.673 5 ACPI.sys[fffff88000ee67a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004a4a050]
10:35:43.688 Scan finished successfully
10:36:04.483 Disk 0 MBR has been saved successfully to "D:\LOGS\MBR.dat"
10:36:04.514 The log file has been saved successfully to "D:\LOGS\aswMBR.txt"

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:54 AM

Posted 15 November 2012 - 12:50 PM

ESET online scanner could not download. It gave the message "Cannot get update. Is proxy configured?"


Can you try to run it in safemode with networking?

#5 P_lock

P_lock
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:11:54 PM

Posted 15 November 2012 - 12:56 PM

No. When hovering over the network option in the lower right hand corner, it says "Not connected - No connections are available" even though the computer is connected to the LAN through the ethernet cable.

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:54 AM

Posted 15 November 2012 - 12:57 PM

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply

#7 P_lock

P_lock
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:11:54 PM

Posted 15 November 2012 - 01:06 PM

minitoolbox
MiniToolBox by Farbar Version: 10-11-2012 02
Ran by Kevin P (administrator) on 15-11-2012 at 12:01:10
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Network
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

Atheros AR8131 PCI-E Gigabit Ethernet Controller = Local Area Connection (Hardware not present)
Intel® WiFi Link 1000 BGN = Wireless Network Connection (Hardware not present)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : KevinP-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Tunnel adapter Local Area Connection* 17:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: 127.0.0.1

Ping request could not find host google.com. Please check the name and try again.
Server: UnKnown
Address: 127.0.0.1

Ping request could not find host yahoo.com. Please check the name and try again.

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
1...........................Software Loopback Interface 1
53...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
1 306 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 08 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 08 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (11/15/2012 10:36:13 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/15/2012 10:34:32 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/15/2012 10:28:25 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/15/2012 10:28:19 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/13/2012 10:25:21 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1388

Error: (11/13/2012 10:25:21 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1388

Error: (11/13/2012 10:25:21 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/13/2012 10:11:59 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1615188

Error: (11/13/2012 10:11:58 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1615188

Error: (11/13/2012 10:11:58 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (11/15/2012 10:34:39 AM) (Source: DCOM) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (11/15/2012 10:34:39 AM) (Source: DCOM) (User: )
Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (11/15/2012 10:34:33 AM) (Source: DCOM) (User: )
Description: 1084EventSystem{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (11/15/2012 10:34:26 AM) (Source: DCOM) (User: )
Description: 1084ShellHWDetection{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (11/15/2012 10:34:16 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
Avgldx64
Avgmfx64
discache
KL1
KLIF
Lbd
spldr
Vsdatant
Wanarpv6

Error: (11/15/2012 10:34:14 AM) (Source: Service Control Manager) (User: )
Description: The DB2 - DB2COPY1 - DB2 service depends on the Server service which failed to start because of the following error:
%%1068

Error: (11/15/2012 10:34:08 AM) (Source: EventLog) (User: )
Description: The previous system shutdown at 10:32:04 AM on ?11/?15/?2012 was unexpected.

Error: (11/15/2012 10:26:50 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
KL1
KLIF
Lbd
Vsdatant

Error: (11/15/2012 10:26:20 AM) (Source: Service Control Manager) (User: )
Description: The FastBootAgent service failed to start due to the following error:
%%1053

Error: (11/15/2012 10:26:20 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the FastBootAgent service to connect.


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
Date: 2012-08-22 14:18:22.831
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-08-22 14:18:22.710
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-08-22 14:18:22.590
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-08-22 14:18:22.472
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-08-22 14:18:22.353
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-08-22 14:18:22.234
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-08-22 14:18:22.115
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-08-22 14:18:21.997
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-05-22 18:07:31.589
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.

Date: 2012-05-22 17:41:03.137
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.


