Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Persistant Google Redirect


  • Please log in to reply
18 replies to this topic

#1 DeLoreanDude

DeLoreanDude

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Alabama
  • Local time:08:45 PM

Posted 20 January 2013 - 11:40 PM

Hi,

After using these forums for years to help keep my former systems safe and clean, I've run into something I have no clue how to track down and squash.

It's been happening for a few weeks, but when I try searching for something through Google, my results will yield correctly but clicking carries me to random pages but I've been able to notice the first second or so is typically "asearchclub" or "click.livesearchnow" URLS. Also noticed a 179.239.17.70 domain tonight.

Also, when starting IE, typically it will hang the first time I launch, but immediately relaunching it pops right up.

This only affects Internet Explorer when executed through normal left-click via taskbar.

If I launch InPrivate Browsing, everything works fine.

Details to help get started:
OS: Windows 8 Pro w/ Media Center
Browser: IE 10 version 10.0.9200.16466

Many thanks!

*Topic Watched

Edited by DeLoreanDude, 20 January 2013 - 11:41 PM.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:45 PM

Posted 20 January 2013 - 11:52 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 DeLoreanDude

DeLoreanDude
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Alabama
  • Local time:08:45 PM

Posted 21 January 2013 - 12:47 AM

23:43:25.0542 5364 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
23:43:25.0932 5364 ============================================================
23:43:25.0932 5364 Current date / time: 2013/01/20 23:43:25.0932
23:43:25.0932 5364 SystemInfo:
23:43:25.0932 5364
23:43:25.0932 5364 OS Version: 6.2.9200 ServicePack: 0.0
23:43:25.0932 5364 Product type: Workstation
23:43:25.0932 5364 ComputerName: HHGREGG-HP
23:43:25.0932 5364 UserName: HHGREGG
23:43:25.0932 5364 Windows directory: C:\WINDOWS
23:43:25.0932 5364 System windows directory: C:\WINDOWS
23:43:25.0932 5364 Running under WOW64
23:43:25.0932 5364 Processor architecture: Intel x64
23:43:25.0932 5364 Number of processors: 8
23:43:25.0932 5364 Page size: 0x1000
23:43:25.0932 5364 Boot type: Normal boot
23:43:25.0932 5364 ============================================================
23:43:26.0510 5364 Drive \Device\Harddisk0\DR0 - Size: 0x15D50F66000 (1397.27 Gb), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:43:26.0526 5364 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
23:43:26.0557 5364 ============================================================
23:43:26.0557 5364 \Device\Harddisk0\DR0:
23:43:26.0557 5364 MBR partitions:
23:43:26.0557 5364 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
23:43:26.0557 5364 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xAC85D800
23:43:26.0557 5364 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xAC890000, BlocksNum 0x21F7000
23:43:26.0557 5364 \Device\Harddisk1\DR1:
23:43:26.0557 5364 MBR partitions:
23:43:26.0557 5364 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C02
23:43:26.0557 5364 ============================================================
23:43:26.0620 5364 C: <-> \Device\Harddisk0\DR0\Partition2
23:43:26.0651 5364 D: <-> \Device\Harddisk0\DR0\Partition3
23:43:26.0682 5364 M: <-> \Device\Harddisk1\DR1\Partition1
23:43:26.0682 5364 ============================================================
23:43:26.0682 5364 Initialize success
23:43:26.0682 5364 ============================================================
23:44:03.0576 10300 ============================================================
23:44:03.0576 10300 Scan started
23:44:03.0576 10300 Mode: Manual; TDLFS;
23:44:03.0576 10300 ============================================================
23:44:03.0795 10300 ================ Scan system memory ========================
23:44:03.0795 10300 System memory - ok
23:44:03.0795 10300 ================ Scan services =============================
23:44:03.0936 10300 [ E890C46E4754F0DF51BAFCC8D2E07498 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
23:44:03.0936 10300 1394ohci - ok
23:44:03.0951 10300 [ 4F18D4C7EA14F11A7211F60D553C03DB ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
23:44:03.0951 10300 3ware - ok
23:44:03.0982 10300 [ 975AABEB243B800C23626D6B652C5A9C ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
23:44:03.0982 10300 ACPI - ok
23:44:03.0998 10300 [ DC968C37822117E576B933F34A2D130C ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
23:44:03.0998 10300 acpiex - ok
23:44:04.0014 10300 [ 0CA9F7C3A78227C21A0A7854E245CFB2 ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
23:44:04.0014 10300 acpipagr - ok
23:44:04.0045 10300 [ 8EB8DA03B142D3DD1EB9ED8107A76C43 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
23:44:04.0045 10300 AcpiPmi - ok
23:44:04.0045 10300 [ CBCE725C5D86ABA7D2604E22951AA9B8 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
23:44:04.0061 10300 acpitime - ok
23:44:04.0154 10300 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
23:44:04.0154 10300 AdobeFlashPlayerUpdateSvc - ok
23:44:04.0170 10300 [ 93C6388592B99925C1D1576E465BC80F ] adp94xx C:\WINDOWS\system32\drivers\adp94xx.sys
23:44:04.0186 10300 adp94xx - ok
23:44:04.0201 10300 [ D27763E0247292654E7F7D16444C7C72 ] adpahci C:\WINDOWS\system32\drivers\adpahci.sys
23:44:04.0217 10300 adpahci - ok
23:44:04.0232 10300 [ 67B90070FF48F794AF19F9FCF0080D75 ] adpu320 C:\WINDOWS\system32\drivers\adpu320.sys
23:44:04.0248 10300 adpu320 - ok
23:44:04.0279 10300 [ 974AE60BF5B90E31412D93596C968E5B ] AeLookupSvc C:\WINDOWS\System32\aelupsvc.dll
23:44:04.0279 10300 AeLookupSvc - ok
23:44:04.0311 10300 [ 36D6A3201721558A8AFBCC09C2DA4C2C ] AFD C:\WINDOWS\system32\drivers\afd.sys
23:44:04.0311 10300 AFD - ok
23:44:04.0326 10300 [ 01590377A5AB19E792528C628A2A68F9 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys
23:44:04.0326 10300 agp440 - ok
23:44:04.0373 10300 [ D1BE8E6E5B3AF23A4393AF1BF867977A ] ALG C:\WINDOWS\System32\alg.exe
23:44:04.0373 10300 ALG - ok
23:44:04.0420 10300 [ 025E8C755BE293E50854D26D1BBE5133 ] AllUserInstallAgent C:\WINDOWS\system32\AUInstallAgent.dll
23:44:04.0420 10300 AllUserInstallAgent - ok
23:44:04.0436 10300 [ 5A81054B824004B1ECC04F0034A1CDF9 ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
23:44:04.0482 10300 AmdK8 - ok
23:44:04.0482 10300 [ B849D453E644FAB9BC8EF6DC8CA9C4C6 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
23:44:04.0498 10300 AmdPPM - ok
23:44:04.0529 10300 [ 35A0EB5AECB0FA3C41A2FB514A562304 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
23:44:04.0529 10300 amdsata - ok
23:44:04.0561 10300 [ 00452671904F5EE94B50BF0219C97164 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
23:44:04.0561 10300 amdsbs - ok
23:44:04.0576 10300 [ EA3FFE53E92E59C87E3ECA9BEB20D9B7 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
23:44:04.0576 10300 amdxata - ok
23:44:04.0639 10300 [ 823F34D1DEF120A657BB7529ABF4461F ] AppHostSvc C:\WINDOWS\system32\inetsrv\apphostsvc.dll
23:44:04.0639 10300 AppHostSvc - ok
23:44:04.0654 10300 [ 83B3682CE922FB0F415734B26D9D6233 ] AppID C:\WINDOWS\system32\drivers\appid.sys
23:44:04.0654 10300 AppID - ok
23:44:04.0670 10300 [ CE2BEAD7F31816FF0AC490D048C969F9 ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
23:44:04.0670 10300 AppIDSvc - ok
23:44:04.0717 10300 [ D64C4AFEE8277F35EF729A2B924666B0 ] Appinfo C:\WINDOWS\System32\appinfo.dll
23:44:04.0717 10300 Appinfo - ok
23:44:04.0733 10300 [ 2D14788C5D0836292BEB27BBE109BE56 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
23:44:04.0733 10300 AppMgmt - ok
23:44:04.0748 10300 [ E933401B392387F4BE34DE8BAF1722A7 ] arc C:\WINDOWS\system32\drivers\arc.sys
23:44:04.0748 10300 arc - ok
23:44:04.0764 10300 [ 07CA323EF2E8247A568AB0F3662AD644 ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
23:44:04.0764 10300 arcsas - ok
23:44:04.0858 10300 [ 108FB6DDB69E537A2EA53F425363FAE5 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
23:44:04.0858 10300 aspnet_state - ok
23:44:04.0889 10300 [ 74DBAEC35366C4EE7670428808715A6A ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
23:44:04.0889 10300 AsyncMac - ok
23:44:04.0904 10300 [ A721FF570C2387E383BDDEA9632863C9 ] atapi C:\WINDOWS\system32\drivers\atapi.sys
23:44:04.0904 10300 atapi - ok
23:44:04.0936 10300 [ 810ED88782952228AF9C0985FB7D259E ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
23:44:04.0936 10300 AudioEndpointBuilder - ok
23:44:04.0967 10300 [ 25CA8B87479A374919563B3EE7136F32 ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
23:44:04.0967 10300 Audiosrv - ok
23:44:05.0014 10300 [ 89491EF71D5EA011127832C588002853 ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
23:44:05.0014 10300 AxInstSV - ok
23:44:05.0045 10300 [ 87AB5BB072A3F128541D5B815F82FFDD ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
23:44:05.0061 10300 b06bdrv - ok
23:44:05.0076 10300 [ 81703BC5D68DEDBB086C2368FBE7B334 ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
23:44:05.0076 10300 BasicDisplay - ok
23:44:05.0092 10300 [ 5EC68164E14D25675C98BBB5F09E8606 ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys
23:44:05.0092 10300 BasicRender - ok
23:44:05.0170 10300 [ F48FEB7DA35821DA15E0B006DCB9A169 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe
23:44:05.0186 10300 BBSvc - ok
23:44:05.0201 10300 [ 8E16F7A85441986FD2B9CE6C879524E4 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe
23:44:05.0201 10300 BBUpdate - ok
23:44:05.0233 10300 [ 89143A7BA7850F5C7E61B43BB44B6418 ] BDESVC C:\WINDOWS\System32\bdesvc.dll
23:44:05.0233 10300 BDESVC - ok
23:44:05.0264 10300 [ 9E7AEA59776D904607985AFFE7E5E183 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
23:44:05.0264 10300 Beep - ok
23:44:05.0342 10300 [ 9E6A544F465C582AB42444A217CF04DC ] BFE C:\WINDOWS\System32\bfe.dll
23:44:05.0358 10300 BFE - ok
23:44:05.0389 10300 [ 1B63F2B7CA6B5290CC124CDD07520BC9 ] BingDesktopUpdate C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
23:44:05.0389 10300 BingDesktopUpdate - ok
23:44:05.0451 10300 [ D598C44A7072D3108D8D8102EC5E07F7 ] BITS C:\WINDOWS\System32\qmgr.dll
23:44:05.0451 10300 BITS - ok
23:44:05.0483 10300 [ B17AC10B47C7FCB44D22A1F06415840E ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
23:44:05.0483 10300 bowser - ok
23:44:05.0514 10300 [ 975398A3D2C1FEA73FC93931978DF354 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
23:44:05.0529 10300 BrokerInfrastructure - ok
23:44:05.0545 10300 [ 310068BDA80B1D55C36580FD8A873FAF ] Browser C:\WINDOWS\System32\browser.dll
23:44:05.0545 10300 Browser - ok
23:44:05.0576 10300 [ 3AA4309EBD9491E516F13FE3DC752FEE ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
23:44:05.0623 10300 BthAvrcpTg - ok
23:44:05.0654 10300 [ 616EB8748C988AEE98D93DA141C3D3B4 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
23:44:05.0654 10300 BthHFEnum - ok
23:44:05.0670 10300 [ DCB4EBD928A6FB368BE6CAE522412DE1 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys
23:44:05.0686 10300 bthhfhid - ok
23:44:05.0717 10300 [ 033916CE8784A848B9A3D686B7F66D97 ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
23:44:05.0717 10300 BTHMODEM - ok
23:44:05.0748 10300 [ A4387C3D271959313E2577DB7BE8BA7A ] bthserv C:\WINDOWS\system32\bthserv.dll
23:44:05.0748 10300 bthserv - ok
23:44:05.0795 10300 [ A3AD13CA2747953DDD4C9AE4FB925BEC ] CalendarSynchService C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe
23:44:05.0826 10300 CalendarSynchService - ok
23:44:05.0873 10300 [ 990B1BABE6E81FB18E65A87EBEFB1772 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
23:44:05.0873 10300 cdfs - ok
23:44:05.0889 10300 [ 339BFF85D788268752DA8C9644B188EE ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
23:44:05.0904 10300 cdrom - ok
23:44:05.0920 10300 [ BAF8F0F55BC300E5F882E521F054E345 ] CertPropSvc C:\WINDOWS\System32\certprop.dll
23:44:05.0920 10300 CertPropSvc - ok
23:44:05.0936 10300 [ F64B7D1A37CC1D5F421D5359EEC81E2E ] circlass C:\WINDOWS\System32\drivers\circlass.sys
23:44:05.0936 10300 circlass - ok
23:44:06.0014 10300 [ 93C7703442C7CBD4053FC7DE07D9C896 ] ClassicShellService C:\Program Files\Classic Shell\ClassicShellService.exe
23:44:06.0092 10300 ClassicShellService - ok
23:44:06.0108 10300 [ 9905168708DB68849B879B5548F68AB3 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
23:44:06.0108 10300 CLFS - ok
23:44:06.0139 10300 [ 2DC8538A2260647484A6C921CA837313 ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
23:44:06.0139 10300 CmBatt - ok
23:44:06.0170 10300 [ E708BFF0473EC6B271EA46B65B16CA56 ] CNG C:\WINDOWS\system32\Drivers\cng.sys
23:44:06.0186 10300 CNG - ok
23:44:06.0186 10300 [ 0E5B1E9E7122EDAAF1F6CE047965CA92 ] CompositeBus C:\WINDOWS\System32\drivers\CompositeBus.sys
23:44:06.0186 10300 CompositeBus - ok
23:44:06.0201 10300 COMSysApp - ok
23:44:06.0201 10300 [ D9CB0782AF819548072AA45B70F8B22D ] condrv C:\WINDOWS\system32\drivers\condrv.sys
23:44:06.0217 10300 condrv - ok
23:44:06.0248 10300 [ F0E78B119D12BA81F163D48C0FF30B9A ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
23:44:06.0248 10300 CryptSvc - ok
23:44:06.0280 10300 [ F2C69C3D98249DE14D4B2832516D4FD5 ] CSC C:\WINDOWS\system32\drivers\csc.sys
23:44:06.0280 10300 CSC - ok
23:44:06.0326 10300 [ 22CCB6AFF617AAC6121DF6CDA5ABF3F4 ] CscService C:\WINDOWS\System32\cscsvc.dll
23:44:06.0326 10300 CscService - ok
23:44:06.0342 10300 [ C4D01BD86D6B207275FC143EEA951D75 ] dam C:\WINDOWS\system32\drivers\dam.sys
23:44:06.0358 10300 dam - ok
23:44:06.0389 10300 [ 1EC6E533C954BDDF2A37E7851A7E58FD ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
23:44:06.0405 10300 DcomLaunch - ok
23:44:06.0405 10300 [ C8650D1F61149AA546BDBC99172EBBC1 ] defragsvc C:\WINDOWS\System32\defragsvc.dll
23:44:06.0420 10300 defragsvc - ok
23:44:06.0467 10300 [ 5EAEF67AE2AF4D2DC664B649DB7B2E16 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
23:44:06.0467 10300 DeviceAssociationService - ok
23:44:06.0514 10300 [ 799BE46D45D486704CE0F37CA5385262 ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
23:44:06.0514 10300 DeviceInstall - ok
23:44:06.0576 10300 [ 09D9EB9E7898F8E6561473A20CC808B9 ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
23:44:06.0576 10300 Dfsc - ok
23:44:06.0592 10300 [ 9E0E72222264745ADEB0E5AC680B0ED6 ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
23:44:06.0592 10300 Dhcp - ok
23:44:06.0608 10300 [ 3C736FAE17BA6F91BA37594AAB139CD0 ] discache C:\WINDOWS\system32\drivers\discache.sys
23:44:06.0623 10300 discache - ok
23:44:06.0623 10300 [ 560495FF4CA22E1D9B1972FA18F43B6F ] disk C:\WINDOWS\system32\drivers\disk.sys
23:44:06.0623 10300 disk - ok
23:44:06.0639 10300 [ 82A7C72593793FE1EADA7A305BD1567A ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
23:44:06.0655 10300 dmvsc - ok
23:44:06.0670 10300 [ 066B9710B36AB550E01EEFCA52155968 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
23:44:06.0670 10300 Dnscache - ok
23:44:06.0686 10300 [ 9949AD2ABA168A618D46C799D6CC898C ] dot3svc C:\WINDOWS\System32\dot3svc.dll
23:44:06.0686 10300 dot3svc - ok
23:44:06.0686 10300 [ 109FC3F80BF4F4DC5A071058074F13C1 ] DPS C:\WINDOWS\system32\dps.dll
23:44:06.0701 10300 DPS - ok
23:44:06.0733 10300 [ 9C7C183F937951AE17C5B8B3259CF3FF ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
23:44:06.0733 10300 drmkaud - ok
23:44:06.0748 10300 [ BF48F32EE248C3D371DA5DC93BBEADA7 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
23:44:06.0748 10300 DsmSvc - ok
23:44:06.0795 10300 [ 898BF1647BBF012B38EF45C7F9F7A67E ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
23:44:06.0826 10300 DXGKrnl - ok
23:44:06.0858 10300 [ 58BA473DD88F5FC1932282BA683AA03E ] Eaphost C:\WINDOWS\System32\eapsvc.dll
23:44:06.0873 10300 Eaphost - ok
23:44:06.0936 10300 [ 5AB97B3282D7D6114949D1EB5C8598E4 ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
23:44:06.0998 10300 ebdrv - ok
23:44:07.0014 10300 [ F702AB6181513303AB0FC8D59E52708B ] EFS C:\WINDOWS\System32\lsass.exe
23:44:07.0030 10300 EFS - ok
23:44:07.0092 10300 [ 4B84E647C934EDFF7F28C4B91A5C0864 ] ehRecvr C:\WINDOWS\ehome\ehRecvr.exe
23:44:07.0092 10300 ehRecvr - ok
23:44:07.0123 10300 [ 72781EC7A97E44B9651550D7A83D1B96 ] ehSched C:\WINDOWS\ehome\ehsched.exe
23:44:07.0139 10300 ehSched - ok
23:44:07.0155 10300 [ 66D60BD9A4C05616ABECA2A901475098 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
23:44:07.0155 10300 EhStorClass - ok
23:44:07.0170 10300 [ A61D0F543024E458C0FE32352E1978E2 ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
23:44:07.0170 10300 EhStorTcgDrv - ok
23:44:07.0186 10300 [ D790D058D67582DB9C84C2D33695FE6B ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
23:44:07.0186 10300 ErrDev - ok
23:44:07.0217 10300 [ F9E01C2D9F8BC049E04CF5DC24A5F638 ] EventSystem C:\WINDOWS\system32\es.dll
23:44:07.0233 10300 EventSystem - ok
23:44:07.0248 10300 [ 7A4D6FEB8C52B3FE855E4DCDF9107E03 ] exfat C:\WINDOWS\system32\drivers\exfat.sys
23:44:07.0248 10300 exfat - ok
23:44:07.0280 10300 [ 60996602A7111FD2D086E803F33E4282 ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
23:44:07.0280 10300 fastfat - ok
23:44:07.0295 10300 [ F0E7F8382ED5E138B0DFA4CB5058BCFE ] Fax C:\WINDOWS\system32\fxssvc.exe
23:44:07.0311 10300 Fax - ok
23:44:07.0342 10300 [ 73B2D11DF0B6E03A0CB0323218ACB3E4 ] fdc C:\WINDOWS\System32\drivers\fdc.sys
23:44:07.0342 10300 fdc - ok
23:44:07.0373 10300 [ 0828E3E7BD77C89149EAD3232BFD38DB ] fdPHost C:\WINDOWS\system32\fdPHost.dll
23:44:07.0373 10300 fdPHost - ok
23:44:07.0420 10300 [ 872506AAB591E8908DF4461475AF92DF ] FDResPub C:\WINDOWS\system32\fdrespub.dll
23:44:07.0420 10300 FDResPub - ok
23:44:07.0436 10300 [ 0588950D93A426F97C7AAADB1A9B0458 ] fhsvc C:\WINDOWS\system32\fhsvc.dll
23:44:07.0451 10300 fhsvc - ok
23:44:07.0483 10300 [ 88A9EBACD1058ABB237A6B4E96E7F397 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
23:44:07.0483 10300 FileInfo - ok
23:44:07.0483 10300 [ 9E4EE3A0B00FF7D5F42A4AF9744CBA02 ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
23:44:07.0498 10300 Filetrace - ok
23:44:07.0498 10300 [ B1D4C168FF7B8579E3745888658FFB1D ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
23:44:07.0514 10300 flpydisk - ok
