Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

HELP AND ADVICE NEEDED URGENTLY


  • Please log in to reply
34 replies to this topic

#1 alexantosh

alexantosh

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Local time:12:52 PM

Posted 05 February 2013 - 12:12 PM

hi every one.
first i hope the problem am about to post wasn't posted by anyone before 'coz i was reading through the topics in this forum but i couldnt find one like it so far, so just in case i missed it am so sorry, you can just forward me there and then i will try to the solutions from there.

my problem started with the failure of my browser to view xampp content. i tried alot of tests and fixes and friends from the apache friends forum directed me here since the problem seemed to be due to malware as they deduced. it seems there is a problem with some of my services and also the windows firewall. when i try to turn in or on through the control panel i get an
windows firewall is not using recommended settings, when i click the use-recommended settings button i get "Error code 0x80070424" however when i try the "mpsrvc" - i think that was its name- it shows that windows firewall was started or stopped successfully from the commandline.
some friends mentioned that i might need to use combofix but when i checked out the website, it seems i can't do that without an expert's directions and help either so either way, this remains my last hope. What do you suggest.
thanks very much for your help.

Edited by hamluis, 05 February 2013 - 12:16 PM.
Moved from Win 7 to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:52 AM

Posted 05 February 2013 - 12:27 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log(Do not click on FIXMBR)

Post the log results here.If you get crashes in normal mode,run it in safemode with networking


Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply.Ignore it if there are no detected threats.

#3 alexantosh

alexantosh
  • Topic Starter

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Local time:12:52 PM

Posted 05 February 2013 - 12:45 PM

ok, after performing those tasks i will let you know, thanks

#4 alexantosh

alexantosh
  • Topic Starter

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Local time:12:52 PM

Posted 05 February 2013 - 02:14 PM

below are the results from TDSSkiller:

