Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

FBI Moneypack Infection


  • Please log in to reply
12 replies to this topic

#1 19Kilo

19Kilo

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Way Far North
  • Local time:09:34 PM

Posted 24 February 2013 - 02:08 PM

Greetings Experts,

 

I too have the FBI Moneypack virus. Unlike the topic below, I can boot into Safe Mode.

 

Machine is a Dell 17R running Win7 Home Premium.

 

Some assistance would be very appreciated.

 

Thanks,



BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:34 PM

Posted 24 February 2013 - 02:12 PM

  • Please download TDSSKiller from here and save it to your Desktop
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters




  • Check Loaded Modules  and Detect TDLFS file systemDo not check Verify file digital signatures (even though it is checked in the example)
  • If you are asked to reboot because an "Extended Monitoring Driver is required" please click Reboot now




  • Click Start Scan and allow the scan process to run

  • If threats are detected select Skip for all of them unless I instruct you otherwise
  • Click Continue




  • Click Reboot computer
  • Please post the contents of  TDSSKiller.[Version]_[Date]_[Time]_log.txt found in your root directory (typically c:\)in your reply


===================================================


aswMBR

--------------------

  • Download aswMBR and save it to your desktop.
  • Please disable your real time protection of any Antivirus, Antispyware or Antimalware programs temporarily. They will interfere and may cause unexpected results.
  • If you need help to disable your protection programs see here and here.
  • Double click the aswMBR.exe file to run it. Please allow when you are asked to download AVAST antivirus engine defs.
  • Wait until the AV update is done, then click on the Scan button to start. The program will launch a scan.



  • When done, you will see Scan finished successfully. Please click on Save log and save the file to your desktop.



  • Please post the contents of the log in your next reply.

NOTE:  aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.


===================================================


ESET Online Scanner

--------------------

I'd like us to scan your machine with ESET OnlineScan  This process may may take several hours, that is normal

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the   button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the icon on your desktop.

  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:

    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Copy and paste the information in your next reply.   Note:  If no malware was found you will not get a log.
  • Click the Back button.
  • Click the Finish button.


===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • TDSSKiller log
  • aswMBR log
  • ESET results



#3 19Kilo

19Kilo
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Way Far North
  • Local time:09:34 PM

Posted 24 February 2013 - 05:10 PM

Hello narenxp,

 

TDSSKiller log:

 