23:44:07.0530 10300 [ B33EC133AE4E6C1881D2302D93D2467D ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
23:44:07.0530 10300 FltMgr - ok
23:44:07.0576 10300 [ 0BCDC0FF11B984162B0CF0FF6E9E0146 ] FontCache C:\WINDOWS\system32\FntCache.dll
23:44:07.0608 10300 FontCache - ok
23:44:07.0670 10300 [ 0B56259F5611787222A04A8F254E51D4 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
23:44:07.0670 10300 FontCache3.0.0.0 - ok
23:44:07.0686 10300 [ A5F7873A39E4E9FAAAE59B7E9E36B705 ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
23:44:07.0701 10300 FsDepends - ok
23:44:07.0717 10300 [ A6DD7D491F587F4BC13FB972977DC8E8 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
23:44:07.0717 10300 Fs_Rec - ok
23:44:07.0764 10300 [ FA228F4BB10DC7ED7E7D131C034E2331 ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
23:44:07.0764 10300 fvevol - ok
23:44:07.0795 10300 [ A969D92973DFA895E7776B4BFE36DBB2 ] FxPPM C:\WINDOWS\System32\drivers\fxppm.sys
23:44:07.0795 10300 FxPPM - ok
23:44:07.0826 10300 [ 52BC441E07A827EBAB70CDC7EAEDB28D ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys
23:44:07.0826 10300 gagp30kx - ok
23:44:07.0873 10300 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
23:44:07.0873 10300 GamesAppService - ok
23:44:07.0920 10300 [ 5E75CA03513BF7563F9A6AFCBDC47AC2 ] gdzunzgo C:\WINDOWS\system32\drivers\gdzunzgo.sys
23:44:07.0920 10300 gdzunzgo - ok
23:44:07.0967 10300 [ 721F8EEF5E9747F32670DEFF7FB92541 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
23:44:07.0967 10300 gencounter - ok
23:44:07.0983 10300 [ CA18ECFCFFDD638ECE80799A9056B238 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
23:44:07.0983 10300 GPIOClx0101 - ok
23:44:08.0045 10300 [ 5358678C6370F2ADC5291849F6503262 ] gpsvc C:\WINDOWS\System32\gpsvc.dll
23:44:08.0076 10300 gpsvc - ok
23:44:08.0108 10300 [ 7D87B5B6C7188D553E11B59DC7F0B111 ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
23:44:08.0108 10300 HDAudBus - ok
23:44:08.0123 10300 [ 3F76BBA53D65E85A7F53E7A71082082C ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
23:44:08.0123 10300 HidBatt - ok
23:44:08.0139 10300 [ A25BAE8C1F2830C8E5625EC7E4E968BE ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
23:44:08.0155 10300 HidBth - ok
23:44:08.0170 10300 [ CC4A07E51D89575CAB6F4EB590D87CD4 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
23:44:08.0170 10300 hidi2c - ok
23:44:08.0186 10300 [ DC96F7DACB777CDEAEF9958A50BFDA06 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
23:44:08.0186 10300 HidIr - ok
23:44:08.0233 10300 [ FAC37D7B3D6354A5A5E19A45B50B4008 ] hidserv C:\WINDOWS\system32\hidserv.dll
23:44:08.0233 10300 hidserv - ok
23:44:08.0248 10300 [ 590B6F71BCDA4368B4BF7D8DF22B60F7 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
23:44:08.0248 10300 HidUsb - ok
23:44:08.0295 10300 [ 43F884B61A24377567CD0FEB35236334 ] hkmsvc C:\WINDOWS\system32\kmsvc.dll
23:44:08.0295 10300 hkmsvc - ok
23:44:08.0327 10300 [ 33DFC14DFDCCFA7AA10E392F6A8EC1CF ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
23:44:08.0342 10300 HomeGroupListener - ok
23:44:08.0358 10300 [ E0D9F6FE18FA7F53ADD29AF719CE2B7E ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
23:44:08.0358 10300 HomeGroupProvider - ok
23:44:08.0405 10300 [ 13BB1114451C63BFB41BA7DAA4D70A29 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
23:44:08.0405 10300 HP Support Assistant Service - ok
23:44:08.0451 10300 [ 6A181452D4E240B8ECC7614B9A19BDE9 ] HPClientSvc C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
23:44:08.0451 10300 HPClientSvc - ok
23:44:08.0467 10300 [ BCC4A8B2E2E902F52E7F2E7D8E125765 ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
23:44:08.0467 10300 HPDrvMntSvc.exe - ok
23:44:08.0498 10300 [ EC9739A46F1F83C6E52A7A4697F44A65 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
23:44:08.0514 10300 hpqwmiex - ok
23:44:08.0530 10300 [ 64DB7A8D97CA53DCCF93D0A1E08342CF ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
23:44:08.0530 10300 HpSAMD - ok
23:44:08.0545 10300 [ BBC89DA4065BDCE34257BE95B2F636EE ] HssDRV6 C:\WINDOWS\system32\DRIVERS\hssdrv6.sys
23:44:08.0545 10300 HssDRV6 - ok
23:44:08.0592 10300 [ 29CB98187BB5711F7759540976D295FC ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
23:44:08.0608 10300 HTTP - ok
23:44:08.0623 10300 [ BF72B8F1764386A013851253497F3295 ] hvservice C:\WINDOWS\system32\drivers\hvservice.sys
23:44:08.0623 10300 hvservice - ok
23:44:08.0655 10300 [ 2A98301068801700906C06649860FE94 ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
23:44:08.0655 10300 hwpolicy - ok
23:44:08.0670 10300 [ DC76901D82097C9E297F20C287CB9A27 ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
23:44:08.0670 10300 hyperkbd - ok
23:44:08.0686 10300 [ 716413AB3CA12DE0A7222D28C1C9352C ] HyperVideo C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
23:44:08.0686 10300 HyperVideo - ok
23:44:08.0702 10300 [ C9E9CBF73AFFBFE3E801EFB516787BA3 ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
23:44:08.0717 10300 i8042prt - ok
23:44:08.0748 10300 [ 26CF4275034214ECEDD8EC17B0A18A99 ] iaStor C:\WINDOWS\system32\drivers\iaStor.sys
23:44:08.0748 10300 iaStor - ok
23:44:08.0780 10300 [ 5E394EBD26FD68AA9300332C46BEDD62 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
23:44:08.0780 10300 iaStorV - ok
23:44:08.0795 10300 [ 24847A06B84339FEEDE5CABF3D27D320 ] iirsp C:\WINDOWS\system32\drivers\iirsp.sys
23:44:08.0795 10300 iirsp - ok
23:44:08.0858 10300 [ 531B5A98145DA689741A0AC18F14EA94 ] IKEEXT C:\WINDOWS\System32\ikeext.dll
23:44:08.0873 10300 IKEEXT - ok
23:44:08.0967 10300 [ C2F868881D48A568B525255F084EF063 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
23:44:09.0045 10300 IntcAzAudAddService - ok
23:44:09.0077 10300 [ 4F37726CF764CA18A8A84F85EF3A7F24 ] intelide C:\WINDOWS\system32\drivers\intelide.sys
23:44:09.0077 10300 intelide - ok
23:44:09.0092 10300 [ E15CDF68DD73423F15D4AC404793AF0D ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
23:44:09.0092 10300 intelppm - ok
23:44:09.0108 10300 [ 8FCA66234A0933D796BB780B7953BAB9 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
23:44:09.0108 10300 IpFilterDriver - ok
23:44:09.0155 10300 [ CAC5202757EF68C4849B0DFFA75F6D3C ] IpHlpSvc C:\WINDOWS\System32\iphlpsvc.dll
23:44:09.0155 10300 IpHlpSvc - ok
23:44:09.0170 10300 [ 6E98A046A12AA113F8898AA5D612BD6E ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
23:44:09.0186 10300 IPMIDRV - ok
23:44:09.0186 10300 [ 3969B9C218DD3FAA9F4ED2FFC3651C02 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
23:44:09.0202 10300 IPNAT - ok
23:44:09.0248 10300 [ 30228DC3268ADAA214B03A3948CA85BC ] IpOverUsbSvc C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\Bin\IpOverUsbSvc.exe
23:44:09.0248 10300 IpOverUsbSvc - ok
23:44:09.0248 10300 [ 25CD7C4BB2863FFC2B0B311F0AEBF77C ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
23:44:09.0248 10300 IRENUM - ok
23:44:09.0264 10300 [ D940C5BB9DC92E588533C19ABCC3D2C2 ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
23:44:09.0264 10300 isapnp - ok
23:44:09.0280 10300 [ 69C8BF0BC2B0EA10F130F4D3104DC2EF ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
23:44:09.0280 10300 iScsiPrt - ok
23:44:09.0327 10300 [ 5A9894E80575647DC77A7D1954B05CE7 ] jhi_service C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
23:44:09.0373 10300 jhi_service - ok
23:44:09.0420 10300 [ 8FBD94B69D6423E20ABCD59D86368B21 ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
23:44:09.0420 10300 kbdclass - ok
23:44:09.0436 10300 [ E88C932ABDF8185A62C8F2FC7B051FB6 ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
23:44:09.0436 10300 kbdhid - ok
23:44:09.0452 10300 [ FB6C185092E18011EF49989425C2AA87 ] kdnic C:\WINDOWS\system32\DRIVERS\kdnic.sys
23:44:09.0452 10300 kdnic - ok
23:44:09.0467 10300 [ F702AB6181513303AB0FC8D59E52708B ] KeyIso C:\WINDOWS\system32\lsass.exe
23:44:09.0467 10300 KeyIso - ok
23:44:09.0545 10300 [ 775C6D5D60146D7DB08A01CB596D7EC6 ] Kodak AiO Network Discovery Service C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe
23:44:09.0561 10300 Kodak AiO Network Discovery Service - ok
23:44:09.0592 10300 [ 17AFF68AB32F8671BC46612D35351099 ] Kodak AiO Status Monitor Service C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
23:44:09.0608 10300 Kodak AiO Status Monitor Service - ok
23:44:09.0639 10300 [ DFA480F6DED551464F3A5B959F437800 ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
23:44:09.0639 10300 KSecDD - ok
23:44:09.0670 10300 [ 127FB0AAD232BAAD2C9BBACD374F4FC5 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
23:44:09.0670 10300 KSecPkg - ok
23:44:09.0686 10300 [ 81492FEEBF2F26455B00EE8DBAE8A1B0 ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
23:44:09.0686 10300 ksthunk - ok
23:44:09.0717 10300 [ 5825DBACEDC3812B5CF8D40B997BF210 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
23:44:09.0733 10300 KtmRm - ok
23:44:09.0733 10300 [ 256EE31588257E8A555DBFAA13F1908E ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
23:44:09.0748 10300 LanmanServer - ok
23:44:09.0795 10300 [ 16650912BE5A94B40E0B3B4C39652B56 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
23:44:09.0795 10300 LanmanWorkstation - ok
23:44:09.0811 10300 [ CEEFD29FC551F289810B0B9381B321DC ] lltdio C:\WINDOWS\system32\DRIVERS\lltdio.sys
23:44:09.0811 10300 lltdio - ok
23:44:09.0827 10300 [ BCF53485E0A94722CDE3C4A93CD8EB8C ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
23:44:09.0842 10300 lltdsvc - ok
23:44:09.0842 10300 [ 5A2F7F1CBC2E631A497DAD16164E06D2 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
23:44:09.0858 10300 lmhosts - ok
23:44:09.0874 10300 [ F4A17DCAB576267C85663E64F3ACE5A4 ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
23:44:09.0874 10300 LMS - ok
23:44:09.0889 10300 [ 022CDD12161B063D7852B1075BF3FFF2 ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
23:44:09.0905 10300 LSI_SAS - ok
23:44:09.0936 10300 [ 07AD59D669B996F29F91817F0ECFA34F ] LSI_SAS2 C:\WINDOWS\system32\drivers\lsi_sas2.sys
23:44:09.0936 10300 LSI_SAS2 - ok
23:44:09.0952 10300 [ 216FB796AA4E252ACCE93B1BCB80B5EC ] LSI_SCSI C:\WINDOWS\system32\drivers\lsi_scsi.sys
23:44:09.0952 10300 LSI_SCSI - ok
23:44:09.0967 10300 [ 5E80530AF37102488EE980B4A92AF99F ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
23:44:09.0967 10300 LSI_SSS - ok
23:44:09.0999 10300 [ 8FEFDCEE40B75FD23B4BC60DA6576113 ] LSM C:\WINDOWS\System32\lsm.dll
23:44:09.0999 10300 LSM - ok
23:44:10.0014 10300 [ 2BDC5D711FA61307CE6190D47C956368 ] luafv C:\WINDOWS\system32\drivers\luafv.sys
23:44:10.0014 10300 luafv - ok
23:44:10.0045 10300 [ 31D72B6B06A4EA66A9A4B150B69567FF ] lunparser C:\WINDOWS\system32\drivers\lunparser.sys
23:44:10.0045 10300 lunparser - ok
23:44:10.0077 10300 [ 4448CCEA974F0B15A00EA33FCEDFC062 ] Mcx2Svc C:\WINDOWS\system32\Mcx2Svc.dll
23:44:10.0077 10300 Mcx2Svc - ok
23:44:10.0092 10300 [ 9B0D829C3BE4E7472DB9DD2B79908E3C ] megasas C:\WINDOWS\system32\drivers\megasas.sys
23:44:10.0092 10300 megasas - ok
23:44:10.0108 10300 [ ECC3F54C7AFC318271C4F0B4606D8DB0 ] MegaSR C:\WINDOWS\system32\drivers\MegaSR.sys
23:44:10.0124 10300 MegaSR - ok
23:44:10.0155 10300 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\WINDOWS\System32\drivers\HECIx64.sys
23:44:10.0155 10300 MEIx64 - ok
23:44:10.0202 10300 Microsoft SharePoint Workspace Audit Service - ok
23:44:10.0249 10300 [ EEE908BE7143FCA48CF0CB87214E2AB8 ] MMCSS C:\WINDOWS\system32\mmcss.dll
23:44:10.0249 10300 MMCSS - ok
23:44:10.0264 10300 [ 780098AD5DA8A4822E2563984C85EF7B ] Modem C:\WINDOWS\system32\drivers\modem.sys
23:44:10.0264 10300 Modem - ok
23:44:10.0264 10300 [ 83EB0BF7E6EBD5B1AAC97F9DBD5EB935 ] monitor C:\WINDOWS\system32\DRIVERS\monitor.sys
23:44:10.0264 10300 monitor - ok
23:44:10.0280 10300 [ 618446B98C79776654340CE27C73485E ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
23:44:10.0280 10300 mouclass - ok
23:44:10.0295 10300 [ CB2527B8B87D83E56FBF3944BBB6F606 ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
23:44:10.0295 10300 mouhid - ok
23:44:10.0311 10300 [ 89D263DBF08119CE16273991C120D6DD ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
23:44:10.0327 10300 mountmgr - ok
23:44:10.0358 10300 [ 0D1609DD82C7440F5D5BF21A9D4D5C0C ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
23:44:10.0358 10300 mpsdrv - ok
23:44:10.0436 10300 [ 3031573A739DBEE8923851929D0AF423 ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
23:44:10.0436 10300 MpsSvc - ok
23:44:10.0467 10300 [ 866AF645A3B1F4358C4201CE089839EA ] MQAC C:\WINDOWS\system32\drivers\mqac.sys
23:44:10.0467 10300 MQAC - ok
23:44:10.0499 10300 [ 3D70147F55F1EC84EB9139ED7FFE48BC ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
23:44:10.0499 10300 MRxDAV - ok
23:44:10.0514 10300 [ 877D60D6E4156EC4A2E0B6871D41BED9 ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
23:44:10.0514 10300 mrxsmb - ok
23:44:10.0561 10300 [ 06D5F2FA3C61E8EA91648EA8E9F99FD3 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
23:44:10.0561 10300 mrxsmb10 - ok
23:44:10.0592 10300 [ E078446D4B8622AA6030C7B8A1A08962 ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
23:44:10.0592 10300 mrxsmb20 - ok
23:44:10.0592 10300 [ 98487487D6B3797CA927E9D7B030AE13 ] MsBridge C:\WINDOWS\system32\DRIVERS\bridge.sys
23:44:10.0608 10300 MsBridge - ok
23:44:10.0624 10300 [ 4A07458EB4F17573BD39F22029A991C1 ] MSDTC C:\WINDOWS\System32\msdtc.exe
23:44:10.0639 10300 MSDTC - ok
23:44:10.0655 10300 [ 3886F1F2A4D2900ABAA7E4486BEEE6A2 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
23:44:10.0655 10300 Msfs - ok
23:44:10.0670 10300 [ C9BFB0353099B071E70299549C18C8AE ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
23:44:10.0686 10300 msgpiowin32 - ok
23:44:10.0702 10300 [ D3857A767B91A061B408CCAB02DA4F40 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
23:44:10.0702 10300 mshidkmdf - ok
23:44:10.0702 10300 [ 839B48910FB1E887635C48F3EC11A05E ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
23:44:10.0717 10300 mshidumdf - ok
23:44:10.0717 10300 [ 55C0DB741E3AB7463242B185B1C2997C ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
23:44:10.0717 10300 msisadrv - ok
23:44:10.0749 10300 [ 216C6B035A4BA5560E1255BD8E5BB89F ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
23:44:10.0749 10300 MSiSCSI - ok
23:44:10.0764 10300 msiserver - ok
23:44:10.0780 10300 [ 509809566E49F4411055864EA8D437CD ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
23:44:10.0780 10300 MSKSSRV - ok
23:44:10.0795 10300 [ 63145201D6458E4958E572E7D6FC2604 ] MsLldp C:\WINDOWS\system32\DRIVERS\mslldp.sys
23:44:10.0795 10300 MsLldp - ok
23:44:10.0811 10300 [ 80FF037D6184FFACB2740A50C7949D20 ] MSMQ C:\WINDOWS\system32\mqsvc.exe
23:44:10.0811 10300 MSMQ - ok
23:44:10.0827 10300 [ 99D526E803DB6D7FF290FD98B6204641 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
23:44:10.0827 10300 MSPCLOCK - ok
23:44:10.0842 10300 [ 06FA77C3E2A491ADCD704C5E73006269 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
23:44:10.0842 10300 MSPQM - ok
23:44:10.0858 10300 [ E134EC4DE11CF78CB01432D180710D84 ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
23:44:10.0858 10300 MsRPC - ok
23:44:10.0874 10300 [ B5AECF12F09DEE97C9FCAA5BA016CE1E ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
23:44:10.0874 10300 mssmbios - ok
23:44:10.0889 10300 [ 72D66A05E0F99F2528F6C6204FD22AA1 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
23:44:10.0889 10300 MSTEE - ok
23:44:10.0905 10300 [ 8AAAE399FC255FA105D4158CBA289001 ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
23:44:10.0905 10300 MTConfig - ok
23:44:10.0920 10300 [ 3BCB702F3E6CC622DCAFCAA45D7CDE0A ] Mup C:\WINDOWS\system32\Drivers\mup.sys
23:44:10.0920 10300 Mup - ok
23:44:10.0936 10300 [ 3A1E095277BBD406CEA8EA6B76950664 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
23:44:10.0936 10300 mvumis - ok
23:44:10.0983 10300 [ 4B18840511D720BA118D3017E8165875 ] napagent C:\WINDOWS\system32\qagentRT.dll
23:44:10.0983 10300 napagent - ok
23:44:10.0999 10300 [ 43D7388A90A4C6EA346A4D6FF0377479 ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
23:44:11.0014 10300 NativeWifiP - ok
23:44:11.0030 10300 [ 6A0C3996DA7DAE6D6939676D786EEEC4 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
23:44:11.0030 10300 NcaSvc - ok
23:44:11.0061 10300 [ C982FE4CC91DECE2259F494FCEB4030F ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
23:44:11.0061 10300 NcdAutoSetup - ok
23:44:11.0108 10300 [ 0F89AE618DBA5D8AB7A2DFCC375F4159 ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
23:44:11.0124 10300 NDIS - ok
23:44:11.0139 10300 [ 39C8A1D9D46F5E83A016BCAB72455284 ] NdisCap C:\WINDOWS\system32\DRIVERS\ndiscap.sys
23:44:11.0139 10300 NdisCap - ok
23:44:11.0155 10300 [ 762941932B7E4C588E48A577BA9D6440 ] NdisImPlatform C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
23:44:11.0155 10300 NdisImPlatform - ok
23:44:11.0202 10300 [ 7A6F8A6D0E01432EBA294EF29CDD0FA7 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
23:44:11.0202 10300 NdisTapi - ok
23:44:11.0217 10300 [ 79AB68BB3FFF974AD4F41FA559F4EC67 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
23:44:11.0217 10300 Ndisuio - ok
23:44:11.0217 10300 [ 62C7DBF4F9301F76CF87D4B9D8F57BF8 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
23:44:11.0233 10300 NdisWan - ok
23:44:11.0233 10300 [ 62C7DBF4F9301F76CF87D4B9D8F57BF8 ] NDISWANLEGACY C:\WINDOWS\system32\DRIVERS\ndiswan.sys
23:44:11.0233 10300 NDISWANLEGACY - ok
23:44:11.0249 10300 [ CE6EBC0AD38CC6482D8FBB744FF15CE2 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
23:44:11.0249 10300 NDProxy - ok
23:44:11.0264 10300 [ D3F60A4345FCA9C1BE68AD7D0D6DE770 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
23:44:11.0264 10300 Ndu - ok
23:44:11.0311 10300 [ 181F23B0B9E5A003E3E4538EE252F870 ] NeroMediaHomeService.4 C:\Program Files (x86)\Nero\Nero MediaHome 4\NMMediaServerService.exe
23:44:11.0327 10300 NeroMediaHomeService.4 - ok
23:44:11.0327 10300 [ 7C203A76394F9AE68F69EEE5F9612C4A ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
23:44:11.0342 10300 NetBIOS - ok
23:44:11.0358 10300 [ 7CEC25C682D319D484630B3952C31A11 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
23:44:11.0358 10300 NetBT - ok
23:44:11.0374 10300 [ F702AB6181513303AB0FC8D59E52708B ] Netlogon C:\WINDOWS\system32\lsass.exe
