Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Google Redirect and Unable to Start Security Center


  • Please log in to reply
6 replies to this topic

#1 dav43

dav43

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:06:30 PM

Posted 04 January 2013 - 10:02 AM

Dear Bleeping Computer,

I've been having problems with an intermittent Google redirect virus for a week now. Tried everything under the sun and cannot fix the problem.
The virus has turned off Security Center. When I try to restart Security Center in services.msc the service starts and then immediately disables.
Repeatedly attempting to restart Security Center eventually leads to an error with the code 1058.

Programs used:

McAfee scan (nothing)
Spybot S+D (nothing)
TDSS Killer (nothing))
SpyHunter (nothing)
Microsoft Security Essentials (appears then disappears in normal mode, found nothing in Safe Mode)
ESET online scanner (nothing)
aswMBR (nothing)

Here's my Farbar log:

Farbar Service Scanner Version: 23-12-2012
Ran by David (administrator) on 12-01-2013 at 14:31:57
Running from "C:\Users\David\Downloads"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is set to Disabled. The default start type is Auto.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Disabled. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

Any help would be much appreciated.

Regards, dav43

BC AdBot (Login to Remove)

 


#2 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:06:30 PM

Posted 04 January 2013 - 11:30 AM

Hello,

I will be helping you with your problems. Please be patient while I assist you.

Some points for you to keep in mind while I am helping you to make things go easier and faster for both of us

  • Please do NOT run, install or uninstall any programs, unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.

NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.

----------------------------------------------

Please do the following:

:step1:

Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!
  • Double-click on TDSSKiller.exe on your desktop to run the tool for known TDSS variants.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click on change parameters
  • Under Objects to scan, check the boxes next to Verify file digital signatures, Detect TDLFS file system, then click OK.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not an option, Skip instead, do NOT choose Delete or Quarantine unless instructed.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the full contents of that file in your next reply. - If the log is too long, then split it into multiple posts.


:step2:

Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the full contents of that document.


:step3:

Please download Farbar Service Scanner and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press Scan.
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the full contents of the log in your next reply.


:step4:

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices (Only Problems)
  • List Users, Partitions and Memory size.
  • List Minidump Files
  • List Restore points
NOTE: When using "Reset FF Proxy Settings" option Firefox should be closed.

Click Go and post the full contents of the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#3 dav43

dav43
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:06:30 PM

Posted 04 January 2013 - 12:31 PM

Thank you for your prompt reply.

Here is my TDSS log. I did not delete the 4 files found because they appear to be associated with my HP printer.