12:02:47.0563 1888  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
12:02:48.0436 1888  ============================================================
12:02:48.0436 1888  Current date / time: 2013/02/24 12:02:48.0436
12:02:48.0436 1888  SystemInfo:
12:02:48.0436 1888 
12:02:48.0436 1888  OS Version: 6.1.7601 ServicePack: 1.0
12:02:48.0436 1888  Product type: Workstation
12:02:48.0436 1888  ComputerName: DATADOCTORS-PC
12:02:48.0436 1888  UserName: DataDoctors
12:02:48.0436 1888  Windows directory: C:\Windows
12:02:48.0436 1888  System windows directory: C:\Windows
12:02:48.0436 1888  Running under WOW64
12:02:48.0436 1888  Processor architecture: Intel x64
12:02:48.0436 1888  Number of processors: 4
12:02:48.0436 1888  Page size: 0x1000
12:02:48.0436 1888  Boot type: Safe boot with network
12:02:48.0436 1888  ============================================================
12:02:48.0764 1888  BG loaded
12:02:49.0326 1888  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:02:49.0326 1888  ============================================================
12:02:49.0326 1888  \Device\Harddisk0\DR0:
12:02:49.0326 1888  MBR partitions:
12:02:49.0326 1888  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2B800, BlocksNum 0x1139000
12:02:49.0326 1888  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1164800, BlocksNum 0x39221000
12:02:49.0326 1888  ============================================================
12:02:49.0357 1888  C: <-> \Device\Harddisk0\DR0\Partition2
12:02:49.0357 1888  ============================================================
12:02:49.0357 1888  Initialize success
12:02:49.0357 1888  ============================================================
12:03:07.0234 2004  ============================================================
12:03:07.0234 2004  Scan started
12:03:07.0234 2004  Mode: Manual; TDLFS;
12:03:07.0234 2004  ============================================================
12:03:07.0468 2004  ================ Scan system memory ========================
12:03:07.0468 2004  System memory - ok
12:03:07.0468 2004  ================ Scan services =============================
12:03:07.0702 2004  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
12:03:07.0702 2004  1394ohci - ok
12:03:07.0765 2004  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
12:03:07.0765 2004  ACPI - ok
12:03:07.0812 2004  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
12:03:07.0812 2004  AcpiPmi - ok
12:03:07.0936 2004  [ B1EA9681502EE57F87DB71D726288A5B ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
12:03:07.0936 2004  AdobeARMservice - ok
12:03:07.0983 2004  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
12:03:07.0983 2004  adp94xx - ok
12:03:08.0030 2004  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
12:03:08.0030 2004  adpahci - ok
12:03:08.0046 2004  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
12:03:08.0046 2004  adpu320 - ok
12:03:08.0092 2004  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
12:03:08.0108 2004  AeLookupSvc - ok
12:03:08.0155 2004  [ D1E343BC00136CE03C4D403194D06A80 ] AERTFilters     C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
12:03:08.0170 2004  AERTFilters - ok
12:03:08.0248 2004  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
12:03:08.0248 2004  AFD - ok
12:03:08.0280 2004  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
12:03:08.0295 2004  agp440 - ok
12:03:08.0326 2004  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
12:03:08.0326 2004  ALG - ok
12:03:08.0358 2004  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
12:03:08.0358 2004  aliide - ok
12:03:08.0420 2004  [ 3D90CF67DB75823A8480E56BBCD2E028 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
12:03:08.0420 2004  AMD External Events Utility - ok
12:03:08.0451 2004  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
12:03:08.0451 2004  amdide - ok
12:03:08.0467 2004  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
12:03:08.0482 2004  AmdK8 - ok
12:03:08.0607 2004  [ 52679612D742BF74CA1BA6AB86DDF431 ] amdkmdag        C:\Windows\system32\DRIVERS\atipmdag.sys
12:03:08.0904 2004  amdkmdag - ok
12:03:08.0919 2004  [ 414E0788920A8C856032BE2CBF29F984 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
12:03:08.0919 2004  amdkmdap - ok
12:03:08.0935 2004  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
12:03:08.0935 2004  AmdPPM - ok
12:03:08.0997 2004  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
12:03:08.0997 2004  amdsata - ok
12:03:09.0028 2004  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
12:03:09.0044 2004  amdsbs - ok
12:03:09.0060 2004  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
12:03:09.0060 2004  amdxata - ok
12:03:09.0153 2004  [ D89562A6AE8E07A457452E5B5560EB43 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
12:03:09.0200 2004  AntiVirSchedulerService - ok
12:03:09.0247 2004  [ E953EB70B3C4F0BA108C35D45420B86B ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
12:03:09.0262 2004  AntiVirService - ok
12:03:09.0309 2004  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
12:03:09.0309 2004  AppID - ok
12:03:09.0325 2004  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
12:03:09.0325 2004  AppIDSvc - ok
12:03:09.0372 2004  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
12:03:09.0372 2004  Appinfo - ok
12:03:09.0403 2004  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
12:03:09.0403 2004  arc - ok
12:03:09.0403 2004  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
12:03:09.0403 2004  arcsas - ok
12:03:09.0450 2004  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
12:03:09.0450 2004  AsyncMac - ok
12:03:09.0496 2004  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
12:03:09.0496 2004  atapi - ok
12:03:09.0543 2004  [ FB7602C5C508BE281368AAE0B61B51C6 ] AtiHdmiService  C:\Windows\system32\drivers\AtiHdmi.sys
12:03:09.0543 2004  AtiHdmiService - ok
12:03:09.0606 2004  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:03:09.0606 2004  AudioEndpointBuilder - ok
12:03:09.0621 2004  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
12:03:09.0621 2004  AudioSrv - ok
12:03:09.0699 2004  [ BFE9598EBC3934CF8D876A303849C896 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
12:03:09.0699 2004  avgntflt - ok
12:03:09.0730 2004  [ F74D86A9FB35FA5F24627B8DBBF3A9A4 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
12:03:09.0730 2004  avipbb - ok
12:03:09.0762 2004  [ CD0E732347BF09717E0BDDC0C66699AB ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
12:03:09.0762 2004  avkmgr - ok
12:03:09.0824 2004  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
12:03:09.0824 2004  AxInstSV - ok
12:03:09.0871 2004  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
12:03:09.0871 2004  b06bdrv - ok
12:03:09.0902 2004  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
12:03:09.0902 2004  b57nd60a - ok
12:03:09.0918 2004  [ 5C0F919666954885D7760DFFE4B29A25 ] BCM42RLY        C:\Windows\system32\drivers\BCM42RLY.sys
12:03:09.0918 2004  BCM42RLY - ok
12:03:10.0011 2004  [ BAB887A2B2786310A966881F074F4A99 ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl664.sys
12:03:10.0027 2004  BCM43XX - ok
12:03:10.0105 2004  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
12:03:10.0105 2004  BDESVC - ok
12:03:10.0136 2004  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
12:03:10.0136 2004  Beep - ok
12:03:10.0183 2004  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
12:03:10.0198 2004  BFE - ok
12:03:10.0214 2004  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
12:03:10.0292 2004  BITS - ok
12:03:10.0339 2004  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
12:03:10.0339 2004  blbdrive - ok
12:03:10.0386 2004  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
12:03:10.0386 2004  bowser - ok
12:03:10.0401 2004  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
12:03:10.0401 2004  BrFiltLo - ok
12:03:10.0432 2004  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
12:03:10.0432 2004  BrFiltUp - ok
12:03:10.0464 2004  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
12:03:10.0464 2004  Browser - ok
12:03:10.0495 2004  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
12:03:10.0495 2004  Brserid - ok
12:03:10.0510 2004  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
12:03:10.0510 2004  BrSerWdm - ok
12:03:10.0542 2004  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
12:03:10.0542 2004  BrUsbMdm - ok
12:03:10.0557 2004  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
12:03:10.0557 2004  BrUsbSer - ok
12:03:10.0620 2004  [ CF98190A94F62E405C8CB255018B2315 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
12:03:10.0635 2004  BthEnum - ok
12:03:10.0635 2004  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
12:03:10.0635 2004  BTHMODEM - ok
12:03:10.0666 2004  [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
12:03:10.0666 2004  BthPan - ok
12:03:10.0698 2004  [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
12:03:10.0713 2004  BTHPORT - ok
12:03:10.0760 2004  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
12:03:10.0760 2004  bthserv - ok
12:03:10.0776 2004  [ F188B7394D81010767B6DF3178519A37 ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
12:03:10.0791 2004  BTHUSB - ok
12:03:10.0822 2004  [ 2641A3FE3D7B0646308F33B67F3B5300 ] btusbflt        C:\Windows\system32\drivers\btusbflt.sys
12:03:10.0822 2004  btusbflt - ok
12:03:10.0854 2004  [ 6BCFDC2B5B7F66D484486D4BD4B39A6B ] btwaudio        C:\Windows\system32\drivers\btwaudio.sys
12:03:10.0854 2004  btwaudio - ok
12:03:10.0869 2004  [ 82DC8B7C626E526681C1BEBED2BC3FF9 ] btwavdt         C:\Windows\system32\DRIVERS\btwavdt.sys
12:03:10.0885 2004  btwavdt - ok
12:03:10.0932 2004  [ D65AA164ACD0F6706DBCFBBCC9731584 ] btwdins         c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
12:03:10.0947 2004  btwdins - ok
12:03:10.0963 2004  [ 6149301DC3F81D6F9667A3FBAC410975 ] btwl2cap        C:\Windows\system32\DRIVERS\btwl2cap.sys
12:03:10.0963 2004  btwl2cap - ok
12:03:10.0978 2004  [ 28E105AD3B79F440BF94780F507BF66A ] btwrchid        C:\Windows\system32\DRIVERS\btwrchid.sys
12:03:10.0978 2004  btwrchid - ok
12:03:10.0994 2004  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
12:03:10.0994 2004  cdfs - ok
12:03:11.0056 2004  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\drivers\cdrom.sys
12:03:11.0056 2004  cdrom - ok
12:03:11.0103 2004  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
12:03:11.0103 2004  CertPropSvc - ok
12:03:11.0134 2004  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
12:03:11.0134 2004  circlass - ok