19:47:04.0406 5468  TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
19:47:06.0415 5468  ============================================================
19:47:06.0416 5468  Current date / time: 2013/02/05 19:47:06.0415
19:47:06.0416 5468  SystemInfo:
19:47:06.0416 5468  
19:47:06.0416 5468  OS Version: 6.1.7601 ServicePack: 1.0
19:47:06.0416 5468  Product type: Workstation
19:47:06.0416 5468  ComputerName: ALEXG-ALEXG
19:47:06.0416 5468  UserName: AlexG
19:47:06.0416 5468  Windows directory: C:\Windows
19:47:06.0416 5468  System windows directory: C:\Windows
19:47:06.0416 5468  Running under WOW64
19:47:06.0416 5468  Processor architecture: Intel x64
19:47:06.0416 5468  Number of processors: 4
19:47:06.0416 5468  Page size: 0x1000
19:47:06.0416 5468  Boot type: Normal boot
19:47:06.0416 5468  ============================================================
19:47:06.0901 5468  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:47:06.0911 5468  ============================================================
19:47:06.0911 5468  \Device\Harddisk0\DR0:
19:47:06.0911 5468  MBR partitions:
19:47:06.0911 5468  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1D4C000
19:47:06.0911 5468  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D7E800, BlocksNum 0xD4BD170
19:47:06.0933 5468  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xF23C800, BlocksNum 0xDF88800
19:47:06.0933 5468  ============================================================
19:47:06.0964 5468  C: <-> \Device\Harddisk0\DR0\Partition2
19:47:07.0017 5468  B: <-> \Device\Harddisk0\DR0\Partition3
19:47:07.0018 5468  ============================================================
19:47:07.0018 5468  Initialize success
19:47:07.0018 5468  ============================================================
19:47:57.0648 2556  ============================================================
19:47:57.0648 2556  Scan started
19:47:57.0648 2556  Mode: Manual; TDLFS; 
19:47:57.0648 2556  ============================================================
19:47:57.0816 2556  ================ Scan system memory ========================
19:47:57.0816 2556  System memory - ok
19:47:57.0817 2556  ================ Scan services =============================
19:47:57.0966 2556  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
19:47:57.0970 2556  1394ohci - ok
19:47:58.0002 2556  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
19:47:58.0005 2556  ACPI - ok
19:47:58.0020 2556  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
19:47:58.0021 2556  AcpiPmi - ok
19:47:58.0082 2556  [ 5DDC0A8D2CD60BDA593DDAF45821CE08 ] Adobe LM Service C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
19:47:58.0084 2556  Adobe LM Service - ok
19:47:58.0144 2556  [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:47:58.0145 2556  AdobeARMservice - ok
19:47:58.0234 2556  [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:47:58.0235 2556  AdobeFlashPlayerUpdateSvc - ok
19:47:58.0281 2556  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
19:47:58.0286 2556  adp94xx - ok
19:47:58.0303 2556  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
19:47:58.0307 2556  adpahci - ok
19:47:58.0329 2556  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
19:47:58.0331 2556  adpu320 - ok
19:47:58.0397 2556  [ 993F7B0BA5188A0007C085AA10257B8E ] AdvancedSystemCareService6 C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe
19:47:58.0402 2556  AdvancedSystemCareService6 - ok
19:47:58.0438 2556  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
19:47:58.0440 2556  AeLookupSvc - ok
19:47:58.0541 2556  [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters     C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_4df47d9dbfb58b44\AESTSr64.exe
19:47:58.0542 2556  AESTFilters - ok
19:47:58.0586 2556  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
19:47:58.0591 2556  AFD - ok
19:47:58.0615 2556  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
19:47:58.0617 2556  agp440 - ok
19:47:58.0651 2556  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
19:47:58.0653 2556  ALG - ok
19:47:58.0671 2556  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
19:47:58.0672 2556  aliide - ok
19:47:58.0681 2556  [ 388E79AF1C9E4D84A8559FA77F804CF6 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
19:47:58.0685 2556  AMD External Events Utility - ok
19:47:58.0705 2556  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
19:47:58.0706 2556  amdide - ok
19:47:58.0735 2556  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
19:47:58.0737 2556  AmdK8 - ok
19:47:58.0912 2556  [ 79A11CB10FF02A8425DABBB040249F7D ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
19:47:59.0070 2556  amdkmdag - ok
19:47:59.0106 2556  [ 6F6D47246FBB0CF65619684A0F89179E ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
19:47:59.0109 2556  amdkmdap - ok
19:47:59.0126 2556  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
19:47:59.0127 2556  AmdPPM - ok
19:47:59.0159 2556  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
19:47:59.0161 2556  amdsata - ok
19:47:59.0193 2556  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
19:47:59.0195 2556  amdsbs - ok
19:47:59.0207 2556  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
19:47:59.0209 2556  amdxata - ok
19:47:59.0239 2556  [ 4DE0D5D747A73797C95A97DCCE5018B5 ] androidusb      C:\Windows\system32\Drivers\ssadadb.sys
19:47:59.0240 2556  androidusb - ok
19:47:59.0271 2556  [ 98449A2957778A6F025C418438A380F4 ] ApfiltrService  C:\Windows\system32\DRIVERS\Apfiltr.sys
19:47:59.0274 2556  ApfiltrService - ok
19:47:59.0309 2556  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
19:47:59.0311 2556  AppID - ok
19:47:59.0353 2556  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
19:47:59.0354 2556  AppIDSvc - ok
19:47:59.0384 2556  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
19:47:59.0385 2556  Appinfo - ok
19:47:59.0401 2556  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
19:47:59.0402 2556  arc - ok
19:47:59.0431 2556  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
19:47:59.0432 2556  arcsas - ok
19:47:59.0540 2556  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
19:47:59.0555 2556  aspnet_state - ok
19:47:59.0576 2556  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
19:47:59.0577 2556  AsyncMac - ok
19:47:59.0605 2556  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
19:47:59.0606 2556  atapi - ok
19:47:59.0788 2556  [ 79A11CB10FF02A8425DABBB040249F7D ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
19:47:59.0824 2556  atikmdag - ok
19:47:59.0858 2556  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:47:59.0870 2556  AudioEndpointBuilder - ok
19:47:59.0886 2556  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
19:47:59.0892 2556  AudioSrv - ok
19:47:59.0923 2556  [ 803B9A93C8D8B72414D7D05DC1A47F34 ] AX88772         C:\Windows\system32\DRIVERS\ax88772.sys
19:47:59.0925 2556  AX88772 - ok
19:47:59.0946 2556  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
19:47:59.0948 2556  AxInstSV - ok
19:47:59.0991 2556  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
19:47:59.0996 2556  b06bdrv - ok
19:48:00.0016 2556  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
19:48:00.0019 2556  b57nd60a - ok
19:48:00.0043 2556  [ 5C0F919666954885D7760DFFE4B29A25 ] BCM42RLY        C:\Windows\system32\drivers\BCM42RLY.sys
19:48:00.0044 2556  BCM42RLY - ok
19:48:00.0135 2556  [ 215DC2FD9CD0FD0BBD7905339779589E ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl664.sys
19:48:00.0203 2556  BCM43XX - ok
19:48:00.0216 2556  [ D98F22C21D2969DAD4F1FAAD8CD4FAAC ] BcmVWL          C:\Windows\system32\DRIVERS\bcmvwl64.sys
19:48:00.0216 2556  BcmVWL - ok
19:48:00.0258 2556  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
19:48:00.0259 2556  BDESVC - ok
19:48:00.0274 2556  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
19:48:00.0274 2556  Beep - ok
19:48:00.0305 2556  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
19:48:00.0306 2556  blbdrive - ok
19:48:00.0336 2556  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
19:48:00.0358 2556  bowser - ok
19:48:00.0380 2556  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:48:00.0394 2556  BrFiltLo - ok
19:48:00.0422 2556  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:48:00.0422 2556  BrFiltUp - ok
19:48:00.0453 2556  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
19:48:00.0455 2556  Browser - ok
19:48:00.0484 2556  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
19:48:00.0497 2556  Brserid - ok
19:48:00.0516 2556  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
19:48:00.0517 2556  BrSerWdm - ok
19:48:00.0547 2556  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
19:48:00.0548 2556  BrUsbMdm - ok
19:48:00.0579 2556  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
19:48:00.0580 2556  BrUsbSer - ok
19:48:00.0619 2556  [ CF98190A94F62E405C8CB255018B2315 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
19:48:00.0621 2556  BthEnum - ok
19:48:00.0660 2556  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
19:48:00.0661 2556  BTHMODEM - ok
19:48:00.0700 2556  [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
19:48:00.0702 2556  BthPan - ok
19:48:00.0750 2556  [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
19:48:00.0758 2556  BTHPORT - ok
19:48:00.0807 2556  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
19:48:00.0810 2556  bthserv - ok
19:48:00.0848 2556  [ F188B7394D81010767B6DF3178519A37 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
19:48:00.0851 2556  BTHUSB - ok
19:48:00.0876 2556  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
19:48:00.0878 2556  cdfs - ok
19:48:00.0921 2556  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
19:48:00.0924 2556  cdrom - ok
19:48:00.0945 2556  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
19:48:00.0946 2556  CertPropSvc - ok
19:48:00.0971 2556  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
19:48:00.0973 2556  circlass - ok
19:48:01.0007 2556  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
19:48:01.0011 2556  CLFS - ok
19:48:01.0089 2556  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:48:01.0090 2556  clr_optimization_v2.0.50727_32 - ok
19:48:01.0139 2556  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:48:01.0141 2556  clr_optimization_v2.0.50727_64 - ok
19:48:01.0188 2556  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:48:01.0266 2556  clr_optimization_v4.0.30319_32 - ok
19:48:01.0285 2556  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:48:01.0312 2556  clr_optimization_v4.0.30319_64 - ok
19:48:01.0339 2556  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
19:48:01.0340 2556  CmBatt - ok
19:48:01.0360 2556  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
19:48:01.0361 2556  cmdide - ok
19:48:01.0403 2556  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
19:48:01.0408 2556  CNG - ok
19:48:01.0427 2556  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
19:48:01.0428 2556  Compbatt - ok
19:48:01.0455 2556  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
19:48:01.0456 2556  CompositeBus - ok
19:48:01.0461 2556  COMSysApp - ok
19:48:01.0478 2556  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
19:48:01.0478 2556  crcdisk - ok
19:48:01.0532 2556  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
19:48:01.0534 2556  CryptSvc - ok
19:48:01.0579 2556  [ ED5CF92396A62F4C15110DCDB5E854D9 ] CtClsFlt        C:\Windows\system32\DRIVERS\CtClsFlt.sys
19:48:01.0581 2556  CtClsFlt - ok
19:48:01.0614 2556  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
19:48:01.0620 2556  DcomLaunch - ok
19:48:01.0658 2556  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
19:48:01.0662 2556  defragsvc - ok
19:48:01.0684 2556  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
19:48:01.0686 2556  DfsC - ok
19:48:01.0715 2556  [ 40D6A76CA084F22847409F87982CC82C ] dfu             C:\Windows\system32\drivers\MassDfu64.sys
19:48:01.0716 2556  dfu - ok
19:48:01.0749 2556  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
19:48:01.0754 2556  Dhcp - ok
19:48:01.0779 2556  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
19:48:01.0780 2556  discache - ok
19:48:01.0813 2556  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
19:48:01.0815 2556  Disk - ok
19:48:01.0850 2556  [ 2FA0EEC8398FE7051AA3680C38C0FBBE ] DisplayLinkUsbPort C:\Windows\system32\DRIVERS\DisplayLinkUsbPort_6.2.37054.0.sys
19:48:01.0851 2556  DisplayLinkUsbPort - ok
19:48:01.0880 2556  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
19:48:01.0883 2556  Dnscache - ok
19:48:01.0911 2556  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
19:48:01.0915 2556  dot3svc - ok
19:48:01.0949 2556  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
19:48:01.0951 2556  DPS - ok
19:48:01.0991 2556  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
19:48:01.0992 2556  drmkaud - ok
19:48:02.0032 2556  [ FB9BEF3401EE5ECC2603311B9C64F44A ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
19:48:02.0035 2556  dtsoftbus01 - ok
19:48:02.0081 2556  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
19:48:02.0091 2556  DXGKrnl - ok
19:48:02.0113 2556  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
19:48:02.0115 2556  EapHost - ok
19:48:02.0215 2556  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
19:48:02.0306 2556  ebdrv - ok
19:48:02.0338 2556  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
19:48:02.0340 2556  EFS - ok
19:48:02.0457 2556  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
19:48:02.0468 2556  ehRecvr - ok
19:48:02.0503 2556  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
19:48:02.0507 2556  ehSched - ok
19:48:02.0565 2556  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
19:48:02.0572 2556  elxstor - ok
19:48:02.0605 2556  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
19:48:02.0607 2556  ErrDev - ok
19:48:02.0659 2556  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
19:48:02.0667 2556  EventSystem - ok
19:48:02.0693 2556  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
19:48:02.0696 2556  exfat - ok
19:48:02.0732 2556  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
19:48:02.0737 2556  fastfat - ok
19:48:02.0814 2556  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
19:48:02.0821 2556  Fax - ok
19:48:02.0833 2556  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
19:48:02.0855 2556  fdc - ok
19:48:02.0883 2556  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
19:48:02.0884 2556  fdPHost - ok
19:48:02.0914 2556  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
19:48:02.0915 2556  FDResPub - ok
19:48:02.0954 2556  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
19:48:02.0957 2556  FileInfo - ok
19:48:02.0993 2556  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
19:48:02.0994 2556  Filetrace - ok
19:48:03.0009 2556  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
19:48:03.0010 2556  flpydisk - ok
19:48:03.0055 2556  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
19:48:03.0058 2556  FltMgr - ok
19:48:03.0110 2556  [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache       C:\Windows\system32\FntCache.dll
19:48:03.0122 2556  FontCache - ok
19:48:03.0175 2556  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:48:03.0181 2556  FontCache3.0.0.0 - ok
19:48:03.0212 2556  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
19:48:03.0213 2556  FsDepends - ok
19:48:03.0242 2556  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
19:48:03.0243 2556  Fs_Rec - ok
19:48:03.0297 2556  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
19:48:03.0300 2556  fvevol - ok
19:48:03.0326 2556  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
19:48:03.0327 2556  gagp30kx - ok
19:48:03.0368 2556  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
19:48:03.0377 2556  gpsvc - ok
19:48:03.0426 2556  [ C1B577B2169900F4CF7190C39F085794 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
19:48:03.0428 2556  gusvc - ok
19:48:03.0468 2556  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
19:48:03.0469 2556  hcw85cir - ok
19:48:03.0496 2556  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:48:03.0501 2556  HdAudAddService - ok
19:48:03.0526 2556  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
19:48:03.0528 2556  HDAudBus - ok
19:48:03.0551 2556  [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64         C:\Windows\system32\DRIVERS\HECIx64.sys
19:48:03.0552 2556  HECIx64 - ok
19:48:03.0575 2556  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
19:48:03.0576 2556  HidBatt - ok
19:48:03.0597 2556  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
19:48:03.0608 2556  HidBth - ok
19:48:03.0630 2556  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
19:48:03.0631 2556  HidIr - ok
19:48:03.0661 2556  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
19:48:03.0662 2556  hidserv - ok
19:48:03.0690 2556  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
19:48:03.0691 2556  HidUsb - ok
19:48:03.0721 2556  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
19:48:03.0723 2556  hkmsvc - ok
19:48:03.0754 2556  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:48:03.0757 2556  HomeGroupListener - ok
19:48:03.0792 2556  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:48:03.0796 2556  HomeGroupProvider - ok
19:48:03.0834 2556  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
19:48:03.0835 2556  HpSAMD - ok
19:48:03.0886 2556  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
19:48:03.0900 2556  HTTP - ok
19:48:03.0907 2556  hwdatacard - ok
19:48:03.0934 2556  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
19:48:03.0935 2556  hwpolicy - ok
19:48:03.0986 2556  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
19:48:03.0989 2556  i8042prt - ok
19:48:04.0024 2556  [ ABBF174CB394F5C437410A788B7E404A ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
19:48:04.0027 2556  iaStor - ok
19:48:04.0092 2556  [ 31A0E93CDF29007D6C6FFFB632F375ED ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
19:48:04.0093 2556  IAStorDataMgrSvc - ok
19:48:04.0139 2556  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
19:48:04.0147 2556  iaStorV - ok
19:48:04.0205 2556  [ A9414FC657023CFB4C37E2D8938125D9 ] IDMWFP          C:\Windows\system32\DRIVERS\idmwfp.sys
19:48:04.0207 2556  IDMWFP - ok
19:48:04.0262 2556  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:48:04.0277 2556  idsvc - ok
19:48:04.0475 2556  [ A87261EF1546325B559374F5689CF5BC ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
19:48:04.0635 2556  igfx - ok
19:48:04.0661 2556  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
19:48:04.0662 2556  iirsp - ok
19:48:04.0707 2556  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
19:48:04.0722 2556  IKEEXT - ok
19:48:04.0766 2556  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
19:48:04.0767 2556  intelide - ok
19:48:04.0794 2556  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
19:48:04.0795 2556  intelppm - ok
19:48:04.0819 2556  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
19:48:04.0821 2556  IPBusEnum - ok
19:48:04.0849 2556  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:48:04.0850 2556  IpFilterDriver - ok
19:48:04.0888 2556  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
19:48:04.0890 2556  IPMIDRV - ok
19:48:04.0925 2556  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
19:48:04.0927 2556  IPNAT - ok
19:48:04.0941 2556  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
19:48:04.0942 2556  IRENUM - ok
19:48:04.0969 2556  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
19:48:04.0970 2556  isapnp - ok
19:48:04.0995 2556  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
19:48:04.0998 2556  iScsiPrt - ok
19:48:05.0013 2556  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
19:48:05.0014 2556  kbdclass - ok
19:48:05.0036 2556  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
19:48:05.0037 2556  kbdhid - ok
19:48:05.0060 2556  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
19:48:05.0061 2556  KeyIso - ok
19:48:05.0094 2556  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
19:48:05.0096 2556  KSecDD - ok
19:48:05.0125 2556  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
19:48:05.0127 2556  KSecPkg - ok
19:48:05.0154 2556  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
19:48:05.0155 2556  ksthunk - ok
19:48:05.0193 2556  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
19:48:05.0197 2556  KtmRm - ok
19:48:05.0222 2556  [ 39918DB0EFCF045A1CE6FABBF339F975 ] L1C             C:\Windows\system32\DRIVERS\L1C62x64.sys
19:48:05.0223 2556  L1C - ok
19:48:05.0260 2556  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
19:48:05.0264 2556  LanmanServer - ok
19:48:05.0302 2556  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:48:05.0304 2556  LanmanWorkstation - ok
19:48:05.0345 2556  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
19:48:05.0346 2556  lltdio - ok
19:48:05.0383 2556  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
19:48:05.0387 2556  lltdsvc - ok
19:48:05.0406 2556  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
19:48:05.0407 2556  lmhosts - ok
19:48:05.0451 2556  [ D0E7FF91B52FE9FD2F9522B91F27CB09 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
19:48:05.0456 2556  LMS - ok
19:48:05.0484 2556  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
19:48:05.0487 2556  LSI_FC - ok
19:48:05.0526 2556  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
19:48:05.0528 2556  LSI_SAS - ok
19:48:05.0556 2556  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:48:05.0558 2556  LSI_SAS2 - ok
19:48:05.0576 2556  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:48:05.0579 2556  LSI_SCSI - ok
19:48:05.0612 2556  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
19:48:05.0614 2556  luafv - ok
19:48:05.0618 2556  massfilter - ok
19:48:05.0665 2556  [ 79D51E7F5926E8CE1B3EBECEBAE28CFF ] mcdbus          C:\Windows\system32\DRIVERS\mcdbus.sys
19:48:05.0670 2556  mcdbus - ok
19:48:05.0716 2556  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
19:48:05.0718 2556  Mcx2Svc - ok
19:48:05.0742 2556  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
19:48:05.0743 2556  megasas - ok
19:48:05.0758 2556  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
19:48:05.0761 2556  MegaSR - ok
19:48:05.0784 2556  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
19:48:05.0786 2556  MMCSS - ok
19:48:05.0820 2556  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
19:48:05.0821 2556  Modem - ok
19:48:05.0838 2556  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
19:48:05.0840 2556  monitor - ok
19:48:05.0859 2556  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
19:48:05.0860 2556  mouclass - ok
19:48:05.0877 2556  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
19:48:05.0879 2556  mouhid - ok
19:48:05.0904 2556  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
19:48:05.0906 2556  mountmgr - ok
19:48:05.0981 2556  [ 9C3758018DED02F4AE53CCA1C5F084A2 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:48:05.0984 2556  MozillaMaintenance - ok
19:48:06.0007 2556  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
19:48:06.0010 2556  mpio - ok
19:48:06.0040 2556  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
19:48:06.0041 2556  mpsdrv - ok
19:48:06.0099 2556  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
19:48:06.0103 2556  MRxDAV - ok
19:48:06.0143 2556  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
19:48:06.0146 2556  mrxsmb - ok
19:48:06.0164 2556  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:48:06.0169 2556  mrxsmb10 - ok
19:48:06.0186 2556  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:48:06.0195 2556  mrxsmb20 - ok
19:48:06.0214 2556  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
19:48:06.0216 2556  msahci - ok
19:48:06.0277 2556  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
19:48:06.0280 2556  msdsm - ok
19:48:06.0296 2556  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
19:48:06.0298 2556  MSDTC - ok
19:48:06.0373 2556  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
19:48:06.0374 2556  Msfs - ok
19:48:06.0389 2556  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
19:48:06.0390 2556  mshidkmdf - ok
19:48:06.0420 2556  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
19:48:06.0421 2556  msisadrv - ok
19:48:06.0447 2556  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
19:48:06.0449 2556  MSiSCSI - ok
19:48:06.0459 2556  msiserver - ok
19:48:06.0489 2556  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
19:48:06.0490 2556  MSKSSRV - ok
19:48:06.0501 2556  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
19:48:06.0502 2556  MSPCLOCK - ok
19:48:06.0517 2556  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
19:48:06.0518 2556  MSPQM - ok
19:48:06.0552 2556  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
19:48:06.0556 2556  MsRPC - ok
19:48:06.0591 2556  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
19:48:06.0592 2556  mssmbios - ok
19:48:06.0690 2556  MSSQL$SQLEXPRESS - ok
19:48:06.0746 2556  [ 7A2A8C975356858EB38466A6B1592E8D ] MSSQLServerADHelper100 C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
19:48:06.0747 2556  MSSQLServerADHelper100 - ok
19:48:06.0778 2556  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
19:48:06.0780 2556  MSTEE - ok
19:48:06.0803 2556  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
19:48:06.0804 2556  MTConfig - ok
19:48:06.0839 2556  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
19:48:06.0852 2556  Mup - ok
19:48:06.0893 2556  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
19:48:06.0904 2556  napagent - ok
19:48:06.0925 2556  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
19:48:06.0929 2556  NativeWifiP - ok
19:48:06.0982 2556  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
19:48:06.0998 2556  NDIS - ok
19:48:07.0026 2556  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
19:48:07.0027 2556  NdisCap - ok
19:48:07.0049 2556  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
19:48:07.0050 2556  NdisTapi - ok
19:48:07.0090 2556  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
19:48:07.0092 2556  Ndisuio - ok
19:48:07.0126 2556  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
19:48:07.0128 2556  NdisWan - ok
19:48:07.0146 2556  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
19:48:07.0148 2556  NDProxy - ok
19:48:07.0173 2556  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
19:48:07.0175 2556  NetBIOS - ok
19:48:07.0210 2556  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
19:48:07.0215 2556  NetBT - ok
19:48:07.0237 2556  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
19:48:07.0239 2556  Netlogon - ok
19:48:07.0280 2556  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
