Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Found Infection, Nothing Detects It, Suggestions?


  • Please log in to reply
7 replies to this topic

#1 Klownicle

Klownicle

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:11:39 AM

Posted 30 January 2013 - 01:11 PM

Hi All,
First off, avid PC user here. So i'm suprised to see myself here, but we all need help sometimes. I have a pc of mine that is definatly infected. But, im finding it hard to actually detect the infection. Below is all the information on it that I can get.

Running Process: "C:\Windows\System32\rundll32.exe" "C:\Users\Klownicle\AppData\Local\miulgou.dll",miulgou
Symptoms: MalwareBytes repeatedly reporting outgoing communication is getting blocked with this process, but only to one address. No Popups, No Redirects, No FBI warnings, etc. Everything appears normal.
Things attempted to Detect:
Run Full MalwareBytes, 100% No Detection.
Run Full MSE, 100% No Detection.
Run Full HitManPro, 100% No Detection.
Run Full MalwareBytes Anti-Root, 100% No Detection.
Run TCPCon, shows 100's of TCP Outbound with random IP and random ports with the same associated ProcessID as above.
Navigated to Location of Said File, clear as day its there.
Viewed in Processor Explorer, Task Manager, clear as day its there.

Why on earth does nothing detect this? I know I can remove the .dll and believe all is well, but I would rather something detect and remove it.

Edited by Klownicle, 30 January 2013 - 01:14 PM.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:39 AM

Posted 30 January 2013 - 08:18 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 Klownicle

Klownicle
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:11:39 AM

Posted 01 February 2013 - 09:36 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply


RougeKiller detected it and removed, ESET did not detect it, but AVG did "eventually" detect it even thoe it wasn't detected by a custom scan only the resident scan.

I'll still post the logs for giggles, so bare with me. Loving this AVS Standalone scanner.

Edited by Klownicle, 01 February 2013 - 09:44 AM.


#4 Klownicle

Klownicle
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:11:39 AM

Posted 01 February 2013 - 09:48 AM

ESET Found no Threats, leaving that out.