12:03:11.0150 2004  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
12:03:11.0166 2004  CLFS - ok
12:03:11.0228 2004  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:03:11.0244 2004  clr_optimization_v2.0.50727_32 - ok
12:03:11.0290 2004  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:03:11.0306 2004  clr_optimization_v2.0.50727_64 - ok
12:03:11.0368 2004  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:03:11.0415 2004  clr_optimization_v4.0.30319_32 - ok
12:03:11.0446 2004  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:03:11.0446 2004  clr_optimization_v4.0.30319_64 - ok
12:03:11.0478 2004  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
12:03:11.0478 2004  CmBatt - ok
12:03:11.0509 2004  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
12:03:11.0509 2004  cmdide - ok
12:03:11.0587 2004  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
12:03:11.0602 2004  CNG - ok
12:03:11.0649 2004  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
12:03:11.0649 2004  Compbatt - ok
12:03:11.0696 2004  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
12:03:11.0696 2004  CompositeBus - ok
12:03:11.0712 2004  COMSysApp - ok
12:03:11.0727 2004  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
12:03:11.0727 2004  crcdisk - ok
12:03:11.0774 2004  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
12:03:11.0774 2004  CryptSvc - ok
12:03:11.0805 2004  [ ED5CF92396A62F4C15110DCDB5E854D9 ] CtClsFlt        C:\Windows\system32\DRIVERS\CtClsFlt.sys
12:03:11.0805 2004  CtClsFlt - ok
12:03:11.0868 2004  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
12:03:11.0868 2004  DcomLaunch - ok
12:03:11.0899 2004  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
12:03:11.0899 2004  defragsvc - ok
12:03:11.0946 2004  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
12:03:11.0961 2004  DfsC - ok
12:03:12.0008 2004  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
12:03:12.0008 2004  Dhcp - ok
12:03:12.0024 2004  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
12:03:12.0039 2004  discache - ok
12:03:12.0086 2004  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
12:03:12.0086 2004  Disk - ok
12:03:12.0133 2004  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
12:03:12.0133 2004  Dnscache - ok
12:03:12.0211 2004  [ 0840ABBBDF438691EE65A20040635CBE ] DockLoginService C:\Program Files\Dell\DellDock\DockLogin.exe
12:03:12.0211 2004  DockLoginService - ok
12:03:12.0273 2004  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
12:03:12.0273 2004  dot3svc - ok
12:03:12.0304 2004  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
12:03:12.0304 2004  DPS - ok
12:03:12.0336 2004  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
12:03:12.0336 2004  drmkaud - ok
12:03:12.0382 2004  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
12:03:12.0398 2004  DXGKrnl - ok
12:03:12.0445 2004  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
12:03:12.0445 2004  EapHost - ok
12:03:12.0523 2004  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
12:03:12.0601 2004  ebdrv - ok
12:03:12.0632 2004  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
12:03:12.0632 2004  EFS - ok
12:03:12.0710 2004  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
12:03:12.0726 2004  ehRecvr - ok
12:03:12.0741 2004  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
12:03:12.0741 2004  ehSched - ok
12:03:12.0804 2004  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
12:03:12.0804 2004  elxstor - ok
12:03:12.0835 2004  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
12:03:12.0835 2004  ErrDev - ok
12:03:12.0882 2004  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
12:03:12.0882 2004  EventSystem - ok
12:03:12.0913 2004  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
12:03:12.0913 2004  exfat - ok
12:03:12.0944 2004  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
12:03:12.0944 2004  fastfat - ok
12:03:13.0006 2004  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
12:03:13.0006 2004  Fax - ok
12:03:13.0038 2004  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
12:03:13.0038 2004  fdc - ok
12:03:13.0069 2004  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
12:03:13.0069 2004  fdPHost - ok
12:03:13.0084 2004  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
12:03:13.0084 2004  FDResPub - ok
12:03:13.0116 2004  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
12:03:13.0116 2004  FileInfo - ok
12:03:13.0131 2004  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
12:03:13.0131 2004  Filetrace - ok
12:03:13.0147 2004  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
12:03:13.0147 2004  flpydisk - ok
12:03:13.0209 2004  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
12:03:13.0209 2004  FltMgr - ok
12:03:13.0272 2004  [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache       C:\Windows\system32\FntCache.dll
12:03:13.0272 2004  FontCache - ok
12:03:13.0350 2004  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:03:13.0350 2004  FontCache3.0.0.0 - ok
12:03:13.0381 2004  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
12:03:13.0381 2004  FsDepends - ok
12:03:13.0412 2004  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
12:03:13.0412 2004  Fs_Rec - ok
12:03:13.0428 2004  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
12:03:13.0443 2004  fvevol - ok
12:03:13.0459 2004  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
12:03:13.0459 2004  gagp30kx - ok
12:03:13.0506 2004  [ D3316F6E3C011435F36E3D6E49B3196C ] GoToAssist      C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe
12:03:13.0506 2004  GoToAssist - ok
12:03:13.0568 2004  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
12:03:13.0568 2004  gpsvc - ok
12:03:13.0599 2004  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
12:03:13.0599 2004  hcw85cir - ok
12:03:13.0646 2004  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
12:03:13.0646 2004  HDAudBus - ok
12:03:13.0708 2004  [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64         C:\Windows\system32\DRIVERS\HECIx64.sys
12:03:13.0708 2004  HECIx64 - ok
12:03:13.0740 2004  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
12:03:13.0740 2004  HidBatt - ok
12:03:13.0755 2004  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
12:03:13.0771 2004  HidBth - ok
12:03:13.0786 2004  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
12:03:13.0786 2004  HidIr - ok
12:03:13.0818 2004  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
12:03:13.0818 2004  hidserv - ok
12:03:13.0864 2004  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
12:03:13.0864 2004  HidUsb - ok
12:03:13.0911 2004  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
12:03:13.0911 2004  hkmsvc - ok
12:03:13.0958 2004  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:03:13.0958 2004  HomeGroupListener - ok
12:03:14.0020 2004  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:03:14.0020 2004  HomeGroupProvider - ok
12:03:14.0067 2004  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
12:03:14.0067 2004  HpSAMD - ok
12:03:14.0114 2004  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
12:03:14.0130 2004  HTTP - ok
12:03:14.0161 2004  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
12:03:14.0161 2004  hwpolicy - ok
12:03:14.0223 2004  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
12:03:14.0223 2004  i8042prt - ok
12:03:14.0270 2004  [ ABBF174CB394F5C437410A788B7E404A ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
12:03:14.0270 2004  iaStor - ok
12:03:14.0301 2004  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
12:03:14.0317 2004  iaStorV - ok
12:03:14.0379 2004  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:03:14.0395 2004  idsvc - ok
12:03:14.0442 2004  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
12:03:14.0442 2004  iirsp - ok
12:03:14.0488 2004  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
12:03:14.0488 2004  IKEEXT - ok
12:03:14.0535 2004  [ 36FDF367A1DABFF903E2214023D71368 ] Impcd           C:\Windows\system32\DRIVERS\Impcd.sys
12:03:14.0535 2004  Impcd - ok
12:03:14.0629 2004  [ 697C927E0DE2ABAF1A5F455033F687CD ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
12:03:14.0644 2004  IntcAzAudAddService - ok
12:03:14.0707 2004  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
12:03:14.0707 2004  intelide - ok
12:03:14.0754 2004  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
12:03:14.0754 2004  intelppm - ok
12:03:14.0785 2004  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
12:03:14.0785 2004  IPBusEnum - ok
12:03:14.0847 2004  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:03:14.0863 2004  IpFilterDriver - ok
12:03:14.0910 2004  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
12:03:14.0925 2004  iphlpsvc - ok
12:03:14.0956 2004  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
12:03:14.0972 2004  IPMIDRV - ok
12:03:15.0003 2004  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
12:03:15.0019 2004  IPNAT - ok
12:03:15.0050 2004  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
12:03:15.0050 2004  IRENUM - ok
12:03:15.0097 2004  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
12:03:15.0097 2004  isapnp - ok
12:03:15.0159 2004  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
12:03:15.0159 2004  iScsiPrt - ok
12:03:15.0175 2004  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
12:03:15.0190 2004  kbdclass - ok
12:03:15.0237 2004  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
12:03:15.0237 2004  kbdhid - ok
12:03:15.0253 2004  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
12:03:15.0253 2004  KeyIso - ok
12:03:15.0300 2004  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
12:03:15.0300 2004  KSecDD - ok
12:03:15.0346 2004  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
12:03:15.0346 2004  KSecPkg - ok
12:03:15.0378 2004  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
12:03:15.0393 2004  ksthunk - ok
12:03:15.0424 2004  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
12:03:15.0440 2004  KtmRm - ok
12:03:15.0471 2004  [ 39918DB0EFCF045A1CE6FABBF339F975 ] L1C             C:\Windows\system32\DRIVERS\L1C62x64.sys
12:03:15.0471 2004  L1C - ok
12:03:15.0518 2004  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
12:03:15.0534 2004  LanmanServer - ok
12:03:15.0580 2004  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:03:15.0580 2004  LanmanWorkstation - ok
12:03:15.0643 2004  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
12:03:15.0643 2004  lltdio - ok
12:03:15.0690 2004  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