23:44:11.0374 10300 Netlogon - ok
23:44:11.0420 10300 [ 89519D29CBEC2121CA65CC29C4D345E0 ] Netman C:\WINDOWS\System32\netman.dll
23:44:11.0420 10300 Netman - ok
23:44:11.0483 10300 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetMsmqActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:44:11.0483 10300 NetMsmqActivator - ok
23:44:11.0499 10300 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetPipeActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:44:11.0499 10300 NetPipeActivator - ok
23:44:11.0514 10300 [ 20F6FD63E6D456114BC8056D62792786 ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
23:44:11.0514 10300 netprofm - ok
23:44:11.0592 10300 [ 06C59F7859970C445F09E233D607FA4C ] netr28x C:\WINDOWS\system32\DRIVERS\netr28x.sys
23:44:11.0624 10300 netr28x - ok
23:44:11.0639 10300 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:44:11.0639 10300 NetTcpActivator - ok
23:44:11.0639 10300 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:44:11.0639 10300 NetTcpPortSharing - ok
23:44:11.0671 10300 [ 12DD2800E4EEA37DC9AE256AD62423B4 ] nfrd960 C:\WINDOWS\system32\drivers\nfrd960.sys
23:44:11.0686 10300 nfrd960 - ok
23:44:11.0717 10300 [ 80ABCD4C2DE9FD832477303AE0CA3BE5 ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
23:44:11.0717 10300 NlaSvc - ok
23:44:11.0733 10300 [ 17E19A742FB30C002F8B43575451DBE1 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
23:44:11.0733 10300 Npfs - ok
23:44:11.0749 10300 [ 8ED299C30792544264E558BEA79F0947 ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
23:44:11.0749 10300 npsvctrig - ok
23:44:11.0749 10300 [ 832B5FDF0B5577713FD7F2465FCD0ACE ] nsi C:\WINDOWS\system32\nsisvc.dll
23:44:11.0749 10300 nsi - ok
23:44:11.0780 10300 [ 689B3B1E95C70ABF7AFF29F9406EF1E0 ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
23:44:11.0780 10300 nsiproxy - ok
23:44:11.0827 10300 [ 4A7EEA9C4AD5CBFDA3C0E5B821C99CAD ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
23:44:11.0858 10300 Ntfs - ok
23:44:11.0889 10300 [ 4163ADE07DB51843AE31F65B94F5398D ] Null C:\WINDOWS\system32\drivers\Null.sys
23:44:11.0889 10300 Null - ok
23:44:11.0921 10300 [ 1F07B814C0BB5AABA703ABFF1F31F2E8 ] NVHDA C:\WINDOWS\system32\drivers\nvhda64v.sys
23:44:11.0936 10300 NVHDA - ok
23:44:12.0155 10300 [ 300DF34139C87F3AC18E794E44F98A97 ] nvlddmkm C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
23:44:12.0311 10300 nvlddmkm - ok
23:44:12.0342 10300 [ D6D34118263412D3AAA8348A9572B7F2 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
23:44:12.0358 10300 nvraid - ok
23:44:12.0358 10300 [ 27AFC428D1D32ABD04A86763A4EDDEA9 ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
23:44:12.0358 10300 nvstor - ok
23:44:12.0389 10300 [ 97F0C8B5DCFB5A4FA73EED6366F008D8 ] nvsvc C:\Windows\system32\nvvsvc.exe
23:44:12.0405 10300 nvsvc - ok
23:44:12.0436 10300 [ 84E035225474E48CD3A6A3CE52332095 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
23:44:12.0452 10300 nvUpdatusService - ok
23:44:12.0467 10300 [ 051CFB5107BAAE510419BDC41F8C4036 ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys
23:44:12.0467 10300 nv_agp - ok
23:44:12.0530 10300 [ 5E75CA03513BF7563F9A6AFCBDC47AC2 ] oizyrikx C:\WINDOWS\system32\drivers\oizyrikx.sys
23:44:12.0530 10300 oizyrikx - ok
23:44:12.0561 10300 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:44:12.0561 10300 ose - ok
23:44:12.0733 10300 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
23:44:12.0811 10300 osppsvc - ok
23:44:12.0858 10300 [ AB76700D764A342D7475FB8F47CAB18C ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
23:44:12.0858 10300 p2pimsvc - ok
23:44:12.0874 10300 [ 4319FD931DCD796435ECB5DB4A04FBA5 ] p2psvc C:\WINDOWS\system32\p2psvc.dll
23:44:12.0874 10300 p2psvc - ok
23:44:12.0905 10300 [ 4563DAF8C6A740AD7F501E219BD10766 ] Parport C:\WINDOWS\System32\drivers\parport.sys
23:44:12.0905 10300 Parport - ok
23:44:12.0921 10300 [ C1D7BA7F0DE487DFEEB51BF8D3EC5562 ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
23:44:12.0921 10300 partmgr - ok
23:44:12.0936 10300 [ 669F3484C9BD577ADBD5EBE09C3FF57E ] passthruparser C:\WINDOWS\system32\drivers\passthruparser.sys
23:44:12.0952 10300 passthruparser - ok
23:44:12.0999 10300 [ 4811D9EC53649105A5A8BEA661B0F936 ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
23:44:12.0999 10300 PcaSvc - ok
23:44:13.0014 10300 [ 4A003E8F718C1E6A2050CA98CD53E3E2 ] pci C:\WINDOWS\system32\drivers\pci.sys
23:44:13.0014 10300 pci - ok
23:44:13.0046 10300 [ F9908D274D458220F91E89B54D78D837 ] pciide C:\WINDOWS\system32\drivers\pciide.sys
23:44:13.0046 10300 pciide - ok
23:44:13.0077 10300 [ 84D19CB6102627932DCB5DFDF89FE269 ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
23:44:13.0077 10300 pcmcia - ok
23:44:13.0093 10300 [ CEBBAD5391C2644560C55628A40BFD27 ] pcw C:\WINDOWS\system32\drivers\pcw.sys
23:44:13.0093 10300 pcw - ok
23:44:13.0124 10300 [ EF9B4F3136B4C45F421ADE6871659FB6 ] pdc C:\WINDOWS\system32\drivers\pdc.sys
23:44:13.0124 10300 pdc - ok
23:44:13.0139 10300 pdfcDispatcher - ok
23:44:13.0155 10300 [ 70DBB6A8B52B3830922F1C5789E1BEEB ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
23:44:13.0171 10300 PEAUTH - ok
23:44:13.0202 10300 [ DF0D9BDCB600913F40FF125BF8CE1979 ] PeerDistSvc C:\WINDOWS\system32\peerdistsvc.dll
23:44:13.0249 10300 PeerDistSvc - ok
23:44:13.0343 10300 [ EB88FA19F0EA05DD04BE9C5FFEEFFE1A ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
23:44:13.0343 10300 PerfHost - ok
23:44:13.0374 10300 [ 6E84BFF58F7643499277F29DFA2F8C8D ] pla C:\WINDOWS\system32\pla.dll
23:44:13.0405 10300 pla - ok
23:44:13.0452 10300 [ 799BE46D45D486704CE0F37CA5385262 ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
23:44:13.0452 10300 PlugPlay - ok
23:44:13.0468 10300 [ 0BEE791C7C7ACE453C134E73633C497D ] pmxdrv C:\Windows\system32\drivers\pmxdrv.sys
23:44:13.0483 10300 pmxdrv - ok
23:44:13.0514 10300 [ 8E2414E818C26C4A9C70CB2B8567F04F ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
23:44:13.0514 10300 PNRPAutoReg - ok
23:44:13.0546 10300 [ AB76700D764A342D7475FB8F47CAB18C ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
23:44:13.0546 10300 PNRPsvc - ok
23:44:13.0577 10300 [ 0108C8E5176D590F242701EF5A62CC26 ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
23:44:13.0593 10300 PolicyAgent - ok
23:44:13.0639 10300 [ F1E067F56373F11EA4B785CAE823740A ] Power C:\WINDOWS\system32\umpo.dll
23:44:13.0639 10300 Power - ok
23:44:13.0655 10300 [ 362D47E5B4D67270DE4B8606036F4ADD ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
23:44:13.0655 10300 PptpMiniport - ok
23:44:13.0749 10300 [ C2D3B3D0060619D5E03E696BD56FF59F ] PrintNotify C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll
23:44:13.0889 10300 PrintNotify - ok
23:44:13.0905 10300 [ DD979EB6A7212F60E4AFBE96EDC7AE6D ] Processor C:\WINDOWS\System32\drivers\processr.sys
23:44:13.0921 10300 Processor - ok
23:44:13.0921 10300 [ 429E8502AD2227CF88F8840FC5BD590D ] ProfSvc C:\WINDOWS\system32\profsvc.dll
23:44:13.0936 10300 ProfSvc - ok
23:44:13.0968 10300 [ EB8034147D4820CD31BFCB11A2A652DF ] Psched C:\WINDOWS\system32\DRIVERS\pacer.sys
23:44:13.0968 10300 Psched - ok
23:44:14.0015 10300 [ 0AFBF333B6F87A2F598EAB379AF100B8 ] QWAVE C:\WINDOWS\system32\qwave.dll
23:44:14.0015 10300 QWAVE - ok
23:44:14.0030 10300 [ 13D47BB0CCA2FC51BD15F8E85C6A078E ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
23:44:14.0030 10300 QWAVEdrv - ok
23:44:14.0061 10300 [ 873C60F8178100557740A832FCE10B5F ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
23:44:14.0061 10300 RasAcd - ok
23:44:14.0093 10300 [ 69B93F623B130976243ECA3D84CC99CA ] RasAgileVpn C:\WINDOWS\system32\DRIVERS\AgileVpn.sys
23:44:14.0093 10300 RasAgileVpn - ok
23:44:14.0108 10300 [ 005F6E54C4A2DA4EBF68FB0392CE8BB0 ] RasAuto C:\WINDOWS\System32\rasauto.dll
23:44:14.0108 10300 RasAuto - ok
23:44:14.0124 10300 [ A14D625C5AEE5FFE0F47D1A1D419FAAE ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
23:44:14.0124 10300 Rasl2tp - ok
23:44:14.0155 10300 [ C923C785A2DE0B396AD6D13ACAFF2DE9 ] RasMan C:\WINDOWS\System32\rasmans.dll
23:44:14.0171 10300 RasMan - ok
23:44:14.0171 10300 [ 00695B9C2DB6111064499C529E90C042 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
23:44:14.0186 10300 RasPppoe - ok
23:44:14.0186 10300 [ A7F24D8CD1956B0A1FDCB86CC5114DE4 ] RasSstp C:\WINDOWS\system32\DRIVERS\rassstp.sys
23:44:14.0186 10300 RasSstp - ok
23:44:14.0202 10300 [ B72C33DBD5326B3864CF2091AF8B906B ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
23:44:14.0202 10300 rdbss - ok
23:44:14.0218 10300 [ CA7DF5EC95D8DE0DD24BE7FF97369F68 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
23:44:14.0218 10300 rdpbus - ok
23:44:14.0233 10300 [ B2A3AD74FF2E2FFA73AF2567108231B3 ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
23:44:14.0233 10300 RDPDR - ok
23:44:14.0265 10300 [ 57F4787E4602A3FCA719C0A33137C6DA ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
23:44:14.0265 10300 RdpVideoMiniport - ok
23:44:14.0280 10300 [ B3CB0721E81E30419CE7D837EF4EA151 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
23:44:14.0296 10300 RDPWD - ok
23:44:14.0311 10300 [ 62C1F8A0685FE07E998AA296C4F697C4 ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
23:44:14.0311 10300 rdyboost - ok
23:44:14.0358 10300 [ 3663CCF243EE0C04E9F6F91ED1737273 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
23:44:14.0358 10300 RemoteAccess - ok
23:44:14.0390 10300 [ E80DD61E52EDFFF9DA1ED7260A68855B ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
23:44:14.0390 10300 RemoteRegistry - ok
23:44:14.0436 10300 [ 73F2E030B5C24E4E41401B5F0D59E6FD ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
23:44:14.0436 10300 RpcEptMapper - ok
23:44:14.0483 10300 [ 10B21284B3D964AB3DC45490E57D422E ] RpcLocator C:\WINDOWS\system32\locator.exe
23:44:14.0483 10300 RpcLocator - ok
23:44:14.0515 10300 [ 1EC6E533C954BDDF2A37E7851A7E58FD ] RpcSs C:\WINDOWS\system32\rpcss.dll
23:44:14.0515 10300 RpcSs - ok
23:44:14.0530 10300 [ E04E770DD198B9399640717145E79EBF ] rspndr C:\WINDOWS\system32\DRIVERS\rspndr.sys
23:44:14.0546 10300 rspndr - ok
23:44:14.0577 10300 [ 7D9DA8EC6784A9EE213C676709D46BE6 ] RTL8168 C:\WINDOWS\system32\DRIVERS\Rt630x64.sys
23:44:14.0593 10300 RTL8168 - ok
23:44:14.0608 10300 [ 752EC7DCD2F96871A3857EEE6AFE965A ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
23:44:14.0608 10300 s3cap - ok
23:44:14.0624 10300 [ F702AB6181513303AB0FC8D59E52708B ] SamSs C:\WINDOWS\system32\lsass.exe
23:44:14.0624 10300 SamSs - ok
23:44:14.0640 10300 [ 9C7B28CE0D136DB226E24DB3BC817F92 ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
23:44:14.0640 10300 sbp2port - ok
23:44:14.0671 10300 [ 14316954FCE79C9DE5A0AFF9D42C83AA ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
23:44:14.0671 10300 SCardSvr - ok
23:44:14.0686 10300 [ 5D7733A12756B267FCA021672B26BC9E ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
23:44:14.0686 10300 scfilter - ok
23:44:14.0718 10300 [ EDCDF4DB82EF825B94B190D544C8C58B ] Schedule C:\WINDOWS\system32\schedsvc.dll
23:44:14.0749 10300 Schedule - ok
23:44:14.0796 10300 [ BAF8F0F55BC300E5F882E521F054E345 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
23:44:14.0796 10300 SCPolicySvc - ok
23:44:14.0827 10300 [ 66E29CADF9FF6C8325C356BDD617F7EA ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
23:44:14.0827 10300 sdbus - ok
23:44:14.0858 10300 [ 92968277ED491E4B3DDA361E3952361E ] SDRSVC C:\WINDOWS\System32\SDRSVC.dll
23:44:14.0858 10300 SDRSVC - ok
23:44:14.0890 10300 [ BB107AA9980B0DA4E19A3A90C3BD4460 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
23:44:14.0890 10300 sdstor - ok
23:44:14.0905 10300 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\WINDOWS\system32\drivers\secdrv.sys
23:44:14.0905 10300 secdrv - ok
23:44:14.0936 10300 [ CD282626738B6BC92B6E7CD0AAE95B63 ] seclogon C:\WINDOWS\system32\seclogon.dll
23:44:14.0936 10300 seclogon - ok
23:44:14.0983 10300 [ 9C51620998F0763039DFA6BF68E475ED ] SENS C:\WINDOWS\System32\sens.dll
23:44:14.0983 10300 SENS - ok
23:44:15.0015 10300 [ DDA4CAF29D8C0A297F886BFE561E6659 ] SensorsSimulatorDriver C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
23:44:15.0030 10300 SensorsSimulatorDriver - ok
23:44:15.0030 10300 [ 0D50B4B860DAB65241628D04CD33ACAE ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
23:44:15.0046 10300 SensrSvc - ok
23:44:15.0046 10300 [ 87C46B239A7EEF30FDFDD5E9BD46130C ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
23:44:15.0046 10300 SerCx - ok
23:44:15.0077 10300 [ 7A1F9347C85FD55E39B8A76B3A25C5AD ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
23:44:15.0077 10300 Serenum - ok
23:44:15.0093 10300 [ F640A0A218BBF857F1D04A15D7D939F6 ] Serial C:\WINDOWS\System32\drivers\serial.sys
23:44:15.0093 10300 Serial - ok
23:44:15.0108 10300 [ F1A5F56B2620B862CC28FF96A0A6DAAB ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
23:44:15.0108 10300 sermouse - ok
23:44:15.0155 10300 [ CB60A60340788C8D6DE2A269D28086AB ] SessionEnv C:\WINDOWS\system32\sessenv.dll
23:44:15.0155 10300 SessionEnv - ok
23:44:15.0171 10300 [ 7EE65419B29302C795714FF8073969A1 ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
23:44:15.0171 10300 sfloppy - ok
23:44:15.0233 10300 [ 090AE16F79C8EAD04E6031F863DA85F3 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
23:44:15.0233 10300 SharedAccess - ok
23:44:15.0249 10300 [ A77F3ABE13FCC698511E5DEC7ACEBD5F ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
23:44:15.0265 10300 ShellHWDetection - ok
23:44:15.0296 10300 [ 2560721D6F16D5B611C36A3A9D28C1B2 ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
23:44:15.0296 10300 SiSRaid2 - ok
23:44:15.0311 10300 [ 3AA8FDE1DBF65BB8B88B053529554A0D ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
23:44:15.0327 10300 SiSRaid4 - ok
23:44:15.0343 10300 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
23:44:15.0343 10300 SkypeUpdate - ok
23:44:15.0374 10300 [ E660156A4588A84305CB772FD2C0DB21 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
23:44:15.0390 10300 SNMPTRAP - ok
23:44:15.0405 10300 [ 465F3C355CE5ED2779B8F460F14C5A78 ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
23:44:15.0405 10300 spaceport - ok
23:44:15.0421 10300 [ 3D8679C8DF52EB26EB7583A4E0A29202 ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
23:44:15.0421 10300 SpbCx - ok
23:44:15.0452 10300 [ 3F215BF2D4D8D6756298B25B579772C2 ] Spooler C:\WINDOWS\System32\spoolsv.exe
23:44:15.0468 10300 Spooler - ok
23:44:15.0577 10300 [ EC84D961501054F87A6878EC5D53388F ] sppsvc C:\WINDOWS\system32\sppsvc.exe
23:44:15.0655 10300 sppsvc - ok
23:44:15.0671 10300 [ 0F1FCD575A03ABDE13FCA9D0ADE4DDA6 ] srv C:\WINDOWS\system32\DRIVERS\srv.sys
23:44:15.0671 10300 srv - ok
23:44:15.0718 10300 [ C2106BB710AA34A046126AED7BCA6964 ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
23:44:15.0733 10300 srv2 - ok
23:44:15.0749 10300 [ 9400C71F5A1A380B494B6922F007D485 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
23:44:15.0749 10300 srvnet - ok
23:44:15.0796 10300 [ 7A20882D76D4A78240A5AC9F2C2EBA21 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
23:44:15.0796 10300 SSDPSRV - ok
23:44:15.0827 10300 [ D233B16999A8E626F6004BD7814C57EC ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
23:44:15.0827 10300 SstpSvc - ok
23:44:15.0843 10300 [ 4E85355B94CFCB67C135F6521A4895A7 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
23:44:15.0843 10300 stexstor - ok
23:44:15.0905 10300 [ BAC8A721736AECC55A4F71523AEAB65F ] stisvc C:\WINDOWS\System32\wiaservc.dll
23:44:15.0921 10300 stisvc - ok
23:44:15.0936 10300 [ C588BBD37B432CE3204E5765B459E6B2 ] storahci C:\WINDOWS\system32\drivers\storahci.sys
23:44:15.0936 10300 storahci - ok
23:44:15.0952 10300 [ F74DBC95A57B1EE866D3732EB5F79BE2 ] storflt C:\WINDOWS\system32\DRIVERS\vmstorfl.sys
23:44:15.0952 10300 storflt - ok
23:44:15.0968 10300 [ 5337E138B49ED1F44CCBA4073BC35C20 ] StorSvc C:\WINDOWS\system32\storsvc.dll
23:44:15.0968 10300 StorSvc - ok
23:44:15.0983 10300 [ 543CD3CC0E05B8D8815E0D4F040B6F59 ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
23:44:15.0983 10300 storvsc - ok
23:44:16.0015 10300 [ 1A36AC469140F87CDE62D7F8524E270C ] storvsp C:\WINDOWS\System32\drivers\storvsp.sys
23:44:16.0030 10300 storvsp - ok
23:44:16.0046 10300 [ 8BC1C1ED6EF9C985A3FAA6A72F41679A ] svsvc C:\WINDOWS\system32\svsvc.dll
23:44:16.0046 10300 svsvc - ok
23:44:16.0061 10300 [ 4AFD66AAE74FFB5986BC240744DC5FC9 ] swenum C:\WINDOWS\System32\drivers\swenum.sys
23:44:16.0061 10300 swenum - ok
23:44:16.0108 10300 [ 502F9488540051F3E6C39889ECFA76BB ] swprv C:\WINDOWS\System32\swprv.dll
23:44:16.0108 10300 swprv - ok
23:44:16.0171 10300 [ DC21E1F06343773D7E24362DCEF7944B ] SysMain C:\WINDOWS\system32\sysmain.dll
23:44:16.0202 10300 SysMain - ok
23:44:16.0249 10300 [ E219BF7BCCFE4881B0C053C7E0B47ECC ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
23:44:16.0249 10300 SystemEventsBroker - ok
23:44:16.0265 10300 [ A6C06C45C44AD06C70AF8899AEC15BDC ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
23:44:16.0265 10300 TabletInputService - ok
23:44:16.0296 10300 [ B70DF208E97536CA9F29289E609F5B16 ] taphss C:\WINDOWS\system32\DRIVERS\taphss.sys
23:44:16.0296 10300 taphss - ok
23:44:16.0311 10300 [ 88B7721AB551C4325036B25A34A2BF7B ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
23:44:16.0327 10300 TapiSrv - ok
23:44:16.0390 10300 [ 1D644E2D0FC395A055AB1C23C3B43631 ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
23:44:16.0421 10300 Tcpip - ok
23:44:16.0468 10300 [ 1D644E2D0FC395A055AB1C23C3B43631 ] TCPIP6 C:\WINDOWS\system32\DRIVERS\tcpip.sys
23:44:16.0483 10300 TCPIP6 - ok
23:44:16.0499 10300 [ 8F2A13A5DF99D72FDDE87F502A66F989 ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
23:44:16.0515 10300 tcpipreg - ok
23:44:16.0515 10300 [ 73DC722CE5DF26D7638CE2446F2655C7 ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
23:44:16.0530 10300 tdx - ok
23:44:16.0546 10300 [ F7C8AB5D8AFFAA318D6A21093D139BF4 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
23:44:16.0546 10300 terminpt - ok
23:44:16.0562 10300 [ 541EE228D0DEF392F7B2DFD885DD021B ] TermService C:\WINDOWS\System32\termsrv.dll
23:44:16.0577 10300 TermService - ok
