Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Another case of bottom right hand corner pop up.


  • Please log in to reply
9 replies to this topic

#1 phate008

phate008

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:06:52 PM

Posted 22 February 2013 - 03:24 PM

I have had this for the last few monthes and I have ignored it, but now I'm a little anxious about identity theft so I would rather be safe then sorry. Any help is appreciated. Basically, I have pop up in the right hand and left hand corners. Some recommending stuff, and some pertaining to whatever website I happen to be looking at. Now I'm getting a random white box that comes up occasionally and does not have an X to close. Help me please, thanks.



BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:52 PM

Posted 22 February 2013 - 03:40 PM


  • Please download TDSSKiller from here and save it to your Desktop
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters




  • Check Loaded Modules  and Detect TDLFS file systemDo not check Verify file digital signatures (even though it is checked in the example)
  • If you are asked to reboot because an "Extended Monitoring Driver is required" please click Reboot now




  • Click Start Scan and allow the scan process to run

  • If threats are detected select Skip for all of them unless I instruct you otherwise
  • Click Continue




  • Click Reboot computer
  • Please post the contents of  TDSSKiller.[Version]_[Date]_[Time]_log.txt found in your root directory (typically c:\)in your reply


===================================================


aswMBR

--------------------

  • Download aswMBR and save it to your desktop.
  • Please disable your real time protection of any Antivirus, Antispyware or Antimalware programs temporarily. They will interfere and may cause unexpected results.
  • If you need help to disable your protection programs see here and here.
  • Double click the aswMBR.exe file to run it. Please allow when you are asked to download AVAST antivirus engine defs.
  • Wait until the AV update is done, then click on the Scan button to start. The program will launch a scan.



  • When done, you will see Scan finished successfully. Please click on Save log and save the file to your desktop.



  • Please post the contents of the log in your next reply.

NOTE:  aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.


===================================================


ESET Online Scanner

--------------------

I'd like us to scan your machine with ESET OnlineScan  This process may may take several hours, that is normal

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the   button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the icon on your desktop.

  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:

    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Copy and paste the information in your next reply.   Note:  If no malware was found you will not get a log.
  • Click the Back button.
  • Click the Finish button.


===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • TDSSKiller log
  • aswMBR log
  • ESET results



#3 phate008

phate008
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:06:52 PM

Posted 22 February 2013 - 03:57 PM

I will edit this reply with the answers to the questions. I did the TDSSKiller, got the log. The AsmMBR says "not a valid windows 32 application" when I open the file though. Maybe I should have specified- I'm using windows 7 if that makes a difference.



#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:52 PM

Posted 22 February 2013 - 04:00 PM

Redownload ASWMBR,looks like corrupt installer.



#5 phate008

phate008
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:06:52 PM

Posted 22 February 2013 - 07:00 PM

I deleted some of the log because it was too long to post the TDSSKiller log.

 

TDSSKiller:

 