17:09:33.0495 9916 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
17:09:33.0717 9916 ============================================================
17:09:33.0717 9916 Current date / time: 2013/01/12 17:09:33.0717
17:09:33.0717 9916 SystemInfo:
17:09:33.0717 9916
17:09:33.0717 9916 OS Version: 6.1.7601 ServicePack: 1.0
17:09:33.0717 9916 Product type: Workstation
17:09:33.0718 9916 ComputerName: MINNOW
17:09:33.0718 9916 UserName: David
17:09:33.0718 9916 Windows directory: C:\Windows
17:09:33.0718 9916 System windows directory: C:\Windows
17:09:33.0718 9916 Running under WOW64
17:09:33.0718 9916 Processor architecture: Intel x64
17:09:33.0718 9916 Number of processors: 8
17:09:33.0718 9916 Page size: 0x1000
17:09:33.0718 9916 Boot type: Normal boot
17:09:33.0718 9916 ============================================================
17:09:34.0446 9916 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:09:34.0451 9916 Drive \Device\Harddisk1\DR1 - Size: 0xE6A49000 (3.60 Gb), SectorSize: 0x200, Cylinders: 0x1D6, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
17:09:34.0453 9916 ============================================================
17:09:34.0454 9916 \Device\Harddisk0\DR0:
17:09:34.0454 9916 MBR partitions:
17:09:34.0454 9916 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x279F000
17:09:34.0454 9916 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x27B3000, BlocksNum 0x6F753000
17:09:34.0486 9916 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x6, StartLBA 0x71F06800, BlocksNum 0x27FF800
17:09:34.0486 9916 \Device\Harddisk1\DR1:
17:09:34.0486 9916 MBR partitions:
17:09:34.0486 9916 \Device\Harddisk1\DR1\Partition1: MBR, Type 0xB, StartLBA 0x3F, BlocksNum 0x734B41
17:09:34.0486 9916 ============================================================
17:09:34.0521 9916 C: <-> \Device\Harddisk0\DR0\Partition2
17:09:34.0550 9916 ============================================================
17:09:34.0551 9916 Initialize success
17:09:34.0551 9916 ============================================================
17:10:15.0827 7604 ============================================================
17:10:15.0827 7604 Scan started
17:10:15.0827 7604 Mode: Manual; SigCheck; TDLFS;
17:10:15.0827 7604 ============================================================
17:10:16.0143 7604 ================ Scan system memory ========================
17:10:16.0144 7604 System memory - ok
17:10:16.0144 7604 ================ Scan services =============================
17:10:16.0481 7604 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
17:10:16.0612 7604 1394ohci - ok
17:10:16.0626 7604 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
17:10:16.0640 7604 ACPI - ok
17:10:16.0651 7604 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
17:10:16.0664 7604 AcpiPmi - ok
17:10:16.0746 7604 [ 62B7936F9036DD6ED36E6A7EFA805DC0 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:10:16.0766 7604 AdobeARMservice - ok
17:10:16.0794 7604 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
17:10:16.0811 7604 adp94xx - ok
17:10:16.0835 7604 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
17:10:16.0849 7604 adpahci - ok
17:10:16.0861 7604 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
17:10:16.0872 7604 adpu320 - ok
17:10:16.0895 7604 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:10:16.0922 7604 AeLookupSvc - ok
17:10:16.0958 7604 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
17:10:16.0972 7604 AFD - ok
17:10:16.0991 7604 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
17:10:17.0001 7604 agp440 - ok
17:10:17.0035 7604 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
17:10:17.0065 7604 ALG - ok
17:10:17.0081 7604 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
17:10:17.0090 7604 aliide - ok
17:10:17.0118 7604 [ 2AED9A422EA1574C7D7EF9359A417718 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
17:10:17.0184 7604 AMD External Events Utility - ok
17:10:17.0203 7604 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
17:10:17.0212 7604 amdide - ok
17:10:17.0229 7604 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
17:10:17.0240 7604 AmdK8 - ok
17:10:17.0449 7604 [ BFA5E854959D5546D8834CA61F4AD075 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
17:10:17.0676 7604 amdkmdag - ok
17:10:17.0697 7604 [ 92D664FFFCD9E742FB25254F7F458D88 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
17:10:17.0716 7604 amdkmdap - ok
17:10:17.0729 7604 [ 554FB0F28C411FB1EAFD4EA46A8CAAA4 ] amdkmpfd C:\Windows\system32\DRIVERS\amdkmpfd.sys
17:10:17.0754 7604 amdkmpfd - ok
17:10:17.0781 7604 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
17:10:17.0806 7604 AmdPPM - ok
17:10:17.0819 7604 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
17:10:17.0841 7604 amdsata - ok
17:10:17.0860 7604 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
17:10:17.0871 7604 amdsbs - ok
17:10:17.0887 7604 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
17:10:17.0897 7604 amdxata - ok
17:10:17.0920 7604 [ 449D90F1FB6402773C2F1ECCEAE15F74 ] AMPPAL C:\Windows\system32\DRIVERS\AMPPAL.sys
17:10:17.0932 7604 AMPPAL - ok
17:10:17.0938 7604 [ 449D90F1FB6402773C2F1ECCEAE15F74 ] AMPPALP C:\Windows\system32\DRIVERS\amppal.sys
17:10:17.0960 7604 AMPPALP - ok
17:10:18.0043 7604 [ AB6E5B9333101E414D8F04BC570064F1 ] AMPPALR3 C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
17:10:18.0066 7604 AMPPALR3 - ok
17:10:18.0094 7604 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
17:10:18.0129 7604 AppID - ok
17:10:18.0163 7604 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
17:10:18.0222 7604 AppIDSvc - ok
17:10:18.0243 7604 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
17:10:18.0269 7604 Appinfo - ok
17:10:18.0328 7604 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:10:18.0342 7604 Apple Mobile Device - ok
17:10:18.0359 7604 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
17:10:18.0369 7604 arc - ok
17:10:18.0397 7604 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
17:10:18.0418 7604 arcsas - ok
17:10:18.0506 7604 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
17:10:18.0525 7604 aspnet_state - ok
17:10:18.0548 7604 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:10:18.0593 7604 AsyncMac - ok
17:10:18.0621 7604 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
17:10:18.0637 7604 atapi - ok
17:10:18.0679 7604 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:10:18.0753 7604 AudioEndpointBuilder - ok
17:10:18.0765 7604 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
17:10:18.0795 7604 AudioSrv - ok
17:10:18.0815 7604 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
17:10:18.0830 7604 AxInstSV - ok
17:10:18.0864 7604 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
17:10:18.0895 7604 b06bdrv - ok
17:10:18.0918 7604 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
17:10:18.0950 7604 b57nd60a - ok
17:10:18.0986 7604 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
17:10:19.0010 7604 BDESVC - ok
17:10:19.0026 7604 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
17:10:19.0051 7604 Beep - ok
17:10:19.0085 7604 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
17:10:19.0115 7604 BFE - ok
17:10:19.0154 7604 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
17:10:19.0236 7604 BITS - ok
17:10:19.0254 7604 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
17:10:19.0265 7604 blbdrive - ok
17:10:19.0352 7604 [ A52EA1D8C2900055323C93DDB252A3DA ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
17:10:19.0388 7604 Bluetooth Device Monitor - ok
17:10:19.0422 7604 [ 091210450CA7CED08F360D9D7FEC5D11 ] Bluetooth Media Service C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
17:10:19.0444 7604 Bluetooth Media Service - ok
17:10:19.0464 7604 [ 392450754E17FF778CBC5B9D20583AD1 ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
17:10:19.0483 7604 Bluetooth OBEX Service - ok
17:10:19.0518 7604 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
17:10:19.0540 7604 Bonjour Service - ok
17:10:19.0561 7604 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:10:19.0572 7604 bowser - ok
17:10:19.0588 7604 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
17:10:19.0601 7604 BrFiltLo - ok
17:10:19.0613 7604 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
17:10:19.0626 7604 BrFiltUp - ok
17:10:19.0648 7604 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
17:10:19.0690 7604 BridgeMP - ok
17:10:19.0722 7604 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
17:10:19.0762 7604 Browser - ok
17:10:19.0790 7604 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
17:10:19.0827 7604 Brserid - ok
17:10:19.0861 7604 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
17:10:19.0890 7604 BrSerWdm - ok
17:10:19.0899 7604 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
17:10:19.0919 7604 BrUsbMdm - ok
17:10:19.0923 7604 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
17:10:19.0941 7604 BrUsbSer - ok
17:10:19.0960 7604 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
17:10:19.0992 7604 BthEnum - ok
17:10:20.0017 7604 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
17:10:20.0046 7604 BTHMODEM - ok
17:10:20.0075 7604 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
17:10:20.0100 7604 BthPan - ok
17:10:20.0133 7604 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
17:10:20.0171 7604 BTHPORT - ok
17:10:20.0203 7604 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
17:10:20.0230 7604 bthserv - ok
17:10:20.0248 7604 [ 588762F716C2B7A2054AFBC3D58E5C21 ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
17:10:20.0257 7604 BTHSSecurityMgr - ok
17:10:20.0289 7604 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
17:10:20.0300 7604 BTHUSB - ok
17:10:20.0325 7604 [ 988CC6CC49303665D3B2435C51505C3F ] btmaux C:\Windows\system32\DRIVERS\btmaux.sys
17:10:20.0351 7604 btmaux - ok
17:10:20.0379 7604 [ 2B4B508AFAC2A563931AF1FE875A5B16 ] btmhsf C:\Windows\system32\DRIVERS\btmhsf.sys
17:10:20.0428 7604 btmhsf - ok
17:10:20.0431 7604 catchme - ok
17:10:20.0444 7604 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:10:20.0481 7604 cdfs - ok
17:10:20.0503 7604 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
17:10:20.0534 7604 cdrom - ok
17:10:20.0559 7604 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
17:10:20.0585 7604 CertPropSvc - ok
17:10:20.0621 7604 [ DF8D07059E7237E0BE9C1421EF5F9482 ] cfwids C:\Windows\system32\drivers\cfwids.sys
17:10:20.0633 7604 cfwids - ok
17:10:20.0643 7604 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
17:10:20.0666 7604 circlass - ok
17:10:20.0689 7604 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
17:10:20.0719 7604 CLFS - ok
17:10:20.0778 7604 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:10:20.0798 7604 clr_optimization_v2.0.50727_32 - ok
17:10:20.0832 7604 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:10:20.0842 7604 clr_optimization_v2.0.50727_64 - ok
17:10:20.0887 7604 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:10:20.0907 7604 clr_optimization_v4.0.30319_32 - ok
17:10:20.0922 7604 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:10:20.0931 7604 clr_optimization_v4.0.30319_64 - ok
17:10:20.0961 7604 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
17:10:20.0981 7604 CmBatt - ok
17:10:20.0999 7604 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
17:10:21.0009 7604 cmdide - ok
17:10:21.0035 7604 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
17:10:21.0106 7604 CNG - ok
17:10:21.0163 7604 [ 97238AC8006C14EAF80E374D3B81C2B3 ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys
17:10:21.0220 7604 CnxtHdAudService - ok
17:10:21.0249 7604 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
17:10:21.0258 7604 Compbatt - ok
17:10:21.0267 7604 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
17:10:21.0298 7604 CompositeBus - ok
17:10:21.0303 7604 COMSysApp - ok
17:10:21.0375 7604 [ B2EAE4CD1E2F338101D9D4AF39F3D4F3 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
17:10:21.0424 7604 cphs - ok
17:10:21.0455 7604 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
17:10:21.0476 7604 crcdisk - ok
17:10:21.0519 7604 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:10:21.0531 7604 CryptSvc - ok
17:10:21.0561 7604 [ DF214BFF646880D0EB31BDC86136B29B ] CtClsFlt C:\Windows\system32\DRIVERS\CtClsFlt.sys
17:10:21.0595 7604 CtClsFlt - ok
17:10:21.0650 7604 [ 9A59DF2CA690019FEA3B265D5A7EB619 ] CxUtilSvc C:\Program Files\Conexant\SA3\CxUtilSvc.exe
17:10:21.0663 7604 CxUtilSvc - ok
17:10:21.0705 7604 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
17:10:21.0740 7604 DcomLaunch - ok
17:10:21.0770 7604 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
17:10:21.0816 7604 defragsvc - ok
17:10:21.0827 7604 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:10:21.0854 7604 DfsC - ok
17:10:21.0868 7604 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
17:10:21.0881 7604 Dhcp - ok
17:10:21.0903 7604 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
17:10:21.0959 7604 discache - ok
17:10:21.0974 7604 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
17:10:21.0984 7604 Disk - ok
17:10:22.0017 7604 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:10:22.0056 7604 Dnscache - ok
17:10:22.0094 7604 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
17:10:22.0123 7604 dot3svc - ok
17:10:22.0148 7604 [ B42ED0320C6E41102FDE0005154849BB ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
17:10:22.0162 7604 Dot4 - ok
17:10:22.0179 7604 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
17:10:22.0191 7604 Dot4Print - ok
17:10:22.0203 7604 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
17:10:22.0216 7604 dot4usb - ok
17:10:22.0232 7604 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
17:10:22.0259 7604 DPS - ok
17:10:22.0291 7604 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:10:22.0314 7604 drmkaud - ok
17:10:22.0361 7604 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:10:22.0410 7604 DXGKrnl - ok
17:10:22.0436 7604 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
17:10:22.0479 7604 EapHost - ok
17:10:22.0557 7604 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
17:10:22.0657 7604 ebdrv - ok
17:10:22.0691 7604 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
17:10:22.0727 7604 EFS - ok
17:10:22.0780 7604 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:10:22.0847 7604 ehRecvr - ok
17:10:22.0865 7604 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
17:10:22.0877 7604 ehSched - ok
17:10:22.0908 7604 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