23:44:16.0577 10300 [ 519A6F672FFF56B7D8EE8C730CEC8ECD ] Themes C:\WINDOWS\system32\themeservice.dll
23:44:16.0593 10300 Themes - ok
23:44:16.0593 10300 [ EEE908BE7143FCA48CF0CB87214E2AB8 ] THREADORDER C:\WINDOWS\system32\mmcss.dll
23:44:16.0593 10300 THREADORDER - ok
23:44:16.0624 10300 [ FF4135424A79DCC2998276D8E39C9B4D ] TimeBroker C:\WINDOWS\System32\TimeBrokerServer.dll
23:44:16.0624 10300 TimeBroker - ok
23:44:16.0655 10300 [ B44EFE254C0B3719E4037088D24FE4B5 ] TPM C:\WINDOWS\system32\drivers\tpm.sys
23:44:16.0671 10300 TPM - ok
23:44:16.0702 10300 [ 8C8CF3041B27E7657ADD0EE17F6DBFCA ] TrkWks C:\WINDOWS\System32\trkwks.dll
23:44:16.0718 10300 TrkWks - ok
23:44:16.0780 10300 [ 8D516AEF3C1DF980664CF17BB1FF6093 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
23:44:16.0780 10300 TrustedInstaller - ok
23:44:16.0796 10300 [ 4E7C5FB10A50435523DE0CAA37DE2BD3 ] TsUsbFlt C:\WINDOWS\system32\drivers\tsusbflt.sys
23:44:16.0796 10300 TsUsbFlt - ok
23:44:16.0812 10300 [ 16D684A820872EE54F6370703AC0B513 ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
23:44:16.0812 10300 TsUsbGD - ok
23:44:16.0827 10300 [ 78C9EE193AC2B4CBDBC48B620314D740 ] tunnel C:\WINDOWS\system32\DRIVERS\tunnel.sys
23:44:16.0827 10300 tunnel - ok
23:44:16.0858 10300 [ 6D4F67CA56ACA2085DFA2CD89EAFBC1A ] uagp35 C:\WINDOWS\system32\drivers\uagp35.sys
23:44:16.0874 10300 uagp35 - ok
23:44:16.0874 10300 [ 6FD6D03B7752C78712E5CFF29A305026 ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
23:44:16.0890 10300 UASPStor - ok
23:44:16.0905 10300 [ 1ED222DFE6C13DA50FE081ABF90CAFE1 ] UCX01000 C:\WINDOWS\System32\drivers\ucx01000.sys
23:44:16.0905 10300 UCX01000 - ok
23:44:16.0921 10300 [ DC5A461591C71AF7F19DC048A81E3F88 ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
23:44:16.0921 10300 udfs - ok
23:44:16.0952 10300 [ FB3475FEA1CCB0DAEA1EBE44D0E3BB7D ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe
23:44:16.0952 10300 UI0Detect - ok
23:44:16.0968 10300 [ 07FEBCDF24FABA0D47B635D85A0FFB7A ] uliagpkx C:\WINDOWS\system32\drivers\uliagpkx.sys
23:44:16.0983 10300 uliagpkx - ok
23:44:16.0999 10300 [ 02CEB3FE6152668A7BA420B93B664860 ] umbus C:\WINDOWS\System32\drivers\umbus.sys
23:44:16.0999 10300 umbus - ok
23:44:17.0015 10300 [ 991EE6B5FC41EAEF99C8AF5B92F2CA09 ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
23:44:17.0015 10300 UmPass - ok
23:44:17.0062 10300 [ 43FEFB040A0CC30F795FBF544169594D ] UmRdpService C:\WINDOWS\System32\umrdp.dll
23:44:17.0062 10300 UmRdpService - ok
23:44:17.0124 10300 [ DB641944F7E4B14C13C3FEFC89843F69 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
23:44:17.0187 10300 UNS - ok
23:44:17.0218 10300 [ 14D22C411854AA2560AFC94CD2D5E61F ] upnphost C:\WINDOWS\System32\upnphost.dll
23:44:17.0218 10300 upnphost - ok
23:44:17.0249 10300 [ 3FBE0784E42E7BA93FCC5201D2BAFE23 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
23:44:17.0249 10300 usbaudio - ok
23:44:17.0265 10300 [ 2AF9F0E16D75B8F783A1ACE74EF51C9B ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
23:44:17.0265 10300 usbccgp - ok
23:44:17.0296 10300 [ B395B62B62F28106218FA6FB17F4C797 ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
23:44:17.0296 10300 usbcir - ok
23:44:17.0343 10300 [ 52F267AEE8CA5AA5CEB88C6A71EE1E86 ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
23:44:17.0343 10300 usbehci - ok
23:44:17.0359 10300 [ FBB6794E3BBAD92D66D59D206C1F849F ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
23:44:17.0359 10300 usbhub - ok
23:44:17.0390 10300 [ B7A948501424805571BF562BB0BFE31D ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
23:44:17.0390 10300 USBHUB3 - ok
23:44:17.0405 10300 [ 325F6179009B5A7F6118951A5BA422AB ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
23:44:17.0405 10300 usbohci - ok
23:44:17.0421 10300 [ BA3ABE0CD1C14B3295BAD0F076B84CAC ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
23:44:17.0421 10300 usbprint - ok
23:44:17.0452 10300 [ A9858597B6DB695F78A37F6755A6FF98 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
23:44:17.0452 10300 usbscan - ok
23:44:17.0468 10300 [ F77177F6C95B2116EE7AD23B5EF57007 ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
23:44:17.0468 10300 USBSTOR - ok
23:44:17.0484 10300 [ D25EF4A6EC244C5DE85D88A05B7C149D ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
23:44:17.0499 10300 usbuhci - ok
23:44:17.0515 10300 [ 9CD4259AD15F84DE27B94A956C978D6C ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
23:44:17.0515 10300 USBXHCI - ok
23:44:17.0531 10300 [ F702AB6181513303AB0FC8D59E52708B ] VaultSvc C:\WINDOWS\system32\lsass.exe
23:44:17.0531 10300 VaultSvc - ok
23:44:17.0546 10300 [ BACECBFF9C97F7627A60B0E0F1FE7EE8 ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
23:44:17.0546 10300 vdrvroot - ok
23:44:17.0577 10300 [ 8A8CDA9E3CF2E0B4C6CC19FBC6FB9A71 ] vds C:\WINDOWS\System32\vds.exe
23:44:17.0593 10300 vds - ok
23:44:17.0593 10300 [ 74FA2D4368DE6F6CE14393EDF1F342BE ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys
23:44:17.0593 10300 VerifierExt - ok
23:44:17.0624 10300 [ 8628FA679F0EC4B709CCD1F6B6A3233B ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys
23:44:17.0624 10300 vhdmp - ok
23:44:17.0640 10300 [ B8208289D29E884DB0DCB94E8EADAC2C ] vhdparser C:\WINDOWS\system32\drivers\vhdparser.sys
23:44:17.0640 10300 vhdparser - ok
23:44:17.0656 10300 [ F5B4A14B00E89250C50982AC762DDD1D ] viaide C:\WINDOWS\system32\drivers\viaide.sys
23:44:17.0656 10300 viaide - ok
23:44:17.0687 10300 [ 0E43886F01C85B47BA0A3157274BCF59 ] Vid C:\WINDOWS\System32\drivers\Vid.sys
23:44:17.0702 10300 Vid - ok
23:44:17.0749 10300 [ 466BBCA3EF8D7D878B87543533590C97 ] VIPAppService C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe
23:44:17.0843 10300 VIPAppService - ok
23:44:17.0859 10300 [ 78DB50F7329F6D1311658DABFFFC8BE0 ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
23:44:17.0859 10300 vmbus - ok
23:44:17.0874 10300 [ ECFEE2F2BA3932C7880D1A8F67D68F91 ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys
23:44:17.0874 10300 VMBusHID - ok
23:44:17.0890 10300 [ B4F432A51826FFC66F4DF72A83E8E4B1 ] vmbusr C:\WINDOWS\System32\drivers\vmbusr.sys
23:44:17.0906 10300 vmbusr - ok
23:44:17.0937 10300 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicheartbeat C:\WINDOWS\System32\ICSvc.dll
23:44:17.0937 10300 vmicheartbeat - ok
23:44:17.0952 10300 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
23:44:17.0952 10300 vmickvpexchange - ok
23:44:17.0952 10300 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicrdv C:\WINDOWS\System32\ICSvc.dll
23:44:17.0952 10300 vmicrdv - ok
23:44:17.0952 10300 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicshutdown C:\WINDOWS\System32\ICSvc.dll
23:44:17.0952 10300 vmicshutdown - ok
23:44:17.0968 10300 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmictimesync C:\WINDOWS\System32\ICSvc.dll
23:44:17.0968 10300 vmictimesync - ok
23:44:17.0968 10300 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicvss C:\WINDOWS\System32\ICSvc.dll
23:44:17.0968 10300 vmicvss - ok
23:44:17.0999 10300 [ FAB01A7E30C5C136DC44470DF6EA58D0 ] vmm C:\WINDOWS\system32\Drivers\vmm.sys
23:44:17.0999 10300 vmm - ok
23:44:18.0202 10300 [ D170C9A3EB1F2140A642B53F707BB966 ] vmms C:\WINDOWS\system32\vmms.exe
23:44:18.0390 10300 vmms - ok
23:44:18.0437 10300 [ 0FA41E14129678B7C355C68C723054FC ] VMSMP C:\WINDOWS\system32\DRIVERS\vmswitch.sys
23:44:18.0484 10300 VMSMP - ok
23:44:18.0499 10300 [ 0FA41E14129678B7C355C68C723054FC ] VMSP C:\WINDOWS\system32\DRIVERS\vmswitch.sys
23:44:18.0499 10300 VMSP - ok
23:44:18.0499 10300 [ 0FA41E14129678B7C355C68C723054FC ] VMSVSP C:\WINDOWS\system32\DRIVERS\vmswitch.sys
23:44:18.0499 10300 VMSVSP - ok
23:44:18.0515 10300 [ CB60FAAED8B49B812EBBF77EB87D9B18 ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
23:44:18.0515 10300 volmgr - ok
23:44:18.0546 10300 [ A74101DA9809251BCD0E5A26BAE0F824 ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
23:44:18.0546 10300 volmgrx - ok
23:44:18.0562 10300 [ 2FB3CDFD5EAF4CD9D4AFAF96877D13AE ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
23:44:18.0562 10300 volsnap - ok
23:44:18.0593 10300 [ A8DA1C1B52ECEA3726DEBED4FF1B700D ] vpci C:\WINDOWS\System32\drivers\vpci.sys
23:44:18.0593 10300 vpci - ok
23:44:18.0609 10300 [ 0190AFFF28F600461C0164353CC7EE27 ] vpcivsp C:\WINDOWS\System32\drivers\vpcivsp.sys
23:44:18.0624 10300 vpcivsp - ok
23:44:18.0640 10300 [ 38A60CD9C009C55C6D3B5586F8E6A353 ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
23:44:18.0640 10300 vsmraid - ok
23:44:18.0671 10300 [ EA658570314042C914964FC72AB50E6B ] VSS C:\WINDOWS\system32\vssvc.exe
23:44:18.0703 10300 VSS - ok
23:44:18.0718 10300 [ A0F6FE0FC2F647C22BBFD6BD4249DBCC ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys
23:44:18.0718 10300 VSTXRAID - ok
23:44:18.0734 10300 [ 62460A45435A26A334907E3F2EA45611 ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys
23:44:18.0749 10300 vwifibus - ok
23:44:18.0749 10300 [ 095E943D27025E4D588AF0A72CC2318F ] vwififlt C:\WINDOWS\system32\DRIVERS\vwififlt.sys
23:44:18.0749 10300 vwififlt - ok
23:44:18.0765 10300 [ 73FA1A41A97A5C34ADC03B3577FF1A86 ] vwifimp C:\WINDOWS\system32\DRIVERS\vwifimp.sys
23:44:18.0765 10300 vwifimp - ok
23:44:18.0812 10300 [ F690B6EEAA94576727B24376D7ED3601 ] W32Time C:\WINDOWS\system32\w32time.dll
23:44:18.0812 10300 W32Time - ok
23:44:18.0874 10300 [ 901CC968412F8155B08D7ABE0171166A ] W3SVC C:\WINDOWS\system32\inetsrv\iisw3adm.dll
23:44:18.0874 10300 W3SVC - ok
23:44:18.0890 10300 [ 6B806E893714019969E2B50D7EF6A4D9 ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys
23:44:18.0890 10300 WacomPen - ok
23:44:18.0937 10300 [ 6081CEC9EF9EB145D8B46655C7708D51 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
23:44:18.0937 10300 Wanarp - ok
23:44:18.0937 10300 [ 6081CEC9EF9EB145D8B46655C7708D51 ] Wanarpv6 C:\WINDOWS\system32\DRIVERS\wanarp.sys
23:44:18.0937 10300 Wanarpv6 - ok
23:44:18.0953 10300 [ 901CC968412F8155B08D7ABE0171166A ] WAS C:\WINDOWS\system32\inetsrv\iisw3adm.dll
23:44:18.0953 10300 WAS - ok
23:44:19.0031 10300 [ 42DF22F8C448E7CD219F6D63743505E2 ] wbengine C:\WINDOWS\system32\wbengine.exe
23:44:19.0062 10300 wbengine - ok
23:44:19.0062 10300 [ 31D37B2F6069C631EF0557D322924812 ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
23:44:19.0078 10300 WbioSrvc - ok
23:44:19.0093 10300 [ D9C1E82651BF19C6FF69CEC6FD400124 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
23:44:19.0093 10300 Wcmsvc - ok
23:44:19.0125 10300 [ 5B5FEAB51172F5513C2CF7B39CFA6A01 ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
23:44:19.0125 10300 wcncsvc - ok
23:44:19.0140 10300 [ E19556D414332E2BEBA1F368229006B4 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
23:44:19.0140 10300 WcsPlugInService - ok
23:44:19.0156 10300 [ B3A4D918DAB90505B6BC7B70632913CB ] Wd C:\WINDOWS\system32\drivers\wd.sys
23:44:19.0156 10300 Wd - ok
23:44:19.0172 10300 [ 260F8DFC4D5748F4CCB9B19CFB0E58EA ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys
23:44:19.0187 10300 WdBoot - ok
23:44:19.0218 10300 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
23:44:19.0218 10300 Wdf01000 - ok
23:44:19.0234 10300 [ 880FFFC4D5BBBB4187B6B04AB2E8C32A ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys
23:44:19.0234 10300 WdFilter - ok
23:44:19.0250 10300 [ 240FC332484572227CD1DF82407F33E5 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
23:44:19.0250 10300 WdiServiceHost - ok
23:44:19.0250 10300 [ 240FC332484572227CD1DF82407F33E5 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
23:44:19.0265 10300 WdiSystemHost - ok
23:44:19.0297 10300 [ F2002DA5E6B78C15B2CD48CFF8F0FBB6 ] WebClient C:\WINDOWS\System32\webclnt.dll
23:44:19.0312 10300 WebClient - ok
23:44:19.0328 10300 [ 35FD720943D4FCD75C3275BF062FF140 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
23:44:19.0328 10300 Wecsvc - ok
23:44:19.0343 10300 [ 4D2612E3C462B68F499D840B1133263E ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
23:44:19.0343 10300 wercplsupport - ok
23:44:19.0359 10300 [ 8E2426162ED6749A127B35D235F21E11 ] WerSvc C:\WINDOWS\System32\WerSvc.dll
23:44:19.0359 10300 WerSvc - ok
23:44:19.0406 10300 [ FE762D3498719C3A23471BBA62F747B4 ] WFPLWFS C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
23:44:19.0406 10300 WFPLWFS - ok
23:44:19.0437 10300 [ 60E0C220593DA4F7C289CB909D2DBAE0 ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
23:44:19.0453 10300 WiaRpc - ok
23:44:19.0468 10300 [ A3C7624A42A3447EF5EDD1ED37FE4E60 ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
23:44:19.0468 10300 WIMMount - ok
23:44:19.0484 10300 WinDefend - ok
23:44:19.0531 10300 [ 7911470B6018059A880469A63B65700A ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
23:44:19.0531 10300 WinHttpAutoProxySvc - ok
23:44:19.0609 10300 [ 3D6B518B71C75C8FA4115A33615C107A ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
23:44:19.0609 10300 Winmgmt - ok
23:44:19.0672 10300 [ 8E212A627F33F6FC3B5F3BB47212F66E ] WinRM C:\WINDOWS\system32\WsmSvc.dll
23:44:19.0719 10300 WinRM - ok
23:44:19.0750 10300 [ BB20956C424531003F7FA6CD36F11D5D ] WINUSB C:\WINDOWS\System32\drivers\WinUSB.SYS
23:44:19.0765 10300 WINUSB - ok
23:44:19.0781 10300 [ 6351724B8FA0255C2DBD970297F00B93 ] WlanSvc C:\WINDOWS\System32\wlansvc.dll
23:44:19.0812 10300 WlanSvc - ok
23:44:19.0844 10300 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
23:44:19.0844 10300 wlcrasvc - ok
23:44:19.0875 10300 [ 08EFA13A2234C8C3B8A99E4B88BE7E9B ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll
23:44:19.0922 10300 wlidsvc - ok
23:44:19.0937 10300 [ E2A596CACFC6504306CDB7B593B90084 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys
23:44:19.0937 10300 WmiAcpi - ok
23:44:19.0969 10300 [ D113499052C5E541906B727779F0F959 ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
23:44:19.0969 10300 wmiApSrv - ok
23:44:19.0984 10300 WMPNetworkSvc - ok
23:44:20.0047 10300 [ 83B6CA03C846FCD47F9883D77D1EB27B ] WMZuneComm c:\Program Files\Zune\WMZuneComm.exe
23:44:20.0047 10300 WMZuneComm - ok
23:44:20.0062 10300 [ C6FF953D5D6F2EAE3B8883474D5076B3 ] wpcfltr C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
23:44:20.0078 10300 wpcfltr - ok
23:44:20.0094 10300 [ A6ED163169876BFD2437E872FE2F1509 ] WPCSvc C:\WINDOWS\System32\wpcsvc.dll
23:44:20.0094 10300 WPCSvc - ok
23:44:20.0140 10300 [ 94AA5150E35B3ABB7191FE641E3C2473 ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
23:44:20.0140 10300 WPDBusEnum - ok
23:44:20.0172 10300 [ 0346CAFC181C91C6E2330332EB332ED6 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
23:44:20.0172 10300 WpdUpFltr - ok
23:44:20.0203 10300 [ BC8B5CB336E63BB25EAD1CE8EDD34B81 ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
23:44:20.0203 10300 ws2ifsl - ok
23:44:20.0219 10300 [ FB0C1B7F94FA08E72F19F6F2CE7210E1 ] wscsvc C:\WINDOWS\System32\wscsvc.dll
23:44:20.0219 10300 wscsvc - ok
23:44:20.0219 10300 WSearch - ok
23:44:20.0297 10300 [ C10BFFEE7E0D7A1366E84F251796C51D ] WSService C:\WINDOWS\System32\WSService.dll
23:44:20.0344 10300 WSService - ok
23:44:20.0453 10300 [ A8484C0CB54DB48180FB7CA00F1C3F8F ] wuauserv C:\WINDOWS\system32\wuaueng.dll
23:44:20.0515 10300 wuauserv - ok
23:44:20.0547 10300 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
23:44:20.0562 10300 WudfPf - ok
23:44:20.0562 10300 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys
23:44:20.0562 10300 WUDFRd - ok
23:44:20.0578 10300 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFSensorLP C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
23:44:20.0578 10300 WUDFSensorLP - ok
23:44:20.0594 10300 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll
23:44:20.0594 10300 wudfsvc - ok
23:44:20.0609 10300 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFWpdFs C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
23:44:20.0609 10300 WUDFWpdFs - ok
23:44:20.0609 10300 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFWpdMtp C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
23:44:20.0609 10300 WUDFWpdMtp - ok
23:44:20.0656 10300 [ F9D8D2E6ECE08B278621D5BF3A7240A6 ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
23:44:20.0672 10300 WwanSvc - ok
23:44:20.0844 10300 [ 67B787C34FB2888D01B130AE007042D8 ] ZuneNetworkSvc c:\Program Files\Zune\ZuneNss.exe
23:44:21.0000 10300 ZuneNetworkSvc - ok
23:44:21.0031 10300 [ 4D89FC1C20CF655739EFAC5DA81A67BC ] ZuneWlanCfgSvc c:\Program Files\Zune\ZuneWlanCfgSvc.exe
23:44:21.0047 10300 ZuneWlanCfgSvc - ok
23:44:21.0062 10300 ================ Scan global ===============================
23:44:21.0125 10300 [ DDC1AFBF9DDF880CE9BD3896114D8DED ] C:\WINDOWS\system32\basesrv.dll
23:44:21.0140 10300 [ E9343076AE704D20BB0D01F3AF3EFFEF ] C:\WINDOWS\system32\winsrv.dll
23:44:21.0172 10300 [ BD7C6949984D19AAA609896B675E7357 ] C:\WINDOWS\system32\sxssrv.dll
23:44:21.0219 10300 [ 8F226143046435C75C033B0C52E90FFE ] C:\WINDOWS\system32\services.exe
23:44:21.0219 10300 [Global] - ok
23:44:21.0219 10300 ================ Scan MBR ==================================
23:44:21.0219 10300 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
23:44:21.0531 10300 \Device\Harddisk0\DR0 - ok
23:44:21.0594 10300 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
23:44:22.0344 10300 \Device\Harddisk1\DR1 - ok
23:44:22.0344 10300 ================ Scan VBR ==================================
23:44:22.0344 10300 [ F98A841E33D63DD46B5FB9A9F6A9F09F ] \Device\Harddisk0\DR0\Partition1
23:44:22.0359 10300 \Device\Harddisk0\DR0\Partition1 - ok
23:44:22.0359 10300 [ 845A1974E73A10DDAABAC7038536ABE2 ] \Device\Harddisk0\DR0\Partition2
23:44:22.0359 10300 \Device\Harddisk0\DR0\Partition2 - ok
23:44:22.0391 10300 [ CD8FD3A5E143C076188823AB028C696A ] \Device\Harddisk0\DR0\Partition3
23:44:22.0406 10300 \Device\Harddisk0\DR0\Partition3 - ok
23:44:22.0406 10300 [ DA5DEF75BB81028110FDB12E54669DC1 ] \Device\Harddisk1\DR1\Partition1
23:44:22.0406 10300 \Device\Harddisk1\DR1\Partition1 - ok
23:44:22.0406 10300 ============================================================
23:44:22.0406 10300 Scan finished
23:44:22.0406 10300 ============================================================
23:44:22.0422 5348 Detected object count: 0
23:44:22.0422 5348 Actual detected object count: 0