09:46:20.0243 9796 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
09:46:20.0666 9796 ============================================================
09:46:20.0666 9796 Current date / time: 2013/02/01 09:46:20.0666
09:46:20.0666 9796 SystemInfo:
09:46:20.0666 9796
09:46:20.0666 9796 OS Version: 6.1.7601 ServicePack: 1.0
09:46:20.0666 9796 Product type: Workstation
09:46:20.0666 9796 ComputerName: KLOWNICLE-PC
09:46:20.0666 9796 UserName: Klownicle
09:46:20.0666 9796 Windows directory: C:\Windows
09:46:20.0666 9796 System windows directory: C:\Windows
09:46:20.0666 9796 Running under WOW64
09:46:20.0666 9796 Processor architecture: Intel x64
09:46:20.0666 9796 Number of processors: 8
09:46:20.0666 9796 Page size: 0x1000
09:46:20.0666 9796 Boot type: Normal boot
09:46:20.0666 9796 ============================================================
09:46:20.0999 9796 Drive \Device\Harddisk3\DR2 - Size: 0xAEA70000000 (11177.75 Gb), SectorSize: 0x200, Cylinders: 0x1643DA, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:46:20.0999 9796 Drive \Device\Harddisk1\DR0 - Size: 0x1BF2F00000 (111.80 Gb), SectorSize: 0x200, Cylinders: 0x3902, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:46:21.0011 9796 Drive \Device\Harddisk2\DR1 - Size: 0x1D1C0E00000 (1863.01 Gb), SectorSize: 0x200, Cylinders: 0x3B600, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:46:21.0014 9796 Drive \Device\Harddisk0\DR0 - Size: 0xFFC00000 (4.00 Gb), SectorSize: 0x200, Cylinders: 0x3FF, SectorsPerTrack: 0x20, TracksPerCylinder: 0x100, Type 'W'
09:46:21.0030 9796 Drive \Device\Harddisk4\DR3 - Size: 0x3BA300000 (14.91 Gb), SectorSize: 0x200, Cylinders: 0x79A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
09:46:21.0046 9796 Drive \Device\Harddisk8\DR7 - Size: 0x1E0D00000 (7.51 Gb), SectorSize: 0x200, Cylinders: 0x3D4, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
09:46:21.0048 9796 ============================================================
09:46:21.0048 9796 \Device\Harddisk3\DR2:
09:46:21.0048 9796 GPT partitions:
09:46:21.0048 9796 Invalid gpt header crc32: 0xE44CDF1F 0x72894028
09:46:21.0048 9796 MBR partitions:
09:46:21.0048 9796 \Device\Harddisk1\DR0:
09:46:21.0048 9796 MBR partitions:
09:46:21.0048 9796 \Device\Harddisk1\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
09:46:21.0048 9796 \Device\Harddisk1\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xDF64800
09:46:21.0048 9796 \Device\Harddisk2\DR1:
09:46:21.0048 9796 GPT partitions:
09:46:21.0048 9796 \Device\Harddisk2\DR1\Partition1: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {FBA620E6-D771-4505-ACA4-11B5935C6EC7}, Name: Basic data partition, StartLBA 0x40800, BlocksNum 0xE8DC6000
09:46:21.0048 9796 MBR partitions:
09:46:21.0048 9796 \Device\Harddisk0\DR0:
09:46:21.0048 9796 MBR partitions:
09:46:21.0048 9796 \Device\Harddisk0\DR0\Partition1: MBR, Type 0xB, StartLBA 0x20, BlocksNum 0x7FDFE0
09:46:21.0048 9796 \Device\Harddisk4\DR3:
09:46:21.0049 9796 MBR partitions:
09:46:21.0049 9796 \Device\Harddisk4\DR3\Partition1: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x1DD1797
09:46:21.0049 9796 \Device\Harddisk8\DR7:
09:46:21.0050 9796 MBR partitions:
09:46:21.0050 9796 \Device\Harddisk8\DR7\Partition1: MBR, Type 0xC, StartLBA 0xDA, BlocksNum 0xF06726
09:46:21.0050 9796 ============================================================
09:46:21.0051 9796 C: <-> \Device\Harddisk1\DR0\Partition2
09:46:21.0121 9796 J: <-> \Device\Harddisk2\DR1\Partition1
09:46:21.0121 9796 E: <-> \Device\Harddisk0\DR0\Partition1
09:46:21.0121 9796 ============================================================
09:46:21.0121 9796 Initialize success
09:46:21.0121 9796 ============================================================
09:46:29.0551 8816 ============================================================
09:46:29.0551 8816 Scan started
09:46:29.0551 8816 Mode: Manual;
09:46:29.0551 8816 ============================================================
09:46:29.0975 8816 ================ Scan system memory ========================
09:46:29.0975 8816 System memory - ok
09:46:29.0975 8816 ================ Scan services =============================
09:46:29.0995 8816 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
09:46:29.0996 8816 1394ohci - ok
09:46:30.0000 8816 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
09:46:30.0002 8816 ACPI - ok
09:46:30.0004 8816 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
09:46:30.0004 8816 AcpiPmi - ok
09:46:30.0019 8816 [ 17AF40744532C83C79D89BD9CAD79B83 ] AcronisAgent C:\Program Files (x86)\Common Files\Acronis\Agent\agent.exe
09:46:30.0025 8816 AcronisAgent - ok
09:46:30.0034 8816 [ BBCBC6775C2DE819A25560F5D6C82FF9 ] AcrSch2Svc C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
09:46:30.0038 8816 AcrSch2Svc - ok
09:46:30.0041 8816 [ 5784321A1F00A4AE01732B9077CB47A7 ] ADExchange C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe
09:46:30.0042 8816 ADExchange - ok
09:46:30.0044 8816 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
09:46:30.0045 8816 AdobeARMservice - ok
09:46:30.0060 8816 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
09:46:30.0062 8816 AdobeFlashPlayerUpdateSvc - ok
09:46:30.0067 8816 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
09:46:30.0069 8816 adp94xx - ok
09:46:30.0072 8816 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
09:46:30.0074 8816 adpahci - ok
09:46:30.0076 8816 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
09:46:30.0077 8816 adpu320 - ok
09:46:30.0080 8816 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
09:46:30.0080 8816 AeLookupSvc - ok
09:46:30.0086 8816 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
09:46:30.0087 8816 AFD - ok
09:46:30.0090 8816 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
09:46:30.0090 8816 agp440 - ok
09:46:30.0092 8816 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
09:46:30.0093 8816 ALG - ok
09:46:30.0095 8816 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
09:46:30.0095 8816 aliide - ok
09:46:30.0097 8816 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
09:46:30.0097 8816 amdide - ok
09:46:30.0100 8816 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
09:46:30.0100 8816 AmdK8 - ok
09:46:30.0102 8816 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
09:46:30.0102 8816 AmdPPM - ok
09:46:30.0104 8816 [ 6EC6D772EAE38DC17C14AED9B178D24B ] amdsata C:\Windows\system32\drivers\amdsata.sys
09:46:30.0105 8816 amdsata - ok
09:46:30.0107 8816 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
09:46:30.0108 8816 amdsbs - ok
09:46:30.0110 8816 [ 1142A21DB581A84EA5597B03A26EBAA0 ] amdxata C:\Windows\system32\drivers\amdxata.sys
09:46:30.0110 8816 amdxata - ok
09:46:30.0113 8816 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
09:46:30.0113 8816 AppID - ok
09:46:30.0115 8816 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
09:46:30.0115 8816 AppIDSvc - ok
09:46:30.0121 8816 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
09:46:30.0122 8816 Appinfo - ok
09:46:30.0125 8816 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
09:46:30.0126 8816 AppMgmt - ok
09:46:30.0128 8816 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
09:46:30.0129 8816 arc - ok
09:46:30.0132 8816 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
09:46:30.0132 8816 arcsas - ok
09:46:30.0136 8816 [ 36661A0497D8ED2D07B82524DF932EA3 ] ArcSec C:\Windows\system32\drivers\ArcSec.sys
09:46:30.0137 8816 ArcSec - ok
09:46:30.0164 8816 [ 21042B58CAE0451E23796595B1D848DF ] ARSM C:\Program Files (x86)\Acronis\ARSM\arsm.exe
09:46:30.0177 8816 ARSM - ok
09:46:30.0180 8816 [ EB6DC008A1F36DFD7999EB57E97EAACE ] asahci64 C:\Windows\system32\DRIVERS\asahci64.sys
09:46:30.0181 8816 asahci64 - ok
09:46:30.0184 8816 [ 22842362DF890F5492F85AA60916A697 ] asmthub3 C:\Windows\system32\DRIVERS\asmthub3.sys
09:46:30.0184 8816 asmthub3 - ok
09:46:30.0188 8816 [ 08E2D77766CC05E75A0707207D9FC684 ] asmtxhci C:\Windows\system32\DRIVERS\asmtxhci.sys
09:46:30.0190 8816 asmtxhci - ok
09:46:30.0192 8816 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
09:46:30.0192 8816 AsyncMac - ok
09:46:30.0195 8816 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
09:46:30.0195 8816 atapi - ok
09:46:30.0201 8816 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
09:46:30.0204 8816 AudioEndpointBuilder - ok
09:46:30.0208 8816 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
09:46:30.0210 8816 AudioSrv - ok
09:46:30.0242 8816 [ 4AFC14AFA58878FAA1D249E7E90EA54B ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
09:46:30.0259 8816 AVGIDSAgent - ok
09:46:30.0263 8816 [ 388056EBD5FE6718FE669078DBE37897 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys
09:46:30.0264 8816 AVGIDSDriver - ok
09:46:30.0266 8816 [ 550E981747D6A6C55078C77346FFC2C6 ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys
09:46:30.0267 8816 AVGIDSHA - ok
09:46:30.0269 8816 [ 5989592A91A17587799792A81E1541D4 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys
09:46:30.0270 8816 Avgldx64 - ok
09:46:30.0273 8816 [ 3FC43AA02545FCDDC22817829114DEC8 ] Avgloga C:\Windows\system32\DRIVERS\avgloga.sys
09:46:30.0274 8816 Avgloga - ok
09:46:30.0276 8816 [ 841C40C193889730848849AC220D9242 ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys
09:46:30.0277 8816 Avgmfx64 - ok
09:46:30.0279 8816 [ FE4F444DBE4BBBDFD8FECF49398DEFC7 ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys
09:46:30.0279 8816 Avgrkx64 - ok
09:46:30.0283 8816 [ 6B72E1E329C4E98C6B6FDD2D265E3BA3 ] avgwd C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
09:46:30.0284 8816 avgwd - ok
09:46:30.0286 8816 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
09:46:30.0287 8816 AxInstSV - ok
09:46:30.0292 8816 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
09:46:30.0294 8816 b06bdrv - ok
09:46:30.0298 8816 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
09:46:30.0299 8816 b57nd60a - ok
09:46:30.0303 8816 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
09:46:30.0303 8816 BDESVC - ok
09:46:30.0305 8816 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
09:46:30.0306 8816 Beep - ok
09:46:30.0311 8816 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
09:46:30.0315 8816 BFE - ok
09:46:30.0322 8816 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
09:46:30.0326 8816 BITS - ok
09:46:30.0328 8816 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
09:46:30.0328 8816 blbdrive - ok
09:46:30.0331 8816 [ 7091E0EA045A50952C57EB309B9CEA62 ] bmdrvr C:\Windows\syswow64\drivers\bmdrvr.sys
09:46:30.0331 8816 bmdrvr - ok
09:46:30.0334 8816 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
09:46:30.0334 8816 bowser - ok
09:46:30.0336 8816 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
09:46:30.0336 8816 BrFiltLo - ok
09:46:30.0338 8816 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
09:46:30.0338 8816 BrFiltUp - ok
09:46:30.0341 8816 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
09:46:30.0342 8816 Browser - ok
09:46:30.0344 8816 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
09:46:30.0346 8816 Brserid - ok
09:46:30.0347 8816 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
09:46:30.0348 8816 BrSerWdm - ok
09:46:30.0349 8816 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
09:46:30.0350 8816 BrUsbMdm - ok
09:46:30.0351 8816 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
09:46:30.0351 8816 BrUsbSer - ok
09:46:30.0354 8816 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
09:46:30.0354 8816 BTHMODEM - ok
09:46:30.0357 8816 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
09:46:30.0358 8816 bthserv - ok
09:46:30.0360 8816 [ B99D91E4CD9017F213645AA2E80EB425 ] CBDisk C:\Windows\system32\drivers\CBDisk.sys
09:46:30.0360 8816 CBDisk - ok
09:46:30.0362 8816 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
09:46:30.0362 8816 cdfs - ok
09:46:30.0365 8816 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
09:46:30.0366 8816 cdrom - ok
09:46:30.0370 8816 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
09:46:30.0371 8816 CertPropSvc - ok
09:46:30.0374 8816 [ 7041139E660778C47CEBF7F287C891BB ] CetonInfiniTVSvc C:\Program Files\Ceton\Ceton InfiniTV\InfiniTVSvc.exe
09:46:30.0472 8816 CetonInfiniTVSvc - ok
09:46:30.0476 8816 [ 4EC4CCB6D85B5767BF7DEE760A90D40B ] CetonTRIFSvc C:\Program Files\Ceton\Ceton InfiniTV\CetonTRIFSvc.exe
09:46:30.0481 8816 CetonTRIFSvc - ok
09:46:30.0484 8816 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
09:46:30.0484 8816 circlass - ok
09:46:30.0487 8816 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
09:46:30.0489 8816 CLFS - ok
09:46:30.0493 8816 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:46:30.0494 8816 clr_optimization_v2.0.50727_32 - ok
09:46:30.0498 8816 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
09:46:30.0499 8816 clr_optimization_v2.0.50727_64 - ok
09:46:30.0503 8816 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:46:30.0504 8816 clr_optimization_v4.0.30319_32 - ok
09:46:30.0507 8816 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
09:46:30.0508 8816 clr_optimization_v4.0.30319_64 - ok
09:46:30.0510 8816 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
09:46:30.0510 8816 CmBatt - ok
09:46:30.0512 8816 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
09:46:30.0512 8816 cmdide - ok
09:46:30.0516 8816 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
09:46:30.0518 8816 CNG - ok
09:46:30.0520 8816 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
09:46:30.0520 8816 Compbatt - ok
09:46:30.0522 8816 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
09:46:30.0522 8816 CompositeBus - ok
09:46:30.0524 8816 COMSysApp - ok
09:46:30.0526 8816 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
09:46:30.0526 8816 crcdisk - ok
09:46:30.0530 8816 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
09:46:30.0531 8816 CryptSvc - ok
09:46:30.0536 8816 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
09:46:30.0537 8816 CSC - ok
09:46:30.0543 8816 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
09:46:30.0546 8816 CscService - ok
09:46:30.0552 8816 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
09:46:30.0554 8816 DcomLaunch - ok
09:46:30.0557 8816 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
09:46:30.0559 8816 defragsvc - ok
09:46:30.0561 8816 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
09:46:30.0562 8816 DfsC - ok
09:46:30.0565 8816 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
09:46:30.0567 8816 Dhcp - ok
09:46:30.0568 8816 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
09:46:30.0569 8816 discache - ok
09:46:30.0571 8816 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
09:46:30.0572 8816 Disk - ok
09:46:30.0575 8816 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
09:46:30.0576 8816 Dnscache - ok
09:46:30.0579 8816 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
09:46:30.0580 8816 dot3svc - ok
09:46:30.0583 8816 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
09:46:30.0584 8816 DPS - ok
09:46:30.0586 8816 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
09:46:30.0586 8816 drmkaud - ok
09:46:30.0589 8816 [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
09:46:30.0590 8816 dtsoftbus01 - ok
09:46:30.0598 8816 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
09:46:30.0601 8816 DXGKrnl - ok
09:46:30.0606 8816 [ E53D32044F4A03D64D6C91CF0A22A77E ] e1cexpress C:\Windows\system32\DRIVERS\e1c62x64.sys
09:46:30.0608 8816 e1cexpress - ok
09:46:30.0611 8816 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
09:46:30.0612 8816 EapHost - ok
09:46:30.0631 8816 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
09:46:30.0642 8816 ebdrv - ok
09:46:30.0644 8816 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
09:46:30.0645 8816 EFS - ok
09:46:30.0651 8816 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
09:46:30.0655 8816 ehRecvr - ok
09:46:30.0657 8816 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
09:46:30.0658 8816 ehSched - ok
09:46:30.0663 8816 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
09:46:30.0665 8816 elxstor - ok
09:46:30.0667 8816 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
09:46:30.0667 8816 ErrDev - ok
09:46:30.0673 8816 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
09:46:30.0674 8816 EventSystem - ok
09:46:30.0677 8816 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
09:46:30.0678 8816 exfat - ok
09:46:30.0680 8816 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
09:46:30.0681 8816 fastfat - ok
09:46:30.0687 8816 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
09:46:30.0691 8816 Fax - ok
09:46:30.0693 8816 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
09:46:30.0693 8816 fdc - ok
09:46:30.0695 8816 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
09:46:30.0696 8816 fdPHost - ok
09:46:30.0698 8816 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
09:46:30.0698 8816 FDResPub - ok
09:46:30.0701 8816 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
09:46:30.0701 8816 FileInfo - ok
09:46:30.0703 8816 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
09:46:30.0703 8816 Filetrace - ok
09:46:30.0710 8816 [ 7E76EED28B8B8696B7F7ED5F757AA304 ] FileZilla Server C:\Program Files (x86)\FileZilla Server\FileZilla Server.exe
09:46:30.0726 8816 FileZilla Server - ok
09:46:30.0728 8816 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
09:46:30.0728 8816 flpydisk - ok
09:46:30.0732 8816 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
09:46:30.0733 8816 FltMgr - ok
09:46:30.0742 8816 [ B4447F606BB19FD8AD0BAFB59B90F5D9 ] FontCache C:\Windows\system32\FntCache.dll
09:46:30.0746 8816 FontCache - ok
09:46:30.0749 8816 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:46:30.0750 8816 FontCache3.0.0.0 - ok
09:46:30.0752 8816 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
09:46:30.0753 8816 FsDepends - ok
09:46:30.0755 8816 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
09:46:30.0755 8816 Fs_Rec - ok
09:46:30.0759 8816 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
09:46:30.0760 8816 fvevol - ok
09:46:30.0762 8816 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
09:46:30.0763 8816 gagp30kx - ok
09:46:30.0770 8816 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
09:46:30.0773 8816 gpsvc - ok
09:46:30.0776 8816 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:46:30.0777 8816 gupdate - ok
09:46:30.0785 8816 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:46:30.0786 8816 gupdatem - ok
09:46:30.0790 8816 [ 49FF998B490B4AEF6C71A669FD10F09B ] hcmon C:\Windows\system32\drivers\hcmon.sys
09:46:30.0791 8816 hcmon - ok
09:46:30.0793 8816 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
09:46:30.0793 8816 hcw85cir - ok
09:46:30.0798 8816 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
09:46:30.0799 8816 HdAudAddService - ok
09:46:30.0802 8816 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
09:46:30.0803 8816 HDAudBus - ok
09:46:30.0805 8816 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
09:46:30.0805 8816 HidBatt - ok
09:46:30.0807 8816 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
09:46:30.0808 8816 HidBth - ok
09:46:30.0810 8816 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
09:46:30.0810 8816 HidIr - ok
09:46:30.0812 8816 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