17:10:22.0947 7604 elxstor - ok
17:10:22.0969 7604 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
17:10:22.0989 7604 ErrDev - ok
17:10:23.0039 7604 esgiguard - ok
17:10:23.0081 7604 [ 9F819F324CC4141FAFD5F44B0EAFB1C2 ] ETD C:\Windows\system32\DRIVERS\ETD.sys
17:10:23.0099 7604 ETD - ok
17:10:23.0139 7604 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
17:10:23.0169 7604 EventSystem - ok
17:10:23.0226 7604 [ 64D25284A4E9D11CA0722AF3F30FD970 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
17:10:23.0267 7604 EvtEng - ok
17:10:23.0292 7604 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
17:10:23.0337 7604 exfat - ok
17:10:23.0361 7604 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:10:23.0389 7604 fastfat - ok
17:10:23.0421 7604 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
17:10:23.0458 7604 Fax - ok
17:10:23.0472 7604 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
17:10:23.0505 7604 fdc - ok
17:10:23.0534 7604 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
17:10:23.0585 7604 fdPHost - ok
17:10:23.0597 7604 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
17:10:23.0641 7604 FDResPub - ok
17:10:23.0674 7604 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:10:23.0684 7604 FileInfo - ok
17:10:23.0703 7604 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:10:23.0730 7604 Filetrace - ok
17:10:23.0746 7604 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
17:10:23.0756 7604 flpydisk - ok
17:10:23.0779 7604 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:10:23.0792 7604 FltMgr - ok
17:10:23.0823 7604 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
17:10:23.0891 7604 FontCache - ok
17:10:23.0943 7604 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:10:23.0961 7604 FontCache3.0.0.0 - ok
17:10:23.0988 7604 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
17:10:24.0010 7604 FsDepends - ok
17:10:24.0042 7604 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:10:24.0052 7604 Fs_Rec - ok
17:10:24.0067 7604 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
17:10:24.0080 7604 fvevol - ok
17:10:24.0093 7604 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
17:10:24.0102 7604 gagp30kx - ok
17:10:24.0130 7604 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
17:10:24.0138 7604 GEARAspiWDM - ok
17:10:24.0170 7604 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
17:10:24.0241 7604 gpsvc - ok
17:10:24.0332 7604 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:10:24.0352 7604 gupdate - ok
17:10:24.0365 7604 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:10:24.0382 7604 gupdatem - ok
17:10:24.0409 7604 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
17:10:24.0437 7604 hcw85cir - ok
17:10:24.0482 7604 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:10:24.0499 7604 HdAudAddService - ok
17:10:24.0516 7604 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
17:10:24.0530 7604 HDAudBus - ok
17:10:24.0540 7604 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
17:10:24.0551 7604 HidBatt - ok
17:10:24.0568 7604 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
17:10:24.0594 7604 HidBth - ok
17:10:24.0641 7604 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
17:10:24.0669 7604 HidIr - ok
17:10:24.0701 7604 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
17:10:24.0736 7604 hidserv - ok
17:10:24.0750 7604 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
17:10:24.0760 7604 HidUsb - ok
17:10:24.0787 7604 [ A894FB2CAE6A29F5D9C8EDA47B074623 ] HipShieldK C:\Windows\system32\drivers\HipShieldK.sys
17:10:24.0798 7604 HipShieldK - ok
17:10:24.0832 7604 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
17:10:24.0876 7604 hkmsvc - ok
17:10:24.0891 7604 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:10:24.0905 7604 HomeGroupListener - ok
17:10:24.0933 7604 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:10:24.0946 7604 HomeGroupProvider - ok
17:10:25.0044 7604 [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
17:10:25.0065 7604 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
17:10:25.0065 7604 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
17:10:25.0110 7604 [ 99E8EEF42FE2F4AF29B08C3355DD7685 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
17:10:25.0132 7604 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
17:10:25.0132 7604 hpqddsvc - detected UnsignedFile.Multi.Generic (1)
17:10:25.0153 7604 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
17:10:25.0163 7604 HpSAMD - ok
17:10:25.0236 7604 HPSLPSVC - ok
17:10:25.0267 7604 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:10:25.0355 7604 HTTP - ok
17:10:25.0381 7604 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
17:10:25.0390 7604 hwpolicy - ok
17:10:25.0411 7604 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
17:10:25.0423 7604 i8042prt - ok
17:10:25.0450 7604 [ C224331A54571C8C9162F7714400BBBD ] iaStor C:\Windows\system32\drivers\iaStor.sys
17:10:25.0464 7604 iaStor - ok
17:10:25.0576 7604 [ 7D4B9A48430ED57ACA6373B71D5904CA ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
17:10:25.0593 7604 IAStorDataMgrSvc - ok
17:10:25.0648 7604 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
17:10:25.0677 7604 iaStorV - ok
17:10:25.0700 7604 [ 60CC7AE9AEDB4D1E7923BD053B176D97 ] ibtfltcoex C:\Windows\system32\DRIVERS\iBtFltCoex.sys
17:10:25.0725 7604 ibtfltcoex - ok
17:10:25.0788 7604 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:10:25.0832 7604 idsvc - ok
17:10:25.0863 7604 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
17:10:25.0873 7604 iirsp - ok
17:10:25.0909 7604 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
17:10:25.0985 7604 IKEEXT - ok
17:10:26.0022 7604 [ CADDF0927DAC63EDAE48F5C35A61D87D ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
17:10:26.0032 7604 intaud_WaveExtensible - ok
17:10:26.0060 7604 [ 6C9FFFECA9FED31347D211C5D1FFBD2D ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
17:10:26.0085 7604 IntcDAud - ok
17:10:26.0128 7604 [ 7C76466F4E0F76CE259C6005D161E9E8 ] Intel® Capability Licensing Service Interface c:\Program Files\Intel\iCLS Client\HeciServer.exe
17:10:26.0163 7604 Intel® Capability Licensing Service Interface - ok
17:10:26.0194 7604 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
17:10:26.0203 7604 intelide - ok
17:10:26.0788 7604 [ 11BA677667432A99CA261A472A2C29B8 ] intelkmd C:\Windows\system32\DRIVERS\igdpmd64.sys
17:10:27.0074 7604 intelkmd - ok
17:10:27.0103 7604 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
17:10:27.0114 7604 intelppm - ok
17:10:27.0149 7604 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:10:27.0191 7604 IPBusEnum - ok
17:10:27.0213 7604 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:10:27.0240 7604 IpFilterDriver - ok
17:10:27.0278 7604 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
17:10:27.0303 7604 iphlpsvc - ok
17:10:27.0332 7604 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
17:10:27.0344 7604 IPMIDRV - ok
17:10:27.0356 7604 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
17:10:27.0383 7604 IPNAT - ok
17:10:27.0419 7604 [ 0F261EC4F514926177C70C1832374231 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
17:10:27.0433 7604 iPod Service - ok
17:10:27.0449 7604 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:10:27.0463 7604 IRENUM - ok
17:10:27.0477 7604 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
17:10:27.0486 7604 isapnp - ok
17:10:27.0521 7604 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
17:10:27.0534 7604 iScsiPrt - ok
17:10:27.0551 7604 [ 6BCEF45131C8B8E1C558BE540B190B3C ] iusb3hcs C:\Windows\system32\drivers\iusb3hcs.sys
17:10:27.0561 7604 iusb3hcs - ok
17:10:27.0581 7604 [ F080EADA8715F811B58BD35BB774F2F9 ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys
17:10:27.0595 7604 iusb3hub - ok
17:10:27.0619 7604 [ 0F1756D9396740F053221FA6260FCE66 ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys
17:10:27.0654 7604 iusb3xhc - ok
17:10:27.0677 7604 [ 716F66336F10885D935B08174DC54242 ] iwdbus C:\Windows\system32\DRIVERS\iwdbus.sys
17:10:27.0686 7604 iwdbus - ok
17:10:27.0715 7604 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
17:10:27.0725 7604 kbdclass - ok
17:10:27.0746 7604 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
17:10:27.0758 7604 kbdhid - ok
17:10:27.0779 7604 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
17:10:27.0790 7604 KeyIso - ok
17:10:27.0816 7604 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:10:27.0827 7604 KSecDD - ok
17:10:27.0854 7604 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
17:10:27.0865 7604 KSecPkg - ok
17:10:27.0892 7604 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
17:10:27.0930 7604 ksthunk - ok
17:10:27.0971 7604 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
17:10:28.0045 7604 KtmRm - ok
17:10:28.0085 7604 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
17:10:28.0142 7604 LanmanServer - ok
17:10:28.0162 7604 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:10:28.0206 7604 LanmanWorkstation - ok
17:10:28.0232 7604 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:10:28.0260 7604 lltdio - ok
17:10:28.0303 7604 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:10:28.0334 7604 lltdsvc - ok
17:10:28.0355 7604 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
17:10:28.0382 7604 lmhosts - ok
17:10:28.0423 7604 [ 5C08357C65F658E29B5DDC2EF18D575C ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
17:10:28.0434 7604 LMS - ok
17:10:28.0487 7604 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
17:10:28.0501 7604 LSI_FC - ok
17:10:28.0527 7604 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
17:10:28.0537 7604 LSI_SAS - ok
17:10:28.0556 7604 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
17:10:28.0566 7604 LSI_SAS2 - ok
17:10:28.0585 7604 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
17:10:28.0595 7604 LSI_SCSI - ok
17:10:28.0613 7604 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
17:10:28.0641 7604 luafv - ok
17:10:28.0700 7604 [ 9504F1DDA1B67FB8D526FD4F8CC882F3 ] McAWFwk c:\PROGRA~1\mcafee\msc\mcawfwk.exe
17:10:28.0725 7604 McAWFwk - ok
17:10:28.0809 7604 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McMPFSvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
17:10:28.0833 7604 McMPFSvc - ok
17:10:28.0852 7604 [ F928E5E72BBA15DD0CE9A26E0413D236 ] mcmscsvc C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
17:10:28.0875 7604 mcmscsvc - ok
17:10:28.0889 7604 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McNaiAnn C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
17:10:28.0899 7604 McNaiAnn - ok
17:10:28.0908 7604 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McNASvc C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
17:10:28.0918 7604 McNASvc - ok
17:10:28.0975 7604 [ 1814532DB0404C5FB65AA3EB051B2BE5 ] McODS C:\Program Files\mcafee\VirusScan\mcods.exe
17:10:28.0987 7604 McODS - ok
17:10:28.0996 7604 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McOobeSv C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
17:10:29.0006 7604 McOobeSv - ok
17:10:29.0015 7604 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McProxy C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
17:10:29.0025 7604 McProxy - ok
17:10:29.0071 7604 [ 9BBCECBE3FE5AF5958A770DC512D0473 ] McShield C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
17:10:29.0095 7604 McShield - ok
17:10:29.0137 7604 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:10:29.0149 7604 Mcx2Svc - ok
17:10:29.0180 7604 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
17:10:29.0195 7604 megasas - ok
17:10:29.0225 7604 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
17:10:29.0237 7604 MegaSR - ok
17:10:29.0270 7604 [ 6B01B7414A105B9E51652089A03027CF ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
17:10:29.0286 7604 MEIx64 - ok
17:10:29.0333 7604 [ 2D53234C24B0103FDE0BE06782AA6F80 ] mfeapfk C:\Windows\system32\drivers\mfeapfk.sys
17:10:29.0357 7604 mfeapfk - ok
17:10:29.0379 7604 [ C0EAF4F2367C44157E1DE4817238FEC2 ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys
17:10:29.0392 7604 mfeavfk - ok
17:10:29.0410 7604 mfeavfk01 - ok
17:10:29.0450 7604 [ 05248F2E6E1AFA6972D058C36199DEB7 ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
17:10:29.0462 7604 mfefire - ok
17:10:29.0483 7604 [ 6856931F9F5B757E9D09369CC35096B9 ] mfefirek C:\Windows\system32\drivers\mfefirek.sys
17:10:29.0516 7604 mfefirek - ok
17:10:29.0543 7604 [ 62E4C929A4DB48616B1B90143B48C948 ] mfehidk C:\Windows\system32\drivers\mfehidk.sys
17:10:29.0579 7604 mfehidk - ok
17:10:29.0602 7604 [ B5B96149BE124092F577DE54EC7D4D65 ] mferkdet C:\Windows\system32\drivers\mferkdet.sys
17:10:29.0612 7604 mferkdet - ok
17:10:29.0648 7604 [ DC5483CAD90D95D65B618E35C66E28DF ] mfevtp C:\Windows\system32\mfevtps.exe
17:10:29.0659 7604 mfevtp - ok
17:10:29.0677 7604 [ E18162EA85F1531964F8222CC9E25E26 ] mfewfpk C:\Windows\system32\drivers\mfewfpk.sys
17:10:29.0691 7604 mfewfpk - ok
17:10:29.0711 7604 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
17:10:29.0739 7604 MMCSS - ok
17:10:29.0769 7604 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
17:10:29.0821 7604 Modem - ok
17:10:29.0837 7604 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:10:29.0849 7604 monitor - ok
17:10:29.0871 7604 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
17:10:29.0881 7604 mouclass - ok
17:10:29.0895 7604 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
17:10:29.0906 7604 mouhid - ok
17:10:29.0921 7604 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
17:10:29.0932 7604 mountmgr - ok
17:10:29.0992 7604 [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:10:30.0014 7604 MozillaMaintenance - ok
17:10:30.0071 7604 [ 05BF204EC0E82CC4A054DB189C8A3D84 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
17:10:30.0096 7604 MpFilter - ok
17:10:30.0116 7604 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
17:10:30.0127 7604 mpio - ok
17:10:30.0155 7604 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:10:30.0182 7604 mpsdrv - ok
17:10:30.0242 7604 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
17:10:30.0299 7604 MpsSvc - ok
17:10:30.0322 7604 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:10:30.0345 7604 MRxDAV - ok
17:10:30.0374 7604 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:10:30.0412 7604 mrxsmb - ok
17:10:30.0453 7604 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:10:30.0478 7604 mrxsmb10 - ok
17:10:30.0497 7604 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:10:30.0509 7604 mrxsmb20 - ok