UPDATE: 12:20AM

Tried running aswMBR normally, allowed it to update the newest definitions, clicked Scan, and it ran a couple of minutes before crashing. Restarted in safe mode w/ networking, didn't work, saved log:

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-01-21 00:13:41
-----------------------------
00:13:41.528 OS Version: Windows x64 6.2.9200
00:13:41.528 Number of processors: 8 586 0x2A07
00:13:41.528 ComputerName: HHGREGG-HP UserName: HHGREGG
00:13:45.325 Initialze error C0000061 - driver not loaded
00:13:50.935 AVAST engine defs: 13012001
00:13:54.998 Scan error: The parameter is incorrect.
00:14:49.376 The log file has been saved successfully to "C:\Users\HHGREGG\Downloads\aswMBR.txt"


Have not proceeded with further steps until instructed.

Edited by DeLoreanDude, 21 January 2013 - 01:23 AM.


#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:45 PM

Posted 21 January 2013 - 11:06 AM

Move to ESET scan

#5 DeLoreanDude

DeLoreanDude
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Alabama
  • Local time:08:45 PM

Posted 22 January 2013 - 12:33 AM

Sorry it took a bit, I work long hours so my replies will come later in the evening such as this one; the scan took a little over 3.5 hours. I didn't checkmark anything, simply started the program and let it run per your instruction.

This is the result of ESET scan:

C:\Kernels\drivers.vbs BAT/CoinMiner.X trojan cleaned by deleting - quarantined
C:\Users\HHGREGG\Downloads\White_Haven_Mysteries_Collectors_Edition_-_HOG_Puzzle_-_Wendy99.exe Win32/Adware.1ClickDownload.G application cleaned by deleting - quarantined
C:\Windows.old\Users\HHGREGG\AppData\Local\Temp\ToolbarUpdater.exe Win32/Delf.QYZ trojan cleaned by deleting - quarantined

Just pulled up IE and did a quick search out of curiosity - still there.

Edited by DeLoreanDude, 22 January 2013 - 12:38 AM.


#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:45 PM

Posted 22 January 2013 - 05:01 AM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.

#7 DeLoreanDude

DeLoreanDude
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Alabama
  • Local time:08:45 PM

Posted 22 January 2013 - 11:17 PM

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Database version: v2013.01.23.01

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16466
HHGREGG :: HHGREGG-HP [administrator]

1/22/2013 8:11:54 PM
mbam-log-2013-01-22 (20-11-54).txt

Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 845253
Time elapsed: 2 hour(s), 2 minute(s), 5 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

MiniToolBox by Farbar Version:10-01-2013
Ran by HHGREGG (administrator) on 22-01-2013 at 22:22:06
Running from "C:\Users\HHGREGG\Downloads"
Windows 8 Pro with Media Center (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================


::1 localhost

127.0.0.1 localhost
127.0.0.1 fr.a2dfp.net
127.0.0.1 m.fr.a2dfp.net
127.0.0.1 ad.a8.net
127.0.0.1 asy.a8ww.net
127.0.0.1 abcstats.com
127.0.0.1 a.abv.bg
127.0.0.1 adserver.abv.bg
127.0.0.1 adv.abv.bg
127.0.0.1 bimg.abv.bg
127.0.0.1 ca.abv.bg
127.0.0.1 www2.a-counter.kiev.ua
127.0.0.1 track.acclaimnetwork.com
127.0.0.1 accuserveadsystem.com
127.0.0.1 www.accuserveadsystem.com
127.0.0.1 achmedia.com
127.0.0.1 aconti.net
127.0.0.1 secure.aconti.net
127.0.0.1 www.aconti.net 127.0.0.1 csh.actiondesk.com

There are 12725 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Local Area Connection (Connected)
802.11n Wireless LAN Card = Wi-Fi (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
set interface interface="Local Area Connection* 1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 11" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 13" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 14" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Wi-Fi" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : HHGREGG-HP
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Local Area Connection* 13:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
Physical Address. . . . . . . . . : 20-10-7A-10-5E-A6
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Local Area Connection* 11:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Hosted Network Virtual Adapter
Physical Address. . . . . . . . . : 20-10-7A-10-5E-A5
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : E8-40-F2-4A-56-30
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::18d6:a9d7:d709:a1ea%13(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.129(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Tuesday, January 22, 2013 9:59:47 PM
Lease Expires . . . . . . . . . . : Wednesday, January 23, 2013 9:59:47 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 233324786
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-8E-F8-45-E8-40-F2-4A-56-30
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Wireless LAN adapter Wi-Fi:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : 802.11n Wireless LAN Card
Physical Address. . . . . . . . . : 20-10-7A-10-5E-A4
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{657497AC-F188-4B7D-87D0-05143CF13616}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 12:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:186c:36be:3f57:fe7e(Preferred)
Link-local IPv6 Address . . . . . : fe80::186c:36be:3f57:fe7e%14(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: www.asusnetwork.net
Address: 192.168.1.1

Name: google.com
Addresses: 2607:f8b0:4002:c03::8a
173.194.37.33
173.194.37.41
173.194.37.36
173.194.37.37
173.194.37.35
173.194.37.39
173.194.37.46
173.194.37.34
173.194.37.38
173.194.37.32
173.194.37.40


Pinging google.com [173.194.37.40] with 32 bytes of data:
Reply from 173.194.37.40: bytes=32 time=23ms TTL=53
Reply from 173.194.37.40: bytes=32 time=32ms TTL=52

Ping statistics for 173.194.37.40:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 23ms, Maximum = 32ms, Average = 27ms
Server: www.asusnetwork.net
Address: 192.168.1.1

Name: yahoo.com
Addresses: 98.138.253.109
206.190.36.45
98.139.183.24


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=97ms TTL=45
Reply from 98.139.183.24: bytes=32 time=149ms TTL=44

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 97ms, Maximum = 149ms, Average = 123ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
16...20 10 7a 10 5e a6 ......Microsoft Wi-Fi Direct Virtual Adapter
15...20 10 7a 10 5e a5 ......Microsoft Hosted Network Virtual Adapter
13...e8 40 f2 4a 56 30 ......Realtek PCIe GBE Family Controller
12...20 10 7a 10 5e a4 ......802.11n Wireless LAN Card
1...........................Software Loopback Interface 1
19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
14...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.129 10
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.129 266
192.168.1.129 255.255.255.255 On-link 192.168.1.129 266
192.168.1.255 255.255.255.255 On-link 192.168.1.129 266
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.129 266
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.129 266
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
14 306 ::/0 On-link
1 306 ::1/128 On-link
14 306 2001::/32 On-link
14 306 2001:0:4137:9e76:186c:36be:3f57:fe7e/128
On-link
13 266 fe80::/64 On-link
14 306 fe80::/64 On-link
14 306 fe80::186c:36be:3f57:fe7e/128
On-link
13 266 fe80::18d6:a9d7:d709:a1ea/128
On-link
1 306 ff00::/8 On-link
14 306 ff00::/8 On-link
13 266 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [67584] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [67584] (Microsoft Corporation)
Catalog5 05 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [21504] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
x64-Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

x64-Catalog5 02 C:\Windows\System32\napinsp.dll [66560] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [85504] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [85504] (Microsoft Corporation)
x64-Catalog5 05 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

x64-Catalog5 06 C:\Windows\System32\winrnr.dll [53760] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (01/22/2013 10:20:32 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_893961408605e985.manifest.

Error: (01/22/2013 09:57:10 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: HHGREGG-HP)
Description: App windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel did not launch within its allotted time.