19:48:07.0285 2556  Netman - ok
19:48:07.0320 2556  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:48:07.0326 2556  NetMsmqActivator - ok
19:48:07.0355 2556  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:48:07.0356 2556  NetPipeActivator - ok
19:48:07.0399 2556  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
19:48:07.0405 2556  netprofm - ok
19:48:07.0466 2556  [ EED1FBDE98CF5F6D5C0C5B27AB1F68EC ] netr28ux        C:\Windows\system32\DRIVERS\netr28ux.sys
19:48:07.0484 2556  netr28ux - ok
19:48:07.0509 2556  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:48:07.0511 2556  NetTcpActivator - ok
19:48:07.0518 2556  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:48:07.0520 2556  NetTcpPortSharing - ok
19:48:07.0553 2556  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
19:48:07.0555 2556  nfrd960 - ok
19:48:07.0611 2556  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
19:48:07.0618 2556  NlaSvc - ok
19:48:07.0652 2556  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
19:48:07.0654 2556  Npfs - ok
19:48:07.0675 2556  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
19:48:07.0677 2556  nsi - ok
19:48:07.0690 2556  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
19:48:07.0692 2556  nsiproxy - ok
19:48:07.0772 2556  [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
19:48:07.0821 2556  Ntfs - ok
19:48:07.0836 2556  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
19:48:07.0837 2556  Null - ok
19:48:07.0861 2556  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
19:48:07.0863 2556  nvraid - ok
19:48:07.0893 2556  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
19:48:07.0895 2556  nvstor - ok
19:48:07.0901 2556  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
19:48:07.0903 2556  nv_agp - ok
19:48:07.0994 2556  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
19:48:07.0999 2556  odserv - ok
19:48:08.0043 2556  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
19:48:08.0044 2556  ohci1394 - ok
19:48:08.0082 2556  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:48:08.0085 2556  ose - ok
19:48:08.0143 2556  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
19:48:08.0151 2556  p2pimsvc - ok
19:48:08.0180 2556  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
19:48:08.0186 2556  p2psvc - ok
19:48:08.0211 2556  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
19:48:08.0213 2556  Parport - ok
19:48:08.0248 2556  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
19:48:08.0249 2556  partmgr - ok
19:48:08.0269 2556  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
19:48:08.0272 2556  PcaSvc - ok
19:48:08.0297 2556  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
19:48:08.0300 2556  pci - ok
19:48:08.0342 2556  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
19:48:08.0343 2556  pciide - ok
19:48:08.0399 2556  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
19:48:08.0402 2556  pcmcia - ok
19:48:08.0425 2556  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
19:48:08.0426 2556  pcw - ok
19:48:08.0448 2556  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
19:48:08.0456 2556  PEAUTH - ok
19:48:08.0548 2556  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
19:48:08.0550 2556  PerfHost - ok
19:48:08.0653 2556  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
19:48:08.0675 2556  pla - ok
19:48:08.0726 2556  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
19:48:08.0733 2556  PlugPlay - ok
19:48:08.0778 2556  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
19:48:08.0781 2556  PNRPAutoReg - ok
19:48:08.0809 2556  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
19:48:08.0813 2556  PNRPsvc - ok
19:48:08.0847 2556  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
19:48:08.0853 2556  PolicyAgent - ok
19:48:08.0895 2556  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
19:48:08.0900 2556  Power - ok
19:48:08.0928 2556  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
19:48:08.0931 2556  PptpMiniport - ok
19:48:08.0954 2556  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
19:48:08.0956 2556  Processor - ok
19:48:08.0989 2556  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
19:48:08.0992 2556  ProfSvc - ok
19:48:09.0004 2556  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:48:09.0005 2556  ProtectedStorage - ok
19:48:09.0035 2556  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
19:48:09.0037 2556  Psched - ok
19:48:09.0066 2556  [ 4712CC14E720ECCCC0AA16949D18AAF1 ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
19:48:09.0068 2556  PxHlpa64 - ok
19:48:09.0124 2556  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
19:48:09.0139 2556  ql2300 - ok
19:48:09.0169 2556  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
19:48:09.0171 2556  ql40xx - ok
19:48:09.0208 2556  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
19:48:09.0211 2556  QWAVE - ok
19:48:09.0228 2556  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
19:48:09.0229 2556  QWAVEdrv - ok
19:48:09.0281 2556  [ 2EE6D9CAB03900646D1D3D9077167BD6 ] RalinkRegistryWriter C:\Program Files (x86)\Ralink\Common\RaRegistry.exe
19:48:09.0283 2556  RalinkRegistryWriter - ok
19:48:09.0306 2556  [ 46358C32AF09A57A171BC422649BE53B ] RalinkRegistryWriter64 C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe
19:48:09.0308 2556  RalinkRegistryWriter64 - ok
19:48:09.0342 2556  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
19:48:09.0343 2556  RasAcd - ok
19:48:09.0368 2556  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
19:48:09.0369 2556  RasAgileVpn - ok
19:48:09.0397 2556  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
19:48:09.0399 2556  RasAuto - ok
19:48:09.0426 2556  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
19:48:09.0428 2556  Rasl2tp - ok
19:48:09.0482 2556  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
19:48:09.0487 2556  RasMan - ok
19:48:09.0520 2556  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
19:48:09.0521 2556  RasPppoe - ok
19:48:09.0540 2556  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
19:48:09.0541 2556  RasSstp - ok
19:48:09.0570 2556  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
19:48:09.0574 2556  rdbss - ok
19:48:09.0600 2556  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
19:48:09.0602 2556  rdpbus - ok
19:48:09.0619 2556  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
19:48:09.0620 2556  RDPCDD - ok
19:48:09.0640 2556  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
19:48:09.0641 2556  RDPENCDD - ok
19:48:09.0654 2556  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
19:48:09.0655 2556  RDPREFMP - ok
19:48:09.0690 2556  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
19:48:09.0692 2556  RDPWD - ok
19:48:09.0728 2556  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
19:48:09.0733 2556  rdyboost - ok
19:48:09.0781 2556  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
19:48:09.0783 2556  RemoteAccess - ok
19:48:09.0811 2556  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
19:48:09.0814 2556  RemoteRegistry - ok
19:48:09.0841 2556  [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
19:48:09.0844 2556  RFCOMM - ok
19:48:09.0873 2556  [ 7B04C9843921AB1F695FB395422C5360 ] RimUsb          C:\Windows\system32\Drivers\RimUsb_AMD64.sys
19:48:09.0874 2556  RimUsb - ok
19:48:09.0898 2556  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
19:48:09.0901 2556  RpcEptMapper - ok
19:48:09.0924 2556  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
19:48:09.0926 2556  RpcLocator - ok
19:48:09.0970 2556  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
19:48:09.0979 2556  RpcSs - ok
19:48:10.0020 2556  [ CD553B8633466A6D1C115812F2619F1F ] RsFx0103        C:\Windows\system32\DRIVERS\RsFx0103.sys
19:48:10.0024 2556  RsFx0103 - ok
19:48:10.0048 2556  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
19:48:10.0050 2556  rspndr - ok
19:48:10.0072 2556  [ 30F463768D5143BFD7B2DF822B53CF4D ] RSUSBSTOR       C:\Windows\system32\Drivers\RtsUStor.sys
19:48:10.0076 2556  RSUSBSTOR - ok
19:48:10.0093 2556  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
19:48:10.0094 2556  SamSs - ok
19:48:10.0123 2556  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
19:48:10.0125 2556  sbp2port - ok
19:48:10.0151 2556  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
19:48:10.0157 2556  SCardSvr - ok
19:48:10.0196 2556  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
19:48:10.0197 2556  scfilter - ok
19:48:10.0249 2556  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
19:48:10.0270 2556  Schedule - ok
19:48:10.0299 2556  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
19:48:10.0300 2556  SCPolicySvc - ok
19:48:10.0325 2556  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
19:48:10.0328 2556  SDRSVC - ok
19:48:10.0353 2556  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
19:48:10.0354 2556  secdrv - ok
19:48:10.0374 2556  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
19:48:10.0376 2556  seclogon - ok
19:48:10.0429 2556  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
19:48:10.0432 2556  SENS - ok
19:48:10.0444 2556  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
19:48:10.0446 2556  SensrSvc - ok
19:48:10.0462 2556  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
19:48:10.0464 2556  Serenum - ok
19:48:10.0498 2556  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
19:48:10.0500 2556  Serial - ok
19:48:10.0525 2556  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
19:48:10.0526 2556  sermouse - ok
19:48:10.0577 2556  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
19:48:10.0580 2556  SessionEnv - ok
19:48:10.0600 2556  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
19:48:10.0602 2556  sffdisk - ok
19:48:10.0639 2556  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
19:48:10.0640 2556  sffp_mmc - ok
19:48:10.0645 2556  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
19:48:10.0646 2556  sffp_sd - ok
19:48:10.0672 2556  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
19:48:10.0673 2556  sfloppy - ok
19:48:10.0821 2556  [ CF53DCCE55E500F51089774E851E7363 ] SftService      C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
19:48:10.0829 2556  SftService - ok
19:48:10.0874 2556  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:48:10.0879 2556  ShellHWDetection - ok
19:48:10.0913 2556  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:48:10.0915 2556  SiSRaid2 - ok
19:48:10.0933 2556  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
19:48:10.0935 2556  SiSRaid4 - ok
19:48:10.0957 2556  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
19:48:10.0960 2556  Smb - ok
19:48:10.0994 2556  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
19:48:10.0996 2556  SNMPTRAP - ok
19:48:11.0009 2556  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
19:48:11.0010 2556  spldr - ok
19:48:11.0051 2556  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
19:48:11.0058 2556  Spooler - ok
19:48:11.0149 2556  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
19:48:11.0223 2556  sppsvc - ok
19:48:11.0251 2556  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
19:48:11.0254 2556  sppuinotify - ok
19:48:11.0301 2556  [ 12E6D95CDE974B131DEFAA44BAB8B056 ] SQLAgent$SQLEXPRESS C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
19:48:11.0339 2556  SQLAgent$SQLEXPRESS - ok
19:48:11.0398 2556  [ B54B48F6D92423440C264E91225C5FF1 ] SQLBrowser      C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
19:48:11.0403 2556  SQLBrowser - ok
19:48:11.0468 2556  [ 6D65985945B03CA59B67D0B73702FC7B ] SQLWriter       C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
19:48:11.0471 2556  SQLWriter - ok
19:48:11.0525 2556  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
19:48:11.0533 2556  srv - ok
19:48:11.0565 2556  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
19:48:11.0569 2556  srv2 - ok
19:48:11.0591 2556  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
19:48:11.0593 2556  srvnet - ok
19:48:11.0631 2556  [ 8F8324ED1DE63FFC7B1A02CD2D963C72 ] ssadbus         C:\Windows\system32\DRIVERS\ssadbus.sys
19:48:11.0634 2556  ssadbus - ok
19:48:11.0649 2556  [ 58221EFCB74167B73667F0024C661CE0 ] ssadmdfl        C:\Windows\system32\DRIVERS\ssadmdfl.sys
19:48:11.0650 2556  ssadmdfl - ok
19:48:11.0689 2556  [ 4DA7C71BFAC5AD71255B7E4CAB980163 ] ssadmdm         C:\Windows\system32\DRIVERS\ssadmdm.sys
19:48:11.0692 2556  ssadmdm - ok
19:48:11.0730 2556  [ D33D1BD3EC0E766211A234F56A12726D ] ssadserd        C:\Windows\system32\DRIVERS\ssadserd.sys
19:48:11.0732 2556  ssadserd - ok
19:48:11.0765 2556  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
19:48:11.0768 2556  SSDPSRV - ok
19:48:11.0779 2556  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
19:48:11.0782 2556  SstpSvc - ok
19:48:11.0876 2556  [ DA7702025DFD169B909C4DA3126762CC ] STacSV          C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_4df47d9dbfb58b44\STacSV64.exe
19:48:11.0879 2556  STacSV - ok
19:48:11.0914 2556  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
19:48:11.0915 2556  stexstor - ok
19:48:11.0958 2556  [ CAF5A9708671B14B9670260735B22C4E ] STHDA           C:\Windows\system32\DRIVERS\stwrt64.sys
19:48:11.0964 2556  STHDA - ok
19:48:12.0003 2556  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
19:48:12.0010 2556  stisvc - ok
19:48:12.0087 2556  [ FD27F32A38E991E1BC45ABCE247DF382 ] svcgdp          C:\Program Files (x86)\Software Plate\svcgdp.exe
19:48:12.0088 2556  svcgdp - ok
19:48:12.0119 2556  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
19:48:12.0120 2556  swenum - ok
19:48:12.0170 2556  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
19:48:12.0176 2556  swprv - ok
19:48:12.0239 2556  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
19:48:12.0259 2556  SysMain - ok
19:48:12.0287 2556  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:48:12.0289 2556  TabletInputService - ok
19:48:12.0318 2556  [ F33FDC72298DF4BF9813A55D21F4EB31 ] taphss          C:\Windows\system32\DRIVERS\taphss.sys
19:48:12.0319 2556  taphss - ok
19:48:12.0343 2556  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
19:48:12.0348 2556  TapiSrv - ok
19:48:12.0401 2556  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
19:48:12.0404 2556  TBS - ok
19:48:12.0506 2556  [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
19:48:12.0525 2556  Tcpip - ok
19:48:12.0550 2556  [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
19:48:12.0560 2556  TCPIP6 - ok
19:48:12.0607 2556  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
19:48:12.0608 2556  tcpipreg - ok
19:48:12.0652 2556  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
19:48:12.0654 2556  TDPIPE - ok
19:48:12.0683 2556  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
19:48:12.0684 2556  TDTCP - ok
19:48:12.0731 2556  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
19:48:12.0734 2556  tdx - ok
19:48:12.0770 2556  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
19:48:12.0772 2556  TermDD - ok
19:48:12.0810 2556  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
19:48:12.0821 2556  TermService - ok
19:48:12.0855 2556  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
19:48:12.0857 2556  Themes - ok
19:48:12.0894 2556  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
19:48:12.0896 2556  THREADORDER - ok
19:48:12.0908 2556  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
19:48:12.0911 2556  TrkWks - ok
19:48:12.0948 2556  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:48:12.0952 2556  TrustedInstaller - ok
19:48:13.0000 2556  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
19:48:13.0001 2556  tssecsrv - ok
19:48:13.0039 2556  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
19:48:13.0041 2556  TsUsbFlt - ok
19:48:13.0079 2556  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
19:48:13.0081 2556  tunnel - ok
19:48:13.0117 2556  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
19:48:13.0118 2556  uagp35 - ok
19:48:13.0162 2556  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
19:48:13.0166 2556  udfs - ok
19:48:13.0212 2556  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
19:48:13.0214 2556  UI0Detect - ok
19:48:13.0241 2556  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
19:48:13.0242 2556  uliagpkx - ok
19:48:13.0271 2556  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\drivers\umbus.sys
19:48:13.0272 2556  umbus - ok
19:48:13.0301 2556  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
19:48:13.0302 2556  UmPass - ok
19:48:13.0401 2556  [ A7377410BC0D28C5A72135A4BE1A1068 ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
19:48:13.0456 2556  UNS - ok
19:48:13.0496 2556  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
19:48:13.0501 2556  upnphost - ok
19:48:13.0528 2556  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
19:48:13.0530 2556  usbaudio - ok
19:48:13.0565 2556  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
19:48:13.0566 2556  usbccgp - ok
19:48:13.0599 2556  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
19:48:13.0601 2556  usbcir - ok
19:48:13.0620 2556  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\drivers\usbehci.sys
19:48:13.0622 2556  usbehci - ok
19:48:13.0642 2556  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
19:48:13.0646 2556  usbhub - ok
19:48:13.0682 2556  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
19:48:13.0683 2556  usbohci - ok
19:48:13.0705 2556  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
19:48:13.0707 2556  usbprint - ok
19:48:13.0742 2556  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:48:13.0743 2556  USBSTOR - ok
19:48:13.0771 2556  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
19:48:13.0772 2556  usbuhci - ok
19:48:13.0793 2556  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
19:48:13.0796 2556  usbvideo - ok
19:48:13.0833 2556  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
19:48:13.0835 2556  UxSms - ok
19:48:13.0849 2556  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
19:48:13.0850 2556  VaultSvc - ok
19:48:13.0890 2556  [ BA20A718E25228B9D69D72E4F19EDEB5 ] VBoxDrv         C:\Windows\system32\DRIVERS\VBoxDrv.sys
19:48:13.0893 2556  VBoxDrv - ok
19:48:13.0910 2556  [ 48630B4530C80AAF3DDE9633E4291D8C ] VBoxNetAdp      C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
19:48:13.0913 2556  VBoxNetAdp - ok
19:48:13.0933 2556  [ 8B86A00D13E2DCBFE320061F3435FAFF ] VBoxNetFlt      C:\Windows\system32\DRIVERS\VBoxNetFlt.sys
19:48:13.0935 2556  VBoxNetFlt - ok
19:48:13.0977 2556  [ 075EA3A313446EE2BD760F20F00BEFD7 ] VBoxUSB         C:\Windows\system32\Drivers\VBoxUSB.sys
19:48:13.0979 2556  VBoxUSB - ok
19:48:14.0025 2556  [ CEC73CEA22B7258C0A8F2354DC49D25C ] VBoxUSBMon      C:\Windows\system32\DRIVERS\VBoxUSBMon.sys
19:48:14.0029 2556  VBoxUSBMon - ok
19:48:14.0071 2556  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
19:48:14.0072 2556  vdrvroot - ok
19:48:14.0115 2556  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
19:48:14.0124 2556  vds - ok
19:48:14.0157 2556  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
19:48:14.0158 2556  vga - ok
19:48:14.0174 2556  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
19:48:14.0176 2556  VgaSave - ok
19:48:14.0210 2556  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
19:48:14.0214 2556  vhdmp - ok
19:48:14.0234 2556  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
19:48:14.0235 2556  viaide - ok
19:48:14.0241 2556  vmci - ok
19:48:14.0247 2556  VMnetAdapter - ok
19:48:14.0270 2556  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
19:48:14.0271 2556  volmgr - ok
19:48:14.0316 2556  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
19:48:14.0323 2556  volmgrx - ok
19:48:14.0365 2556  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
19:48:14.0369 2556  volsnap - ok
19:48:14.0416 2556  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
19:48:14.0423 2556  vsmraid - ok
19:48:14.0476 2556  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
19:48:14.0493 2556  VSS - ok
19:48:14.0524 2556  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
19:48:14.0525 2556  vwifibus - ok
19:48:14.0551 2556  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
19:48:14.0552 2556  vwififlt - ok
19:48:14.0567 2556  [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
19:48:14.0568 2556  vwifimp - ok
19:48:14.0607 2556  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
19:48:14.0613 2556  W32Time - ok
19:48:14.0639 2556  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
19:48:14.0640 2556  WacomPen - ok
19:48:14.0646 2556  wampmysqld - ok
19:48:14.0679 2556  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
19:48:14.0680 2556  WANARP - ok
19:48:14.0688 2556  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
19:48:14.0690 2556  Wanarpv6 - ok
19:48:14.0759 2556  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
19:48:14.0775 2556  WatAdminSvc - ok
19:48:14.0835 2556  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
19:48:14.0862 2556  wbengine - ok
19:48:14.0909 2556  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
19:48:14.0913 2556  WbioSrvc - ok
19:48:14.0939 2556  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
19:48:14.0948 2556  wcncsvc - ok
19:48:14.0974 2556  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:48:14.0978 2556  WcsPlugInService - ok
19:48:14.0996 2556  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
19:48:14.0997 2556  Wd - ok
19:48:15.0031 2556  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
19:48:15.0040 2556  Wdf01000 - ok
19:48:15.0076 2556  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
19:48:15.0079 2556  WdiServiceHost - ok
19:48:15.0084 2556  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
19:48:15.0086 2556  WdiSystemHost - ok
19:48:15.0117 2556  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
19:48:15.0121 2556  WebClient - ok
19:48:15.0150 2556  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
19:48:15.0157 2556  Wecsvc - ok
19:48:15.0182 2556  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
19:48:15.0185 2556  wercplsupport - ok
19:48:15.0204 2556  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
19:48:15.0206 2556  WerSvc - ok
19:48:15.0231 2556  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
19:48:15.0232 2556  WfpLwf - ok
19:48:15.0269 2556  [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr         C:\Windows\system32\DRIVERS\wimfltr.sys
19:48:15.0273 2556  WimFltr - ok
19:48:15.0301 2556  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
19:48:15.0302 2556  WIMMount - ok
19:48:15.0317 2556  WinHttpAutoProxySvc - ok
19:48:15.0367 2556  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
19:48:15.0370 2556  Winmgmt - ok
19:48:15.0457 2556  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
19:48:15.0480 2556  WinRM - ok
19:48:15.0547 2556  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
19:48:15.0549 2556  WinUsb - ok
19:48:15.0611 2556  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
19:48:15.0629 2556  Wlansvc - ok
19:48:15.0692 2556  [ A96D6C0613DCF84F2D07FAEB75663072 ] wltrysvc        C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
19:48:15.0693 2556  wltrysvc - ok
19:48:15.0725 2556  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
19:48:15.0726 2556  WmiAcpi - ok
19:48:15.0773 2556  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
19:48:15.0775 2556  wmiApSrv - ok
19:48:15.0821 2556  WMPNetworkSvc - ok
19:48:15.0851 2556  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
19:48:15.0853 2556  WPCSvc - ok
19:48:15.0883 2556  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
19:48:15.0886 2556  WPDBusEnum - ok
19:48:15.0922 2556  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
19:48:15.0923 2556  ws2ifsl - ok
19:48:15.0928 2556  WSearch - ok
19:48:16.0002 2556  [ 2EBE4A9C843FFE1ADB402AE56FBD1011 ] WTGService      C:\Program Files (x86)\AveaConnectionManager\WTGService.exe
19:48:16.0005 2556  WTGService - ok
19:48:16.0038 2556  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
19:48:16.0040 2556  WudfPf - ok
19:48:16.0066 2556  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
19:48:16.0069 2556  WUDFRd - ok
19:48:16.0104 2556  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
19:48:16.0106 2556  wudfsvc - ok
19:48:16.0145 2556  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
19:48:16.0153 2556  WwanSvc - ok
19:48:16.0207 2556  [ 4A5CE13408945E525503B5F73D29B9C5 ] xnacc           C:\Windows\system32\DRIVERS\xnacc.sys
19:48:16.0218 2556  xnacc - ok
19:48:16.0259 2556  [ B3EEACF62445E24FBB2CD4B0FB4DB026 ] yukonw7         C:\Windows\system32\DRIVERS\yk62x64.sys
19:48:16.0266 2556  yukonw7 - ok
19:48:16.0304 2556  [ B71F6297627ABF1C9CDA451FF3ABE103 ] ZTEusbmdm6k     C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys
19:48:16.0307 2556  ZTEusbmdm6k - ok
19:48:16.0333 2556  [ B71F6297627ABF1C9CDA451FF3ABE103 ] ZTEusbnmea      C:\Windows\system32\DRIVERS\ZTEusbnmea.sys
19:48:16.0336 2556  ZTEusbnmea - ok
19:48:16.0381 2556  [ B71F6297627ABF1C9CDA451FF3ABE103 ] ZTEusbser6k     C:\Windows\system32\DRIVERS\ZTEusbser6k.sys
19:48:16.0383 2556  ZTEusbser6k - ok
19:48:16.0439 2556  ================ Scan global ===============================
19:48:16.0498 2556  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
19:48:16.0527 2556  [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
19:48:16.0534 2556  [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
19:48:16.0543 2556  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
19:48:16.0577 2556  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
19:48:16.0585 2556  [Global] - ok
19:48:16.0587 2556  ================ Scan MBR ==================================
19:48:16.0607 2556  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:48:17.0707 2556  \Device\Harddisk0\DR0 - ok
19:48:17.0707 2556  ================ Scan VBR ==================================
19:48:17.0732 2556  [ CC64A58309FC4C5D5E15DC503A8F6583 ] \Device\Harddisk0\DR0\Partition1
19:48:17.0734 2556  \Device\Harddisk0\DR0\Partition1 - ok
19:48:17.0760 2556  [ F9FC931A1DC3BD5E27D821ACF60080C1 ] \Device\Harddisk0\DR0\Partition2
19:48:17.0761 2556  \Device\Harddisk0\DR0\Partition2 - ok
19:48:17.0790 2556  [ 14F4CD3A2FB165D02E260EDD50BD01FA ] \Device\Harddisk0\DR0\Partition3
19:48:17.0793 2556  \Device\Harddisk0\DR0\Partition3 - ok
19:48:17.0794 2556  ============================================================
19:48:17.0794 2556  Scan finished
19:48:17.0794 2556  ============================================================
19:48:17.0821 5132  Detected object count: 0
19:48:17.0821 5132  Actual detected object count: 0
19:48:51.0283 5196  Deinitialize success