09:46:30.0813 8816 hidserv - ok
09:46:30.0815 8816 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
09:46:30.0816 8816 HidUsb - ok
09:46:30.0818 8816 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
09:46:30.0819 8816 hkmsvc - ok
09:46:30.0823 8816 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
09:46:30.0824 8816 HomeGroupListener - ok
09:46:30.0827 8816 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
09:46:30.0829 8816 HomeGroupProvider - ok
09:46:30.0832 8816 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
09:46:30.0832 8816 HpSAMD - ok
09:46:30.0839 8816 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
09:46:30.0842 8816 HTTP - ok
09:46:30.0844 8816 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
09:46:30.0844 8816 hwpolicy - ok
09:46:30.0847 8816 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
09:46:30.0847 8816 i8042prt - ok
09:46:30.0853 8816 [ 6C024B3AE192D72B216166802AF345DD ] iaStorA C:\Windows\system32\DRIVERS\iaStorA.sys
09:46:30.0855 8816 iaStorA - ok
09:46:30.0858 8816 [ 7F7A03D03FA18A0DB2DAC37A8D620E7F ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
09:46:30.0862 8816 IAStorDataMgrSvc - ok
09:46:30.0865 8816 [ 661594437CA343CC89C586283442AF73 ] iaStorF C:\Windows\system32\DRIVERS\iaStorF.sys
09:46:30.0865 8816 iaStorF - ok
09:46:30.0870 8816 [ 3DF4395A7CF8B7A72A5F4606366B8C2D ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
09:46:30.0871 8816 iaStorV - ok
09:46:30.0877 8816 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
09:46:30.0881 8816 idsvc - ok
09:46:30.0884 8816 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
09:46:30.0884 8816 iirsp - ok
09:46:30.0890 8816 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
09:46:30.0894 8816 IKEEXT - ok
09:46:30.0899 8816 [ A53C54D81C726BEB508F0005F445C4A0 ] Intel® PROSet Monitoring Service C:\Windows\system32\IProsetMonitor.exe
09:46:30.0900 8816 Intel® PROSet Monitoring Service - ok
09:46:30.0902 8816 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
09:46:30.0902 8816 intelide - ok
09:46:30.0908 8816 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
09:46:30.0909 8816 intelppm - ok
09:46:30.0913 8816 [ D9DA7B3117BF5EFF921C0CDED4D58050 ] IntuitUpdateServiceV4 C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
09:46:30.0913 8816 IntuitUpdateServiceV4 - ok
09:46:30.0915 8816 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
09:46:30.0916 8816 IPBusEnum - ok
09:46:30.0918 8816 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:46:30.0919 8816 IpFilterDriver - ok
09:46:30.0924 8816 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
09:46:30.0926 8816 iphlpsvc - ok
09:46:30.0929 8816 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
09:46:30.0929 8816 IPMIDRV - ok
09:46:30.0931 8816 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
09:46:30.0932 8816 IPNAT - ok
09:46:30.0934 8816 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
09:46:30.0934 8816 IRENUM - ok
09:46:30.0936 8816 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
09:46:30.0936 8816 isapnp - ok
09:46:30.0939 8816 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
09:46:30.0941 8816 iScsiPrt - ok
09:46:30.0943 8816 [ 8E4577C6E0D3114170509159DE658907 ] iusb3hcs C:\Windows\system32\DRIVERS\iusb3hcs.sys
09:46:30.0943 8816 iusb3hcs - ok
09:46:30.0946 8816 [ FE76346E9B57DA575BD1B3BD0CCAD7FF ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys
09:46:30.0948 8816 iusb3hub - ok
09:46:30.0955 8816 [ 1008CD90DA2198FFD250298DEB9DF160 ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys
09:46:30.0958 8816 iusb3xhc - ok
09:46:30.0961 8816 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
09:46:30.0962 8816 kbdclass - ok
09:46:30.0964 8816 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
09:46:30.0964 8816 kbdhid - ok
09:46:30.0966 8816 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
09:46:30.0967 8816 KeyIso - ok
09:46:30.0969 8816 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
09:46:30.0970 8816 KSecDD - ok
09:46:30.0972 8816 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
09:46:30.0973 8816 KSecPkg - ok
09:46:30.0975 8816 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
09:46:30.0976 8816 ksthunk - ok
09:46:30.0979 8816 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
09:46:30.0981 8816 KtmRm - ok
09:46:30.0984 8816 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
09:46:30.0986 8816 LanmanServer - ok
09:46:30.0988 8816 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:46:30.0989 8816 LanmanWorkstation - ok
09:46:30.0992 8816 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
09:46:30.0993 8816 lltdio - ok
09:46:30.0996 8816 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
09:46:30.0998 8816 lltdsvc - ok
09:46:31.0000 8816 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
09:46:31.0000 8816 lmhosts - ok
09:46:31.0005 8816 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
09:46:31.0005 8816 LSI_FC - ok
09:46:31.0008 8816 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
09:46:31.0009 8816 LSI_SAS - ok
09:46:31.0011 8816 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
09:46:31.0011 8816 LSI_SAS2 - ok
09:46:31.0014 8816 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
09:46:31.0014 8816 LSI_SCSI - ok
09:46:31.0017 8816 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
09:46:31.0017 8816 luafv - ok
09:46:31.0020 8816 [ 543080D7653128B1FA7CD8F7DB22BADB ] M4LIC C:\Program Files (x86)\Common Files\Mediafour\M4LIC.EXE
09:46:31.0028 8816 M4LIC - ok
09:46:31.0032 8816 [ AC98B1E43C54ECD4A8F348FD388FA7A8 ] MacDrive8Service C:\Program Files\Mediafour\MacDrive 8\MacDrive8Service.exe
09:46:31.0041 8816 MacDrive8Service - ok
09:46:31.0044 8816 [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
09:46:31.0044 8816 MBAMProtector - ok
09:46:31.0049 8816 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
09:46:31.0050 8816 MBAMScheduler - ok
09:46:31.0055 8816 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
09:46:31.0058 8816 MBAMService - ok
09:46:31.0061 8816 [ BB9A3294CFD5CDD61747F74302FAAC1C ] MCEBuddy2x C:\Program Files (x86)\MCEBuddy2x\MCEBuddy.Service.exe
09:46:31.0155 8816 MCEBuddy2x - ok
09:46:31.0159 8816 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
09:46:31.0160 8816 Mcx2Svc - ok
09:46:31.0163 8816 [ 1F2A22E735646F72BEA9D6E454DE2F57 ] MDFSYSNT C:\Windows\system32\drivers\MDFSYSNT.sys
09:46:31.0165 8816 MDFSYSNT - ok
09:46:31.0167 8816 [ E742557A08EABCCC897D79717DB2D5FE ] MDPMGRNT C:\Windows\system32\DRIVERS\MDPMGRNT.SYS
09:46:31.0167 8816 MDPMGRNT - ok
09:46:31.0169 8816 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
09:46:31.0170 8816 megasas - ok
09:46:31.0173 8816 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
09:46:31.0174 8816 MegaSR - ok
09:46:31.0176 8816 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
09:46:31.0177 8816 MMCSS - ok
09:46:31.0224 8816 [ 2BE5D7B054F4788CB67953A81557B15A ] MMS C:\Program Files (x86)\Acronis\BackupAndRecovery\mms.exe
09:46:31.0249 8816 MMS - ok
09:46:31.0253 8816 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
09:46:31.0254 8816 Modem - ok
09:46:31.0256 8816 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
09:46:31.0256 8816 monitor - ok
09:46:31.0258 8816 [ 95314C3A08589471983C2C8173F23CDA ] MonitorFunction C:\Windows\system32\DRIVERS\TVMonitor.sys
09:46:31.0258 8816 MonitorFunction - ok
09:46:31.0261 8816 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
09:46:31.0261 8816 mouclass - ok
09:46:31.0264 8816 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
09:46:31.0265 8816 mouhid - ok
09:46:31.0267 8816 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
09:46:31.0268 8816 mountmgr - ok
09:46:31.0271 8816 [ 05BF204EC0E82CC4A054DB189C8A3D84 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
09:46:31.0272 8816 MpFilter - ok
09:46:31.0275 8816 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
09:46:31.0276 8816 mpio - ok
09:46:31.0278 8816 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
09:46:31.0278 8816 mpsdrv - ok
09:46:31.0285 8816 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
09:46:31.0288 8816 MpsSvc - ok
09:46:31.0290 8816 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
09:46:31.0291 8816 MRxDAV - ok
09:46:31.0294 8816 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
09:46:31.0295 8816 mrxsmb - ok
09:46:31.0298 8816 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:46:31.0299 8816 mrxsmb10 - ok
09:46:31.0302 8816 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:46:31.0303 8816 mrxsmb20 - ok
09:46:31.0304 8816 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
09:46:31.0305 8816 msahci - ok
09:46:31.0307 8816 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
09:46:31.0308 8816 msdsm - ok
09:46:31.0310 8816 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
09:46:31.0311 8816 MSDTC - ok
09:46:31.0314 8816 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
09:46:31.0315 8816 Msfs - ok
09:46:31.0321 8816 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
09:46:31.0321 8816 mshidkmdf - ok
09:46:31.0323 8816 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
09:46:31.0323 8816 msisadrv - ok
09:46:31.0326 8816 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
09:46:31.0327 8816 MSiSCSI - ok
09:46:31.0329 8816 msiserver - ok
09:46:31.0331 8816 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
09:46:31.0332 8816 MSKSSRV - ok
09:46:31.0334 8816 [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe
09:46:31.0335 8816 MsMpSvc - ok
09:46:31.0336 8816 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
09:46:31.0336 8816 MSPCLOCK - ok
09:46:31.0338 8816 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
09:46:31.0338 8816 MSPQM - ok
09:46:31.0342 8816 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
09:46:31.0343 8816 MsRPC - ok
09:46:31.0346 8816 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
09:46:31.0347 8816 mssmbios - ok
09:46:31.0348 8816 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
09:46:31.0349 8816 MSTEE - ok
09:46:31.0352 8816 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
09:46:31.0352 8816 MTConfig - ok
09:46:31.0354 8816 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
09:46:31.0355 8816 Mup - ok
09:46:31.0359 8816 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
09:46:31.0361 8816 napagent - ok
09:46:31.0365 8816 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
09:46:31.0366 8816 NativeWifiP - ok
09:46:31.0375 8816 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
09:46:31.0379 8816 NDIS - ok
09:46:31.0381 8816 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
09:46:31.0381 8816 NdisCap - ok
09:46:31.0383 8816 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
09:46:31.0384 8816 NdisTapi - ok
09:46:31.0386 8816 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
09:46:31.0386 8816 Ndisuio - ok
09:46:31.0389 8816 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
09:46:31.0390 8816 NdisWan - ok
09:46:31.0392 8816 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
09:46:31.0392 8816 NDProxy - ok
09:46:31.0394 8816 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
09:46:31.0395 8816 NetBIOS - ok
09:46:31.0397 8816 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
09:46:31.0399 8816 NetBT - ok
09:46:31.0401 8816 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
09:46:31.0402 8816 Netlogon - ok
09:46:31.0406 8816 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
09:46:31.0408 8816 Netman - ok
09:46:31.0412 8816 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
09:46:31.0415 8816 netprofm - ok
09:46:31.0417 8816 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
09:46:31.0418 8816 NetTcpPortSharing - ok
09:46:31.0420 8816 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
09:46:31.0421 8816 nfrd960 - ok
09:46:31.0423 8816 [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
09:46:31.0424 8816 NisDrv - ok
09:46:31.0427 8816 [ 79E80B10FE8F6662E0C9162A68C43444 ] NisSrv C:\Program Files\Microsoft Security Client\NisSrv.exe
09:46:31.0429 8816 NisSrv - ok
09:46:31.0432 8816 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
09:46:31.0434 8816 NlaSvc - ok
09:46:31.0436 8816 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
09:46:31.0436 8816 Npfs - ok
09:46:31.0438 8816 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
09:46:31.0439 8816 nsi - ok
09:46:31.0441 8816 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
09:46:31.0441 8816 nsiproxy - ok
09:46:31.0454 8816 [ 05D78AA5CB5F3F5C31160BDB955D0B7C ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
09:46:31.0459 8816 Ntfs - ok
09:46:31.0462 8816 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
09:46:31.0462 8816 Null - ok
09:46:31.0465 8816 [ 1F07B814C0BB5AABA703ABFF1F31F2E8 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
09:46:31.0466 8816 NVHDA - ok
09:46:31.0522 8816 [ FE2909F7DFB12B9A20AD207FE23B7E96 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
09:46:31.0566 8816 nvlddmkm - ok
09:46:31.0571 8816 [ 5D9FD91F3D38DC9DA01E3CB5FA89CD48 ] nvraid C:\Windows\system32\drivers\nvraid.sys
09:46:31.0572 8816 nvraid - ok
09:46:31.0574 8816 [ F7CD50FE7139F07E77DA8AC8033D1832 ] nvstor C:\Windows\system32\drivers\nvstor.sys
09:46:31.0575 8816 nvstor - ok
09:46:31.0583 8816 [ 3341D2C91989BC87C3C0BAA97C27253B ] nvsvc C:\Windows\system32\nvvsvc.exe
09:46:31.0586 8816 nvsvc - ok
09:46:31.0595 8816 [ 551CE34DAD2DFF0A480781E68B286E4D ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
09:46:31.0601 8816 nvUpdatusService - ok
09:46:31.0604 8816 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
09:46:31.0605 8816 nv_agp - ok
09:46:31.0607 8816 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
09:46:31.0608 8816 ohci1394 - ok
09:46:31.0610 8816 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:46:31.0611 8816 ose - ok
09:46:31.0638 8816 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
09:46:31.0653 8816 osppsvc - ok
09:46:31.0659 8816 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
09:46:31.0661 8816 p2pimsvc - ok
09:46:31.0666 8816 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
09:46:31.0668 8816 p2psvc - ok
09:46:31.0670 8816 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
09:46:31.0671 8816 Parport - ok
09:46:31.0673 8816 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
09:46:31.0674 8816 partmgr - ok
09:46:31.0676 8816 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
09:46:31.0678 8816 PcaSvc - ok
09:46:31.0680 8816 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
09:46:31.0682 8816 pci - ok
09:46:31.0684 8816 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
09:46:31.0685 8816 pciide - ok
09:46:31.0687 8816 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
09:46:31.0689 8816 pcmcia - ok
09:46:31.0691 8816 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
09:46:31.0691 8816 pcw - ok
09:46:31.0696 8816 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
09:46:31.0699 8816 PEAUTH - ok
09:46:31.0709 8816 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
09:46:31.0714 8816 PeerDistSvc - ok
09:46:31.0727 8816 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
09:46:31.0728 8816 PerfHost - ok
09:46:31.0740 8816 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
09:46:31.0747 8816 pla - ok
09:46:31.0752 8816 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
09:46:31.0755 8816 PlugPlay - ok
09:46:31.0757 8816 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
09:46:31.0757 8816 PNRPAutoReg - ok
09:46:31.0760 8816 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
09:46:31.0762 8816 PNRPsvc - ok
09:46:31.0767 8816 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
09:46:31.0769 8816 PolicyAgent - ok
09:46:31.0773 8816 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
09:46:31.0775 8816 Power - ok
09:46:31.0778 8816 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
09:46:31.0779 8816 PptpMiniport - ok
09:46:31.0781 8816 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
09:46:31.0782 8816 Processor - ok
09:46:31.0784 8816 [ 5C78838B4D166D1A27DB3A8A820C799A ] ProfSvc C:\Windows\system32\profsvc.dll
09:46:31.0786 8816 ProfSvc - ok
09:46:31.0788 8816 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
09:46:31.0788 8816 ProtectedStorage - ok
09:46:31.0791 8816 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
09:46:31.0792 8816 Psched - ok
09:46:31.0803 8816 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
09:46:31.0809 8816 ql2300 - ok
09:46:31.0812 8816 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
09:46:31.0813 8816 ql40xx - ok
09:46:31.0817 8816 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
09:46:31.0819 8816 QWAVE - ok
09:46:31.0821 8816 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
09:46:31.0822 8816 QWAVEdrv - ok
09:46:31.0825 8816 [ CC91BA1BE09822318D7C7254570448BF ] RAMDiskVE C:\Windows\system32\Drivers\RAMDiskVE.sys
09:46:31.0825 8816 RAMDiskVE - ok
09:46:31.0827 8816 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
09:46:31.0828 8816 RasAcd - ok
09:46:31.0830 8816 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
09:46:31.0831 8816 RasAgileVpn - ok
09:46:31.0833 8816 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
09:46:31.0834 8816 RasAuto - ok
09:46:31.0837 8816 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
09:46:31.0838 8816 Rasl2tp - ok
09:46:31.0841 8816 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
09:46:31.0843 8816 RasMan - ok
09:46:31.0846 8816 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
09:46:31.0846 8816 RasPppoe - ok
09:46:31.0849 8816 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
09:46:31.0849 8816 RasSstp - ok
09:46:31.0856 8816 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
09:46:31.0858 8816 rdbss - ok
09:46:31.0860 8816 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
09:46:31.0861 8816 rdpbus - ok
09:46:31.0863 8816 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
09:46:31.0863 8816 RDPCDD - ok
09:46:31.0867 8816 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
09:46:31.0868 8816 RDPDR - ok
09:46:31.0871 8816 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
09:46:31.0871 8816 RDPENCDD - ok
09:46:31.0873 8816 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
09:46:31.0874 8816 RDPREFMP - ok
09:46:31.0877 8816 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
09:46:31.0878 8816 RDPWD - ok
09:46:31.0882 8816 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
09:46:31.0883 8816 rdyboost - ok
09:46:31.0886 8816 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
09:46:31.0887 8816 RemoteAccess - ok
09:46:31.0889 8816 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
09:46:31.0890 8816 RemoteRegistry - ok
09:46:31.0893 8816 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
09:46:31.0894 8816 RpcEptMapper - ok
09:46:31.0896 8816 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
09:46:31.0897 8816 RpcLocator - ok
09:46:31.0902 8816 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
09:46:31.0904 8816 RpcSs - ok
09:46:31.0906 8816 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
09:46:31.0907 8816 rspndr - ok
09:46:31.0909 8816 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