12:03:15.0690 2004  lltdsvc - ok
12:03:15.0752 2004  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
12:03:15.0752 2004  lmhosts - ok
12:03:15.0830 2004  [ 7485FBCEF9136F530953575E2977859D ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
12:03:15.0830 2004  LMS - ok
12:03:15.0892 2004  [ 5DCD36FC4A6ECBF6E7F9B3BF7E0D0F55 ] LPDSVC          C:\Windows\system32\lpdsvc.dll
12:03:15.0892 2004  LPDSVC - ok
12:03:15.0924 2004  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
12:03:15.0924 2004  LSI_FC - ok
12:03:15.0955 2004  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
12:03:15.0955 2004  LSI_SAS - ok
12:03:15.0986 2004  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
12:03:16.0002 2004  LSI_SAS2 - ok
12:03:16.0017 2004  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
12:03:16.0017 2004  LSI_SCSI - ok
12:03:16.0048 2004  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
12:03:16.0064 2004  luafv - ok
12:03:16.0111 2004  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
12:03:16.0126 2004  Mcx2Svc - ok
12:03:16.0220 2004  [ 11F714F85530A2BD134074DC30E99FCA ] MDM             C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
12:03:16.0236 2004  MDM - ok
12:03:16.0267 2004  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
12:03:16.0267 2004  megasas - ok
12:03:16.0298 2004  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
12:03:16.0298 2004  MegaSR - ok
12:03:16.0329 2004  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
12:03:16.0345 2004  MMCSS - ok
12:03:16.0392 2004  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
12:03:16.0392 2004  Modem - ok
12:03:16.0407 2004  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
12:03:16.0407 2004  monitor - ok
12:03:16.0454 2004  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
12:03:16.0454 2004  mouclass - ok
12:03:16.0485 2004  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
12:03:16.0485 2004  mouhid - ok
12:03:16.0532 2004  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
12:03:16.0532 2004  mountmgr - ok
12:03:16.0594 2004  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
12:03:16.0594 2004  mpio - ok
12:03:16.0641 2004  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
12:03:16.0641 2004  mpsdrv - ok
12:03:16.0704 2004  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
12:03:16.0704 2004  MpsSvc - ok
12:03:16.0750 2004  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
12:03:16.0750 2004  MRxDAV - ok
12:03:16.0797 2004  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
12:03:16.0797 2004  mrxsmb - ok
12:03:16.0844 2004  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:03:16.0844 2004  mrxsmb10 - ok
12:03:16.0860 2004  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:03:16.0860 2004  mrxsmb20 - ok
12:03:16.0891 2004  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
12:03:16.0906 2004  msahci - ok
12:03:16.0938 2004  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
12:03:16.0938 2004  msdsm - ok
12:03:16.0984 2004  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
12:03:16.0984 2004  MSDTC - ok
12:03:17.0031 2004  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
12:03:17.0031 2004  Msfs - ok
12:03:17.0062 2004  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
12:03:17.0062 2004  mshidkmdf - ok
12:03:17.0125 2004  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
12:03:17.0125 2004  msisadrv - ok
12:03:17.0172 2004  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
12:03:17.0172 2004  MSiSCSI - ok
12:03:17.0172 2004  msiserver - ok
12:03:17.0218 2004  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
12:03:17.0218 2004  MSKSSRV - ok
12:03:17.0250 2004  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
12:03:17.0250 2004  MSPCLOCK - ok
12:03:17.0250 2004  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
12:03:17.0250 2004  MSPQM - ok
12:03:17.0296 2004  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
12:03:17.0312 2004  MsRPC - ok
12:03:17.0343 2004  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
12:03:17.0343 2004  mssmbios - ok
12:03:17.0359 2004  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
12:03:17.0359 2004  MSTEE - ok
12:03:17.0359 2004  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
12:03:17.0359 2004  MTConfig - ok
12:03:17.0390 2004  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
12:03:17.0390 2004  Mup - ok
12:03:17.0437 2004  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
12:03:17.0437 2004  napagent - ok
12:03:17.0484 2004  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
12:03:17.0484 2004  NativeWifiP - ok
12:03:17.0530 2004  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
12:03:17.0530 2004  NDIS - ok
12:03:17.0577 2004  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
12:03:17.0577 2004  NdisCap - ok
12:03:17.0593 2004  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
12:03:17.0593 2004  NdisTapi - ok
12:03:17.0640 2004  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
12:03:17.0640 2004  Ndisuio - ok
12:03:17.0671 2004  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
12:03:17.0671 2004  NdisWan - ok
12:03:17.0702 2004  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
12:03:17.0702 2004  NDProxy - ok
12:03:17.0764 2004  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
12:03:17.0764 2004  NetBIOS - ok
12:03:17.0796 2004  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
12:03:17.0796 2004  NetBT - ok
12:03:17.0811 2004  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
12:03:17.0811 2004  Netlogon - ok
12:03:17.0858 2004  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
12:03:17.0858 2004  Netman - ok
12:03:17.0874 2004  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
12:03:17.0874 2004  netprofm - ok
12:03:17.0905 2004  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:03:17.0905 2004  NetTcpPortSharing - ok
12:03:17.0952 2004  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
12:03:17.0952 2004  nfrd960 - ok
12:03:18.0014 2004  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
12:03:18.0030 2004  NlaSvc - ok
12:03:18.0045 2004  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
12:03:18.0045 2004  Npfs - ok
12:03:18.0076 2004  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
12:03:18.0092 2004  nsi - ok
12:03:18.0108 2004  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
12:03:18.0108 2004  nsiproxy - ok
12:03:18.0170 2004  [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
12:03:18.0186 2004  Ntfs - ok
12:03:18.0201 2004  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
12:03:18.0217 2004  Null - ok
12:03:18.0279 2004  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
12:03:18.0279 2004  nvraid - ok
12:03:18.0295 2004  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
12:03:18.0295 2004  nvstor - ok
12:03:18.0310 2004  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
12:03:18.0310 2004  nv_agp - ok
12:03:18.0357 2004  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
12:03:18.0357 2004  ohci1394 - ok
12:03:18.0404 2004  [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:03:18.0404 2004  ose - ok
12:03:18.0435 2004  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
12:03:18.0451 2004  p2pimsvc - ok
12:03:18.0466 2004  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
12:03:18.0482 2004  p2psvc - ok
12:03:18.0498 2004  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
12:03:18.0498 2004  Parport - ok
12:03:18.0544 2004  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
12:03:18.0544 2004  partmgr - ok
12:03:18.0576 2004  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
12:03:18.0576 2004  PcaSvc - ok
12:03:18.0607 2004  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
12:03:18.0607 2004  pci - ok
12:03:18.0622 2004  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
12:03:18.0622 2004  pciide - ok
12:03:18.0654 2004  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
12:03:18.0654 2004  pcmcia - ok
12:03:18.0669 2004  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
12:03:18.0669 2004  pcw - ok
12:03:18.0700 2004  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
12:03:18.0700 2004  PEAUTH - ok
12:03:18.0763 2004  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
12:03:18.0841 2004  PerfHost - ok
12:03:18.0903 2004  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
12:03:18.0919 2004  pla - ok
12:03:18.0966 2004  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
12:03:18.0966 2004  PlugPlay - ok
12:03:18.0997 2004  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
12:03:18.0997 2004  PNRPAutoReg - ok
12:03:19.0012 2004  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
12:03:19.0012 2004  PNRPsvc - ok
12:03:19.0044 2004  [ 33328FA8A580885AB0065BE6DB266E9F ] Point64         C:\Windows\system32\DRIVERS\point64.sys
12:03:19.0044 2004  Point64 - ok
12:03:19.0090 2004  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
12:03:19.0090 2004  PolicyAgent - ok
12:03:19.0137 2004  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
12:03:19.0137 2004  Power - ok
12:03:19.0168 2004  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
12:03:19.0168 2004  PptpMiniport - ok
12:03:19.0184 2004  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
12:03:19.0184 2004  Processor - ok
12:03:19.0231 2004  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
12:03:19.0231 2004  ProfSvc - ok
12:03:19.0246 2004  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
12:03:19.0246 2004  ProtectedStorage - ok
12:03:19.0309 2004  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
12:03:19.0309 2004  Psched - ok
12:03:19.0356 2004  [ 4712CC14E720ECCCC0AA16949D18AAF1 ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
12:03:19.0356 2004  PxHlpa64 - ok
12:03:19.0418 2004  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
12:03:19.0434 2004  ql2300 - ok
12:03:19.0449 2004  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
12:03:19.0449 2004  ql40xx - ok
12:03:19.0480 2004  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
12:03:19.0480 2004  QWAVE - ok
12:03:19.0496 2004  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
12:03:19.0496 2004  QWAVEdrv - ok
12:03:19.0512 2004  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
12:03:19.0512 2004  RasAcd - ok
12:03:19.0543 2004  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
12:03:19.0543 2004  RasAgileVpn - ok
12:03:19.0558 2004  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
12:03:19.0558 2004  RasAuto - ok
12:03:19.0605 2004  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