18:56:56.0858 3988  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
18:56:57.0159 3988  ============================================================
18:56:57.0159 3988  Current date / time: 2013/02/22 18:56:57.0159
18:56:57.0159 3988  SystemInfo:
18:56:57.0159 3988  
18:56:57.0159 3988  OS Version: 6.1.7600 ServicePack: 0.0
18:56:57.0159 3988  Product type: Workstation
18:56:57.0160 3988  ComputerName: BRETT-PC
18:56:57.0160 3988  UserName: Brett
18:56:57.0160 3988  Windows directory: C:\Windows
18:56:57.0160 3988  System windows directory: C:\Windows
18:56:57.0160 3988  Running under WOW64
18:56:57.0160 3988  Processor architecture: Intel x64
18:56:57.0160 3988  Number of processors: 2
18:56:57.0160 3988  Page size: 0x1000
18:56:57.0160 3988  Boot type: Normal boot
18:56:57.0160 3988  ============================================================
18:56:57.0707 3988  BG loaded
18:56:57.0930 3988  Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:56:57.0952 3988  ============================================================
18:56:57.0952 3988  \Device\Harddisk0\DR0:
18:56:57.0952 3988  MBR partitions:
18:56:57.0952 3988  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2528800, BlocksNum 0x5501D000
18:56:57.0952 3988  ============================================================
18:56:57.0990 3988  C: <-> \Device\Harddisk0\DR0\Partition1
18:56:57.0991 3988  ============================================================
18:56:57.0991 3988  Initialize success
18:56:57.0991 3988  ============================================================
18:57:10.0564 4356  ============================================================
18:57:10.0564 4356  Scan started
18:57:10.0564 4356  Mode: Manual; TDLFS;
18:57:10.0564 4356  ============================================================
18:57:11.0329 4356  ================ Scan system memory ========================
18:57:11.0329 4356  System memory - ok
18:57:11.0329 4356  ================ Scan services =============================
18:57:11.0405 4356  [ 969C91060CBB5D17CB8440B5F78B4C51 ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
18:57:11.0408 4356  1394ohci - ok
18:57:11.0428 4356  [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI            C:\Windows\system32\DRIVERS\ACPI.sys
18:57:11.0432 4356  ACPI - ok
18:57:11.0445 4356  [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi         C:\Windows\system32\DRIVERS\acpipmi.sys
18:57:11.0446 4356  AcpiPmi - ok
18:57:11.0531 4356  [ 4AE327C9C375D985FF2A2AAB92765218 ] Adobe LM Service C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
18:57:11.0533 4356  Adobe LM Service - ok
18:57:11.0559 4356  [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:57:11.0560 4356  AdobeARMservice - ok
18:57:11.0588 4356  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
18:57:11.0593 4356  adp94xx - ok
18:57:11.0601 4356  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
18:57:11.0604 4356  adpahci - ok
18:57:11.0614 4356  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
18:57:11.0616 4356  adpu320 - ok
18:57:11.0647 4356  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
18:57:11.0649 4356  AeLookupSvc - ok
18:57:11.0677 4356  [ B9384E03479D2506BC924C16A3DB87BC ] AFD             C:\Windows\system32\drivers\afd.sys
18:57:11.0682 4356  AFD - ok
18:57:11.0699 4356  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\DRIVERS\agp440.sys
18:57:11.0701 4356  agp440 - ok
18:57:11.0713 4356  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
18:57:11.0715 4356  ALG - ok
18:57:11.0731 4356  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\DRIVERS\aliide.sys
18:57:11.0733 4356  aliide - ok
18:57:11.0781 4356  [ 02CD198502BBC03D47B386EE0FB27F8D ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
18:57:11.0783 4356  AMD External Events Utility - ok
18:57:11.0846 4356  AMD FUEL Service - ok
18:57:11.0850 4356  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\DRIVERS\amdide.sys
18:57:11.0851 4356  amdide - ok
18:57:11.0875 4356  [ 6A2EEB0C4133B20773BB3DD0B7B377B4 ] amdiox64        C:\Windows\system32\DRIVERS\amdiox64.sys
18:57:11.0877 4356  amdiox64 - ok
18:57:11.0894 4356  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
18:57:11.0895 4356  AmdK8 - ok
18:57:12.0048 4356  [ 37A897969B0082DBBBA7604A2149E7ED ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
18:57:12.0186 4356  amdkmdag - ok
18:57:12.0212 4356  [ BD9DC4508A27CA893527A5F42CF9570F ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
18:57:12.0216 4356  amdkmdap - ok
18:57:12.0230 4356  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
18:57:12.0232 4356  AmdPPM - ok
18:57:12.0250 4356  [ 7A4B413614C055935567CF88A9734D38 ] amdsata         C:\Windows\system32\DRIVERS\amdsata.sys
18:57:12.0252 4356  amdsata - ok
18:57:12.0264 4356  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
18:57:12.0267 4356  amdsbs - ok
18:57:12.0278 4356  [ B4AD0CACBAB298671DD6F6EF7E20679D ] amdxata         C:\Windows\system32\DRIVERS\amdxata.sys
18:57:12.0279 4356  amdxata - ok
18:57:12.0304 4356  [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID           C:\Windows\system32\drivers\appid.sys
18:57:12.0307 4356  AppID - ok
18:57:12.0310 4356  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
18:57:12.0312 4356  AppIDSvc - ok
18:57:12.0323 4356  [ D065BE66822847B7F127D1F90158376E ] Appinfo         C:\Windows\System32\appinfo.dll
18:57:12.0325 4356  Appinfo - ok
18:57:12.0373 4356  [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:57:12.0375 4356  Apple Mobile Device - ok
18:57:12.0389 4356  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
18:57:12.0390 4356  arc - ok
18:57:12.0407 4356  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
18:57:12.0409 4356  arcsas - ok
18:57:12.0487 4356  [ A82C01606DC27D05D9D3BFB6BB807E32 ] AsIO            C:\Windows\syswow64\drivers\AsIO.sys
18:57:12.0488 4356  AsIO - ok
18:57:12.0502 4356  [ 26D66E32E78D3059715B3A17BC679CD9 ] AsUpIO          C:\Windows\syswow64\drivers\AsUpIO.sys
18:57:12.0503 4356  AsUpIO - ok
18:57:12.0528 4356  [ E8184039D57365BEE3EAA750375C44AD ] aswFsBlk        C:\Windows\system32\drivers\aswFsBlk.sys
18:57:12.0529 4356  aswFsBlk - ok
18:57:12.0559 4356  [ C671E9548D3D1B4CD15D0B164D9D01C7 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
18:57:12.0561 4356  aswMonFlt - ok
18:57:12.0591 4356  [ DEE012D532C3F62CA099961505F41CF6 ] aswRdr          C:\Windows\system32\drivers\aswRdr.sys
18:57:12.0593 4356  aswRdr - ok
18:57:12.0618 4356  [ 56BBD39753B9F7461C4DE03C3217249D ] aswSP           C:\Windows\system32\drivers\aswSP.sys
18:57:12.0620 4356  aswSP - ok
18:57:12.0648 4356  [ 193691B35598642A328D880483DC0ED9 ] aswTdi          C:\Windows\system32\drivers\aswTdi.sys
18:57:12.0649 4356  aswTdi - ok
18:57:12.0658 4356  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
18:57:12.0659 4356  AsyncMac - ok
18:57:12.0675 4356  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\DRIVERS\atapi.sys
18:57:12.0676 4356  atapi - ok
18:57:12.0721 4356  [ CBD14F698DEF12EE3557604B726CB8EB ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
18:57:12.0723 4356  AtiHDAudioService - ok
18:57:12.0752 4356  [ 77C149E6D702737B2E372DEE166FAEF8 ] AtiHdmiService  C:\Windows\system32\drivers\AtiHdmi.sys
18:57:12.0754 4356  AtiHdmiService - ok
18:57:12.0922 4356  [ 37A897969B0082DBBBA7604A2149E7ED ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
18:57:12.0968 4356  atikmdag - ok
18:57:12.0994 4356  [ 7C5D273E29DCC5505469B299C6F29163 ] AtiPcie         C:\Windows\system32\DRIVERS\AtiPcie.sys
18:57:12.0995 4356  AtiPcie - ok
18:57:13.0025 4356  [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:57:13.0031 4356  AudioEndpointBuilder - ok
18:57:13.0040 4356  [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv        C:\Windows\System32\Audiosrv.dll
18:57:13.0044 4356  AudioSrv - ok
18:57:13.0072 4356  [ B2386A8E66891F7CFEC9F5A03F0F1210 ] avast! Antivirus C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
18:57:13.0073 4356  avast! Antivirus - ok
18:57:13.0076 4356  [ B2386A8E66891F7CFEC9F5A03F0F1210 ] avast! Mail Scanner C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
18:57:13.0077 4356  avast! Mail Scanner - ok
18:57:13.0081 4356  [ B2386A8E66891F7CFEC9F5A03F0F1210 ] avast! Web Scanner C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
18:57:13.0081 4356  avast! Web Scanner - ok
18:57:13.0105 4356  [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
18:57:13.0107 4356  AxInstSV - ok
18:57:13.0127 4356  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
18:57:13.0132 4356  b06bdrv - ok
18:57:13.0145 4356  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
18:57:13.0149 4356  b57nd60a - ok
18:57:13.0170 4356  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
18:57:13.0172 4356  BDESVC - ok
18:57:13.0186 4356  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
18:57:13.0187 4356  Beep - ok
18:57:13.0222 4356  [ 4992C609A6315671463E30F6512BC022 ] BFE             C:\Windows\System32\bfe.dll
18:57:13.0228 4356  BFE - ok
18:57:13.0260 4356  [ 7F0C323FE3DA28AA4AA1BDA3F575707F ] BITS            C:\Windows\System32\qmgr.dll
18:57:13.0269 4356  BITS - ok
18:57:13.0291 4356  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
18:57:13.0292 4356  blbdrive - ok
18:57:13.0339 4356  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:57:13.0344 4356  Bonjour Service - ok
18:57:13.0354 4356  [ 91CE0D3DC57DD377E690A2D324022B08 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
18:57:13.0355 4356  bowser - ok
18:57:13.0374 4356  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:57:13.0376 4356  BrFiltLo - ok
18:57:13.0391 4356  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:57:13.0392 4356  BrFiltUp - ok
18:57:13.0411 4356  [ 94FBC06F294D58D02361918418F996E3 ] Browser         C:\Windows\System32\browser.dll
18:57:13.0413 4356  Browser - ok
18:57:13.0419 4356  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
18:57:13.0423 4356  Brserid - ok
18:57:13.0433 4356  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
18:57:13.0435 4356  BrSerWdm - ok
18:57:13.0445 4356  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
18:57:13.0446 4356  BrUsbMdm - ok
18:57:13.0459 4356  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
18:57:13.0460 4356  BrUsbSer - ok
18:57:13.0486 4356  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
18:57:13.0487 4356  BTHMODEM - ok
18:57:13.0502 4356  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
18:57:13.0504 4356  bthserv - ok
18:57:13.0514 4356  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
18:57:13.0516 4356  cdfs - ok
18:57:13.0529 4356  [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
18:57:13.0532 4356  cdrom - ok
18:57:13.0555 4356  [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc     C:\Windows\System32\certprop.dll
18:57:13.0557 4356  CertPropSvc - ok
18:57:13.0568 4356  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
18:57:13.0570 4356  circlass - ok
18:57:13.0591 4356  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
18:57:13.0596 4356  CLFS - ok
18:57:13.0633 4356  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:57:13.0634 4356  clr_optimization_v2.0.50727_32 - ok
18:57:13.0686 4356  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:57:13.0688 4356  clr_optimization_v2.0.50727_64 - ok
18:57:13.0760 4356  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:57:13.0762 4356  clr_optimization_v4.0.30319_32 - ok
18:57:13.0787 4356  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:57:13.0790 4356  clr_optimization_v4.0.30319_64 - ok
18:57:13.0797 4356  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
18:57:13.0799 4356  CmBatt - ok
18:57:13.0812 4356  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\DRIVERS\cmdide.sys
18:57:13.0813 4356  cmdide - ok
18:57:13.0832 4356  [ F95FD4CB7DA00BA2A63CE9F6B5C053E1 ] CNG             C:\Windows\system32\Drivers\cng.sys
18:57:13.0838 4356  CNG - ok
18:57:13.0964 4356  [ 1931A1AF935D146D048B4EC5926F296A ] CodeMeter.exe   C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
18:57:13.0999 4356  CodeMeter.exe - ok
18:57:14.0014 4356  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
18:57:14.0015 4356  Compbatt - ok
18:57:14.0032 4356  [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
18:57:14.0034 4356  CompositeBus - ok
18:57:14.0037 4356  COMSysApp - ok
18:57:14.0054 4356  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
18:57:14.0056 4356  crcdisk - ok
18:57:14.0069 4356  [ 8C57411B66282C01533CB776F98AD384 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
18:57:14.0071 4356  CryptSvc - ok
18:57:14.0104 4356  [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch      C:\Windows\system32\rpcss.dll
18:57:14.0110 4356  DcomLaunch - ok
18:57:14.0138 4356  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
18:57:14.0141 4356  defragsvc - ok
18:57:14.0170 4356  [ 0A403702CB00432AC818523CD416BF67 ] Device Handle Service C:\Windows\SysWOW64\AsHookDevice.exe
18:57:14.0173 4356  Device Handle Service - ok
18:57:14.0202 4356  [ 3F1DC527070ACB87E40AFE46EF6DA749 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
18:57:14.0204 4356  DfsC - ok
18:57:14.0223 4356  [ CE3B9562D997F69B330D181A8875960F ] Dhcp            C:\Windows\system32\dhcpcore.dll
18:57:14.0227 4356  Dhcp - ok
18:57:14.0234 4356  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
18:57:14.0235 4356  discache - ok
18:57:14.0262 4356  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
18:57:14.0264 4356  Disk - ok
18:57:14.0278 4356  [ 676108C4E3AA6F6B34633748BD0BEBD9 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
18:57:14.0280 4356  Dnscache - ok
18:57:14.0294 4356  [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc         C:\Windows\System32\dot3svc.dll
18:57:14.0297 4356  dot3svc - ok
18:57:14.0308 4356  [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS             C:\Windows\system32\dps.dll
18:57:14.0310 4356  DPS - ok
18:57:14.0334 4356  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
18:57:14.0336 4356  drmkaud - ok
18:57:14.0361 4356  [ EBCE0B0924835F635F620D19F0529DCE ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
18:57:14.0371 4356  DXGKrnl - ok
18:57:14.0383 4356  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
18:57:14.0386 4356  EapHost - ok
18:57:14.0449 4356  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
18:57:14.0501 4356  ebdrv - ok
18:57:14.0521 4356  [ 0793F40B9B8A1BDD266296409DBD91EA ] EFS             C:\Windows\System32\lsass.exe
18:57:14.0523 4356  EFS - ok
18:57:14.0574 4356  [ 3D69FAE60EDE442E004611A4EE4DB44C ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
18:57:14.0581 4356  ehRecvr - ok
18:57:14.0590 4356  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
18:57:14.0592 4356  ehSched - ok
18:57:14.0613 4356  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
18:57:14.0618 4356  elxstor - ok
18:57:14.0626 4356  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\DRIVERS\errdev.sys
18:57:14.0628 4356  ErrDev - ok
18:57:14.0651 4356  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
18:57:14.0655 4356  EventSystem - ok
18:57:14.0671 4356  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
18:57:14.0673 4356  exfat - ok
18:57:14.0692 4356  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
18:57:14.0695 4356  fastfat - ok
18:57:14.0730 4356  [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax             C:\Windows\system32\fxssvc.exe
18:57:14.0737 4356  Fax - ok
18:57:14.0750 4356  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
18:57:14.0751 4356  fdc - ok
18:57:14.0778 4356  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
18:57:14.0780 4356  fdPHost - ok
18:57:14.0793 4356  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
18:57:14.0794 4356  FDResPub - ok
18:57:14.0799 4356  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
18:57:14.0800 4356  FileInfo - ok
18:57:14.0812 4356  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
18:57:14.0813 4356  Filetrace - ok
18:57:14.0871 4356  [ 0B9167ADFE8E42B6B4C5E929BFBC7080 ] FlipShare Service C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe
18:57:14.0876 4356  FlipShare Service - ok
18:57:14.0886 4356  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
18:57:14.0887 4356  flpydisk - ok
18:57:14.0905 4356  [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
18:57:14.0909 4356  FltMgr - ok
18:57:14.0935 4356  [ 8AC4CB4EA61E41009FAE9AE7B2B5DA3A ] FontCache       C:\Windows\system32\FntCache.dll
18:57:14.0961 4356  FontCache - ok
18:57:14.0988 4356  [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:57:14.0990 4356  FontCache3.0.0.0 - ok
18:57:15.0000 4356  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
18:57:15.0001 4356  FsDepends - ok
18:57:15.0028 4356  [ 53DAB1791917A72738539AD25C4EED7F ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
18:57:15.0030 4356  fssfltr - ok
18:57:15.0077 4356  [ 206AD9A89BF05DFA1621F1FC7B82592D ] fsssvc          C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
18:57:15.0084 4356  fsssvc - ok
18:57:15.0101 4356  [ E95EF8547DE20CF0603557C0CF7A9462 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
18:57:15.0103 4356  Fs_Rec - ok
18:57:15.0116 4356  [ B8B2A6E1558F8F5DE5CE431C5B2C7B09 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
18:57:15.0118 4356  fvevol - ok
18:57:15.0137 4356  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
18:57:15.0138 4356  gagp30kx - ok
18:57:15.0161 4356  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
18:57:15.0162 4356  GEARAspiWDM - ok
18:57:15.0183 4356  [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc           C:\Windows\System32\gpsvc.dll
18:57:15.0191 4356  gpsvc - ok
18:57:15.0254 4356  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:57:15.0256 4356  gupdate - ok
18:57:15.0285 4356  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:57:15.0286 4356  gupdatem - ok
18:57:15.0298 4356  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
18:57:15.0300 4356  hcw85cir - ok
18:57:15.0328 4356  [ 6410F6F415B2A5A9037224C41DA8BF12 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:57:15.0333 4356  HdAudAddService - ok
18:57:15.0351 4356  [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
18:57:15.0353 4356  HDAudBus - ok
18:57:15.0366 4356  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
18:57:15.0368 4356  HidBatt - ok
18:57:15.0378 4356  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
18:57:15.0380 4356  HidBth - ok
18:57:15.0393 4356  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
18:57:15.0395 4356  HidIr - ok
18:57:15.0406 4356  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
18:57:15.0408 4356  hidserv - ok
18:57:15.0423 4356  [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
18:57:15.0424 4356  HidUsb - ok
18:57:15.0435 4356  [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc          C:\Windows\system32\kmsvc.dll
18:57:15.0437 4356  hkmsvc - ok
18:57:15.0454 4356  [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:57:15.0457 4356  HomeGroupListener - ok
18:57:15.0478 4356  [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:57:15.0481 4356  HomeGroupProvider - ok
18:57:15.0498 4356  [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD          C:\Windows\system32\DRIVERS\HpSAMD.sys
18:57:15.0500 4356  HpSAMD - ok
18:57:15.0523 4356  [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
18:57:15.0530 4356  HTTP - ok
18:57:15.0535 4356  [ F17766A19145F111856378DF337A5D79 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
18:57:15.0535 4356  hwpolicy - ok
18:57:15.0550 4356  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
18:57:15.0552 4356  i8042prt - ok
18:57:15.0574 4356  [ D83EFB6FD45DF9D55E9A1AFC63640D50 ] iaStorV         C:\Windows\system32\DRIVERS\iaStorV.sys
18:57:15.0578 4356  iaStorV - ok
18:57:15.0625 4356  [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:57:15.0634 4356  idsvc - ok
18:57:15.0751 4356  [ A87261EF1546325B559374F5689CF5BC ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
18:57:15.0849 4356  igfx - ok
18:57:15.0878 4356  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
18:57:15.0880 4356  iirsp - ok
18:57:15.0907 4356  [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT          C:\Windows\System32\ikeext.dll
18:57:15.0915 4356  IKEEXT - ok
18:57:15.0930 4356  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\DRIVERS\intelide.sys
18:57:15.0931 4356  intelide - ok
18:57:15.0945 4356  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
18:57:15.0947 4356  intelppm - ok
18:57:16.0019 4356  [ 3DC635B66DD7412E1C9C3A77B8D78F25 ] IntuitUpdateService C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
18:57:16.0021 4356  IntuitUpdateService - ok
18:57:16.0075 4356  [ D9DA7B3117BF5EFF921C0CDED4D58050 ] IntuitUpdateServiceV4 C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
18:57:16.0076 4356  IntuitUpdateServiceV4 - ok
18:57:16.0105 4356  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
18:57:16.0107 4356  IPBusEnum - ok
18:57:16.0119 4356  [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:57:16.0121 4356  IpFilterDriver - ok
18:57:16.0142 4356  [ F8E058D17363EC580E4B7232778B6CB5 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
18:57:16.0148 4356  iphlpsvc - ok
18:57:16.0162 4356  [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV         C:\Windows\system32\DRIVERS\IPMIDrv.sys
18:57:16.0164 4356  IPMIDRV - ok
18:57:16.0169 4356  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
18:57:16.0171 4356  IPNAT - ok
18:57:16.0227 4356  [ 0F261EC4F514926177C70C1832374231 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
18:57:16.0233 4356  iPod Service - ok
18:57:16.0243 4356  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
18:57:16.0245 4356  IRENUM - ok
18:57:16.0258 4356  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\DRIVERS\isapnp.sys
18:57:16.0260 4356  isapnp - ok
18:57:16.0278 4356  [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
18:57:16.0281 4356  iScsiPrt - ok
18:57:16.0298 4356  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
18:57:16.0300 4356  kbdclass - ok
18:57:16.0321 4356  [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
18:57:16.0323 4356  kbdhid - ok
18:57:16.0329 4356  [ 0793F40B9B8A1BDD266296409DBD91EA ] KeyIso          C:\Windows\system32\lsass.exe
18:57:16.0330 4356  KeyIso - ok
18:57:16.0345 4356  [ E8B6FCC9C83535C67F835D407620BD27 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
18:57:16.0347 4356  KSecDD - ok
18:57:16.0359 4356  [ A8C63880EF6F4D3FEC7B616B9C060215 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
18:57:16.0361 4356  KSecPkg - ok
18:57:16.0372 4356  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
18:57:16.0374 4356  ksthunk - ok
18:57:16.0390 4356  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
18:57:16.0395 4356  KtmRm - ok
18:57:16.0416 4356  [ C926920B8978DE6ACFE9E15C709E9B57 ] LanmanServer    C:\Windows\system32\srvsvc.dll
18:57:16.0420 4356  LanmanServer - ok
18:57:16.0449 4356  [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:57:16.0452 4356  LanmanWorkstation - ok
18:57:16.0479 4356  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
18:57:16.0480 4356  lltdio - ok
18:57:16.0500 4356  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
18:57:16.0504 4356  lltdsvc - ok
18:57:16.0513 4356  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
18:57:16.0515 4356  lmhosts - ok
18:57:16.0526 4356  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
18:57:16.0528 4356  LSI_FC - ok
18:57:16.0545 4356  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
18:57:16.0547 4356  LSI_SAS - ok
18:57:16.0565 4356  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:57:16.0567 4356  LSI_SAS2 - ok
18:57:16.0572 4356  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:57:16.0574 4356  LSI_SCSI - ok
18:57:16.0593 4356  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
18:57:16.0595 4356  luafv - ok
18:57:16.0638 4356  [ A8FE8F2783B2929B56F5370A89356CE9 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
18:57:16.0639 4356  MBAMProtector - ok
18:57:16.0684 4356  [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
18:57:16.0688 4356  MBAMScheduler - ok
18:57:16.0744 4356  [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
18:57:16.0751 4356  MBAMService - ok
18:57:16.0777 4356  [ 79D51E7F5926E8CE1B3EBECEBAE28CFF ] mcdbus          C:\Windows\system32\DRIVERS\mcdbus.sys
18:57:16.0780 4356  mcdbus - ok
18:57:16.0796 4356  [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
18:57:16.0798 4356  Mcx2Svc - ok
18:57:16.0816 4356  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
18:57:16.0817 4356  megasas - ok
18:57:16.0835 4356  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
18:57:16.0839 4356  MegaSR - ok
18:57:16.0856 4356  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
18:57:16.0858 4356  MMCSS - ok
18:57:16.0873 4356  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
18:57:16.0874 4356  Modem - ok
18:57:16.0878 4356  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
18:57:16.0880 4356  monitor - ok
18:57:16.0899 4356  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
18:57:16.0900 4356  mouclass - ok
18:57:16.0912 4356  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
18:57:16.0914 4356  mouhid - ok
18:57:16.0938 4356  [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
18:57:16.0939 4356  mountmgr - ok
18:57:16.0994 4356  [ 5C5E45DDABEFBC9F564F1D5C83258B8F ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:57:16.0996 4356  MozillaMaintenance - ok
18:57:17.0010 4356  [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio            C:\Windows\system32\DRIVERS\mpio.sys
18:57:17.0012 4356  mpio - ok
18:57:17.0032 4356  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
18:57:17.0034 4356  mpsdrv - ok
18:57:17.0053 4356  [ AECAB449567D1846DAD63ECE49E893E3 ] MpsSvc          C:\Windows\system32\mpssvc.dll
18:57:17.0061 4356  MpsSvc - ok
18:57:17.0078 4356  [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
18:57:17.0081 4356  MRxDAV - ok
18:57:17.0100 4356  [ 767A4C3BCF9410C286CED15A2DB17108 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
18:57:17.0102 4356  mrxsmb - ok
18:57:17.0118 4356  [ 920EE0FF995FCFDEB08C41605A959E1C ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:57:17.0121 4356  mrxsmb10 - ok
18:57:17.0131 4356  [ 740D7EA9D72C981510A5292CF6ADC941 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:57:17.0133 4356  mrxsmb20 - ok
18:57:17.0152 4356  [ 5C37497276E3B3A5488B23A326A754B7 ] msahci          C:\Windows\system32\DRIVERS\msahci.sys
18:57:17.0154 4356  msahci - ok
18:57:17.0166 4356  [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm           C:\Windows\system32\DRIVERS\msdsm.sys
18:57:17.0168 4356  msdsm - ok
18:57:17.0183 4356  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
18:57:17.0186 4356  MSDTC - ok
18:57:17.0204 4356  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
18:57:17.0206 4356  Msfs - ok
18:57:17.0218 4356  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
18:57:17.0219 4356  mshidkmdf - ok
18:57:17.0230 4356  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\DRIVERS\msisadrv.sys
18:57:17.0232 4356  msisadrv - ok
18:57:17.0248 4356  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
18:57:17.0251 4356  MSiSCSI - ok
18:57:17.0254 4356  msiserver - ok
18:57:17.0277 4356  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
18:57:17.0279 4356  MSKSSRV - ok
18:57:17.0290 4356  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
18:57:17.0291 4356  MSPCLOCK - ok
18:57:17.0304 4356  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
18:57:17.0305 4356  MSPQM - ok
18:57:17.0327 4356  [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
18:57:17.0332 4356  MsRPC - ok
18:57:17.0349 4356  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
18:57:17.0351 4356  mssmbios - ok
18:57:17.0360 4356  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
18:57:17.0361 4356  MSTEE - ok
18:57:17.0376 4356  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
18:57:17.0378 4356  MTConfig - ok
18:57:17.0398 4356  [ 19B006B181E3875FD254F7B67ACF1E7C ] MTsensor        C:\Windows\system32\DRIVERS\ASACPI.sys
18:57:17.0400 4356  MTsensor - ok
18:57:17.0408 4356  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
18:57:17.0410 4356  Mup - ok
18:57:17.0434 4356  [ 4987E079A4530FA737A128BE54B63B12 ] napagent        C:\Windows\system32\qagentRT.dll
18:57:17.0440 4356  napagent - ok
18:57:17.0472 4356  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
18:57:17.0477 4356  NativeWifiP - ok
18:57:17.0507 4356  [ CAD515DBD07D082BB317D9928CE8962C ] NDIS            C:\Windows\system32\drivers\ndis.sys
18:57:17.0516 4356  NDIS - ok
18:57:17.0529 4356  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
18:57:17.0530 4356  NdisCap - ok
18:57:17.0553 4356  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
18:57:17.0554 4356  NdisTapi - ok
18:57:17.0581 4356  [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
18:57:17.0583 4356  Ndisuio - ok
18:57:17.0592 4356  [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
18:57:17.0594 4356  NdisWan - ok
18:57:17.0610 4356  [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
18:57:17.0611 4356  NDProxy - ok
18:57:17.0638 4356  [ DC6530A291D4BDF6DF399F1F128E7F8F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
18:57:17.0640 4356  Net Driver HPZ12 - ok
18:57:17.0650 4356  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
18:57:17.0651 4356  NetBIOS - ok
18:57:17.0669 4356  [ 9162B273A44AB9DCE5B44362731D062A ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
18:57:17.0672 4356  NetBT - ok
18:57:17.0676 4356  [ 0793F40B9B8A1BDD266296409DBD91EA ] Netlogon        C:\Windows\system32\lsass.exe
18:57:17.0677 4356  Netlogon - ok
18:57:17.0704 4356  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
18:57:17.0708 4356  Netman - ok
18:57:17.0725 4356  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
18:57:17.0731 4356  netprofm - ok
18:57:17.0754 4356  [ B72BB9496A126FCFC7FC5945DED9B411 ] netr28x         C:\Windows\system32\DRIVERS\netr28x.sys
18:57:17.0760 4356  netr28x - ok
18:57:17.0786 4356  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:57:17.0788 4356  NetTcpPortSharing - ok
18:57:17.0797 4356  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
18:57:17.0798 4356  nfrd960 - ok
18:57:17.0818 4356  [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc          C:\Windows\System32\nlasvc.dll
18:57:17.0822 4356  NlaSvc - ok
18:57:17.0856 4356  [ C31FA031335EFF434B2D94278E74BCCE ] NPF             C:\Windows\system32\drivers\npf.sys
18:57:17.0858 4356  NPF - ok
18:57:17.0871 4356  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
18:57:17.0872 4356  Npfs - ok
18:57:17.0894 4356  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
18:57:17.0896 4356  nsi - ok
18:57:17.0909 4356  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
18:57:17.0911 4356  nsiproxy - ok
18:57:17.0947 4356  [ 356698A13C4630D5B31C37378D469196 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
18:57:17.0990 4356  Ntfs - ok
18:57:17.0998 4356  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
18:57:18.0000 4356  Null - ok
18:57:18.0058 4356  [ 102806B360D0E6BC6E55BF47EF655D43 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
18:57:18.0062 4356  NVHDA - ok
18:57:18.0312 4356  [ BA0B4889C40380A01ECDF84C227A89C9 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:57:18.0521 4356  nvlddmkm - ok
18:57:18.0540 4356  [ 3E38712941E9BB4DDBEE00AFFE3FED3D ] nvraid          C:\Windows\system32\DRIVERS\nvraid.sys
18:57:18.0542 4356  nvraid - ok
18:57:18.0557 4356  [ 477DC4D6DEB99BE37084C9AC6D013DA1 ] nvstor          C:\Windows\system32\DRIVERS\nvstor.sys
18:57:18.0559 4356  nvstor - ok
18:57:18.0604 4356  [ 06633CF95BEA62164C3BFCA24BCE6B11 ] nvsvc           C:\Windows\system32\nvvsvc.exe
18:57:18.0612 4356  nvsvc - ok
18:57:18.0682 4356  [ 53B629CE436B110C5689C2F6439E567B ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
18:57:18.0721 4356  nvUpdatusService - ok
18:57:18.0756 4356  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\DRIVERS\nv_agp.sys
18:57:18.0796 4356  nv_agp - ok
18:57:18.0822 4356  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
18:57:18.0824 4356  ohci1394 - ok
18:57:18.0876 4356  [ 4965B005492CBA7719E82B71E3245495 ] ose64           C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:57:18.0878 4356  ose64 - ok
18:57:18.0993 4356  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
18:57:19.0071 4356  osppsvc - ok
18:57:19.0106 4356  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
18:57:19.0110 4356  p2pimsvc - ok
18:57:19.0123 4356  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
18:57:19.0129 4356  p2psvc - ok
18:57:19.0142 4356  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
18:57:19.0144 4356  Parport - ok
18:57:19.0170 4356  [ 7DAA117143316C4A1537E074A5A9EAF0 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
18:57:19.0172 4356  partmgr - ok
18:57:19.0184 4356  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
18:57:19.0187 4356  PcaSvc - ok
18:57:19.0203 4356  [ F36F6504009F2FB0DFD1B17A116AD74B ] pci             C:\Windows\system32\DRIVERS\pci.sys
18:57:19.0205 4356  pci - ok
18:57:19.0212 4356  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\DRIVERS\pciide.sys
18:57:19.0214 4356  pciide - ok
18:57:19.0236 4356  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
18:57:19.0239 4356  pcmcia - ok