17:10:30.0534 7604 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
17:10:30.0543 7604 msahci - ok
17:10:30.0589 7604 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
17:10:30.0606 7604 msdsm - ok
17:10:30.0671 7604 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
17:10:30.0700 7604 MSDTC - ok
17:10:30.0759 7604 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:10:30.0801 7604 Msfs - ok
17:10:30.0843 7604 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
17:10:30.0899 7604 mshidkmdf - ok
17:10:30.0930 7604 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
17:10:30.0939 7604 msisadrv - ok
17:10:30.0973 7604 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:10:31.0001 7604 MSiSCSI - ok
17:10:31.0010 7604 msiserver - ok
17:10:31.0031 7604 [ F928E5E72BBA15DD0CE9A26E0413D236 ] MSK80Service C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
17:10:31.0042 7604 MSK80Service - ok
17:10:31.0063 7604 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:10:31.0090 7604 MSKSSRV - ok
17:10:31.0144 7604 [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
17:10:31.0166 7604 MsMpSvc - ok
17:10:31.0188 7604 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:10:31.0224 7604 MSPCLOCK - ok
17:10:31.0248 7604 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:10:31.0286 7604 MSPQM - ok
17:10:31.0306 7604 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:10:31.0320 7604 MsRPC - ok
17:10:31.0347 7604 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
17:10:31.0356 7604 mssmbios - ok
17:10:31.0376 7604 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:10:31.0403 7604 MSTEE - ok
17:10:31.0421 7604 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
17:10:31.0431 7604 MTConfig - ok
17:10:31.0449 7604 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
17:10:31.0458 7604 Mup - ok
17:10:31.0514 7604 [ E3B58E3011B207C5289D11173B30E298 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
17:10:31.0536 7604 MyWiFiDHCPDNS - ok
17:10:31.0584 7604 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
17:10:31.0632 7604 napagent - ok
17:10:31.0660 7604 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:10:31.0706 7604 NativeWifiP - ok
17:10:31.0747 7604 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
17:10:31.0800 7604 NDIS - ok
17:10:31.0814 7604 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
17:10:31.0840 7604 NdisCap - ok
17:10:31.0860 7604 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:10:31.0886 7604 NdisTapi - ok
17:10:31.0899 7604 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:10:31.0939 7604 Ndisuio - ok
17:10:31.0973 7604 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:10:32.0017 7604 NdisWan - ok
17:10:32.0030 7604 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:10:32.0057 7604 NDProxy - ok
17:10:32.0090 7604 [ 2334DC48997BA203B794DF3EE70521DB ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
17:10:32.0095 7604 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
17:10:32.0095 7604 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
17:10:32.0110 7604 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:10:32.0150 7604 NetBIOS - ok
17:10:32.0175 7604 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
17:10:32.0204 7604 NetBT - ok
17:10:32.0225 7604 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
17:10:32.0235 7604 Netlogon - ok
17:10:32.0267 7604 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
17:10:32.0322 7604 Netman - ok
17:10:32.0380 7604 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:10:32.0399 7604 NetMsmqActivator - ok
17:10:32.0415 7604 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:10:32.0427 7604 NetPipeActivator - ok
17:10:32.0465 7604 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
17:10:32.0510 7604 netprofm - ok
17:10:32.0521 7604 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:10:32.0530 7604 NetTcpActivator - ok
17:10:32.0540 7604 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:10:32.0549 7604 NetTcpPortSharing - ok
17:10:32.0731 7604 [ B51E9AD4F4E4F8DBE0AB882756BC5DAB ] NETwNs64 C:\Windows\system32\DRIVERS\NETwNs64.sys
17:10:32.0938 7604 NETwNs64 - ok
17:10:32.0971 7604 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
17:10:32.0980 7604 nfrd960 - ok
17:10:33.0037 7604 [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
17:10:33.0049 7604 NisDrv - ok
17:10:33.0071 7604 [ 79E80B10FE8F6662E0C9162A68C43444 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
17:10:33.0087 7604 NisSrv - ok
17:10:33.0129 7604 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
17:10:33.0156 7604 NlaSvc - ok
17:10:33.0195 7604 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:10:33.0221 7604 Npfs - ok
17:10:33.0249 7604 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
17:10:33.0276 7604 nsi - ok
17:10:33.0288 7604 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:10:33.0331 7604 nsiproxy - ok
17:10:33.0390 7604 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:10:33.0443 7604 Ntfs - ok
17:10:33.0472 7604 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
17:10:33.0498 7604 Null - ok
17:10:33.0533 7604 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
17:10:33.0555 7604 nvraid - ok
17:10:33.0584 7604 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
17:10:33.0596 7604 nvstor - ok
17:10:33.0621 7604 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
17:10:33.0631 7604 nv_agp - ok
17:10:33.0649 7604 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
17:10:33.0660 7604 ohci1394 - ok
17:10:33.0715 7604 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:10:33.0736 7604 ose - ok
17:10:33.0878 7604 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:10:34.0003 7604 osppsvc - ok
17:10:34.0033 7604 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
17:10:34.0047 7604 p2pimsvc - ok
17:10:34.0083 7604 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
17:10:34.0098 7604 p2psvc - ok
17:10:34.0131 7604 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
17:10:34.0151 7604 Parport - ok
17:10:34.0186 7604 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:10:34.0206 7604 partmgr - ok
17:10:34.0270 7604 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
17:10:34.0303 7604 PcaSvc - ok
17:10:34.0364 7604 [ 4B5F5774FF1C577B9515FDD2B5C535C5 ] PCDSRVC{1E208CE0-FB7451FF-06020200}_0 c:\program files\dell support center\pcdsrvc_x64.pkms
17:10:34.0382 7604 PCDSRVC{1E208CE0-FB7451FF-06020200}_0 - ok
17:10:34.0417 7604 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
17:10:34.0428 7604 pci - ok
17:10:34.0456 7604 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
17:10:34.0465 7604 pciide - ok
17:10:34.0499 7604 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
17:10:34.0511 7604 pcmcia - ok
17:10:34.0528 7604 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
17:10:34.0537 7604 pcw - ok
17:10:34.0561 7604 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:10:34.0610 7604 PEAUTH - ok
17:10:34.0702 7604 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
17:10:34.0728 7604 PerfHost - ok
17:10:34.0818 7604 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
17:10:34.0892 7604 pla - ok
17:10:34.0925 7604 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:10:34.0940 7604 PlugPlay - ok
17:10:34.0982 7604 [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
17:10:34.0987 7604 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
17:10:34.0987 7604 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
17:10:35.0017 7604 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
17:10:35.0033 7604 PNRPAutoReg - ok
17:10:35.0066 7604 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
17:10:35.0079 7604 PNRPsvc - ok
17:10:35.0114 7604 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:10:35.0146 7604 PolicyAgent - ok
17:10:35.0182 7604 [ A2CCA4FB273E6050F17A0A416CFF2FCD ] Power C:\Windows\system32\umpo.dll
17:10:35.0194 7604 Power - ok
17:10:35.0224 7604 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:10:35.0250 7604 PptpMiniport - ok
17:10:35.0267 7604 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
17:10:35.0288 7604 Processor - ok
17:10:35.0319 7604 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
17:10:35.0332 7604 ProfSvc - ok
17:10:35.0347 7604 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:10:35.0357 7604 ProtectedStorage - ok
17:10:35.0380 7604 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
17:10:35.0407 7604 Psched - ok
17:10:35.0458 7604 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
17:10:35.0526 7604 ql2300 - ok
17:10:35.0558 7604 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
17:10:35.0569 7604 ql40xx - ok
17:10:35.0626 7604 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
17:10:35.0662 7604 QWAVE - ok
17:10:35.0686 7604 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:10:35.0711 7604 QWAVEdrv - ok
17:10:35.0731 7604 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:10:35.0789 7604 RasAcd - ok
17:10:35.0827 7604 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
17:10:35.0854 7604 RasAgileVpn - ok
17:10:35.0890 7604 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
17:10:35.0925 7604 RasAuto - ok
17:10:35.0945 7604 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:10:35.0972 7604 Rasl2tp - ok
17:10:35.0996 7604 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
17:10:36.0041 7604 RasMan - ok
17:10:36.0069 7604 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:10:36.0096 7604 RasPppoe - ok
17:10:36.0115 7604 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
17:10:36.0159 7604 RasSstp - ok
17:10:36.0208 7604 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:10:36.0251 7604 rdbss - ok
17:10:36.0278 7604 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
17:10:36.0291 7604 rdpbus - ok
17:10:36.0314 7604 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
17:10:36.0340 7604 RDPCDD - ok
17:10:36.0362 7604 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
17:10:36.0396 7604 RDPENCDD - ok
17:10:36.0418 7604 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
17:10:36.0446 7604 RDPREFMP - ok
17:10:36.0484 7604 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
17:10:36.0501 7604 RdpVideoMiniport - ok
17:10:36.0542 7604 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
17:10:36.0554 7604 RDPWD - ok
17:10:36.0578 7604 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
17:10:36.0590 7604 rdyboost - ok
17:10:36.0661 7604 [ F3AF2B43F35DBB3A0EB9FEEEC7D62217 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
17:10:36.0682 7604 RegSrvc - ok
17:10:36.0734 7604 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
17:10:36.0773 7604 RemoteAccess - ok
17:10:36.0820 7604 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:10:36.0872 7604 RemoteRegistry - ok
17:10:36.0910 7604 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
17:10:36.0924 7604 RFCOMM - ok
17:10:36.0968 7604 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
17:10:36.0995 7604 RpcEptMapper - ok
17:10:37.0027 7604 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
17:10:37.0039 7604 RpcLocator - ok
17:10:37.0083 7604 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
17:10:37.0125 7604 RpcSs - ok
17:10:37.0158 7604 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:10:37.0184 7604 rspndr - ok
17:10:37.0212 7604 [ 40817D2DA49866C55781DB7601ABCEC1 ] RSUSBVSTOR C:\Windows\system32\Drivers\RTSUVSTOR.sys
17:10:37.0225 7604 RSUSBVSTOR - ok
17:10:37.0277 7604 [ 7F4F11527AF5A7E4526CB6A146B3E40C ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
17:10:37.0319 7604 RTL8167 - ok
17:10:37.0347 7604 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
17:10:37.0358 7604 SamSs - ok
17:10:37.0383 7604 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
17:10:37.0393 7604 sbp2port - ok
17:10:37.0428 7604 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:10:37.0457 7604 SCardSvr - ok
17:10:37.0494 7604 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
17:10:37.0536 7604 scfilter - ok
17:10:37.0567 7604 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
17:10:37.0658 7604 Schedule - ok
17:10:37.0693 7604 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
17:10:37.0718 7604 SCPolicySvc - ok
17:10:37.0759 7604 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
17:10:37.0796 7604 SDRSVC - ok
17:10:37.0869 7604 [ 206387AB881E93A1A6EB89966C8651F1 ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
17:10:37.0912 7604 SDScannerService - ok
17:10:37.0946 7604 [ A529CFE32565C0B145578FFB2B32C9A5 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
17:10:37.0984 7604 SDUpdateService - ok
17:10:38.0012 7604 [ CB63BDB77BB86549FC3303C2F11EDC18 ] SDWSCService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
17:10:38.0023 7604 SDWSCService - ok
17:10:38.0060 7604 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:10:38.0122 7604 secdrv - ok
17:10:38.0153 7604 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
17:10:38.0180 7604 seclogon - ok
17:10:38.0203 7604 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
17:10:38.0242 7604 SENS - ok
17:10:38.0269 7604 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
17:10:38.0279 7604 SensrSvc - ok
17:10:38.0297 7604 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
17:10:38.0308 7604 Serenum - ok
17:10:38.0339 7604 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
17:10:38.0350 7604 Serial - ok
17:10:38.0371 7604 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
17:10:38.0381 7604 sermouse - ok
17:10:38.0451 7604 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
17:10:38.0499 7604 SessionEnv - ok
17:10:38.0523 7604 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
17:10:38.0535 7604 sffdisk - ok
17:10:38.0558 7604 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
17:10:38.0580 7604 sffp_mmc - ok
17:10:38.0600 7604 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
17:10:38.0619 7604 sffp_sd - ok
17:10:38.0646 7604 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
17:10:38.0656 7604 sfloppy - ok
17:10:38.0700 7604 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
17:10:38.0743 7604 SharedAccess - ok
17:10:38.0798 7604 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:10:38.0835 7604 ShellHWDetection - ok
17:10:38.0872 7604 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
17:10:38.0888 7604 SiSRaid2 - ok
17:10:38.0917 7604 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
17:10:38.0927 7604 SiSRaid4 - ok