12:03:19.0605 2004  Rasl2tp - ok
12:03:19.0652 2004  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
12:03:19.0652 2004  RasMan - ok
12:03:19.0699 2004  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
12:03:19.0699 2004  RasPppoe - ok
12:03:19.0746 2004  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
12:03:19.0746 2004  RasSstp - ok
12:03:19.0792 2004  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
12:03:19.0792 2004  rdbss - ok
12:03:19.0808 2004  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
12:03:19.0808 2004  rdpbus - ok
12:03:19.0824 2004  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
12:03:19.0824 2004  RDPCDD - ok
12:03:19.0855 2004  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
12:03:19.0855 2004  RDPENCDD - ok
12:03:19.0886 2004  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
12:03:19.0886 2004  RDPREFMP - ok
12:03:19.0917 2004  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
12:03:19.0933 2004  RDPWD - ok
12:03:19.0980 2004  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
12:03:19.0980 2004  rdyboost - ok
12:03:20.0058 2004  [ A0FF419B61AE47E26ADF3BB15DB4F2FE ] RealNetworks Downloader Resolver Service C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
12:03:20.0058 2004  RealNetworks Downloader Resolver Service - ok
12:03:20.0089 2004  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
12:03:20.0089 2004  RemoteAccess - ok
12:03:20.0120 2004  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
12:03:20.0120 2004  RemoteRegistry - ok
12:03:20.0182 2004  [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
12:03:20.0182 2004  RFCOMM - ok
12:03:20.0198 2004  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
12:03:20.0198 2004  RpcEptMapper - ok
12:03:20.0229 2004  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
12:03:20.0229 2004  RpcLocator - ok
12:03:20.0276 2004  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
12:03:20.0276 2004  RpcSs - ok
12:03:20.0307 2004  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
12:03:20.0323 2004  rspndr - ok
12:03:20.0354 2004  [ 907C4464381B5EBDFDC60F6C7D0DEDFC ] RSUSBSTOR       C:\Windows\system32\Drivers\RtsUStor.sys
12:03:20.0354 2004  RSUSBSTOR - ok
12:03:20.0354 2004  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
12:03:20.0354 2004  SamSs - ok
12:03:20.0401 2004  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
12:03:20.0401 2004  sbp2port - ok
12:03:20.0510 2004  [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService  C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
12:03:20.0572 2004  SBSDWSCService - ok
12:03:20.0604 2004  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
12:03:20.0604 2004  SCardSvr - ok
12:03:20.0635 2004  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
12:03:20.0650 2004  scfilter - ok
12:03:20.0713 2004  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
12:03:20.0728 2004  Schedule - ok
12:03:20.0760 2004  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
12:03:20.0760 2004  SCPolicySvc - ok
12:03:20.0775 2004  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
12:03:20.0775 2004  SDRSVC - ok
12:03:20.0869 2004  [ 16A252022535B680046F6E34E136D378 ] SeaPort         C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
12:03:20.0869 2004  SeaPort - ok
12:03:20.0900 2004  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
12:03:20.0900 2004  secdrv - ok
12:03:20.0931 2004  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
12:03:20.0947 2004  seclogon - ok
12:03:20.0962 2004  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
12:03:20.0962 2004  SENS - ok
12:03:20.0978 2004  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
12:03:20.0978 2004  SensrSvc - ok
12:03:20.0994 2004  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
12:03:20.0994 2004  Serenum - ok
12:03:21.0025 2004  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
12:03:21.0040 2004  Serial - ok
12:03:21.0072 2004  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
12:03:21.0072 2004  sermouse - ok
12:03:21.0118 2004  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
12:03:21.0118 2004  SessionEnv - ok
12:03:21.0165 2004  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
12:03:21.0165 2004  sffdisk - ok
12:03:21.0181 2004  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
12:03:21.0181 2004  sffp_mmc - ok
12:03:21.0212 2004  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
12:03:21.0212 2004  sffp_sd - ok
12:03:21.0243 2004  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
12:03:21.0243 2004  sfloppy - ok
12:03:21.0290 2004  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
12:03:21.0290 2004  SharedAccess - ok
12:03:21.0337 2004  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:03:21.0337 2004  ShellHWDetection - ok
12:03:21.0368 2004  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
12:03:21.0368 2004  SiSRaid2 - ok
12:03:21.0384 2004  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
12:03:21.0384 2004  SiSRaid4 - ok
12:03:21.0430 2004  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
12:03:21.0430 2004  Smb - ok
12:03:21.0462 2004  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
12:03:21.0462 2004  SNMPTRAP - ok
12:03:21.0477 2004  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
12:03:21.0477 2004  spldr - ok
12:03:21.0540 2004  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
12:03:21.0540 2004  Spooler - ok
12:03:21.0649 2004  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
12:03:21.0711 2004  sppsvc - ok
12:03:21.0727 2004  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
12:03:21.0727 2004  sppuinotify - ok
12:03:21.0789 2004  [ D630B6F2E8379B6F10DC16E82A426552 ] sprtsvc_DellSupportCenter C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
12:03:21.0789 2004  sprtsvc_DellSupportCenter - ok
12:03:21.0836 2004  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
12:03:21.0852 2004  srv - ok
12:03:21.0867 2004  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
12:03:21.0867 2004  srv2 - ok
12:03:21.0883 2004  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
12:03:21.0883 2004  srvnet - ok
12:03:21.0914 2004  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
12:03:21.0914 2004  SSDPSRV - ok
12:03:21.0930 2004  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
12:03:21.0930 2004  SstpSvc - ok
12:03:21.0961 2004  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
12:03:21.0961 2004  stexstor - ok
12:03:22.0008 2004  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
12:03:22.0023 2004  stisvc - ok
12:03:22.0070 2004  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
12:03:22.0070 2004  swenum - ok
12:03:22.0101 2004  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
12:03:22.0117 2004  swprv - ok
12:03:22.0148 2004  [ C25866BDF0E818E02BB8E76845D26E54 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
12:03:22.0148 2004  SynTP - ok
12:03:22.0226 2004  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
12:03:22.0242 2004  SysMain - ok
12:03:22.0273 2004  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:03:22.0273 2004  TabletInputService - ok
12:03:22.0288 2004  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
12:03:22.0288 2004  TapiSrv - ok
12:03:22.0320 2004  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
12:03:22.0320 2004  TBS - ok
12:03:22.0382 2004  [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
12:03:22.0398 2004  Tcpip - ok
12:03:22.0444 2004  [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
12:03:22.0460 2004  TCPIP6 - ok
12:03:22.0507 2004  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
12:03:22.0507 2004  tcpipreg - ok
12:03:22.0522 2004  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
12:03:22.0522 2004  TDPIPE - ok
12:03:22.0569 2004  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
12:03:22.0569 2004  TDTCP - ok
12:03:22.0616 2004  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
12:03:22.0616 2004  tdx - ok
12:03:22.0678 2004  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
12:03:22.0678 2004  TermDD - ok
12:03:22.0710 2004  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
12:03:22.0710 2004  TermService - ok
12:03:22.0741 2004  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
12:03:22.0741 2004  Themes - ok
12:03:22.0756 2004  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
12:03:22.0756 2004  THREADORDER - ok
12:03:22.0803 2004  [ 519CB7D7F697F4BA47DE05845C20F158 ] TlntSvr         C:\Windows\System32\tlntsvr.exe
12:03:22.0803 2004  TlntSvr - ok
12:03:22.0819 2004  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
12:03:22.0819 2004  TrkWks - ok
12:03:22.0866 2004  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:03:22.0881 2004  TrustedInstaller - ok
12:03:22.0912 2004  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
12:03:22.0912 2004  tssecsrv - ok
12:03:22.0975 2004  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
12:03:22.0975 2004  TsUsbFlt - ok
12:03:23.0037 2004  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
12:03:23.0037 2004  tunnel - ok
12:03:23.0053 2004  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
12:03:23.0053 2004  uagp35 - ok
12:03:23.0100 2004  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
12:03:23.0100 2004  udfs - ok
12:03:23.0131 2004  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
12:03:23.0131 2004  UI0Detect - ok
12:03:23.0146 2004  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
12:03:23.0146 2004  uliagpkx - ok
12:03:23.0193 2004  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\drivers\umbus.sys
12:03:23.0193 2004  umbus - ok
12:03:23.0209 2004  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
12:03:23.0209 2004  UmPass - ok
12:03:23.0302 2004  [ 765F2DD351BA064F657751D8D75E58C0 ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
12:03:23.0365 2004  UNS - ok
12:03:23.0396 2004  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
12:03:23.0396 2004  upnphost - ok
12:03:23.0443 2004  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
12:03:23.0443 2004  usbccgp - ok
12:03:23.0490 2004  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
12:03:23.0490 2004  usbcir - ok
12:03:23.0521 2004  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\drivers\usbehci.sys
12:03:23.0521 2004  usbehci - ok
12:03:23.0552 2004  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
12:03:23.0552 2004  usbhub - ok
12:03:23.0599 2004  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
12:03:23.0599 2004  usbohci - ok