=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
64 Bit HP CIO Components Installer (Version: 7.2.8)
ACD/Labs Software in C:\ACDFREE12\ (Version: v12.00, FREE)
Adobe AIR (Version: 1.5.3.9130)
Adobe Flash Player 10 ActiveX (Version: 10.0.32.18)
Adobe Flash Player 11 Plugin (Version: 11.4.402.287)
Adobe Reader X (10.1.4) (Version: 10.1.4)
Adobe Shockwave Player 11.6 (Version: 11.6.4.634)
AIM 7
Alcor Micro USB Card Reader (Version: 1.2.17.25001)
Alice Greenfingers
Amazon MP3 Downloader 1.0.10
Android SDK Tools (Version: 0.7)
Apple Application Support (Version: 2.2.2)
Apple Mobile Device Support (Version: 6.0.0.59)
Apple Software Update (Version: 2.1.3.127)
ASUS AI Recovery (Version: 1.0.6)
ASUS AP Bank (Version: 1.0.0.0)
ASUS LifeFrame3 (Version: 3.0.20)
ASUS Live Update (Version: 2.5.8)
ASUS MultiFrame (Version: 1.0.0019)
ASUS Power4Gear Hybrid (Version: 1.1.19)
ASUS SmartLogon (Version: 1.0.0007)
ASUS Splendid Video Enhancement Technology (Version: 1.02.0028)
ASUS Virtual Camera (Version: 1.0.17)
Asus WebStorage (Version: 2.0.31.477)
Asus_ULSeries_ScreenSaver
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (Version: 1.0.0.10)
ATK Generic Function Service (Version: 1.00.0008)
ATK Hotkey (Version: 1.0.0050)
ATK Media (Version: 2.0.0005)
ATKOSD2 (Version: 7.0.0005)
AVG 2012 (Version: 12.0.2221)
AVG 2012 (Version: 12.0.2441)
AVG 2012 (Version: 2012.0.2221)
Bonjour (Version: 3.0.0.10)
BufferChm (Version: 140.0.212.000)
CambridgeSoft Activation Client (Version: 12.0)
CambridgeSoft ChemBioDraw Ultra 12.0 (Version: 12.0)
CambridgeSoft ChemBioOffice Ultra 2010 (Version: 12.0)
CambridgeSoft ChemScript 12.0 (Version: 12.0)
CambridgeSoft Desktop Inventory 12.0 (Version: 12.0)
CambridgeSoft ENotebook 12.0.1 (Version: 12.0.1)
Canvas X (Version: 10.0.0.0885)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
ControlDeck (Version: 1.0.3)
Copy (Version: 140.0.212.000)
Coupon Printer for Windows (Version: 5.0.0.1)
CyberLink LabelPrint (Version: 2.5.1720)
CyberLink Power2Go (Version: 6.1.2713)
D3DX10 (Version: 15.4.2368.0902)
DB2 Express-C - DB2COPY1 (Version: 9.7.200.358)
Destinations (Version: 140.0.77.000)
DeviceDiscovery (Version: 140.0.212.000)
DivX Setup (Version: 2.6.0.34)
DJ_AIO_05_F4400_Software_Min (Version: 140.0.690.000)
Download Updater (AOL LLC)
Dream Day Wedding Married in Manhattan
EndNote X5 (Version: 15.0.0.5478)
ESET Online Scanner v3
ETDWare PS/2-x64 7.0.5.7_WHQL
Express Gate (Version: 1.2.13.14)
F.lux
F4400 (Version: 140.0.696.000)
FileZilla Client 3.4.0 (Version: 3.4.0)
Google Chrome (Version: 23.0.1271.64)
Google Talk Plugin (Version: 3.10.2.10212)
GPBaseService2 (Version: 140.0.211.000)
Gwyddion (Version: 2.29)
Hewlett-Packard ACLM.NET v1.1.0.0 (Version: 1.00.0000)
HP Customer Participation Program 14.0 (Version: 14.0)
HP Deskjet F4400 Printer Driver Software 14.0 Rel. 5 (Version: 14.0)
HP Imaging Device Functions 14.0 (Version: 14.0)
HP Photo Creations (Version: 1.0.0.2024)
HP Product Detection (Version: 11.14.0001)
HP Smart Web Printing 4.60 (Version: 4.60)
HP Solution Center 14.0 (Version: 14.0)
HP Update (Version: 5.003.001.001)
HPDiagnosticAlert (Version: 1.00.0000)
HPPhotoGadget (Version: 140.0.524.000)
HPProductAssistant (Version: 140.0.212.000)
HPSSupply (Version: 140.0.211.000)
iCloud (Version: 1.1.0.40)
ImageJ 1.44p
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.2119)
iTunes (Version: 10.7.0.21)
Java Auto Updater (Version: 2.1.5.1)
Java™ 6 Update 31 (Version: 6.0.310)
Java™ SE Development Kit 6 Update 24 (Version: 1.6.0.240)
Junk Mail filter update (Version: 15.4.3502.0922)
Lexmark 730 Series
Malwarebytes Anti-Malware version 1.65.1.1000 (Version: 1.65.1.1000)
MarketResearch (Version: 140.0.212.000)
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
MestReNova 6.1.1-6384 (Version: 6.1.1-6384)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft IntelliPoint 8.2 (Version: 8.20.468.0)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Live Add-in 1.5 (Version: 2.0.4024.1)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook Connector (Version: 14.0.5118.5000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Search Enhancement Pack (Version: 3.0.133.0)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005
Microsoft SQL Server 2005 (CSSQL05) (Version: 9.4.5000.00)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft SQL Server 2005 Tools (Version: 9.4.5000.00)
Microsoft SQL Server Native Client (Version: 9.00.5000.00)
Microsoft SQL Server Setup Support Files (English) (Version: 9.00.5000.00)
Microsoft SQL Server VSS Writer (Version: 9.00.5000.00)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Works (Version: 9.7.0621)
MobileMe Control Panel (Version: 3.1.8.0)
MotoHelper 2.0.53 Driver 5.2.0 (Version: 2.0.53)
MotoHelper MergeModules (Version: 1.0.0)
MotoHelper MergeModules (Version: 1.2.0)
Motorola Mobile Drivers Installation 5.2.0 (Version: 5.2.0)
Mozilla Firefox 16.0.2 (x86 en-US) (Version: 16.0.2)
Mozilla Maintenance Service (Version: 16.0.2)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
NanoScope Analysis (Version: 1.40)
Nanosurf easyScan 2 (Version: 3.0.0.2)
Octoshape add-in for Adobe Flash Player
Origin8 (Version: 8.00.000)
OriginPro 8 (Version: 8.00.000)
Python 2.5 (Version: 2.5.150)
QuickTime (Version: 7.72.80.56)
Realtek High Definition Audio Driver (Version: 6.0.1.5904)
ResearchSoft Direct Export Helper
Retrospect Client 7.7 (Version: 7.7.114.1)
Rosetta Stone Ltd Services (Version: 3.2.18)
Scan (Version: 140.0.80.000)
SciFinder Scholar 2007
Shared Add-in Support Update for Microsoft .NET Framework 2.0 (KB908002) (Version: 1.0.0)
Shop for HP Supplies (Version: 14.0)
Skypeô 5.10 (Version: 5.10.116)
SmartWebPrinting (Version: 140.0.186.000)
SolutionCenter (Version: 140.0.213.000)
Spotify (Version: 0.8.4.124.ga3559d86)
Spybot - Search & Destroy (Version: 1.6.2)
SpywareBlaster 4.4 (Version: 4.4.0)
SRS Premium Sound Control Panel (Version: 1.07.0100)
STARe Evaluation Software (Version: 10.00.2809)
Status (Version: 140.0.212.000)
swMSM (Version: 12.0.0.1)
Toolbox (Version: 140.0.428.000)
TrayApp (Version: 140.0.212.000)
United MileagePlus Shopping Assistant (Version: 1.0.0.11)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687407) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
USB 2.0 VGA UVC WebCam
VC 9.0 Runtime (Version: 1.0.0)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
Visual C++ 2008 x86 Runtime - (v9.0.30729) (Version: 9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (Version: 9.0.30729.01)
Visual C++ 8.0 Runtime Setup Package (x64) (Version: 9.0.0.623)
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
WebReg (Version: 140.0.212.017)
Windows Driver Package - AOS Technologies AG (HV1351UM) Image (12/03/2009 1.0.0.0) (Version: 12/03/2009 1.0.0.0)
Windows Driver Package - AOS Technologies AG (HV3151UC) Image (12/03/2009 1.0.0.0) (Version: 12/03/2009 1.0.0.0)
Windows Driver Package - eMPIA Technology (USB28xxBGA) Media (12/02/2009 5.2009.1202.0) (Version: 12/02/2009 5.2009.1202.0)
Windows Driver Package - eMPIA Technology Inc, (emAudio) MEDIA (12/02/2009 5.2009.1202.0) (Version: 12/02/2009 5.2009.1202.0)
Windows Driver Package - FTDI CDM Driver Package - Bus/D2XX Driver (03/18/2011 2.08.14) (Version: 03/18/2011 2.08.14)
Windows Driver Package - FTDI CDM Driver Package - VCP Driver (03/18/2011 2.08.14) (Version: 03/18/2011 2.08.14)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Family Safety (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3502.0922)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8050.1202)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WinFlash
WinRAR archiver
Wireless Console 3 (Version: 3.0.10)
ZoneAlarm Free Antivirus + Firewall (Version: 10.2.047.000)
ZoneAlarm LTD Toolbar