18:57:19.0251 4356  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
18:57:19.0252 4356  pcw - ok
18:57:19.0280 4356  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
18:57:19.0286 4356  PEAUTH - ok
18:57:19.0356 4356  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
18:57:19.0357 4356  PerfHost - ok
18:57:19.0392 4356  [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla             C:\Windows\system32\pla.dll
18:57:19.0418 4356  pla - ok
18:57:19.0435 4356  [ 23157D583244400E1D7FBAEE2E4B31B7 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
18:57:19.0440 4356  PlugPlay - ok
18:57:19.0469 4356  [ 71F62C51DFDFBC04C83C5C64B2B8058E ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
18:57:19.0472 4356  Pml Driver HPZ12 - ok
18:57:19.0481 4356  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
18:57:19.0484 4356  PNRPAutoReg - ok
18:57:19.0490 4356  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
18:57:19.0493 4356  PNRPsvc - ok
18:57:19.0521 4356  [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
18:57:19.0527 4356  PolicyAgent - ok
18:57:19.0545 4356  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
18:57:19.0548 4356  Power - ok
18:57:19.0570 4356  [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
18:57:19.0573 4356  PptpMiniport - ok
18:57:19.0584 4356  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
18:57:19.0586 4356  Processor - ok
18:57:19.0603 4356  [ F381975E1F4346DE875CB07339CE8D3A ] ProfSvc         C:\Windows\system32\profsvc.dll
18:57:19.0606 4356  ProfSvc - ok
18:57:19.0617 4356  [ 0793F40B9B8A1BDD266296409DBD91EA ] ProtectedStorage C:\Windows\system32\lsass.exe
18:57:19.0618 4356  ProtectedStorage - ok
18:57:19.0642 4356  [ EE992183BD8EAEFD9973F352E587A299 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
18:57:19.0644 4356  Psched - ok
18:57:19.0678 4356  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
18:57:19.0704 4356  ql2300 - ok
18:57:19.0721 4356  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
18:57:19.0723 4356  ql40xx - ok
18:57:19.0740 4356  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
18:57:19.0744 4356  QWAVE - ok
18:57:19.0755 4356  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
18:57:19.0756 4356  QWAVEdrv - ok
18:57:19.0806 4356  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
18:57:19.0807 4356  RasAcd - ok
18:57:19.0823 4356  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
18:57:19.0825 4356  RasAgileVpn - ok
18:57:19.0834 4356  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
18:57:19.0836 4356  RasAuto - ok
18:57:19.0850 4356  [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
18:57:19.0852 4356  Rasl2tp - ok
18:57:19.0878 4356  [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan          C:\Windows\System32\rasmans.dll
18:57:19.0883 4356  RasMan - ok
18:57:19.0892 4356  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
18:57:19.0893 4356  RasPppoe - ok
18:57:19.0902 4356  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
18:57:19.0903 4356  RasSstp - ok
18:57:19.0929 4356  [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
18:57:19.0932 4356  rdbss - ok
18:57:19.0963 4356  [ FA31B788AA0347FF0CC9E7935AE62E40 ] RDID1093        C:\Windows\system32\Drivers\rdwm1093.sys
18:57:19.0965 4356  RDID1093 - ok
18:57:19.0981 4356  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
18:57:19.0982 4356  rdpbus - ok
18:57:19.0993 4356  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
18:57:19.0994 4356  RDPCDD - ok
18:57:20.0007 4356  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
18:57:20.0008 4356  RDPENCDD - ok
18:57:20.0020 4356  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
18:57:20.0021 4356  RDPREFMP - ok
18:57:20.0034 4356  [ 8A3E6BEA1C53EA6177FE2B6EBA2C80D7 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
18:57:20.0036 4356  RDPWD - ok
18:57:20.0050 4356  [ 634B9A2181D98F15941236886164EC8B ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
18:57:20.0053 4356  rdyboost - ok
18:57:20.0078 4356  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
18:57:20.0081 4356  RemoteAccess - ok
18:57:20.0090 4356  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
18:57:20.0093 4356  RemoteRegistry - ok
18:57:20.0113 4356  [ A780D3EAA74582EA1DEB6BD9C7A3D9C9 ] rpcapd          C:\Program Files (x86)\WinPcap\rpcapd.exe
18:57:20.0115 4356  rpcapd - ok
18:57:20.0135 4356  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
18:57:20.0138 4356  RpcEptMapper - ok
18:57:20.0157 4356  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
18:57:20.0159 4356  RpcLocator - ok
18:57:20.0190 4356  [ 7266972E86890E2B30C0C322E906B027 ] RpcSs           C:\Windows\system32\rpcss.dll
18:57:20.0194 4356  RpcSs - ok
18:57:20.0209 4356  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
18:57:20.0211 4356  rspndr - ok
18:57:20.0241 4356  [ B49DC435AE3695BAC5623DD94B05732D ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
18:57:20.0244 4356  RTL8167 - ok
18:57:20.0258 4356  [ 0793F40B9B8A1BDD266296409DBD91EA ] SamSs           C:\Windows\system32\lsass.exe
18:57:20.0259 4356  SamSs - ok
18:57:20.0277 4356  [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port        C:\Windows\system32\DRIVERS\sbp2port.sys
18:57:20.0279 4356  sbp2port - ok
18:57:20.0292 4356  SBRE - ok
18:57:20.0307 4356  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
18:57:20.0310 4356  SCardSvr - ok
18:57:20.0350 4356  [ 6CE6F98EA3D07A9C2CE3CD0A5A86352D ] SCDEmu          C:\Windows\system32\drivers\SCDEmu.sys
18:57:20.0353 4356  SCDEmu - ok
18:57:20.0359 4356  [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
18:57:20.0361 4356  scfilter - ok
18:57:20.0385 4356  [ EC56B171F85C7E855E7B0588AC503EEA ] Schedule        C:\Windows\system32\schedsvc.dll
18:57:20.0411 4356  Schedule - ok
18:57:20.0432 4356  [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc     C:\Windows\System32\certprop.dll
18:57:20.0433 4356  SCPolicySvc - ok
18:57:20.0446 4356  [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
18:57:20.0449 4356  SDRSVC - ok
18:57:20.0491 4356  [ D358E077A0A05D9B12DA22D137EE8464 ] SeaPort         C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
18:57:20.0494 4356  SeaPort - ok
18:57:20.0506 4356  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
18:57:20.0507 4356  secdrv - ok
18:57:20.0520 4356  [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon        C:\Windows\system32\seclogon.dll
18:57:20.0522 4356  seclogon - ok
18:57:20.0535 4356  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
18:57:20.0537 4356  SENS - ok
18:57:20.0543 4356  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
18:57:20.0545 4356  SensrSvc - ok
18:57:20.0561 4356  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
18:57:20.0563 4356  Serenum - ok
18:57:20.0576 4356  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
18:57:20.0577 4356  Serial - ok
18:57:20.0585 4356  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
18:57:20.0586 4356  sermouse - ok
18:57:20.0608 4356  [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv      C:\Windows\system32\sessenv.dll
18:57:20.0611 4356  SessionEnv - ok
18:57:20.0622 4356  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\DRIVERS\sffdisk.sys
18:57:20.0623 4356  sffdisk - ok
18:57:20.0637 4356  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\DRIVERS\sffp_mmc.sys
18:57:20.0638 4356  sffp_mmc - ok
18:57:20.0649 4356  [ 178298F767FE638C9FEDCBDEF58BB5E4 ] sffp_sd         C:\Windows\system32\DRIVERS\sffp_sd.sys
18:57:20.0650 4356  sffp_sd - ok
18:57:20.0658 4356  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
18:57:20.0659 4356  sfloppy - ok
18:57:20.0681 4356  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
18:57:20.0686 4356  SharedAccess - ok
18:57:20.0699 4356  [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:57:20.0704 4356  ShellHWDetection - ok
18:57:20.0723 4356  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:57:20.0725 4356  SiSRaid2 - ok
18:57:20.0743 4356  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
18:57:20.0745 4356  SiSRaid4 - ok
18:57:20.0767 4356  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
18:57:20.0769 4356  Smb - ok
18:57:20.0783 4356  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
18:57:20.0784 4356  SNMPTRAP - ok
18:57:20.0804 4356  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
18:57:20.0805 4356  spldr - ok
18:57:20.0821 4356  [ 89E8550C5862999FCF482EA562B0E98E ] Spooler         C:\Windows\System32\spoolsv.exe
18:57:20.0827 4356  Spooler - ok
18:57:20.0884 4356  [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc          C:\Windows\system32\sppsvc.exe
18:57:20.0935 4356  sppsvc - ok
18:57:20.0945 4356  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
18:57:20.0948 4356  sppuinotify - ok
18:57:20.0966 4356  [ 37C3ABC2338010E110D2A6A3930F3149 ] srv             C:\Windows\system32\DRIVERS\srv.sys
18:57:20.0971 4356  srv - ok
18:57:20.0986 4356  [ F773D2ED090B7BAA1C1A034F3CA476C8 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
18:57:20.0991 4356  srv2 - ok
18:57:21.0007 4356  [ CCE32BB223E9FF55D241099A858FA889 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
18:57:21.0009 4356  srvnet - ok
18:57:21.0029 4356  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
18:57:21.0033 4356  SSDPSRV - ok
18:57:21.0047 4356  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
18:57:21.0050 4356  SstpSvc - ok
18:57:21.0142 4356  [ C354621B6B94E10AE7F5CDBE745FEB86 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
18:57:21.0146 4356  Stereo Service - ok
18:57:21.0158 4356  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
18:57:21.0160 4356  stexstor - ok
18:57:21.0199 4356  [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc          C:\Windows\System32\wiaservc.dll
18:57:21.0206 4356  stisvc - ok
18:57:21.0216 4356  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
18:57:21.0218 4356  swenum - ok
18:57:21.0235 4356  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
18:57:21.0242 4356  swprv - ok
18:57:21.0281 4356  [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain         C:\Windows\system32\sysmain.dll
18:57:21.0316 4356  SysMain - ok
18:57:21.0340 4356  [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:57:21.0343 4356  TabletInputService - ok
18:57:21.0372 4356  [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv         C:\Windows\System32\tapisrv.dll
18:57:21.0376 4356  TapiSrv - ok
18:57:21.0387 4356  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
18:57:21.0390 4356  TBS - ok
18:57:21.0427 4356  [ 912107716BAB424C7870E8E6AF5E07E1 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
18:57:21.0461 4356  Tcpip - ok
18:57:21.0502 4356  [ 912107716BAB424C7870E8E6AF5E07E1 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
18:57:21.0511 4356  TCPIP6 - ok
18:57:21.0526 4356  [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
18:57:21.0527 4356  tcpipreg - ok
18:57:21.0542 4356  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
18:57:21.0543 4356  TDPIPE - ok
18:57:21.0564 4356  [ E4245BDA3190A582D55ED09E137401A9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
18:57:21.0565 4356  TDTCP - ok
18:57:21.0583 4356  [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
18:57:21.0585 4356  tdx - ok
18:57:21.0595 4356  [ C448651339196C0E869A355171875522 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
18:57:21.0597 4356  TermDD - ok
18:57:21.0621 4356  [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService     C:\Windows\System32\termsrv.dll
18:57:21.0629 4356  TermService - ok
18:57:21.0639 4356  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
18:57:21.0642 4356  Themes - ok
18:57:21.0651 4356  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
18:57:21.0652 4356  THREADORDER - ok
18:57:21.0663 4356  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
18:57:21.0666 4356  TrkWks - ok
18:57:21.0702 4356  [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:57:21.0704 4356  TrustedInstaller - ok
18:57:21.0716 4356  [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
18:57:21.0718 4356  tssecsrv - ok
18:57:21.0743 4356  [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
18:57:21.0745 4356  tunnel - ok
18:57:21.0764 4356  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
18:57:21.0765 4356  uagp35 - ok
18:57:21.0830 4356  [ D47BAEAD86C65D4F4069D7CE0A4EDCEB ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
18:57:21.0834 4356  udfs - ok
18:57:21.0851 4356  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
18:57:21.0853 4356  UI0Detect - ok
18:57:21.0864 4356  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\DRIVERS\uliagpkx.sys
18:57:21.0866 4356  uliagpkx - ok
18:57:21.0881 4356  [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
18:57:21.0883 4356  umbus - ok
18:57:21.0896 4356  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
18:57:21.0897 4356  UmPass - ok
18:57:21.0915 4356  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
18:57:21.0920 4356  upnphost - ok
18:57:21.0949 4356  [ 43228F8EDD1B0BCDD3145AD246E63D39 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
18:57:21.0951 4356  USBAAPL64 - ok
18:57:21.0994 4356  [ 77B01BC848298223A95D4EC23E1785A1 ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
18:57:21.0996 4356  usbaudio - ok
18:57:22.0009 4356  [ B26AFB54A534D634523C4FB66765B026 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
18:57:22.0011 4356  usbccgp - ok
18:57:22.0038 4356  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\DRIVERS\usbcir.sys
18:57:22.0040 4356  usbcir - ok
18:57:22.0044 4356  [ DF9F9AFC9AAABD8ED47975D44E38169A ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
18:57:22.0046 4356  usbehci - ok
18:57:22.0075 4356  [ 2C780746DC44A28FE67004DC58173F05 ] usbfilter       C:\Windows\system32\DRIVERS\usbfilter.sys
18:57:22.0078 4356  usbfilter - ok
18:57:22.0085 4356  [ 372A91BC3C6603080A793880B0873785 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
18:57:22.0089 4356  usbhub - ok
18:57:22.0100 4356  [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
18:57:22.0101 4356  usbohci - ok
18:57:22.0113 4356  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
18:57:22.0114 4356  usbprint - ok
18:57:22.0130 4356  [ 080D3820DA6C046BE82FC8B45A893E83 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:57:22.0133 4356  USBSTOR - ok
18:57:22.0148 4356  [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
18:57:22.0149 4356  usbuhci - ok
18:57:22.0161 4356  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
18:57:22.0164 4356  UxSms - ok
18:57:22.0173 4356  [ 0793F40B9B8A1BDD266296409DBD91EA ] VaultSvc        C:\Windows\system32\lsass.exe
18:57:22.0174 4356  VaultSvc - ok
18:57:22.0184 4356  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\DRIVERS\vdrvroot.sys
18:57:22.0186 4356  vdrvroot - ok
18:57:22.0205 4356  [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds             C:\Windows\System32\vds.exe
18:57:22.0211 4356  vds - ok
18:57:22.0227 4356  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
18:57:22.0228 4356  vga - ok
18:57:22.0248 4356  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
18:57:22.0249 4356  VgaSave - ok
18:57:22.0270 4356  [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp           C:\Windows\system32\DRIVERS\vhdmp.sys
18:57:22.0273 4356  vhdmp - ok
18:57:22.0313 4356  [ DFDF7F9CAA50EE72A633EA4BBD65A557 ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
18:57:22.0338 4356  VIAHdAudAddService - ok
18:57:22.0348 4356  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\DRIVERS\viaide.sys
18:57:22.0350 4356  viaide - ok
18:57:22.0361 4356  [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr          C:\Windows\system32\DRIVERS\volmgr.sys
18:57:22.0362 4356  volmgr - ok
18:57:22.0381 4356  [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
18:57:22.0385 4356  volmgrx - ok
18:57:22.0398 4356  [ 58F82EED8CA24B461441F9C3E4F0BF5C ] volsnap         C:\Windows\system32\DRIVERS\volsnap.sys
18:57:22.0401 4356  volsnap - ok
18:57:22.0421 4356  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
18:57:22.0424 4356  vsmraid - ok
18:57:22.0463 4356  [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS             C:\Windows\system32\vssvc.exe
18:57:22.0489 4356  VSS - ok
18:57:22.0501 4356  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
18:57:22.0502 4356  vwifibus - ok
18:57:22.0517 4356  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
18:57:22.0518 4356  vwififlt - ok
18:57:22.0545 4356  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
18:57:22.0550 4356  W32Time - ok
18:57:22.0568 4356  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
18:57:22.0570 4356  WacomPen - ok
18:57:22.0595 4356  [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
18:57:22.0598 4356  WANARP - ok
18:57:22.0615 4356  [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
18:57:22.0616 4356  Wanarpv6 - ok
18:57:22.0648 4356  [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine        C:\Windows\system32\wbengine.exe
18:57:22.0674 4356  wbengine - ok
18:57:22.0683 4356  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
18:57:22.0687 4356  WbioSrvc - ok
18:57:22.0698 4356  [ 8321C2CA3B62B61B293CDA3451984468 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
18:57:22.0703 4356  wcncsvc - ok
18:57:22.0710 4356  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:57:22.0713 4356  WcsPlugInService - ok
18:57:22.0724 4356  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
18:57:22.0725 4356  Wd - ok
18:57:22.0748 4356  [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
18:57:22.0755 4356  Wdf01000 - ok
18:57:22.0768 4356  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
18:57:22.0771 4356  WdiServiceHost - ok
18:57:22.0774 4356  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
18:57:22.0776 4356  WdiSystemHost - ok
18:57:22.0795 4356  [ 8A438CBB8C032A0C798B0C642FFBE572 ] WebClient       C:\Windows\System32\webclnt.dll
18:57:22.0799 4356  WebClient - ok
18:57:22.0809 4356  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
18:57:22.0813 4356  Wecsvc - ok
18:57:22.0824 4356  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
18:57:22.0827 4356  wercplsupport - ok
18:57:22.0841 4356  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
18:57:22.0844 4356  WerSvc - ok
18:57:22.0851 4356  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
18:57:22.0852 4356  WfpLwf - ok
18:57:22.0866 4356  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
18:57:22.0867 4356  WIMMount - ok
18:57:22.0872 4356  WinHttpAutoProxySvc - ok
18:57:22.0919 4356  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
18:57:22.0922 4356  Winmgmt - ok
18:57:22.0971 4356  [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM           C:\Windows\system32\WsmSvc.dll
18:57:23.0006 4356  WinRM - ok
18:57:23.0028 4356  [ 817EAFF5D38674EDD7713B9DFB8E9791 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
18:57:23.0030 4356  WinUsb - ok
18:57:23.0055 4356  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
18:57:23.0065 4356  Wlansvc - ok
18:57:23.0077 4356  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
18:57:23.0078 4356  WmiAcpi - ok
18:57:23.0108 4356  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
18:57:23.0110 4356  wmiApSrv - ok
18:57:23.0128 4356  WMPNetworkSvc - ok
18:57:23.0138 4356  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
18:57:23.0140 4356  WPCSvc - ok
18:57:23.0153 4356  [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
18:57:23.0156 4356  WPDBusEnum - ok
18:57:23.0169 4356  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
18:57:23.0170 4356  ws2ifsl - ok
18:57:23.0173 4356  WSearch - ok
18:57:23.0222 4356  [ 38340204A2D0228F1E87740FC5E554A7 ] wuauserv        C:\Windows\system32\wuaueng.dll
18:57:23.0265 4356  wuauserv - ok
18:57:23.0280 4356  [ 7CADC74271DD6461C452C271B30BD378 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
18:57:23.0283 4356  WudfPf - ok
18:57:23.0295 4356  [ 3B197AF0FFF08AA66B6B2241CA538D64 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
18:57:23.0298 4356  WUDFRd - ok
18:57:23.0309 4356  [ B551D6637AA0E132C18AC6E504F7B79B ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
18:57:23.0312 4356  wudfsvc - ok
18:57:23.0325 4356  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
18:57:23.0329 4356  WwanSvc - ok
18:57:23.0382 4356  [ 4A5CE13408945E525503B5F73D29B9C5 ] xnacc           C:\Windows\system32\DRIVERS\xnacc.sys
18:57:23.0389 4356  xnacc - ok
18:57:23.0392 4356  ================ Scan global ===============================
18:57:23.0421 4356  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
18:57:23.0444 4356  [ 457B44AB6D502E55F64A867D4F35C76C ] C:\Windows\system32\winsrv.dll
18:57:23.0452 4356  [ 457B44AB6D502E55F64A867D4F35C76C ] C:\Windows\system32\winsrv.dll
18:57:23.0462 4356  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
18:57:23.0472 4356  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
18:57:23.0478 4356  [Global] - ok
18:57:23.0479 4356  ================ Scan MBR ==================================
18:57:23.0488 4356  [ 4976D4A7A40B83FC7F06EE4BDD84EB9B ] \Device\Harddisk0\DR0
18:57:23.0771 4356  \Device\Harddisk0\DR0 - ok
18:57:23.0771 4356  ================ Scan VBR ==================================
18:57:23.0773 4356  [ 9B2E1920182B288237B59CD0538EE170 ] \Device\Harddisk0\DR0\Partition1
18:57:23.0775 4356  \Device\Harddisk0\DR0\Partition1 - ok
18:57:23.0775 4356  ================ Scan active images ========================
18:57:23.0777 4356  [ 02062C0B390B7729EDC9E69C680A6F3C ] C:\Windows\System32\drivers\atapi.sys
18:57:23.0777 4356  C:\Windows\System32\drivers\atapi.sys - ok
18:57:23.0782 4356  [ 3E588B60EC061686BA05D33574A344C6 ] C:\Windows\System32\drivers\crashdmp.sys
18:57:23.0782 4356  C:\Windows\System32\drivers\crashdmp.sys - ok
18:57:23.0786 4356  [ 839B5FE3D48E9F35B22C21A3D5103F6C ] C:\Windows\System32\drivers\Dumpata.sys
18:57:23.0786 4356  C:\Windows\System32\drivers\Dumpata.sys - ok
18:57:23.0791 4356  [ 814DB88F2641691575A455CF25354098 ] C:\Windows\System32\drivers\dumpfve.sys
18:57:23.0791 4356  C:\Windows\System32\drivers\dumpfve.sys - ok
18:57:23.0796 4356  [ 16A47CE2DECC9B099349A5F840654746 ] C:\Windows\System32\drivers\beep.sys
18:57:23.0796 4356  C:\Windows\System32\drivers\beep.sys - ok
18:57:23.0800 4356  [ 83D2D75E1EFB81B3450C18131443F7DB ] C:\Windows\System32\drivers\cdrom.sys
18:57:23.0800 4356  C:\Windows\System32\drivers\cdrom.sys - ok
18:57:23.0804 4356  [ 9899284589F75FA8724FF3D16AED75C1 ] C:\Windows\System32\drivers\null.sys
18:57:23.0804 4356  C:\Windows\System32\drivers\null.sys - ok
18:57:23.0808 4356  [ CEA6CC257FC9B7715F1C2B4849286D24 ] C:\Windows\System32\drivers\RDPCDD.sys
18:57:23.0808 4356  C:\Windows\System32\drivers\RDPCDD.sys - ok
18:57:23.0813 4356  [ BB5971A4F00659529A5C44831AF22365 ] C:\Windows\System32\drivers\RDPENCDD.sys
18:57:23.0813 4356  C:\Windows\System32\drivers\RDPENCDD.sys - ok
18:57:23.0817 4356  [ 53E92A310193CB3C03BEA963DE7D9CFC ] C:\Windows\System32\drivers\vga.sys
18:57:23.0817 4356  C:\Windows\System32\drivers\vga.sys - ok
18:57:23.0821 4356  [ E7353D59C9842BC7299FAEB7E7E09340 ] C:\Windows\System32\drivers\videoprt.sys
18:57:23.0822 4356  C:\Windows\System32\drivers\videoprt.sys - ok
18:57:23.0826 4356  [ FC438D1430B28618E2D0C7C332A710AD ] C:\Windows\System32\drivers\watchdog.sys
18:57:23.0826 4356  C:\Windows\System32\drivers\watchdog.sys - ok
18:57:23.0830 4356  [ 193691B35598642A328D880483DC0ED9 ] C:\Windows\System32\drivers\aswTdi.sys
18:57:23.0830 4356  C:\Windows\System32\drivers\aswTdi.sys - ok
18:57:23.0835 4356  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] C:\Windows\System32\drivers\msfs.sys
18:57:23.0835 4356  C:\Windows\System32\drivers\msfs.sys - ok
18:57:23.0837 4356  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] C:\Windows\System32\drivers\npfs.sys
18:57:23.0837 4356  C:\Windows\System32\drivers\npfs.sys - ok
18:57:23.0842 4356  [ 216F3FA57533D98E1F74DED70113177A ] C:\Windows\System32\drivers\RDPREFMP.sys
18:57:23.0842 4356  C:\Windows\System32\drivers\RDPREFMP.sys - ok
18:57:23.0846 4356  [ 0CA6FE26ACC7FFEE1BD0463F40835F32 ] C:\Windows\System32\drivers\tdi.sys
18:57:23.0846 4356  C:\Windows\System32\drivers\tdi.sys - ok
18:57:23.0850 4356  [ 079125C4B17B01FCAEEBCE0BCB290C0F ] C:\Windows\System32\drivers\tdx.sys
18:57:23.0850 4356  C:\Windows\System32\drivers\tdx.sys - ok
18:57:23.0855 4356  [ B9384E03479D2506BC924C16A3DB87BC ] C:\Windows\System32\drivers\afd.sys
18:57:23.0855 4356  C:\Windows\System32\drivers\afd.sys - ok
18:57:23.0859 4356  [ DEE012D532C3F62CA099961505F41CF6 ] C:\Windows\System32\drivers\aswRdr.sys
18:57:23.0859 4356  C:\Windows\System32\drivers\aswRdr.sys - ok
18:57:23.0864 4356  [ 9162B273A44AB9DCE5B44362731D062A ] C:\Windows\System32\drivers\netbt.sys
18:57:23.0864 4356  C:\Windows\System32\drivers\netbt.sys - ok
18:57:23.0868 4356  [ 611B23304BF067451A9FDEE01FBDD725 ] C:\Windows\System32\drivers\wfplwf.sys
18:57:23.0868 4356  C:\Windows\System32\drivers\wfplwf.sys - ok
18:57:23.0872 4356  [ EE992183BD8EAEFD9973F352E587A299 ] C:\Windows\System32\drivers\pacer.sys
18:57:23.0872 4356  C:\Windows\System32\drivers\pacer.sys - ok
18:57:23.0876 4356  [ 6A3D66263414FF0D6FA754C646612F3F ] C:\Windows\System32\drivers\vwififlt.sys
18:57:23.0876 4356  C:\Windows\System32\drivers\vwififlt.sys - ok
18:57:23.0881 4356  [ 86743D9F5D2B1048062B14B1D84501C4 ] C:\Windows\System32\drivers\netbios.sys
18:57:23.0882 4356  C:\Windows\System32\drivers\netbios.sys - ok
18:57:23.0886 4356  [ C448651339196C0E869A355171875522 ] C:\Windows\System32\drivers\termdd.sys
18:57:23.0886 4356  C:\Windows\System32\drivers\termdd.sys - ok
18:57:23.0890 4356  [ 47CA49400643EFFD3F1C9A27E1D69324 ] C:\Windows\System32\drivers\wanarp.sys
18:57:23.0890 4356  C:\Windows\System32\drivers\wanarp.sys - ok
18:57:23.0894 4356  [ 6CE6F98EA3D07A9C2CE3CD0A5A86352D ] C:\Windows\System32\drivers\scdemu.sys
18:57:23.0894 4356  C:\Windows\System32\drivers\scdemu.sys - ok
18:57:23.0899 4356  [ 3BAC8142102C15D59A87757C1D41DCE5 ] C:\Windows\System32\drivers\rdbss.sys
18:57:23.0899 4356  C:\Windows\System32\drivers\rdbss.sys - ok
18:57:23.0903 4356  [ E7F5AE18AF4168178A642A9247C63001 ] C:\Windows\System32\drivers\nsiproxy.sys
18:57:23.0903 4356  C:\Windows\System32\drivers\nsiproxy.sys - ok
18:57:23.0907 4356  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] C:\Windows\System32\drivers\mssmbios.sys
18:57:23.0907 4356  C:\Windows\System32\drivers\mssmbios.sys - ok
18:57:23.0913 4356  [ 13096B05847EC78F0977F2C0F79E9AB3 ] C:\Windows\System32\drivers\discache.sys
18:57:23.0913 4356  C:\Windows\System32\drivers\discache.sys - ok
18:57:23.0917 4356  [ 3F1DC527070ACB87E40AFE46EF6DA749 ] C:\Windows\System32\drivers\dfsc.sys
18:57:23.0917 4356  C:\Windows\System32\drivers\dfsc.sys - ok
18:57:23.0921 4356  [ 61583EE3C3A17003C4ACD0475646B4D3 ] C:\Windows\System32\drivers\blbdrive.sys
18:57:23.0921 4356  C:\Windows\System32\drivers\blbdrive.sys - ok
18:57:23.0925 4356  [ 56BBD39753B9F7461C4DE03C3217249D ] C:\Windows\System32\drivers\aswSP.sys
18:57:23.0925 4356  C:\Windows\System32\drivers\aswSP.sys - ok
18:57:23.0930 4356  [ A82C01606DC27D05D9D3BFB6BB807E32 ] C:\Windows\SysWOW64\drivers\AsIO.sys
18:57:23.0930 4356  C:\Windows\SysWOW64\drivers\AsIO.sys - ok
18:57:23.0934 4356  [ 26D66E32E78D3059715B3A17BC679CD9 ] C:\Windows\SysWOW64\drivers\AsUpIO.sys
18:57:23.0934 4356  C:\Windows\SysWOW64\drivers\AsUpIO.sys - ok
18:57:23.0939 4356  [ 3836171A2CDF3AF8EF10856DB9835A70 ] C:\Windows\System32\drivers\tunnel.sys
18:57:23.0939 4356  C:\Windows\System32\drivers\tunnel.sys - ok
18:57:23.0943 4356  [ 1E56388B3FE0D031C44144EB8C4D6217 ] C:\Windows\System32\drivers\amdppm.sys
18:57:23.0943 4356  C:\Windows\System32\drivers\amdppm.sys - ok
18:57:23.0948 4356  [ 26AA6DF4C9ADCE650FD87EAF8DA7601C ] C:\Windows\System32\ntdll.dll
18:57:23.0948 4356  C:\Windows\System32\ntdll.dll - ok
18:57:23.0952 4356  [ 1911A3356FA3F77CCC825CCBAC038C2A ] C:\Windows\System32\smss.exe
18:57:23.0952 4356  C:\Windows\System32\smss.exe - ok
18:57:23.0956 4356  [ 8B7F8E882A649D81CEA1EDE9BBB68FFF ] C:\Windows\System32\autochk.exe
18:57:23.0956 4356  C:\Windows\System32\autochk.exe - ok
18:57:23.0960 4356  [ BA0B4889C40380A01ECDF84C227A89C9 ] C:\Windows\System32\drivers\nvlddmkm.sys
18:57:23.0960 4356  C:\Windows\System32\drivers\nvlddmkm.sys - ok
18:57:23.0965 4356  [ 115BE147638F62321DFE754D3193099C ] C:\Windows\System32\drivers\nvBridge.kmd
18:57:23.0965 4356  C:\Windows\System32\drivers\nvBridge.kmd - ok
18:57:23.0969 4356  [ EBCE0B0924835F635F620D19F0529DCE ] C:\Windows\System32\drivers\dxgkrnl.sys
18:57:23.0969 4356  C:\Windows\System32\drivers\dxgkrnl.sys - ok
18:57:23.0974 4356  [ DDB7AD1BA01005521010DB3E30ADC972 ] C:\Windows\System32\drivers\dxgmms1.sys
18:57:23.0974 4356  C:\Windows\System32\drivers\dxgmms1.sys - ok
18:57:23.0978 4356  [ 0A49913402747A0B67DE940FB42CBDBB ] C:\Windows\System32\drivers\hdaudbus.sys
18:57:23.0978 4356  C:\Windows\System32\drivers\hdaudbus.sys - ok
18:57:23.0983 4356  [ B49DC435AE3695BAC5623DD94B05732D ] C:\Windows\System32\drivers\Rt64win7.sys
18:57:23.0983 4356  C:\Windows\System32\drivers\Rt64win7.sys - ok
18:57:23.0987 4356  [ 58E546BBAF87664FC57E0F6081E4F609 ] C:\Windows\System32\drivers\usbohci.sys
18:57:23.0987 4356  C:\Windows\System32\drivers\usbohci.sys - ok
18:57:23.0991 4356  [ A91291136D1E70966645252F6B828711 ] C:\Windows\System32\drivers\usbport.sys
18:57:23.0991 4356  C:\Windows\System32\drivers\usbport.sys - ok
18:57:23.0996 4356  [ 2C780746DC44A28FE67004DC58173F05 ] C:\Windows\System32\drivers\usbfilter.sys
18:57:23.0996 4356  C:\Windows\System32\drivers\usbfilter.sys - ok
18:57:24.0000 4356  [ 8E98D21EE06192492A5671A6144D092F ] C:\Windows\System32\drivers\GEARAspiWDM.sys
18:57:24.0000 4356  C:\Windows\System32\drivers\GEARAspiWDM.sys - ok
18:57:24.0005 4356  [ DF9F9AFC9AAABD8ED47975D44E38169A ] C:\Windows\System32\drivers\usbehci.sys
18:57:24.0005 4356  C:\Windows\System32\drivers\usbehci.sys - ok
18:57:24.0009 4356  [ 19B006B181E3875FD254F7B67ACF1E7C ] C:\Windows\System32\drivers\ASACPI.sys
18:57:24.0009 4356  C:\Windows\System32\drivers\ASACPI.sys - ok
18:57:24.0013 4356  [ 7ECFF9B22276B73F43A99A15A6094E90 ] C:\Windows\System32\drivers\agilevpn.sys
18:57:24.0013 4356  C:\Windows\System32\drivers\agilevpn.sys - ok
18:57:24.0018 4356  [ F26B3A86F6FA87CA360B879581AB4123 ] C:\Windows\System32\drivers\CompositeBus.sys
18:57:24.0018 4356  C:\Windows\System32\drivers\CompositeBus.sys - ok
18:57:24.0022 4356  [ 87A6E852A22991580D6D39ADC4790463 ] C:\Windows\System32\drivers\rasl2tp.sys
18:57:24.0022 4356  C:\Windows\System32\drivers\rasl2tp.sys - ok
18:57:24.0026 4356  [ F6FF8944478594D0E414D3F048F0D778 ] C:\Windows\System32\drivers\wmiacpi.sys
18:57:24.0026 4356  C:\Windows\System32\drivers\wmiacpi.sys - ok
18:57:24.0031 4356  [ 30639C932D9FEF22B31268FE25A1B6E5 ] C:\Windows\System32\drivers\ndistapi.sys
18:57:24.0031 4356  C:\Windows\System32\drivers\ndistapi.sys - ok
18:57:24.0035 4356  [ 557DFAB9CA1FCB036AC77564C010DAD3 ] C:\Windows\System32\drivers\ndiswan.sys
18:57:24.0035 4356  C:\Windows\System32\drivers\ndiswan.sys - ok
18:57:24.0039 4356  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] C:\Windows\System32\drivers\raspppoe.sys
18:57:24.0040 4356  C:\Windows\System32\drivers\raspppoe.sys - ok
18:57:24.0044 4356  [ 27CC19E81BA5E3403C48302127BDA717 ] C:\Windows\System32\drivers\raspptp.sys
18:57:24.0044 4356  C:\Windows\System32\drivers\raspptp.sys - ok
18:57:24.0048 4356  [ E8B1E447B008D07FF47D016C2B0EEECB ] C:\Windows\System32\drivers\rassstp.sys
18:57:24.0048 4356  C:\Windows\System32\drivers\rassstp.sys - ok
18:57:24.0053 4356  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] C:\Windows\System32\drivers\kbdclass.sys
18:57:24.0053 4356  C:\Windows\System32\drivers\kbdclass.sys - ok
18:57:24.0057 4356  [ 7D27EA49F3C1F687D357E77A470AEA99 ] C:\Windows\System32\drivers\mouclass.sys
18:57:24.0057 4356  C:\Windows\System32\drivers\mouclass.sys - ok
18:57:24.0061 4356  [ 79D51E7F5926E8CE1B3EBECEBAE28CFF ] C:\Windows\System32\drivers\mcdbus.sys
18:57:24.0061 4356  C:\Windows\System32\drivers\mcdbus.sys - ok
18:57:24.0066 4356  [ AD3A6838A059D65FB55D2F61CF0A6C1F ] C:\Windows\System32\drivers\scsiport.sys
18:57:24.0067 4356  C:\Windows\System32\drivers\scsiport.sys - ok
18:57:24.0071 4356  [ 3E099CC843C4233E5AF147C8EA8BA32B ] C:\Windows\System32\drivers\ks.sys
18:57:24.0071 4356  C:\Windows\System32\drivers\ks.sys - ok
18:57:24.0075 4356  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] C:\Windows\System32\drivers\swenum.sys
18:57:24.0075 4356  C:\Windows\System32\drivers\swenum.sys - ok
18:57:24.0080 4356  [ 6A2EEB0C4133B20773BB3DD0B7B377B4 ] C:\Windows\System32\drivers\amdiox64.sys
18:57:24.0080 4356  C:\Windows\System32\drivers\amdiox64.sys - ok
18:57:24.0084 4356  [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] C:\Windows\System32\drivers\umbus.sys
18:57:24.0084 4356  C:\Windows\System32\drivers\umbus.sys - ok
18:57:24.0088 4356  [ 372A91BC3C6603080A793880B0873785 ] C:\Windows\System32\drivers\usbhub.sys
18:57:24.0088 4356  C:\Windows\System32\drivers\usbhub.sys - ok
18:57:24.0091 4356  [ 6DF46D2BD74E3DA1B45F08F10D172732 ] C:\Windows\System32\advapi32.dll
18:57:24.0091 4356  C:\Windows\System32\advapi32.dll - ok
18:57:24.0095 4356  [ D202223587518B13D72D68937B7E3F70 ] C:\Windows\System32\lpk.dll
18:57:24.0095 4356  C:\Windows\System32\lpk.dll - ok
18:57:24.0099 4356  [ 7319BB10FA1F86E49E3DCF4136F6C957 ] C:\Windows\System32\msvcrt.dll
18:57:24.0099 4356  C:\Windows\System32\msvcrt.dll - ok