Error: (01/22/2013 09:13:47 PM) (Source: Application Error) (User: )
Description: Faulting application name: nvtray.exe, version: 7.17.13.529, time stamp: 0x5010b474
Faulting module name: nvtray.exe, version: 7.17.13.529, time stamp: 0x5010b474
Exception code: 0x40000015
Fault offset: 0x0000000000153481
Faulting process id: 0xdb8
Faulting application start time: 0xnvtray.exe0
Faulting application path: nvtray.exe1
Faulting module path: nvtray.exe2
Report Id: nvtray.exe3
Faulting package full name: nvtray.exe4
Faulting package-relative application ID: nvtray.exe5

Error: (01/22/2013 10:25:28 AM) (Source: Application Hang) (User: )
Description: The program Explorer.EXE version 6.2.9200.16433 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 2134

Start Time: 01cdf88ecb55b581

Termination Time: 0

Application Path: C:\WINDOWS\Explorer.EXE

Report Id: 4fc100f3-64b0-11e2-be7e-e840f24a5630

Faulting package full name:

Faulting package-relative application ID:

Error: (01/21/2013 08:38:17 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_893961408605e985.manifest.

Error: (01/21/2013 08:38:15 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_893961408605e985.manifest.

Error: (01/21/2013 08:38:10 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_893961408605e985.manifest.

Error: (01/21/2013 08:38:10 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_893961408605e985.manifest.

Error: (01/21/2013 05:20:58 PM) (Source: Microsoft-Windows-Defrag) (User: )
Description: The volume Iomega HDD (M:) was not optimized because an error was encountered: The disk was disconnected from the system. (0x89000011)

Error: (01/21/2013 04:13:02 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_893961408605e985.manifest.


System errors:
=============
Error: (01/22/2013 09:59:27 PM) (Source: Tcpip) (User: )
Description: The system detected an address conflict for IP address 0.0.0.0 with the system
having network hardware address 20-10-7A-10-5E-A4. Network operations on this system may
be disrupted as a result.

Error: (01/22/2013 09:13:46 PM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error:
%%1069

Error: (01/22/2013 09:13:46 PM) (Source: Service Control Manager) (User: )
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error:
%%1330

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Error: (01/22/2013 08:06:58 PM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error:
%%1069

Error: (01/22/2013 08:06:58 PM) (Source: Service Control Manager) (User: )
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error:
%%1330

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Error: (01/22/2013 08:04:30 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Bing Desktop Update service service to connect.

Error: (01/22/2013 08:04:01 PM) (Source: Microsoft-Windows-Hyper-V-Hypervisor) (User: NT AUTHORITY)
Description: Hypervisor launch failed; Either VMX not present or not enabled in BIOS.

Error: (01/22/2013 08:02:44 PM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error:
%%1069

Error: (01/22/2013 08:02:44 PM) (Source: Service Control Manager) (User: )
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error:
%%1330

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Error: (01/22/2013 08:00:16 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Bing Desktop Update service service to connect.


Microsoft Office Sessions:
=========================
Error: (01/22/2013 10:20:32 PM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_893961408605e985.manifestC:\Users\HHGREGG\Downloads\esetsmartinstaller_enu.exe

Error: (01/22/2013 09:57:10 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: HHGREGG-HP)
Description: windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel

Error: (01/22/2013 09:13:47 PM) (Source: Application Error)(User: )
Description: nvtray.exe7.17.13.5295010b474nvtray.exe7.17.13.5295010b474400000150000000000153481db801cdf90e060fe12cC:\Program Files\NVIDIA Corporation\Display\nvtray.exeC:\Program Files\NVIDIA Corporation\Display\nvtray.exee63ba60e-650a-11e2-be80-e840f24a5630

Error: (01/22/2013 10:25:28 AM) (Source: Application Hang)(User: )
Description: Explorer.EXE6.2.9200.16433213401cdf88ecb55b5810C:\WINDOWS\Explorer.EXE4fc100f3-64b0-11e2-be7e-e840f24a5630

Error: (01/21/2013 08:38:17 PM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_893961408605e985.manifestC:\Users\HHGREGG\Downloads\esetsmartinstaller_enu.exe

Error: (01/21/2013 08:38:15 PM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_893961408605e985.manifestC:\Users\HHGREGG\Downloads\esetsmartinstaller_enu.exe

Error: (01/21/2013 08:38:10 PM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_893961408605e985.manifestC:\Users\HHGREGG\Downloads\esetsmartinstaller_enu.exe

Error: (01/21/2013 08:38:10 PM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_893961408605e985.manifestC:\Users\HHGREGG\Downloads\esetsmartinstaller_enu.exe

Error: (01/21/2013 05:20:58 PM) (Source: Microsoft-Windows-Defrag)(User: )
Description: Iomega HDD (M:)The disk was disconnected from the system. (0x89000011)

Error: (01/21/2013 04:13:02 AM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_893961408605e985.manifestC:\Users\HHGREGG\Downloads\esetsmartinstaller_enu.exe


CodeIntegrity Errors:
===================================
Date: 2013-01-21 19:47:19.880
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.stdformat.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.

Date: 2013-01-21 19:47:19.849
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\adodb.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.

Date: 2013-01-21 19:47:19.833
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\msdatasrc.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.

Date: 2013-01-21 19:47:19.786
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.stdformat.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.

Date: 2013-01-21 19:47:19.770
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\adodb.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.

Date: 2013-01-21 19:47:18.880
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\msdatasrc.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.

Date: 2013-01-21 19:05:21.896
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.stdformat.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.

Date: 2013-01-21 19:05:21.783
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\adodb.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.

Date: 2013-01-21 19:05:21.769
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\msdatasrc.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.

Date: 2013-01-21 19:05:21.752
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\repository\Microsoft.VisualBas#\59b793b04e8a7adeac7f1f8376c970fa\Microsoft.VisualBasic.Compatibility.Data.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.


=========================== Installed Programs ============================

Tools for .Net 3.5 (Version: 3.11.50727)
µTorrent (Version: 3.2.2.28500)
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
7 Wonders Ancient Alien Makeover CE (Version: Final)
802.11n Wireless LAN Card (Version: 3.02.03.0)
A Gypsy's Tale - The Tower Of Secrets .
Adobe AIR (Version: 2.6.0.19120)
Advertising Center (Version: 0.0.0.2)
Affair Bureau 1.00
Agatha Christie - 4.50 from Paddington Just For Fun Games
Agatha Christie - Death on the NileJust For Fun Games
Agatha Christie - Peril at End HouseJust For Fun Games
Agatha Christie Dead Man's FollyJust For Fun Games
aioprnt (Version: 5.3.1.0)
aioscnnr (Version: 6.2.3.10)
aioscnnr (Version: 7.3.4.0)
Alawar Games, The Treasures Of Mystery Island, FINAL 1.00
Amazing Adventures Riddle of the Two Knights
Antique Road Trip 2 Homecoming 1.00
Antique Road Trip USA (Version: 1.0)
Awakening - Moonfell Wood Just For Fun Games
Awakening - Moonfell Wood Strategy Guide Just For Fun Games
Back to the Future The Game - Episode 1 - It's About Time (Version: 1.0)
Back to the Future The Game - Episode 2 - Get Tannen! (Version: 1.0)
Back to the Future The Game - Episode 3 - Citizen Brown (Version: 1.0)
Back to the Future The Game - Episode 4 - Double Visions (Version: 1.0)
Back to the Future The Game - Episode 5 - Outatime (Version: 1.0)
Big Fish Games: Game Manager (Version: 3.0.1.60)
Bing Bar (Version: 7.1.391.0)
Bing Desktop (Version: 1.0.45.0)
Blackhawk Striker 2 (Version: 2.2.0.95)
Blend for Visual Studio 2012 (Version: 5.0.30709.0)
Blend for Visual Studio 2012 ENU resources (Version: 5.0.30709.0)
Blend for Visual Studio Add-in for Adobe FXG Import (Version: 1.0.30924.0)
Blend for Visual Studio SDK for Windows Phone 8.0 (Version: 3.0.30924.0)
Blio (Version: 2.2.8188)
Blue Beards Castle (Version: 1.0)
Bubble Wrap (Version: 1.0.0.0)
C4USelfUpdater (Version: 1.00.0000)
CCleaner (Version: 3.24)
center (Version: 6.2.5.0)
Christmas Stories - Nutcracker Collector's Edition (Version: Final)
Christmas Tales - Fellinas Journey (Version: 1.0)
Christmas Wonderland (Version: 1.0.0.31)
Christmas Wonderland 2
Christmas Wonderland 3 (Version: Final)
Christmas Wonderland 3 1.0 (Version: 1.0)
Chuzzle Deluxe (Version: 2.2.0.95)
Classic Shell (Version: 3.6.5)
Committed Mystery at Shady Pines Premium Edition (Version: 1.0)
Cruel Games Red Riding Hood (Version: Final)
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Defraggler (Version: 2.11)
Delicious - Emily's Taste of Fame (Version: 1.0)
Detective Quest.The Crystal Slipper 1.0 (Version: 1.0)
DirectX for Managed Code Update (Summer 2004) (Version: 9.02.2904)
Dora's World Adventure (Version: 2.2.0.95)
DownTango (Version: 1.0.714)
Dream Builder: Amusement Park (Version: 3.0.2.32)
E.P.I.C. Wishmaster Adventures (Version: Final)
E.P.I.C.: Wishmaster Adventures (Version: 3.0.2.32)
Easter Eggztravaganza 1.00
Echo - Secret of the Lost Cavern 1.00
Echoes of the Past Royal House of Stone 1.00
Echoes of the Past 3- The Citadels of Time CE (Version: 1.0)
Echoes of the Past The Castle of Shadows Collectors Edition 1.00
Egypt: Secret of five Gods (Version: 3.0.2.32)
ESET Online Scanner v3
essentials (Version: 6.0.14.0)
Facebook (Version: 1.1.0004)
Fairly Twisted Tales - The Price Of A Rose With Guide (Version: Final)
Farm Frenzy (Version: 2.2.0.98)
Farmington Tales (Version: 1.0)
Farmscapes (Version: 2.2.0.98)
Farmscapes Collector's Edition Just For Fun Games
FATE (Version: 2.2.0.97)
Final Drive Fury (Version: 2.2.0.95)
Freemake Video Converter version 3.1.1 (Version: 3.1.1)
Frozen Kingdom (Version: 3.0.2.32)
Haunted Manor Lord of Mirrors Collectors Edition 1.00
Hewlett-Packard ACLM.NET v1.1.2.0 (Version: 1.00.0000)
Hidden Mysteries Return to Titanic 1.00
Hidden Mysteries Royal Family Secrets 1.00
Hidden Relics (Version: 2.2.0.95)
Hodgepodge Hollow 1.00
Holly A Christmas Tale Deluxe FINAL 1.6.6
House of 1000 Doors: The Palm of Zoroaster (Version: 2.2.0.110)
Hoyle Card Games (Version: 2.2.0.95)
HP Application Assistant (Version: 1.0.393.3870)
HP Auto (Version: 1.0.12935.3667)
HP Calendar (Version: 5.1.4245.23508)
HP Client Services (Version: 1.1.12938.3539)
HP Clock (Version: 5.1.4244.16367)
HP Customer Experience Enhancements (Version: 6.0.1.8)
HP Games (Version: 1.0.2.5)
HP LinkUp (Version: 2.01.029)
HP Magic Canvas (Version: 5.1.15.0)
HP Magic Canvas Tutorials (Version: 5.0.0.3)
HP MovieStore (Version: 2.1.091)
HP MovieStore (Version: 2.1.21091.0)
HP Notes (Version: 5.1.4274.30382)
HP Odometer (Version: 2.10.0000)
HP RSS (Version: 5.1.4289.23799)
HP Setup (Version: 9.0.15130.3904)
HP Setup Manager (Version: 1.2.15145.3905)
HP Support Assistant (Version: 6.1.12.1)
HP Support Information (Version: 11.00.0001)
HP TouchSmart RecipeBox (Version: 3.0.3830.27730)
HP Update (Version: 5.003.001.001)
HP Vision Hardware Diagnostics (Version: 2.12.1.0)
HP Weather (Version: 5.1.4245.22595)
Intel® Identity Protection Technology 1.2.22.0 (Version: 1.2.22.0)
Intel® Management Engine Components (Version: 7.0.0.1144)
Intel® Rapid Storage Technology (Version: 10.5.0.1026)
IrfanView (remove only) (Version: 4.35)
Island Tribe 2 1.00
Island Tribe 3 .
Island Tribe 4 (Version: 1.0)
Java 7 Update 11 (Version: 7.0.110)
Java Auto Updater (Version: 2.1.9.0)
Jewel Match 3 (Version: 2.2.0.98)
Jewel Quest Mysteries: The Seventh Gate Collector's Edition (Version: 2.2.0.98)
John Deere Drive Green (Version: 2.2.0.95)
Junk Mail filter update (Version: 15.4.3502.0922)
K-Lite Codec Pack 8.7.0 (Basic) (Version: 8.7.0)
K-Lite Codec Pack 9.1.0 (64-bit) (Version: 9.1.0)
Kobo (Version: 2.0.3)
Kodak AIO Printer (Version: 7.0.3.0)
KODAK AiO Software (Version: 7.6.12.20)
LabelPrint (Version: 2.5.4507)
Letters from Nowhere 2 (Version: 2.2.0.97)
Luxor HD (Version: 2.2.0.98)
magicJack (Version: 2.0.6073.4413)
Mah Jong Medley (Version: 2.2.0.95)
Mahjong Mysteries: Ancient Athena (Version: 3.0.2.32)
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
Mesh Runtime (Version: 15.4.5722.2)
Metric Converter (Version: 1.0.0.0)
Microsoft .NET Framework 4 Multi-Targeting Pack (Version: 4.0.30319)
Microsoft .NET Framework 4.5 SDK (Version: 4.5.50709)
Microsoft Advertising SDK for Windows Phone - ENU (Version: 6.2.923.0)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Expression Blend SDK for Windows Phone 7 (Version: 2.0.20901.0)
Microsoft Expression Blend SDK for Windows Phone OS 7.1 (Version: 2.0.30816.0)
Microsoft Help Viewer 2.0 (Version: 2.0.50727)
Microsoft Mathematics (Version: 4.0)
Microsoft NuGet - Visual Studio 2012 Express for Windows Phone (Version: 2.0.30717.9005)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Portable Library Multi-Targeting Pack (Version: 11.0.50816.00)
Microsoft Portable Library Multi-Targeting Pack Language Pack - enu (Version: 11.0.50816.00)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft Silverlight 4 SDK (Version: 4.0.60310.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (Version: 4.0.8876.1)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2012 Compilers - ENU Resources (Version: 11.0.50727)
Microsoft Visual C++ 2012 Compilers (Version: 11.0.50727)
Microsoft Visual C++ 2012 Compilers For Windows Phone - ENU Resources (Version: 11.0.50727)
Microsoft Visual C++ 2012 Compilers For Windows Phone (Version: 11.0.50727)
Microsoft Visual C++ 2012 Core Libraries For Windows Phone (Version: 11.0.50727)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727)
Microsoft Visual C++ 2012 x64 Debug Runtime - 11.0.50727 (Version: 11.0.50727)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (Version: 11.0.50727)
Microsoft Visual C++ 2012 x86 Debug Runtime - 11.0.50727 (Version: 11.0.50727)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (Version: 11.0.50727)
Microsoft Visual Studio 2012 Add-in for Windows Phone - ENU Language Pack (Version: 11.0.50727)
Microsoft Visual Studio 2012 Add-in for Windows Phone (Version: 11.0.50727)
Microsoft Visual Studio 2012 Express Prerequisites x64 - ENU (Version: 11.0.50727)
Microsoft Visual Studio 2012 Preparation (Version: 11.0.50727)
Microsoft Visual Studio 2012 Shell (Minimum) (Version: 11.0.50727)
Microsoft Visual Studio 2012 Shell (Minimum) Interop Assemblies (Version: 11.0.50727)
Microsoft Visual Studio 2012 Shell (Minimum) Resources (Version: 11.0.50727)
Microsoft Visual Studio Express 2012 for Windows Phone - ENU (Version: 11.0.50727)
Microsoft Visual Studio Express 2012 for Windows Phone (Version: 11.0.50727)
Microsoft Visual Studio Team Foundation Server 2012 Object Model (Version: 11.0.50727)
Microsoft Visual Studio Team Foundation Server 2012 Object Model Language Pack - ENU (Version: 11.0.50727)
Microsoft Visual Studio Team Foundation Server 2012 Team Explorer (Version: 11.0.50727)
Microsoft Visual Studio Team Foundation Server 2012 Team Explorer Language Pack - ENU (Version: 11.0.50727)
Microsoft Visual Studio Ultimate 2012 XAML UI Designer Core (Version: 11.0.50727)
Microsoft Visual Studio Ultimate 2012 XAML UI Designer enu Resources (Version: 11.0.50727)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
Morris (Nine Men's Morris game)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Mystery Trackers The Void Collectors Edition 1.00
Nancy Drew: Alibi in Ashes (Version: 3.0.2.32)
Nancy Drew: Message in a Haunted Mansion (Version: 3.0.2.32)
Nero ControlCenter (Version: 9.0.0.1)
Nero Installer (Version: 4.4.9.0)
Nero MediaHome 4 (Version: 4.5.9.2)
Nero MediaHome 4 Essentials
Nero MediaHome 4 Help (Version: 4.5.5.0)
Nero Online Upgrade (Version: 1.3.0.0)
NVIDIA 3D Vision Controller Driver 306.97 (Version: 306.97)
NVIDIA Control Panel 305.29 (Version: 305.29)
NVIDIA Graphics Driver 305.29 (Version: 305.29)
NVIDIA HD Audio Driver 1.3.18.0 (Version: 1.3.18.0)
NVIDIA Install Application (Version: 2.1002.85.551)
NVIDIA PhysX (Version: 9.12.0604)
NVIDIA PhysX System Software 9.12.0604 (Version: 9.12.0604)
NVIDIA Update 1.10.8 (Version: 1.10.8)
NVIDIA Update Components (Version: 1.10.8)
ocr (Version: 6.2.3.50)
opensource (Version: 1.0.14960.3876)
Paradise Quest 1.00
PDF Complete Special Edition (Version: 4.0.65)
Penguins! (Version: 2.2.0.98)
Plants vs. Zombies - Game of the Year (Version: 2.2.0.98)
PlayReady PC Runtime amd64 (Version: 1.3.0)
PlayReady PC Runtime x86 (Version: 1.3.0)
Poker Superstars III (Version: 2.2.0.95)
Polar Bowler (Version: 2.2.0.97)
Polar Golfer (Version: 2.2.0.98)
Power2Go (Version: 6.1.5706)
PreReq (Version: 6.2.4.0)
PressReader (Version: 5.11.0721.0)
PrintProjects (Version: 1.0.0.9282)
Rainbow Web 3 1.00
Realtek High Definition Audio Driver (Version: 6.0.1.6662)
Recovery Manager (Version: 5.5.0.4424)
Remote Graphics Receiver (Version: 5.4.5)
RollerCoaster Tycoon 3: Platinum (Version: 2.2.0.98)
Royal Detective - The Lord of Statues Collector's Edition (Version: Final)
Safari Quest (Version: 2.2.0.110)
Samantha Swift and the Hidden Roses of Athena (Version: 1.10)
Secret Diaries Florence Ashford 1.00
Shadow Wolf Mysteries - Bane of the Family CE (Version: 1.0)
Shadow Wolf Mysteries 3 - Cursed Wedding CE (Version: Final)
Skype™ 5.10 (Version: 5.10.116)
Spot (Version: 1.0.0.0)
Stellarium 0.11.4 (Version: 0.11.4)
Suburban Mysteries - The Labyrinth of the Past (Version: Final)
Tales of Lagoona Orphans of the Ocean 1.00
Tap Tap Bear (Version: 1.0.0.0)
Text Twist 2 1.00
The Mirror Mysteries 2 - Forgotten Kingdoms (Version: FINAL)
The Scruffs 2 - Return of the Duke (Version: 1.0)
The Scruffs: Return of the Duke (Version: 2.2.0.98)
The Treasures of Mystery Island Ghost Ship 1.00
The Treasures of Mystery Island The Gates of Fate 1.00
The Treasures of Mystery Island: The Ghost Ship (Version: 2.2.0.98)
Tiger Eye Part I Curse of the Riddle Box 1.00
Time Machine - Rogue Pilot (Version: Final)
Time Mysteries 3- The Final Enigma CE (Version: FINAL)
TinEye Internet Explorer plugin 1.2 (Version: 1.2.0)
Torchlight (Version: 2.2.0.98)
TSHostedAppLauncher (Version: 5.1.15.0)
Turbo Pizza
Twilight Phenomena - The Lodgers of House 13 CE (Version: Final)
Undiscovered World The Incan Sun 1.00
Update for (KB2504637) (Version: 1)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
Update for Microsoft Visual Studio 2012 (KB2781514) (Version: 11.0.50727)
Update Installer for WildTangent Games App
uTorrentControl_v2 Toolbar (Version: 6.9.0.16)
VIP Access (Version: 2.0.3.64)
VIP Access SDK (1.0.1.4) (Version: 1.0.1.4)
Virtual Villagers 4 - The Tree of Life (Version: 2.2.0.98)
White Haven Mysteries Collectors Edition 1.00
White Haven Mysteries Standard Edition (Version: 2.2.0.110)
WildTangent Games (Version: 1.0.4.0)
WildTangent Games App (HP Games) (Version: 4.0.10.5)
WildTangent Games App (Version: 4.0.10.5)
Windows Driver Package - Scientific-Atlanta (USBCM) Net (06/10/2004 1.12.0.0000) (Version: 06/10/2004 1.12.0.0000)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3538.0513)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3538.0513)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Mobile Device Updater Component (Version: 04.08.2345.00)
Windows Phone (Version: 0.9.3606.0)
Windows Phone 8.0 Emulation Host (Version: 11.0.50727)
Windows Phone 8.0 Emulation Images (Version: 11.0.50727)
Windows Phone 8.0 Managed SDK Profiler (ARM) (Version: 11.0.50727)
Windows Phone 8.0 Managed SDK Profiler (X86) (Version: 11.0.50727)
Windows Phone Emulator 8.0 Configurator (Version: 11.0.50727)
Windows Phone Emulator x64 - ENU (Version: 10.1.40219)
Windows Phone SDK 7.1 Assemblies (Version: 10.1.40219)
Windows Phone SDK 8.0 - ENU (Version: 11.0.50727.38)
Windows Phone SDK 8.0 Assemblies (Version: 11.0.50727)
Windows Phone SDK 8.0 Extensions for XNA Game Studio 4.0 (Version: 4.0.40906.0)
Windows Phone Tools Finalizer (Version: 11.0.50727)
Windows Software Development Kit Tools for Windows Store Apps (Version: 8.59.25584)
Youda Legend - The Curse of the Amsterdam Diamond (Version: 2.2.0.110)
Youda Legend: The Golden Bird of Paradise (Version: 3.0.2.32)
Zinio Reader 4 (Version: 4.2.4164)
Zuma's Revenge (Version: 2.2.0.98)
Zune (Version: 04.08.2345.00)
Zune Language Pack (CHS) (Version: 04.08.2345.00)
Zune Language Pack (CHT) (Version: 04.08.2345.00)
Zune Language Pack (CSY) (Version: 04.08.2345.00)
Zune Language Pack (DAN) (Version: 04.08.2345.00)
Zune Language Pack (DEU) (Version: 04.08.2345.00)
Zune Language Pack (ELL) (Version: 04.08.2345.00)
Zune Language Pack (ESP) (Version: 04.08.2345.00)
Zune Language Pack (FIN) (Version: 04.08.2345.00)
Zune Language Pack (FRA) (Version: 04.08.2345.00)
Zune Language Pack (HUN) (Version: 04.08.2345.00)
Zune Language Pack (IND) (Version: 04.08.2345.00)
Zune Language Pack (ITA) (Version: 04.08.2345.00)
Zune Language Pack (JPN) (Version: 04.08.2345.00)
Zune Language Pack (KOR) (Version: 04.08.2345.00)
Zune Language Pack (MSL) (Version: 04.08.2345.00)
Zune Language Pack (NLD) (Version: 04.08.2345.00)
Zune Language Pack (NOR) (Version: 04.08.2345.00)
Zune Language Pack (PLK) (Version: 04.08.2345.00)
Zune Language Pack (PTB) (Version: 04.08.2345.00)
Zune Language Pack (PTG) (Version: 04.08.2345.00)
Zune Language Pack (RUS) (Version: 04.08.2345.00)
Zune Language Pack (SVE) (Version: 04.08.2345.00)