09:46:31.0909 8816 s3cap - ok
09:46:31.0911 8816 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
09:46:31.0911 8816 SamSs - ok
09:46:31.0913 8816 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
09:46:31.0915 8816 sbp2port - ok
09:46:31.0917 8816 [ 9ACEB2A2362FC87A3825963E61BA9076 ] SBRE C:\Windows\system32\drivers\SBREdrv.sys
09:46:31.0918 8816 SBRE - ok
09:46:31.0921 8816 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
09:46:31.0922 8816 SCardSvr - ok
09:46:31.0924 8816 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
09:46:31.0925 8816 scfilter - ok
09:46:31.0933 8816 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
09:46:31.0939 8816 Schedule - ok
09:46:31.0941 8816 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
09:46:31.0942 8816 SCPolicySvc - ok
09:46:31.0945 8816 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
09:46:31.0946 8816 SDRSVC - ok
09:46:31.0948 8816 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
09:46:31.0949 8816 secdrv - ok
09:46:31.0951 8816 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
09:46:31.0952 8816 seclogon - ok
09:46:31.0954 8816 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
09:46:31.0955 8816 SENS - ok
09:46:31.0957 8816 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
09:46:31.0958 8816 SensrSvc - ok
09:46:31.0959 8816 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
09:46:31.0960 8816 Serenum - ok
09:46:31.0962 8816 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
09:46:31.0962 8816 Serial - ok
09:46:31.0964 8816 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
09:46:31.0965 8816 sermouse - ok
09:46:31.0985 8816 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
09:46:31.0987 8816 SessionEnv - ok
09:46:31.0990 8816 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
09:46:31.0991 8816 sffdisk - ok
09:46:31.0993 8816 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
09:46:31.0993 8816 sffp_mmc - ok
09:46:31.0995 8816 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
09:46:31.0996 8816 sffp_sd - ok
09:46:31.0998 8816 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
09:46:31.0998 8816 sfloppy - ok
09:46:32.0002 8816 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
09:46:32.0004 8816 SharedAccess - ok
09:46:32.0008 8816 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:46:32.0010 8816 ShellHWDetection - ok
09:46:32.0026 8816 [ 61FD876CA2E7AEA663D232AAD8DBDCD7 ] ShowAnalyzerMaster C:\Program Files (x86)\Dragon Global\ShowAnalyzerSuite\ShowAnalyzerMaster.exe
09:46:32.0234 8816 ShowAnalyzerMaster - ok
09:46:32.0239 8816 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
09:46:32.0240 8816 SiSRaid2 - ok
09:46:32.0242 8816 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
09:46:32.0242 8816 SiSRaid4 - ok
09:46:32.0244 8816 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
09:46:32.0245 8816 Smb - ok
09:46:32.0250 8816 [ 666C08C3F694D62695E3ECE787E5D6C6 ] snapman C:\Windows\system32\DRIVERS\snapman.sys
09:46:32.0251 8816 snapman - ok
09:46:32.0253 8816 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
09:46:32.0254 8816 SNMPTRAP - ok
09:46:32.0255 8816 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
09:46:32.0256 8816 spldr - ok
09:46:32.0261 8816 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe
09:46:32.0263 8816 Spooler - ok
09:46:32.0285 8816 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
09:46:32.0298 8816 sppsvc - ok
09:46:32.0302 8816 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
09:46:32.0303 8816 sppuinotify - ok
09:46:32.0307 8816 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
09:46:32.0310 8816 srv - ok
09:46:32.0314 8816 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
09:46:32.0316 8816 srv2 - ok
09:46:32.0319 8816 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
09:46:32.0320 8816 srvnet - ok
09:46:32.0323 8816 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
09:46:32.0325 8816 SSDPSRV - ok
09:46:32.0328 8816 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
09:46:32.0329 8816 SstpSvc - ok
09:46:32.0331 8816 Steam Client Service - ok
09:46:32.0337 8816 [ 0632004181860960CF6E10DE8DDEF78B ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
09:46:32.0338 8816 Stereo Service - ok
09:46:32.0340 8816 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
09:46:32.0340 8816 stexstor - ok
09:46:32.0345 8816 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
09:46:32.0349 8816 stisvc - ok
09:46:32.0351 8816 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
09:46:32.0352 8816 storflt - ok
09:46:32.0354 8816 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
09:46:32.0355 8816 StorSvc - ok
09:46:32.0356 8816 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
09:46:32.0357 8816 storvsc - ok
09:46:32.0359 8816 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
09:46:32.0359 8816 swenum - ok
09:46:32.0363 8816 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
09:46:32.0366 8816 swprv - ok
09:46:32.0378 8816 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
09:46:32.0384 8816 SysMain - ok
09:46:32.0387 8816 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
09:46:32.0388 8816 TabletInputService - ok
09:46:32.0392 8816 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
09:46:32.0394 8816 TapiSrv - ok
09:46:32.0397 8816 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
09:46:32.0398 8816 TBS - ok
09:46:32.0410 8816 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
09:46:32.0419 8816 Tcpip - ok
09:46:32.0430 8816 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
09:46:32.0436 8816 TCPIP6 - ok
09:46:32.0439 8816 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
09:46:32.0440 8816 tcpipreg - ok
09:46:32.0443 8816 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
09:46:32.0443 8816 TDPIPE - ok
09:46:32.0445 8816 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
09:46:32.0446 8816 TDTCP - ok
09:46:32.0448 8816 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
09:46:32.0449 8816 tdx - ok
09:46:32.0477 8816 [ 9F3E7CABE86BBDECA009DE291DB6D9E2 ] TeamViewer8 C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
09:46:32.0488 8816 TeamViewer8 - ok
09:46:32.0491 8816 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
09:46:32.0492 8816 TermDD - ok
09:46:32.0498 8816 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
09:46:32.0502 8816 TermService - ok
09:46:32.0504 8816 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
09:46:32.0505 8816 Themes - ok
09:46:32.0508 8816 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
09:46:32.0508 8816 THREADORDER - ok
09:46:32.0516 8816 [ 6ADC063FD51F03EF0CAB3E716A725BD2 ] timounter C:\Windows\system32\DRIVERS\timntr.sys
09:46:32.0520 8816 timounter - ok
09:46:32.0523 8816 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
09:46:32.0525 8816 TrkWks - ok
09:46:32.0528 8816 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
09:46:32.0529 8816 TrustedInstaller - ok
09:46:32.0532 8816 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
09:46:32.0533 8816 tssecsrv - ok
09:46:32.0536 8816 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
09:46:32.0537 8816 TsUsbFlt - ok
09:46:32.0540 8816 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
09:46:32.0541 8816 tunnel - ok
09:46:32.0544 8816 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
09:46:32.0544 8816 uagp35 - ok
09:46:32.0548 8816 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
09:46:32.0550 8816 udfs - ok
09:46:32.0554 8816 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
09:46:32.0555 8816 UI0Detect - ok
09:46:32.0557 8816 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
09:46:32.0558 8816 uliagpkx - ok
09:46:32.0560 8816 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
09:46:32.0561 8816 umbus - ok
09:46:32.0562 8816 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
09:46:32.0563 8816 UmPass - ok
09:46:32.0566 8816 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
09:46:32.0568 8816 UmRdpService - ok
09:46:32.0573 8816 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
09:46:32.0575 8816 upnphost - ok
09:46:32.0578 8816 [ 481DFF26B4DCA8F4CBAC1F7DCE1D6829 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
09:46:32.0578 8816 usbccgp - ok
09:46:32.0581 8816 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
09:46:32.0582 8816 usbcir - ok
09:46:32.0584 8816 [ 74EE782B1D9C241EFE425565854C661C ] usbehci C:\Windows\system32\drivers\usbehci.sys
09:46:32.0585 8816 usbehci - ok
09:46:32.0589 8816 [ DC96BD9CCB8403251BCF25047573558E ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
09:46:32.0590 8816 usbhub - ok
09:46:32.0592 8816 [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci C:\Windows\system32\drivers\usbohci.sys
09:46:32.0593 8816 usbohci - ok
09:46:32.0595 8816 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
09:46:32.0596 8816 usbprint - ok
09:46:32.0598 8816 [ D76510CFA0FC09023077F22C2F979D86 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:46:32.0599 8816 USBSTOR - ok
09:46:32.0601 8816 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
09:46:32.0601 8816 usbuhci - ok
09:46:32.0603 8816 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
09:46:32.0604 8816 UxSms - ok
09:46:32.0606 8816 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
09:46:32.0606 8816 VaultSvc - ok
09:46:32.0608 8816 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
09:46:32.0609 8816 vdrvroot - ok
09:46:32.0613 8816 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
09:46:32.0616 8816 vds - ok
09:46:32.0619 8816 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
09:46:32.0620 8816 vga - ok
09:46:32.0623 8816 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
09:46:32.0624 8816 VgaSave - ok
09:46:32.0627 8816 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
09:46:32.0629 8816 vhdmp - ok
09:46:32.0631 8816 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
09:46:32.0631 8816 viaide - ok
09:46:32.0636 8816 [ 7171B884DA8BFB1CE5C8BAE46D993CB1 ] VMAuthdService C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
09:46:32.0642 8816 VMAuthdService - ok
09:46:32.0646 8816 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
09:46:32.0647 8816 vmbus - ok
09:46:32.0649 8816 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
09:46:32.0650 8816 VMBusHID - ok
09:46:32.0652 8816 [ 6203C901DEFF10631AAD919B3BD1489B ] vmci C:\Windows\system32\DRIVERS\vmci.sys
09:46:32.0653 8816 vmci - ok
09:46:32.0656 8816 [ AEF53B47E960F227BF7638A6A1A9D5C6 ] VMnetAdapter C:\Windows\system32\DRIVERS\vmnetadapter.sys
09:46:32.0657 8816 VMnetAdapter - ok
09:46:32.0660 8816 [ C234A1DC2F06A15B9210787F54253810 ] VMnetBridge C:\Windows\system32\DRIVERS\vmnetbridge.sys
09:46:32.0660 8816 VMnetBridge - ok
09:46:32.0661 8816 VMnetDHCP - ok
09:46:32.0664 8816 [ B19B92D57515D3DE3330ADD34AB6AB05 ] VMnetuserif C:\Windows\system32\drivers\vmnetuserif.sys
09:46:32.0665 8816 VMnetuserif - ok
09:46:32.0667 8816 [ 415B167695C4B5960A13098622EF3D80 ] vmusb C:\Windows\system32\Drivers\vmusb.sys
09:46:32.0668 8816 vmusb - ok
09:46:32.0675 8816 [ 105CC87FF31CB3C911ED6C515EC82F75 ] VMUSBArbService C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
09:46:32.0679 8816 VMUSBArbService - ok
09:46:32.0682 8816 VMware NAT Service - ok
09:46:32.0688 8816 [ B50448EEE4A9CC0700392EA4D9A89583 ] vmware-converter-agent C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter-a.exe
09:46:32.0689 8816 vmware-converter-agent - ok
09:46:32.0694 8816 [ 605E617D5695D55753A2398A808E228E ] vmware-converter-server C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe
09:46:32.0695 8816 vmware-converter-server - ok
09:46:32.0699 8816 [ 605E617D5695D55753A2398A808E228E ] vmware-converter-worker C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe
09:46:32.0700 8816 vmware-converter-worker - ok
09:46:32.0776 8816 [ 5C6121C09B35B01705EEF7B948B92338 ] VMwareHostd C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
09:46:32.0862 8816 VMwareHostd - ok
09:46:32.0869 8816 [ B95C74CB53894249F43A8302E9AF7E23 ] vmx86 C:\Windows\system32\drivers\vmx86.sys
09:46:32.0870 8816 vmx86 - ok
09:46:32.0872 8816 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
09:46:32.0872 8816 volmgr - ok
09:46:32.0876 8816 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
09:46:32.0877 8816 volmgrx - ok
09:46:32.0880 8816 [ DF8126BD41180351A093A3AD2FC8903B ] volsnap C:\Windows\system32\drivers\volsnap.sys
09:46:32.0882 8816 volsnap - ok
09:46:32.0884 8816 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
09:46:32.0885 8816 vsmraid - ok
09:46:32.0888 8816 [ 1BD504B8678825B40C515BEF5BFB08E7 ] vsock C:\Windows\system32\drivers\vsock.sys
09:46:32.0889 8816 vsock - ok
09:46:32.0898 8816 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
09:46:32.0907 8816 VSS - ok
09:46:32.0910 8816 [ 65EFAEC68FA234F36880533A79D7B1C1 ] vstor2-mntapi10-shared C:\Windows\syswow64\drivers\vstor2-mntapi10-shared.sys
09:46:32.0910 8816 vstor2-mntapi10-shared - ok
09:46:32.0912 8816 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
09:46:32.0913 8816 vwifibus - ok
09:46:32.0917 8816 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
09:46:32.0919 8816 W32Time - ok
09:46:32.0922 8816 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
09:46:32.0922 8816 WacomPen - ok
09:46:32.0925 8816 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
09:46:32.0925 8816 WANARP - ok
09:46:32.0927 8816 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
09:46:32.0928 8816 Wanarpv6 - ok
09:46:32.0937 8816 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
09:46:32.0944 8816 WatAdminSvc - ok
09:46:32.0954 8816 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
09:46:32.0961 8816 wbengine - ok
09:46:32.0965 8816 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
09:46:32.0966 8816 WbioSrvc - ok
09:46:32.0971 8816 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
09:46:32.0973 8816 wcncsvc - ok
09:46:32.0975 8816 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
09:46:32.0977 8816 WcsPlugInService - ok
09:46:32.0979 8816 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
09:46:32.0979 8816 Wd - ok
09:46:32.0984 8816 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
09:46:32.0987 8816 Wdf01000 - ok
09:46:32.0989 8816 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
09:46:32.0991 8816 WdiServiceHost - ok
09:46:32.0992 8816 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
09:46:32.0993 8816 WdiSystemHost - ok
09:46:32.0996 8816 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
09:46:32.0998 8816 WebClient - ok
09:46:33.0002 8816 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
09:46:33.0003 8816 Wecsvc - ok
09:46:33.0006 8816 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
09:46:33.0007 8816 wercplsupport - ok
09:46:33.0010 8816 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
09:46:33.0011 8816 WerSvc - ok
09:46:33.0013 8816 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
09:46:33.0013 8816 WfpLwf - ok
09:46:33.0015 8816 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
09:46:33.0016 8816 WIMMount - ok
09:46:33.0018 8816 WinDefend - ok
09:46:33.0022 8816 WinHttpAutoProxySvc - ok
09:46:33.0028 8816 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
09:46:33.0040 8816 Winmgmt - ok
09:46:33.0053 8816 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
09:46:33.0062 8816 WinRM - ok
09:46:33.0072 8816 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
09:46:33.0075 8816 Wlansvc - ok
09:46:33.0077 8816 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
09:46:33.0078 8816 WmiAcpi - ok
09:46:33.0083 8816 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
09:46:33.0084 8816 wmiApSrv - ok
09:46:33.0086 8816 WMPNetworkSvc - ok
09:46:33.0088 8816 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
09:46:33.0089 8816 WPCSvc - ok
09:46:33.0092 8816 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
09:46:33.0093 8816 WPDBusEnum - ok
09:46:33.0095 8816 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
09:46:33.0096 8816 ws2ifsl - ok
09:46:33.0098 8816 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
09:46:33.0100 8816 wscsvc - ok
09:46:33.0102 8816 WSearch - ok
09:46:33.0121 8816 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
09:46:33.0130 8816 wuauserv - ok
09:46:33.0133 8816 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
09:46:33.0134 8816 WudfPf - ok
09:46:33.0138 8816 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
09:46:33.0139 8816 WUDFRd - ok
09:46:33.0141 8816 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
09:46:33.0143 8816 wudfsvc - ok
09:46:33.0146 8816 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
09:46:33.0148 8816 WwanSvc - ok
09:46:33.0153 8816 ================ Scan global ===============================
09:46:33.0155 8816 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
09:46:33.0157 8816 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
09:46:33.0161 8816 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
09:46:33.0163 8816 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
09:46:33.0167 8816 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
09:46:33.0169 8816 [Global] - ok
09:46:33.0170 8816 ================ Scan MBR ==================================
09:46:33.0204 8816 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk3\DR2
09:46:33.0207 8816 \Device\Harddisk3\DR2 - ok
09:46:33.0209 8816 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR0
09:46:33.0265 8816 \Device\Harddisk1\DR0 - ok
09:46:33.0289 8816 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR1
09:46:33.0308 8816 \Device\Harddisk2\DR1 - ok
09:46:33.0309 8816 [ F06A21302510BDF961217702B21B1BBC ] \Device\Harddisk0\DR0
09:46:34.0286 8816 \Device\Harddisk0\DR0 - ok
09:46:34.0289 8816 [ 593B7F253AE59C96C9FF0E5C88669A49 ] \Device\Harddisk4\DR3
09:46:38.0841 8816 \Device\Harddisk4\DR3 - ok
09:46:38.0845 8816 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk8\DR7
09:46:38.0866 8816 \Device\Harddisk8\DR7 - ok
09:46:38.0866 8816 ================ Scan VBR ==================================
09:46:38.0868 8816 [ D18E66CE205DE94CEB80F68CF76B9D01 ] \Device\Harddisk1\DR0\Partition1
09:46:38.0869 8816 \Device\Harddisk1\DR0\Partition1 - ok
09:46:38.0872 8816 [ C86B959FFA8D89288883C44993522816 ] \Device\Harddisk1\DR0\Partition2
09:46:38.0873 8816 \Device\Harddisk1\DR0\Partition2 - ok
09:46:38.0874 8816 [ 3BDF4EE20204EA023086950CD0CD3D4A ] \Device\Harddisk2\DR1\Partition1
09:46:38.0875 8816 \Device\Harddisk2\DR1\Partition1 - ok
09:46:38.0876 8816 [ B535B0E934EEBD87FD5EBC33E3530B2F ] \Device\Harddisk0\DR0\Partition1
09:46:38.0876 8816 \Device\Harddisk0\DR0\Partition1 - ok
09:46:38.0879 8816 [ B9B3ED0213D9766BDFE5AF03FD28E646 ] \Device\Harddisk4\DR3\Partition1
09:46:38.0879 8816 \Device\Harddisk4\DR3\Partition1 - ok
09:46:38.0883 8816 [ 383A3BFA028B0D029D7CA81ED0B80885 ] \Device\Harddisk8\DR7\Partition1
09:46:38.0885 8816 \Device\Harddisk8\DR7\Partition1 - ok
09:46:38.0885 8816 ============================================================
09:46:38.0885 8816 Scan finished
09:46:38.0885 8816 ============================================================
09:46:38.0889 0916 Detected object count: 0
09:46:38.0889 0916 Actual detected object count: 0


aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-02-01 09:38:24
-----------------------------
09:38:24.578 OS Version: Windows x64 6.1.7601 Service Pack 1
09:38:24.578 Number of processors: 8 586 0x2A07
09:38:24.578 ComputerName: KLOWNICLE-PC UserName: Klownicle
09:38:24.872 Initialize success
09:38:46.475 AVAST engine defs: 13020100
09:38:49.471 Disk 0 \Device\Harddisk0\DR0 -> \Device\00000009
09:38:49.472 Disk 0 Vendor: ( Size: 4092MB BusType: 0
09:38:49.473 Disk 1 (boot) \Device\Harddisk1\DR0 -> \Device\00000074
09:38:49.474 Disk 1 Vendor: Intel___ 1.0. Size: 114479MB BusType: 8
09:38:49.475 Disk 2 \Device\Harddisk2\DR1 -> \Device\00000075
09:38:49.476 Disk 2 Vendor: Intel___ 1.0. Size: 1907726MB BusType: 8
09:38:49.478 Disk 3 \Device\Harddisk3\DR2 -> \Device\Ide\IdeDeviceP0T0L0-0
09:38:49.479 Disk 3 Vendor: H/W_RAID50 0958 Size: 11446016MB BusType: 11
09:38:49.481 Disk 1 MBR read successfully
09:38:49.482 Disk 1 MBR scan
09:38:49.485 Disk 1 Windows 7 default MBR code
09:38:49.487 Disk 1 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
09:38:49.500 Disk 1 Partition 2 00 07 HPFS/NTFS NTFS 114377 MB offset 206848
09:38:49.526 Disk 1 scanning C:\Windows\system32\drivers
09:38:54.001 Service scanning
09:39:09.837 Modules scanning
09:39:09.841 Disk 1 trace - called modules:
09:39:09.845 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStorF.sys storport.sys hal.dll iaStorA.sys
09:39:09.847 1 nt!IofCallDriver -> \Device\Harddisk1\DR0[0xfffffa8017ed6060]
09:39:09.850 3 CLASSPNP.SYS[fffff880017ca43f] -> nt!IofCallDriver -> [0xfffffa8017ed0c50]
09:39:09.854 5 iaStorF.sys[fffff88001ff5168] -> nt!IofCallDriver -> \Device\00000074[0xfffffa800d71d9c0]
09:39:10.036 AVAST engine scan C:\Windows
09:39:10.431 AVAST engine scan C:\Windows\system32
09:41:04.378 AVAST engine scan C:\Windows\system32\drivers
09:41:10.563 AVAST engine scan C:\Users\Klownicle
09:43:11.880 AVAST engine scan C:\ProgramData
09:43:38.977 Scan finished successfully
09:46:05.191 Disk 1 MBR has been saved successfully to "C:\Users\Klownicle\Documents\MBR.dat"
09:46:05.194 The log file has been saved successfully to "C:\Users\Klownicle\Documents\aswMBR.txt"