The results from aswMBR

aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-02-05 19:50:43
-----------------------------
19:50:43.606    OS Version: Windows x64 6.1.7601 Service Pack 1
19:50:43.606    Number of processors: 4 586 0x2502
19:50:43.607    ComputerName: ALEXG-ALEXG  UserName: AlexG
19:50:44.067    Initialize success
19:58:01.337    AVAST engine defs: 13020500
19:58:35.501    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
19:58:35.507    Disk 0 Vendor: TOSHIBA_ GJ00 Size: 238475MB BusType: 3
19:58:35.527    Disk 0 MBR read successfully
19:58:35.531    Disk 0 MBR scan
19:58:35.537    Disk 0 Windows 7 default MBR code
19:58:35.552    Disk 0 Partition 1 00     DE Dell Utility Dell 8.0      100 MB offset 2048
19:58:35.562    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS        15000 MB offset 206848
19:58:35.579    Disk 0 Partition 3 80 (A) 07    HPFS/NTFS NTFS       108922 MB offset 30926848
19:58:35.586    Disk 0 Partition - 00     0F Extended LBA            114450 MB offset 254001152
19:58:35.619    Disk 0 Partition 4 00     07    HPFS/NTFS NTFS       114449 MB offset 254003200
19:58:35.648    Disk 0 scanning C:\Windows\system32\drivers
19:58:48.604    Service scanning
19:59:39.761    Modules scanning
19:59:39.798    Disk 0 trace - called modules:
19:59:39.865    ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys 
19:59:39.870    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800345a060]
19:59:39.878    3 CLASSPNP.SYS[fffff88001b8e43f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80031d7050]
19:59:41.061    AVAST engine scan C:\Windows
19:59:43.216    AVAST engine scan C:\Windows\system32
20:01:47.883    File: C:\Windows\assembly\GAC_32\Desktop.ini  **INFECTED** Win32:Sirefef-PL [Rtk]
20:01:50.969    File: C:\Windows\assembly\GAC_64\Desktop.ini  **INFECTED** Win32:Sirefef-PL [Rtk]
20:04:06.647    AVAST engine scan C:\Windows\system32\drivers
20:04:23.245    AVAST engine scan C:\Users\AlexG
20:04:42.894    Disk 0 MBR has been saved successfully to "C:\Users\AlexG\Desktop\MBR.dat"
20:04:42.902    The log file has been saved successfully to "C:\Users\AlexG\Desktop\aswMBR.txt"


aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-02-05 19:50:43
-----------------------------
19:50:43.606    OS Version: Windows x64 6.1.7601 Service Pack 1
19:50:43.606    Number of processors: 4 586 0x2502
19:50:43.607    ComputerName: ALEXG-ALEXG  UserName: AlexG
19:50:44.067    Initialize success
19:58:01.337    AVAST engine defs: 13020500
19:58:35.501    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
19:58:35.507    Disk 0 Vendor: TOSHIBA_ GJ00 Size: 238475MB BusType: 3
19:58:35.527    Disk 0 MBR read successfully
19:58:35.531    Disk 0 MBR scan
19:58:35.537    Disk 0 Windows 7 default MBR code
19:58:35.552    Disk 0 Partition 1 00     DE Dell Utility Dell 8.0      100 MB offset 2048
19:58:35.562    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS        15000 MB offset 206848
19:58:35.579    Disk 0 Partition 3 80 (A) 07    HPFS/NTFS NTFS       108922 MB offset 30926848
19:58:35.586    Disk 0 Partition - 00     0F Extended LBA            114450 MB offset 254001152
19:58:35.619    Disk 0 Partition 4 00     07    HPFS/NTFS NTFS       114449 MB offset 254003200
19:58:35.648    Disk 0 scanning C:\Windows\system32\drivers
19:58:48.604    Service scanning
19:59:39.761    Modules scanning
19:59:39.798    Disk 0 trace - called modules:
19:59:39.865    ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys 
19:59:39.870    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800345a060]
19:59:39.878    3 CLASSPNP.SYS[fffff88001b8e43f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80031d7050]
19:59:41.061    AVAST engine scan C:\Windows
19:59:43.216    AVAST engine scan C:\Windows\system32
20:01:47.883    File: C:\Windows\assembly\GAC_32\Desktop.ini  **INFECTED** Win32:Sirefef-PL [Rtk]
20:01:50.969    File: C:\Windows\assembly\GAC_64\Desktop.ini  **INFECTED** Win32:Sirefef-PL [Rtk]
20:04:06.647    AVAST engine scan C:\Windows\system32\drivers
20:04:23.245    AVAST engine scan C:\Users\AlexG
20:04:42.894    Disk 0 MBR has been saved successfully to "C:\Users\AlexG\Desktop\MBR.dat"
20:04:42.902    The log file has been saved successfully to "C:\Users\AlexG\Desktop\aswMBR.txt"
20:13:04.204    AVAST engine scan C:\ProgramData
20:13:56.773    Scan finished successfully
20:16:34.518    Disk 0 MBR has been saved successfully to "C:\Users\AlexG\Desktop\MBR.dat"
20:16:34.541    The log file has been saved successfully to "C:\Users\AlexG\Desktop\aswMBR.txt"

ESET is so slow, it is still scanning, i will post them too when it is done.