18:57:24.0103 4356  [ 044FE45FFD6AD40E3BBBE60B7F41BABE ] C:\Windows\System32\nsi.dll
18:57:24.0104 4356  C:\Windows\System32\nsi.dll - ok
18:57:24.0108 4356  [ 83404DCBCE4925B6A5A77C5170F46D86 ] C:\Windows\System32\sechost.dll
18:57:24.0108 4356  C:\Windows\System32\sechost.dll - ok
18:57:24.0112 4356  [ 659B74FB74B86228D6338D643CD3E3CF ] C:\Windows\System32\drivers\ndproxy.sys
18:57:24.0112 4356  C:\Windows\System32\drivers\ndproxy.sys - ok
18:57:24.0117 4356  [ 72D7B3EA16946E8F0CF7458150031CC6 ] C:\Windows\System32\user32.dll
18:57:24.0117 4356  C:\Windows\System32\user32.dll - ok
18:57:24.0121 4356  [ 39570395292A4702FDE94C345DF0C39E ] C:\Windows\System32\iertutil.dll
18:57:24.0121 4356  C:\Windows\System32\iertutil.dll - ok
18:57:24.0125 4356  [ C431EAF5CAA1C82CAC2534A2EAB348A3 ] C:\Windows\System32\msctf.dll
18:57:24.0125 4356  C:\Windows\System32\msctf.dll - ok
18:57:24.0129 4356  [ 7083F463788CB34FCC42F565D56F89E8 ] C:\Windows\System32\ws2_32.dll
18:57:24.0129 4356  C:\Windows\System32\ws2_32.dll - ok
18:57:24.0133 4356  [ 4E0E44728E34C504F16275FE0398A579 ] C:\Windows\System32\shell32.dll
18:57:24.0134 4356  C:\Windows\System32\shell32.dll - ok
18:57:24.0138 4356  [ E1B1255D3A4B3367FE4E9C71E62E3B5A ] C:\Windows\System32\gdi32.dll
18:57:24.0138 4356  C:\Windows\System32\gdi32.dll - ok
18:57:24.0142 4356  [ CE40A889CB71A292E2947DBC630F47DF ] C:\Windows\System32\wininet.dll
18:57:24.0142 4356  C:\Windows\System32\wininet.dll - ok
18:57:24.0146 4356  [ 25983DE69B57142039AC8D95E71CD9C9 ] C:\Windows\System32\clbcatq.dll
18:57:24.0146 4356  C:\Windows\System32\clbcatq.dll - ok
18:57:24.0151 4356  [ 6A4EA4C29FBF78112AE20013FB71E9C1 ] C:\Windows\System32\setupapi.dll
18:57:24.0151 4356  C:\Windows\System32\setupapi.dll - ok
18:57:24.0155 4356  [ C1553DED3B6FDE5056E939123ACCF1FD ] C:\Windows\System32\urlmon.dll
18:57:24.0155 4356  C:\Windows\System32\urlmon.dll - ok
18:57:24.0159 4356  [ 2EC1645863B2C0598227D99C13E231DB ] C:\Windows\System32\oleaut32.dll
18:57:24.0159 4356  C:\Windows\System32\oleaut32.dll - ok
18:57:24.0164 4356  [ 4B25DDE615AC2CABAB73169CA7DA96E6 ] C:\Windows\System32\ole32.dll
18:57:24.0164 4356  C:\Windows\System32\ole32.dll - ok
18:57:24.0168 4356  [ 48C903068B6BDAB5EF650B9CBEE85295 ] C:\Windows\System32\rpcrt4.dll
18:57:24.0168 4356  C:\Windows\System32\rpcrt4.dll - ok
18:57:24.0172 4356  [ F7CE0C81C545364020ED8203CF0A633E ] C:\Windows\System32\difxapi.dll
18:57:24.0172 4356  C:\Windows\System32\difxapi.dll - ok
18:57:24.0176 4356  [ F94B8644F3AFE040EC6E1B6FBC9EFAA9 ] C:\Windows\System32\comdlg32.dll
18:57:24.0177 4356  C:\Windows\System32\comdlg32.dll - ok
18:57:24.0181 4356  [ 5B4B379AD10DEDA4EDA01B8C6961B193 ] C:\Windows\System32\kernel32.dll
18:57:24.0181 4356  C:\Windows\System32\kernel32.dll - ok
18:57:24.0185 4356  [ AA2C08CE85653B1A0D2E4AB407FA176C ] C:\Windows\System32\imm32.dll
18:57:24.0185 4356  C:\Windows\System32\imm32.dll - ok
18:57:24.0190 4356  [ A655878D5E5F1D14B006313CBB58A041 ] C:\Windows\System32\imagehlp.dll
18:57:24.0190 4356  C:\Windows\System32\imagehlp.dll - ok
18:57:24.0194 4356  [ D87E1E59C73C1F98D5DED5B3850C40F5 ] C:\Windows\System32\psapi.dll
18:57:24.0194 4356  C:\Windows\System32\psapi.dll - ok
18:57:24.0198 4356  [ 5F2BDCA5FA0F20A6F452CF0EE2A2B18C ] C:\Windows\System32\usp10.dll
18:57:24.0198 4356  C:\Windows\System32\usp10.dll - ok
18:57:24.0203 4356  [ E5CBF5F8623BBD1DB7B8148A66F6EBA4 ] C:\Windows\System32\Wldap32.dll
18:57:24.0203 4356  C:\Windows\System32\Wldap32.dll - ok
18:57:24.0207 4356  [ 28C0B5024F5C5A438E78B188CFC81B7F ] C:\Windows\System32\normaliz.dll
18:57:24.0207 4356  C:\Windows\System32\normaliz.dll - ok
18:57:24.0211 4356  [ 15BDC173EB5FA4F92B67D9FFB269A6EA ] C:\Windows\System32\shlwapi.dll
18:57:24.0211 4356  C:\Windows\System32\shlwapi.dll - ok
18:57:24.0215 4356  [ 7E8AB50AB7F2F81F30DCC8A98025B73A ] C:\Windows\System32\comctl32.dll
18:57:24.0216 4356  C:\Windows\System32\comctl32.dll - ok
18:57:24.0220 4356  [ 06FEC9E8117103BB1141A560E98077DA ] C:\Windows\System32\devobj.dll
18:57:24.0220 4356  C:\Windows\System32\devobj.dll - ok
18:57:24.0224 4356  [ 5229D844C3625A988D15192428097B70 ] C:\Windows\System32\wintrust.dll
18:57:24.0224 4356  C:\Windows\System32\wintrust.dll - ok
18:57:24.0229 4356  [ 15B740D94BAD25467A297E75124D7EE2 ] C:\Windows\System32\crypt32.dll
18:57:24.0229 4356  C:\Windows\System32\crypt32.dll - ok
18:57:24.0233 4356  [ D05E03C1B2824236531F5E37334B6A8A ] C:\Windows\System32\cfgmgr32.dll
18:57:24.0233 4356  C:\Windows\System32\cfgmgr32.dll - ok
18:57:24.0237 4356  [ D1598B80C58017A7DCABCF7F0787289D ] C:\Windows\System32\KernelBase.dll
18:57:24.0237 4356  C:\Windows\System32\KernelBase.dll - ok
18:57:24.0241 4356  [ 98FB7DD3B28A92E3C0E5B4BD9D63EF01 ] C:\Windows\System32\msasn1.dll
18:57:24.0241 4356  C:\Windows\System32\msasn1.dll - ok
18:57:24.0246 4356  [ 21D26064AEDB4988F785BB4A3A2C051E ] C:\Windows\System32\drivers\drmk.sys
18:57:24.0246 4356  C:\Windows\System32\drivers\drmk.sys - ok
18:57:24.0250 4356  [ 6869281E78CB31A43E969F06B57347C4 ] C:\Windows\System32\drivers\ksthunk.sys
18:57:24.0250 4356  C:\Windows\System32\drivers\ksthunk.sys - ok
18:57:24.0255 4356  [ 102806B360D0E6BC6E55BF47EF655D43 ] C:\Windows\System32\drivers\nvhda64v.sys
18:57:24.0255 4356  C:\Windows\System32\drivers\nvhda64v.sys - ok
18:57:24.0259 4356  [ 32E11315B5126921FFD9074840EF13D3 ] C:\Windows\System32\drivers\portcls.sys
18:57:24.0259 4356  C:\Windows\System32\drivers\portcls.sys - ok
18:57:24.0264 4356  [ DFDF7F9CAA50EE72A633EA4BBD65A557 ] C:\Windows\System32\drivers\viahduaa.sys
18:57:24.0264 4356  C:\Windows\System32\drivers\viahduaa.sys - ok
18:57:24.0268 4356  [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\SysWOW64\normaliz.dll
18:57:24.0268 4356  C:\Windows\SysWOW64\normaliz.dll - ok
18:57:24.0272 4356  [ BF24D6F2ED97FE830BFD52B246F98E67 ] C:\Windows\System32\drivers\dxapi.sys
18:57:24.0272 4356  C:\Windows\System32\drivers\dxapi.sys - ok
18:57:24.0276 4356  [ 718F3491CF541569956BAA4C6E7B351E ] C:\Windows\System32\win32k.sys
18:57:24.0276 4356  C:\Windows\System32\win32k.sys - ok
18:57:24.0281 4356  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\System32\basesrv.dll
18:57:24.0282 4356  C:\Windows\System32\basesrv.dll - ok
18:57:24.0286 4356  [ 0D7598360DF6C8637E6D678C20B5C47C ] C:\Windows\System32\csrsrv.dll
18:57:24.0286 4356  C:\Windows\System32\csrsrv.dll - ok
18:57:24.0290 4356  [ 60C2862B4BF0FD9F582EF344C2B1EC72 ] C:\Windows\System32\csrss.exe
18:57:24.0290 4356  C:\Windows\System32\csrss.exe - ok
18:57:24.0294 4356  [ 457B44AB6D502E55F64A867D4F35C76C ] C:\Windows\System32\winsrv.dll
18:57:24.0294 4356  C:\Windows\System32\winsrv.dll - ok
18:57:24.0299 4356  [ 63C8D74BED9F80F4DD0AA7A3101EB639 ] C:\Windows\System32\drivers\usbd.sys
18:57:24.0299 4356  C:\Windows\System32\drivers\usbd.sys - ok
18:57:24.0303 4356  [ 080D3820DA6C046BE82FC8B45A893E83 ] C:\Windows\System32\drivers\USBSTOR.SYS
18:57:24.0303 4356  C:\Windows\System32\drivers\USBSTOR.SYS - ok
18:57:24.0307 4356  [ B03D591DC7DA45ECE20B3B467E6AADAA ] C:\Windows\System32\drivers\monitor.sys
18:57:24.0307 4356  C:\Windows\System32\drivers\monitor.sys - ok
18:57:24.0311 4356  [ 685FEC2407FC121EB937CB658B3C0F35 ] C:\Windows\System32\drivers\hidclass.sys
18:57:24.0311 4356  C:\Windows\System32\drivers\hidclass.sys - ok
18:57:24.0316 4356  [ 49EE2E52E6CD03947DAD72F65367BE06 ] C:\Windows\System32\drivers\hidparse.sys
18:57:24.0316 4356  C:\Windows\System32\drivers\hidparse.sys - ok
18:57:24.0321 4356  [ B3BF6B5B50006DEF50B66306D99FCF6F ] C:\Windows\System32\drivers\hidusb.sys
18:57:24.0321 4356  C:\Windows\System32\drivers\hidusb.sys - ok
18:57:24.0325 4356  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] C:\Windows\System32\drivers\mouhid.sys
18:57:24.0325 4356  C:\Windows\System32\drivers\mouhid.sys - ok
18:57:24.0330 4356  [ B26AFB54A534D634523C4FB66765B026 ] C:\Windows\System32\drivers\usbccgp.sys
18:57:24.0330 4356  C:\Windows\System32\drivers\usbccgp.sys - ok
18:57:24.0334 4356  [ 77B01BC848298223A95D4EC23E1785A1 ] C:\Windows\System32\drivers\USBAUDIO.sys
18:57:24.0334 4356  C:\Windows\System32\drivers\USBAUDIO.sys - ok
18:57:24.0338 4356  [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] C:\Windows\System32\drivers\kbdhid.sys
18:57:24.0338 4356  C:\Windows\System32\drivers\kbdhid.sys - ok
18:57:24.0341 4356  [ F29FE765E1448EF371CFE05BFAC74ADB ] C:\Windows\System32\tsddd.dll
18:57:24.0341 4356  C:\Windows\System32\tsddd.dll - ok
18:57:24.0345 4356  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\System32\sxssrv.dll
18:57:24.0345 4356  C:\Windows\System32\sxssrv.dll - ok
18:57:24.0349 4356  [ B9A047D231D32FDF5AF2F281E4326A9D ] C:\Windows\System32\KBDUS.DLL
18:57:24.0349 4356  C:\Windows\System32\KBDUS.DLL - ok
18:57:24.0354 4356  [ 2C942733A5983DD4502219FF37C7EBC7 ] C:\Windows\System32\profapi.dll
18:57:24.0354 4356  C:\Windows\System32\profapi.dll - ok
18:57:24.0358 4356  [ F4389DA7DBDA2E7D292D360CF8E400C7 ] C:\Windows\System32\RpcRtRemote.dll
18:57:24.0358 4356  C:\Windows\System32\RpcRtRemote.dll - ok
18:57:24.0362 4356  [ 94355C28C1970635A31B3FE52EB7CEBA ] C:\Windows\System32\wininit.exe
18:57:24.0362 4356  C:\Windows\System32\wininit.exe - ok
18:57:24.0367 4356  [ D47BAEAD86C65D4F4069D7CE0A4EDCEB ] C:\Windows\System32\drivers\udfs.sys
18:57:24.0367 4356  C:\Windows\System32\drivers\udfs.sys - ok
18:57:24.0371 4356  [ A254871551843D801A3D7F6192BE75B2 ] C:\Windows\System32\cdd.dll
18:57:24.0371 4356  C:\Windows\System32\cdd.dll - ok
18:57:24.0375 4356  [ B26B1801356760841C3BC69F9F91537F ] C:\Windows\System32\WlS0WndH.dll
18:57:24.0375 4356  C:\Windows\System32\WlS0WndH.dll - ok
18:57:24.0380 4356  [ B8BD2BB284668C84865658C77574381A ] C:\Windows\System32\drivers\cdfs.sys
18:57:24.0380 4356  C:\Windows\System32\drivers\cdfs.sys - ok
18:57:24.0384 4356  [ 456C92A9D8DB51B9938A6234BBC65FC9 ] C:\Windows\System32\sxs.dll
18:57:24.0384 4356  C:\Windows\System32\sxs.dll - ok
18:57:24.0388 4356  [ 784FA3DF338E2E8F5F0389D6FAC428AF ] C:\Windows\System32\cryptbase.dll
18:57:24.0388 4356  C:\Windows\System32\cryptbase.dll - ok
18:57:24.0392 4356  [ 01A465AC251BCCF6037DF2EF28AA4292 ] C:\Windows\System32\apphelp.dll
18:57:24.0393 4356  C:\Windows\System32\apphelp.dll - ok
18:57:24.0397 4356  [ 0793F40B9B8A1BDD266296409DBD91EA ] C:\Windows\System32\lsass.exe
18:57:24.0397 4356  C:\Windows\System32\lsass.exe - ok
18:57:24.0401 4356  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\System32\services.exe
18:57:24.0401 4356  C:\Windows\System32\services.exe - ok
18:57:24.0405 4356  [ 2A0EA951A326C2E78AF86E2F9704327E ] C:\Windows\System32\sspicli.dll
18:57:24.0405 4356  C:\Windows\System32\sspicli.dll - ok
18:57:24.0409 4356  [ 18367866684A72C5188D50AC1174F1B7 ] C:\Windows\System32\sspisrv.dll
18:57:24.0409 4356  C:\Windows\System32\sspisrv.dll - ok
18:57:24.0414 4356  [ 04FCA22B77A2E37332CC8226187AF87B ] C:\Windows\System32\lsm.exe
18:57:24.0414 4356  C:\Windows\System32\lsm.exe - ok
18:57:24.0418 4356  [ E914A50A151DFFE63D3935226DB5E2C1 ] C:\Windows\System32\scext.dll
18:57:24.0418 4356  C:\Windows\System32\scext.dll - ok
18:57:24.0422 4356  [ 68083118797CAF30FB2EA3E71494D67E ] C:\Windows\System32\sysntfy.dll
18:57:24.0422 4356  C:\Windows\System32\sysntfy.dll - ok
18:57:24.0427 4356  [ DEE7267C5D232A3B816866872CE199E6 ] C:\Windows\System32\wmsgapi.dll
18:57:24.0427 4356  C:\Windows\System32\wmsgapi.dll - ok
18:57:24.0431 4356  [ 9F5225F41D5474A651384C088D9FF502 ] C:\Windows\System32\secur32.dll
18:57:24.0431 4356  C:\Windows\System32\secur32.dll - ok
18:57:24.0435 4356  [ 55F45DD65AF0536D23775439FFAF551F ] C:\Windows\System32\lsasrv.dll
18:57:24.0435 4356  C:\Windows\System32\lsasrv.dll - ok
18:57:24.0439 4356  [ 941AF3C8B0DE1B359BE22DD3288A8C8E ] C:\Windows\System32\scesrv.dll
18:57:24.0439 4356  C:\Windows\System32\scesrv.dll - ok
18:57:24.0444 4356  [ D23371AB9607651937C7641A38CD52BC ] C:\Windows\System32\srvcli.dll
18:57:24.0444 4356  C:\Windows\System32\srvcli.dll - ok
18:57:24.0448 4356  [ B160ADAEFC76031D92C4FBAC0918B033 ] C:\Windows\System32\samsrv.dll
18:57:24.0449 4356  C:\Windows\System32\samsrv.dll - ok
18:57:24.0452 4356  [ 3A061472B38233BAFF9CFEFF2E49C46B ] C:\Windows\System32\cryptdll.dll
18:57:24.0452 4356  C:\Windows\System32\cryptdll.dll - ok
18:57:24.0457 4356  [ 3C073B0C596A0AF84933E7406766B040 ] C:\Windows\System32\wevtapi.dll
18:57:24.0457 4356  C:\Windows\System32\wevtapi.dll - ok
18:57:24.0461 4356  [ 7FBEBD2229EA5FD48D41B199EC2D541C ] C:\Windows\System32\authz.dll
18:57:24.0461 4356  C:\Windows\System32\authz.dll - ok
18:57:24.0465 4356  [ 86FE1B1F8FD42CD0DB641AB1CDB13093 ] C:\Windows\System32\cngaudit.dll
18:57:24.0465 4356  C:\Windows\System32\cngaudit.dll - ok
18:57:24.0469 4356  [ 2E8C52A0EC788D90FA35D9507D828771 ] C:\Windows\System32\ncrypt.dll
18:57:24.0469 4356  C:\Windows\System32\ncrypt.dll - ok
18:57:24.0476 4356  [ B9A95365E52F421A20E1501935FADDA5 ] C:\Windows\System32\bcrypt.dll
18:57:24.0476 4356  C:\Windows\System32\bcrypt.dll - ok
18:57:24.0480 4356  [ 02B64609F865A39365FF88580DF11738 ] C:\Windows\System32\msprivs.dll
18:57:24.0480 4356  C:\Windows\System32\msprivs.dll - ok
18:57:24.0484 4356  [ DA3E2A6FA9660CC75B471530CE88453A ] C:\Windows\System32\winlogon.exe
18:57:24.0484 4356  C:\Windows\System32\winlogon.exe - ok
18:57:24.0489 4356  [ B561B451320B0B40908A8BFD81705262 ] C:\Windows\System32\netjoin.dll
18:57:24.0489 4356  C:\Windows\System32\netjoin.dll - ok
18:57:24.0493 4356  [ 50532FCD7ECF02DD169CE5C485F02534 ] C:\Windows\System32\negoexts.dll
18:57:24.0493 4356  C:\Windows\System32\negoexts.dll - ok
18:57:24.0499 4356  [ F5D06621DF3311120C778935D3219021 ] C:\Windows\System32\kerberos.dll
18:57:24.0499 4356  C:\Windows\System32\kerberos.dll - ok
18:57:24.0503 4356  [ D0C2FBB6D97416B0166478FC7AE2B212 ] C:\Windows\System32\cryptsp.dll
18:57:24.0503 4356  C:\Windows\System32\cryptsp.dll - ok
18:57:24.0507 4356  [ FC76FE3C1E1FDB761244D4F74EF560FD ] C:\Windows\System32\mswsock.dll
18:57:24.0507 4356  C:\Windows\System32\mswsock.dll - ok
18:57:24.0511 4356  [ EC7CBFF96B05ECF3D366355B3C64ADCF ] C:\Windows\System32\wship6.dll
18:57:24.0511 4356  C:\Windows\System32\wship6.dll - ok
18:57:24.0516 4356  [ 4B78B431F225FD8624C5655CB1DE7B61 ] C:\Windows\System32\aelupsvc.dll
18:57:24.0516 4356  C:\Windows\System32\aelupsvc.dll - ok
18:57:24.0520 4356  [ FA4DB05923DDDEDE3196ABD09AE0F1E9 ] C:\Windows\System32\msv1_0.dll
18:57:24.0520 4356  C:\Windows\System32\msv1_0.dll - ok
18:57:24.0524 4356  [ 3C9EBFF68D64090FCCB9971ACA6D9E18 ] C:\Windows\System32\atmfd.dll
18:57:24.0524 4356  C:\Windows\System32\atmfd.dll - ok
18:57:24.0529 4356  [ 3290D6946B5E30E70414990574883DDB ] C:\Windows\System32\alg.exe
18:57:24.0529 4356  C:\Windows\System32\alg.exe - ok
18:57:24.0533 4356  [ 0BC381A15355A3982216F7172F545DE1 ] C:\Windows\System32\appidsvc.dll
18:57:24.0533 4356  C:\Windows\System32\appidsvc.dll - ok
18:57:24.0537 4356  [ D8C88512BA9544AE1CC2034F50ECFA12 ] C:\Windows\System32\winsta.dll
18:57:24.0537 4356  C:\Windows\System32\winsta.dll - ok
18:57:24.0542 4356  [ D065BE66822847B7F127D1F90158376E ] C:\Windows\System32\appinfo.dll
18:57:24.0542 4356  C:\Windows\System32\appinfo.dll - ok
18:57:24.0546 4356  [ 956D030D375F207B22FB111E06EF9C35 ] C:\Windows\System32\netlogon.dll
18:57:24.0546 4356  C:\Windows\System32\netlogon.dll - ok
18:57:24.0550 4356  [ 05A2D26ACF0939A4E97160315F1FA12E ] C:\Windows\System32\dnsapi.dll
18:57:24.0550 4356  C:\Windows\System32\dnsapi.dll - ok
18:57:24.0555 4356  [ 8CE22E63F08613036DF8C7B00FBDF36B ] C:\Windows\System32\logoncli.dll
18:57:24.0555 4356  C:\Windows\System32\logoncli.dll - ok
18:57:24.0559 4356  [ 5A148B1574BE77742D337EC81C23FC7A ] C:\Windows\System32\schannel.dll
18:57:24.0559 4356  C:\Windows\System32\schannel.dll - ok
18:57:24.0563 4356  [ 3D6AF45673C4B31CDECD7F80AF09D443 ] C:\Windows\System32\rascfg.dll
18:57:24.0563 4356  C:\Windows\System32\rascfg.dll - ok
18:57:24.0567 4356  [ 95FB6CA4374E343DDD653FCC43F9D26B ] C:\Windows\System32\wdigest.dll
18:57:24.0567 4356  C:\Windows\System32\wdigest.dll - ok
18:57:24.0571 4356  [ 5D8874A8C11DDDDE29E12DE0E2013493 ] C:\Windows\System32\rsaenh.dll
18:57:24.0571 4356  C:\Windows\System32\rsaenh.dll - ok
18:57:24.0576 4356  [ 0DEFD5FBF801DD8F83BC0ED09861A8EC ] C:\Windows\System32\TSpkg.dll
18:57:24.0576 4356  C:\Windows\System32\TSpkg.dll - ok
18:57:24.0580 4356  [ E08088A97F95345E181C3DFCE2C615EF ] C:\Windows\System32\pku2u.dll
18:57:24.0580 4356  C:\Windows\System32\pku2u.dll - ok
18:57:24.0584 4356  [ 07721A77180EDD4D39CCB865BF63C7FD ] C:\Windows\System32\audiosrv.dll
18:57:24.0584 4356  C:\Windows\System32\audiosrv.dll - ok
18:57:24.0588 4356  [ B20B5FA5CA050E9926E4D1DB81501B32 ] C:\Windows\System32\AxInstSv.dll
18:57:24.0588 4356  C:\Windows\System32\AxInstSv.dll - ok
18:57:24.0591 4356  [ DA090E97E57DCB48888015B5D3C749CD ] C:\Windows\System32\bcryptprimitives.dll
18:57:24.0591 4356  C:\Windows\System32\bcryptprimitives.dll - ok
18:57:24.0596 4356  [ 9301B8810B2DA4EB6AD55DB75FC1E339 ] C:\Windows\System32\credssp.dll
18:57:24.0596 4356  C:\Windows\System32\credssp.dll - ok
18:57:24.0600 4356  [ 90BDEFC5DF334E5100EAA781D798DE1A ] C:\Windows\System32\efslsaext.dll
18:57:24.0600 4356  C:\Windows\System32\efslsaext.dll - ok
18:57:24.0604 4356  [ FDE360167101B4E45A96F939F388AEB0 ] C:\Windows\System32\bdesvc.dll
18:57:24.0604 4356  C:\Windows\System32\bdesvc.dll - ok
18:57:24.0608 4356  [ 4992C609A6315671463E30F6512BC022 ] C:\Windows\System32\BFE.DLL
18:57:24.0608 4356  C:\Windows\System32\BFE.DLL - ok
18:57:24.0613 4356  [ 7F0C323FE3DA28AA4AA1BDA3F575707F ] C:\Windows\System32\qmgr.dll
18:57:24.0613 4356  C:\Windows\System32\qmgr.dll - ok
18:57:24.0617 4356  [ 94FBC06F294D58D02361918418F996E3 ] C:\Windows\System32\browser.dll
18:57:24.0617 4356  C:\Windows\System32\browser.dll - ok
18:57:24.0621 4356  [ 95F9C2976059462CBBF227F7AAB10DE9 ] C:\Windows\System32\bthserv.dll
18:57:24.0621 4356  C:\Windows\System32\bthserv.dll - ok
18:57:24.0625 4356  [ 312E2F82AF11E79906898AC3E3D58A1F ] C:\Windows\System32\certprop.dll
18:57:24.0625 4356  C:\Windows\System32\certprop.dll - ok
18:57:24.0630 4356  [ FE1EC06F2253F691FE36217C592A0206 ] C:\Windows\System32\clfs.sys
18:57:24.0630 4356  C:\Windows\System32\clfs.sys - ok
18:57:24.0634 4356  [ 1A47D52E303B7543E4E6026595B95422 ] C:\Windows\System32\comres.dll
18:57:24.0634 4356  C:\Windows\System32\comres.dll - ok
18:57:24.0638 4356  [ 8C57411B66282C01533CB776F98AD384 ] C:\Windows\System32\cryptsvc.dll
18:57:24.0638 4356  C:\Windows\System32\cryptsvc.dll - ok
18:57:24.0642 4356  [ 732E668096B1A37B7BFD4B9021E69A8E ] C:\Windows\System32\oleres.dll
18:57:24.0642 4356  C:\Windows\System32\oleres.dll - ok
18:57:24.0647 4356  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] C:\Windows\System32\defragsvc.dll
18:57:24.0647 4356  C:\Windows\System32\defragsvc.dll - ok
18:57:24.0651 4356  [ CE3B9562D997F69B330D181A8875960F ] C:\Windows\System32\dhcpcore.dll
18:57:24.0651 4356  C:\Windows\System32\dhcpcore.dll - ok
18:57:24.0655 4356  [ 398712DDDAEFB85EDF61DF6A07B65C79 ] C:\Windows\System32\scecli.dll
18:57:24.0655 4356  C:\Windows\System32\scecli.dll - ok
18:57:24.0659 4356  [ 14452ACDB09B70964C8C21BF80A13ACB ] C:\Windows\System32\dot3svc.dll
18:57:24.0659 4356  C:\Windows\System32\dot3svc.dll - ok
18:57:24.0664 4356  [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] C:\Windows\System32\dps.dll
18:57:24.0664 4356  C:\Windows\System32\dps.dll - ok
18:57:24.0668 4356  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] C:\Windows\System32\eapsvc.dll
18:57:24.0668 4356  C:\Windows\System32\eapsvc.dll - ok
18:57:24.0672 4356  [ 0C043B0ABBB5E14E68906AB80365395B ] C:\Windows\System32\efssvc.dll
18:57:24.0672 4356  C:\Windows\System32\efssvc.dll - ok
18:57:24.0676 4356  [ 3D69FAE60EDE442E004611A4EE4DB44C ] C:\Windows\ehome\ehrecvr.exe
18:57:24.0677 4356  C:\Windows\ehome\ehrecvr.exe - ok
18:57:24.0681 4356  [ 4705E8EF9934482C5BB488CE28AFC681 ] C:\Windows\ehome\ehsched.exe
18:57:24.0682 4356  C:\Windows\ehome\ehsched.exe - ok
18:57:24.0686 4356  [ 99ABDA9C92EC76CBAF52F00239D909C9 ] C:\Windows\System32\wevtsvc.dll
18:57:24.0686 4356  C:\Windows\System32\wevtsvc.dll - ok
18:57:24.0690 4356  [ C8E8B8239FCF17BEA10E751BE5854631 ] C:\Windows\System32\FXSRESM.dll
18:57:24.0690 4356  C:\Windows\System32\FXSRESM.dll - ok
18:57:24.0694 4356  [ 0438CAB2E03F4FB61455A7956026FE86 ] C:\Windows\System32\fdPHost.dll
18:57:24.0694 4356  C:\Windows\System32\fdPHost.dll - ok
18:57:24.0699 4356  [ 802496CB59A30349F9A6DD22D6947644 ] C:\Windows\System32\FDResPub.dll
18:57:24.0699 4356  C:\Windows\System32\FDResPub.dll - ok
18:57:24.0704 4356  [ 655661BE46B5F5F3FD454E2C3095B930 ] C:\Windows\System32\drivers\fileinfo.sys
18:57:24.0704 4356  C:\Windows\System32\drivers\fileinfo.sys - ok
18:57:24.0708 4356  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] C:\Windows\System32\drivers\filetrace.sys
18:57:24.0708 4356  C:\Windows\System32\drivers\filetrace.sys - ok
18:57:24.0714 4356  [ F7866AF72ABBAF84B1FA5AA195378C59 ] C:\Windows\System32\drivers\fltMgr.sys
18:57:24.0714 4356  C:\Windows\System32\drivers\fltMgr.sys - ok
18:57:24.0718 4356  [ 8AC4CB4EA61E41009FAE9AE7B2B5DA3A ] C:\Windows\System32\FntCache.dll
18:57:24.0718 4356  C:\Windows\System32\FntCache.dll - ok
18:57:24.0722 4356  [ D43703496149971890703B4B1B723EAC ] C:\Windows\System32\drivers\fsdepends.sys
18:57:24.0723 4356  C:\Windows\System32\drivers\fsdepends.sys - ok
18:57:24.0727 4356  [ E60BB0CDC5EA153F6D24C51AAD4A73FD ] C:\Windows\System32\PresentationHost.exe
18:57:24.0727 4356  C:\Windows\System32\PresentationHost.exe - ok
18:57:24.0732 4356  [ B8B2A6E1558F8F5DE5CE431C5B2C7B09 ] C:\Windows\System32\drivers\fvevol.sys
18:57:24.0732 4356  C:\Windows\System32\drivers\fvevol.sys - ok
18:57:24.0736 4356  [ 9C9307C95671AC962F3D6EB3A4A89BAE ] C:\Windows\System32\gpapi.dll
18:57:24.0736 4356  C:\Windows\System32\gpapi.dll - ok
18:57:24.0740 4356  [ BD9EB3958F213F96B97B1D897DEE006D ] C:\Windows\System32\hidserv.dll
18:57:24.0740 4356  C:\Windows\System32\hidserv.dll - ok
18:57:24.0744 4356  [ EFA58EDE58DD74388FFD04CB32681518 ] C:\Windows\System32\KMSVC.DLL
18:57:24.0744 4356  C:\Windows\System32\KMSVC.DLL - ok
18:57:24.0749 4356  [ 046B2673767CA626E2CFB7FDF735E9E8 ] C:\Windows\System32\ListSvc.dll
18:57:24.0749 4356  C:\Windows\System32\ListSvc.dll - ok
18:57:24.0753 4356  [ 06A7422224D9865A5613710A089987DF ] C:\Windows\System32\provsvc.dll
18:57:24.0753 4356  C:\Windows\System32\provsvc.dll - ok
18:57:24.0757 4356  [ B9E2DAF71E44626011D70B4889171504 ] C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll
18:57:24.0757 4356  C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll - ok
18:57:24.0762 4356  [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] C:\Windows\System32\drivers\http.sys
18:57:24.0762 4356  C:\Windows\System32\drivers\http.sys - ok
18:57:24.0767 4356  [ F17766A19145F111856378DF337A5D79 ] C:\Windows\System32\drivers\hwpolicy.sys
18:57:24.0767 4356  C:\Windows\System32\drivers\hwpolicy.sys - ok
18:57:24.0771 4356  [ C5B4683680DF085B57BC53E5EF34861F ] C:\Windows\System32\IKEEXT.DLL
18:57:24.0771 4356  C:\Windows\System32\IKEEXT.DLL - ok
18:57:24.0776 4356  [ 098A91C54546A3B878DAD6A7E90A455B ] C:\Windows\System32\IPBusEnum.dll
18:57:24.0776 4356  C:\Windows\System32\IPBusEnum.dll - ok
18:57:24.0779 4356  [ F8E058D17363EC580E4B7232778B6CB5 ] C:\Windows\System32\iphlpsvc.dll
18:57:24.0780 4356  C:\Windows\System32\iphlpsvc.dll - ok
18:57:24.0784 4356  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] C:\Windows\System32\drivers\irenum.sys
18:57:24.0784 4356  C:\Windows\System32\drivers\irenum.sys - ok
18:57:24.0788 4356  [ F9EC845C5EECF20E9A67F9F805F2EF1F ] C:\Windows\System32\keyiso.dll
18:57:24.0788 4356  C:\Windows\System32\keyiso.dll - ok
18:57:24.0792 4356  [ C926920B8978DE6ACFE9E15C709E9B57 ] C:\Windows\System32\srvsvc.dll
18:57:24.0792 4356  C:\Windows\System32\srvsvc.dll - ok
18:57:24.0797 4356  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] C:\Windows\System32\drivers\luafv.sys
18:57:24.0797 4356  C:\Windows\System32\drivers\luafv.sys - ok
18:57:24.0801 4356  [ 7A757C41C3879CD34BDE15F0563C0CE2 ] C:\Windows\System32\lltdres.dll
18:57:24.0801 4356  C:\Windows\System32\lltdres.dll - ok
18:57:24.0805 4356  [ F993A32249B66C9D622EA5592A8B76B8 ] C:\Windows\System32\lmhsvc.dll
18:57:24.0805 4356  C:\Windows\System32\lmhsvc.dll - ok
18:57:24.0843 4356  [ 27026EAC8818E8A6C00A1CAD2F11D29A ] C:\Windows\System32\wkssvc.dll
18:57:24.0843 4356  C:\Windows\System32\wkssvc.dll - ok
18:57:24.0846 4356  [ E5DE3FFD785B6730291AD98E491D58BA ] C:\Windows\ehome\ehres.dll
18:57:24.0846 4356  C:\Windows\ehome\ehres.dll - ok
18:57:24.0851 4356  [ 791AF66C4D0E7C90A3646066386FB571 ] C:\Windows\System32\drivers\mountmgr.sys
18:57:24.0851 4356  C:\Windows\System32\drivers\mountmgr.sys - ok
18:57:24.0855 4356  [ 9AD9E06F8656F296D91FAE8EE5B95A27 ] C:\Windows\System32\FirewallAPI.dll
18:57:24.0855 4356  C:\Windows\System32\FirewallAPI.dll - ok
18:57:24.0859 4356  [ E40E80D0304A73E8D269F7141D77250B ] C:\Windows\System32\mmcss.dll
18:57:24.0859 4356  C:\Windows\System32\mmcss.dll - ok
18:57:24.0864 4356  [ 8A438CBB8C032A0C798B0C642FFBE572 ] C:\Windows\System32\WebClnt.dll
18:57:24.0864 4356  C:\Windows\System32\WebClnt.dll - ok
18:57:24.0869 4356  [ F9D215A46A8B9753F61767FA72A20326 ] C:\Windows\System32\drivers\mshidkmdf.sys
18:57:24.0869 4356  C:\Windows\System32\drivers\mshidkmdf.sys - ok
18:57:24.0873 4356  [ F9A18612FD3526FE473C1BDA678D61C8 ] C:\Windows\System32\drivers\mup.sys
18:57:24.0873 4356  C:\Windows\System32\drivers\mup.sys - ok
18:57:24.0877 4356  [ E11E3F3BBEFDC5C0C160BE13B65E25E4 ] C:\Windows\System32\iscsidsc.dll
18:57:24.0877 4356  C:\Windows\System32\iscsidsc.dll - ok
18:57:24.0882 4356  [ 8EE1C893C50D1C02D4675978BAC756BA ] C:\Windows\System32\msimsg.dll
18:57:24.0882 4356  C:\Windows\System32\msimsg.dll - ok
18:57:24.0886 4356  [ 4987E079A4530FA737A128BE54B63B12 ] C:\Windows\System32\QAGENTRT.DLL
18:57:24.0886 4356  C:\Windows\System32\QAGENTRT.DLL - ok
18:57:24.0890 4356  [ CAD515DBD07D082BB317D9928CE8962C ] C:\Windows\System32\drivers\ndis.sys
18:57:24.0890 4356  C:\Windows\System32\drivers\ndis.sys - ok
18:57:24.0894 4356  [ 847D3AE376C0817161A14A82C8922A9E ] C:\Windows\System32\netman.dll
18:57:24.0894 4356  C:\Windows\System32\netman.dll - ok
18:57:24.0899 4356  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] C:\Windows\System32\netprofm.dll
18:57:24.0899 4356  C:\Windows\System32\netprofm.dll - ok
18:57:24.0903 4356  [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] C:\Windows\System32\nlasvc.dll
18:57:24.0903 4356  C:\Windows\System32\nlasvc.dll - ok
18:57:24.0907 4356  [ D54BFDF3E0C953F823B3D0BFE4732528 ] C:\Windows\System32\nsisvc.dll
18:57:24.0907 4356  C:\Windows\System32\nsisvc.dll - ok
18:57:24.0912 4356  [ 3EAC4455472CC2C97107B5291E0DCAFE ] C:\Windows\System32\pnrpsvc.dll
18:57:24.0912 4356  C:\Windows\System32\pnrpsvc.dll - ok
18:57:24.0916 4356  [ 927463ECB02179F88E4B9A17568C63C3 ] C:\Windows\System32\p2psvc.dll
18:57:24.0916 4356  C:\Windows\System32\p2psvc.dll - ok
18:57:24.0920 4356  [ 7DAA117143316C4A1537E074A5A9EAF0 ] C:\Windows\System32\drivers\partmgr.sys
18:57:24.0920 4356  C:\Windows\System32\drivers\partmgr.sys - ok
18:57:24.0924 4356  [ 3AEAA8B561E63452C655DC0584922257 ] C:\Windows\System32\pcasvc.dll
18:57:24.0924 4356  C:\Windows\System32\pcasvc.dll - ok
18:57:24.0929 4356  [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] C:\Windows\System32\pla.dll
18:57:24.0929 4356  C:\Windows\System32\pla.dll - ok
18:57:24.0933 4356  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] C:\Windows\System32\pnrpauto.dll
18:57:24.0933 4356  C:\Windows\System32\pnrpauto.dll - ok
18:57:24.0937 4356  [ 23157D583244400E1D7FBAEE2E4B31B7 ] C:\Windows\System32\umpnpmgr.dll
18:57:24.0937 4356  C:\Windows\System32\umpnpmgr.dll - ok
18:57:24.0942 4356  [ 8DEC9C6DD13C4B3B62CD8D5A0FEF1650 ] C:\Windows\System32\polstore.dll
18:57:24.0942 4356  C:\Windows\System32\polstore.dll - ok
18:57:24.0946 4356  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] C:\Windows\System32\umpo.dll
18:57:24.0946 4356  C:\Windows\System32\umpo.dll - ok
18:57:24.0950 4356  [ F381975E1F4346DE875CB07339CE8D3A ] C:\Windows\System32\profsvc.dll
18:57:24.0950 4356  C:\Windows\System32\profsvc.dll - ok
18:57:24.0954 4356  [ AB95FBAE4F9A5A56B177CEC427B2B35E ] C:\Windows\System32\psbase.dll
18:57:24.0954 4356  C:\Windows\System32\psbase.dll - ok
18:57:24.0958 4356  [ 76707BB36430888D9CE9D705398ADB6C ] C:\Windows\System32\drivers\qwavedrv.sys
18:57:24.0959 4356  C:\Windows\System32\drivers\qwavedrv.sys - ok
18:57:24.0963 4356  [ 906191634E99AEA92C4816150BDA3732 ] C:\Windows\System32\qwave.dll
18:57:24.0963 4356  C:\Windows\System32\qwave.dll - ok
18:57:24.0967 4356  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] C:\Windows\System32\rasauto.dll
18:57:24.0967 4356  C:\Windows\System32\rasauto.dll - ok
18:57:24.0971 4356  [ 47394ED3D16D053F5906EFE5AB51CC83 ] C:\Windows\System32\rasmans.dll
18:57:24.0971 4356  C:\Windows\System32\rasmans.dll - ok
18:57:24.0976 4356  [ 254FB7A22D74E5511C73A3F6D802F192 ] C:\Windows\System32\mprdim.dll
18:57:24.0976 4356  C:\Windows\System32\mprdim.dll - ok
18:57:24.0980 4356  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] C:\Windows\System32\sstpsvc.dll
18:57:24.0981 4356  C:\Windows\System32\sstpsvc.dll - ok
18:57:24.0985 4356  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] C:\Windows\System32\Locator.exe
18:57:24.0985 4356  C:\Windows\System32\Locator.exe - ok
18:57:24.0989 4356  [ E4D94F24081440B5FC5AA556C7C62702 ] C:\Windows\System32\regsvc.dll
18:57:24.0989 4356  C:\Windows\System32\regsvc.dll - ok
18:57:24.0993 4356  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] C:\Windows\System32\RpcEpMap.dll
18:57:24.0993 4356  C:\Windows\System32\RpcEpMap.dll - ok
18:57:24.0998 4356  [ C94DA20C7E3BA1DCA269BC8460D98387 ] C:\Windows\System32\drivers\scfilter.sys
18:57:24.0998 4356  C:\Windows\System32\drivers\scfilter.sys - ok
18:57:25.0002 4356  [ 9B7395789E3791A3B6D000FE6F8B131E ] C:\Windows\System32\SCardSvr.dll
18:57:25.0002 4356  C:\Windows\System32\SCardSvr.dll - ok
18:57:25.0006 4356  [ EC56B171F85C7E855E7B0588AC503EEA ] C:\Windows\System32\schedsvc.dll
18:57:25.0006 4356  C:\Windows\System32\schedsvc.dll - ok
18:57:25.0010 4356  [ 765A27C3279CE11D14CB9E4F5869FCA5 ] C:\Windows\System32\sdrsvc.dll
18:57:25.0010 4356  C:\Windows\System32\sdrsvc.dll - ok
18:57:25.0015 4356  [ 463B386EBC70F98DA5DFF85F7E654346 ] C:\Windows\System32\seclogon.dll
18:57:25.0015 4356  C:\Windows\System32\seclogon.dll - ok
18:57:25.0019 4356  [ C32AB8FA018EF34C0F113BD501436D21 ] C:\Windows\System32\Sens.dll
18:57:25.0019 4356  C:\Windows\System32\Sens.dll - ok
18:57:25.0023 4356  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] C:\Windows\System32\sensrsvc.dll
18:57:25.0023 4356  C:\Windows\System32\sensrsvc.dll - ok
18:57:25.0027 4356  [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] C:\Windows\System32\SessEnv.dll
18:57:25.0027 4356  C:\Windows\System32\SessEnv.dll - ok
18:57:25.0032 4356  [ B95F6501A2F8B2E78C697FEC401970CE ] C:\Windows\System32\ipnathlp.dll
18:57:25.0032 4356  C:\Windows\System32\ipnathlp.dll - ok
18:57:25.0036 4356  [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] C:\Windows\System32\shsvcs.dll
18:57:25.0036 4356  C:\Windows\System32\shsvcs.dll - ok
18:57:25.0040 4356  [ 6313F223E817CC09AA41811DAA7F541D ] C:\Windows\System32\snmptrap.exe
18:57:25.0040 4356  C:\Windows\System32\snmptrap.exe - ok
18:57:25.0045 4356  [ 1FCD619D8542A248D4E1FF72FFB0E56B ] C:\Windows\System32\tcpipcfg.dll
18:57:25.0045 4356  C:\Windows\System32\tcpipcfg.dll - ok
18:57:25.0049 4356  [ 89E8550C5862999FCF482EA562B0E98E ] C:\Windows\System32\spoolsv.exe
18:57:25.0049 4356  C:\Windows\System32\spoolsv.exe - ok
18:57:25.0053 4356  [ 913D843498553A1BC8F8DBAD6358E49F ] C:\Windows\System32\sppsvc.exe
18:57:25.0053 4356  C:\Windows\System32\sppsvc.exe - ok
18:57:25.0058 4356  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] C:\Windows\System32\sppuinotify.dll
18:57:25.0058 4356  C:\Windows\System32\sppuinotify.dll - ok
18:57:25.0062 4356  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] C:\Windows\System32\ssdpsrv.dll
18:57:25.0062 4356  C:\Windows\System32\ssdpsrv.dll - ok
18:57:25.0066 4356  [ 52D0E33B681BD0F33FDC08812FEE4F7D ] C:\Windows\System32\wiaservc.dll
18:57:25.0066 4356  C:\Windows\System32\wiaservc.dll - ok
18:57:25.0071 4356  [ E08E46FDD841B7184194011CA1955A0B ] C:\Windows\System32\swprv.dll
18:57:25.0071 4356  C:\Windows\System32\swprv.dll - ok
18:57:25.0075 4356  [ 3C1284516A62078FB68F768DE4F1A7BE ] C:\Windows\System32\sysmain.dll
18:57:25.0075 4356  C:\Windows\System32\sysmain.dll - ok
18:57:25.0079 4356  [ 238935C3CF2854886DC7CBB2A0E2CC66 ] C:\Windows\System32\TabSvc.dll
18:57:25.0079 4356  C:\Windows\System32\TabSvc.dll - ok
18:57:25.0083 4356  [ 884264AC597B690C5707C89723BB8E7B ] C:\Windows\System32\tapisrv.dll
18:57:25.0083 4356  C:\Windows\System32\tapisrv.dll - ok
18:57:25.0088 4356  [ 1BE03AC720F4D302EA01D40F588162F6 ] C:\Windows\System32\tbssvc.dll
18:57:25.0088 4356  C:\Windows\System32\tbssvc.dll - ok
18:57:25.0092 4356  [ 0F05EC2887BFE197AD82A13287D2F404 ] C:\Windows\System32\termsrv.dll
18:57:25.0092 4356  C:\Windows\System32\termsrv.dll - ok
18:57:32.0732 4356  C:\Users\Brett\Downloads\aswMBR(1).exe - ok
18:57:32.0735 4356  ============================================================
18:57:32.0735 4356  Scan finished
18:57:32.0735 4356  ============================================================
18:57:32.0746 3880  Detected object count: 0
18:57:32.0746 3880  Actual detected object count: 0
18:57:36.0321 1620  Deinitialize success
 