========================= Memory info: ===================================

Percentage of memory in use: 18%
Total physical RAM: 4061.05 MB
Available physical RAM: 3303.13 MB
Total Pagefile: 8120.29 MB
Available Pagefile: 7409.93 MB
Total Virtual: 4095.88 MB
Available Virtual: 3967.07 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:451.11 GB) (Free:292.31 GB) NTFS
2 Drive d: () (Removable) (Total:3.86 GB) (Free:3.8 GB) FAT32

========================= Users: ========================================

User accounts for \\KEVIN-PC

Administrator Guest Kevin P
stareusr

========================= Restore Points ==================================

11-10-2012 16:00:49 Windows Update
22-10-2012 15:48:27 Scheduled Checkpoint
23-10-2012 14:47:16 Windows Update
31-10-2012 17:01:14 Scheduled Checkpoint
07-11-2012 19:38:46 Scheduled Checkpoint

**** End of log ****

Farbar service scanner
Farbar Service Scanner Version: 09-11-2012
Ran by Kevin P (administrator) on 15-11-2012 at 12:03:38
Running from "C:\Users\Kevin\Desktop"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Network
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error.
Attempt to access Google.com returned error: Other errors
Attempt to access Yahoo IP returned error.
Attempt to access Yahoo.com returned error: Other errors


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============
SDRSVC Service is not running. Checking service configuration:
The start type of SDRSVC service is OK.
The ImagePath of SDRSVC service is OK.
The ServiceDll of SDRSVC service is OK.

VSS Service is not running. Checking service configuration:
The start type of VSS service is OK.
The ImagePath of VSS service is OK.


System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is OK.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.

BITS Service is not running. Checking service configuration:
The start type of BITS service is OK.
The ImagePath of BITS service is OK.
The ServiceDll of BITS service is OK.

EventSystem Service is not running. Checking service configuration:
The start type of EventSystem service is OK.
The ImagePath of EventSystem service is OK.
The ServiceDll of EventSystem service is OK.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:54 AM

Posted 15 November 2012 - 01:09 PM

Disable zone alarm and let me know if you are able to connect now

#9 P_lock

P_lock
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:11:54 PM

Posted 15 November 2012 - 01:21 PM

I was unable to disable zone alarm, so I uninstalled it for now. I am still unable to connect.

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:54 AM

Posted 15 November 2012 - 01:54 PM

Reinstall your network drivers and see if you're able to connect

If that doesnt work I can see that you were able to connect to internet on 11-10-2012.

Can you try a system restore to that date?

#11 P_lock

P_lock
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:11:54 PM

Posted 15 November 2012 - 02:04 PM

The LAN and and wireless connection were both disabled. Upon enabling both, I can connect to the network again. Should I still go about with installing the drivers again?

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:54 AM

Posted 15 November 2012 - 03:05 PM

Not needed,can you run ESET now?

#13 P_lock

P_lock
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:11:54 PM

Posted 15 November 2012 - 05:38 PM

ESET log

C:\ProgramData\GDHcxpB0CiU4oR.exe a variant of Win32/Kryptik.AOTM trojan cleaned by deleting - quarantined
C:\ProgramData\TBofrUXGjfVX.exe a variant of Win32/Kryptik.AOSC trojan cleaned by deleting - quarantined
C:\Users\Kevin P\AppData\Local\Temp\aolupdate.exe a variant of Win32/Kryptik.AMGG trojan cleaned by deleting - quarantined
C:\Users\Kevin P\AppData\Local\Temp\EF68.tmp a variant of Win32/Kryptik.AMGG trojan cleaned by deleting - quarantined
C:\Users\Kevin P\AppData\Local\Temp\jar_cache3842761796756008575.tmp Java/Exploit.Agent.NCS trojan cleaned by deleting - quarantined
C:\Users\Kevin P\AppData\Local\Temp\R6EPHg6hg34HV4.exe.tmp a variant of Win32/Kryptik.AOSC trojan cleaned by deleting - quarantined
C:\Users\Kevin P\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\QuickStores.lnk Win32/Adware.ADON application cleaned by deleting - quarantined
C:\Users\Kevin P\AppData\Roaming\Microsoft\Windows\Start Menu\QuickStores.lnk Win32/Adware.ADON application cleaned by deleting - quarantined

#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:54 AM

Posted 15 November 2012 - 05:54 PM

Reboot to normal mode

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.