========================= Memory info: ===================================

Percentage of memory in use: 37%
Total physical RAM: 8174.52 MB
Available physical RAM: 5149.52 MB
Total Pagefile: 16366.52 MB
Available Pagefile: 13455.54 MB
Total Virtual: 4095.88 MB
Available Virtual: 3971.18 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:1380.18 GB) (Free:1196.8 GB) NTFS
2 Drive d: (HP_RECOVERY) (Fixed) (Total:16.98 GB) (Free:2.11 GB) NTFS

========================= Users: ========================================

User accounts for \\HHGREGG-HP

Administrator Guest HHGREGG
Mcx1-HHGREGG-HP NeroMediaHomeUser.4 UpdatusUser
wylld_000

========================= Restore Points ==================================

16-01-2013 16:46:13 Installed Java 7 Update 11
21-01-2013 01:00:44 Windows Backup
23-01-2013 03:17:55 Installed Windows Phone

**** End of log ****

Edited by DeLoreanDude, 22 January 2013 - 11:24 PM.


#8 DeLoreanDude

DeLoreanDude
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Alabama
  • Local time:08:45 PM

Posted 22 January 2013 - 11:27 PM

Farbar Service Scanner Version: 16-01-2013
Ran by HHGREGG (administrator) on 22-01-2013 at 22:26:18
Running from "C:\Users\HHGREGG\Downloads"
Windows 8 Pro with Media Center (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error. Google IP is offline
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is set to Demand. The default start type is Auto.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MsMpEng.exe => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

#9 DeLoreanDude

DeLoreanDude
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Alabama
  • Local time:08:45 PM

Posted 22 January 2013 - 11:32 PM

# AdwCleaner v2.107 - Logfile created 01/22/2013 at 22:27:58
# Updated 21/01/2013 by Xplode
# Operating system : Windows 8 Pro with Media Center (64 bits)
# User : HHGREGG - HHGREGG-HP
# Boot Mode : Normal
# Running from : C:\Users\HHGREGG\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\END
File Deleted : C:\Users\Public\Desktop\eBay.lnk
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\uTorrentControl_v2
Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\ProgramData\Trymedia
Folder Deleted : C:\Users\HHGREGG\AppData\Local\Conduit
Folder Deleted : C:\Users\HHGREGG\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\HHGREGG\AppData\LocalLow\uTorrentControl_v2

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\uTorrentControl_v2
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKCU\Software\StartSearch
Key Deleted : HKCU\Software\uTorrentControl_v2
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{96BD48DD-741B-41AE-AC4A-AFF96BA00F7E}
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3220468
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{537F4F0B-3542-4C7D-A3E5-CF121482696C}
Key Deleted : HKLM\Software\uTorrentControl_v2
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{537F4F0B-3542-4C7D-A3E5-CF121482696C}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6633FE84-5692-4653-8F7C-23829B897B68}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AF03D38C-0AB8-4F01-88DB-F36A1FF6BED0}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{96BD48DD-741B-41AE-AC4A-AFF96BA00F7E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentControl_v2 Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]

***** [Internet Browsers] *****

-\\ Internet Explorer v10.0.9200.16453

[OK] Registry is clean.

-\\ Google Chrome v [Unable to get version]

File : C:\Users\HHGREGG\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [3938 octets] - [22/01/2013 22:27:58]

########## EOF - C:\AdwCleaner[S1].txt - [3998 octets] ##########

#10 DeLoreanDude

DeLoreanDude
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Alabama
  • Local time:08:45 PM

Posted 22 January 2013 - 11:41 PM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.4.8 (01.21.2013:2)
OS: Windows 8 Pro with Media Center x64
Ran by HHGREGG on Tue 01/22/2013 at 22:33:51.36
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}
Failed to delete: [Registry Key] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}
Failed to delete: [Registry Key] hkey_local_machine\software\wow6432node\microsoft\internet explorer\searchscopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}



~~~ Files

Failed to delete: [File] C:\eula.1028.txt
Failed to delete: [File] C:\eula.1031.txt
Failed to delete: [File] C:\eula.1033.txt
Failed to delete: [File] C:\eula.1036.txt
Failed to delete: [File] C:\eula.1040.txt
Failed to delete: [File] C:\eula.1041.txt
Failed to delete: [File] C:\eula.1042.txt
Failed to delete: [File] C:\eula.2052.txt
Failed to delete: [File] C:\install.res.1028.dll
Failed to delete: [File] C:\install.res.1031.dll
Failed to delete: [File] C:\install.res.1033.dll
Failed to delete: [File] C:\install.res.1036.dll
Failed to delete: [File] C:\install.res.1040.dll
Failed to delete: [File] C:\install.res.1041.dll
Failed to delete: [File] C:\install.res.1042.dll
Failed to delete: [File] C:\install.res.2052.dll
Failed to delete: [File] C:\install.res.3082.dll



~~~ Folders

Successfully deleted: [Folder] "C:\Users\HHGREGG\appdata\local\downtango"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 01/22/2013 at 22:36:36.46
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

UPDATE: 10:43PM

Tried another test search, Google term "weather"; clicked the first non-sponsored listing for the The Weather Channel, got these URLs:

http://asearchclub.com/?kwd=weather&sid=d15e50ff6a536f0c
which redirected to
http://63.209.69.107/search/web/weather/C10/ecn/46355-8911_577/v5

This happened twice, third time it went to the correct site.

Edited by DeLoreanDude, 22 January 2013 - 11:46 PM.


#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:45 PM

Posted 26 January 2013 - 11:27 AM

Which browser?

Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#12 DeLoreanDude

DeLoreanDude
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Alabama
  • Local time:08:45 PM

Posted 26 January 2013 - 10:17 PM

Which browser?
Still IE 10 in normal browsing mode.

Rkill 2.4.6 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 01/26/2013 09:15:49 PM in x64 mode.
Windows Version: Windows 8 Pro with Media Center

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* Explorer Policy Removed: NoActiveDesktopChanges [HKLM]

Backup Registry file created at:
C:\Users\HHGREGG\Desktop\rkill\rkill-01-26-2013-09-15-51.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* HdAudAddService [Missing Service]

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 localhost
::1 localhost #[IPv6]
127.0.0.1 fr.a2dfp.net
127.0.0.1 m.fr.a2dfp.net
127.0.0.1 ad.a8.net
127.0.0.1 asy.a8ww.net
127.0.0.1 abcstats.com
127.0.0.1 a.abv.bg
127.0.0.1 adserver.abv.bg
127.0.0.1 adv.abv.bg
127.0.0.1 bimg.abv.bg
127.0.0.1 ca.abv.bg
127.0.0.1 www2.a-counter.kiev.ua
127.0.0.1 track.acclaimnetwork.com
127.0.0.1 accuserveadsystem.com
127.0.0.1 www.accuserveadsystem.com
127.0.0.1 achmedia.com
127.0.0.1 aconti.net
127.0.0.1 secure.aconti.net
127.0.0.1 www.aconti.net #[Dialer.Aconti]

20 out of 14302 HOSTS entries shown.
Please review HOSTS file for further entries.

Program finished at: 01/26/2013 09:15:56 PM
Execution time: 0 hours(s), 0 minute(s), and 7 seconds(s)