AswMBR:

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-02-22 15:59:02
-----------------------------
15:59:02.846    OS Version: Windows x64 6.1.7600
15:59:02.847    Number of processors: 2 586 0x603
15:59:02.847    ComputerName: BRETT-PC  UserName: Brett
15:59:06.365    Initialize success
15:59:06.423    AVAST engine defs: 13022200
15:59:29.776    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
15:59:29.778    Disk 0 Vendor: ST3750528AS CC44 Size: 715404MB BusType: 3
15:59:29.794    Disk 0 MBR read successfully
15:59:29.795    Disk 0 MBR scan
15:59:29.798    Disk 0 unknown MBR code
15:59:29.803    Disk 0 Partition 1 00     1B   Hidd FAT32 NTFS        19024 MB offset 2048
15:59:29.806    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS       696378 MB offset 38963200
15:59:29.846    Disk 0 scanning C:\Windows\system32\drivers
15:59:36.638    Service scanning
15:59:48.429    Modules scanning
15:59:48.435    Disk 0 trace - called modules:
15:59:48.458    ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
15:59:48.462    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80045fd060]
15:59:48.793    3 CLASSPNP.SYS[fffff8800188643f] -> nt!IofCallDriver -> [0xfffffa8004584520]
15:59:48.797    5 ACPI.sys[fffff88000f50781] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa800457d060]
15:59:49.380    AVAST engine scan C:\Windows
15:59:51.545    AVAST engine scan C:\Windows\system32
16:01:50.841    AVAST engine scan C:\Windows\system32\drivers
16:01:59.500    AVAST engine scan C:\Users\Brett
16:33:15.888    AVAST engine scan C:\ProgramData
16:34:29.839    Scan finished successfully
16:35:55.084    Disk 0 MBR has been saved successfully to "C:\Users\Brett\Desktop\answers\MBR.dat"
16:35:55.088    The log file has been saved successfully to "C:\Users\Brett\Desktop\answers\aswMBR.txt"