#5 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:39 AM

Posted 01 February 2013 - 09:54 AM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.


Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#6 Klownicle

Klownicle
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:11:39 AM

Posted 01 February 2013 - 12:17 PM

Farbar Service Scanner Version: 30-01-2013
Ran by Klownicle (administrator) on 01-02-2013 at 11:28:29
Running from "C:\Users\Klownicle\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2C1PIL8T"
Windows 7 Professional Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error. Google IP is offline
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****


MiniToolBox by Farbar Version:10-01-2013
Ran by Klownicle (administrator) on 01-02-2013 at 11:25:02
Running from "C:\Users\Klownicle\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IJNCD6VX"
Windows 7 Professional Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================



========================= IP Configuration: ================================

Intel® 82579V Gigabit Network Connection = Local Area Connection (Connected)
VMware Virtual Ethernet Adapter for VMnet1 = VMware Network Adapter VMnet1 (Connected)
VMware Virtual Ethernet Adapter for VMnet8 = VMware Network Adapter VMnet8 (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
add address name="VMware Network Adapter VMnet1" address=192.168.40.1 mask=255.255.255.0
add address name="VMware Network Adapter VMnet8" address=192.168.253.1 mask=255.255.255.0


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Klownicle-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : home

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : home
Description . . . . . . . . . . . : Intel® 82579V Gigabit Network Connection
Physical Address. . . . . . . . . : C8-60-00-CB-93-36
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::d805:4232:d058:c514%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.2(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Wednesday, January 30, 2013 4:02:44 PM
Lease Expires . . . . . . . . . . : Saturday, February 02, 2013 4:02:43 AM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 248012800
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-78-2E-54-C8-60-00-CB-93-36
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter VMware Network Adapter VMnet1:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : VMware Virtual Ethernet Adapter for VMnet1
Physical Address. . . . . . . . . : 00-50-56-C0-00-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::885d:a3f4:2d02:4ee0%14(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.40.1(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
DHCPv6 IAID . . . . . . . . . . . : 318787670
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-78-2E-54-C8-60-00-CB-93-36
DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
fec0:0:0:ffff::3%1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter VMware Network Adapter VMnet8:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : VMware Virtual Ethernet Adapter for VMnet8
Physical Address. . . . . . . . . : 00-50-56-C0-00-08
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::7df3:56f2:f386:f454%16(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.253.1(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
DHCPv6 IAID . . . . . . . . . . . : 352342102
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-78-2E-54-C8-60-00-CB-93-36
DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
fec0:0:0:ffff::3%1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.home:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : home
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{109F77DC-61FD-4683-853E-66D63616E453}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{827C5DBC-3153-449E-9682-EA8170AA81F3}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: Wireless_Broadband_Router.home
Address: 192.168.1.1

Name: google.com
Addresses: 2607:f8b0:4008:802::1003
74.125.229.232
74.125.229.230
74.125.229.226
74.125.229.231
74.125.229.238
74.125.229.233
74.125.229.228
74.125.229.227
74.125.229.224
74.125.229.225
74.125.229.229


Pinging google.com [74.125.229.230] with 32 bytes of data:
Reply from 74.125.229.230: bytes=32 time=17ms TTL=55
Reply from 74.125.229.230: bytes=32 time=18ms TTL=55

Ping statistics for 74.125.229.230:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 17ms, Maximum = 18ms, Average = 17ms
Server: Wireless_Broadband_Router.home
Address: 192.168.1.1

Name: yahoo.com
Addresses: 98.139.183.24
98.138.253.109
206.190.36.45


Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=149ms TTL=50
Reply from 98.138.253.109: bytes=32 time=174ms TTL=50

Ping statistics for 98.138.253.109:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 149ms, Maximum = 174ms, Average = 161ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=5ms TTL=128
Reply from 127.0.0.1: bytes=32 time=3ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 3ms, Maximum = 5ms, Average = 4ms
===========================================================================
Interface List
10...c8 60 00 cb 93 36 ......Intel® 82579V Gigabit Network Connection
14...00 50 56 c0 00 01 ......VMware Virtual Ethernet Adapter for VMnet1
16...00 50 56 c0 00 08 ......VMware Virtual Ethernet Adapter for VMnet8
1...........................Software Loopback Interface 1
11...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.2 10
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.2 266
192.168.1.2 255.255.255.255 On-link 192.168.1.2 266
192.168.1.255 255.255.255.255 On-link 192.168.1.2 266
192.168.40.0 255.255.255.0 On-link 192.168.40.1 276
192.168.40.1 255.255.255.255 On-link 192.168.40.1 276
192.168.40.255 255.255.255.255 On-link 192.168.40.1 276
192.168.253.0 255.255.255.0 On-link 192.168.253.1 276
192.168.253.1 255.255.255.255 On-link 192.168.253.1 276
192.168.253.255 255.255.255.255 On-link 192.168.253.1 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.2 266
224.0.0.0 240.0.0.0 On-link 192.168.40.1 276
224.0.0.0 240.0.0.0 On-link 192.168.253.1 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.2 266
255.255.255.255 255.255.255.255 On-link 192.168.40.1 276
255.255.255.255 255.255.255.255 On-link 192.168.253.1 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
10 266 fe80::/64 On-link
14 276 fe80::/64 On-link
16 276 fe80::/64 On-link
16 276 fe80::7df3:56f2:f386:f454/128
On-link
14 276 fe80::885d:a3f4:2d02:4ee0/128
On-link
10 266 fe80::d805:4232:d058:c514/128
On-link
1 306 ff00::/8 On-link
10 266 ff00::/8 On-link
14 276 ff00::/8 On-link
16 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\vsocklib.dll [63128] (VMware, Inc.)
Catalog9 12 C:\Windows\SysWOW64\vsocklib.dll [63128] (VMware, Inc.)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\vsocklib.dll [67224] (VMware, Inc.)
x64-Catalog9 12 C:\Windows\System32\vsocklib.dll [67224] (VMware, Inc.)

========================= Event log errors: ===============================

Application errors:
==================
Error: (02/01/2013 09:07:31 AM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2013 -- SA_Error25101: StandardAction(0xC007620D): We have detected that Microsoft Security Essentials, is already installed on your system, therefore the installation can not continue. We recommend that you uninstall this product first and then try to launch the installation again.

Error: (01/30/2013 04:11:05 PM) (Source: PerfOS) (User: )
Description:

Error: (01/30/2013 04:07:05 PM) (Source: PerfOS) (User: )
Description:

Error: (01/30/2013 04:05:05 PM) (Source: PerfOS) (User: )
Description:

Error: (01/30/2013 04:05:05 PM) (Source: PerfOS) (User: )
Description:

Error: (01/30/2013 04:03:04 PM) (Source: PerfOS) (User: )
Description:

Error: (01/30/2013 04:03:02 PM) (Source: PerfOS) (User: )
Description:

Error: (01/29/2013 05:05:48 PM) (Source: PerfOS) (User: )
Description:

Error: (01/29/2013 05:01:48 PM) (Source: PerfOS) (User: )
Description:

Error: (01/29/2013 04:59:48 PM) (Source: PerfOS) (User: )
Description:


System errors:
=============
Error: (01/31/2013 08:58:37 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk9\DR12.

Error: (01/31/2013 08:41:43 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk9\DR12.

Error: (01/31/2013 08:39:39 PM) (Source: Application Popup) (User: )
Description: Driver USB returned invalid ID for a child device (000761E2E26E).

Error: (01/31/2013 08:35:06 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk9\DR12.

Error: (01/30/2013 04:02:46 PM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
%%5

Error: (01/30/2013 04:02:45 PM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
%%5

Error: (01/30/2013 04:02:15 PM) (Source: volmgr) (User: )
Description: Crash dump initialization failed!

Error: (01/30/2013 03:57:31 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the avgwd service.

Error: (01/30/2013 03:57:01 PM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
%%5

Error: (01/30/2013 02:17:39 PM) (Source: Service Control Manager) (User: )
Description: The ESET Service service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.


Microsoft Office Sessions:
=========================
Error: (02/01/2013 09:07:31 AM) (Source: MsiInstaller)(User: NT AUTHORITY)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2013 -- SA_Error25101: StandardAction(0xC007620D): We have detected that Microsoft Security Essentials, is already installed on your system, therefore the installation can not continue. We recommend that you uninstall this product first and then try to launch the installation again.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (01/30/2013 04:11:05 PM) (Source: PerfOS)(User: )
Description:

Error: (01/30/2013 04:07:05 PM) (Source: PerfOS)(User: )
Description:

Error: (01/30/2013 04:05:05 PM) (Source: PerfOS)(User: )
Description:

Error: (01/30/2013 04:05:05 PM) (Source: PerfOS)(User: )
Description:

Error: (01/30/2013 04:03:04 PM) (Source: PerfOS)(User: )
Description:

Error: (01/30/2013 04:03:02 PM) (Source: PerfOS)(User: )
Description:

Error: (01/29/2013 05:05:48 PM) (Source: PerfOS)(User: )
Description:

Error: (01/29/2013 05:01:48 PM) (Source: PerfOS)(User: )
Description:

Error: (01/29/2013 04:59:48 PM) (Source: PerfOS)(User: )
Description:


CodeIntegrity Errors:
===================================
Date: 2013-01-16 21:25:21.922
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-01-16 21:25:21.897
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-01-16 21:25:21.818
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-01-16 21:25:21.740
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-01-16 21:25:21.716
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-01-16 21:25:21.660
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-01-16 21:25:21.646
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-01-16 21:25:21.626
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\gpapi.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-01-16 21:25:21.611
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\gpapi.dll because the set of per-page image hashes could not be found on the system.


=========================== Installed Programs ============================

Acronis Backup & Recovery 11 Agent Core (Version: 11.0.17217)
Acronis Backup & Recovery 11 Agent (Version: 11.0.17217)
Acronis Backup & Recovery 11 Bootable Media Builder (Version: 11.0.17217)
Acronis Backup & Recovery 11 Management Console (Version: 11.0.17217)
Active@ UNDELETE 7 Enterprise
Adobe Flash Player 11 ActiveX (Version: 11.5.502.146)
Adobe Reader XI (11.0.01) (Version: 11.0.01)
ArcSoft TotalMedia Theatre 5 (Version: 5.3.1.146)
Asmedia ASM104x USB 3.0 Host Controller Driver (Version: 1.14.3.0)
Asmedia ASM106x SATA Host Controller Driver (Version: 1.3.4.000)
AVG 2013 (Version: 13.0.2639)
AVG 2013 (Version: 13.0.2890)
AVG 2013 (Version: 13.0.2897)
AVG 2013 (Version: 2013.0.2897)
Ceton InfiniTV (x64) (Version: 12.10.23.732)
CyoHash (Version: 1.0.9.0)
DAEMON Tools Lite (Version: 4.45.4.0315)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
DeVeDe (Version: 3.17.1)
Digital Cable Advisor (Version: 1.0.0.0)
ffdshow v1.2.4486 [2012-08-25] (Version: 1.2.4486.0)
FileZilla Client 3.6.0.2 (Version: 3.6.0.2)
FileZilla Server (Version: beta 0.9.41)
Google Chrome (Version: 65.72.52)
Google Update Helper (Version: 1.3.21.123)
Image Resizer for Windows (64 bit) (Version: 3.0.4442.6002)
Image Resizer for Windows (Version: 3.0.4442.6002)
Intel® Network Connections 17.2.154.0 (Version: 17.2.154.0)
Intel® Rapid Storage Technology (Version: 11.5.4.1001)
Intel® USB 3.0 eXtensible Host Controller Driver (Version: 1.0.1.209)
Java 7 Update 10 (Version: 7.0.100)
Java Auto Updater (Version: 2.1.9.0)
MacDrive 8 (Version: 8.0.6.52)
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
MCEBuddy 2.3 (Version: 2.3.11)
MediaCoder x64 0.8.18.5353 (Version: 0.8.18.5353)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Standard 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Security Client (Version: 4.1.0522.0)
Microsoft Security Essentials (Version: 4.1.522.0)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual J# 2.0 Redistributable Package - SE (x64)
Microsoft Visual J# 2.0 Redistributable Package - SE (x64) (Version: 2.0.50728)
Music Manager
Notepad++ (Version: 6.2.3)
NVIDIA 3D Vision Controller Driver 310.70 (Version: 310.70)
NVIDIA 3D Vision Driver 310.70 (Version: 310.70)
NVIDIA Control Panel 310.70 (Version: 310.70)
NVIDIA Graphics Driver 310.70 (Version: 310.70)
NVIDIA HD Audio Driver 1.3.18.0 (Version: 1.3.18.0)
NVIDIA Install Application (Version: 2.1002.95.599)
NVIDIA PhysX (Version: 9.12.1031)
NVIDIA PhysX System Software 9.12.1031 (Version: 9.12.1031)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.1070)
NVIDIA Update 1.11.3 (Version: 1.11.3)
NVIDIA Update Components (Version: 1.11.3)
Pidgin (Version: 2.10.6)
PlayReady PC Runtime amd64 (Version: 1.3.0)
Portal 2
QuickPar 0.9 (Version: 0.9)
RAMDisk (Version: 4.0.1.9)
ReClock
ShowAnalyzerSuite (Version: 1.1.0.825)
Steam (Version: 1.0.0.0)
TeamViewer 8 (Version: 8.0.16642)
tools-freebsd (Version: 9.2.0.812388)
tools-linux (Version: 9.2.0.812388)
tools-netware (Version: 9.2.0.812388)
tools-solaris (Version: 9.2.0.812388)
tools-windows (Version: 9.2.0.812388)
tools-winPre2k (Version: 9.2.0.812388)
TreeSize Professional 5.2.2
TurboTax 2012
TurboTax 2012 WinPerFedFormset (Version: 012.000.1712)
TurboTax 2012 WinPerReleaseEngine (Version: 012.000.0379)
TurboTax 2012 WinPerTaxSupport (Version: 012.000.0164)
TurboTax 2012 wrapper (Version: 012.000.0127)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
Visual Studio 2010 x64 Redistributables (Version: 13.0.0.1)
VLC media player 2.0.4 (Version: 2.0.4)
VMware vCenter Converter Standalone (Version: 5.0.1.875114)
VMware vSphere Client 5.0 (Version: 5.0.0.29542)
VMware Workstation (Version: 9.0.0)
WinRAR 4.20 (64-bit) (Version: 4.20.0)
WinSCP 5.1.2 (Version: 5.1.2)