12:03:23.0646 2004  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
12:03:23.0646 2004  usbprint - ok
12:03:23.0692 2004  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
12:03:23.0692 2004  usbscan - ok
12:03:23.0708 2004  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:03:23.0708 2004  USBSTOR - ok
12:03:23.0724 2004  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
12:03:23.0724 2004  usbuhci - ok
12:03:23.0786 2004  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
12:03:23.0786 2004  usbvideo - ok
12:03:23.0833 2004  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
12:03:23.0833 2004  UxSms - ok
12:03:23.0848 2004  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
12:03:23.0848 2004  VaultSvc - ok
12:03:23.0864 2004  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
12:03:23.0864 2004  vdrvroot - ok
12:03:23.0911 2004  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
12:03:23.0926 2004  vds - ok
12:03:23.0942 2004  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
12:03:23.0942 2004  vga - ok
12:03:23.0973 2004  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
12:03:23.0973 2004  VgaSave - ok
12:03:24.0020 2004  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
12:03:24.0020 2004  vhdmp - ok
12:03:24.0067 2004  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
12:03:24.0067 2004  viaide - ok
12:03:24.0082 2004  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
12:03:24.0082 2004  volmgr - ok
12:03:24.0114 2004  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
12:03:24.0129 2004  volmgrx - ok
12:03:24.0145 2004  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
12:03:24.0145 2004  volsnap - ok
12:03:24.0176 2004  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
12:03:24.0192 2004  vsmraid - ok
12:03:24.0238 2004  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
12:03:24.0254 2004  VSS - ok
12:03:24.0270 2004  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
12:03:24.0270 2004  vwifibus - ok
12:03:24.0301 2004  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
12:03:24.0301 2004  vwififlt - ok
12:03:24.0332 2004  [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
12:03:24.0332 2004  vwifimp - ok
12:03:24.0363 2004  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
12:03:24.0363 2004  W32Time - ok
12:03:24.0394 2004  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
12:03:24.0394 2004  WacomPen - ok
12:03:24.0441 2004  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
12:03:24.0441 2004  WANARP - ok
12:03:24.0441 2004  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
12:03:24.0457 2004  Wanarpv6 - ok
12:03:24.0535 2004  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
12:03:24.0550 2004  WatAdminSvc - ok
12:03:24.0613 2004  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
12:03:24.0613 2004  wbengine - ok
12:03:24.0644 2004  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
12:03:24.0644 2004  WbioSrvc - ok
12:03:24.0675 2004  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
12:03:24.0691 2004  wcncsvc - ok
12:03:24.0691 2004  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:03:24.0691 2004  WcsPlugInService - ok
12:03:24.0738 2004  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
12:03:24.0738 2004  Wd - ok
12:03:24.0784 2004  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
12:03:24.0784 2004  Wdf01000 - ok
12:03:24.0816 2004  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
12:03:24.0816 2004  WdiServiceHost - ok
12:03:24.0816 2004  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
12:03:24.0816 2004  WdiSystemHost - ok
12:03:24.0862 2004  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
12:03:24.0862 2004  WebClient - ok
12:03:24.0894 2004  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
12:03:24.0894 2004  Wecsvc - ok
12:03:24.0909 2004  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
12:03:24.0925 2004  wercplsupport - ok
12:03:24.0956 2004  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
12:03:24.0956 2004  WerSvc - ok
12:03:24.0987 2004  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
12:03:24.0987 2004  WfpLwf - ok
12:03:25.0018 2004  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
12:03:25.0018 2004  WIMMount - ok
12:03:25.0034 2004  WinDefend - ok
12:03:25.0034 2004  WinHttpAutoProxySvc - ok
12:03:25.0081 2004  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
12:03:25.0081 2004  Winmgmt - ok
12:03:25.0143 2004  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
12:03:25.0159 2004  WinRM - ok
12:03:25.0206 2004  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
12:03:25.0206 2004  Wlansvc - ok
12:03:25.0346 2004  [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
12:03:25.0424 2004  wlidsvc - ok
12:03:25.0471 2004  [ A96D6C0613DCF84F2D07FAEB75663072 ] wltrysvc        C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
12:03:25.0471 2004  wltrysvc - ok
12:03:25.0502 2004  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
12:03:25.0502 2004  WmiAcpi - ok
12:03:25.0533 2004  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
12:03:25.0533 2004  wmiApSrv - ok
12:03:25.0564 2004  WMPNetworkSvc - ok
12:03:25.0596 2004  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
12:03:25.0596 2004  WPCSvc - ok
12:03:25.0627 2004  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
12:03:25.0627 2004  WPDBusEnum - ok
12:03:25.0658 2004  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
12:03:25.0674 2004  ws2ifsl - ok
12:03:25.0674 2004  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
12:03:25.0674 2004  wscsvc - ok
12:03:25.0689 2004  WSearch - ok
12:03:25.0767 2004  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
12:03:25.0783 2004  wuauserv - ok
12:03:25.0814 2004  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
12:03:25.0814 2004  WudfPf - ok
12:03:25.0845 2004  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
12:03:25.0845 2004  WUDFRd - ok
12:03:25.0861 2004  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
12:03:25.0861 2004  wudfsvc - ok
12:03:25.0892 2004  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
12:03:25.0970 2004  WwanSvc - ok
12:03:26.0048 2004  [ 74983ADDCA2D9618512C088D856D6615 ] {1E444BE9-B8EC-4ce6-8C2B-6536FB7F4FB7} C:\Program Files (x86)\CyberLink\PowerDVD DX\000.fcl
12:03:26.0048 2004  {1E444BE9-B8EC-4ce6-8C2B-6536FB7F4FB7} - ok
12:03:26.0064 2004  ================ Scan global ===============================
12:03:26.0095 2004  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
12:03:26.0126 2004  [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
12:03:26.0142 2004  [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
12:03:26.0157 2004  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
12:03:26.0188 2004  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
12:03:26.0188 2004  [Global] - ok
12:03:26.0188 2004  ================ Scan MBR ==================================
12:03:26.0204 2004  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
12:03:26.0407 2004  \Device\Harddisk0\DR0 - ok
12:03:26.0407 2004  ================ Scan VBR ==================================
12:03:26.0407 2004  [ 962BD6367B2C64D522EC5A83B7B3315F ] \Device\Harddisk0\DR0\Partition1
12:03:26.0407 2004  \Device\Harddisk0\DR0\Partition1 - ok
12:03:26.0454 2004  [ 89D7C2F4C5907CB51F7053E07A495B0C ] \Device\Harddisk0\DR0\Partition2
12:03:26.0454 2004  \Device\Harddisk0\DR0\Partition2 - ok
12:03:26.0454 2004  ================ Scan active images ========================
12:03:26.0454 2004  [ 3E588B60EC061686BA05D33574A344C6 ] C:\Windows\System32\drivers\crashdmp.sys
12:03:26.0454 2004  C:\Windows\System32\drivers\crashdmp.sys - ok
12:03:26.0469 2004  [ ABBF174CB394F5C437410A788B7E404A ] C:\Windows\System32\drivers\iaStor.sys
12:03:26.0469 2004  C:\Windows\System32\drivers\iaStor.sys - ok
12:03:26.0469 2004  [ 814DB88F2641691575A455CF25354098 ] C:\Windows\System32\drivers\dumpfve.sys
12:03:26.0469 2004  C:\Windows\System32\drivers\dumpfve.sys - ok
12:03:26.0469 2004  [ 9899284589F75FA8724FF3D16AED75C1 ] C:\Windows\System32\drivers\null.sys
12:03:26.0469 2004  C:\Windows\System32\drivers\null.sys - ok
12:03:26.0469 2004  [ 16A47CE2DECC9B099349A5F840654746 ] C:\Windows\System32\drivers\beep.sys
12:03:26.0469 2004  C:\Windows\System32\drivers\beep.sys - ok
12:03:26.0485 2004  [ 53E92A310193CB3C03BEA963DE7D9CFC ] C:\Windows\System32\drivers\vga.sys
12:03:26.0485 2004  C:\Windows\System32\drivers\vga.sys - ok
12:03:26.0485 2004  [ E7353D59C9842BC7299FAEB7E7E09340 ] C:\Windows\System32\drivers\videoprt.sys
12:03:26.0485 2004  C:\Windows\System32\drivers\videoprt.sys - ok
12:03:26.0485 2004  [ FC438D1430B28618E2D0C7C332A710AD ] C:\Windows\System32\drivers\watchdog.sys
12:03:26.0485 2004  C:\Windows\System32\drivers\watchdog.sys - ok
12:03:26.0485 2004  [ BB5971A4F00659529A5C44831AF22365 ] C:\Windows\System32\drivers\RDPENCDD.sys
12:03:26.0485 2004  C:\Windows\System32\drivers\RDPENCDD.sys - ok
12:03:26.0485 2004  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] C:\Windows\System32\drivers\msfs.sys
12:03:26.0485 2004  C:\Windows\System32\drivers\msfs.sys - ok
12:03:26.0500 2004  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] C:\Windows\System32\drivers\npfs.sys
12:03:26.0500 2004  C:\Windows\System32\drivers\npfs.sys - ok
12:03:26.0500 2004  [ 6F020A220388ECA0AB6062DC27BD16B6 ] C:\Windows\System32\drivers\tdi.sys
12:03:26.0500 2004  C:\Windows\System32\drivers\tdi.sys - ok
12:03:26.0500 2004  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] C:\Windows\System32\drivers\tdx.sys
12:03:26.0500 2004  C:\Windows\System32\drivers\tdx.sys - ok
12:03:26.0500 2004  [ 09594D1089C523423B32A4229263F068 ] C:\Windows\System32\drivers\netbt.sys
12:03:26.0500 2004  C:\Windows\System32\drivers\netbt.sys - ok
12:03:26.0500 2004  [ 1C7857B62DE5994A75B054A9FD4C3825 ] C:\Windows\System32\drivers\afd.sys
12:03:26.0500 2004  C:\Windows\System32\drivers\afd.sys - ok
12:03:26.0532 2004  [ 611B23304BF067451A9FDEE01FBDD725 ] C:\Windows\System32\drivers\wfplwf.sys
12:03:26.0532 2004  C:\Windows\System32\drivers\wfplwf.sys - ok
12:03:26.0532 2004  [ 0557CF5A2556BD58E26384169D72438D ] C:\Windows\System32\drivers\pacer.sys
12:03:26.0532 2004  C:\Windows\System32\drivers\pacer.sys - ok
12:03:26.0547 2004  [ 6A3D66263414FF0D6FA754C646612F3F ] C:\Windows\System32\drivers\vwififlt.sys
12:03:26.0547 2004  C:\Windows\System32\drivers\vwififlt.sys - ok
12:03:26.0547 2004  [ 86743D9F5D2B1048062B14B1D84501C4 ] C:\Windows\System32\drivers\netbios.sys
12:03:26.0547 2004  C:\Windows\System32\drivers\netbios.sys - ok