#15 P_lock

P_lock
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:11:54 PM

Posted 15 November 2012 - 09:29 PM

Malwarebytes
Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Database version: v2012.11.15.08

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Kevin Pollack :: KEVINP-PC [administrator]

11/15/2012 4:59:21 PM
mbam-log-2012-11-15 (16-59-21).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 509935
Time elapsed: 2 hour(s), 51 minute(s), 10 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

minitoolbox
MiniToolBox by Farbar Version: 10-11-2012 02
Ran by Kevin P (administrator) on 15-11-2012 at 19:56:35
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

Intel® WiFi Link 1000 BGN = Wireless Network Connection (Connected)
Atheros AR8131 PCI-E Gigabit Ethernet Controller = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : KevinP-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 00-1E-64-24-43-21
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® WiFi Link 1000 BGN
Physical Address. . . . . . . . . : 00-1E-64-24-43-20
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::2c81:d8d:e17c:45cf%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.2(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Thursday, November 15, 2012 7:54:55 PM
Lease Expires . . . . . . . . . . : Friday, November 16, 2012 7:54:54 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 301997668
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-12-83-AB-A8-90-E6-BA-9A-98-9E
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : chem.tamu.edu
Description . . . . . . . . . . . : Atheros AR8131 PCI-E Gigabit Ethernet Controller
Physical Address. . . . . . . . . : 90-E6-BA-9A-98-9E
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{369C41F2-40F2-4F8A-B9FA-060AE01491B9}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.chem.tamu.edu:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 17:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:3887:163a:b53d:65b9(Preferred)
Link-local IPv6 Address . . . . . : fe80::3887:163a:b53d:65b9%53(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{FCA9B47D-EE36-4E5C-96D9-521B5BF8F76B}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: 192.168.1.1

Name: google.com
Addresses: 2607:f8b0:4000:801::1009
74.125.227.130
74.125.227.131
74.125.227.132
74.125.227.133
74.125.227.134
74.125.227.135
74.125.227.136
74.125.227.137
74.125.227.142
74.125.227.128
74.125.227.129


Pinging google.com [74.125.227.132] with 32 bytes of data:
Reply from 74.125.227.132: bytes=32 time=16ms TTL=55
Reply from 74.125.227.132: bytes=32 time=26ms TTL=55

Ping statistics for 74.125.227.132:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 16ms, Maximum = 26ms, Average = 21ms
Server: UnKnown
Address: 192.168.1.1

Name: yahoo.com
Addresses: 98.138.253.109
98.139.183.24
72.30.38.140


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=96ms TTL=50
Reply from 72.30.38.140: bytes=32 time=93ms TTL=50

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 93ms, Maximum = 96ms, Average = 94ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
13...00 1e 64 24 43 21 ......Microsoft Virtual WiFi Miniport Adapter
11...00 1e 64 24 43 20 ......Intel® WiFi Link 1000 BGN
10...90 e6 ba 9a 98 9e ......Atheros AR8131 PCI-E Gigabit Ethernet Controller
1...........................Software Loopback Interface 1
57...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
58...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
53...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
59...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.2 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.2 281
192.168.1.2 255.255.255.255 On-link 192.168.1.2 281
192.168.1.255 255.255.255.255 On-link 192.168.1.2 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.2 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.2 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
53 58 ::/0 On-link
1 306 ::1/128 On-link
53 58 2001::/32 On-link
53 306 2001:0:4137:9e76:3887:163a:b53d:65b9/128
On-link
11 281 fe80::/64 On-link
53 306 fe80::/64 On-link
11 281 fe80::2c81:d8d:e17c:45cf/128
On-link
53 306 fe80::3887:163a:b53d:65b9/128
On-link
1 306 ff00::/8 On-link
53 306 ff00::/8 On-link
11 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 08 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 08 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (11/15/2012 05:07:13 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/15/2012 05:07:07 PM) (Source: Application Error) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.1.7601.17567, time stamp: 0x4d672ee4
Faulting module name: iTunesMiniPlayer.dll, version: 10.7.0.21, time stamp: 0x504d85ec
Exception code: 0xc0000005
Fault offset: 0x00000000000046d5
Faulting process id: 0xc1c
Faulting application start time: 0xExplorer.EXE0
Faulting application path: Explorer.EXE1
Faulting module path: Explorer.EXE2
Report Id: Explorer.EXE3

Error: (11/15/2012 04:57:54 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/15/2012 04:55:50 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: The Cryptographic Services service failed to initialize the VSS backup "System Writer" object.


Details:
Could not query the status of the EventSystem service.

System Error:
A system shutdown is in progress.
.

Error: (11/15/2012 04:46:30 PM) (Source: PerfNet) (User: )
Description:

Error: (11/15/2012 04:38:30 PM) (Source: PerfNet) (User: )
Description:

Error: (11/15/2012 04:32:31 PM) (Source: PerfNet) (User: )
Description:

Error: (11/15/2012 04:30:21 PM) (Source: PerfNet) (User: )
Description:

Error: (11/15/2012 00:19:35 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/15/2012 10:36:13 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============
Error: (11/15/2012 04:58:07 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
KL1
KLIF
Lbd
Vsdatant

Error: (11/15/2012 04:57:31 PM) (Source: Service Control Manager) (User: )
Description: The FastBootAgent service failed to start due to the following error:
%%1053

Error: (11/15/2012 04:57:31 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the FastBootAgent service to connect.