"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "EKIJ5000StatusMonitor" "Status Monitor for KODAK AiO Printer (64-Bit AMD Athlon™/Opteron™ Build)" "Eastman Kodak Company" "c:\windows\system32\spool\drivers\x64\3\ekij5000mui.exe"
+ "hpsysdrv" "hpsysdrv" "Hewlett-Packard" "c:\program files (x86)\hewlett-packard\hp odometer\hpsysdrv.exe"
+ "Zune Launcher" "Zune Auto-Launcher" "Microsoft Corporation" "c:\program files\zune\zunelauncher.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "BCSSync" "Microsoft Office 2010 component" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\bcssync.exe"
+ "BingDesktop" "Bing Desktop application" "Microsoft Corp." "c:\program files (x86)\microsoft\bingdesktop\bingdesktop.exe"
+ "Conime" "" "" "File not found: C:\WINDOWS\system32\conime.exe"
+ "EKStatusMonitor" "Status Monitor for KODAK AiO Printer (32-Bit Intel® Pentium™ 4 Optimized Build)" "Eastman Kodak Company" "c:\program files (x86)\kodak\aio\statusmonitor\ekstatusmonitor.exe"
+ "HP Software Update" "hpwuSchd Application" "Hewlett-Packard" "c:\program files (x86)\hp\hp software update\hpwuschd2.exe"
+ "Nero MediaHome 4" "Nero MediaHome" "Nero AG" "c:\program files (x86)\nero\nero mediahome 4\neromediahome.exe"
+ "PDF Complete" "Sentry for PDF" "PDF Complete Inc" "c:\program files (x86)\pdf complete\pdfsty.exe"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files (x86)\common files\java\java update\jusched.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "cdloader" "magicJack (cdloader2)" "magicJack L.P." "c:\users\hhgregg\appdata\roaming\mjusbsp\cdloader2.exe"
+ "uTorrent" "µTorrent" "BitTorrent, Inc." "c:\program files (x86)\utorrent\utorrent.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office14\msoxmlmf.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks" "" "" ""
+ "Groove GFS Stub Execution Hook" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks" "" "" ""
+ "Groove GFS Stub Execution Hook" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\program files\7-zip\7-zip.dll"
+ "DefragglerShellExtension" "DefragglerShell" "Piriform Ltd" "c:\program files\defraggler\defragglershell64.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "LinkUpMenuExt" "HP LinkUp File Transfer Extension" "Hewlett-Packard" "c:\program files (x86)\hewlett-packard\hp linkup\linkupext64.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\program files\7-zip\7-zip.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\program files\7-zip\7-zip.dll"
+ "ClassicCopyExt" "Adds classic Windows Explorer features" "IvoSoft" "c:\program files\classic shell\classicexplorer64.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "ClassicCopyExt" "Adds classic Windows Explorer features" "IvoSoft" "c:\program files\classic shell\classicexplorer32.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "NvCplDesktopContext" "" "NVIDIA Corporation" "c:\windows\system32\nvshext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "DefragglerShellExtension" "DefragglerShell" "Piriform Ltd" "c:\program files\defraggler\defragglershell64.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "ClassicCopyExt" "Adds classic Windows Explorer features" "IvoSoft" "c:\program files\classic shell\classicexplorer64.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "ClassicCopyExt" "Adds classic Windows Explorer features" "IvoSoft" "c:\program files\classic shell\classicexplorer32.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2 (GFS Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 3 (GFS Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "ShareOverlay" "Adds classic Windows Explorer features" "IvoSoft" "c:\program files\classic shell\classicexplorer64.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2 (GFS Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 3 (GFS Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "ShareOverlay" "Adds classic Windows Explorer features" "IvoSoft" "c:\program files\classic shell\classicexplorer32.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "ClassicIE9BHO Class" "Customizations for the title bar and status bar of IE9" "IvoSoft" "c:\program files\classic shell\classicie9dll_64.dll"
+ "ExplorerBHO Class" "Adds classic Windows Explorer features" "IvoSoft" "c:\program files\classic shell\classicexplorer64.dll"
+ "Groove GFS Browser Helper" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files\microsoft office\office14\urlredir.dll"
+ "Symantec VIP Access Add-On" "Symantec VIP Access Add-On" "Symantec Corporation" "c:\program files (x86)\symantec\vip access client\64bit\vipaddonforie64.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Bing Bar Helper" "Bing Client Extensions" "Microsoft Corporation." "c:\program files (x86)\microsoft\bingbar\7.1.391.0\bingext.dll"
+ "ClassicIE9BHO Class" "Customizations for the title bar and status bar of IE9" "IvoSoft" "c:\program files\classic shell\classicie9dll_32.dll"
+ "ExplorerBHO Class" "Adds classic Windows Explorer features" "IvoSoft" "c:\program files\classic shell\classicexplorer32.dll"
+ "Groove GFS Browser Helper" "" "" "c:\windows\syswow64\auditpolmssg.dll"
+ "Groove GFS Browser Helper" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\java\jre7\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\java\jre7\bin\ssv.dll"
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\urlredir.dll"
+ "Symantec VIP Access Add-On" "Symantec VIP Access Add-On" "Symantec Corporation" "c:\program files (x86)\symantec\vip access client\vipaddonforie.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "Classic Explorer Bar" "Adds classic Windows Explorer features" "IvoSoft" "c:\program files\classic shell\classicexplorer64.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "Bing" "Bing Client Extensions" "Microsoft Corporation." "c:\program files (x86)\microsoft\bingbar\7.1.391.0\bingext.dll"
+ "Classic Explorer Bar" "Adds classic Windows Explorer features" "IvoSoft" "c:\program files\classic shell\classicexplorer32.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "Classic IE9 Settings" "Classic IE9" "IvoSoft" "c:\program files\classic shell\classicie9_32.exe"
+ "OneNote Lin&ked Notes" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office14\onbttnielinkednotes.dll"
+ "Se&nd to OneNote" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office14\onbttnie.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "&Blog This in Windows Live Writer" "Windows Live Writer Blog This Extension" "Microsoft Corporation" "c:\program files (x86)\windows live\writer\writerbrowserextension.dll"
+ "Classic IE9 Settings" "Classic IE9" "IvoSoft" "c:\program files\classic shell\classicie9_32.exe"
+ "OneNote Lin&ked Notes" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\onbttnielinkednotes.dll"
+ "Se&nd to OneNote" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\onbttnie.dll"
"Task Scheduler" "" "" ""
+ "\CCleanerSkipUAC" "CCleaner" "Piriform Ltd" "c:\program files\ccleaner\ccleaner.exe"
+ "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task" "Windows Live Social Object Extractor Engine" "Microsoft Corporation" "c:\program files (x86)\windows live\soxe\wlsoxe.dll"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
X "\Microsoft\Windows\Shell\WindowsParentalControls" "" "" "File not found: C:\Windows\SysWOW64\wpcumi.dll"
X "\Microsoft\Windows\Shell\WindowsParentalControlsMigration" "" "" "File not found: C:\Windows\SysWOW64\wpcmig.dll"
+ "\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\windows defender\mpcmdrun.exe"
+ "\Microsoft\Windows\Windows Defender\Windows Defender Cleanup" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\windows defender\mpcmdrun.exe"
+ "\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\windows defender\mpcmdrun.exe"
+ "\Microsoft\Windows\Windows Defender\Windows Defender Verification" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\windows defender\mpcmdrun.exe"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "BBSvc" "Keeps Bing Bar up-to-date. Disabling this service might prevent updates and expose your computer to security vulnerabilities or functional flaws in Bing Bar." "Microsoft Corporation." "c:\program files (x86)\microsoft\bingbar\7.1.391.0\bbsvc.exe"
+ "BBUpdate" "Enables the detection, download and installation of up-to-date configuration files for Bing Bar. Also provides server communication for the customer experience improvement program. Stopping or disabling this service may prevent you from getting the latest updates for Bing Bar, which may expose your computer to security vulnerabilities or functional flaws in the Bing Bar." "Microsoft Corporation." "c:\program files (x86)\microsoft\bingbar\7.1.391.0\seaport.exe"
+ "BingDesktopUpdate" "Bing Desktop Update Service" "Microsoft Corp." "c:\program files (x86)\microsoft\bingdesktop\bingdesktopupdater.exe"
+ "CalendarSynchService" "HP TouchSmart Calendar Service" "Hewlett-Packard" "c:\program files (x86)\hewlett-packard\touchsmart\calendar\service\gcalservice.exe"
+ "ClassicShellService" "Launches the start button after logon" "IvoSoft" "c:\program files\classic shell\classicshellservice.exe"
+ "GamesAppService" "WT Games App Services" "WildTangent, Inc." "c:\program files (x86)\wildtangent games\app\gamesappservice.exe"
+ "HP Support Assistant Service" "HP Support Assistant Service" "Hewlett-Packard Company" "c:\program files (x86)\hewlett-packard\hp support framework\hpsa_service.exe"
+ "HPClientSvc" "HP Client Services" "Hewlett-Packard Company" "c:\program files\hewlett-packard\hp client services\hpclientservices.exe"
+ "HPDrvMntSvc.exe" "HP Quick Synchronization Service" "Hewlett-Packard Company" "c:\program files (x86)\hewlett-packard\shared\hpdrvmntsvc.exe"
+ "hpqwmiex" "hpqwmiex Module" "Hewlett-Packard Company" "c:\program files (x86)\hewlett-packard\shared\hpqwmiex.exe"
+ "IpOverUsbSvc" "Enables communication between Windows Phone SDK and Windows Phone device. If the service is stopped, application deployment and debugging will fail on device." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\phone tools\corecon\11.0\bin\ipoverusbsvc.exe"
+ "jhi_service" "Intel® Identity Protection Technology Host Interface Service - Allows applications to access the local Intel Identity Protection Technology" "Intel Corporation" "c:\program files (x86)\intel\services\ipt\jhi_service.exe"
+ "Kodak AiO Network Discovery Service" "Kodak mDNS Network Discovery Service" "Eastman Kodak Company" "c:\program files (x86)\kodak\aio\center\ekaiohostservice.exe"
+ "Kodak AiO Status Monitor Service" "Kodak Status Monitor SDK Service" "Eastman Kodak Company" "c:\program files (x86)\kodak\aio\statusmonitor\ekprintersdk.exe"
+ "LMS" "Allows applications to access the local Intel® Management and Security Application using its locally-available selected network interfaces." "Intel Corporation" "c:\program files (x86)\intel\intel® management engine components\lms\lms.exe"
+ "Microsoft SharePoint Workspace Audit Service" "Microsoft SharePoint Workspace" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\groove.exe"
+ "NeroMediaHomeService.4" "Share your multimedia files over the home network!" "Nero AG" "c:\program files (x86)\nero\nero mediahome 4\nmmediaserverservice.exe"
+ "nvsvc" "Provides system and desktop level support to the NVIDIA display driver" "NVIDIA Corporation" "c:\windows\system32\nvvsvc.exe"
+ "nvUpdatusService" "NVIDIA Settings Update Manager service, used to check new updates from NVIDIA server." "NVIDIA Corporation" "c:\program files (x86)\nvidia corporation\nvidia update core\daemonu.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"
+ "osppsvc" "Office Software Protection Platform Service (unlocalized description)" "Microsoft Corporation" "c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe"
+ "pdfcDispatcher" "Manages the PDF document production process. A primary task is to enable the routing of documents from the print spooler to the user. If this service is stopped, PDF documents will be unavailable." "PDF Complete Inc" "c:\program files (x86)\pdf complete\pdfsvc.exe"
+ "SkypeUpdate" "Enables the detection, download and installation of updates for Skype." "Skype Technologies" "c:\program files (x86)\skype\updater\updater.exe"
+ "UNS" "Intel® Management and Security Application User Notification Service - Updates the Windows Event Log with notifications of pre defined events received from the local Intel® Management and Security Application Device." "Intel Corporation" "c:\program files (x86)\intel\intel® management engine components\uns\uns.exe"
+ "VIPAppService" "VIP Service" "Symantec Corporation" "c:\program files (x86)\symantec\vip access client\vipappservice.exe"
+ "WinDefend" "Helps protect users from malware and other potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\msmpeng.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
+ "WMZuneComm" "Zune Connectivity for Windows Mobile devices" "Microsoft Corporation" "c:\program files\zune\wmzunecomm.exe"
+ "ZuneNetworkSvc" "Shares Zune media libraries to Zune devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\zune\zunenss.exe"
+ "ZuneWlanCfgSvc" "Configures Zune for wireless syncing" "Microsoft Corporation" "c:\program files\zune\zunewlancfgsvc.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "3ware" "LSI 3ware SCSI Storport Driver" "LSI" "c:\windows\system32\drivers\3ware.sys"
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "arc" "Adaptec RAID Storport Driver" "PMC-Sierra, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "PMC-Sierra, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "HssDRV6" "Hotspot Shield Routing Driver 6" "AnchorFree Inc." "c:\windows\system32\drivers\hssdrv6.sys"
+ "iaStor" "Intel Rapid Storage Technology driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastor.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "IntcAzAudAddService" "Realtek® High Definition Audio Function Driver" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtkvhd64.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "LSI_SSS" "LSI SSS PCIe/Flash Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sss.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "MEIx64" "Intel® Management Engine Interface" "Intel Corporation" "c:\windows\system32\drivers\hecix64.sys"
+ "mvumis" "Marvell Flash Controller Driver" "Marvell Semiconductor, Inc." "c:\windows\system32\drivers\mvumis.sys"
+ "netr28x" "Ralink 802.11 Wireless Adapter Driver" "Ralink Technology, Corp." "c:\windows\system32\drivers\netr28x.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "NVHDA" "NVIDIA HDMI Audio Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvhda64v.sys"
+ "nvlddmkm" "NVIDIA Windows Kernel Mode Driver, Version 305.29 " "NVIDIA Corporation" "c:\windows\system32\drivers\nvlddmkm.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "pmxdrv" "" "" "c:\windows\system32\drivers\pmxdrv.sys"
+ "RTL8168" "Realtek 8101E/8168/8169 NDIS 6.30 64-bit Driver " "Realtek " "c:\windows\system32\drivers\rt630x64.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows x64" "Promise Technology, Inc." "c:\windows\system32\drivers\stexstor.sys"
+ "taphss" "TAP-Win32 Virtual Network Driver" "AnchorFree Inc" "c:\windows\system32\drivers\taphss.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
+ "VSTXRAID" "VIA StorX RAID Controller Driver" "VIA Corporation" "c:\windows\system32\drivers\vstxraid.sys"
"HKCU\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "vidc.iv50" "" "" "File not found: ir50_32.dll"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
+ "VIDC.FFDS" "ffdshow VFW" "" "c:\windows\system32\ff_vfw.dll"
+ "VIDC.LAGS" "Lagarith" " " "c:\windows\system32\lagarith.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "AC3File" "" "" "c:\program files\k-lite codec pack x64\filters\ac3file64.ax"
+ "DirectVobSub" "VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth" "MPC-HC Team" "c:\program files\k-lite codec pack x64\filters\vsfilter.dll"
+ "DirectVobSub (auto-loading version)" "VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth" "MPC-HC Team" "c:\program files\k-lite codec pack x64\filters\vsfilter.dll"
+ "ffdshow Audio Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\k-lite codec pack x64\filters\ffdshow\ffdshow.ax"
+ "ffdshow Audio Processor" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\k-lite codec pack x64\filters\ffdshow\ffdshow.ax"
+ "ffdshow raw video filter" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\k-lite codec pack x64\filters\ffdshow\ffdshow.ax"
+ "ffdshow subtitles filter" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\k-lite codec pack x64\filters\ffdshow\ffdshow.ax"
+ "ffdshow Video Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\k-lite codec pack x64\filters\ffdshow\ffdshow.ax"
+ "Haali Matroska Muxer" "Haali Media Splitter" "" "c:\program files\k-lite codec pack x64\filters\haali\splitter.x64.ax"
+ "Haali Media Splitter" "Haali Media Splitter" "" "c:\program files\k-lite codec pack x64\filters\haali\splitter.x64.ax"
+ "Haali Media Splitter (AR)" "Haali Media Splitter" "" "c:\program files\k-lite codec pack x64\filters\haali\splitter.x64.ax"
+ "Haali Simple Media Splitter" "Haali Media Splitter" "" "c:\program files\k-lite codec pack x64\filters\haali\splitter.x64.ax"
+ "Haali Video Sink" "Haali Media Splitter" "" "c:\program files\k-lite codec pack x64\filters\haali\splitter.x64.ax"
+ "LAV Audio Decoder" "LAV Audio Decoder - DirectShow Audio Decoder" "1f0.de - Hendrik Leppkes" "c:\program files\k-lite codec pack x64\filters\lav\lavaudio.ax"
+ "LAV Splitter" "LAV Splitter - DirectShow Media Splitter" "1f0.de - Hendrik Leppkes" "c:\program files\k-lite codec pack x64\filters\lav\lavsplitter.ax"
+ "LAV Splitter Source" "LAV Splitter - DirectShow Media Splitter" "1f0.de - Hendrik Leppkes" "c:\program files\k-lite codec pack x64\filters\lav\lavsplitter.ax"
+ "LAV Video Decoder" "LAV Video Decoder - DirectShow Video Decoder" "1f0.de - Hendrik Leppkes" "c:\program files\k-lite codec pack x64\filters\lav\lavvideo.ax"
+ "Microsoft Zune H.264 Video Decoder" "Microsoft Zune H.264 Video Decoder" "Microsoft Corporation" "c:\program files\zune\zuneh264dec.dll"
+ "MS PR Source Filter" "PlayReady DirectShow Source Filter DLL" "Microsoft Corporation" "c:\program files\playready\prsource.dll"
+ "PlayReady DMO Wrapper" "PlayReady DirectShow DMO Wrapper Filter DLL" "Microsoft Corporation" "c:\program files\playready\prdmowrapper.dll"
+ "WMEnc Screen Capture Filter" "ZuneSrcWrp Module" "Microsoft Corporation" "c:\program files\zune\zunesrcwrp.dll"
+ "Zune Enhanced Video Renderer" "Enhanced Video Renderer DLL" "Microsoft Corporation" "c:\program files\zune\zuneevr.dll"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "Capture File Writer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "CyberLink Audio Noise Reduction" "CLAuNR" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gaunrwrapper.ax"
+ "CyberLink Audio Resampler" "CLAuRsmpl.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gaursmpl.ax"
+ "CyberLink Audio VolumeBooster" "CyberLink Audio Volume Booster Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gvb.ax"
+ "CyberLink AudioCD Filter" "CyberLink AudioCD Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gaudiocd.ax"
+ "Cyberlink Dump Dispatch Filter" "Cyberlink File Dump Dispatch Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gdumpdispatch.ax"
+ "Cyberlink Dump Filter" "Cyberlink File Dump Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gdump.ax"
+ "CyberLink Editing Service 3.0 (Source)" "CES Kernel" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gedtkrn.dll"
+ "Cyberlink File Reader (Async.)" "Cyberlink MPEG File Reader" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2greader.ax"
+ "CyberLink Load Image Filter" "CLImage" "CyberLink" "c:\program files (x86)\cyberlink\shared files\climage.ax"
+ "CyberLink M2V Writer" "CLM2VWriter" "CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gm2vwriter.ax"
+ "CyberLink MP3/WAV Wrapper" "CyberLink MP3 Wrapper" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gmp3wrap.ax"
+ "CyberLink MPEG Decoder" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gmvd.ax"
+ "CyberLink MPEG Muxer" "MpgMux" "CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gmpgmux.ax"
+ "CyberLink MPEG Video Encoder" "CyberLink MPEG Video Encoder " "CyberLink Corp. " "c:\program files (x86)\cyberlink\power2go\p2gvidenc.ax"
+ "CyberLink MPEG-1 Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gm1spliter.ax"
+ "CyberLink MPEG-2 Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gm2spliter.ax"
+ "CyberLink PCM Wrapper" "CyberLink PCM Wrapper" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gpcmenc.ax"
+ "CyberLink TimeStretch Filter (CES)" "CLAuTS.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gauts.ax"
+ "CyberLink TL MPEG Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gtlmsplter.ax"
+ "CyberLink Video Effect" "CLVidFx" "CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gvidfx.ax"
+ "CyberLink Video Regulator" "CLRGL" "Cyberlink" "c:\program files (x86)\cyberlink\power2go\p2grgl.ax"
+ "CyberLink Video Stabilizer" "CLVideoDeShaking" "CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gvideostabilizer.ax"
+ "DirectVobSub" "VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth" "MPC-HC Team" "c:\program files (x86)\k-lite codec pack\filters\vsfilter.dll"
+ "DirectVobSub (auto-loading version)" "VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth" "MPC-HC Team" "c:\program files (x86)\k-lite codec pack\filters\vsfilter.dll"
+ "ffdshow Audio Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\k-lite codec pack\ffdshow\ffdshow.ax"
+ "ffdshow Audio Processor" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\k-lite codec pack\ffdshow\ffdshow.ax"
+ "ffdshow DXVA Video Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\k-lite codec pack\ffdshow\ffdshow.ax"
+ "ffdshow raw video filter" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\k-lite codec pack\ffdshow\ffdshow.ax"
+ "ffdshow subtitles filter" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\k-lite codec pack\ffdshow\ffdshow.ax"
+ "ffdshow Video Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\k-lite codec pack\ffdshow\ffdshow.ax"
+ "Haali Matroska Muxer" "Haali Media Splitter" "" "c:\program files (x86)\k-lite codec pack\filters\haali\splitter.ax"
+ "Haali Media Splitter" "Haali Media Splitter" "" "c:\program files (x86)\k-lite codec pack\filters\haali\splitter.ax"
+ "Haali Media Splitter (AR)" "Haali Media Splitter" "" "c:\program files (x86)\k-lite codec pack\filters\haali\splitter.ax"
+ "Haali Simple Media Splitter" "Haali Media Splitter" "" "c:\program files (x86)\k-lite codec pack\filters\haali\splitter.ax"
+ "Haali Video Renderer" "" "" "c:\program files (x86)\k-lite codec pack\filters\haali\dxr.dll"
+ "Haali Video Sink" "Haali Media Splitter" "" "c:\program files (x86)\k-lite codec pack\filters\haali\splitter.ax"
+ "LAV Audio Decoder" "LAV Audio Decoder - DirectShow Audio Decoder" "1f0.de - Hendrik Leppkes" "c:\program files (x86)\k-lite codec pack\filters\lav\lavaudio.ax"
+ "LAV Splitter" "LAV Splitter - DirectShow Media Splitter" "1f0.de - Hendrik Leppkes" "c:\program files (x86)\k-lite codec pack\filters\lav\lavsplitter.ax"
+ "LAV Splitter Source" "LAV Splitter - DirectShow Media Splitter" "1f0.de - Hendrik Leppkes" "c:\program files (x86)\k-lite codec pack\filters\lav\lavsplitter.ax"
+ "LAV Video Decoder" "LAV Video Decoder - DirectShow Video Decoder" "1f0.de - Hendrik Leppkes" "c:\program files (x86)\k-lite codec pack\filters\lav\lavvideo.ax"
+ "MS PR Source Filter" "PlayReady DirectShow Source Filter DLL" "Microsoft Corporation" "c:\program files (x86)\playready\prsource.dll"
+ "P2G Audio Decoder" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gaud.ax"
+ "P2G Audio Encoder" "CyberLink Audio Encoder Filter" "Cyberlink Corp." "c:\program files (x86)\cyberlink\power2go\p2gaudenc.ax"
+ "P2G Video Decoder" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gvsd.ax"
+ "P2G Video Regulator" "CyberLink Video Regulator" "CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gresample.ax"
+ "PlayReady DMO Wrapper" "PlayReady DirectShow DMO Wrapper Filter DLL" "Microsoft Corporation" "c:\program files (x86)\playready\prdmowrapper.dll"
+ "Record Queue" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WM VIH2 Fix" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT DV Extract Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "Xvid MPEG-4 Video Decoder" "xvid" "http://www.xvid.org" "c:\windows\syswow64\xvid.ax"
"HKLM\Software\Classes\CLSID\{7ED96837-96F0-4812-B211-F13C24117ED3}\Instance" "" "" ""
+ "{5FDD51E2-A9D0-44CE-8C8D-162BA0C591A0}" "Microsoft Camera Codec Pack" "Microsoft Corporation" "c:\program files\common files\microsoft shared\microsoft camera codec pack\microsoftrawcodec.dll"
"HKLM\Software\Wow6432Node\Classes\CLSID\{7ED96837-96F0-4812-B211-F13C24117ED3}\Instance" "" "" ""
+ "Photoshop Codec" "PSDCodec" "Microsoft Corporation" "c:\program files (x86)\microsoft visual studio 11.0\blend\imaging\psdcodec.dll"
+ "{5FDD51E2-A9D0-44CE-8C8D-162BA0C591A0}" "Microsoft Camera Codec Pack" "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\microsoft camera codec pack\microsoftrawcodec.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Appinit_Dlls" "" "" ""
+ "C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL" "" "" "File not found: C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Windows\Appinit_Dlls" "" "" ""
+ "C:\PROGRA~2\NVIDIA~1\3DVISI~1\nvStInit.dll" "" "" "File not found: C:\PROGRA~2\NVIDIA~1\3DVISI~1\nvStInit.dll"
"HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls" "" "" ""
+ "_Wow64" "" "" "File not found: C:\WINDOWS\syswow64\Wow64.dll"
+ "_Wow64cpu" "" "" "File not found: C:\WINDOWS\syswow64\Wow64cpu.dll"
+ "_Wow64win" "" "" "File not found: C:\WINDOWS\syswow64\Wow64win.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "KODAK EASYSHARE All-in-One Printer" "Language Monitor for KODAK AiO Printer (64-Bit AMD Athlon™/Opteron™ Build)" "Eastman Kodak Company" "c:\windows\system32\ekij5000mon.dll"
+ "PDFC" "PDF Complete Print Monitor" "PDF Complete, Inc." "c:\windows\system32\pdfc_port.dll"

Edited by DeLoreanDude, 26 January 2013 - 10:22 PM.


#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:45 PM

Posted 26 January 2013 - 10:39 PM

Press Windows+R key and type

msconfig and click ok

Change the startup type to normal startup and click ok

Now run Autoruns again and post the log.

#14 Herdwick

Herdwick

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:08:45 PM

Posted 27 January 2013 - 02:30 PM

I have been watching this dialogue as had the same problem. Tried 6 different anti-malware programmes. The only one that found anything and dealt with the google redirect virus (trojan) i had was Hitman-pro. Had someone else look at the registry and deactivate the windows security centre. All seems fine now.

#15 Herdwick

Herdwick

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:08:45 PM

Posted 27 January 2013 - 02:33 PM

...sorry I mean RE activate the windows security centre!




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users