12:03:26.0547 2004  [ 77F665941019A1594D887A74F301FA2F ] C:\Windows\System32\drivers\rdbss.sys
12:03:26.0547 2004  C:\Windows\System32\drivers\rdbss.sys - ok
12:03:26.0547 2004  [ E7F5AE18AF4168178A642A9247C63001 ] C:\Windows\System32\drivers\nsiproxy.sys
12:03:26.0547 2004  C:\Windows\System32\drivers\nsiproxy.sys - ok
12:03:26.0563 2004  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] C:\Windows\System32\drivers\dfsc.sys
12:03:26.0563 2004  C:\Windows\System32\drivers\dfsc.sys - ok
12:03:26.0563 2004  [ 3566A8DAAFA27AF944F5D705EAA64894 ] C:\Windows\System32\drivers\tunnel.sys
12:03:26.0563 2004  C:\Windows\System32\drivers\tunnel.sys - ok
12:03:26.0563 2004  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] C:\Windows\System32\drivers\hdaudbus.sys
12:03:26.0563 2004  C:\Windows\System32\drivers\hdaudbus.sys - ok
12:03:26.0563 2004  [ CF95B85FF8D128385ABD411C8CA74DED ] C:\Windows\System32\ntdll.dll
12:03:26.0563 2004  C:\Windows\System32\ntdll.dll - ok
12:03:26.0563 2004  [ 1911A3356FA3F77CCC825CCBAC038C2A ] C:\Windows\System32\smss.exe
12:03:26.0563 2004  C:\Windows\System32\smss.exe - ok
12:03:26.0578 2004  [ B6AC71AAA2B10848F57FC49D55A651AF ] C:\Windows\System32\drivers\HECIx64.sys
12:03:26.0578 2004  C:\Windows\System32\drivers\HECIx64.sys - ok
12:03:26.0594 2004  [ 3B536A8BEC3B4F23FFDFD78B11A2AB93 ] C:\Windows\System32\autochk.exe
12:03:26.0594 2004  C:\Windows\System32\autochk.exe - ok
12:03:26.0594 2004  [ AE259C75F9A0B057B6BF9E9695632B09 ] C:\Windows\System32\drivers\usbport.sys
12:03:26.0594 2004  C:\Windows\System32\drivers\usbport.sys - ok
12:03:26.0594 2004  [ C025055FE7B87701EB042095DF1A2D7B ] C:\Windows\System32\drivers\usbehci.sys
12:03:26.0594 2004  C:\Windows\System32\drivers\usbehci.sys - ok
12:03:26.0594 2004  [ 1DBA462CF92D890D8F8E6472E7E8B4B4 ] C:\Windows\System32\urlmon.dll
12:03:26.0594 2004  C:\Windows\System32\urlmon.dll - ok
12:03:26.0594 2004  [ BAB887A2B2786310A966881F074F4A99 ] C:\Windows\System32\drivers\BCMWL664.SYS
12:03:26.0594 2004  C:\Windows\System32\drivers\BCMWL664.SYS - ok
12:03:26.0610 2004  [ 5D8E6C95156ED1F79A63D1EADE6F9ED5 ] C:\Windows\System32\setupapi.dll
12:03:26.0610 2004  C:\Windows\System32\setupapi.dll - ok
12:03:26.0610 2004  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] C:\Windows\System32\drivers\vwifibus.sys
12:03:26.0610 2004  C:\Windows\System32\drivers\vwifibus.sys - ok
12:03:26.0610 2004  [ 39918DB0EFCF045A1CE6FABBF339F975 ] C:\Windows\System32\drivers\L1C62x64.sys
12:03:26.0610 2004  C:\Windows\System32\drivers\L1C62x64.sys - ok
12:03:26.0610 2004  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] C:\Windows\System32\drivers\i8042prt.sys
12:03:26.0610 2004  C:\Windows\System32\drivers\i8042prt.sys - ok
12:03:26.0610 2004  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] C:\Windows\System32\drivers\kbdclass.sys
12:03:26.0610 2004  C:\Windows\System32\drivers\kbdclass.sys - ok
12:03:26.0625 2004  [ A1BE6A720D02E37F72E9CD89AE9CB3CF ] C:\Windows\System32\imagehlp.dll
12:03:26.0625 2004  C:\Windows\System32\imagehlp.dll - ok
12:03:26.0625 2004  [ 1DC3504CA4C57900F1557E9A3F01D272 ] C:\Windows\System32\kernel32.dll
12:03:26.0625 2004  C:\Windows\System32\kernel32.dll - ok
12:03:26.0625 2004  [ C25866BDF0E818E02BB8E76845D26E54 ] C:\Windows\System32\drivers\SynTP.sys
12:03:26.0625 2004  C:\Windows\System32\drivers\SynTP.sys - ok
12:03:26.0625 2004  [ CCA2AB1752A61F29C3C941CD79D78CEA ] C:\Windows\System32\drivers\usbd.sys
12:03:26.0625 2004  C:\Windows\System32\drivers\usbd.sys - ok
12:03:26.0625 2004  [ 7D27EA49F3C1F687D357E77A470AEA99 ] C:\Windows\System32\drivers\mouclass.sys
12:03:26.0625 2004  C:\Windows\System32\drivers\mouclass.sys - ok
12:03:26.0641 2004  [ 1084AA52CCC324EA54C7121FA24C2221 ] C:\Windows\System32\gdi32.dll
12:03:26.0641 2004  C:\Windows\System32\gdi32.dll - ok
12:03:26.0672 2004  [ AA2C08CE85653B1A0D2E4AB407FA176C ] C:\Windows\System32\imm32.dll
12:03:26.0672 2004  C:\Windows\System32\imm32.dll - ok
12:03:26.0672 2004  [ F036CE71586E93D94DAB220D7BDF4416 ] C:\Windows\System32\drivers\cdrom.sys
12:03:26.0672 2004  C:\Windows\System32\drivers\cdrom.sys - ok
12:03:26.0688 2004  [ EAF32CB8C1F810E4715B4DFBE785C7FF ] C:\Windows\System32\shlwapi.dll
12:03:26.0688 2004  C:\Windows\System32\shlwapi.dll - ok
12:03:26.0688 2004  [ 36FDF367A1DABFF903E2214023D71368 ] C:\Windows\System32\drivers\Impcd.sys
12:03:26.0688 2004  C:\Windows\System32\drivers\Impcd.sys - ok
12:03:26.0688 2004  [ 4E4FFB09D895AA000DD56D1404F69A7E ] C:\Windows\System32\Wldap32.dll
12:03:26.0688 2004  C:\Windows\System32\Wldap32.dll - ok
12:03:26.0688 2004  [ F6FF8944478594D0E414D3F048F0D778 ] C:\Windows\System32\drivers\wmiacpi.sys
12:03:26.0688 2004  C:\Windows\System32\drivers\wmiacpi.sys - ok
12:03:26.0703 2004  [ 61583EE3C3A17003C4ACD0475646B4D3 ] C:\Windows\System32\drivers\blbdrive.sys
12:03:26.0703 2004  C:\Windows\System32\drivers\blbdrive.sys - ok
12:03:26.0719 2004  [ C391FC68282A000CDF953F8B6B55D2EF ] C:\Windows\System32\msvcrt.dll
12:03:26.0719 2004  C:\Windows\System32\msvcrt.dll - ok
12:03:26.0719 2004  [ 03EDB043586CCEBA243D689BDDA370A8 ] C:\Windows\System32\drivers\CompositeBus.sys
12:03:26.0719 2004  C:\Windows\System32\drivers\CompositeBus.sys - ok
12:03:26.0719 2004  [ 2F8B1E3EE3545D3B5A8D56FA1AE07B65 ] C:\Windows\System32\usp10.dll
12:03:26.0719 2004  C:\Windows\System32\usp10.dll - ok
12:03:26.0719 2004  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] C:\Windows\System32\drivers\mssmbios.sys
12:03:26.0719 2004  C:\Windows\System32\drivers\mssmbios.sys - ok
12:03:26.0719 2004  [ 7ECFF9B22276B73F43A99A15A6094E90 ] C:\Windows\System32\drivers\agilevpn.sys
12:03:26.0719 2004  C:\Windows\System32\drivers\agilevpn.sys - ok
12:03:26.0734 2004  [ 471815800AE33E6F1C32FB1B97C490CA ] C:\Windows\System32\drivers\rasl2tp.sys
12:03:26.0734 2004  C:\Windows\System32\drivers\rasl2tp.sys - ok
12:03:26.0734 2004  [ 4BBFA57F594F7E8A8EDC8F377184C3F0 ] C:\Windows\System32\ws2_32.dll
12:03:26.0734 2004  C:\Windows\System32\ws2_32.dll - ok
12:03:26.0734 2004  [ 9835E63E09F824D22B689D2BB789BAB9 ] C:\Windows\System32\comdlg32.dll
12:03:26.0734 2004  C:\Windows\System32\comdlg32.dll - ok
12:03:26.0734 2004  [ 30639C932D9FEF22B31268FE25A1B6E5 ] C:\Windows\System32\drivers\ndistapi.sys
12:03:26.0734 2004  C:\Windows\System32\drivers\ndistapi.sys - ok
12:03:26.0734 2004  [ 53F7305169863F0A2BDDC49E116C2E11 ] C:\Windows\System32\drivers\ndiswan.sys
12:03:26.0734 2004  C:\Windows\System32\drivers\ndiswan.sys - ok
12:03:26.0750 2004  [ 25983DE69B57142039AC8D95E71CD9C9 ] C:\Windows\System32\clbcatq.dll
12:03:26.0750 2004  C:\Windows\System32\clbcatq.dll - ok
12:03:26.0750 2004  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] C:\Windows\System32\drivers\raspppoe.sys
12:03:26.0750 2004  C:\Windows\System32\drivers\raspppoe.sys - ok
12:03:26.0750 2004  [ 6DF46D2BD74E3DA1B45F08F10D172732 ] C:\Windows\System32\advapi32.dll
12:03:26.0750 2004  C:\Windows\System32\advapi32.dll - ok
12:03:26.0750 2004  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] C:\Windows\System32\drivers\raspptp.sys
12:03:26.0750 2004  C:\Windows\System32\drivers\raspptp.sys - ok
12:03:26.0766 2004  [ E8B1E447B008D07FF47D016C2B0EEECB ] C:\Windows\System32\drivers\rassstp.sys
12:03:26.0766 2004  C:\Windows\System32\drivers\rassstp.sys - ok
12:03:26.0781 2004  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] C:\Windows\System32\drivers\termdd.sys
12:03:26.0781 2004  C:\Windows\System32\drivers\termdd.sys - ok
12:03:26.0781 2004  [ D202223587518B13D72D68937B7E3F70 ] C:\Windows\System32\lpk.dll
12:03:26.0781 2004  C:\Windows\System32\lpk.dll - ok
12:03:26.0781 2004  [ D87E1E59C73C1F98D5DED5B3850C40F5 ] C:\Windows\System32\psapi.dll
12:03:26.0781 2004  C:\Windows\System32\psapi.dll - ok
12:03:26.0781 2004  [ F7CE0C81C545364020ED8203CF0A633E ] C:\Windows\System32\difxapi.dll
12:03:26.0781 2004  C:\Windows\System32\difxapi.dll - ok
12:03:26.0781 2004  [ 24FBF5CC5C04150073C315A7C83521EE ] C:\Windows\System32\drivers\ks.sys
12:03:26.0781 2004  C:\Windows\System32\drivers\ks.sys - ok
12:03:26.0812 2004  [ 0611473C1AD9E2D991CD9482068417F7 ] C:\Windows\System32\rpcrt4.dll
12:03:26.0812 2004  C:\Windows\System32\rpcrt4.dll - ok
12:03:26.0812 2004  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] C:\Windows\System32\drivers\swenum.sys
12:03:26.0812 2004  C:\Windows\System32\drivers\swenum.sys - ok
12:03:26.0828 2004  [ DC54A574663A895C8763AF0FA1FF7561 ] C:\Windows\System32\drivers\umbus.sys
12:03:26.0828 2004  C:\Windows\System32\drivers\umbus.sys - ok
12:03:26.0844 2004  [ FE70103391A64039A921DBFFF9C7AB1B ] C:\Windows\System32\user32.dll
12:03:26.0844 2004  C:\Windows\System32\user32.dll - ok
12:03:26.0844 2004  [ 5121DB613E10A46A3C5085B479026AA7 ] C:\Windows\System32\wininet.dll
12:03:26.0844 2004  C:\Windows\System32\wininet.dll - ok
12:03:26.0844 2004  [ 83404DCBCE4925B6A5A77C5170F46D86 ] C:\Windows\System32\sechost.dll
12:03:26.0844 2004  C:\Windows\System32\sechost.dll - ok
12:03:26.0844 2004  [ 287C6C9410B111B68B52CA298F7B8C24 ] C:\Windows\System32\drivers\usbhub.sys
12:03:26.0844 2004  C:\Windows\System32\drivers\usbhub.sys - ok
12:03:26.0844 2004  [ 6C60B5ACA7442EFB794082CDACFC001C ] C:\Windows\System32\ole32.dll
12:03:26.0844 2004  C:\Windows\System32\ole32.dll - ok
12:03:26.0859 2004  [ C431EAF5CAA1C82CAC2534A2EAB348A3 ] C:\Windows\System32\msctf.dll
12:03:26.0859 2004  C:\Windows\System32\msctf.dll - ok
12:03:26.0859 2004  [ A0F52880DDD164F968BE903C1FECD27E ] C:\Windows\System32\iertutil.dll
12:03:26.0859 2004  C:\Windows\System32\iertutil.dll - ok
12:03:26.0859 2004  [ C6689007B3A749C49A5438DCF36E0CE4 ] C:\Windows\System32\shell32.dll
12:03:26.0859 2004  C:\Windows\System32\shell32.dll - ok
12:03:26.0859 2004  [ C06B32165E23A72A898B7A89679AD754 ] C:\Windows\System32\oleaut32.dll
12:03:26.0859 2004  C:\Windows\System32\oleaut32.dll - ok
12:03:26.0859 2004  [ 044FE45FFD6AD40E3BBBE60B7F41BABE ] C:\Windows\System32\nsi.dll
12:03:26.0859 2004  C:\Windows\System32\nsi.dll - ok
12:03:26.0875 2004  [ 28C0B5024F5C5A438E78B188CFC81B7F ] C:\Windows\System32\normaliz.dll
12:03:26.0875 2004  C:\Windows\System32\normaliz.dll - ok
12:03:26.0875 2004  [ AA06902362B1422D7A7DA7061E07C624 ] C:\Windows\System32\wintrust.dll
12:03:26.0875 2004  C:\Windows\System32\wintrust.dll - ok
12:03:26.0875 2004  [ 06FEC9E8117103BB1141A560E98077DA ] C:\Windows\System32\devobj.dll
12:03:26.0875 2004  C:\Windows\System32\devobj.dll - ok
12:03:26.0875 2004  [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\System32\comctl32.dll
12:03:26.0875 2004  C:\Windows\System32\comctl32.dll - ok