17:10:38.0951 7604 [ EA396139541706B4B433641D62EA53CE ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
17:10:38.0960 7604 SkypeUpdate - ok
17:10:39.0007 7604 [ DD0443BC6CC78A19FD399817F8C51401 ] SmartDefragDriver C:\Windows\system32\Drivers\SmartDefragDriver.sys
17:10:39.0015 7604 SmartDefragDriver - ok
17:10:39.0033 7604 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
17:10:39.0060 7604 Smb - ok
17:10:39.0111 7604 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:10:39.0132 7604 SNMPTRAP - ok
17:10:39.0159 7604 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
17:10:39.0169 7604 spldr - ok
17:10:39.0213 7604 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
17:10:39.0235 7604 Spooler - ok
17:10:39.0326 7604 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
17:10:39.0390 7604 sppsvc - ok
17:10:39.0408 7604 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
17:10:39.0436 7604 sppuinotify - ok
17:10:39.0480 7604 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
17:10:39.0509 7604 srv - ok
17:10:39.0530 7604 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:10:39.0544 7604 srv2 - ok
17:10:39.0561 7604 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:10:39.0573 7604 srvnet - ok
17:10:39.0624 7604 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:10:39.0675 7604 SSDPSRV - ok
17:10:39.0696 7604 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
17:10:39.0724 7604 SstpSvc - ok
17:10:39.0747 7604 Steam Client Service - ok
17:10:39.0786 7604 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
17:10:39.0796 7604 stexstor - ok
17:10:39.0854 7604 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
17:10:39.0901 7604 stisvc - ok
17:10:39.0923 7604 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
17:10:39.0931 7604 swenum - ok
17:10:39.0979 7604 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
17:10:40.0054 7604 swprv - ok
17:10:40.0101 7604 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
17:10:40.0154 7604 SysMain - ok
17:10:40.0180 7604 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:10:40.0200 7604 TabletInputService - ok
17:10:40.0253 7604 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
17:10:40.0301 7604 TapiSrv - ok
17:10:40.0326 7604 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
17:10:40.0354 7604 TBS - ok
17:10:40.0416 7604 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:10:40.0455 7604 Tcpip - ok
17:10:40.0506 7604 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
17:10:40.0543 7604 TCPIP6 - ok
17:10:40.0619 7604 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:10:40.0640 7604 tcpipreg - ok
17:10:40.0680 7604 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
17:10:40.0704 7604 TDPIPE - ok
17:10:40.0743 7604 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
17:10:40.0763 7604 TDTCP - ok
17:10:40.0785 7604 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:10:40.0811 7604 tdx - ok
17:10:40.0828 7604 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
17:10:40.0838 7604 TermDD - ok
17:10:40.0908 7604 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
17:10:40.0965 7604 TermService - ok
17:10:40.0989 7604 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
17:10:41.0004 7604 Themes - ok
17:10:41.0033 7604 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
17:10:41.0059 7604 THREADORDER - ok
17:10:41.0077 7604 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
17:10:41.0104 7604 TrkWks - ok
17:10:41.0166 7604 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:10:41.0219 7604 TrustedInstaller - ok
17:10:41.0257 7604 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
17:10:41.0283 7604 tssecsrv - ok
17:10:41.0315 7604 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
17:10:41.0326 7604 TsUsbFlt - ok
17:10:41.0357 7604 [ AD64450A4ABE076F5CB34CC08EEACB07 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
17:10:41.0391 7604 TsUsbGD - ok
17:10:41.0436 7604 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:10:41.0462 7604 tunnel - ok
17:10:41.0486 7604 [ FD24F98D2898BE093FE926604BE7DB99 ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys
17:10:41.0496 7604 TurboB - ok
17:10:41.0550 7604 [ 600B406A04D90F577FEA8A88D7379F08 ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
17:10:41.0571 7604 TurboBoost - ok
17:10:41.0601 7604 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
17:10:41.0610 7604 uagp35 - ok
17:10:41.0640 7604 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:10:41.0677 7604 udfs - ok
17:10:41.0740 7604 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:10:41.0752 7604 UI0Detect - ok
17:10:41.0788 7604 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
17:10:41.0798 7604 uliagpkx - ok
17:10:41.0823 7604 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
17:10:41.0834 7604 umbus - ok
17:10:41.0851 7604 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
17:10:41.0876 7604 UmPass - ok
17:10:41.0970 7604 [ 0DFC9713D117B349E41A2A477448107A ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
17:10:41.0996 7604 UNS - ok
17:10:42.0028 7604 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
17:10:42.0065 7604 upnphost - ok
17:10:42.0092 7604 [ 43228F8EDD1B0BCDD3145AD246E63D39 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
17:10:42.0118 7604 USBAAPL64 - ok
17:10:42.0155 7604 [ 19AD7990C0B67E48DAC5B26F99628223 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
17:10:42.0166 7604 usbccgp - ok
17:10:42.0197 7604 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
17:10:42.0210 7604 usbcir - ok
17:10:42.0246 7604 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
17:10:42.0256 7604 usbehci - ok
17:10:42.0292 7604 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
17:10:42.0335 7604 usbhub - ok
17:10:42.0376 7604 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
17:10:42.0400 7604 usbohci - ok
17:10:42.0443 7604 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
17:10:42.0480 7604 usbprint - ok
17:10:42.0534 7604 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
17:10:42.0562 7604 usbscan - ok
17:10:42.0589 7604 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:10:42.0616 7604 USBSTOR - ok
17:10:42.0653 7604 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
17:10:42.0675 7604 usbuhci - ok
17:10:42.0722 7604 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
17:10:42.0736 7604 usbvideo - ok
17:10:42.0766 7604 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
17:10:42.0812 7604 UxSms - ok
17:10:42.0836 7604 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
17:10:42.0846 7604 VaultSvc - ok
17:10:42.0878 7604 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
17:10:42.0888 7604 vdrvroot - ok
17:10:42.0917 7604 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
17:10:42.0954 7604 vds - ok
17:10:42.0974 7604 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
17:10:42.0986 7604 vga - ok
17:10:43.0007 7604 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
17:10:43.0045 7604 VgaSave - ok
17:10:43.0076 7604 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
17:10:43.0089 7604 vhdmp - ok
17:10:43.0113 7604 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
17:10:43.0122 7604 viaide - ok
17:10:43.0143 7604 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
17:10:43.0153 7604 volmgr - ok
17:10:43.0177 7604 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:10:43.0191 7604 volmgrx - ok
17:10:43.0218 7604 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
17:10:43.0232 7604 volsnap - ok
17:10:43.0254 7604 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
17:10:43.0265 7604 vsmraid - ok
17:10:43.0332 7604 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
17:10:43.0386 7604 VSS - ok
17:10:43.0425 7604 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
17:10:43.0464 7604 vwifibus - ok
17:10:43.0495 7604 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
17:10:43.0509 7604 vwififlt - ok
17:10:43.0528 7604 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
17:10:43.0542 7604 vwifimp - ok
17:10:43.0594 7604 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
17:10:43.0653 7604 W32Time - ok
17:10:43.0703 7604 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
17:10:43.0713 7604 WacomPen - ok
17:10:43.0742 7604 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
17:10:43.0768 7604 WANARP - ok
17:10:43.0783 7604 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:10:43.0809 7604 Wanarpv6 - ok
17:10:43.0867 7604 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
17:10:43.0925 7604 WatAdminSvc - ok
17:10:43.0976 7604 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
17:10:44.0040 7604 wbengine - ok
17:10:44.0071 7604 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
17:10:44.0088 7604 WbioSrvc - ok
17:10:44.0118 7604 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:10:44.0143 7604 wcncsvc - ok
17:10:44.0165 7604 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:10:44.0185 7604 WcsPlugInService - ok
17:10:44.0244 7604 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
17:10:44.0264 7604 Wd - ok
17:10:44.0321 7604 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:10:44.0371 7604 Wdf01000 - ok
17:10:44.0403 7604 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:10:44.0443 7604 WdiServiceHost - ok
17:10:44.0465 7604 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:10:44.0479 7604 WdiSystemHost - ok
17:10:44.0504 7604 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
17:10:44.0521 7604 WebClient - ok
17:10:44.0546 7604 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
17:10:44.0575 7604 Wecsvc - ok
17:10:44.0608 7604 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:10:44.0647 7604 wercplsupport - ok
17:10:44.0678 7604 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
17:10:44.0706 7604 WerSvc - ok
17:10:44.0740 7604 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
17:10:44.0766 7604 WfpLwf - ok
17:10:44.0803 7604 [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
17:10:44.0814 7604 WimFltr - ok
17:10:44.0838 7604 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
17:10:44.0848 7604 WIMMount - ok
17:10:44.0872 7604 WinDefend - ok
17:10:44.0915 7604 WinHttpAutoProxySvc - ok
17:10:44.0988 7604 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:10:45.0036 7604 Winmgmt - ok
17:10:45.0116 7604 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
17:10:45.0200 7604 WinRM - ok
17:10:45.0271 7604 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
17:10:45.0295 7604 WinUsb - ok
17:10:45.0335 7604 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
17:10:45.0382 7604 Wlansvc - ok
17:10:45.0451 7604 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
17:10:45.0470 7604 wlcrasvc - ok
17:10:45.0599 7604 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:10:45.0677 7604 wlidsvc - ok
17:10:45.0727 7604 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
17:10:45.0737 7604 WmiAcpi - ok
17:10:45.0795 7604 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:10:45.0808 7604 wmiApSrv - ok
17:10:45.0840 7604 WMPNetworkSvc - ok
17:10:45.0896 7604 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:10:45.0921 7604 WPCSvc - ok
17:10:45.0955 7604 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:10:45.0968 7604 WPDBusEnum - ok
17:10:46.0006 7604 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:10:46.0053 7604 ws2ifsl - ok
17:10:46.0095 7604 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
17:10:46.0128 7604 wscsvc - ok
17:10:46.0148 7604 WSearch - ok
17:10:46.0247 7604 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
17:10:46.0285 7604 wuauserv - ok
17:10:46.0330 7604 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
17:10:46.0365 7604 WudfPf - ok
17:10:46.0406 7604 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
17:10:46.0418 7604 WUDFRd - ok
17:10:46.0464 7604 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:10:46.0490 7604 wudfsvc - ok
17:10:46.0538 7604 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
17:10:46.0556 7604 WwanSvc - ok
17:10:46.0638 7604 [ 74713CB32792F9C7632DAA7DA22CA974 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
17:10:46.0676 7604 ZeroConfigService - ok
17:10:46.0779 7604 ================ Scan global ===============================
17:10:46.0819 7604 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
17:10:46.0852 7604 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
17:10:46.0862 7604 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
17:10:46.0886 7604 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
17:10:46.0918 7604 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
17:10:46.0924 7604 [Global] - ok
17:10:46.0925 7604 ================ Scan MBR ==================================
17:10:46.0938 7604 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
17:10:47.0341 7604 \Device\Harddisk0\DR0 - ok
17:10:47.0347 7604 [ DDAE9D649DB12F6AFF24483F2C298989 ] \Device\Harddisk1\DR1
17:10:47.0426 7604 \Device\Harddisk1\DR1 - ok
17:10:47.0426 7604 ================ Scan VBR ==================================
17:10:47.0466 7604 [ 715EF1D0DCA356655DFF4670781C37DB ] \Device\Harddisk0\DR0\Partition1
17:10:47.0468 7604 \Device\Harddisk0\DR0\Partition1 - ok
17:10:47.0483 7604 [ DF6BC9F50CFFBEC340DA8051D7675095 ] \Device\Harddisk0\DR0\Partition2
17:10:47.0485 7604 \Device\Harddisk0\DR0\Partition2 - ok
17:10:47.0510 7604 [ D05ED8AA2F79CD81952BD8A0D2012F12 ] \Device\Harddisk0\DR0\Partition3
17:10:47.0510 7604 \Device\Harddisk0\DR0\Partition3 - ok
17:10:47.0515 7604 [ 52E903B06892A209E93F48489F26862E ] \Device\Harddisk1\DR1\Partition1
17:10:47.0517 7604 \Device\Harddisk1\DR1\Partition1 - ok
17:10:47.0518 7604 ============================================================
17:10:47.0518 7604 Scan finished
17:10:47.0518 7604 ============================================================
17:10:47.0531 3372 Detected object count: 4
17:10:47.0531 3372 Actual detected object count: 4
17:19:20.0400 3372 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
17:19:20.0400 3372 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:19:20.0402 3372 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
17:19:20.0402 3372 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:19:20.0403 3372 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
17:19:20.0404 3372 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:19:20.0405 3372 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
17:19:20.0405 3372 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:19:23.0091 5412 Deinitialize success