#5 alexantosh

alexantosh
  • Topic Starter

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Local time:12:52 PM

Posted 05 February 2013 - 08:27 PM

ESET is done and below is the Log text file :

C:\Users\All Users\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setupx.dll	a variant of Win32/Adware.Yontoo.B application	
C:\Program Files (x86)\KONAMI\Pro Evolution Soccer 2012\rld.dll	a variant of Win32/Packed.VMProtect.AAH trojan	cleaned by deleting - quarantined
C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setupx.dll	a variant of Win32/Adware.Yontoo.B application	cleaned by deleting - quarantined
Operating memory	multiple threats	


Now what should i do next?

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:52 AM

Posted 05 February 2013 - 08:31 PM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.


Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#7 alexantosh

alexantosh
  • Topic Starter

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Local time:12:52 PM

Posted 06 February 2013 - 07:29 AM

alright, am getting on it now. this time it should finish much more quickly coz am on a faster network.

#8 alexantosh

alexantosh
  • Topic Starter

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Local time:12:52 PM

Posted 06 February 2013 - 10:08 AM

From Malware is the list below

Malwarebytes Anti-Malware (Trial) 1.70.0.1100
www.malwarebytes.org

Database version: v2013.02.06.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
AlexG :: ALEXG-ALEXG [administrator]

Protection: Enabled

06.02.2013 14:33:32
mbam-log-2013-02-06 (14-33-32).txt

Scan type: Full scan (B:\|C:\|G:\|H:\|I:\|J:\|K:\|L:\|M:\|N:\|O:\|P:\|Q:\|R:\|S:\|T:\|U:\|V:\|W:\|X:\|Y:\|Z:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 855072
Time elapsed: 2 hour(s), 30 minute(s), 26 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 13
B:\akdmk\adobe\Adobe\Adobe After Effects CS6 11.0.0.378 LS7 Multilanguage [ChingLiu]\Cracked dll\amtlib.dll (PUP.RiskwareTool.CK) -> Quarantined and deleted successfully.
B:\akdmk\adobe\Adobe\Adobe photoshop CS6 13.0 [Extended x86+x64] (2012) PC\Patch\Crack\x64\amtlib.dll (PUP.RiskwareTool.CK) -> Quarantined and deleted successfully.
B:\akdmk\adobe\Adobe\Adobe photoshop CS6 13.0 [Extended x86+x64] (2012) PC\Patch\Crack\x86\amtlib.dll (PUP.RiskwareTool.CK) -> Quarantined and deleted successfully.
B:\akdmk\unblcksts\u1104\u1104.exe (PUP.UltraSurf) -> Quarantined and deleted successfully.
C:\$RECYCLE.BIN\S-1-5-18\$11149c7f1b210f9184ab83b4820e9e4d\n (Trojan.0Access) -> Delete on reboot.
C:\$RECYCLE.BIN\S-1-5-18\$11149c7f1b210f9184ab83b4820e9e4d\U\00000004.@ (Trojan.0Access) -> Quarantined and deleted successfully.
C:\$RECYCLE.BIN\S-1-5-18\$11149c7f1b210f9184ab83b4820e9e4d\U\00000008.@ (Trojan.Dropper.BCMiner) -> Quarantined and deleted successfully.
C:\$RECYCLE.BIN\S-1-5-18\$11149c7f1b210f9184ab83b4820e9e4d\U\000000cb.@ (Trojan.0Access) -> Quarantined and deleted successfully.
C:\$RECYCLE.BIN\S-1-5-18\$11149c7f1b210f9184ab83b4820e9e4d\U\80000000.@ (Trojan.0Access) -> Quarantined and deleted successfully.
G:\akdmk\CompEng\Adobe Photoshop CS6 13.0 Final  Multilanguage (patch-PainteR) [ChingLiu]\Adobe CS6\adobe.photoshop.cs6-patch.exe (PUP.RiskwareTool.CK) -> Quarantined and deleted successfully.
G:\akdmk\CompEng\Adobe Photoshop CS6 13.0 Final  Multilanguage (patch-PainteR) [ChingLiu]\Adobe CS6\adobe.photoshop.cs6-patch.exe.BAK (PUP.RiskwareTool.CK) -> Quarantined and deleted successfully.
G:\akdmk\CompEng\Adobe Photoshop CS6 13.0 Final  Multilanguage (patch-PainteR) [ChingLiu]\patch - PainteR\adobe.photoshop.cs6-patch.exe (PUP.RiskwareTool.CK) -> Quarantined and deleted successfully.
G:\akdmk\java\whyliegame\Games\Pro Evolution Soccer 2012\Patches\Official Patches\Patch 1.06\Crack\rld.dll (PUP.Hacktool.crk) -> Quarantined and deleted successfully.

(end)


#9 alexantosh

alexantosh
  • Topic Starter

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Local time:12:52 PM

Posted 06 February 2013 - 11:35 AM

FROM MINITOOLBAR:

MiniToolBox by Farbar  Version:10-01-2013
Ran by AlexG (administrator) on 06-02-2013 at 18:33:56
Running from "C:\Users\AlexG\Downloads"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

========================= IE Proxy Settings: ============================== 

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ============================== 


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

DW1501 Kablosuz-N WLAN Half-Mini Kartı = Kablosuz Ağ Bağlantısı (Connected)
VirtualBox Host-Only Ethernet Adapter = VirtualBox Host-Only Network (Connected)
Atheros AR8132 PCI-E Fast Ethernet Controller = Yerel Ağ Bağlantısı (Media disconnected)
Broadcom Virtual Wireless Adapter = Yerel Ağ Bağlantısı 2 (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection (Media disconnected)
========================= Winsock entries =====================================

Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog9 01 mswsock.dll [File not found] ()
Catalog9 02 mswsock.dll [File not found] ()
Catalog9 03 mswsock.dll [File not found] ()
Catalog9 04 mswsock.dll [File not found] ()
Catalog9 05 mswsock.dll [File not found] ()
Catalog9 06 mswsock.dll [File not found] ()
Catalog9 07 mswsock.dll [File not found] ()
Catalog9 08 mswsock.dll [File not found] ()
Catalog9 09 mswsock.dll [File not found] ()
Catalog9 10 mswsock.dll [File not found] ()
Catalog9 11 mswsock.dll [File not found] ()
x64-Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog9 01 mswsock.dll [File Not found] ()
x64-Catalog9 02 mswsock.dll [File Not found] ()
x64-Catalog9 03 mswsock.dll [File Not found] ()
x64-Catalog9 04 mswsock.dll [File Not found] ()
x64-Catalog9 05 mswsock.dll [File Not found] ()
x64-Catalog9 06 mswsock.dll [File Not found] ()
x64-Catalog9 07 mswsock.dll [File Not found] ()
x64-Catalog9 08 mswsock.dll [File Not found] ()
x64-Catalog9 09 mswsock.dll [File Not found] ()
x64-Catalog9 10 mswsock.dll [File Not found] ()
x64-Catalog9 11 mswsock.dll [File Not found] ()

========================= Event log errors: ===============================

Application errors:
==================
Error: (02/06/2013 06:28:56 PM) (Source: DataSafe.exe) (User: )
Description: Recovery Environment incorrect, file 'B:\dell\Image\Factory.wim' missing

Error: (02/06/2013 05:10:13 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc100
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x7453c9f1
Faulting process id: 0x1948
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3

Error: (02/06/2013 05:09:13 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc100
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x7453c9f1
Faulting process id: 0x1ae8
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3

Error: (02/06/2013 05:08:12 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc100
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x7453c9f1
Faulting process id: 0x7c8
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3

Error: (02/06/2013 05:07:12 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc100
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x7453c9f1
Faulting process id: 0x1a54
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3

Error: (02/06/2013 05:06:12 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc100
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x7453c9f1
Faulting process id: 0x1b74
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3

Error: (02/06/2013 05:05:11 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc100
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x7453c9f1
Faulting process id: 0xadc
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3

Error: (02/06/2013 05:04:11 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc100
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x7453c9f1
Faulting process id: 0x698
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3

Error: (02/06/2013 05:03:11 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc100
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x7453c9f1
Faulting process id: 0x4a0
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3

Error: (02/06/2013 05:02:10 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc100
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x7453c9f1
Faulting process id: 0x1b58
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3


System errors:
=============
Error: (02/06/2013 05:12:38 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error: 
%%1060

Error: (02/06/2013 05:12:35 PM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.

Error: (02/06/2013 05:12:34 PM) (Source: Service Control Manager) (User: )
Description: The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.

Error: (02/06/2013 05:12:19 PM) (Source: Service Control Manager) (User: )
Description: The Advanced SystemCare Service 6 service failed to start due to the following error: 
%%1053

Error: (02/06/2013 05:12:19 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Advanced SystemCare Service 6 service to connect.

Error: (02/06/2013 05:11:36 PM) (Source: Ntfs) (User: )
Description: The default transaction resource manager on volume \\?\Volume{71800038-9ce8-11df-875c-806e6f6e6963} encountered a non-retryable error and could not start.  The data contains the error code.

Error: (02/06/2013 11:38:26 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR16.

Error: (02/06/2013 11:38:26 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR16.

Error: (02/06/2013 11:38:24 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR16.

Error: (02/06/2013 08:39:34 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR16.


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

 Update for Microsoft Office 2007 (KB2508958)
4shared.com Toolbar (Version: 6.8.10.403)
ATI AVIVO64 Codecs (Version: 11.6.0.50601)
ATI Catalyst Install Manager (Version: 3.0.778.0)
Adobe AIR (Version: 3.3.0.3670)
Adobe Flash Player 11 ActiveX (Version: 11.5.502.146)
Adobe Flash Player 11 Plugin (Version: 11.5.502.146)
Adobe Photoshop CS (Version: CS)
Adobe Photoshop CS5
Adobe Reader XI (11.0.01) (Version: 11.0.01)
Adobe Shockwave Player 11.5 (Version: 11.5.10.620)
Advanced Audio FX Engine (Version: 1.12.05)
Advanced SystemCare 6 (Version: 6.0)
Android SDK Tools (Version: 1.16)
Avea Connection Manager (Version: 3.0)
Avea Jet Mobil Modem (Version: 1.0.0.1)
CCC Help Chinese Standard (Version: 2010.0601.2151.37421)
CCC Help Chinese Traditional (Version: 2010.0601.2151.37421)
CCC Help Danish (Version: 2010.0601.2151.37421)
CCC Help Dutch (Version: 2010.0601.2151.37421)
CCC Help English (Version: 2010.0601.2151.37421)
CCC Help Finnish (Version: 2010.0601.2151.37421)
CCC Help French (Version: 2010.0601.2151.37421)
CCC Help German (Version: 2010.0601.2151.37421)
CCC Help Italian (Version: 2010.0601.2151.37421)
CCC Help Japanese (Version: 2010.0601.2151.37421)
CCC Help Korean (Version: 2010.0601.2151.37421)
CCC Help Norwegian (Version: 2010.0601.2151.37421)
CCC Help Portuguese (Version: 2010.0601.2151.37421)
CCC Help Russian (Version: 2010.0601.2151.37421)
CCC Help Spanish (Version: 2010.0601.2151.37421)
CCC Help Swedish (Version: 2010.0601.2151.37421)
CCleaner (Version: 3.19)
CXP WebViewer (Version: 1.0.0)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (Version: 2010.0601.2152.37421)
Catalyst Control Center Graphics Previews Vista (Version: 2010.0601.2152.37421)
Catalyst Control Center InstallProxy (Version: 2010.0601.2152.37421)
Catalyst Control Center Localization All (Version: 2010.0601.2152.37421)
Cheating-Death 4.33.4
Cisco EAP-FAST Module (Version: 2.2.14)
Cisco LEAP Module (Version: 1.0.19)
Cisco PEAP Module (Version: 1.1.6)
CodeBlocks (Version: 10.05)
Crystal Reports for Visual Studio (Version: 12.51.0.240)
DAEMON Tools Lite (Version: 4.40.2.0131.0)
DW WLAN Card Utility (Version: 5.60.48.18)
Dell DataSafe Local Backup (Version: 9.4.40)
Dell DataSafe Local Backup - Support Software
Dell Edoc Viewer (Version: 1.0.0)
Dell Getting Started Guide (Version: 1.00.0000)
Dell Touchpad (Version: 7.1107.101.202)
Dell Webcam Central (Version: 1.40.05)
DivX Setup (Version: 2.6.1.22)
ESET Online Scanner v3
FL Studio 10 (Version: 10)
Foxit Reader 5.1 (Version: 5.1.3.1201)
Google Chrome (Version: 24.0.1312.57)
IDT Audio (Version: 1.0.6267.0)
ImageMagick 6.7.7-7 Q16 (2012-07-01) (Version: 6.7.7)
Intel(R) Control Center (Version: 1.2.1.1007)
Intel(R) Management Engine Components (Version: 6.0.0.1179)
Intel(R) Rapid Storage Technology (Version: 9.6.0.1014)
Java 7 Update 11 (64-bit) (Version: 7.0.110)
Java Auto Updater (Version: 2.1.6.0)
Java SE Development Kit 7 Update 4 (64-bit) (Version: 1.7.0.40)
Java(TM) 6 Update 20 (64-bit) (Version: 6.0.200)
Java(TM) 6 Update 23 (Version: 6.0.230)
Java(TM) 7 Update 4 (Version: 7.0.40)
JavaFX 2.1.0 (64-bit) (Version: 2.1.0)
JavaFX 2.1.0 (Version: 2.1.0)
JavaFX 2.1.0 SDK (64-bit) (Version: 2.1.0)
Junk Mail filter update (Version: 14.0.8089.726)
LPCXpresso (Version: 4.3.0)
Live! Cam Avatar Creator (Version: 4.6.3009.1)
MATLAB R2010b (Version: 7.11)
MSVCRT (Version: 14.0.1468.721)
MagicDisc 2.7.106
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
Maple 13 (Version: 13.0.0.0)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Multi-Targeting Pack (Version: 4.0.30319)
Microsoft ASP.NET MVC 2 (Version: 2.0.50217.0)
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools (Version: 2.0.50217.0)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Help Viewer 1.0 (Version: 1.0.30319)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Professional Plus 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft SQL Server 2008 (64-bit)
Microsoft SQL Server 2008 Browser (Version: 10.1.2531.0)
Microsoft SQL Server 2008 Common Files (Version: 10.0.1600.22)
Microsoft SQL Server 2008 Common Files (Version: 10.1.2531.0)
Microsoft SQL Server 2008 Database Engine Services (Version: 10.1.2531.0)
Microsoft SQL Server 2008 Database Engine Shared (Version: 10.1.2531.0)
Microsoft SQL Server 2008 Native Client (Version: 10.1.2531.0)
Microsoft SQL Server 2008 R2 Data-Tier Application Framework (Version: 10.50.1447.4)
Microsoft SQL Server 2008 R2 Data-Tier Application Project (Version: 10.50.1447.4)
Microsoft SQL Server 2008 R2 Management Objects (Version: 10.50.1447.4)
Microsoft SQL Server 2008 R2 Management Objects (x64) (Version: 10.50.1447.4)
Microsoft SQL Server 2008 R2 Transact-SQL Language Service (Version: 10.50.1447.4)
Microsoft SQL Server 2008 RsFx Driver (Version: 10.1.2531.0)
Microsoft SQL Server 2008 Setup Support Files  (Version: 10.1.2731.0)
Microsoft SQL Server Compact 3.5 SP2 ENU (Version: 3.5.8080.0)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (Version: 3.5.8080.0)
Microsoft SQL Server Database Publishing Wizard 1.4 (Version: 10.1.2512.8)
Microsoft SQL Server System CLR Types (Version: 10.50.1447.4)
Microsoft SQL Server System CLR Types (x64) (Version: 10.50.1447.4)
Microsoft SQL Server VSS Writer (Version: 10.1.2531.0)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft Silverlight 3 SDK (Version: 3.0.40818.0)
Microsoft Sync Framework Runtime Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Sync Framework Runtime v1.0 SP1 (x64) (Version: 1.0.3010.0)
Microsoft Sync Framework SDK v1.0 SP1 (Version: 1.0.3010.0)
Microsoft Sync Framework Services Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Sync Framework Services v1.0 SP1 (x64) (Version: 1.0.3010.0)
Microsoft Sync Services for ADO.NET v2.0 SP1 (x64) (Version: 2.0.3010.0)
Microsoft Team Foundation Server 2010 Object Model - ENU (Version: 10.0.30319)
Microsoft Text-to-Speech Engine 4.0 (English)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Designtime - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual F# 2.0 Runtime (Version: 10.0.30319)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (Version: 10.0.30319)
Microsoft Visual Studio 2010 Office Developer Tools (x64) (Version: 10.0.30319)
Microsoft Visual Studio 2010 Professional - ENU (Version: 10.0.30319)
Microsoft Visual Studio 2010 SharePoint Developer Tools (Version: 10.0.30319)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.40302)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.40307)
Microsoft Visual Studio Macro Tools (Version: 9.0.30729)
Mozilla Firefox 18.0.1 (x86 en-US) (Version: 18.0.1)
Mozilla Maintenance Service (Version: 18.0.1)
Notepad++ (Version: 6.1.3)
Oracle VM VirtualBox 4.1.16 (Version: 4.1.16)
Picasa 3 (Version: 3.8)
Python 2.7 PIL-1.1.7
Python 2.7 matplotlib-1.1.1
Python 2.7 pygame-1.9.2a0 (Version: 1.9.2)
Python 2.7.3 (Version: 2.7.3150)
Quickset64 (Version: 10.6.0)
Ralink RT2870 Wireless LAN Card (Version: 1.5.5.0)
Roxio Burn (Version: 1.01)
Service Pack 1 for SQL Server 2008 (KB968369) (64-bit) (Version: 10.1.2531.0)
Simple Build Tool (Version: 0.12.0.1)
Sql Server Customer Experience Improvement Program (Version: 10.1.2531.0)
Standard ML of New Jersey (Version: 0.0.0.0)
TypingMaster Pro (Version: 7.00)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2760573) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
VLC media player 1.0.1 (Version: 1.0.1)
VPython 5.74
Visual Studio 2010 Prerequisites - English (Version: 10.0.30319)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (Version: 4.0.8080.0)
WinRAR archiver
Windows Live Call (Version: 14.0.8064.0206)
Windows Live Communications Platform (Version: 14.0.8064.206)
Windows Live Fotoğraf Galerisi (Version: 14.0.8081.709)
Windows Live Karşıya Yükleme Aracı (Version: 14.0.8014.1029)
Windows Live Mail (Version: 14.0.8089.0726)
Windows Live Messenger (Version: 14.0.8089.0726)
Windows Live Movie Maker (Version: 14.0.8091.0730)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live Temel Parçalar (Version: 14.0.8089.0726)
Windows Live Temel Parçalar (Version: 14.0.8089.726)
Windows Live Writer (Version: 14.0.8089.0726)
ccc-core-static (Version: 2010.0601.2152.37421)
ccc-utility64 (Version: 2010.0601.2152.37421)
wxPython 2.8.12.1 (unicode) for Python 2.7 (Version: 2.8.12.1-unicode)