========================= Memory info: ===================================

Percentage of memory in use: 55%
Total physical RAM: 16330.86 MB
Available physical RAM: 7326.45 MB
Total Pagefile: 16329.05 MB
Available Pagefile: 6936.11 MB
Total Virtual: 4095.88 MB
Available Virtual: 3953.67 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:111.7 GB) (Free:77.09 GB) NTFS
2 Drive e: () (Fixed) (Total:3.99 GB) (Free:3.91 GB) FAT32
3 Drive f: (Storage) (Fixed) (Total:11177.62 GB) (Free:3532.63 GB) NTFS
4 Drive h: () (Removable) (Total:14.89 GB) (Free:14.89 GB) FAT32
5 Drive i: () (Removable) (Total:7.51 GB) (Free:7.18 GB) FAT32
6 Drive j: (Mirror) (Fixed) (Total:1862.89 GB) (Free:666.49 GB) NTFS

========================= Users: ========================================

User accounts for \\KLOWNICLE-PC

___VMware_Conv_SA___ Acronis Agent User Administrator
Guest Klownicle UpdatusUser

========================= Restore Points ==================================

28-01-2013 11:01:37 Scheduled Checkpoint
29-01-2013 19:52:10 Installed Sophos Virus Removal Tool.
29-01-2013 19:52:55 Removed Sophos Virus Removal Tool.
30-01-2013 19:17:33 Installed ESET NOD32 Antivirus
30-01-2013 19:39:11 Installed AVG 2013
30-01-2013 19:39:18 Installed AVG 2013
30-01-2013 21:13:57 Windows Update
31-01-2013 08:00:10 Windows Update

**** End of log ****


Malwarebytes Anti-Malware (PRO) 1.70.0.1100
www.malwarebytes.org

Database version: v2013.01.29.10

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Klownicle :: KLOWNICLE-PC [administrator]

Protection: Enabled

1/29/2013 4:58:50 PM
mbam-log-2013-01-29 (16-58-50).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 318177
Time elapsed: 43 minute(s), 47 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.5.8 (01.31.2013:1)
OS: Windows 7 Professional x64
Ran by Klownicle on Fri 02/01/2013 at 11:30:13.34
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 02/01/2013 at 11:34:47.93
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


Rkill 2.4.6 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 02/01/2013 11:36:52 AM in x64 mode.
Windows Version: Windows 7 Professional Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\Users\Klownicle\AppData\Local\Programs\Google\MusicManager\MusicManager.exe (PID: 4632) [UP-HEUR]

1 proccess terminated!

Checking Registry for malware related settings:

* Explorer Policy Removed: NoActiveDesktopChanges [HKLM]

Backup Registry file created at:
C:\Users\Klownicle\Desktop\rkill\rkill-02-01-2013-11-36-55.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Firewall Disabled

[HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = dword:00000000

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 02/01/2013 11:36:58 AM
Execution time: 0 hours(s), 0 minute(s), and 5 seconds(s)