Error: (11/15/2012 04:54:24 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (11/15/2012 04:54:24 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (11/15/2012 04:54:24 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (11/15/2012 04:52:30 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (11/15/2012 04:52:30 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (11/15/2012 04:52:30 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (11/15/2012 04:50:16 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
Date: 2012-08-22 14:18:22.831
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-08-22 14:18:22.710
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-08-22 14:18:22.590
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-08-22 14:18:22.472
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-08-22 14:18:22.353
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-08-22 14:18:22.234
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-08-22 14:18:22.115
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-08-22 14:18:21.997
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-05-22 18:07:31.589
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.

Date: 2012-05-22 17:41:03.137
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.


=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
64 Bit HP CIO Components Installer (Version: 7.2.8)
ACD/Labs Software in C:\ACDFREE12\ (Version: v12.00, FREE)
Adobe AIR (Version: 1.5.3.9130)
Adobe Flash Player 10 ActiveX (Version: 10.0.32.18)
Adobe Flash Player 11 Plugin (Version: 11.4.402.287)
Adobe Reader X (10.1.4) (Version: 10.1.4)
Adobe Shockwave Player 11.6 (Version: 11.6.4.634)
AIM 7
Alcor Micro USB Card Reader (Version: 1.2.17.25001)
Alice Greenfingers
Amazon MP3 Downloader 1.0.10
Android SDK Tools (Version: 0.7)
Apple Application Support (Version: 2.2.2)
Apple Mobile Device Support (Version: 6.0.0.59)
Apple Software Update (Version: 2.1.3.127)
ASUS AI Recovery (Version: 1.0.6)
ASUS AP Bank (Version: 1.0.0.0)
ASUS LifeFrame3 (Version: 3.0.20)
ASUS Live Update (Version: 2.5.8)
ASUS MultiFrame (Version: 1.0.0019)
ASUS Power4Gear Hybrid (Version: 1.1.19)
ASUS SmartLogon (Version: 1.0.0007)
ASUS Splendid Video Enhancement Technology (Version: 1.02.0028)
ASUS Virtual Camera (Version: 1.0.17)
Asus WebStorage (Version: 2.0.31.477)
Asus_ULSeries_ScreenSaver
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (Version: 1.0.0.10)
ATK Generic Function Service (Version: 1.00.0008)
ATK Hotkey (Version: 1.0.0050)
ATK Media (Version: 2.0.0005)
ATKOSD2 (Version: 7.0.0005)
AVG 2012 (Version: 12.0.2221)
AVG 2012 (Version: 12.0.2441)
AVG 2012 (Version: 2012.0.2221)
Bonjour (Version: 3.0.0.10)
BufferChm (Version: 140.0.212.000)
CambridgeSoft Activation Client (Version: 12.0)
CambridgeSoft ChemBioDraw Ultra 12.0 (Version: 12.0)
CambridgeSoft ChemBioOffice Ultra 2010 (Version: 12.0)
CambridgeSoft ChemScript 12.0 (Version: 12.0)
CambridgeSoft Desktop Inventory 12.0 (Version: 12.0)
CambridgeSoft ENotebook 12.0.1 (Version: 12.0.1)
Canvas X (Version: 10.0.0.0885)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
ControlDeck (Version: 1.0.3)
Copy (Version: 140.0.212.000)
Coupon Printer for Windows (Version: 5.0.0.1)
CyberLink LabelPrint (Version: 2.5.1720)
CyberLink Power2Go (Version: 6.1.2713)
D3DX10 (Version: 15.4.2368.0902)
DB2 Express-C - DB2COPY1 (Version: 9.7.200.358)
Destinations (Version: 140.0.77.000)
DeviceDiscovery (Version: 140.0.212.000)
DivX Setup (Version: 2.6.0.34)
DJ_AIO_05_F4400_Software_Min (Version: 140.0.690.000)
Download Updater (AOL LLC)
Dream Day Wedding Married in Manhattan
EndNote X5 (Version: 15.0.0.5478)
ESET Online Scanner v3
ETDWare PS/2-x64 7.0.5.7_WHQL
Express Gate (Version: 1.2.13.14)
F.lux
F4400 (Version: 140.0.696.000)
FileZilla Client 3.4.0 (Version: 3.4.0)
Google Chrome (Version: 23.0.1271.64)
Google Talk Plugin (Version: 3.10.2.10212)
GPBaseService2 (Version: 140.0.211.000)
Gwyddion (Version: 2.29)
Hewlett-Packard ACLM.NET v1.1.0.0 (Version: 1.00.0000)
HP Customer Participation Program 14.0 (Version: 14.0)
HP Deskjet F4400 Printer Driver Software 14.0 Rel. 5 (Version: 14.0)
HP Imaging Device Functions 14.0 (Version: 14.0)
HP Photo Creations (Version: 1.0.0.2024)
HP Product Detection (Version: 11.14.0001)
HP Smart Web Printing 4.60 (Version: 4.60)
HP Solution Center 14.0 (Version: 14.0)
HP Update (Version: 5.003.001.001)
HPDiagnosticAlert (Version: 1.00.0000)
HPPhotoGadget (Version: 140.0.524.000)
HPProductAssistant (Version: 140.0.212.000)
HPSSupply (Version: 140.0.211.000)
iCloud (Version: 1.1.0.40)
ImageJ 1.44p
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.2119)
iTunes (Version: 10.7.0.21)
Java Auto Updater (Version: 2.1.5.1)
Java™ 6 Update 31 (Version: 6.0.310)
Java™ SE Development Kit 6 Update 24 (Version: 1.6.0.240)
Junk Mail filter update (Version: 15.4.3502.0922)
Lexmark 730 Series
Malwarebytes Anti-Malware version 1.65.1.1000 (Version: 1.65.1.1000)
MarketResearch (Version: 140.0.212.000)
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
MestReNova 6.1.1-6384 (Version: 6.1.1-6384)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft IntelliPoint 8.2 (Version: 8.20.468.0)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Live Add-in 1.5 (Version: 2.0.4024.1)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook Connector (Version: 14.0.5118.5000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Search Enhancement Pack (Version: 3.0.133.0)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005
Microsoft SQL Server 2005 (CSSQL05) (Version: 9.4.5000.00)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft SQL Server 2005 Tools (Version: 9.4.5000.00)
Microsoft SQL Server Native Client (Version: 9.00.5000.00)
Microsoft SQL Server Setup Support Files (English) (Version: 9.00.5000.00)
Microsoft SQL Server VSS Writer (Version: 9.00.5000.00)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Works (Version: 9.7.0621)
MobileMe Control Panel (Version: 3.1.8.0)
MotoHelper 2.0.53 Driver 5.2.0 (Version: 2.0.53)
MotoHelper MergeModules (Version: 1.0.0)
MotoHelper MergeModules (Version: 1.2.0)
Motorola Mobile Drivers Installation 5.2.0 (Version: 5.2.0)
Mozilla Firefox 16.0.2 (x86 en-US) (Version: 16.0.2)
Mozilla Maintenance Service (Version: 16.0.2)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
NanoScope Analysis (Version: 1.40)
Nanosurf easyScan 2 (Version: 3.0.0.2)
Octoshape add-in for Adobe Flash Player
Origin8 (Version: 8.00.000)
OriginPro 8 (Version: 8.00.000)
Python 2.5 (Version: 2.5.150)
QuickTime (Version: 7.72.80.56)
Realtek High Definition Audio Driver (Version: 6.0.1.5904)
ResearchSoft Direct Export Helper
Retrospect Client 7.7 (Version: 7.7.114.1)
Rosetta Stone Ltd Services (Version: 3.2.18)
Scan (Version: 140.0.80.000)
SciFinder Scholar 2007
Shared Add-in Support Update for Microsoft .NET Framework 2.0 (KB908002) (Version: 1.0.0)
Shop for HP Supplies (Version: 14.0)
Skype™ 5.10 (Version: 5.10.116)
SmartWebPrinting (Version: 140.0.186.000)
SolutionCenter (Version: 140.0.213.000)
Spotify (Version: 0.8.4.124.ga3559d86)
Spybot - Search & Destroy (Version: 1.6.2)
SpywareBlaster 4.4 (Version: 4.4.0)
SRS Premium Sound Control Panel (Version: 1.07.0100)
STARe Evaluation Software (Version: 10.00.2809)
Status (Version: 140.0.212.000)
swMSM (Version: 12.0.0.1)
Toolbox (Version: 140.0.428.000)
TrayApp (Version: 140.0.212.000)
United MileagePlus Shopping Assistant (Version: 1.0.0.11)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687407) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
USB 2.0 VGA UVC WebCam
VC 9.0 Runtime (Version: 1.0.0)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
Visual C++ 2008 x86 Runtime - (v9.0.30729) (Version: 9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (Version: 9.0.30729.01)
Visual C++ 8.0 Runtime Setup Package (x64) (Version: 9.0.0.623)
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
WebReg (Version: 140.0.212.017)
Windows Driver Package - AOS Technologies AG (HV1351UM) Image (12/03/2009 1.0.0.0) (Version: 12/03/2009 1.0.0.0)
Windows Driver Package - AOS Technologies AG (HV3151UC) Image (12/03/2009 1.0.0.0) (Version: 12/03/2009 1.0.0.0)
Windows Driver Package - eMPIA Technology (USB28xxBGA) Media (12/02/2009 5.2009.1202.0) (Version: 12/02/2009 5.2009.1202.0)
Windows Driver Package - eMPIA Technology Inc, (emAudio) MEDIA (12/02/2009 5.2009.1202.0) (Version: 12/02/2009 5.2009.1202.0)
Windows Driver Package - FTDI CDM Driver Package - Bus/D2XX Driver (03/18/2011 2.08.14) (Version: 03/18/2011 2.08.14)
Windows Driver Package - FTDI CDM Driver Package - VCP Driver (03/18/2011 2.08.14) (Version: 03/18/2011 2.08.14)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Family Safety (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3502.0922)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8050.1202)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WinFlash
WinRAR archiver
Wireless Console 3 (Version: 3.0.10)
ZoneAlarm LTD Toolbar