Esset:

C:\Users\All Users\{DFD01D8C-26C8-4413-8B1B-2C940D76D0F2}\FixMyRegistry.res    a variant of Win32/Bundled.Toolbar.Ask application    
C:\ProgramData\{DFD01D8C-26C8-4413-8B1B-2C940D76D0F2}\FixMyRegistry.res    a variant of Win32/Bundled.Toolbar.Ask application    deleted - quarantined
C:\Users\Brett\AppData\Roaming\Mozilla\Firefox\Profiles\4ebm0tod.default\prefs.js    JS/SecurityDisabler.A.Gen application    cleaned by deleting - quarantined
C:\Users\Brett\AppData\Roaming\Mozilla\Firefox\Profiles\4ebm0tod.default\user.js    JS/SecurityDisabler.A.Gen application    cleaned by deleting - quarantined
C:\Users\Brett\Downloads\ccasa.exe    a variant of Win32/InstallCore.D application    cleaned by deleting - quarantined
C:\Users\Brett\Downloads\hwmonitor_1.20-setup.exe    a variant of Win32/Bundled.Toolbar.Ask application    cleaned by deleting - quarantined
C:\Users\Brett\Downloads\iLividSetupV1.exe    Win32/Toolbar.SearchSuite application    cleaned by deleting - quarantined
C:\Users\Brett\Downloads\Setup_FreeBurner.exe    Win32/Toolbar.Widgi application    cleaned by deleting - quarantined
C:\Users\Brett\Downloads\Setup_FreeConverter.exe    a variant of Win32/Toolbar.Widgi application    cleaned by deleting - quarantined
C:\Users\Brett\Downloads\SoftonicDownloader_for_steam.exe    a variant of Win32/SoftonicDownloader.A application    cleaned by deleting - quarantined
 


Edited by phate008, 22 February 2013 - 07:02 PM.


#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:52 PM

Posted 22 February 2013 - 07:01 PM


Malwarebytes

--------------------

Please download Malwarebytes Anti-Malware and save it to your desktop.  If you already have it installed launch the program and update the database.

  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.  You can also right click on the link and select Save Link As

Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • Make sure you are connected to the Internet and double-click on the renamed file to install the application.
    For instructions with screenshots, please refer to this Guide.
  • When the installation begins, follow the prompts and do not make any changes to default settings except to uncheck any offer for a free Pro trial version
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.

Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.


===================================================


Farbar's MiniToolBox

--------------------

  • Please download MiniToolBox, save it to your desktop
  • Please close any Firefox browsers you may have open
  • Double click the icon to launch the program
  • Make sure the following options are checked:

    • Flush DNS
    • Report IE Proxy Settings
    • Reset IE Proxy Settings
    • Report FF Proxy Settings
    • Reset FF Proxy Settings
    • List content of Hosts
    • List IP configuration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List Installed Programs
    • List Devices
    • List Users, Partitions and Memory size.
  • Click Go and once the scan is completed a Result.txt Notepad document will open on your desktop
  • Please copy and paste the contents in your reply


===================================================


Farbar's Service Scanner

--------------------

Please download Farbar Service Scanner, save it to your desktop, and run it.

  • Make sure the following options are checked:

    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


===================================================


AdwCleaner by Xplode - Search for Adware

-------------------

  • Please download AdwCleaner by Xplode onto your desktop.
  • Double click on AdwCleaner.exe, select OK, then Run
  • Click on Delete
  • A logfile will automatically open after the scan has finished
  • Copy and paste the contents in your reply
  • You can find the logfile at C:\AdwCleaner[R1].txt as well


===================================================


Junkware Removal Tooll by thisisu

-------------------

  • Please download Junkware Removal Tool and save it to your desktop.
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Right-mouse click JRT.exe and select Run as administrator (Windows XP double click the icon)
  • Please allow the program time to run
  • Once completed a Notepad document will open on your desktop
  • Copy and paste the contents in your reply


===================================================


Rkill

-------------------

Please download Rkill by Grinler from one of the 4 links below (if one of them does not work try another...) and save it to your desktop:


  • In order for Rkill to run properly you must disable your anti-malware software.  Please refer to this page if you are not sure how.
  • Double-click on Rkill. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
    • Note:  You may have to run Rkill a few times before it is successful.  You may also have to download Rkill from a different link which will save it as a different file name.
  • A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
  • An Rkill.log will appear.  Please copy and paste the contents in your reply (file also located at c:\rkill.log)
  • Do not reboot your computer after running Rkill as the malware programs will start again.  If your computer reboots, run Rkill again before continuing on to the next step.
  • If nothing happens or if the tool does not run, please let me know in your next reply.


===================================================


Autoruns

--------------------

  • Please download AutoRuns and save it to your desktop
  • Double click the AutoRuns.zip folder
  • Double click autoruns.exe (not autorunsc.exe), select Run, then Run again and allow the information to populate
  • Select File, Save, Desktop (in the left hand pane), then Save filename as Autoruns.txt and change Save as type to  Text(*.txt).
  • Double click on the text file,copy and paste the contents in your reply


===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • Malwarebytes log
  • MiniToolBox log
  • Farbar's Service Scanner log
  • AdwCleaner log
  • Junkware Removal Tool log
  • Rkill log
  • Autoruns log

 



#7 phate008

phate008
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:06:52 PM

Posted 22 February 2013 - 08:34 PM

MiniToolBox by Farbar  Version:10-01-2013
Ran by Brett (administrator) on 22-02-2013 at 19:30:44
Running from "C:\Users\Brett\Downloads"
Windows 7 Home Premium  (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.http", "216.224.179.38:3128"
"network.proxy.type", 1

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

::1             localhost


Farbar Service Scanner

Farbar Service Scanner Version: 20-02-2013
Ran by Brett (administrator) on 22-02-2013 at 19:32:08
Running from "C:\Users\Brett\Downloads"
Windows 7 Home Premium  (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys
[2009-07-13 18:25] - [2009-07-13 20:45] - 1898576 ____A (Microsoft Corporation) 912107716BAB424C7870E8E6AF5E07E1

C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****



149.5.18.172 www.google-analytics.com.
149.5.18.172 ad-emea.doubleclick.net.
149.5.18.172 www.statcounter.com.
108.163.215.51 www.google-analytics.com.
108.163.215.51 ad-emea.doubleclick.net.
108.163.215.51 www.statcounter.com.

127.0.0.1       localhost

========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : Brett-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : 20-CF-30-C7-60-62
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::1572:a846:d270:ec88%11(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.140(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Friday, February 22, 2013 7:21:56 PM
   Lease Expires . . . . . . . . . . : Saturday, February 23, 2013 7:21:56 PM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 237031216
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-62-74-57-20-CF-30-C7-60-62
   DNS Servers . . . . . . . . . . . : 192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{E690593F-82EE-4C67-8412-A8D7EE020309}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:953c:10cc:16e7:3f57:fe73(Preferred)
   Link-local IPv6 Address . . . . . : fe80::10cc:16e7:3f57:fe73%12(Preferred)
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  DD-WRT
Address:  192.168.1.1

Name:    google.com
Addresses:  2607:f8b0:4006:802::1008
      173.194.43.0
      173.194.43.9
      173.194.43.14
      173.194.43.7
      173.194.43.5
      173.194.43.3
      173.194.43.1
      173.194.43.8
      173.194.43.4
      173.194.43.2
      173.194.43.6


Pinging google.com [173.194.43.6] with 32 bytes of data:
Reply from 173.194.43.6: bytes=32 time=11ms TTL=55
Reply from 173.194.43.6: bytes=32 time=43ms TTL=55

Ping statistics for 173.194.43.6:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 11ms, Maximum = 43ms, Average = 27ms
Server:  DD-WRT
Address:  192.168.1.1

Name:    yahoo.com
Addresses:  98.139.183.24
      206.190.36.45
      98.138.253.109


Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=417ms TTL=50
Reply from 98.138.253.109: bytes=32 time=435ms TTL=50

Ping statistics for 98.138.253.109:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 417ms, Maximum = 435ms, Average = 426ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 11...20 cf 30 c7 60 62 ......Realtek PCIe GBE Family Controller
  1...........................Software Loopback Interface 1
 13...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1    192.168.1.140     20
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link     192.168.1.140    276
    192.168.1.140  255.255.255.255         On-link     192.168.1.140    276
    192.168.1.255  255.255.255.255         On-link     192.168.1.140    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.1.140    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.1.140    276
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 12     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 12     58 2001::/32                On-link
 12    306 2001:0:9d38:953c:10cc:16e7:3f57:fe73/128
                                    On-link
 11    276 fe80::/64                On-link
 12    306 fe80::/64                On-link
 12    306 fe80::10cc:16e7:3f57:fe73/128
                                    On-link
 11    276 fe80::1572:a846:d270:ec88/128
                                    On-link
  1    306 ff00::/8                 On-link
 12    306 ff00::/8                 On-link
 11    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [51712] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70144] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (02/22/2013 04:37:10 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.

Error: (02/22/2013 04:37:07 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.

Error: (02/22/2013 04:36:06 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.

Error: (02/22/2013 02:36:09 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
Invalid Xml syntax.

Error: (02/22/2013 02:35:37 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1".Error in manifest or policy file "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" on line WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Please use sxstrace.exe for detailed diagnosis.

Error: (02/20/2013 03:12:46 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
Invalid Xml syntax.

Error: (02/20/2013 03:12:17 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1".Error in manifest or policy file "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" on line WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Please use sxstrace.exe for detailed diagnosis.

Error: (02/18/2013 02:20:42 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.

Error: (02/16/2013 04:08:10 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
Invalid Xml syntax.

Error: (02/16/2013 04:07:41 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1".Error in manifest or policy file "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" on line WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Please use sxstrace.exe for detailed diagnosis.


System errors:
=============
Error: (02/22/2013 07:24:21 PM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error:
%%1069

Error: (02/22/2013 07:24:21 PM) (Source: Service Control Manager) (User: )
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error:
%%1330

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Error: (02/22/2013 07:22:01 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
SBRE

Error: (02/22/2013 07:20:52 PM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (02/22/2013 07:19:02 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
SBRE

Error: (02/22/2013 07:18:56 PM) (Source: Service Control Manager) (User: )
Description: The MBAMScheduler service failed to start due to the following error:
%%1053

Error: (02/22/2013 07:18:56 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the MBAMScheduler service to connect.

Error: (02/22/2013 07:17:52 PM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (02/22/2013 03:47:38 PM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error:
%%1069

Error: (02/22/2013 03:47:38 PM) (Source: Service Control Manager) (User: )
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error:
%%1330

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).


Microsoft Office Sessions:
=========================
Error: (02/22/2013 04:37:10 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifestC:\Users\Brett\Downloads\esetsmartinstaller_enu.exe

Error: (02/22/2013 04:37:07 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifestC:\Users\Brett\Downloads\esetsmartinstaller_enu.exe

Error: (02/22/2013 04:36:06 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifestC:\Users\Brett\Downloads\esetsmartinstaller_enu.exe

Error: (02/22/2013 02:36:09 AM) (Source: SideBySide)(User: )
Description: c:\program files (x86)\microsoft\search enhancement pack\search helper\searchhelper.dllc:\program files (x86)\microsoft\search enhancement pack\search helper\searchhelper.dll2

Error: (02/22/2013 02:35:37 AM) (Source: SideBySide)(User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"c:\program files (x86)\windows live\photo gallery\MovieMaker.Exec:\program files (x86)\windows live\photo gallery\WLMFDS.DLL8

Error: (02/20/2013 03:12:46 AM) (Source: SideBySide)(User: )
Description: c:\program files (x86)\microsoft\search enhancement pack\search helper\searchhelper.dllc:\program files (x86)\microsoft\search enhancement pack\search helper\searchhelper.dll2

Error: (02/20/2013 03:12:17 AM) (Source: SideBySide)(User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"c:\program files (x86)\windows live\photo gallery\MovieMaker.Exec:\program files (x86)\windows live\photo gallery\WLMFDS.DLL8

Error: (02/18/2013 02:20:42 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifestC:\Users\Brett\Downloads\SoftonicDownloader_for_steam.exe

Error: (02/16/2013 04:08:10 AM) (Source: SideBySide)(User: )
Description: c:\program files (x86)\microsoft\search enhancement pack\search helper\searchhelper.dllc:\program files (x86)\microsoft\search enhancement pack\search helper\searchhelper.dll2

Error: (02/16/2013 04:07:41 AM) (Source: SideBySide)(User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"c:\program files (x86)\windows live\photo gallery\MovieMaker.Exec:\program files (x86)\windows live\photo gallery\WLMFDS.DLL8