"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Acronis Scheduler2 Service" "Acronis Scheduler Helper" "Acronis" "c:\program files (x86)\common files\acronis\schedule2\schedhlp.exe"
+ "Getting started with MacDrive 8" "Get Started with MacDrive" "Mediafour Corporation" "c:\program files\mediafour\macdrive 8\mdgetstarted.exe"
+ "MacDrive 8 application" "MacDrive application" "Mediafour Corporation" "c:\program files\mediafour\macdrive 8\macdrive.exe"
+ "MSC" "Microsoft Security Client User Interface" "Microsoft Corporation" "c:\program files\microsoft security client\msseces.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "AcronisTimounterMonitor" "Monitor for Acronis Backup and Recovery 11 Archive Explorer" "Acronis" "c:\program files (x86)\common files\acronis\timounter\timountermonitor.exe"
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe"
+ "AVG_UI" "AVG User Interface" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2013\avgui.exe"
+ "BackupAndRecoveryMonitor.exe" "Acronis Backup And Recovery 10 Monitor" "Acronis" "c:\program files (x86)\acronis\backupandrecovery\backupandrecoverymonitor.exe"
+ "vmware-tray.exe" "VMware Tray Process" "VMware, Inc." "c:\program files (x86)\vmware\vmware workstation\vmware-tray.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Google Chrome" "Google Chrome" "Google Inc." "c:\program files (x86)\google\chrome\application\24.0.1312.57\installer\chrmstp.exe"
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "DAEMON Tools Lite" "DAEMON Tools Lite" "DT Soft Ltd" "c:\program files (x86)\daemon tools lite\dtlite.exe"
+ "Google Update" "Google Installer" "Google Inc." "c:\users\klownicle\appdata\local\google\update\googleupdate.exe"
+ "MusicManager" "Music Manager" "Google Inc." "c:\users\klownicle\appdata\local\programs\google\musicmanager\musicmanager.exe"
+ "Steam" "Steam" "Valve Corporation" "j:\program files (x86)\steam\steam.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office14\msoxmlmf.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "Acronis Backup And Recovery 10 Shell Extensions" "Acronis Backup And Recovery 10 Shell Extensions" "Acronis" "c:\program files (x86)\common files\acronis\timounter\tishell64.dll"
+ "ANotepad++64" "ShellHandler for Notepad++ (64 bit)" "" "c:\program files (x86)\notepad++\nppshell_05.dll"
+ "AVG Shell Extension" "AVG Shell Extension" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2013\avgsea.dll"
+ "CyoHash" "CyoHash Shell Extension" "" "c:\program files\cyohash\cyohash.dll"
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll"
+ "Image Resizer" "" "Brice Lambson" "c:\program files\image resizer for windows\shellextensions.dll"
+ "Mediafour MacDrive Context Menu" "MacDrive Shell Extensions" "Mediafour Corporation" "c:\program files\mediafour\macdrive 8\mdshell.dll"
+ "WinRAR" "WinRAR shell extension" "Alexander Roshal" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "Acronis Backup and Recovery 10 Shell Context Menu Extension" "Acronis Backup And Recovery 10 Shell Extensions" "Acronis" "c:\program files (x86)\common files\acronis\timounter\tishell_abr.dll"
+ "AVG Shell Extension" "AVG Shell Extension" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2013\avgse.dll"
+ "Image Resizer" "" "Brice Lambson" "c:\program files (x86)\image resizer for windows\shellextensions.dll"
+ "WinRAR32" "WinRAR shell extension" "Alexander Roshal" "c:\program files\winrar\rarext32.dll"
"HKLM\Software\Classes\*\ShellEx\PropertySheetHandlers" "" "" ""
+ "Mediafour Mac file properties" "MacDrive file properties resources" "Mediafour Corporation" "c:\program files\common files\mediafour\macfprop.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "Image Resizer" "" "Brice Lambson" "c:\program files\image resizer for windows\shellextensions.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "Image Resizer" "" "Brice Lambson" "c:\program files (x86)\image resizer for windows\shellextensions.dll"
"HKLM\Software\Classes\Directory\Shellex\PropertySheetHandlers" "" "" ""
+ "Mediafour Mac file properties" "MacDrive file properties resources" "Mediafour Corporation" "c:\program files\common files\mediafour\macfprop.dll"
"HKLM\Software\Classes\Directory\Shellex\CopyHookHandlers" "" "" ""
+ "WinSCPCopyHook" "Drag&Drop shell extension for WinSCP (64-bit)" "Martin Prikryl" "c:\program files (x86)\winscp\dragext64.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
+ "NvCplDesktopContext" "NVIDIA Display Shell Extension" "NVIDIA Corporation" "c:\windows\system32\nvshext.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll"
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "Mediafour Mac file columns" "MacDrive file properties resources" "Mediafour Corporation" "c:\program files\common files\mediafour\macfprop.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "Acronis Backup And Recovery 10 Shell Extensions" "Acronis Backup And Recovery 10 Shell Extensions" "Acronis" "c:\program files (x86)\common files\acronis\timounter\tishell64.dll"
+ "AVG Shell Extension" "AVG Shell Extension" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2013\avgsea.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "WinRAR" "WinRAR shell extension" "Alexander Roshal" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "Acronis Backup and Recovery 10 Shell Context Menu Extension" "Acronis Backup And Recovery 10 Shell Extensions" "Acronis" "c:\program files (x86)\common files\acronis\timounter\tishell_abr.dll"
+ "AVG Shell Extension" "AVG Shell Extension" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2013\avgse.dll"
+ "WinRAR32" "WinRAR shell extension" "Alexander Roshal" "c:\program files\winrar\rarext32.dll"
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "WinRAR" "WinRAR shell extension" "Alexander Roshal" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "WinRAR32" "WinRAR shell extension" "Alexander Roshal" "c:\program files\winrar\rarext32.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "MacDrive volume icons" "MDVolumeIcons.dll" "Mediafour Corporation" "c:\program files\mediafour\macdrive 8\mdvolumeicons.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files\microsoft office\office14\urlredir.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\java\jre7\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\java\jre7\bin\ssv.dll"
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\urlredir.dll"
"Task Scheduler" "" "" ""
+ "\Adobe Flash Player Updater" "Adobe® Flash® Player Update Service 11.5 r502" "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "\ASUS\i-Setup012002" "AsusSetup" "ASUSTeK Computer Inc." "c:\windows\intel_chipset_v9301021_xpwin7_8\asussetup.exe"
+ "\Ceton\Network Tuners\InfiniTVResetTask" "InfiniTV Wizard Task" "Ceton Corporation" "c:\program files\ceton\ceton infinitv\infinitvwizard.exe"
+ "\Ceton\Network Tuners\InfiniTVWizardTask" "InfiniTV Wizard Task" "Ceton Corporation" "c:\program files\ceton\ceton infinitv\infinitvwizard.exe"
+ "\GoogleUpdateTaskMachineCore" "Google Installer" "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskMachineUA" "Google Installer" "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-1586324079-572829885-1408272539-1000Core" "Google Installer" "Google Inc." "c:\users\klownicle\appdata\local\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-1586324079-572829885-1408272539-1000UA" "Google Installer" "Google Inc." "c:\users\klownicle\appdata\local\google\update\googleupdate.exe"
+ "\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\microsoft security client\mpcmdrun.exe"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
+ "\ROC_REG_JAN_DELETE" "" "" "c:\programdata\avg january 2013 campaign\roc.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AcronisAgent" "Enables connectivity among Acronis components." "Acronis" "c:\program files (x86)\common files\acronis\agent\agent.exe"
+ "AcrSch2Svc" "Provides scheduling for Acronis components' tasks." "Acronis" "c:\program files (x86)\common files\acronis\schedule2\schedul2.exe"
+ "AdobeARMservice" "Adobe Acrobat Updater keeps your Adobe software up to date." "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe"
+ "ARSM" "Acronis Removable Storage Management Service allows you to manage removable storages locally." "Acronis" "c:\program files (x86)\acronis\arsm\arsm.exe"
+ "AVGIDSAgent" "Provides Identity Protection Against Cyber Crime." "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2013\avgidsagent.exe"
+ "avgwd" "AVG Watchdog Service" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2013\avgwdsvc.exe"
+ "CetonInfiniTVSvc" "Provides support for Ceton Diagnostics and Network Tuner usage. If this service is stopped, network tuner usage may not operate properly. If this service is disabled, any services that explicitly depend on it will fail to start." "Ceton Corporation" "c:\program files\ceton\ceton infinitv\infinitvsvc.exe"
+ "CetonTRIFSvc" "Enables Tuning Adapter support for Ceton InfiniTV devices" "Ceton Corporation" "c:\program files\ceton\ceton infinitv\cetontrifsvc.exe"
+ "FileZilla Server" "FileZilla Server" "FileZilla Project" "c:\program files (x86)\filezilla server\filezilla server.exe"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "IAStorDataMgrSvc" "Provides storage event notification and manages communication between the storage driver and user space applications." "Intel Corporation" "c:\program files (x86)\intel\intel® rapid storage technology\iastordatamgrsvc.exe"
+ "Intel® PROSet Monitoring Service" "The Intel® PROSet Monitoring Service actively monitors changes to the system and updates affected network devices to keep them running in optimal condition. Stopping this service may negatively affect the performance of the network devices on the system." "Intel Corporation" "c:\windows\system32\iprosetmonitor.exe"
+ "IntuitUpdateServiceV4" "Helps Intuit applications automatically update themselves." "Intuit Inc." "c:\program files (x86)\common files\intuit\update service v4\intuitupdateservice.exe"
+ "M4LIC" "M4LIC.EXE" "Mediafour Corporation" "c:\program files (x86)\common files\mediafour\m4lic.exe"
+ "MBAMScheduler" "Malwarebytes Anti-Malware scheduler" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamscheduler.exe"
+ "MBAMService" "Malwarebytes Anti-Malware service" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamservice.exe"
+ "MCEBuddy2x" "MCEBuddy2x strips commercials and converts your tv recordings and videos in the background." "" "c:\program files (x86)\mcebuddy2x\mcebuddy.service.exe"
+ "MMS" "Enables data backup and recovery on the machine." "Acronis" "c:\program files (x86)\acronis\backupandrecovery\mms.exe"
+ "MsMpSvc" "Helps protect users from malware and other potentially unwanted software" "Microsoft Corporation" "c:\program files\microsoft security client\msmpeng.exe"
+ "NisSrv" "Helps guard against intrusion attempts targeting known and newly discovered vulnerabilities in network protocols" "Microsoft Corporation" "c:\program files\microsoft security client\nissrv.exe"
+ "nvsvc" "Provides system and desktop level support to the NVIDIA display driver" "NVIDIA Corporation" "c:\windows\system32\nvvsvc.exe"
+ "nvUpdatusService" "NVIDIA Settings Update Manager service, used to check new updates from NVIDIA server." "NVIDIA Corporation" "c:\program files (x86)\nvidia corporation\nvidia update core\daemonu.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"
+ "osppsvc" "Office Software Protection Platform Service (unlocalized description)" "Microsoft Corporation" "c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe"
+ "ShowAnalyzerMaster" "Handles coordination and scheduling of ShowAnalyzer runs." "Dragon Global" "c:\program files (x86)\dragon global\showanalyzersuite\showanalyzermaster.exe"
+ "Steam Client Service" "Steam Client Service monitors and updates Steam content" "Valve Corporation" "c:\program files (x86)\common files\steam\steamservice.exe"
+ "Stereo Service" "Provides system support for NVIDIA Stereoscopic 3D driver" "NVIDIA Corporation" "c:\program files (x86)\nvidia corporation\3d vision\nvscpapisvr.exe"
+ "TeamViewer8" "TeamViewer Remote Software" "TeamViewer GmbH" "c:\program files (x86)\teamviewer\version8\teamviewer_service.exe"
+ "VMAuthdService" "Authorization and authentication service for starting and accessing virtual machines." "VMware, Inc." "c:\program files (x86)\vmware\vmware workstation\vmware-authd.exe"
+ "VMnetDHCP" "DHCP service for virtual networks." "VMware, Inc." "c:\windows\syswow64\vmnetdhcp.exe"
+ "VMUSBArbService" "Arbitration and enumeration of USB devices for virtual machines" "VMware, Inc." "c:\program files (x86)\common files\vmware\usb\vmware-usbarbitrator64.exe"
+ "VMware NAT Service" "Network address translation for virtual networks." "VMware, Inc." "c:\windows\syswow64\vmnat.exe"
+ "VMwareHostd" "Remote access service for registration and management of virtual machines." "" "c:\program files (x86)\vmware\vmware workstation\vmware-hostd.exe"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "ArcSec" "" "" "c:\windows\system32\drivers\arcsec.sys"
+ "asahci64" "Asmedia 106x SATA Host Controller Driver" "Asmedia Technology" "c:\windows\system32\drivers\asahci64.sys"
+ "asmthub3" "ASMedia USB3 Hub Driver" "ASMedia Technology Inc" "c:\windows\system32\drivers\asmthub3.sys"
+ "asmtxhci" "ASMEDIA XHCI Host Controller Driver" "ASMedia Technology Inc" "c:\windows\system32\drivers\asmtxhci.sys"
+ "aswMBR" "" "" "File not found: E:\Temp\aswMBR.sys"
+ "AVGIDSDriver" "AVG Technologies IDS Application Activity Monitor Driver" "AVG Technologies CZ, s.r.o. " "c:\windows\system32\drivers\avgidsdrivera.sys"
+ "AVGIDSHA" "AVG Technologies IDS Application Activity Monitor Helper Driver" "AVG Technologies CZ, s.r.o. " "c:\windows\system32\drivers\avgidsha.sys"
+ "Avgldx64" "AVG AVI Loader Driver" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgldx64.sys"
+ "Avgloga" "AVG Logging Driver" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgloga.sys"
+ "Avgmfx64" "AVG Resident Shield Minifilter Driver" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgmfx64.sys"
+ "Avgrkx64" "AVG Anti-Rootkit Driver" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgrkx64.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "bmdrvr" "VMware Modified Clusters Tracking Driver" "VMware, Inc." "c:\windows\syswow64\drivers\bmdrvr.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "CBDisk" "CallbackDisk Virtual Storage Driver" "EldoS Corporation" "c:\windows\system32\drivers\cbdisk.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "dtsoftbus01" "DAEMON Tools Virtual Bus Driver" "DT Soft Ltd" "c:\windows\system32\drivers\dtsoftbus01.sys"
+ "e1cexpress" "Intel® Gigabit Adapter NDIS 6.x driver" "Intel Corporation" "c:\windows\system32\drivers\e1c62x64.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "hcmon" "VMware USB Driver." "VMware, Inc." "c:\windows\system32\drivers\hcmon.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStorA" "Intel Rapid Storage Technology driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastora.sys"
+ "iaStorF" "Intel Rapid Storage Technology Filter driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorf.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "iusb3hcs" "Intel® USB 3.0 Host Controller Switch Driver" "Intel Corporation" "c:\windows\system32\drivers\iusb3hcs.sys"
+ "iusb3hub" "Intel® USB 3.0 Hub Driver" "Intel Corporation" "c:\windows\system32\drivers\iusb3hub.sys"
+ "iusb3xhc" "Intel® USB 3.0 eXtensible Host Controller Driver" "Intel Corporation" "c:\windows\system32\drivers\iusb3xhc.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "MBAMProtector" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\windows\system32\drivers\mbam.sys"
+ "MDPMGRNT" "MacDrive partition driver" "Mediafour Corporation" "c:\windows\system32\drivers\mdpmgrnt.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "MonitorFunction" "TVMonitor.sys" "TeamViewer GmbH" "c:\windows\system32\drivers\tvmonitor.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "NVHDA" "NVIDIA HDMI Audio Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvhda64v.sys"
+ "nvlddmkm" "NVIDIA Windows Kernel Mode Driver, Version 310.70 " "NVIDIA Corporation" "c:\windows\system32\drivers\nvlddmkm.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "RAMDiskVE" "Dataram RAMDisk Driver" "Dataram, Inc." "c:\windows\system32\drivers\ramdiskve.sys"
+ "SBRE" "GFI Anti-Rootkit Driver" "GFI Software" "c:\windows\system32\drivers\sbredrv.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "Serial" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\serial.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "snapman" "Acronis Snapshot API" "Acronis" "c:\windows\system32\drivers\snapman.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "timounter" "Acronis Backup Archive Explorer" "Acronis" "c:\windows\system32\drivers\timntr.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vmci" "VMware PCI VMCI Bus Device" "VMware, Inc." "c:\windows\system32\drivers\vmci.sys"
+ "VMnetAdapter" "Driver for VMware's Virtual Ethernet Adapters Ver. 2" "VMware, Inc." "c:\windows\system32\drivers\vmnetadapter.sys"
+ "VMnetBridge" "VMware Bridge Protocol" "VMware, Inc." "c:\windows\system32\drivers\vmnetbridge.sys"
+ "VMnetuserif" "Allows VMware applications to use virtual networks." "VMware, Inc." "c:\windows\system32\drivers\vmnetuserif.sys"
+ "vmusb" "VMware USB driver" "VMware, Inc." "c:\windows\system32\drivers\vmusb.sys"
+ "vmx86" "VMware Virtualization Driver." "VMware, Inc." "c:\windows\system32\drivers\vmx86.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
+ "vsock" "vSockets Driver" "VMware, Inc." "c:\windows\system32\drivers\vsock.sys"
+ "vstor2-mntapi10-shared" "VMware Virtual Storage Volume Driver" "VMware, Inc." "c:\windows\syswow64\drivers\vstor2-mntapi10-shared.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
+ "VIDC.FFDS" "ffdshow VFW" "" "c:\windows\syswow64\ff_vfw.dll"
+ "VIDC.VMnc" "VMware Movie decoder" "VMware, Inc." "c:\windows\syswow64\vmnc.dll"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "Benchmark Test Source Filter" "" "" "c:\program files\microsoft\digitalcableadvisor\benchmarktestsource.dll"
+ "Benchmark Test Tee Filter" "" "" "c:\program files\microsoft\digitalcableadvisor\benchmarktesttee.dll"
+ "Benchmark TV Video Comparison Filter" "" "" "c:\program files\microsoft\digitalcableadvisor\benchmarkcompare.dll"
+ "Ginger's Mpeg2/H.264 Source" "" "" "c:\program files\microsoft\digitalcableadvisor\vadevsource.dll"
+ "Haali Matroska Muxer" "" "" "File not found: C:\Program Files (x86)\Haali\MatroskaSplitter\splitter.x64.ax"
+ "Haali Media Splitter" "" "" "File not found: C:\Program Files (x86)\Haali\MatroskaSplitter\splitter.x64.ax"
+ "Haali Media Splitter (AR)" "" "" "File not found: C:\Program Files (x86)\Haali\MatroskaSplitter\splitter.x64.ax"
+ "Haali Simple Media Splitter" "" "" "File not found: C:\Program Files (x86)\Haali\MatroskaSplitter\splitter.x64.ax"
+ "Haali Video Renderer" "" "" "File not found: C:\Program Files (x86)\Haali\MatroskaSplitter\dxr.x64.dll"
+ "Haali Video Sink" "" "" "File not found: C:\Program Files (x86)\Haali\MatroskaSplitter\splitter.x64.ax"
+ "MS PR Source Filter" "PlayReady DirectShow Source Filter DLL" "Microsoft Corporation" "c:\program files\playready\prsource.dll"
+ "PlayReady DMO Wrapper" "PlayReady DirectShow DMO Wrapper Filter DLL" "Microsoft Corporation" "c:\program files\playready\prdmowrapper.dll"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "ffdshow Audio Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\ffdshow\ffdshow.ax"
+ "ffdshow Audio Processor" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\ffdshow\ffdshow.ax"
+ "ffdshow raw video filter" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\ffdshow\ffdshow.ax"
+ "ffdshow subtitles filter" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\ffdshow\ffdshow.ax"
+ "ffdshow Video Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\ffdshow\ffdshow.ax"
+ "madFlac Decoder" "DirectShow FLAC Decoder" "www.madshi.net" "c:\program files (x86)\madflac\madflac.ax"
+ "madFlac Source" "DirectShow FLAC Decoder" "www.madshi.net" "c:\program files (x86)\madflac\madflac.ax"
+ "ReClock Audio Renderer" "ReClock DirectShow Filter (Audio Renderer and Reference Clock)" "" "c:\program files (x86)\reclock\reclock.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries" "" "" ""
+ "VMCI sockets DGRAM" "VSockets Library" "VMware, Inc." "c:\windows\system32\vsocklib.dll"
+ "VMCI sockets STREAM" "VSockets Library" "VMware, Inc." "c:\windows\system32\vsocklib.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64" "" "" ""
+ "VMCI sockets DGRAM" "VSockets Library" "VMware, Inc." "c:\windows\system32\vsocklib.dll"
+ "VMCI sockets STREAM" "VSockets Library" "VMware, Inc." "c:\windows\system32\vsocklib.dll"


# AdwCleaner v2.109 - Logfile created 02/01/2013 at 12:18:37
# Updated 26/01/2013 by Xplode
# Operating system : Windows 7 Professional Service Pack 1 (64 bits)
# User : Klownicle - KLOWNICLE-PC
# Boot Mode : Normal
# Running from : C:\Users\Klownicle\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FBQHLKJ7\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Registry is clean.

-\\ Google Chrome v24.0.1312.57

File : C:\Users\Klownicle\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S3].txt - [742 octets] - [01/02/2013 12:18:37]

########## EOF - C:\AdwCleaner[S3].txt - [801 octets] ##########


Edited by Klownicle, 01 February 2013 - 12:21 PM.


#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:39 AM

Posted 01 February 2013 - 12:33 PM

That looks good

Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

XP- http://support.microsoft.com/kb/310405

Vista & windows 7- http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing :)

#8 Klownicle

Klownicle
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:11:39 AM

Posted 04 February 2013 - 02:58 PM

That looks good

Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

XP- http://support.microsoft.com/kb/310405

Vista & windows 7- http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing :)



Thanks for not having a soul. o_0




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users