========================= Memory info: ===================================

Percentage of memory in use: 56%
Total physical RAM: 4061.05 MB
Available physical RAM: 1764.66 MB
Total Pagefile: 8120.29 MB
Available Pagefile: 5567.54 MB
Total Virtual: 4095.88 MB
Available Virtual: 3964.32 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:451.11 GB) (Free:291.99 GB) NTFS

========================= Users: ========================================

User accounts for \\KEVINP-PC

Administrator Guest Kevin Pollack
stareusr

========================= Restore Points ==================================

11-10-2012 16:00:49 Windows Update
22-10-2012 15:48:27 Scheduled Checkpoint
23-10-2012 14:47:16 Windows Update
31-10-2012 17:01:14 Scheduled Checkpoint
07-11-2012 19:38:46 Scheduled Checkpoint

**** End of log ****

Farbar service scanner
Farbar Service Scanner Version: 09-11-2012
Ran by Kevin P (administrator) on 15-11-2012 at 19:59:23
Running from "C:\Users\Kevin P\Desktop"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

adware cleaner
# AdwCleaner v2.007 - Logfile created 11/15/2012 at 20:00:46
# Updated 06/11/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Kevin P - KEVINP-PC
# Boot Mode : Normal
# Running from : C:\Users\Kevin P\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll
File Deleted : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.xpt
File Deleted : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.dll
File Deleted : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.xpt
File Deleted : C:\Users\KEVINP~1\AppData\Local\Temp\Uninstall.exe
File Deleted : C:\Windows\SysWOW64\conduitEngine.tmp
Folder Deleted : C:\Program Files (x86)\Common Files\Software Update Utility
Folder Deleted : C:\Users\Kevin P\AppData\LocalLow\boost_interprocess
Folder Deleted : C:\Users\Kevin P\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Kevin P\AppData\Roaming\Mozilla\Firefox\Profiles\11qs8n0p.default\ConduitCommon

***** [Registry] *****

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\dnu.EXE
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdate
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D0D64E3C-4B40-3020-B26E-0AB9B12B38A9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.conduit.com?SearchSource=10&ctid=CT2645238 --> hxxp://www.google.com

-\\ Mozilla Firefox v16.0.2 (en-US)

Profile name : default
File : C:\Users\Kevin P\AppData\Roaming\Mozilla\Firefox\Profiles\11qs8n0p.default\prefs.js

C:\Users\Kevin P\AppData\Roaming\Mozilla\Firefox\Profiles\11qs8n0p.default\user.js ... Deleted !