=========================== Installed Programs ============================

µTorrent (Version: 2.0.4)
3ivx MPEG-4 5.0.3 (remove only) (Version: 5.0.3)
5Dimes (Version: 16.6)
64 Bit HP CIO Components Installer (Version: 1.2.0)
Acrobat.com (Version: 1.6.65)
Adobe AIR (Version: 2.5.1.17730)
Adobe Audition 1.5 (Version: 1.5)
Adobe Audition 3.0 (Version: 3.0)
Adobe Audition 3.0 Vista Compatibility
Adobe Community Help (Version: 3.4.980)
Adobe Flash Player 11 ActiveX 64-bit (Version: 11.1.102.55)
Adobe Flash Player 11 Plugin 64-bit (Version: 11.1.102.62)
Adobe Media Player (Version: 1.8)
Adobe Reader XI (11.0.02) (Version: 11.0.02)
AI Manager (Version: 1.08.07)
AMD APP SDK Runtime (Version: 2.5.684.212)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Fuel (Version: 2011.0627.1558.26805)
AMD Media Foundation Decoders (Version: 1.0.60627.1551)
AMD USB Filter Driver (Version: 1.0.15.94)
AMD VISION Engine Control Center (Version: 2011.0627.1558.26805)
Antares Autotune VST v5.09
Any DVD Converter Professional 4.1.0
Any Video Converter 3.1.2
Apple Application Support (Version: 2.3.2)
Apple Mobile Device Support (Version: 6.0.1.3)
Apple Software Update (Version: 2.1.3.127)
ASIO4ALL (Version: 2.10)
ASUS Backup Wizard (Version: 1.00.09)
ASUS VIBE (Version: 1.0.188)
ASUSUpdate (Version: 7.18.03)
ATI AVIVO64 Codecs (Version: 11.6.0.10627)
ATI Catalyst Install Manager (Version: 3.0.833.0)
Authorizer 1.0.3 (Version: 1.0.3)
Authorizer Ignition Key Support (Version: 1.0.1.0)
AVS Screen Capture version 2.0.1
AVS Update Manager 1.0
AVS Video Editor 6
AVS Video Recorder 2.4
AVS4YOU Software Navigator 1.4
Best Buy pc app (Version: 3.0.0.0)
Bonjour (Version: 3.0.0.10)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (Version: 2011.0627.1558.26805)
Catalyst Control Center InstallProxy (Version: 2011.0627.1558.26805)
Catalyst Control Center Localization All (Version: 2011.0627.1558.26805)
ccc-utility64 (Version: 2011.0627.1558.26805)
CCC Help Chinese Standard (Version: 2011.0627.1557.26805)
CCC Help Chinese Traditional (Version: 2011.0627.1557.26805)
CCC Help Czech (Version: 2011.0627.1557.26805)
CCC Help Danish (Version: 2011.0627.1557.26805)
CCC Help Dutch (Version: 2011.0627.1557.26805)
CCC Help English (Version: 2011.0627.1557.26805)
CCC Help Finnish (Version: 2011.0627.1557.26805)
CCC Help French (Version: 2011.0627.1557.26805)
CCC Help German (Version: 2011.0627.1557.26805)
CCC Help Greek (Version: 2011.0627.1557.26805)
CCC Help Hungarian (Version: 2011.0627.1557.26805)
CCC Help Italian (Version: 2011.0627.1557.26805)
CCC Help Japanese (Version: 2011.0627.1557.26805)
CCC Help Korean (Version: 2011.0627.1557.26805)
CCC Help Norwegian (Version: 2011.0627.1557.26805)
CCC Help Polish (Version: 2011.0627.1557.26805)
CCC Help Portuguese (Version: 2011.0627.1557.26805)
CCC Help Russian (Version: 2011.0627.1557.26805)
CCC Help Spanish (Version: 2011.0627.1557.26805)
CCC Help Swedish (Version: 2011.0627.1557.26805)
CCC Help Thai (Version: 2011.0627.1557.26805)
CCC Help Turkish (Version: 2011.0627.1557.26805)
Cisco Connect (Version: 1.2.10218.1)
CPUID HWMonitor 1.20
dBpoweramp FLAC Codec (Version: Release 14 (FLAC 1.2.1))
dBpoweramp Music Converter (Version: Release 14.1)
Diablo III (Version: 1.0.7.14633)
DivX Setup (Version: 2.1.2.2)
dvdSanta 4.50
ebi.BookReader3J (Version: 3.75.14)
EPU-4 Engine (Version: 1.00.25)
ESET Online Scanner v3
Final Draft (Version: 8.0.1.89)
FlipShare (Version: 5.0.5.52727)
Free Mp3 Wma Converter V 1.95 (Version: 1.95.0.0)
Google Update Helper (Version: 1.3.21.135)
HydraVision (Version: 4.2.208.0)
iCloud (Version: 2.1.1.3)
iTunes (Version: 11.0.1.12)
iZotope Vinyl (Version: 1.61)
Java Auto Updater (Version: 2.0.6.1)
Java™ 6 Update 30 (Version: 6.0.300)
Junk Mail filter update (Version: 14.0.8089.726)
Magic ISO Maker v5.5 (build 0281)
MagicDisc 2.7.106
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Office 32-bit Components 2010 (Version: 14.0.4763.1000)
Microsoft Office PowerPoint 2010 (Version: 14.0.4763.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.4763.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.4763.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Shared 32-bit MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office XP Professional with FrontPage (Version: 10.0.2627.0)
Microsoft PowerPoint 2010 (Version: 14.0.4763.1000)
Microsoft Search Enhancement Pack (Version: 1.2.123.0)
Microsoft Silverlight (Version: 4.0.60531.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Sync Framework Runtime Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Sync Framework Services Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86 (Version: 1.00.0000)
Mozilla Firefox 19.0 (x86 en-US) (Version: 19.0)
Mozilla Maintenance Service (Version: 19.0)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP3 Parser (KB973685) (Version: 4.30.2107.0)
NVIDIA 3D Vision Controller Driver (Version: 275.33)
NVIDIA 3D Vision Controller Driver 301.42 (Version: 301.42)
NVIDIA 3D Vision Driver 301.42 (Version: 301.42)
NVIDIA Control Panel 301.42 (Version: 301.42)
NVIDIA Graphics Driver 301.42 (Version: 301.42)
NVIDIA HD Audio Driver 1.3.16.0 (Version: 1.3.16.0)
NVIDIA Install Application (Version: 2.1002.75.420)
NVIDIA PhysX (Version: 9.12.0213)
NVIDIA PhysX System Software 9.12.0213 (Version: 9.12.0213)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.0142)
NVIDIA Update 1.8.15 (Version: 1.8.15)
NVIDIA Update Components (Version: 1.8.15)
Platform (Version: 1.34)
PowerISO (Version: 4.7)
QuickTime (Version: 7.73.80.64)
Raptor 3
Realtek 8136 8168 8169 Ethernet Driver (Version: 1.00.0005)
Reason 5.0 (Version: 5.0)
ReCycle 2.1 (Version: 2.1)
Spelling Dictionaries Support For Adobe Reader 9 (Version: 9.0.0)
Turbo Tax Home and Business (Version: 2011)
TurboTax 2010
TurboTax 2010 WinPerFedFormset (Version: 010.000.3610)
TurboTax 2010 WinPerReleaseEngine (Version: 010.000.0431)
TurboTax 2010 WinPerTaxSupport (Version: 010.000.0202)
TurboTax 2010 wnyiper (Version: 010.000.1240)
TurboTax 2010 wrapper (Version: 010.000.0157)
TurboTax 2011
TurboTax 2011 WinPerFedFormset (Version: 011.000.2596)
TurboTax 2011 WinPerReleaseEngine (Version: 011.000.0424)
TurboTax 2011 WinPerTaxSupport (Version: 011.000.0209)
TurboTax 2011 wnyiper (Version: 011.000.1375)
TurboTax 2011 wrapper (Version: 011.000.0120)
TurboTax 2012
TurboTax 2012 WinPerFedFormset (Version: 012.000.1804)
TurboTax 2012 WinPerReleaseEngine (Version: 012.000.0402)
TurboTax 2012 WinPerTaxSupport (Version: 012.000.0164)
TurboTax 2012 wnyiper (Version: 012.000.1258)
TurboTax 2012 wrapper (Version: 012.000.0127)
UM-1G Driver
VC80CRTRedist - 8.0.50727.4053 (Version: 1.1.0)
Ventrilo Client (Version: 3.0.8)
VIA Platform Device Manager (Version: 1.34)
VLC media player 1.1.7 (Version: 1.1.7)
Windows Live Call (Version: 14.0.8064.0206)
Windows Live Communications Platform (Version: 14.0.8064.206)
Windows Live Essentials (Version: 14.0.8089.0726)
Windows Live Essentials (Version: 14.0.8089.726)
Windows Live Family Safety (Version: 14.0.8093.805)
Windows Live Mail (Version: 14.0.8089.0726)
Windows Live Messenger (Version: 14.0.8089.0726)
Windows Live Movie Maker (Version: 14.0.8091.0730)
Windows Live Photo Gallery (Version: 14.0.8081.709)
Windows Live Sign-in Assistant (Version: 5.000.818.5)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live Toolbar (Version: 14.0.8064.206)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Live Writer (Version: 14.0.8089.0726)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
WinPcap 4.1.1 (Version: 4.1.0.1753)
WinRAR archiver
WM Recorder 11.0
WM Recorder 14 (Version: 14.0)

========================= Devices: ================================

Name: Standard OpenHCD USB Host Controller
Description: Standard OpenHCD USB Host Controller
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbohci
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: SBRE
Description: SBRE
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: SBRE
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


========================= Memory info: ===================================

Percentage of memory in use: 39%
Total physical RAM: 4095.18 MB
Available physical RAM: 2476 MB
Total Pagefile: 8188.5 MB
Available Pagefile: 6092.42 MB
Total Virtual: 4095.88 MB
Available Virtual: 3953.48 MB

========================= Partitions: =====================================

1 Drive c: (WIN7) (Fixed) (Total:680.06 GB) (Free:345.61 GB) NTFS
2 Drive d: (LA-GSG_DVDV3) (CDROM) (Total:0.28 GB) (Free:0 GB) UDF
7 Drive j: (BSTMV4) (CDROM) (Total:0.42 GB) (Free:0 GB) CDFS

========================= Users: ========================================

User accounts for \\BRETT-PC

Administrator            Brett                    Guest                    
Mcx1-BRETT-PC            Mcx2-BRETT-PC            UpdatusUser              


**** End of log ****

# AdwCleaner v2.112 - Logfile created 02/22/2013 at 19:34:03
# Updated 10/02/2013 by Xplode
# Operating system : Windows 7 Home Premium  (64 bits)
# User : Brett - BRETT-PC
# Boot Mode : Normal
# Running from : C:\Users\Brett\Downloads\AdwCleaner.exe
# Option [Delete]


ADWCLEANER

***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Users\Brett\AppData\Local\Temp\Uninstall.exe

***** [Registry] *****

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
Key Deleted : HKLM\Software\Conduit
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.7600.16385

[OK] Registry is clean.

-\\ Mozilla Firefox v19.0 (en-US)

File : C:\Users\Brett\AppData\Roaming\Mozilla\Firefox\Profiles\4ebm0tod.default\prefs.js

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [1317 octets] - [22/02/2013 19:34:03]

########## EOF - C:\AdwCleaner[S1].txt - [1377 octets] ##########

 

Junkware Removal Tool

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.6.5 (02.18.2013:1)
OS: Windows 7 Home Premium x64
Ran by Brett on Fri 02/22/2013 at 19:39:29.88
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] hkey_current_user\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\DisplayName
Successfully repaired: [Registry Value] hkey_current_user\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\URL



~~~ Registry Keys

Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{6a1806cd-94d4-4689-ba73-e35ea1ea9990}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{6a1806cd-94d4-4689-ba73-e35ea1ea9990}



~~~ Files

Successfully deleted: [File] "C:\users\default user\start menu\programs\startup\best buy pc app.lnk"