========================= Memory info: ===================================

Percentage of memory in use: 50%
Total physical RAM: 2998.69 MB
Available physical RAM: 1473.69 MB
Total Pagefile: 5995.57 MB
Available Pagefile: 3738.48 MB
Total Virtual: 4095.88 MB
Available Virtual: 3973.92 MB

========================= Partitions: =====================================

1 Drive b: (LEX MEMO) (Fixed) (Total:111.77 GB) (Free:2.33 GB) NTFS
2 Drive c: (OS) (Fixed) (Total:106.37 GB) (Free:17.67 GB) NTFS
4 Drive e: (Matlab R2010b) (CDROM) (Total:3.76 GB) (Free:0 GB) CDFS
6 Drive g: (lex memo) (Fixed) (Total:465.76 GB) (Free:6.79 GB) NTFS
12 Drive z: (LEX) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT

========================= Users: ========================================
========================= Restore Points ==================================

04-02-2013 15:56:35 Installed CXP WebViewer

**** End of log ****



#10 alexantosh

alexantosh
  • Topic Starter

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Local time:12:52 PM

Posted 06 February 2013 - 11:39 AM

FROM FABAR:

Farbar Service Scanner Version: 30-01-2013
Ran by AlexG (administrator) on 06-02-2013 at 18:37:40
Running from "B:\pgShrCts"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error. Google IP is offline
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to retrieve start type of MpsSvc. The value does not exist.
Checking ImagePath: ATTENTION!=====> Unable to retrieve ImagePath of MpsSvc. The value does not exist.
Unable to retrieve ServiceDll of MpsSvc. The value does not exist.

bfe Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.


Firewall Disabled Policy: 
==================


System Restore:
============
VSS Service is not running. Checking service configuration:
The start type of VSS service is OK.
The ImagePath of VSS service is OK.


System Restore Disabled Policy: 
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.

BITS Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.


Windows Autoupdate Disabled Policy: 
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.

RpcSs Service is not running. Checking service configuration:
The start type of RpcSs service is OK.
The ImagePath of RpcSs service is OK.


Other Services:
==============
Checking Start type of SharedAccess: ATTENTION!=====> Unable to retrieve start type of SharedAccess. The value does not exist.
Checking ImagePath of SharedAccess: ATTENTION!=====> Unable to retrieve ImagePath of SharedAccess. The value does not exist.
Checking ServiceDll of SharedAccess: ATTENTION!=====> Unable to open SharedAccess registry key. The service key does not exist.
Checking Start type of iphlpsvc: ATTENTION!=====> Unable to retrieve start type of iphlpsvc. The value does not exist.
Checking ImagePath of iphlpsvc: ATTENTION!=====> Unable to retrieve ImagePath of iphlpsvc. The value does not exist.
Checking ServiceDll of iphlpsvc: ATTENTION!=====> Unable to open iphlpsvc registry key. The service key does not exist.


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****


#11 alexantosh

alexantosh
  • Topic Starter

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Local time:12:52 PM

Posted 06 February 2013 - 11:49 AM

from ADWARE:

# AdwCleaner v2.111 - Logfile created 02/06/2013 at 18:41:51
# Updated 05/02/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : AlexG - ALEXG-ALEXG
# Boot Mode : Normal
# Running from : C:\Users\AlexG\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\user.js
File Deleted : C:\Users\AlexG\AppData\Roaming\Mozilla\Firefox\Profiles\nop08l86.default\searchplugins\babylon1.xml
Folder Deleted : C:\Program Files (x86)\ChatZum Toolbar
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\Perion
Folder Deleted : C:\Program Files\Babylon
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\BrowserProtect
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\Users\AlexG\AppData\Local\Conduit
Folder Deleted : C:\Users\AlexG\AppData\Local\Google\Chrome\User Data\Default\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg
Folder Deleted : C:\Users\AlexG\AppData\Local\Google\Chrome\User Data\Default\Extensions\noebaifjopccondbkcieccphcpijhdne
Folder Deleted : C:\Users\AlexG\AppData\Local\vghd
Folder Deleted : C:\Users\AlexG\AppData\LocalLow\4shared.com
Folder Deleted : C:\Users\AlexG\AppData\LocalLow\BabylonToolbar
Folder Deleted : C:\Users\AlexG\AppData\LocalLow\boost_interprocess
Folder Deleted : C:\Users\AlexG\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\AlexG\AppData\LocalLow\incredibar.com
Folder Deleted : C:\Users\AlexG\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\AlexG\AppData\Roaming\Babylon

***** [Registry] *****

Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\AppDataLow\Software\4shared.com
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\BabylonToolbar
Key Deleted : HKCU\Software\ChatZum Toolbar
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\DataMngr_Toolbar
Key Deleted : HKCU\Software\Google\Chrome\Extensions\noebaifjopccondbkcieccphcpijhdne
Key Deleted : HKCU\Software\IGearSettings
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKCU\Software\532de8bb735e940
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Key Deleted : HKLM\Software\4shared.com
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\ChatZum Toolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\Iminent
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{BEE8E0F6-7731-4CCE-A26C-0D5D48142BF4}
Key Deleted : HKLM\Software\Web Assistant
Key Deleted : HKLM\SOFTWARE\Wow6432Node\14919ea49a8f3b4aa3cf1058d9a64cec
Key Deleted : HKLM\SOFTWARE\Wow6432Node\532de8bb735e940
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\noebaifjopccondbkcieccphcpijhdne
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pmlghpafmmnmmkjdhacccolfgnkiboco
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{662653E4-EE43-48DE-9F59-AB5A8EB611B0}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{758EC6F2-54D3-475B-BAB3-2438BBF655D2}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{09EC805C-CB2E-4D53-B0D3-A75A428B81C7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\4shared.com Toolbar
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar
Key Deleted : HKLM\SOFTWARE\Tarma Installer
Key Deleted : HKLM\SOFTWARE\Web Assistant
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{09EC805C-CB2E-4D53-B0D3-A75A428B81C7}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{09EC805C-CB2E-4D53-B0D3-A75A428B81C7}]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{09EC805C-CB2E-4D53-B0D3-A75A428B81C7}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Registry is clean.

-\\ Mozilla Firefox v18.0.1 (en-US)

File : C:\Users\AlexG\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js

C:\Users\AlexG\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\user.js ... Deleted !

Deleted : user_pref("browser.search.defaultenginename", "AVG Secure Search");
Deleted : user_pref("browser.search.selectedEngine", "AVG Secure Search");
Deleted : user_pref("browser.newtab.url", "hxxp://mystart.incredibar.com/mb128?a=6OyG0TJ4H0&loc=FF_NT");

File : C:\Users\AlexG\AppData\Roaming\Mozilla\Firefox\Profiles\nop08l86.default\prefs.js

C:\Users\AlexG\AppData\Roaming\Mozilla\Firefox\Profiles\nop08l86.default\user.js ... Deleted !

Deleted : user_pref("avg.install.userHPSettings", "hxxp://search.babylon.com/?affID=109220&tt=0213_3&babsrc=HP[...]
Deleted : user_pref("avg.install.userSPSettings", "Search the web (Babylon)");
Deleted : user_pref("extensions.BabylonToolbar.admin", false);
Deleted : user_pref("extensions.BabylonToolbar.aflt", "babsst");
Deleted : user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}");
Deleted : user_pref("extensions.BabylonToolbar.autoRvrt", "false");
Deleted : user_pref("extensions.BabylonToolbar.bbDpng", "18");
Deleted : user_pref("extensions.BabylonToolbar.cntry", "TR");
Deleted : user_pref("extensions.BabylonToolbar.dfltLng", "en");
Deleted : user_pref("extensions.BabylonToolbar.dpkLst", "");
Deleted : user_pref("extensions.BabylonToolbar.excTlbr", false);
Deleted : user_pref("extensions.BabylonToolbar.hdrMd5", "81E99C810F39CEEAB435C176598D69AA");
Deleted : user_pref("extensions.BabylonToolbar.id", "840b395100000000000070f1a1e74215");
Deleted : user_pref("extensions.BabylonToolbar.instlDay", "15716");
Deleted : user_pref("extensions.BabylonToolbar.instlRef", "sst");
Deleted : user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.8.7.214:41:28");
Deleted : user_pref("extensions.BabylonToolbar.pnu_base", "{\"newVrsn\":\"60\",\"lastVrsn\":\"60\",\"vrsnLoad\[...]
Deleted : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
Deleted : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
Deleted : user_pref("extensions.BabylonToolbar.rvrt", "false");
Deleted : user_pref("extensions.BabylonToolbar.sg", "azb");
Deleted : user_pref("extensions.BabylonToolbar.smplGrp", "azb");
Deleted : user_pref("extensions.BabylonToolbar.tlbrId", "base");
Deleted : user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://search.babylon.com/?babsrc=TB_def&mntrId=[...]
Deleted : user_pref("extensions.BabylonToolbar.vrsn", "1.8.7.2");
Deleted : user_pref("extensions.BabylonToolbar.vrsni", "1.8.7.2");
Deleted : user_pref("extensions.BabylonToolbar_i.babExt", "");
Deleted : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=109220&tt=0213_3");
Deleted : user_pref("extensions.BabylonToolbar_i.excTlbr", false);
Deleted : user_pref("extensions.BabylonToolbar_i.newTab", false);
Deleted : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Deleted : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Deleted : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.8.7.214:41:28");
Deleted : user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_whiteList", "{\"search.babylon.com\[...]

-\\ Google Chrome v24.0.1312.57

File : C:\Users\AlexG\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

-\\ Chromium vw_on_all_tabs:true}

File : C:\Users\AlexG\AppData\Local\Chromium\User Data\Default\Preferences

[OK] File is clean.

-\\ Opera v [Unable to get version]

File : C:\Users\AlexG\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [11833 octets] - [06/02/2013 18:41:51]

########## EOF - C:\AdwCleaner[S1].txt - [11894 octets] ##########



#12 alexantosh

alexantosh
  • Topic Starter

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Local time:12:52 PM

Posted 06 February 2013 - 12:04 PM

FROM rkill:

Rkill 2.4.6 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 02/06/2013 07:01:33 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * No malware processes found to kill.

Checking Registry for malware related settings:

 * Explorer Policy Removed:  NoActiveDesktopChanges [HKLM]

Backup Registry file created at:
 C:\Users\AlexG\Desktop\rkill\rkill-02-06-2013-07-01-41.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * ALERT: ZEROACCESS rootkit symptoms found!

     * HKEY_CLASSES_ROOT\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InprocServer32 [ZA Reg Hijack]
     * C:\$Recycle.Bin\S-1-5-18\$11149c7f1b210f9184ab83b4820e9e4d\ [ZA Dir]
     * C:\$Recycle.Bin\S-1-5-18\$11149c7f1b210f9184ab83b4820e9e4d\@ [ZA File]
     * C:\$Recycle.Bin\S-1-5-18\$11149c7f1b210f9184ab83b4820e9e4d\L\ [ZA Dir]
     * C:\$Recycle.Bin\S-1-5-18\$11149c7f1b210f9184ab83b4820e9e4d\L\00000004.@ [ZA File]
     * C:\$Recycle.Bin\S-1-5-18\$11149c7f1b210f9184ab83b4820e9e4d\L\201d3dde [ZA File]
     * C:\$Recycle.Bin\S-1-5-18\$11149c7f1b210f9184ab83b4820e9e4d\L\76603ac3 [ZA File]
     * C:\$Recycle.Bin\S-1-5-18\$11149c7f1b210f9184ab83b4820e9e4d\U\ [ZA Dir]
     * C:\Windows\assembly\GAC_32\Desktop.ini [ZA File]
     * C:\Windows\assembly\GAC_64\Desktop.ini [ZA File]

Checking Windows Service Integrity: 

 * Windows Firewall Authorization Driver (mpsdrv) is not Running.
   Startup Type set to: Manual

 * BFE [Missing Service]
 * BITS [Missing Service]
 * WinDefend [Missing Service]
 * wscsvc [Missing Service]
 * wuauserv [Missing Service]

 * iphlpsvc [Missing ImagePath]
 * MpsSvc [Missing ImagePath]
 * SharedAccess [Missing ImagePath]

Searching for Missing Digital Signatures: 

 * No issues found.

Checking HOSTS File: 

 * No issues found.

Program finished at: 02/06/2013 07:01:55 PM
Execution time: 0 hours(s), 0 minute(s), and 21 seconds(s)




#13 alexantosh

alexantosh
  • Topic Starter

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Local time:12:52 PM

Posted 06 February 2013 - 12:15 PM

FROM AUTORUN:

"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms"	""	""	""
+ "rdpclip"	""	""	"File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\VmApplet"	""	""	""
+ "SystemPropertiesPerformance.exe"	""	""	"File not found: SystemPropertiesPerformance.exe"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell"	""	""	""
+ "explorer.exe"	""	""	"File not found: explorer.exe"
"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\AlternateShell"	""	""	""
+ "cmd.exe"	""	""	"File not found: cmd.exe"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run"	""	""	""
+ "Apoint"	"Alps Pointing-device Driver"	"Alps Electric Co., Ltd."	"c:\program files\delltpad\apoint.exe"
+ "Broadcom Wireless Manager UI"	"DW WLAN Card Wireless Network Tray Applet"	"Dell Inc."	"c:\program files\dell\dw wlan card\wltray.exe"
+ "QuickSet"	"QuickSet"	"Dell Inc."	"c:\program files\dell\quickset\quickset.exe"
+ "SysTrayApp"	"IDT PC Audio"	"IDT, Inc."	"c:\program files\idt\wdm\sttray64.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run"	""	""	""
+ "Adobe ARM"	"Adobe Reader and Acrobat Manager"	"Adobe Systems Incorporated"	"c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe"
+ "Dell Webcam Central"	"WebcamDell2.exe"	"Creative Technology Ltd"	"c:\program files (x86)\dell webcam\dell webcam central\webcamdell2.exe"
+ "Desktop Disc Tool"	"Roxio Burn Launcher"	""	"c:\program files (x86)\roxio\roxio burn\roxioburnlauncher.exe"
+ "DivXMediaServer"	"DivX DLNA Media Server"	""	"c:\program files (x86)\divx\divx media server\divxmediaserver.exe"
+ "DivXUpdate"	"DivX Update"	""	"c:\program files (x86)\divx\divx update\divxupdate.exe"
+ "IAStorIcon"	"IAStorIcon"	"Intel Corporation"	"c:\program files (x86)\intel\intel(r) rapid storage technology\iastoricon.exe"
+ "StartCCC"	"Catalyst® Control Center Launcher"	"Advanced Micro Devices, Inc."	"c:\program files (x86)\ati technologies\ati.ace\core-static\clistart.exe"
+ "UIExec"	""	""	"File not found: C:\Program Files (x86)\Avea Jet Mobil Modem\UIExec.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce"	""	""	""
+ "Launcher"	"VistaLauncher"	"Softthinks"	"c:\program files (x86)\dell datasafe local backup\components\scheduler\launcher.exe"
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup"	""	""	""
+ "Adobe Gamma Loader.lnk"	"Adobe Gamma Loader"	"Adobe Systems, Inc."	"c:\program files (x86)\common files\adobe\calibration\adobe gamma loader.exe"
+ "Launcher.lnk"	""	""	"c:\program files (x86)\aveaconnectionmanager\avea_launcher.exe"
+ "Ralink Wireless Utility.lnk"	"RaUI MFC Application"	"Ralink Technology, Corp."	"c:\program files (x86)\ralink\common\raui.exe"
"C:\Users\AlexG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup"	""	""	""
+ "MagicDisc.lnk"	"MagicISO Virtual CD/DVD Manager"	"MagicISO, Inc."	"c:\program files (x86)\magicdisc\magicdisc.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components"	""	""	""
+ "Microsoft Windows"	"Windows Mail"	"Microsoft Corporation"	"c:\program files\windows mail\winmail.exe"
+ "Windows Desktop Update"	""	""	"File not found: shell32.dll"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows\IconServiceLib"	""	""	""
+ "IconCodecService.dll"	""	""	"File not found: IconCodecService.dll"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components"	""	""	""
+ "Microsoft Windows"	"Windows Mail"	"Microsoft Corporation"	"c:\program files (x86)\windows mail\winmail.exe"
+ "Windows Desktop Update"	""	""	"File not found: shell32.dll"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run"	""	""	""
+ "Advanced SystemCare 6"	"ASCTray"	"IObit"	"c:\program files (x86)\iobit\advanced systemcare 6\asctray.exe"
+ "DAEMON Tools Lite"	"DAEMON Tools Lite"	"DT Soft Ltd"	"c:\program files (x86)\daemon tools lite\dtlite.exe"
+ "Google Update"	"Google Installer"	"Google Inc."	"c:\users\alexg\appdata\local\google\update\googleupdate.exe"
+ "IDMan"	"Internet Download Manager (IDM)"	"Tonec Inc."	"c:\program files (x86)\internet download manager\idman.exe"
+ "msnmsgr"	"Windows Live Messenger"	"Microsoft Corporation"	"c:\program files (x86)\windows live\messenger\msnmsgr.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter"	""	""	""
+ "application/octet-stream"	""	""	"File not found: mscoree.dll"
+ "application/x-complus"	""	""	"File not found: mscoree.dll"
+ "application/x-msdownload"	""	""	"File not found: mscoree.dll"
+ "text/xml"	"Microsoft Office XML MIME Filter"	"Microsoft Corporation"	"c:\program files\common files\microsoft shared\office12\msoxmlmf.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers"	""	""	""
+ "Advanced SystemCare"	"ASCExtMenu Module"	""	"c:\program files (x86)\iobit\advanced systemcare 6\ascextmenu_64.dll"
+ "MagicISO"	"MagicISO Shell Extension Module"	"MagicISO, Inc."	"c:\program files (x86)\magiciso\misosh64.dll"
+ "Notepad++64"	"ShellHandler for Notepad++ (64 bit)"	""	"c:\program files (x86)\notepad++\nppshell_04.dll"
+ "WinRAR"	""	""	"c:\program files (x86)\winrar\rarext64.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers"	""	""	""
+ "WinRAR32"	""	""	"c:\program files (x86)\winrar\rarext.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers"	""	""	""
+ "MBAMShlExt"	"Malwarebytes Anti-Malware"	"Malwarebytes Corporation"	"c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers"	""	""	""
+ "Advanced SystemCare"	"ASCExtMenu Module"	""	"c:\program files (x86)\iobit\advanced systemcare 6\ascextmenu_64.dll"
+ "MagicISO"	"MagicISO Shell Extension Module"	"MagicISO, Inc."	"c:\program files (x86)\magiciso\misosh64.dll"
+ "WinRAR"	""	""	"c:\program files (x86)\winrar\rarext64.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\ShellEx\ContextMenuHandlers"	""	""	""
+ "WinRAR32"	""	""	"c:\program files (x86)\winrar\rarext.dll"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers"	""	""	""
+ "WinRAR"	""	""	"c:\program files (x86)\winrar\rarext64.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Shellex\DragDropHandlers"	""	""	""
+ "WinRAR32"	""	""	"c:\program files (x86)\winrar\rarext.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers"	""	""	""
+ "ACE"	"AMD Desktop Control Panel"	"Advanced Micro Devices, Inc."	"c:\program files (x86)\ati technologies\ati.ace\core-static\atiacm64.dll"
+ "Gadgets"	"Sidebar droptarget"	"Microsoft Corporation"	"c:\program files\windows sidebar\sbdrop.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers"	""	""	""
+ "Gadgets"	"Sidebar droptarget"	"Microsoft Corporation"	"c:\program files (x86)\windows sidebar\sbdrop.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers"	""	""	""
+ "PDF Shell Extension"	"PDF Shell Extension"	"Adobe Systems, Inc."	"c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers"	""	""	""
+ "MagicISO"	"MagicISO Shell Extension Module"	"MagicISO, Inc."	"c:\program files (x86)\magiciso\misosh64.dll"
+ "MBAMShlExt"	"Malwarebytes Anti-Malware"	"Malwarebytes Corporation"	"c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "WinRAR"	""	""	"c:\program files (x86)\winrar\rarext64.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers"	""	""	""
+ "WinRAR32"	""	""	"c:\program files (x86)\winrar\rarext.dll"
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers"	""	""	""
+ "WinRAR"	""	""	"c:\program files (x86)\winrar\rarext64.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\DragDropHandlers"	""	""	""
+ "WinRAR32"	""	""	"c:\program files (x86)\winrar\rarext.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers"	""	""	""
+ "IDM Shell Extension"	"Internet Download Manager module"	"Tonec Inc."	"c:\program files (x86)\internet download manager\idmshellext64.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects"	""	""	""
+ "IDM integration (IDMIEHlprObj Class)"	"IDM Browser Helper Object"	"Internet Download Manager, Tonec Inc."	"c:\program files (x86)\internet download manager\idmiecc64.dll"
+ "Java(tm) Plug-In 2 SSV Helper"	"Java(TM) Platform SE binary"	"Oracle Corporation"	"c:\program files\oracle\javafx 2.1 runtime\bin\jp2ssv.dll"
+ "Java(tm) Plug-In SSV Helper"	"Java(TM) Platform SE binary"	"Oracle Corporation"	"c:\program files\oracle\javafx 2.1 runtime\bin\ssv.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects"	""	""	""
+ "Adobe PDF Link Helper"	"Adobe PDF Helper for Internet Explorer"	"Adobe Systems Incorporated"	"c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "DivX Plus Web Player HTML5 <video>"	"DivX Plus Web Player HTML5 <video> version 2.1.2.145"	"DivX, LLC"	"c:\program files (x86)\divx\divx plus web player\ie\divxhtml5\divxhtml5.dll"
+ "IDM integration (IDMIEHlprObj Class)"	"IDM Browser Helper Object"	"Internet Download Manager, Tonec Inc."	"c:\program files (x86)\internet download manager\idmiecc.dll"
+ "Java(tm) Plug-In 2 SSV Helper"	"Java(TM) Platform SE binary"	"Oracle Corporation"	"c:\program files (x86)\oracle\javafx 2.1 runtime\bin\jp2ssv.dll"
+ "Java(tm) Plug-In SSV Helper"	"Java(TM) Platform SE binary"	"Oracle Corporation"	"c:\program files (x86)\oracle\javafx 2.1 runtime\bin\ssv.dll"
+ "smartdownloader Class"	"TODO: <File description>"	"TODO: <Company name>"	"c:\program files (x86)\socksharedownloader\smarterdownloader.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions"	""	""	""
+ "Windows Live Writer içinde &Bunu Web Günlüğüne Al"	"Windows Live Writer Blog This Extension"	"Microsoft Corporation"	"c:\program files (x86)\windows live\writer\writerbrowserextension.dll"
"Task Scheduler"	""	""	""
+ "\ASC6_PerformanceMonitor"	"Advanced SystemCare 6 Monitor"	"IObit"	"c:\program files (x86)\iobit\advanced systemcare 6\monitor.exe"
+ "\Express Files Updater"	""	""	"File not found: C:\Program Files (x86)\ExpressFiles\EFupdater.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-3073925063-438549395-2992573486-1000Core"	"Google Installer"	"Google Inc."	"c:\users\alexg\appdata\local\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-3073925063-438549395-2992573486-1000UA"	"Google Installer"	"Google Inc."	"c:\users\alexg\appdata\local\google\update\googleupdate.exe"
+ "\Microsoft\Windows\Autochk\Proxy"	""	""	"File not found: acproxy.dll"
X "\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector"	""	""	"File not found: dfdts.dll"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo"	""	""	"c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\SystemRestore\SR"	""	""	"File not found: srrstr.dll"
+ "\Microsoft\Windows\Tcpip\IpAddressConflict1"	""	""	"File not found: ndfapi.dll"
+ "\Microsoft\Windows\Tcpip\IpAddressConflict2"	""	""	"File not found: ndfapi.dll"
+ "\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange"	""	""	"File not found: bfe.dll"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary"	"Windows Media Player Network Sharing Service Configuration Application"	"Microsoft Corporation"	"c:\program files\windows media player\wmpnscfg.exe"
+ "\Microsoft\Windows\WindowsBackup\AutomaticBackup"	""	""	"File not found: sdengin2.dll"
+ "\RunAsStdUser"	""	""	"File not found: C:\Program Files (x86)\Desk 365\desk365.exe"
+ "\SpeedyPC Registration3"	"Speed up your PC"	"SpeedyPC Software"	"c:\program files (x86)\common files\speedypc software\uus3\uus3.dll"
+ "\SpeedyPC Update Version3"	"Speed up your PC"	"SpeedyPC Software"	"c:\program files (x86)\common files\speedypc software\uus3\speedypc_update3.exe"
+ "\WPD\SqmUpload_S-1-5-21-3073925063-438549395-2992573486-1000"	""	""	"File not found: portabledeviceapi.dll"
+ "\{73093A10-64E1-4E3B-9DF9-E22B21F263A9}"	""	""	"File not found: msiexec.exe"
+ "\{B1054BC2-F42F-4BEE-8750-7FE04F88D0E0}"	""	""	"File not found: msiexec.exe"
"HKLM\System\CurrentControlSet\Services"	""	""	""
+ "Adobe LM Service"	"Adobe LM Service"	""	"c:\program files (x86)\common files\adobe systems shared\service\adobelmsvc.exe"
+ "AdobeARMservice"	"Adobe Acrobat Updater keeps your Adobe software up to date."	"Adobe Systems Incorporated"	"c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe"
+ "AdobeFlashPlayerUpdateSvc"	"This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes."	"Adobe Systems Incorporated"	"c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "AdvancedSystemCareService6"	"Advanced SystemCare Service"	"IObit"	"c:\program files (x86)\iobit\advanced systemcare 6\ascservice.exe"
+ "AESTFilters"	"Andrea filters APO access service (64-bit)"	"Andrea Electronics Corporation"	"c:\windows\system32\driverstore\filerepository\stwrt64.inf_amd64_neutral_4df47d9dbfb58b44\aestsr64.exe"
+ "AMD External Events Utility"	"AMD External Events Service Module"	"AMD"	"c:\windows\system32\atiesrxx.exe"
+ "gusvc"	"gusvc"	"Google"	"c:\program files (x86)\google\common\google updater\googleupdaterservice.exe"
+ "IAStorDataMgrSvc"	"Depolama olaylarıyla ilgili bildirim sağlar ve depolama sürücüsü ile kullanıcı alanı uygulamaları arasında iletişim kurar."	"Intel Corporation"	"c:\program files (x86)\intel\intel(r) rapid storage technology\iastordatamgrsvc.exe"
+ "LMS"	"Allows applications to access the local Intel(R) Management and Security Application using its locally-available selected network interfaces."	"Intel Corporation"	"c:\program files (x86)\intel\intel(r) management engine components\lms\lms.exe"
+ "MBAMScheduler"	"Malwarebytes Anti-Malware scheduler"	"Malwarebytes Corporation"	"c:\program files (x86)\malwarebytes' anti-malware\mbamscheduler.exe"
+ "MBAMService"	"Malwarebytes Anti-Malware service"	"Malwarebytes Corporation"	"c:\program files (x86)\malwarebytes' anti-malware\mbamservice.exe"
+ "MozillaMaintenance"	"The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled."	"Mozilla Foundation"	"c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe"
+ "MSSQL$SQLEXPRESS"	"Provides storage, processing and controlled access of data, and rapid transaction processing."	"Microsoft Corporation"	"c:\program files\microsoft sql server\mssql10.sqlexpress\mssql\binn\sqlservr.exe"
+ "odserv"	"Run portions of Microsoft Office Diagnostics."	"Microsoft Corporation"	"c:\program files (x86)\common files\microsoft shared\office12\odserv.exe"
+ "ose"	"Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports."	"Microsoft Corporation"	"c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"
+ "RalinkRegistryWriter"	"RalinkRegistryWriter"	"Ralink Technology, Corp."	"c:\program files (x86)\ralink\common\raregistry.exe"
+ "RalinkRegistryWriter64"	"RalinkRegistryWriter"	"Ralink Technology, Corp."	"c:\program files (x86)\ralink\common\raregistry64.exe"
+ "SftService"	"SoftThinks Agent Service"	"SoftThinks"	"c:\program files (x86)\dell datasafe local backup\sftservice.exe"
+ "SQLWriter"	"Provides the interface to backup/restore Microsoft SQL server through the Windows VSS infrastructure."	"Microsoft Corporation"	"c:\program files\microsoft sql server\90\shared\sqlwriter.exe"
+ "STacSV"	"Manages audio jack configurations."	"IDT, Inc."	"c:\windows\system32\driverstore\filerepository\stwrt64.inf_amd64_neutral_4df47d9dbfb58b44\stacsv64.exe"
+ "svcgdp"	"System update service"	"Beijing Xing Technology Co., Ltd."	"c:\program files (x86)\software plate\svcgdp.exe"
+ "UNS"	"Intel(R) Management and Security Application User Notification Service - Updates the Windows Event Log with notifications of pre defined events received from the local Intel(R) Management and Security Application Device."	"Intel Corporation"	"c:\program files (x86)\intel\intel(r) management engine components\uns\uns.exe"
+ "wampmysqld"	""	""	"File not found: c:\wamp\bin\mysql\mysql5.5.24\bin\mysqld.exe wampmysqld"
+ "WinHttpAutoProxySvc"	"WinHTTP implements the client HTTP stack and provides developers with a Win32 API and COM Automation component for sending HTTP requests and receiving responses. In addition, WinHTTP provides support for auto-discovering a proxy configuration via its implementation of the Web Proxy Auto-Discovery (WPAD) protocol."	""	"File not found: winhttp.dll"
+ "wltrysvc"	"Provides automatic configuration for the 802.11 adapter using the Broadcom supplicant."	"Dell Inc."	"c:\program files\dell\dw wlan card\wltrysvc.exe"
+ "WMPNetworkSvc"	"Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play"	"Microsoft Corporation"	"c:\program files\windows media player\wmpnetwk.exe"
+ "WTGService"	""	""	"c:\program files (x86)\aveaconnectionmanager\wtgservice.exe"
"HKLM\System\CurrentControlSet\Services"	""	""	""
+ "ACPI"	""	""	"File not found: system32\drivers\ACPI.sys"
+ "adp94xx"	"Adaptec Windows SAS/SATA Storport Driver"	"Adaptec, Inc."	"c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci"	"Adaptec Windows SATA Storport Driver"	"Adaptec, Inc."	"c:\windows\system32\drivers\adpahci.sys"
+ "adpu320"	"Adaptec StorPort Ultra320 SCSI Driver (X64)"	"Adaptec, Inc."	"c:\windows\system32\drivers\adpu320.sys"
+ "aliide"	"ALi mini IDE Driver"	"Acer Laboratories Inc."	"c:\windows\system32\drivers\aliide.sys"
+ "amdkmdag"	""	""	"File not found: system32\DRIVERS\atikmdag.sys"
+ "amdkmdap"	""	""	"File not found: system32\DRIVERS\atikmpag.sys"
+ "amdsata"	"AHCI 1.2 Device Driver"	"Advanced Micro Devices"	"c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs"	"AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform"	"AMD Technologies Inc."	"c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata"	""	""	"File not found: system32\drivers\amdxata.sys"
+ "androidusb"	""	""	"File not found: System32\Drivers\ssadadb.sys"
+ "ApfiltrService"	""	""	"File not found: system32\DRIVERS\Apfiltr.sys"
+ "arc"	"Adaptec RAID Storport Driver"	"Adaptec, Inc."	"c:\windows\system32\drivers\arc.sys"
+ "arcsas"	"Adaptec SAS RAID WS03 Driver"	"Adaptec, Inc."	"c:\windows\system32\drivers\arcsas.sys"
+ "AsyncMac"	"RAS Asynchronous Media Driver"	""	"File not found: system32\DRIVERS\asyncmac.sys"
+ "atapi"	""	""	"File not found: system32\drivers\atapi.sys"
+ "atikmdag"	""	""	"File not found: system32\DRIVERS\atikmdag.sys"
+ "AX88772"	""	""	"File not found: system32\DRIVERS\ax88772.sys"
+ "b06bdrv"	"Broadcom NetXtreme II GigE VBD"	"Broadcom Corporation"	"c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a"	""	""	"File not found: system32\DRIVERS\b57nd60a.sys"
+ "BCM42RLY"	""	""	"File not found: system32\drivers\BCM42RLY.sys"
+ "BCM43XX"	""	""	"File not found: system32\DRIVERS\bcmwl664.sys"
+ "BcmVWL"	""	""	"File not found: system32\DRIVERS\bcmvwl64.sys"
+ "blbdrive"	""	""	"File not found: system32\DRIVERS\blbdrive.sys"
+ "bowser"	"Implements the kernel datagram receiver for the computer browser browser service."	""	"File not found: system32\DRIVERS\bowser.sys"
+ "BrFiltLo"	"Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver"	"Brother Industries, Ltd."	"c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp"	"Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver"	"Brother Industries, Ltd."	"c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid"	"Brotehr Serial I/F Driver (WDM)"	"Brother Industries Ltd."	"c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm"	"Brother Serial driver (WDM version)"	"Brother Industries Ltd."	"c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm"	"Brother USB MDM Driver "	"Brother Industries Ltd."	"c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer"	"Brother USB Serial Driver"	"Brother Industries Ltd."	"c:\windows\system32\drivers\brusbser.sys"
+ "BTHMODEM"	""	""	"File not found: system32\DRIVERS\bthmodem.sys"
+ "BthPan"	"Bluetooth Device (Personal Area Network)"	""	"File not found: system32\DRIVERS\bthpan.sys"
+ "cdrom"	""	""	"File not found: system32\DRIVERS\cdrom.sys"
+ "CLFS"	"General-purpose logging service"	""	"File not found: System32\CLFS.sys"
+ "CmBatt"	""	""	"File not found: system32\DRIVERS\CmBatt.sys"
+ "cmdide"	"CMD PCI IDE Bus Driver"	"CMD Technology, Inc."	"c:\windows\system32\drivers\cmdide.sys"
+ "CNG"	""	""	"File not found: System32\Drivers\cng.sys"
+ "Compbatt"	""	""	"File not found: system32\DRIVERS\compbatt.sys"
+ "CtClsFlt"	""	""	"File not found: system32\DRIVERS\CtClsFlt.sys"
+ "DfsC"	"Client driver for access to DFS Namespaces"	""	"File not found: System32\Drivers\dfsc.sys"
+ "dfu"	""	""	"File not found: system32\drivers\MassDfu64.sys"
+ "discache"	"Attribute Cache Indexer"	""	"File not found: System32\drivers\discache.sys"
+ "Disk"	""	""	"File not found: system32\DRIVERS\disk.sys"
+ "DisplayLinkUsbPort"	""	""	"File not found: system32\DRIVERS\DisplayLinkUsbPort_6.2.37054.0.sys"
+ "drmkaud"	""	""	"File not found: system32\drivers\drmkaud.sys"
+ "dtsoftbus01"	""	""	"File not found: system32\DRIVERS\dtsoftbus01.sys"
+ "ebdrv"	"Broadcom NetXtreme II 10 GigE VBD"	"Broadcom Corporation"	"c:\windows\system32\drivers\evbda.sys"
+ "elxstor"	"Storport Miniport Driver for LightPulse HBAs"	"Emulex"	"c:\windows\system32\drivers\elxstor.sys"
+ "FileInfo"	"Collects information about files in memory to be consumed by other system services."	""	"File not found: system32\drivers\fileinfo.sys"
+ "Filetrace"	"ETW File Trace Filter"	""	"File not found: system32\drivers\filetrace.sys"
+ "FltMgr"	"File System Filter Manager Driver"	""	"File not found: system32\drivers\fltmgr.sys"
+ "FsDepends"	"This minifilter tracks the dependencies associated with the various nested volumes/filesystems"	""	"File not found: System32\drivers\FsDepends.sys"
+ "fvevol"	"Bitlocker Drive Encryption Filter Driver"	""	"File not found: System32\DRIVERS\fvevol.sys"
+ "hcw85cir"	"Hauppauge WinTV 885 Consumer IR Driver for eHome"	"Hauppauge Computer Works, Inc."	"c:\windows\system32\drivers\hcw85cir.sys"
+ "HECIx64"	""	""	"File not found: system32\DRIVERS\HECIx64.sys"
+ "HidUsb"	""	""	"File not found: system32\DRIVERS\hidusb.sys"
+ "HpSAMD"	"Smart Array SAS/SATA Controller Media Driver"	"Hewlett-Packard Company"	"c:\windows\system32\drivers\hpsamd.sys"
+ "HTTP"	"@%SystemRoot%\system32\drivers\http.sys,-2"	""	"File not found: system32\drivers\HTTP.sys"
+ "hwdatacard"	""	""	"File not found: system32\DRIVERS\ewusbmdm.sys"
+ "hwpolicy"	"Contains Processor and other policies"	""	"File not found: System32\drivers\hwpolicy.sys"
+ "iaStor"	""	""	"File not found: system32\DRIVERS\iaStor.sys"
+ "iaStorV"	"Intel Matrix Storage Manager driver - x64"	"Intel Corporation"	"c:\windows\system32\drivers\iastorv.sys"
+ "IDMWFP"	"Internet Download Manager WFP Driver"	""	"File not found: system32\DRIVERS\idmwfp.sys"
+ "igfx"	""	""	"File not found: system32\DRIVERS\igdkmd64.sys"
+ "iirsp"	"Intel/ICP Raid Storport Driver"	"Intel Corp./ICP vortex GmbH"	"c:\windows\system32\drivers\iirsp.sys"
+ "intelppm"	""	""	"File not found: system32\DRIVERS\intelppm.sys"
+ "IpFilterDriver"	"IP Traffic Filter Driver"	""	"File not found: system32\DRIVERS\ipfltdrv.sys"
+ "IPNAT"	""	""	"File not found: System32\drivers\ipnat.sys"
+ "IRENUM"	"IR Bus Enumerator"	""	"File not found: system32\drivers\irenum.sys"
+ "kbdclass"	""	""	"File not found: system32\DRIVERS\kbdclass.sys"
+ "kbdhid"	""	""	"File not found: system32\DRIVERS\kbdhid.sys"
+ "KSecDD"	""	""	"File not found: System32\Drivers\ksecdd.sys"
+ "KSecPkg"	""	""	"File not found: System32\Drivers\ksecpkg.sys"
+ "L1C"	""	""	"File not found: system32\DRIVERS\L1C62x64.sys"
+ "lltdio"	""	""	"File not found: system32\DRIVERS\lltdio.sys"
+ "LSI_FC"	"LSI Fusion-MPT FC Driver (StorPort)"	"LSI Corporation"	"c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS"	"LSI Fusion-MPT SAS Driver (StorPort)"	"LSI Corporation"	"c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2"	"LSI SAS Gen2 Driver (StorPort)"	"LSI Corporation"	"c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI"	"LSI Fusion-MPT SCSI Driver (StorPort)"	"LSI Corporation"	"c:\windows\system32\drivers\lsi_scsi.sys"
+ "massfilter"	""	""	"File not found: system32\drivers\massfilter.sys"
+ "MBAMProtector"	"Malwarebytes Anti-Malware"	"Malwarebytes Corporation"	"c:\windows\system32\drivers\mbam.sys"
+ "mcdbus"	""	""	"File not found: system32\DRIVERS\mcdbus.sys"
+ "megasas"	"MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64"	"LSI Corporation"	"c:\windows\system32\drivers\megasas.sys"