Deleted : user_pref("CT2645238..clientLogIsEnabled", true);
Deleted : user_pref("CT2645238..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Deleted : user_pref("CT2645238..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Deleted : user_pref("CT2645238.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Deleted : user_pref("CT2645238.CTID", "CT2645238");
Deleted : user_pref("CT2645238.CurrentServerDate", "16-10-2011");
Deleted : user_pref("CT2645238.DSInstall", true);
Deleted : user_pref("CT2645238.DialogsAlignMode", "LTR");
Deleted : user_pref("CT2645238.DialogsGetterLastCheckTime", "Sun Oct 16 2011 14:59:13 GMT-0500 (Central Daylig[...]
Deleted : user_pref("CT2645238.DownloadReferralCookieData", "");
Deleted : user_pref("CT2645238.EMailNotifierPollDate", "Sun Oct 16 2011 14:59:13 GMT-0500 (Central Daylight Ti[...]
Deleted : user_pref("CT2645238.FirstServerDate", "16-10-2011");
Deleted : user_pref("CT2645238.FirstTime", true);
Deleted : user_pref("CT2645238.FirstTimeFF3", true);
Deleted : user_pref("CT2645238.FixPageNotFoundErrors", true);
Deleted : user_pref("CT2645238.GroupingServerCheckInterval", 1440);
Deleted : user_pref("CT2645238.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Deleted : user_pref("CT2645238.HPInstall", false);
Deleted : user_pref("CT2645238.HasUserGlobalKeys", true);
Deleted : user_pref("CT2645238.HomePageProtectorEnabled", true);
Deleted : user_pref("CT2645238.HomepageBeforeUnload", "hxxp://search.conduit.com/?ctid=CT2645238&SearchSource=[...]
Deleted : user_pref("CT2645238.Initialize", true);
Deleted : user_pref("CT2645238.InitializeCommonPrefs", true);
Deleted : user_pref("CT2645238.InstallationAndCookieDataSentCount", 1);
Deleted : user_pref("CT2645238.InstallationType", "UnknownIntegration");
Deleted : user_pref("CT2645238.InstalledDate", "Sun Oct 16 2011 14:59:13 GMT-0500 (Central Daylight Time)");
Deleted : user_pref("CT2645238.IsGrouping", false);
Deleted : user_pref("CT2645238.IsInitSetupIni", true);
Deleted : user_pref("CT2645238.IsMulticommunity", false);
Deleted : user_pref("CT2645238.IsOpenThankYouPage", false);
Deleted : user_pref("CT2645238.IsOpenUninstallPage", false);
Deleted : user_pref("CT2645238.IsProtectorsInit", true);
Deleted : user_pref("CT2645238.LanguagePackLastCheckTime", "Sun Oct 16 2011 14:59:16 GMT-0500 (Central Dayligh[...]
Deleted : user_pref("CT2645238.LanguagePackReloadIntervalMM", 1440);
Deleted : user_pref("CT2645238.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Deleted : user_pref("CT2645238.LastLogin_3.7.0.6", "Sun Oct 16 2011 14:59:17 GMT-0500 (Central Daylight Time)"[...]
Deleted : user_pref("CT2645238.LatestVersion", "3.7.0.6");
Deleted : user_pref("CT2645238.Locale", "en");
Deleted : user_pref("CT2645238.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT2645238.MCDetectTooltipShow", false);
Deleted : user_pref("CT2645238.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Deleted : user_pref("CT2645238.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT2645238.MyStuffEnabledAtInstallation", true);
Deleted : user_pref("CT2645238.OriginalFirstVersion", "3.7.0.6");
Deleted : user_pref("CT2645238.SavedHomepage", "hxxp://www.msn.com/");
Deleted : user_pref("CT2645238.SearchCaption", "ZoneAlarm Security Customized Web Search");
Deleted : user_pref("CT2645238.SearchEngineBeforeUnload", "ZoneAlarm Security Customized Web Search");
Deleted : user_pref("CT2645238.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT2645238.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT264[...]
Deleted : user_pref("CT2645238.SearchInNewTabEnabled", true);
Deleted : user_pref("CT2645238.SearchInNewTabIntervalMM", 1440);
Deleted : user_pref("CT2645238.SearchInNewTabLastCheckTime", "Sun Oct 16 2011 14:59:17 GMT-0500 (Central Dayli[...]
Deleted : user_pref("CT2645238.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Deleted : user_pref("CT2645238.SearchInNewTabUsageUrl", "hxxp://usage.hosting.toolbar.conduit-services.com/usa[...]
Deleted : user_pref("CT2645238.SearchInNewTabUserEnabled", false);
Deleted : user_pref("CT2645238.SearchProtectorEnabled", true);
Deleted : user_pref("CT2645238.SearchProtectorToolbarDisabled", false);
Deleted : user_pref("CT2645238.SendProtectorDataViaLogin", true);
Deleted : user_pref("CT2645238.ServiceMapLastCheckTime", "Sun Oct 16 2011 14:59:09 GMT-0500 (Central Daylight [...]
Deleted : user_pref("CT2645238.SettingsLastCheckTime", "Sun Oct 16 2011 14:59:11 GMT-0500 (Central Daylight Ti[...]
Deleted : user_pref("CT2645238.SettingsLastUpdate", "1314606769");
Deleted : user_pref("CT2645238.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT2645238&SearchSource=13");
Deleted : user_pref("CT2645238.ThirdPartyComponentsInterval", 504);
Deleted : user_pref("CT2645238.ThirdPartyComponentsLastCheck", "Sun Oct 16 2011 14:59:09 GMT-0500 (Central Day[...]
Deleted : user_pref("CT2645238.ThirdPartyComponentsLastUpdate", "1312887586");
Deleted : user_pref("CT2645238.ToolbarShrinkedFromSetup", false);
Deleted : user_pref("CT2645238.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2645238");