Here is my SecurityCheck log:



Results of screen317's Security Check version 0.99.56
Windows 7 Service Pack 1 x64 (UAC is disabled!)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Security Center service is not running! This report may not be accurate!
Windows Firewall Enabled!
McAfee Anti-Virus and Anti-Spyware
Microsoft Security Essentials
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Spybot - Search & Destroy
Malwarebytes Anti-Malware version 1.70.0.1100
Java™ 7 Update 5
Java version out of Date!
Adobe Flash Player 10 Flash Player out of Date!
Adobe Flash Player 11.4.402.265 Flash Player out of Date!
Adobe Reader 10.1.3 Adobe Reader out of Date!
Mozilla Firefox (17.0.1)
Google Chrome 21.0.1180.83
Google Chrome 21.0.1180.89
Google Chrome 22.0.1229.79
Google Chrome 22.0.1229.92
Google Chrome 22.0.1229.94
Google Chrome 23.0.1271.64
Google Chrome 23.0.1271.91
Google Chrome 23.0.1271.95
Google Chrome 23.0.1271.97
````````Process Check: objlist.exe by Laurent````````
Microsoft Security Essentials MSMpEng.exe
Spybot Teatimer.exe is disabled!
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 1%
````````````````````End of Log``````````````````````





Here is my Farbar ServiceScanner log:




Farbar Service Scanner Version: 23-12-2012
Ran by David (administrator) on 12-01-2013 at 17:18:24
Running from "C:\Users\David\Downloads"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is set to Disabled. The default start type is Auto.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Disabled. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****




Here is a copy of my Mini ToolBox log:




MiniToolBox by Farbar Version: 25-11-2012
Ran by David (administrator) on 12-01-2013 at 17:26:48
Running from "C:\Users\David\Desktop"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

Intel® Centrino® Wireless-N 2230 = Wireless Network Connection (Connected)
Realtek PCIe GBE Family Controller = Local Area Connection (Media disconnected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 3 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Minnow
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection 3:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter #2
Physical Address. . . . . . . . . : 68-5D-43-44-CD-4E
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 68-5D-43-44-CD-4E
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Bluetooth Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
Physical Address. . . . . . . . . : 68-5D-43-44-CD-51
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® Centrino® Wireless-N 2230
Physical Address. . . . . . . . . : 68-5D-43-44-CD-4D
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::6137:e899:eaea:baa%13(Preferred)
IPv4 Address. . . . . . . . . . . : 10.0.1.17(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : 12 January 2013 14:09:23
Lease Expires . . . . . . . . . . : 13 January 2013 16:55:09
Default Gateway . . . . . . . . . : 10.0.1.1
DHCP Server . . . . . . . . . . . : 10.0.1.1
DHCPv6 IAID . . . . . . . . . . . : 241720643
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-17-4E-9D-D7-D4-BE-D9-33-70-51
DNS Servers . . . . . . . . . . . : 10.0.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : keble.ox.ac.uk
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : D4-BE-D9-33-70-51
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 13:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{8BCFA04B-34EB-4DFD-AD9C-96C05AA5E5EA}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: 10.0.1.1

Name: google.com
Addresses: 2a00:1450:4009:807::1003
173.194.34.137
173.194.34.130
173.194.34.133
173.194.34.131
173.194.34.128
173.194.34.134
173.194.34.136
173.194.34.142
173.194.34.132
173.194.34.135
173.194.34.129


Pinging google.com [173.194.34.137] with 32 bytes of data:
Reply from 173.194.34.137: bytes=32 time=22ms TTL=53
Reply from 173.194.34.137: bytes=32 time=29ms TTL=53

Ping statistics for 173.194.34.137:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 22ms, Maximum = 29ms, Average = 25ms
Server: UnKnown
Address: 10.0.1.1

Name: yahoo.com
Addresses: 72.30.38.140
98.138.253.109
98.139.183.24


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=190ms TTL=49
Reply from 72.30.38.140: bytes=32 time=323ms TTL=50

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 190ms, Maximum = 323ms, Average = 256ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
18...68 5d 43 44 cd 4e ......Microsoft Virtual WiFi Miniport Adapter #2
17...68 5d 43 44 cd 4e ......Microsoft Virtual WiFi Miniport Adapter
15...68 5d 43 44 cd 51 ......Bluetooth Device (Personal Area Network)
13...68 5d 43 44 cd 4d ......Intel® Centrino® Wireless-N 2230
11...d4 be d9 33 70 51 ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
12...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
19...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 10.0.1.1 10.0.1.17 25
10.0.1.0 255.255.255.0 On-link 10.0.1.17 281
10.0.1.17 255.255.255.255 On-link 10.0.1.17 281
10.0.1.255 255.255.255.255 On-link 10.0.1.17 281
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 10.0.1.17 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 10.0.1.17 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
13 281 fe80::/64 On-link
13 281 fe80::6137:e899:eaea:baa/128
On-link
1 306 ff00::/8 On-link
13 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 10 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog5 10 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (01/12/2013 05:23:16 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/12/2013 02:09:23 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/12/2013 01:45:55 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/12/2013 01:37:31 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/12/2013 01:00:40 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/12/2013 01:00:40 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/12/2013 00:23:06 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/12/2013 00:14:55 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 90080108

Error: (01/04/2013 11:09:14 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/04/2013 11:06:25 AM) (Source: System Restore) (User: )
Description: Failed to create restore point (Process = C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Setup.exe Files (x86)\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Setup.exe" -Embedding; Description = Configured Microsoft Office Home and Student 2010; Error = 0x8007043c).


System errors:
=============
Error: (01/12/2013 02:19:22 PM) (Source: Service Control Manager) (User: )
Description: The HP CUE DeviceDiscovery Service service terminated unexpectedly. It has done this 1 time(s).

Error: (01/12/2013 02:19:22 PM) (Source: Service Control Manager) (User: )
Description: The hpqcxs08 service terminated unexpectedly. It has done this 1 time(s).

Error: (01/12/2013 02:11:30 PM) (Source: Service Control Manager) (User: )
Description: The HP Network Devices Support service terminated with the following error:
%%126

Error: (01/12/2013 02:09:21 PM) (Source: Service Control Manager) (User: )
Description: The Spybot-S&D 2 Security Center Service service depends on the Security Center service which failed to start because of the following error:
%%1058

Error: (01/12/2013 02:08:40 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (01/12/2013 02:08:40 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (01/12/2013 02:08:40 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (01/12/2013 02:08:40 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (01/12/2013 02:08:40 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (01/12/2013 02:08:40 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068


Microsoft Office Sessions:
=========================
Error: (01/12/2013 05:23:16 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\David\Downloads\esetsmartinstaller_enu.exe

Error: (01/12/2013 02:09:23 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/12/2013 01:45:55 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/12/2013 01:37:31 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/12/2013 01:00:40 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\David\Downloads\esetsmartinstaller_enu.exe

Error: (01/12/2013 01:00:40 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\David\Downloads\esetsmartinstaller_enu.exe

Error: (01/12/2013 00:23:06 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/12/2013 00:14:55 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 90080108

Error: (01/04/2013 11:09:14 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/04/2013 11:06:25 AM) (Source: System Restore)(User: )
Description: C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Setup.exe Files (x86)\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Setup.exe" -EmbeddingConfigured Microsoft Office Home and Student 20100x8007043c


CodeIntegrity Errors:
===================================
Date: 2013-01-12 15:31:30.419
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\MaxxAudioAPOShell64.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-01-12 15:31:30.388
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\MaxxAudioAPOShell64.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-01-12 15:31:30.366
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\MaxxAudioAPOShell64.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-01-12 15:31:30.345
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\MaxxAudioAPOShell64.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-01-12 15:18:28.315
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\MaxxAudioAPOShell64.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-01-12 15:18:28.205
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\MaxxAudioAPOShell64.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-01-12 15:18:28.124
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\MaxxAudioAPOShell64.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-01-12 15:18:28.088
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\MaxxAudioAPOShell64.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-01-12 14:15:22.277
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\MaxxAudioAPOShell64.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-01-12 14:15:22.127
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\MaxxAudioAPOShell64.dll because the set of per-page image hashes could not be found on the system.