+ "MegaSR"	"LSI MegaRAID Software RAID Driver"	"LSI Corporation, Inc."	"c:\windows\system32\drivers\megasr.sys"
+ "Modem"	""	""	"File not found: system32\drivers\modem.sys"
+ "monitor"	""	""	"File not found: system32\DRIVERS\monitor.sys"
+ "mouclass"	""	""	"File not found: system32\DRIVERS\mouclass.sys"
+ "mouhid"	""	""	"File not found: system32\DRIVERS\mouhid.sys"
+ "mountmgr"	"Driver responsible with maintaining persistent drive letters and names for volumes"	""	"File not found: System32\drivers\mountmgr.sys"
+ "mpsdrv"	"@%SystemRoot%\system32\FirewallAPI.dll,-23093"	""	"File not found: System32\drivers\mpsdrv.sys"
+ "mrxsmb"	"Implements the framework for the SMB filesystem redirector"	""	"File not found: system32\DRIVERS\mrxsmb.sys"
+ "mrxsmb10"	"Implements the SMB 1.x (CIFS) protocol. This protocol provides connectivity to network resources on pre-Windows Vista servers"	""	"File not found: system32\DRIVERS\mrxsmb10.sys"
+ "mrxsmb20"	"Implements the SMB 2.0 protocol, which provides connectivity to network resources on Windows Vista and later servers"	""	"File not found: system32\DRIVERS\mrxsmb20.sys"
+ "msahci"	""	""	"File not found: system32\drivers\msahci.sys"
+ "msisadrv"	""	""	"File not found: system32\drivers\msisadrv.sys"
+ "MSKSSRV"	""	""	"File not found: system32\drivers\MSKSSRV.sys"
+ "MSPCLOCK"	""	""	"File not found: system32\drivers\MSPCLOCK.sys"
+ "MSPQM"	""	""	"File not found: system32\drivers\MSPQM.sys"
+ "MSTEE"	""	""	"File not found: system32\drivers\MSTEE.sys"
+ "Mup"	"Multiple UNC Provider Driver"	""	"File not found: System32\Drivers\mup.sys"
+ "NativeWifiP"	""	""	"File not found: system32\DRIVERS\nwifi.sys"
+ "NDIS"	"NDIS System Driver"	""	"File not found: system32\drivers\ndis.sys"
+ "NdisCap"	"NDIS Capture LightWeight Filter"	""	"File not found: system32\DRIVERS\ndiscap.sys"
+ "NdisTapi"	"Remote Access NDIS TAPI Driver"	""	"File not found: system32\DRIVERS\ndistapi.sys"
+ "Ndisuio"	""	""	"File not found: system32\DRIVERS\ndisuio.sys"
+ "NdisWan"	"Remote Access NDIS WAN Driver"	""	"File not found: system32\DRIVERS\ndiswan.sys"
+ "NetBIOS"	"NetBIOS Interface"	""	"File not found: system32\DRIVERS\netbios.sys"
+ "NetBT"	"This service implements NetBios over TCP/IP."	""	"File not found: System32\DRIVERS\netbt.sys"
+ "netr28ux"	""	""	"File not found: system32\DRIVERS\netr28ux.sys"
+ "nfrd960"	"IBM ServeRAID Controller Driver"	"IBM Corporation"	"c:\windows\system32\drivers\nfrd960.sys"
+ "nsiproxy"	"NSI proxy service."	""	"File not found: system32\drivers\nsiproxy.sys"
+ "nvraid"	"NVIDIA® nForce(TM) RAID Driver"	"NVIDIA Corporation"	"c:\windows\system32\drivers\nvraid.sys"
+ "nvstor"	"NVIDIA® nForce(TM) Sata Performance Driver"	"NVIDIA Corporation"	"c:\windows\system32\drivers\nvstor.sys"
+ "partmgr"	"Disk class filter driver that auctions out partitions to volume managers"	""	"File not found: System32\drivers\partmgr.sys"
+ "pci"	""	""	"File not found: system32\drivers\pci.sys"
+ "pcw"	""	""	"File not found: System32\drivers\pcw.sys"
+ "PEAUTH"	""	""	"File not found: system32\drivers\peauth.sys"
+ "PptpMiniport"	"WAN Miniport (PPTP)"	""	"File not found: system32\DRIVERS\raspptp.sys"
+ "Psched"	"QoS Packet Scheduler"	""	"File not found: system32\DRIVERS\pacer.sys"
+ "PxHlpa64"	""	""	"File not found: System32\Drivers\PxHlpa64.sys"
+ "ql2300"	"QLogic Fibre Channel Stor Miniport Driver"	"QLogic Corporation"	"c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx"	"QLogic iSCSI Storport Miniport Driver"	"QLogic Corporation"	"c:\windows\system32\drivers\ql40xx.sys"
+ "RasAcd"	"Remote Access Auto Connection Driver"	""	"File not found: System32\DRIVERS\rasacd.sys"
+ "RasAgileVpn"	"WAN Miniport (IKEv2)"	""	"File not found: system32\DRIVERS\AgileVpn.sys"
+ "Rasl2tp"	"WAN Miniport (L2TP)"	""	"File not found: system32\DRIVERS\rasl2tp.sys"
+ "RasPppoe"	"Remote Access PPPOE Driver"	""	"File not found: system32\DRIVERS\raspppoe.sys"
+ "RasSstp"	"WAN Miniport (SSTP)"	""	"File not found: system32\DRIVERS\rassstp.sys"
+ "rdbss"	"Provides the framework for network mini-redirectors"	""	"File not found: system32\DRIVERS\rdbss.sys"
+ "RDPCDD"	"RDPDD Chained DD"	""	"File not found: System32\DRIVERS\RDPCDD.sys"
+ "RDPENCDD"	"RDP Encoder Mirror Driver"	""	"File not found: system32\drivers\rdpencdd.sys"
+ "RDPREFMP"	"RDP Reflector Driver Miniport"	""	"File not found: system32\drivers\rdprefmp.sys"
+ "rdyboost"	"ReadyBoost"	""	"File not found: System32\drivers\rdyboost.sys"
+ "RFCOMM"	"Bluetooth Device (RFCOMM Protocol TDI)"	""	"File not found: system32\DRIVERS\rfcomm.sys"
+ "RimUsb"	""	""	"File not found: System32\Drivers\RimUsb_AMD64.sys"
+ "rspndr"	""	""	"File not found: system32\DRIVERS\rspndr.sys"
+ "RSUSBSTOR"	""	""	"File not found: System32\Drivers\RtsUStor.sys"
+ "scfilter"	"Smart card reader filter driver enabling smart card PnP."	""	"File not found: System32\DRIVERS\scfilter.sys"
+ "secdrv"	"Macrovision SECURITY Driver"	"Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K."	"c:\windows\system32\drivers\secdrv.sys"
+ "SiSRaid2"	"SiS RAID Stor Miniport Driver"	"Silicon Integrated Systems Corp."	"c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4"	"SiS AHCI Stor-Miniport Driver"	"Silicon Integrated Systems"	"c:\windows\system32\drivers\sisraid4.sys"
+ "Smb"	"Microsoft NetbiosSmb Device Driver"	""	"File not found: system32\DRIVERS\smb.sys"
+ "srv"	"Enables connectivity from Windows XP and earlier clients"	""	"File not found: System32\DRIVERS\srv.sys"
+ "srv2"	"Enables connectivity from Windows Vista and later clients"	""	"File not found: System32\DRIVERS\srv2.sys"
+ "srvnet"	""	""	"File not found: System32\DRIVERS\srvnet.sys"
+ "ssadbus"	""	""	"File not found: system32\DRIVERS\ssadbus.sys"
+ "ssadmdfl"	"SAMSUNG Android USB Modem (Filter)"	""	"File not found: system32\DRIVERS\ssadmdfl.sys"
+ "ssadmdm"	"SAMSUNG Android USB Modem Drivers"	""	"File not found: system32\DRIVERS\ssadmdm.sys"
+ "ssadserd"	"SAMSUNG Android USB Diagnostic Serial Port (WDM)"	""	"File not found: system32\DRIVERS\ssadserd.sys"
+ "stexstor"	"Promise  SuperTrak EX Series Driver for Windows "	"Promise Technology"	"c:\windows\system32\drivers\stexstor.sys"
+ "STHDA"	""	""	"File not found: system32\DRIVERS\stwrt64.sys"
+ "taphss"	""	""	"File not found: system32\DRIVERS\taphss.sys"
+ "Tcpip"	"TCP/IP Protocol Driver"	""	"File not found: System32\drivers\tcpip.sys"
+ "TCPIP6"	"Microsoft IPv6 Protocol Driver"	""	"File not found: system32\DRIVERS\tcpip.sys"
+ "tcpipreg"	"Provides compatibility for legacy applications which interact with TCP/IP through the registry. If this service is stopped, certain applications may have impaired functionality."	""	"File not found: System32\drivers\tcpipreg.sys"
+ "TDPIPE"	""	""	"File not found: system32\drivers\tdpipe.sys"
+ "TDTCP"	""	""	"File not found: system32\drivers\tdtcp.sys"
+ "tdx"	"NetIO Legacy TDI Support Driver"	""	"File not found: system32\DRIVERS\tdx.sys"
+ "tssecsrv"	"Remote Desktop Services Security Filter Driver"	""	"File not found: System32\DRIVERS\tssecsrv.sys"
+ "TsUsbFlt"	"Remote Desktop USB Hub Class Filter Driver"	""	"File not found: system32\drivers\tsusbflt.sys"
+ "tunnel"	""	""	"File not found: system32\DRIVERS\tunnel.sys"
+ "usbaudio"	""	""	"File not found: system32\drivers\usbaudio.sys"
+ "usbccgp"	""	""	"File not found: system32\DRIVERS\usbccgp.sys"
+ "usbhub"	""	""	"File not found: system32\DRIVERS\usbhub.sys"
+ "USBSTOR"	""	""	"File not found: system32\DRIVERS\USBSTOR.SYS"
+ "VBoxDrv"	""	""	"File not found: system32\DRIVERS\VBoxDrv.sys"
+ "VBoxNetAdp"	""	""	"File not found: system32\DRIVERS\VBoxNetAdp.sys"
+ "VBoxNetFlt"	""	""	"File not found: system32\DRIVERS\VBoxNetFlt.sys"
+ "VBoxUSB"	""	""	"File not found: System32\Drivers\VBoxUSB.sys"
+ "VBoxUSBMon"	""	""	"File not found: system32\DRIVERS\VBoxUSBMon.sys"
+ "vdrvroot"	""	""	"File not found: system32\drivers\vdrvroot.sys"
+ "vga"	""	""	"File not found: system32\DRIVERS\vgapnp.sys"
+ "viaide"	"VIA Generic PCI IDE Bus Driver"	"VIA Technologies, Inc."	"c:\windows\system32\drivers\viaide.sys"
+ "vmci"	""	""	"File not found: system32\DRIVERS\vmci.sys"
+ "VMnetAdapter"	"Driver for VMware's Virtual Ethernet Adapters Ver. 2"	""	"File not found: system32\DRIVERS\vmnetadapter.sys"
+ "volmgr"	""	""	"File not found: system32\drivers\volmgr.sys"
+ "volmgrx"	"Extension of the volume manager driver that manages software RAID volumes (spanned, striped, mirrored, RAID-5) on dynamic disks"	""	"File not found: System32\drivers\volmgrx.sys"
+ "volsnap"	""	""	"File not found: system32\drivers\volsnap.sys"
+ "vsmraid"	"VIA RAID DRIVER FOR AMD-X86-64"	"VIA Technologies Inc.,Ltd"	"c:\windows\system32\drivers\vsmraid.sys"
+ "vwifibus"	"Virtual WiFi Bus Driver"	""	"File not found: system32\DRIVERS\vwifibus.sys"
+ "vwififlt"	"Virtual WiFi Filter Driver"	""	"File not found: system32\DRIVERS\vwififlt.sys"
+ "vwifimp"	""	""	"File not found: system32\DRIVERS\vwifimp.sys"
+ "WANARP"	"Remote Access IP ARP Driver"	""	"File not found: system32\DRIVERS\wanarp.sys"
+ "Wanarpv6"	"Remote Access IPv6 ARP Driver"	""	"File not found: system32\DRIVERS\wanarp.sys"
+ "Wdf01000"	""	""	"File not found: system32\drivers\Wdf01000.sys"
+ "WfpLwf"	"WFP Lightweight Filter"	""	"File not found: system32\DRIVERS\wfplwf.sys"
+ "WimFltr"	"Windows Image Mini-Filter Driver"	""	"File not found: system32\DRIVERS\wimfltr.sys"
+ "WIMMount"	"WIM Image mount service driver"	""	"File not found: system32\drivers\wimmount.sys"
+ "WinUsb"	""	""	"File not found: system32\DRIVERS\WinUsb.sys"
+ "WudfPf"	""	""	"File not found: system32\drivers\WudfPf.sys"
+ "WUDFRd"	""	""	"File not found: system32\DRIVERS\WUDFRd.sys"
+ "xnacc"	""	""	"File not found: system32\DRIVERS\xnacc.sys"
+ "yukonw7"	""	""	"File not found: system32\DRIVERS\yk62x64.sys"
+ "ZTEusbmdm6k"	""	""	"File not found: system32\DRIVERS\ZTEusbmdm6k.sys"
+ "ZTEusbnmea"	""	""	"File not found: system32\DRIVERS\ZTEusbnmea.sys"
+ "ZTEusbser6k"	""	""	"File not found: system32\DRIVERS\ZTEusbser6k.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32"	""	""	""
+ "aux"	""	""	"File not found: wdmaud.drv"
+ "aux1"	""	""	"File not found: wdmaud.drv"
+ "midi"	""	""	"File not found: wdmaud.drv"
+ "midi1"	""	""	"File not found: wdmaud.drv"
+ "midi2"	""	""	"File not found: wdmaud.drv"
+ "midimapper"	""	""	"File not found: midimap.dll"
+ "mixer"	""	""	"File not found: wdmaud.drv"
+ "mixer1"	""	""	"File not found: wdmaud.drv"
+ "mixer2"	""	""	"File not found: wdmaud.drv"
+ "msacm.imaadpcm"	""	""	"File not found: imaadp32.acm"
+ "msacm.l3acm"	"MPEG Layer-3 Audio Codec for MSACM"	"Fraunhofer Institut Integrierte Schaltungen IIS"	"c:\windows\system32\l3codeca.acm"
+ "msacm.msadpcm"	""	""	"File not found: msadp32.acm"
+ "msacm.msg711"	""	""	"File not found: msg711.acm"
+ "msacm.msgsm610"	""	""	"File not found: msgsm32.acm"
+ "MSVideo8"	""	""	"File not found: VfWWDM32.dll"
+ "vidc.i420"	""	""	"File not found: iyuv_32.dll"
+ "VIDC.IYUV"	""	""	"File not found: iyuv_32.dll"
+ "vidc.mrle"	""	""	"File not found: msrle32.dll"
+ "vidc.msvc"	""	""	"File not found: msvidc32.dll"
+ "VIDC.UYVY"	""	""	"File not found: msyuv.dll"
+ "VIDC.YUY2"	""	""	"File not found: msyuv.dll"
+ "VIDC.YVU9"	""	""	"File not found: tsbyuv.dll"
+ "VIDC.YVYU"	""	""	"File not found: msyuv.dll"
+ "wave"	""	""	"File not found: wdmaud.drv"
+ "wave1"	""	""	"File not found: wdmaud.drv"
+ "wave2"	""	""	"File not found: wdmaud.drv"
+ "wavemapper"	""	""	"File not found: msacm32.drv"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32"	""	""	""
+ "aux"	""	""	"File not found: wdmaud.drv"
+ "aux1"	""	""	"File not found: wdmaud.drv"
+ "midi"	""	""	"File not found: wdmaud.drv"
+ "midi1"	""	""	"File not found: wdmaud.drv"
+ "midi2"	""	""	"File not found: wdmaud.drv"
+ "midimapper"	""	""	"File not found: midimap.dll"
+ "mixer"	""	""	"File not found: wdmaud.drv"
+ "mixer1"	""	""	"File not found: wdmaud.drv"
+ "mixer2"	""	""	"File not found: wdmaud.drv"
+ "msacm.imaadpcm"	""	""	"File not found: imaadp32.acm"
+ "msacm.l3acm"	"MPEG Layer-3 Audio Codec for MSACM"	"Fraunhofer Institut Integrierte Schaltungen IIS"	"c:\windows\syswow64\l3codeca.acm"
+ "msacm.msadpcm"	""	""	"File not found: msadp32.acm"
+ "msacm.msg711"	""	""	"File not found: msg711.acm"
+ "msacm.msgsm610"	""	""	"File not found: msgsm32.acm"
+ "msacm.siren"	""	""	"File not found: sirenacm.dll"
+ "msacm.vorbis"	""	""	"File not found: vorbis.acm"
+ "vidc.cvid"	""	""	"File not found: iccvid.dll"
+ "vidc.DIVX"	""	""	"File not found: DivX.dll"
+ "vidc.i420"	""	""	"File not found: iyuv_32.dll"
+ "vidc.iyuv"	""	""	"File not found: iyuv_32.dll"
+ "vidc.mrle"	""	""	"File not found: msrle32.dll"
+ "vidc.msvc"	""	""	"File not found: msvidc32.dll"
+ "vidc.uyvy"	""	""	"File not found: msyuv.dll"
+ "vidc.yuy2"	""	""	"File not found: msyuv.dll"
+ "vidc.yv12"	""	""	"File not found: DivX.dll"
+ "vidc.yvu9"	""	""	"File not found: tsbyuv.dll"
+ "vidc.yvyu"	""	""	"File not found: msyuv.dll"
+ "wave"	""	""	"File not found: wdmaud.drv"
+ "wave1"	""	""	"File not found: wdmaud.drv"
+ "wave2"	""	""	"File not found: wdmaud.drv"
+ "wavemapper"	""	""	"File not found: msacm32.drv"
"HKLM\Software\Classes\Filter"	""	""	""
+ "MainConcept MPEG Demultiplexer"	"MPEG-1/2 Demultiplexer"	"MainConcept GmbH"	"c:\program files (x86)\divx\divx transcode engine\plugins\mc_demux_mp2_ds.ax"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance"	""	""	""
+ "ATI MPEG Audio Encoder"	"ATI MPEG Encoder"	"Advanced Micro Devices Inc."	"c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI MPEG File Writer"	"ATI MPEG Encoder"	"Advanced Micro Devices Inc."	"c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI MPEG Multiplexer"	"ATI MPEG Encoder"	"Advanced Micro Devices Inc."	"c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI MPEG Video Decoder"	"ATI MPEG Encoder"	"Advanced Micro Devices Inc."	"c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI MPEG Video Encoder"	"ATI MPEG Encoder"	"Advanced Micro Devices Inc."	"c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI Video Rotation Filter"	"ATI MPEG Encoder"	"Advanced Micro Devices Inc."	"c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI Video Scaler Filter"	"ATI MPEG Encoder"	"Advanced Micro Devices Inc."	"c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance"	""	""	""
+ "ATI MPEG Audio Encoder"	"ATI MPEG Encoder"	"Advanced Micro Devices Inc."	"c:\program files\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI MPEG File Writer"	"ATI MPEG Encoder"	"Advanced Micro Devices Inc."	"c:\program files\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI MPEG Multiplexer"	"ATI MPEG Encoder"	"Advanced Micro Devices Inc."	"c:\program files\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI MPEG Video Decoder"	"ATI MPEG Encoder"	"Advanced Micro Devices Inc."	"c:\program files\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI MPEG Video Encoder"	"ATI MPEG Encoder"	"Advanced Micro Devices Inc."	"c:\program files\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI Ticker"	""	""	"c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\ticker.ax"
+ "ATI Video Rotation Filter"	"ATI MPEG Encoder"	"Advanced Micro Devices Inc."	"c:\program files\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI Video Scaler Filter"	"ATI MPEG Encoder"	"Advanced Micro Devices Inc."	"c:\program files\common files\ati technologies\multimedia\atimpenc.dll"
+ "Capture File Writer"	"Windows Live Video Acquisition Filters"	"Microsoft Corporation"	"c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "Creative MJPEG Decoder 2"	"Decoder"	"Creative Technology Ltd."	"c:\program files (x86)\creative\shared files\ctmjpgdec2.ax"
+ "Creative Video Processing Filter"	"Creative Video Processing Filter"	"Creative Technology Ltd."	"c:\program files (x86)\creative\shared files\vidprocu.ax"
+ "DivX AAC Decoder"	"AAC audio decoder filter"	"DivX, Inc."	"c:\program files (x86)\divx\divx plus directshow filters\daac.ax"
+ "DivX Decoder Filter"	"DivX Decoder Filter"	"DivX, Inc."	"c:\program files (x86)\divx\divx codec\divxdec.ax"
+ "DivX Demux Filter"	"DivX Plus DMF Navigator Filter"	"DivX, Inc."	"c:\program files (x86)\divx\divx plus directshow filters\directshowdemuxfilter.dll"
+ "DivX Demux Filter (Unrestricted Edition)"	"DivX Plus DMF Navigator Filter"	"DivX, Inc."	"c:\program files (x86)\divx\divx plus directshow filters\directshowdemuxfilter.dll"
+ "DivX H.264 Decoder"	"DivX H.264 Decoder Filter"	"DivX, Inc."	"c:\program files (x86)\divx\divx plus directshow filters\divxdech264.ax"
+ "MainConcept MPEG Demultiplexer"	"MPEG-1/2 Demultiplexer"	"MainConcept GmbH"	"c:\program files (x86)\divx\divx transcode engine\plugins\mc_demux_mp2_ds.ax"
+ "MainConcept Stream Parser"	"MPEG-1/2 Demultiplexer"	"MainConcept GmbH"	"c:\program files (x86)\divx\divx transcode engine\plugins\mc_demux_mp2_ds.ax"
+ "MMACE Deinterlace"	""	""	"c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "MMACE ProcAmp"	""	""	"c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "MMACE SoftEmu"	""	""	"c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "Record Queue"	"Windows Live Video Acquisition Filters"	"Microsoft Corporation"	"c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "Samsung AAC Decoding Filter"	"AAC Decoder Filter Dll"	"Pixtree, Inc."	"c:\program files (x86)\samsung\intelli-studio\filters\pxtraacd.dll"
+ "Samsung AAC Encoder Filter"	"AAC Encoder Filter Dll"	"Pixtree, Inc."	"c:\program files (x86)\samsung\intelli-studio\filters\pxtraace.dll"
+ "Samsung AVI Muxer"	"AviMuxer"	""	"c:\program files (x86)\samsung\intelli-studio\filters\ssavimux.dll"
+ "Samsung H264 Decoder"	"HTH264Dec1"	"Honest Technology"	"c:\program files (x86)\samsung\intelli-studio\filters\pxtrvdf.dll"
+ "Samsung H264 Encoding Filter"	"Pixtree h264 video encoder dshow filter"	"PIXTREE, Inc."	"c:\program files (x86)\samsung\intelli-studio\filters\pxtrvef.dll"
+ "Samsung MJPEG Decoder"	"HTH264Dec1"	"Honest Technology"	"c:\program files (x86)\samsung\intelli-studio\filters\pxtrvdf.dll"
+ "Samsung MJPEG Encoder"	"HTMJpegEncoder Dynamic Link Library"	"Honest Technology"	"c:\program files (x86)\samsung\intelli-studio\filters\ssmjpgen.dll"
+ "Samsung MP4 Muxer Filter"	""	""	"c:\program files (x86)\samsung\intelli-studio\filters\ssmp4mux.ax"
+ "Samsung MPEG-4 Splitter Filter"	"Pixtree MP4 Splitter Filter"	"Pixtree, Inc."	"c:\program files (x86)\samsung\intelli-studio\filters\pxtrmp4s.dll"
+ "WM VIH2 Fix"	"Windows Live Video Acquisition Filters"	"Microsoft Corporation"	"c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT DV Extract Filter"	"Windows Live Video Acquisition Filters"	"Microsoft Corporation"	"c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter"	"Windows Live Video Acquisition Filters"	"Microsoft Corporation"	"c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter"	"Windows Live Video Acquisition Filters"	"Microsoft Corporation"	"c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer"	"Windows Live Video Acquisition Filters"	"Microsoft Corporation"	"c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source"	"Windows Live Video Acquisition Filters"	"Microsoft Corporation"	"c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
"HKLM\System\CurrentControlSet\Control\Session Manager\BootExecute"	""	""	""
+ "autocheck autochk *"	""	""	"File not found: autochk"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Windows\Appinit_Dlls"	""	""	""
+ "c:\progra~3\browse~1\261070~1.41\{c16c1~1\browse~1.dll"	""	""	"File not found: c:\progra~3\browse~1\261070~1.41\{c16c1~1\browse~1.dll"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers"	""	""	""
+ "Smartcard Credential Provider"	""	""	"File not found: SmartcardCredentialProvider.dll"
+ "Smartcard Pin Provider"	""	""	"File not found: SmartcardCredentialProvider.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries"	""	""	""
+ "MSAFD RfComm [Bluetooth]"	""	""	"File not found: mswsock.dll"
+ "MSAFD Tcpip [RAW/IP]"	""	""	"File not found: mswsock.dll"
+ "MSAFD Tcpip [RAW/IPv6]"	""	""	"File not found: mswsock.dll"
+ "MSAFD Tcpip [TCP/IP]"	""	""	"File not found: mswsock.dll"
+ "MSAFD Tcpip [TCP/IPv6]"	""	""	"File not found: mswsock.dll"
+ "MSAFD Tcpip [UDP/IP]"	""	""	"File not found: mswsock.dll"
+ "MSAFD Tcpip [UDP/IPv6]"	""	""	"File not found: mswsock.dll"
+ "RSVP TCP Service Provider"	""	""	"File not found: mswsock.dll"
+ "RSVP TCPv6 Service Provider"	""	""	"File not found: mswsock.dll"
+ "RSVP UDP Service Provider"	""	""	"File not found: mswsock.dll"
+ "RSVP UDPv6 Service Provider"	""	""	"File not found: mswsock.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries"	""	""	""
+ "Network Location Awareness Legacy (NLAv1) Namespace"	""	""	"File not found: mswsock.dll"
+ "Tcpip"	""	""	"File not found: mswsock.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64"	""	""	""
+ "MSAFD RfComm [Bluetooth]"	""	""	"File not found: mswsock.dll"
+ "MSAFD Tcpip [RAW/IP]"	""	""	"File not found: mswsock.dll"
+ "MSAFD Tcpip [RAW/IPv6]"	""	""	"File not found: mswsock.dll"
+ "MSAFD Tcpip [TCP/IP]"	""	""	"File not found: mswsock.dll"
+ "MSAFD Tcpip [TCP/IPv6]"	""	""	"File not found: mswsock.dll"
+ "MSAFD Tcpip [UDP/IP]"	""	""	"File not found: mswsock.dll"
+ "MSAFD Tcpip [UDP/IPv6]"	""	""	"File not found: mswsock.dll"
+ "RSVP TCP Service Provider"	""	""	"File not found: mswsock.dll"
+ "RSVP TCPv6 Service Provider"	""	""	"File not found: mswsock.dll"
+ "RSVP UDP Service Provider"	""	""	"File not found: mswsock.dll"
+ "RSVP UDPv6 Service Provider"	""	""	"File not found: mswsock.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64"	""	""	""
+ "Network Location Awareness Legacy (NLAv1) Namespace"	""	""	"File not found: mswsock.dll"
+ "Tcpip"	""	""	"File not found: mswsock.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors"	""	""	""
+ "Local Port"	""	""	"File not found: localspl.dll"
+ "Microsoft Shared Fax Monitor"	""	""	"File not found: FXSMON.DLL"
+ "Standard TCP/IP Port"	""	""	"File not found: tcpmon.dll"
+ "USB Monitor"	""	""	"File not found: usbmon.dll"
+ "WSD Port"	""	""	"File not found: WSDMon.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\SecurityProviders\SecurityProviders"	""	""	""
+ "credssp.dll"	""	""	"File not found: credssp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Authentication Packages"	""	""	""
+ "msv1_0"	""	""	"File not found: msv1_0"
"HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Notification Packages"	""	""	""
+ "scecli"	""	""	"File not found: scecli"
"HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Security Packages"	""	""	""
+ "kerberos"	""	""	"File not found: kerberos"
+ "msv1_0"	""	""	"File not found: msv1_0"
+ "pku2u"	""	""	"File not found: pku2u"
+ "schannel"	""	""	"File not found: schannel"
+ "tspkg"	""	""	"File not found: tspkg"
+ "wdigest"	""	""	"File not found: wdigest"
"HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order"	""	""	""
+ "BCMLogon"	"DW WLAN Card Logon Provider"	"Dell Inc."	"c:\windows\system32\bcmlogon.dll"



#14 alexantosh

alexantosh
  • Topic Starter

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Local time:12:52 PM

Posted 06 February 2013 - 12:18 PM

Well, am done with that; by the way, the JRT - junkware Removal Tool appeared to run for a flush, a black screen appeared and disappeared but no log file was left behind whatsoever. Where is it saved? Also Fabar service indicated that watcom service was 32-bit so i should get 64-bit-is that very important too?
what else should i do now? thanks by the way.

#15 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:52 AM

Posted 06 February 2013 - 12:20 PM

Please run malwarebytes again and post the clean log

Run the services repair tool

http://kb.eset.com/library/ESET/KB%20Team%20Only/Malware/ServicesRepair.exe

Run Farbar service scanner again and post the new log

Edited by narenxp, 06 February 2013 - 11:21 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users