Deleted : user_pref("CT2645238.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Deleted : user_pref("CT2645238.UserID", "UN11648090373164366");
Deleted : user_pref("CT2645238.alertChannelId", "1037922");
Deleted : user_pref("CT2645238.approveUntrustedApps", false);
Deleted : user_pref("CT2645238.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Deleted : user_pref("CT2645238.globalFirstTimeInfoLastCheckTime", "Sun Oct 16 2011 14:59:12 GMT-0500 (Central [...]
Deleted : user_pref("CT2645238.homepageProtectorEnableByLogin", true);
Deleted : user_pref("CT2645238.initDone", true);
Deleted : user_pref("CT2645238.isAppTrackingManagerOn", true);
Deleted : user_pref("CT2645238.myStuffEnabled", true);
Deleted : user_pref("CT2645238.myStuffPublihserMinWidth", 400);
Deleted : user_pref("CT2645238.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Deleted : user_pref("CT2645238.myStuffServiceIntervalMM", 1440);
Deleted : user_pref("CT2645238.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Deleted : user_pref("CT2645238.revertSettingsEnabled", false);
Deleted : user_pref("CT2645238.searchProtectorDialogDelayInSec", 10);
Deleted : user_pref("CT2645238.searchProtectorEnableByLogin", true);
Deleted : user_pref("CT2645238.testingCtid", "");
Deleted : user_pref("CT2645238.toolbarAppMetaDataLastCheckTime", "Sun Oct 16 2011 14:59:12 GMT-0500 (Central D[...]
Deleted : user_pref("CT2645238.toolbarContextMenuLastCheckTime", "Sun Oct 16 2011 14:59:17 GMT-0500 (Central D[...]
Deleted : user_pref("CT2645238.usagesFlag", 1);
Deleted : user_pref("CommunityToolbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT2645238&Search[...]
Deleted : user_pref("CommunityToolbar.ConduitSearchList", "ZoneAlarm Security Customized Web Search");
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1037922/1033633/US", "\"0\"[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2645238", [...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.7.[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2645238",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT2645238&octid=[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/38/264/CT2645238/Images/6340849608501725[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"634[...]
Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Kevin Pollack\\AppData\\Roaming\\Mo[...]
Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.7.0.6");
Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "");
Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT2645238");
Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT2645238");
Deleted : user_pref("CommunityToolbar.ToolbarsList4", "CT2645238");
Deleted : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Sun Oct 16 2011 14:59:17 GMT-0500 (Cen[...]
Deleted : user_pref("CommunityToolbar.globalUserId", "a90db6d5-f1b4-48fb-9b4e-12a1f844dfd3");
Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2645238");
Deleted : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Sun Oct 16 2011 14:59:1[...]
Deleted : user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);
Deleted : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Sun Oct 16 2011 15:59:23 GMT-050[...]
Deleted : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.locale", "en");
Deleted : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Deleted : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Sun Oct 16 2011 14:59:11 GMT-0500 (C[...]
Deleted : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Deleted : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Deleted : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Deleted : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Deleted : user_pref("CommunityToolbar.notifications.userId", "12a1f592-a1a1-4219-a07d-dd701f4fe5ec");
Deleted : user_pref("CommunityToolbar.originalHomepage", "hxxp://www.msn.com/");
Deleted : user_pref("CommunityToolbar.originalSearchEngine", "chrome://browser-region/locale/region.properties[...]
Deleted : user_pref("browser.search.defaultthis.engineName", "ZoneAlarm Security Customized Web Search");
Deleted : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2645238&Sea[...]
Deleted : user_pref("extensions.vshareus@toolbar.update.enabled", false);

-\\ Google Chrome v23.0.1271.64

File : C:\Users\Kevin P\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [14973 octets] - [15/11/2012 20:00:46]

########## EOF - C:\AdwCleaner[S1].txt - [15034 octets] ##########

JRT
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 3.1.1 (11.15.2012)
OS: Windows 7 Home Premium x64
Ran by Kevin P on Thu 11/15/2012 at 20:10:00.28
Blog: http://thisisudax.blogspot.com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Program Files (x86)\coupons"



~~~ FireFox

Successfully deleted: [Folder] C:\Users\Kevin P\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
Successfully deleted: [npCouponPrinter.dll] from [FF plugins]
Successfully deleted: [npMozCouponPrinter.dll] from [FF plugins]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 11/15/2012 at 20:22:18.26
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users