=========================== Installed Programs ============================

64 Bit HP CIO Components Installer (Version: 7.2.8)
Adobe AIR (Version: 2.6.0.19120)
Adobe Flash Player 10 ActiveX (Version: 10.0.32.18)
Adobe Flash Player 11 Plugin (Version: 11.4.402.265)
Adobe Reader X (10.1.3) (Version: 10.1.3)
Adobe Shockwave Player 11.6 (Version: 11.6.5.635)
Advanced Audio FX Engine (Version: 1.12.05)
Advanced SystemCare 6 (Version: 6.0)
AMD Accelerated Video Transcoding (Version: 2.00.0002)
AMD APP SDK Runtime (Version: 10.0.898.1)
AMD AVIVO64 Codecs (Version: 12.3.103.20309)
AMD Catalyst Install Manager (Version: 3.0.868.0)
Apex Images to PDF Converter 2.3.8.2
Apple Application Support (Version: 2.3.2)
Apple Mobile Device Support (Version: 6.0.1.3)
Apple Software Update (Version: 2.1.3.127)
Applian FLV and Media Player 3.1.1.12 (Version: 3.1.1.12)
BOINC (Version: 7.0.28)
Bonjour (Version: 3.0.0.10)
BufferChm (Version: 130.0.331.000)
C4400 (Version: 130.0.365.000)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center (Version: 2012.0309.43.976)
Catalyst Control Center InstallProxy (Version: 2012.0309.43.976)
Catalyst Control Center Localization All (Version: 2012.0309.43.976)
Catalyst Control Center Profiles Mobile (Version: 2012.0309.43.976)
ccc-utility64 (Version: 2012.0309.43.976)
CCC Help Chinese Standard (Version: 2012.0309.0042.976)
CCC Help Chinese Traditional (Version: 2012.0309.0042.976)
CCC Help Danish (Version: 2012.0309.0042.976)
CCC Help Dutch (Version: 2012.0309.0042.976)
CCC Help English (Version: 2012.0309.0042.976)
CCC Help Finnish (Version: 2012.0309.0042.976)
CCC Help French (Version: 2012.0309.0042.976)
CCC Help German (Version: 2012.0309.0042.976)
CCC Help Italian (Version: 2012.0309.0042.976)
CCC Help Japanese (Version: 2012.0309.0042.976)
CCC Help Korean (Version: 2012.0309.0042.976)
CCC Help Norwegian (Version: 2012.0309.0042.976)
CCC Help Portuguese (Version: 2012.0309.0042.976)
CCC Help Russian (Version: 2012.0309.0042.976)
CCC Help Spanish (Version: 2012.0309.0042.976)
CCC Help Swedish (Version: 2012.0309.0042.976)
CCleaner (Version: 3.25)
Conexant SmartAudio HD (Version: 8.54.29.0)
Copy (Version: 130.0.428.000)
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dell Edoc Viewer (Version: 1.0.0)
Dell Stage (Version: 1.6.301.0)
Dell Stage Remote (Version: 2.0.0.43)
Dell Support Center (Version: 3.2.6032.102)
Dell Touchpad (Version: 10.3.0.49)
Dell Webcam Central (Version: 2.00.46)
Destinations (Version: 140.0.77.000)
DeviceDiscovery (Version: 130.0.465.000)
ESET Online Scanner v3
Facebook Messenger 2.1.4651.0 (Version: 2.1.4651.0)
Facebook Video Calling 1.2.0.287 (Version: 1.2.287)
Football Manager 2010
Free RAR Extract Frog (Version: 4.30)
Google Chrome (Version: 23.0.1271.97)
Google Earth (Version: 6.2.2.6613)
Google Talk (remove only)
Google Talk Plugin (Version: 3.10.2.10212)
Google Update Helper (Version: 1.3.21.123)
GPBaseService2 (Version: 130.0.371.000)
HiJackThis (Version: 1.0.0)
HP Deskjet 3050A J611 series Basic Device Software (Version: 25.0.571.0)
HP Deskjet 3050A J611 series Help (Version: 140.0.2.2)
HP Imaging Device Functions 13.0 (Version: 13.0)
HP Photosmart C4400 All-In-One Driver Software 13.0 Rel. 3 (Version: 13.0)
HP Photosmart Essential 3.5 (Version: 3.5)
HP Solution Center 13.0 (Version: 13.0)
HP Update (Version: 5.003.001.001)
HPPhotoGadget (Version: 130.0.282.000)
HPPhotoSmartDiscLabelContent1 (Version: 2.04.0000)
HPPhotosmartEssential (Version: 2.04.0000)
HPProductAssistant (Version: 130.0.371.000)
iCloud (Version: 2.1.1.3)
Intel PROSet Wireless
Intel® Control Center (Version: 1.2.1.1007)
Intel® Display Audio Driver (Version: 6.14.00.3090)
Intel® Management Engine Components (Version: 8.0.1.1399)
Intel® PROSet/Wireless for Bluetooth® 3.0 + High Speed (Version: 15.0.0.0059)
Intel® PROSet/Wireless Software for Bluetooth® Technology (Version: 2.1.0.0140)
Intel® Rapid Storage Technology (Version: 11.0.0.1032)
Intel® Turbo Boost Technology Monitor 2.0 (Version: 2.1.23.0)
Intel® USB 3.0 eXtensible Host Controller Driver (Version: 1.0.3.214)
Intel® WiDi (Version: 3.0.13.0)
Intel® Wireless Display
Intel® PROSet/Wireless WiFi Software (Version: 15.00.0000.0642)
Intel® Trusted Connect Service Client (Version: 1.23.219.2)
iTunes (Version: 11.0.1.12)
Java™ 7 Update 5 (Version: 7.0.50)
Junk Mail filter update (Version: 15.4.3502.0922)
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
McAfee SecurityCenter (Version: 11.6.443)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Home and Student 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Security Client (Version: 4.1.0522.0)
Microsoft Security Essentials (Version: 4.1.522.0)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Mozilla Firefox 17.0.1 (x86 en-US) (Version: 17.0.1)
Mozilla Maintenance Service (Version: 17.0.1)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
PlayReady PC Runtime x86 (Version: 1.3.0)
PowerXpressHybrid (Version: 1.00.0000)
PS_AIO_03_C4400_Software_Min (Version: 130.0.365.000)
PX Profile Update (Version: 1.00.1.)
Quickset64 (Version: 10.14.010)
QuickTime (Version: 7.73.80.64)
Realtek USB 2.0 Card Reader (Version: 6.1.7601.39019)
Scan (Version: 140.0.80.000)
Shared C Run-time for x64 (Version: 10.0.0)
Skype™ 5.10 (Version: 5.10.116)
Smart Defrag 2 (Version: 2.6)
SolutionCenter (Version: 130.0.373.000)
Spotify (Version: 0.8.5.1333.g822e0de8)
Spybot - Search & Destroy (Version: 2.0.12)
Status (Version: 130.0.469.000)
Steam (Version: 1.0.0.0)
swMSM (Version: 12.0.0.1)
Toolbox (Version: 130.0.648.000)
TrayApp (Version: 130.0.422.000)
UnloadSupport (Version: 11.0.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
Veetle TV (Version: 0.9.19)
VLC media player 2.0.2 (Version: 2.0.2)
WebReg (Version: 130.0.132.017)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3508.1109)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)

========================= Devices: ================================

Name: HP LaserJet M2727nf MFP
Description: HP LaserJet M2727nf MFP
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: Hewlett-Packard
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: hp LaserJet 4200
Description: hp LaserJet 4200
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: Hewlett-Packard
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: HP LaserJet P2015 Series
Description: HP LaserJet P2015 Series
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP LaserJet P2015 Series
Description: HP LaserJet P2015 Series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: Hewlett-Packard
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: hp LaserJet 4200
Description: hp LaserJet 4200
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP LaserJet P2015 Series
Description: HP LaserJet P2015 Series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: Hewlett-Packard
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: HP LaserJet P2015 Series
Description: HP LaserJet P2015 Series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: Hewlett-Packard
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


========================= Memory info: ===================================

Percentage of memory in use: 27%
Total physical RAM: 8094.36 MB
Available physical RAM: 5899.21 MB
Total Pagefile: 16186.9 MB
Available Pagefile: 12997.65 MB
Total Virtual: 4095.88 MB
Available Virtual: 3956.8 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:891.66 GB) (Free:825.77 GB) NTFS
3 Drive g: (DAVID C 13W) (Removable) (Total:3.6 GB) (Free:2.51 GB) FAT32

========================= Users: ========================================

User accounts for \\MINNOW

Administrator David Guest

========================= Minidump Files ==================================

No minidump file found

========================= Restore Points ==================================

03-01-2013 23:55:21 ComboFix created restore point
04-01-2013 11:50:39 Windows Update
12-01-2013 14:20:54 Installed SpyHunter
12-01-2013 15:09:33 Installed HiJackThis
12-01-2013 15:10:35 Removed SpyHunter

**** End of log ****



Thanks very much

#4 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:06:30 PM

Posted 04 January 2013 - 04:34 PM

Hi

There are indications in the logs you provided that Combofix has been run recently.


Combofix is not a toy and not for everyday use.
ComboFix SHOULD NOT be used unless requested by a forum helper


------------------------

Please follow the instructions in ==>This Guide<== starting at Step 6. If you cannot complete a step, skip it and continue.

Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<== Please include a description of your computer issues, what you have done to resolve them, and a link to this topic.

If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.

It would be helpful if you post a note here once you have completed the steps in the guide and have started your topic in malware removal. Good luck and be patient.

If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#5 dav43

dav43
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:06:30 PM

Posted 04 January 2013 - 04:41 PM

Thank you. Will do.

#6 dav43

dav43
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:06:30 PM

Posted 04 January 2013 - 04:54 PM

Done. Post here:

www.bleepingcomputer.com/forums/topic480677.html

Many thanks for your help. Really appreciated

#7 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:06:30 PM

Posted 04 January 2013 - 05:13 PM

You're welcome :). Good luck!

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users