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\best buy pc app"
Successfully deleted: [Folder] "C:\Users\Brett\appdata\local\adawarebp"
Successfully deleted: [Folder] "C:\Users\Brett\appdata\local\best buy pc app"



~~~ FireFox

Successfully deleted: [Folder] C:\Users\Brett\AppData\Roaming\mozilla\firefox\profiles\4ebm0tod.default\extensions\jid1-yZwVFzbsyfMrqQ@jetpack
Successfully deleted the following from C:\Users\Brett\AppData\Roaming\mozilla\firefox\profiles\4ebm0tod.default\prefs.js

user_pref("extensions.enabledItems", "toolbar@ask.com:3.11.3.15590,{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17");



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 02/22/2013 at 19:46:52.67
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

RKill:

 

Rkill 2.4.7 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 02/22/2013 08:22:58 PM in x64 mode.
Windows Version: Windows 7 Home Premium

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * No malware processes found to kill.

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
  * HKLM\Software\Classes\exefile\shell\open\command\\IsolatedCommand was changed. It was reset to "%1" %*!

  * HKLM\Software\Classes\exefile\shell\runas\command\\IsolatedCommand was changed. It was reset to "%1" %*!


Performing miscellaneous checks:

 * ALERT: ZEROACCESS rootkit symptoms found!

     * HKEY_CLASSES_ROOT\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InprocServer32 [ZA Reg Hijack]
     * C:\$Recycle.Bin\S-1-5-21-2716317311-554489004-1990129028-1000\$8105665fc5a835b2c01d228ba4eadc02\ [ZA Dir]
     * C:\$Recycle.Bin\S-1-5-21-2716317311-554489004-1990129028-1000\$8105665fc5a835b2c01d228ba4eadc02\@ [ZA File]
     * C:\$Recycle.Bin\S-1-5-21-2716317311-554489004-1990129028-1000\$8105665fc5a835b2c01d228ba4eadc02\L\ [ZA Dir]
     * C:\$Recycle.Bin\S-1-5-21-2716317311-554489004-1990129028-1000\$8105665fc5a835b2c01d228ba4eadc02\U\ [ZA Dir]

Checking Windows Service Integrity:

 * WinDefend [Missing Service]
 * wscsvc [Missing Service]

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * Cannot edit the HOSTS file.
 * Permissions Fixed. Administrators can now edit the HOSTS file.

 * HOSTS file entries found:

  127.0.0.1       localhost
  ::1             localhost
  149.5.18.172 www.google-analytics.com.
  149.5.18.172 ad-emea.doubleclick.net.
  149.5.18.172 www.statcounter.com.
  108.163.215.51 www.google-analytics.com.
  108.163.215.51 ad-emea.doubleclick.net.
  108.163.215.51 www.statcounter.com.

Program finished at: 02/22/2013 08:23:09 PM
Execution time: 0 hours(s), 0 minute(s), and 11 seconds(s)

 

 

Autoruns:

 

"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms"    ""    ""    ""
+ "rdpclip"    ""    ""    "File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run"    ""    ""    ""
+ "AdobeAAMUpdater-1.0"    "Adobe Updater Startup Utility"    "Adobe Systems Incorporated"    "c:\program files (x86)\common files\adobe\oobe\pdapp\uwa\updaterstartuputility.exe"
+ "BCSSync"    "Microsoft Office 2010 component"    "Microsoft Corporation"    "c:\program files\microsoft office\office14\bcssync.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run"    ""    ""    ""
+ "Adobe ARM"    "Adobe Reader and Acrobat Manager"    "Adobe Systems Incorporated"    "c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe"
+ "APSDaemon"    "Apple Push"    "Apple Inc."    "c:\program files (x86)\common files\apple\apple application support\apsdaemon.exe"
+ "avast5"    "avast! Antivirus"    "AVAST Software"    "c:\program files\alwil software\avast5\avastui.exe"
+ "HDAudDeck"    "VIA HD Audio CPL"    "VIA"    "c:\program files (x86)\via\viaudioi\vdeck\vdeck.exe"
+ "iTunesHelper"    "iTunesHelper"    "Apple Inc."    "c:\program files (x86)\itunes\ituneshelper.exe"
+ "QuickTime Task"    "QuickTime Task"    "Apple Inc."    "c:\program files (x86)\quicktime\qttask.exe"
+ "ReCycle Patch"    ""    ""    "c:\users\brett\desktop\propellerhead recycle 2.1\recyclepatch.exe"
+ "RunAIShell"    "Helper AP for Windows ShellExec for NT"    "ASUSTeK Computer Inc."    "c:\program files (x86)\asus\ai manager\asshellapplication.exe"
+ "StartCCC"    "Catalyst® Control Center Launcher"    "Advanced Micro Devices, Inc."    "c:\program files (x86)\ati technologies\ati.ace\core-static\clistart.exe"
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup"    ""    ""    ""
+ "CodeMeter Control Center.lnk"    "CodeMeter Control Center"    "WIBU-SYSTEMS AG"    "c:\program files (x86)\codemeter\runtime\bin\codemetercc.exe"
"C:\Users\Brett\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup"    ""    ""    ""
+ "MagicDisc.lnk"    "MagicISO Virtual CD/DVD Manager"    "MagicISO, Inc."    "c:\program files (x86)\magicdisc\magicdisc.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components"    ""    ""    ""
+ "Microsoft Windows"    "Windows Mail"    "Microsoft Corporation"    "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components"    ""    ""    ""
+ "Microsoft Windows"    "Windows Mail"    "Microsoft Corporation"    "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run"    ""    ""    ""
+ "Utopia Angel"    ""    ""    "c:\utopia\angel\angel.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter"    ""    ""    ""
+ "text/xml"    "Microsoft Office XML MIME Filter"    "Microsoft Corporation"    "c:\program files\common files\microsoft shared\office14\msoxmlmf.dll"
"HKLM\SOFTWARE\Classes\Protocols\Handler"    ""    ""    ""
+ "ms-help"    "Microsoft® Help Data Services Module"    "Microsoft Corporation"    "c:\program files\common files\microsoft shared\help\hxds.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "avast"    "avast! Shell Extension"    "AVAST Software"    "c:\program files\alwil software\avast5\ashsha64.dll"
+ "MagicISO"    "MagicISO Shell Extension Module"    "MagicISO, Inc."    "c:\program files (x86)\magiciso\misosh64.dll"
+ "PhotoStreamsExt"    ""    ""    "c:\program files\common files\apple\internet services\shellstreams64.dll"
+ "PowerISO"    "PowerISOShell DLL"    "PowerISO Computing, Inc."    "c:\program files (x86)\poweriso\pwrisosh.dll"
+ "WinRAR"    ""    ""    "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "avast"    "avast! Shell Extension"    "AVAST Software"    "c:\program files\alwil software\avast5\ashshell.dll"
+ "PhotoStreamsExt"    "ShellStreams.dll"    "Apple Inc."    "c:\program files (x86)\common files\apple\internet services\shellstreams.dll"
+ "WinRAR32"    ""    ""    "c:\program files\winrar\rarext32.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "MBAMShlExt"    "Malwarebytes Anti-Malware"    "Malwarebytes Corporation"    "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "MagicISO"    "MagicISO Shell Extension Module"    "MagicISO, Inc."    "c:\program files (x86)\magiciso\misosh64.dll"
+ "PowerISO"    "PowerISOShell DLL"    "PowerISO Computing, Inc."    "c:\program files (x86)\poweriso\pwrisosh.dll"
+ "WinRAR"    ""    ""    "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "WinRAR32"    ""    ""    "c:\program files\winrar\rarext32.dll"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers"    ""    ""    ""
+ "WinRAR"    ""    ""    "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Shellex\DragDropHandlers"    ""    ""    ""
+ "WinRAR32"    ""    ""    "c:\program files\winrar\rarext32.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "ACE"    "AMD Desktop Control Panel"    "Advanced Micro Devices, Inc."    "c:\program files (x86)\ati technologies\ati.ace\core-static\atiacm64.dll"
+ "Gadgets"    "Sidebar droptarget"    "Microsoft Corporation"    "c:\program files\windows sidebar\sbdrop.dll"
+ "NvCplDesktopContext"    ""    "NVIDIA Corporation"    "c:\windows\system32\nvshext.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "Gadgets"    "Sidebar droptarget"    "Microsoft Corporation"    "c:\program files (x86)\windows sidebar\sbdrop.dll"
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers"    ""    ""    ""
+ "dBpShell Class"    "Provides dBpoweramp Shell Interaction"    "Illustrate"    "c:\program files (x86)\illustrate\dbpoweramp\dbshell.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers"    ""    ""    ""
+ "PDF Shell Extension"    "PDF Shell Extension"    "Adobe Systems, Inc."    "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "avast"    "avast! Shell Extension"    "AVAST Software"    "c:\program files\alwil software\avast5\ashsha64.dll"
+ "MagicISO"    "MagicISO Shell Extension Module"    "MagicISO, Inc."    "c:\program files (x86)\magiciso\misosh64.dll"
+ "MBAMShlExt"    "Malwarebytes Anti-Malware"    "Malwarebytes Corporation"    "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "PowerISO"    "PowerISOShell DLL"    "PowerISO Computing, Inc."    "c:\program files (x86)\poweriso\pwrisosh.dll"
+ "WinRAR"    ""    ""    "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "avast"    "avast! Shell Extension"    "AVAST Software"    "c:\program files\alwil software\avast5\ashshell.dll"
+ "WinRAR32"    ""    ""    "c:\program files\winrar\rarext32.dll"
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers"    ""    ""    ""
+ "WinRAR"    ""    ""    "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\DragDropHandlers"    ""    ""    ""
+ "WinRAR32"    ""    ""    "c:\program files\winrar\rarext32.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects"    ""    ""    ""
+ "Office Document Cache Handler"    "Microsoft Office Document Cache Handler"    "Microsoft Corporation"    "c:\program files\microsoft office\office14\urlredir.dll"
+ "Windows Live Family Safety Browser Helper Class"    "Family Safety Browser Helper Object Library"    "Microsoft Corporation"    "c:\program files\windows live\family safety\fssbho.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects"    ""    ""    ""
+ "Adobe PDF Link Helper"    "Adobe PDF Helper for Internet Explorer"    "Adobe Systems Incorporated"    "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "Java™ Plug-In 2 SSV Helper"    "Java™ Platform SE binary"    "Sun Microsystems, Inc."    "c:\program files (x86)\java\jre6\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper"    "Java™ Platform SE binary"    "Sun Microsystems, Inc."    "c:\program files (x86)\java\jre6\bin\ssv.dll"
+ "Office Document Cache Handler"    "Microsoft Office Document Cache Handler"    "Microsoft Corporation"    "c:\program files (x86)\microsoft office\office14\urlredir.dll"
+ "Search Helper"    "Microsoft Search Helper Extention"    "Microsoft Corp."    "c:\program files (x86)\microsoft\search enhancement pack\search helper\searchhelper.dll"
+ "Windows Live Sign-in Helper"    "WindowsLiveLogin.dll"    "Microsoft Corporation"    "c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll"
+ "Windows Live Toolbar Helper"    "Windows Live Toolbar Core"    "Microsoft Corporation"    "c:\program files (x86)\windows live\toolbar\wltcore.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar"    ""    ""    ""
+ "&Windows Live Toolbar"    "Windows Live Toolbar Core"    "Microsoft Corporation"    "c:\program files (x86)\windows live\toolbar\wltcore.dll"
"HKCU\Software\Microsoft\Internet Explorer\Extensions"    ""    ""    ""
+ "UB"    ""    ""    "File not found: C:\Users\Brett\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UB\UB.lnk"
"HKLM\System\CurrentControlSet\Services"    ""    ""    ""
+ "Adobe LM Service"    "AdobeLM Service"    "Adobe Systems"    "c:\program files (x86)\common files\adobe systems shared\service\adobelmsvc.exe"
+ "AdobeARMservice"    "Adobe Acrobat Updater keeps your Adobe software up to date."    "Adobe Systems Incorporated"    "c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe"
+ "AMD External Events Utility"    "AMD External Events Service Module"    "AMD"    "c:\windows\system32\atiesrxx.exe"
+ "AMD FUEL Service"    "Provides FUEL Functionality"    "Advanced Micro Devices, Inc."    "c:\program files\ati technologies\ati.ace\fuel\fuel.service.exe"
+ "Apple Mobile Device"    "Provides the interface to Apple mobile devices."    "Apple Inc."    "c:\program files (x86)\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "avast! Antivirus"    "Manages and implements avast! antivirus services for this computer. This includes the resident protection, the virus chest and the scheduler."    "AVAST Software"    "c:\program files\alwil software\avast5\avastsvc.exe"
+ "avast! Mail Scanner"    "Implements mail scanning for avast! antivirus."    "AVAST Software"    "c:\program files\alwil software\avast5\avastsvc.exe"
+ "avast! Web Scanner"    "Implements web (HTTP) scanning for avast! antivirus."    "AVAST Software"    "c:\program files\alwil software\avast5\avastsvc.exe"
+ "Bonjour Service"    "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence."    "Apple Inc."    "c:\program files\bonjour\mdnsresponder.exe"
+ "CodeMeter.exe"    "CodeMeter Runtime Server"    "WIBU-SYSTEMS AG"    "c:\program files (x86)\codemeter\runtime\bin\codemeter.exe"
+ "Device Handle Service"    "Device Handle"    "ASUSTeK Computer Inc."    "c:\windows\syswow64\ashookdevice.exe"
+ "FlipShare Service"    "FlipShare Service"    ""    "c:\program files (x86)\flip video\flipshare\flipshareservice.exe"
+ "fsssvc"    "This service enables Family Safety on the computer. If this service is not running, Family Safety will not work."    "Microsoft Corporation"    "c:\program files (x86)\windows live\family safety\fsssvc.exe"
+ "gupdate"    "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it."    "Google Inc."    "c:\program files (x86)\google\update\googleupdate.exe"
+ "gupdatem"    "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it."    "Google Inc."    "c:\program files (x86)\google\update\googleupdate.exe"
+ "IntuitUpdateService"    "Helps Intuit applications automatically update themselves."    "Intuit Inc."    "c:\program files (x86)\common files\intuit\update service\intuitupdateservice.exe"
+ "IntuitUpdateServiceV4"    "Helps Intuit applications automatically update themselves."    "Intuit Inc."    "c:\program files (x86)\common files\intuit\update service v4\intuitupdateservice.exe"
+ "iPod Service"    "iPod hardware management services"    "Apple Inc."    "c:\program files\ipod\bin\ipodservice.exe"
+ "MBAMScheduler"    "Malwarebytes Anti-Malware scheduler"    "Malwarebytes Corporation"    "c:\program files (x86)\malwarebytes' anti-malware\mbamscheduler.exe"
+ "MBAMService"    "Malwarebytes Anti-Malware service"    "Malwarebytes Corporation"    "c:\program files (x86)\malwarebytes' anti-malware\mbamservice.exe"
+ "MozillaMaintenance"    "The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled."    "Mozilla Foundation"    "c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe"
+ "Net Driver HPZ12"    "Dot4Net Module"    "Hewlett-Packard"    "c:\windows\system32\hpzinw12.dll"
+ "nvsvc"    "Provides system and desktop level support to the NVIDIA display driver"    "NVIDIA Corporation"    "c:\windows\system32\nvvsvc.exe"
+ "nvUpdatusService"    "NVIDIA Settings Update Manager service, used to check new updates from NVIDIA server."    "NVIDIA Corporation"    "c:\program files (x86)\nvidia corporation\nvidia update core\daemonu.exe"
+ "ose64"    "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports."    "Microsoft Corporation"    "c:\program files\common files\microsoft shared\source engine\ose.exe"
+ "osppsvc"    "Office Software Protection Platform Service (unlocalized description)"    "Microsoft Corporation"    "c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe"
+ "Pml Driver HPZ12"    "PmlDrv Module"    "Hewlett-Packard"    "c:\windows\system32\hpzipm12.dll"
+ "rpcapd"    "Allows to capture traffic on this machine from a remote machine."    "CACE Technologies, Inc."    "c:\program files (x86)\winpcap\rpcapd.exe"
+ "SeaPort"    "Enables the detection, download and installation of up-to-date configuration files for Microsoft Search Enhancement applications. Also provides server communication for the customer experience improvement program. If this service is disabled, search enhancement features such as search history may not work correctly."    "Microsoft Corp."    "c:\program files (x86)\microsoft\search enhancement pack\seaport\seaport.exe"
+ "Stereo Service"    "Provides system support for NVIDIA Stereoscopic 3D driver"    "NVIDIA Corporation"    "c:\program files (x86)\nvidia corporation\3d vision\nvscpapisvr.exe"
+ "WMPNetworkSvc"    "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play"    "Microsoft Corporation"    "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services"    ""    ""    ""
+ "adp94xx"    "Adaptec Windows SAS/SATA Storport Driver"    "Adaptec, Inc."    "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci"    "Adaptec Windows SATA Storport Driver"    "Adaptec, Inc."    "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320"    "Adaptec StorPort Ultra320 SCSI Driver (X64)"    "Adaptec, Inc."    "c:\windows\system32\drivers\adpu320.sys"
+ "aliide"    "ALi mini IDE Driver"    "Acer Laboratories Inc."    "c:\windows\system32\drivers\aliide.sys"
+ "amdiox64"    "AMD IO Driver"    "Advanced Micro Devices"    "c:\windows\system32\drivers\amdiox64.sys"
+ "amdkmdag"    "ATI Radeon Kernel Mode Driver"    "ATI Technologies Inc."    "c:\windows\system32\drivers\atikmdag.sys"
+ "amdkmdap"    "AMD multi-vendor Miniport Driver"    "Advanced Micro Devices, Inc."    "c:\windows\system32\drivers\atikmpag.sys"
+ "amdsata"    "AHCI 1.2 Device Driver"    "Advanced Micro Devices"    "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs"    "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform"    "AMD Technologies Inc."    "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata"    "Storage Filter Driver"    "Advanced Micro Devices"    "c:\windows\system32\drivers\amdxata.sys"
+ "arc"    "Adaptec RAID Storport Driver"    "Adaptec, Inc."    "c:\windows\system32\drivers\arc.sys"
+ "arcsas"    "Adaptec SAS RAID WS03 Driver"    "Adaptec, Inc."    "c:\windows\system32\drivers\arcsas.sys"
+ "AsIO"    ""    ""    "c:\windows\syswow64\drivers\asio.sys"
+ "AsUpIO"    ""    ""    "c:\windows\syswow64\drivers\asupio.sys"
+ "aswFsBlk"    "avast! mini-filter driver (aswFsBlk)"    "ALWIL Software"    "c:\windows\system32\drivers\aswfsblk.sys"
+ "aswMonFlt"    "avast! mini-filter driver (aswMonFlt)"    "ALWIL Software"    "c:\windows\system32\drivers\aswmonflt.sys"
+ "aswRdr"    "avast! TDI Redirect driver"    "ALWIL Software"    "c:\windows\system32\drivers\aswrdr.sys"
+ "aswSP"    "avast! Self Protection"    "ALWIL Software"    "c:\windows\system32\drivers\aswsp.sys"
+ "aswTdi"    "avast! Network Shield TDI driver"    "ALWIL Software"    "c:\windows\system32\drivers\aswtdi.sys"
+ "AtiHDAudioService"    "AMD High Definition Audio Function Driver"    "Advanced Micro Devices"    "c:\windows\system32\drivers\atihdw76.sys"
+ "AtiHdmiService"    "ATI High Definition Audio Function Driver"    "ATI Technologies, Inc."    "c:\windows\system32\drivers\atihdmi.sys"
+ "atikmdag"    "ATI Radeon Kernel Mode Driver"    "ATI Technologies Inc."    "c:\windows\system32\drivers\atikmdag.sys"
+ "AtiPcie"    "AMD PCIE Filter Driver for ATI PCIE chipset"    "Advanced Micro Devices Inc."    "c:\windows\system32\drivers\atipcie.sys"
+ "b06bdrv"    "Broadcom NetXtreme II GigE VBD"    "Broadcom Corporation"    "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a"    "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver."    "Broadcom Corporation"    "c:\windows\system32\drivers\b57nd60a.sys"
+ "BrFiltLo"    "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver"    "Brother Industries, Ltd."    "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp"    "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver"    "Brother Industries, Ltd."    "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid"    "Brotehr Serial I/F Driver (WDM)"    "Brother Industries Ltd."    "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm"    "Brother Serial driver (WDM version)"    "Brother Industries Ltd."    "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm"    "Brother USB MDM Driver "    "Brother Industries Ltd."    "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer"    "Brother USB Serial Driver"    "Brother Industries Ltd."    "c:\windows\system32\drivers\brusbser.sys"
+ "cmdide"    "CMD PCI IDE Bus Driver"    "CMD Technology, Inc."    "c:\windows\system32\drivers\cmdide.sys"
+ "ebdrv"    "Broadcom NetXtreme II 10 GigE VBD"    "Broadcom Corporation"    "c:\windows\system32\drivers\evbda.sys"
+ "elxstor"    "Storport Miniport Driver for LightPulse HBAs"    "Emulex"    "c:\windows\system32\drivers\elxstor.sys"
+ "GEARAspiWDM"    "CD DVD Filter"    "GEAR Software Inc."    "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "hcw85cir"    "Hauppauge WinTV 885 Consumer IR Driver for eHome"    "Hauppauge Computer Works, Inc."    "c:\windows\system32\drivers\hcw85cir.sys"
+ "HpSAMD"    "Smart Array SAS/SATA Controller Media Driver"    "Hewlett-Packard Company"    "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStorV"    "Intel Matrix Storage Manager driver - x64"    "Intel Corporation"    "c:\windows\system32\drivers\iastorv.sys"
+ "igfx"    "Intel Graphics Kernel Mode Driver"    "Intel Corporation"    "c:\windows\system32\drivers\igdkmd64.sys"
+ "iirsp"    "Intel/ICP Raid Storport Driver"    "Intel Corp./ICP vortex GmbH"    "c:\windows\system32\drivers\iirsp.sys"
+ "LSI_FC"    "LSI Fusion-MPT FC Driver (StorPort)"    "LSI Corporation"    "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS"    "LSI Fusion-MPT SAS Driver (StorPort)"    "LSI Corporation"    "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2"    "LSI SAS Gen2 Driver (StorPort)"    "LSI Corporation"    "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI"    "LSI Fusion-MPT SCSI Driver (StorPort)"    "LSI Corporation"    "c:\windows\system32\drivers\lsi_scsi.sys"
+ "MBAMProtector"    "Malwarebytes Anti-Malware"    "Malwarebytes Corporation"    "c:\windows\system32\drivers\mbam.sys"
+ "mcdbus"    "MagicISO SCSI Host Controller"    "MagicISO, Inc."    "c:\windows\system32\drivers\mcdbus.sys"
+ "megasas"    "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64"    "LSI Corporation"    "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR"    "LSI MegaRAID Software RAID Driver"    "LSI Corporation, Inc."    "c:\windows\system32\drivers\megasr.sys"
+ "MTsensor"    "ATK0110 ACPI Utility"    ""    "c:\windows\system32\drivers\asacpi.sys"
+ "netr28x"    "Ralink 802.11 Wireless Adapter Driver"    "Ralink Technology, Corp."    "c:\windows\system32\drivers\netr28x.sys"
+ "nfrd960"    "IBM ServeRAID Controller Driver"    "IBM Corporation"    "c:\windows\system32\drivers\nfrd960.sys"
+ "NPF"    "npf.sys (NT5/6 AMD64) Kernel Driver"    "CACE Technologies, Inc."    "c:\windows\system32\drivers\npf.sys"
+ "NVHDA"    "NVIDIA HDMI Audio Driver"    "NVIDIA Corporation"    "c:\windows\system32\drivers\nvhda64v.sys"
+ "nvlddmkm"    "NVIDIA Windows Kernel Mode Driver, Version 301.42 "    "NVIDIA Corporation"    "c:\windows\system32\drivers\nvlddmkm.sys"
+ "nvraid"    "NVIDIA® nForce™ RAID Driver"    "NVIDIA Corporation"    "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor"    "NVIDIA® nForce™ Sata Performance Driver"    "NVIDIA Corporation"    "c:\windows\system32\drivers\nvstor.sys"
+ "ql2300"    "QLogic Fibre Channel Stor Miniport Driver"    "QLogic Corporation"    "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx"    "QLogic iSCSI Storport Miniport Driver"    "QLogic Corporation"    "c:\windows\system32\drivers\ql40xx.sys"
+ "RDID1093"    " "    "Roland Corporation"    "c:\windows\system32\drivers\rdwm1093.sys"
+ "RTL8167"    "Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver                "    "Realtek                                            "    "c:\windows\system32\drivers\rt64win7.sys"
+ "SBRE"    ""    ""    "File not found: C:\Windows\system32\drivers\SBREdrv.sys"
+ "SCDEmu"    "PowerISO Virtual Drive"    "PowerISO Computing, Inc."    "c:\windows\system32\drivers\scdemu.sys"
+ "secdrv"    "Macrovision SECURITY Driver"    "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K."    "c:\windows\system32\drivers\secdrv.sys"
+ "SiSRaid2"    "SiS RAID Stor Miniport Driver"    "Silicon Integrated Systems Corp."    "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4"    "SiS AHCI Stor-Miniport Driver"    "Silicon Integrated Systems"    "c:\windows\system32\drivers\sisraid4.sys"
+ "stexstor"    "Promise  SuperTrak EX Series Driver for Windows "    "Promise Technology"    "c:\windows\system32\drivers\stexstor.sys"
+ "USBAAPL64"    "Apple Mobile Device USB Driver"    "Apple, Inc."    "c:\windows\system32\drivers\usbaapl64.sys"
+ "usbfilter"    "AMD USB Filter Driver"    "Advanced Micro Devices"    "c:\windows\system32\drivers\usbfilter.sys"
+ "VIAHdAudAddService"    "VIA High Definition Audio Function Driver"    "VIA Technologies, Inc."    "c:\windows\system32\drivers\viahduaa.sys"
+ "viaide"    "VIA Generic PCI IDE Bus Driver"    "VIA Technologies, Inc."    "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid"    "VIA RAID DRIVER FOR AMD-X86-64"    "VIA Technologies Inc.,Ltd"    "c:\windows\system32\drivers\vsmraid.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32"    ""    ""    ""
+ "msacm.l3acm"    "MPEG Layer-3 Audio Codec for MSACM"    "Fraunhofer Institut Integrierte Schaltungen IIS"    "c:\windows\system32\l3codeca.acm"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32"    ""    ""    ""
+ "msacm.l3acm"    "MPEG Layer-3 Audio Codec for MSACM"    "Fraunhofer Institut Integrierte Schaltungen IIS"    "c:\windows\syswow64\l3codeca.acm"
+ "vidc.3IV2"    "3ivx MPEG-4 5.0.3 Video for Windows Codec"    "3ivx Technologies Pty. Ltd."    "c:\windows\syswow64\3ivxvfwcodec.dll"
+ "vidc.cvid"    "Cinepak® Codec"    "Radius Inc."    "c:\windows\syswow64\iccvid.dll"
"HKLM\Software\Classes\Filter"    ""    ""    ""
+ "iZotope Vinyl"    "iZotope Vinyl"    "iZotope, Inc."    "c:\program files (x86)\izotope\vinyl\win64\izvinyl.dll"
+ "iZotope Vinyl"    "iZotope Vinyl"    "iZotope, Inc."    "c:\program files (x86)\izotope\vinyl\win32\izvinyl.dll"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance"    ""    ""    ""
+ "ATI MPEG Audio Encoder"    "ATI MPEG Encoder"    "Advanced Micro Devices Inc."    "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI MPEG File Writer"    "ATI MPEG Encoder"    "Advanced Micro Devices Inc."    "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI MPEG Multiplexer"    "ATI MPEG Encoder"    "Advanced Micro Devices Inc."    "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI MPEG Video Decoder"    "ATI MPEG Encoder"    "Advanced Micro Devices Inc."    "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI MPEG Video Encoder"    "ATI MPEG Encoder"    "Advanced Micro Devices Inc."    "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI Video Rotation Filter"    "ATI MPEG Encoder"    "Advanced Micro Devices Inc."    "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI Video Scaler Filter"    "ATI MPEG Encoder"    "Advanced Micro Devices Inc."    "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance"    ""    ""    ""
+ "3ivx Decoder Filter"    "3ivx MPEG-4 5.0.3 DirectShow Video Decoder"    "3ivx Technologies Pty. Ltd."    "c:\program files (x86)\3ivx\3ivx mpeg-4 5.0.3\3ivxdsvideodecoder.ax"
+ "3ivx Media Muxer"    "3ivx MPEG-4 5.0.3 DirectShow Media Muxer"    "3ivx Technologies Pty. Ltd."    "c:\program files (x86)\3ivx\3ivx mpeg-4 5.0.3\3ivxdsmediamux.ax"
+ "3ivx Media Splitter"    "3ivx MPEG-4 5.0.3 DirectShow Media Splitter"    "3ivx Technologies Pty. Ltd."    "c:\program files (x86)\3ivx\3ivx mpeg-4 5.0.3\3ivxdsmediasplitter.ax"
+ "3ivx MPEG-4 Video Encoder"    "3ivx MPEG-4 5.0.3 Video for Windows Codec"    "3ivx Technologies Pty. Ltd."    "c:\program files (x86)\3ivx\3ivx mpeg-4 5.0.3\3ivxdsvideoencoder.ax"
+ "AC3Filter"    "ac3filter"    ""    "c:\windows\syswow64\ac3filter.ax"
+ "ATI MPEG Audio Encoder"    "ATI MPEG Encoder"    "Advanced Micro Devices Inc."    "c:\program files\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI MPEG File Writer"    "ATI MPEG Encoder"    "Advanced Micro Devices Inc."    "c:\program files\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI MPEG Multiplexer"    "ATI MPEG Encoder"    "Advanced Micro Devices Inc."    "c:\program files\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI MPEG Video Decoder"    "ATI MPEG Encoder"    "Advanced Micro Devices Inc."    "c:\program files\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI MPEG Video Encoder"    "ATI MPEG Encoder"    "Advanced Micro Devices Inc."    "c:\program files\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI Ticker"    ""    ""    "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\ticker.ax"
+ "ATI Video Rotation Filter"    "ATI MPEG Encoder"    "Advanced Micro Devices Inc."    "c:\program files\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI Video Scaler Filter"    "ATI MPEG Encoder"    "Advanced Micro Devices Inc."    "c:\program files\common files\ati technologies\multimedia\atimpenc.dll"
+ "Audition Null Audio"    "Adobe® Audition™ SCSI CD Interface"    "Adobe Systems®, Incorporated"    "c:\program files (x86)\adobe\audition 1.5\videodump.ax"
+ "Audition VideoDump"    "Adobe® Audition™ SCSI CD Interface"    "Adobe Systems®, Incorporated"    "c:\program files (x86)\adobe\audition 1.5\videodump.ax"
+ "AVS Video Out"    "AVSVideoOutFilter DirectShow Filter"    "Online Media Technologies Ltd"    "c:\program files (x86)\common files\avsmedia\activex\avsvideooutfilter3.ax"
+ "AVSMediaGrabber"    "AVSMediaGrabber4 DirectShow Filter"    "Online Media Technologies Ltd."    "c:\program files (x86)\common files\avsmedia\activex\avsmediagrabber4.ax"
+ "Capture File Writer"    "Windows Live Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "DivX Decoder Filter"    "DivX® Decoder Filter"    "DivXNetworks, Inc."    "c:\windows\syswow64\divxdec.ax"
+ "DivX Video Encoder (3ivx)"    "3ivx MPEG-4 5.0.3 Video for Windows Codec"    "3ivx Technologies Pty. Ltd."    "c:\program files (x86)\3ivx\3ivx mpeg-4 5.0.3\3ivxdsvideoencoder.ax"
+ "GPL MPEG-1/2 Decoder"    "GPL MPEG-1/2 Decoder Filter for DirectShow"    "Peter Wimmer, Gabest"    "c:\windows\syswow64\gplmpgdec.ax"
+ "MMACE Deinterlace"    ""    ""    "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "MMACE ProcAmp"    ""    ""    "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "MMACE SoftEmu"    ""    ""    "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "Ogg Multiplexer"    "Ogg DirectShow™ Filter Collection"    ""    "c:\windows\syswow64\oggds.dll"
+ "Ogg Splitter"    "Ogg DirectShow™ Filter Collection"    ""    "c:\windows\syswow64\oggds.dll"
+ "PDFrameGrabFilter"    "FrameGrabFilter"    ""    "c:\program files (x86)\flip video\flipshare\framegrabfilter.ax"
+ "PDT IPP AAC Encoder"    ""    ""    "c:\program files (x86)\flip video\flipshare\ipp6_0_aacencoder.ax"
+ "PDT IPP H264 Encoder"    "IPPH264Encoder"    ""    "c:\program files (x86)\flip video\flipshare\ipph264encoder.ax"
+ "PDT IPP MP4 Muxer"    "IPPMP4Muxer"    ""    "c:\program files (x86)\flip video\flipshare\ippmp4muxer.ax"
+ "PDT IPP MP4 Splitter"    "IPPMp4Splitter"    ""    "c:\program files (x86)\flip video\flipshare\ippmp4splitter.ax"
+ "PDT IPP MPEG Audio Decoder"    "IPPMPEGAudioDecoder"    ""    "c:\program files (x86)\flip video\flipshare\ippmpegaudiodecoder.ax"
+ "PDT IPP Video Decoder"    "IPPVideoDecoder"    ""    "c:\program files (x86)\flip video\flipshare\ippvideodecoder.ax"
+ "PDT Resize and Letterbox Filter"    "PurpleComposite"    ""    "c:\program files (x86)\flip video\flipshare\purplecomposite.ax"
+ "QTSrc"    "CLQTSrc"    "Cyberlink"    "c:\windows\syswow64\qtalt.ax"
+ "RealAudio Decoder"    "RealMedia Splitter"    "Gabest"    "c:\windows\syswow64\rmalt.ax"
+ "RealMedia Source"    "RealMedia Splitter"    "Gabest"    "c:\windows\syswow64\rmalt.ax"
+ "RealMedia Splitter"    "RealMedia Splitter"    "Gabest"    "c:\windows\syswow64\rmalt.ax"
+ "RealVideo Decoder"    "RealMedia Splitter"    "Gabest"    "c:\windows\syswow64\rmalt.ax"
+ "Record Queue"    "Windows Live Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "Samsung Video Encoder (3ivx)"    "3ivx MPEG-4 5.0.3 Video for Windows Codec"    "3ivx Technologies Pty. Ltd."    "c:\program files (x86)\3ivx\3ivx mpeg-4 5.0.3\3ivxdsvideoencoder.ax"
+ "Vorbis Decoder"    "Ogg DirectShow™ Filter Collection"    ""    "c:\windows\syswow64\oggds.dll"
+ "Vorbis Encoder"    "Ogg DirectShow™ Filter Collection"    ""    "c:\windows\syswow64\oggds.dll"
+ "WM VIH2 Fix"    "Windows Live Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT DV Extract Filter"    "Windows Live Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter"    "Windows Live Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter"    "Windows Live Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer"    "Windows Live Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source"    "Windows Live Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "XviD MPEG-4 Video Decoder"    ""    ""    "c:\windows\syswow64\xvid.ax"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries"    ""    ""    ""
+ "mdnsNSP"    "Bonjour Namespace Provider"    "Apple Inc."    "c:\program files (x86)\bonjour\mdnsnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64"    ""    ""    ""
+ "mdnsNSP"    "Bonjour Namespace Provider"    "Apple Inc."    "c:\program files\bonjour\mdnsnsp.dll"





 



#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:52 PM

Posted 22 February 2013 - 09:46 PM

Run the services repair tool

http://kb.eset.com/library/ESET/KB%20Team%20Only/Malware/ServicesRepair.exe

 

Restart the PC


Now run RKILL given in previous instructions and post the new log


Edited by narenxp, 12 March 2013 - 12:28 AM.


#9 phate008

phate008
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:06:52 PM

Posted 22 February 2013 - 11:04 PM

The Adwcleaner results are in the post above. The mbam is in there too, not sure where though, but no threats were detected by mbam.

 



RKill

http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 02/22/2013 10:51:15 PM in x64 mode.
Windows Version: Windows 7 Home Premium

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * No malware processes found to kill.

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * No issues found.

Checking Windows Service Integrity:

 * Windows Defender (WinDefend) is not Running.
   Startup Type set to: Automatic (Delayed Start)

 * Security Center (wscsvc) is not Running.
   Startup Type set to: Automatic (Delayed Start)

 * Windows Update (wuauserv) is not Running.
   Startup Type set to: Automatic (Delayed Start)

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * Cannot edit the HOSTS file.
 * Permissions Fixed. Administrators can now edit the HOSTS file.

 * HOSTS file entries found:

  127.0.0.1       localhost
  ::1             localhost
  149.5.18.172 www.google-analytics.com.
  149.5.18.172 ad-emea.doubleclick.net.
  149.5.18.172 www.statcounter.com.
  108.163.215.51 www.google-analytics.com.
  108.163.215.51 ad-emea.doubleclick.net.
  108.163.215.51 www.statcounter.com.

Program finished at: 02/22/2013 10:51:25 PM
Execution time: 0 hours(s), 0 minute(s), and 10 seconds(s)

 

I ran minitoolbox and check marked only "list content of Hosts", I hope this is what you meant.

 

Log:

 

MiniToolBox by Farbar  Version:10-01-2013
Ran by Brett (administrator) on 22-02-2013 at 23:02:36
Running from "C:\Users\Brett\Downloads"
Windows 7 Home Premium  (X64)
Boot Mode: Normal
***************************************************************************
========================= Hosts content: =================================

#       ::1             localhost


**** End of log ****


 



#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:52 PM

Posted 22 February 2013 - 11:11 PM

That looks good

Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

XP- http://support.microsoft.com/kb/310405

Vista & windows 7- http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing :)

 






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users