12:03:26.0875 2004  [ 2477A28081BDAEE622CF045ACF8EE124 ] C:\Windows\System32\cfgmgr32.dll
12:03:26.0875 2004  C:\Windows\System32\cfgmgr32.dll - ok
12:03:26.0890 2004  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] C:\Windows\System32\drivers\ndproxy.sys
12:03:26.0890 2004  C:\Windows\System32\drivers\ndproxy.sys - ok
12:03:26.0906 2004  [ 12EE6FE9268CEE6D90FDCCBF89236C65 ] C:\Windows\System32\crypt32.dll
12:03:26.0906 2004  C:\Windows\System32\crypt32.dll - ok
12:03:26.0906 2004  [ 6F2E324703E6D22B9934C33DA48F1F01 ] C:\Windows\System32\KernelBase.dll
12:03:26.0906 2004  C:\Windows\System32\KernelBase.dll - ok
12:03:26.0906 2004  [ 884415BD4269C02EAF8E2613BF85500D ] C:\Windows\System32\msasn1.dll
12:03:26.0906 2004  C:\Windows\System32\msasn1.dll - ok
12:03:26.0906 2004  [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\SysWOW64\normaliz.dll
12:03:26.0906 2004  C:\Windows\SysWOW64\normaliz.dll - ok
12:03:26.0906 2004  [ 6F1A3157A1C89435352CEB543CDB359C ] C:\Windows\System32\drivers\usbccgp.sys
12:03:26.0906 2004  C:\Windows\System32\drivers\usbccgp.sys - ok
12:03:26.0922 2004  [ 8B0E40E7E8BBF5ACF390465609D89FF1 ] C:\Windows\System32\drivers\hidclass.sys
12:03:26.0922 2004  C:\Windows\System32\drivers\hidclass.sys - ok
12:03:26.0922 2004  [ 49EE2E52E6CD03947DAD72F65367BE06 ] C:\Windows\System32\drivers\hidparse.sys
12:03:26.0922 2004  C:\Windows\System32\drivers\hidparse.sys - ok
12:03:26.0922 2004  [ 9592090A7E2B61CD582B612B6DF70536 ] C:\Windows\System32\drivers\hidusb.sys
12:03:26.0922 2004  C:\Windows\System32\drivers\hidusb.sys - ok
12:03:26.0922 2004  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] C:\Windows\System32\drivers\mouhid.sys
12:03:26.0922 2004  C:\Windows\System32\drivers\mouhid.sys - ok
12:03:26.0937 2004  [ 33328FA8A580885AB0065BE6DB266E9F ] C:\Windows\System32\drivers\point64.sys
12:03:26.0937 2004  C:\Windows\System32\drivers\point64.sys - ok
12:03:26.0937 2004  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] C:\Windows\System32\drivers\kbdhid.sys
12:03:26.0937 2004  C:\Windows\System32\drivers\kbdhid.sys - ok
12:03:26.0937 2004  [ BF24D6F2ED97FE830BFD52B246F98E67 ] C:\Windows\System32\drivers\dxapi.sys
12:03:26.0937 2004  C:\Windows\System32\drivers\dxapi.sys - ok
12:03:26.0937 2004  [ C58923115CDE6071C3BF2FF063546E9F ] C:\Windows\System32\win32k.sys
12:03:26.0937 2004  C:\Windows\System32\win32k.sys - ok
12:03:26.0937 2004  [ 60C2862B4BF0FD9F582EF344C2B1EC72 ] C:\Windows\System32\csrss.exe
12:03:26.0937 2004  C:\Windows\System32\csrss.exe - ok
12:03:26.0953 2004  [ 96F587CA26A6AA894BD8CACE4540CFFC ] C:\Windows\System32\csrsrv.dll
12:03:26.0953 2004  C:\Windows\System32\csrsrv.dll - ok
12:03:26.0984 2004  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\System32\basesrv.dll
12:03:26.0984 2004  C:\Windows\System32\basesrv.dll - ok
12:03:26.0984 2004  [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\System32\winsrv.dll
12:03:26.0984 2004  C:\Windows\System32\winsrv.dll - ok
12:03:27.0000 2004  [ FEDE0629ECB23650D48989517D4914DA ] C:\Windows\System32\drivers\dxg.sys
12:03:27.0000 2004  C:\Windows\System32\drivers\dxg.sys - ok
12:03:27.0000 2004  [ F29FE765E1448EF371CFE05BFAC74ADB ] C:\Windows\System32\tsddd.dll
12:03:27.0000 2004  C:\Windows\System32\tsddd.dll - ok
12:03:27.0000 2004  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\System32\sxssrv.dll
12:03:27.0000 2004  C:\Windows\System32\sxssrv.dll - ok
12:03:27.0000 2004  [ 94355C28C1970635A31B3FE52EB7CEBA ] C:\Windows\System32\wininit.exe
12:03:27.0000 2004  C:\Windows\System32\wininit.exe - ok
12:03:27.0000 2004  [ 2C942733A5983DD4502219FF37C7EBC7 ] C:\Windows\System32\profapi.dll
12:03:27.0000 2004  C:\Windows\System32\profapi.dll - ok
12:03:27.0015 2004  [ 8BEC4D6AD2864EDF68D9AD0C6AA6C6D1 ] C:\Windows\System32\vga.dll
12:03:27.0015 2004  C:\Windows\System32\vga.dll - ok
12:03:27.0031 2004  [ E30B04A8FE665C52162D70233ABEA9A3 ] C:\Windows\System32\framebuf.dll
12:03:27.0031 2004  C:\Windows\System32\framebuf.dll - ok
12:03:27.0031 2004  [ C2A8CB1275ECB85D246A9ECC02A728E3 ] C:\Windows\System32\RpcRtRemote.dll
12:03:27.0031 2004  C:\Windows\System32\RpcRtRemote.dll - ok
12:03:27.0031 2004  [ 78523A26F5604C0568FE9D1CE86E36F4 ] C:\Windows\System32\KBDUS.DLL
12:03:27.0031 2004  C:\Windows\System32\KBDUS.DLL - ok
12:03:27.0031 2004  [ 1151B1BAA6F350B1DB6598E0FEA7C457 ] C:\Windows\System32\winlogon.exe
12:03:27.0031 2004  C:\Windows\System32\winlogon.exe - ok
12:03:27.0031 2004  [ 0D9764D58C5EFD672B7184854B152E5E ] C:\Windows\System32\winsta.dll
12:03:27.0031 2004  C:\Windows\System32\winsta.dll - ok
12:03:27.0046 2004  [ B26B1801356760841C3BC69F9F91537F ] C:\Windows\System32\WlS0WndH.dll
12:03:27.0046 2004  C:\Windows\System32\WlS0WndH.dll - ok
12:03:27.0046 2004  [ 9CEAD32E79A62150FE9F8557E58E008B ] C:\Windows\System32\sxs.dll
12:03:27.0046 2004  C:\Windows\System32\sxs.dll - ok
12:03:27.0046 2004  [ 784FA3DF338E2E8F5F0389D6FAC428AF ] C:\Windows\System32\cryptbase.dll
12:03:27.0046 2004  C:\Windows\System32\cryptbase.dll - ok
12:03:27.0046 2004  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\System32\services.exe
12:03:27.0046 2004  C:\Windows\System32\services.exe - ok
12:03:27.0062 2004  [ C118A82CD78818C29AB228366EBF81C3 ] C:\Windows\System32\lsass.exe
12:03:27.0062 2004  C:\Windows\System32\lsass.exe - ok
12:03:27.0062 2004  [ 9662EE182644511439F1C53745DC1C88 ] C:\Windows\System32\lsm.exe
12:03:27.0062 2004  C:\Windows\System32\lsm.exe - ok
12:03:27.0062 2004  [ 3A0CE5FE781708CD6ABD55313607EC8B ] C:\Windows\System32\sspisrv.dll
12:03:27.0062 2004  C:\Windows\System32\sspisrv.dll - ok
12:03:27.0062 2004  [ 66A6063D0BAAD3F7B2B9868859E0743B ] C:\Windows\System32\lsasrv.dll
12:03:27.0062 2004  C:\Windows\System32\lsasrv.dll - ok
12:03:27.0062 2004  [ B66BC8B20B7F33975865B1DF99783FD8 ] C:\Windows\System32\sspicli.dll
12:03:27.0062 2004  C:\Windows\System32\sspicli.dll - ok
12:03:27.0078 2004  [ E914A50A151DFFE63D3935226DB5E2C1 ] C:\Windows\System32\scext.dll
12:03:27.0078 2004  C:\Windows\System32\scext.dll - ok
12:03:27.0093 2004  [ 68083118797CAF30FB2EA3E71494D67E ] C:\Windows\System32\sysntfy.dll
12:03:27.0093 2004  C:\Windows\System32\sysntfy.dll - ok
12:03:27.0093 2004  [ DEE7267C5D232A3B816866872CE199E6 ] C:\Windows\System32\wmsgapi.dll
12:03:27.0093 2004  C:\Windows\System32\wmsgapi.dll - ok
12:03:27.0093 2004  [ 0144D8D75A0B12938AEEE859E3310A46 ] C:\Windows\System32\secur32.dll
12:03:27.0093 2004  C:\Windows\System32\secur32.dll - ok
12:03:27.0093 2004  [ BBCDF350817BA86416C0F06B6981BE8D ] C:\Windows\System32\scesrv.dll
12:03:27.0093 2004  C:\Windows\System32\scesrv.dll - ok
12:03:27.0093 2004  [ 3A9C9BAF610B0DD4967086040B3B62A9 ] C:\Windows\System32\srvcli.dll
12:03:27.0093 2004  C:\Windows\System32\srvcli.dll - ok
12:03:27.0109 2004  [ A744BA6E04C8AA4592818178DBF89521 ] C:\Windows\System32\samsrv.dll
12:03:27.0109 2004  C:\Windows\System32\samsrv.dll - ok
12:03:27.0109 2004  [ 3A061472B38233BAFF9CFEFF2E49C46B ] C:\Windows\System32\cryptdll.dll
12:03:27.0109 2004  C:\Windows\System32\cryptdll.dll - ok
12:03:27.0109 2004  [ 3C073B0C596A0AF84933E7406766B040 ] C:\Windows\System32\wevtapi.dll
12:03:27.0109 2004  C:\Windows\System32\wevtapi.dll - ok
12:03:27.0109 2004  [ 86FE1B1F8FD42CD0DB641AB1CDB13093 ] C:\Windows\System32\cngaudit.dll
12:03:27.0109 2004  C:\Windows\System32\cngaudit.dll - ok
12:03:27.0109 2004  [ 7FBEBD2229EA5FD48D41B199EC2D541C ] C:\Windows\System32\authz.dll
12:03:27.0109 2004  C:\Windows\System32\authz.dll - ok
12:03:27.0140 2004  [ 400645085A91BF3EB0271329B95AE0BE ] C:\Windows\System32\ncrypt.dll
12:03:27.0140 2004  C:\Windows\System32\ncrypt.dll - ok
12:03:27.0140 2004  [ B9A95365E52F421A20E1501935FADDA5 ] C:\Windows\System32\bcrypt.dll
12:03:27.0140 2004  C:\Windows\System32\bcrypt.dll - ok
12:03:27.0156 2004  [ 02B64609F865A39365FF88580DF11738 ] C:\Windows\System32\msprivs.dll
12:03:27.0156 2004  C:\Windows\System32\msprivs.dll - ok
12:03:27.0156 2004  [ C6505DE3561537BA1004D638C2F93F2F ] C:\Windows\System32\netjoin.dll
12:03:27.0156 2004  C:\Windows\System32\netjoin.dll - ok
12:03:27.0156 2004  [ 50532FCD7ECF02DD169CE5C485F02534 ] C:\Windows\System32\negoexts.dll
12:03:27.0156 2004  C:\Windows\System32\negoexts.dll - ok
12:03:27.0156 2004  [ 44E1A196DFCB53B01FE4B855C3B56A15 ] C:\Windows\System32\kerberos.dll
12:03:27.0156 2004  C:\Windows\System32\kerberos.dll - ok
12:03:27.0156 2004  [ D0C2FBB6D97416B0166478FC7AE2B212 ] C:\Windows\System32\cryptsp.dll
12:03:27.0156 2004  C:\Windows\System32\cryptsp.dll - ok
12:03:27.0171 2004  [ 1D5185A4C7E6695431AE4B55C3D7D333 ] C:\Windows\System32\mswsock.dll
12:03:27.0171 2004  C:\Windows\System32\mswsock.dll - ok
12:03:27.0171 2004  [ EC7CBFF96B05ECF3D366355B3C64ADCF ] C:\Windows\System32\wship6.dll
12:03:27.0171 2004  C:\Windows\System32\wship6.dll - ok
12:03:27.0171 2004  [ EF12B8385AA2849999008A977918F96B ] C:\Windows\System32\msv1_0.dll
12:03:27.0171 2004  C:\Windows\System32\msv1_0.dll - ok
12:03:27.0171 2004  [ AA339DD8BB128EF66660DFBBB59043D3 ] C:\Windows\System32\netlogon.dll
12:03:27.0171 2004  C:\Windows\System32\netlogon.dll - ok
12:03:27.0171 2004  [ 492D07D79E7024CA310867B526D9636D ] C:\Windows\System32\dnsapi.dll
12:03:27.0171 2004  C:\Windows\System32\dnsapi.dll - ok
12:03:27.0187 2004  [ 8FFE297B8449386E7B6851458B6E474E ] C:\Windows\System32\logoncli.dll
12:03:27.0187 2004  C:\Windows\System32\logoncli.dll - ok
12:03:27.0187 2004  [ 1573C45E65DE32B1BC3572634F8F1E8E ] C:\Windows\System32\schannel.dll
12:03:27.0187 2004  C:\Windows\System32\schannel.dll - ok
12:03:27.0187 2004  [ 95FB6CA4374E343DDD653FCC43F9D26B ] C:\Windows\System32\wdigest.dll
12:03:27.0187 2004  C:\Windows\System32\wdigest.dll - ok
12:03:27.0187 2004  [ 5D8874A8C11DDDDE29E12DE0E2013493 ] C:\Windows\System32\rsaenh.dll
12:03:27.0187 2004  C:\Windows\System32\rsaenh.dll - ok
12:03:27.0187 2004  [ 8A25506B6948EFBD5A7F37E53CCD36D9 ] C:\Windows\System32\TSpkg.dll
12:03:27.0187 2004  C:\Windows\System32\TSpkg.dll - ok
12:03:27.0202 2004  [ E08088A97F95345E181C3DFCE2C615EF ] C:\Windows\System32\pku2u.dll
12:03:27.0202 2004  C:\Windows\System32\pku2u.dll - ok
12:03:27.0218 2004  [ 55C892560C1B42BC57FB61AEFCED2F22 ] C:\Windows\System32\LIVESSP.DLL
12:03:27.0218 2004  C:\Windows\System32\LIVESSP.DLL - ok
12:03:27.0218 2004  [ CB2ABB2DA1E9C977302A78D86D4AE3B0 ] C:\Windows\System32\atmfd.dll
12:03:27.0218 2004  C:\Windows\System32\atmfd.dll - ok
12:03:27.0218 2004  [ D6C7780A364C6BBACFA796BAB9F1B374 ] C:\Windows\System32\bcryptprimitives.dll
12:03:27.0218 2004  C:\Windows\System32\bcryptprimitives.dll - ok
12:03:27.0218 2004  [ 90BDEFC5DF334E5100EAA781D798DE1A ] C:\Windows\System32\efslsaext.dll
12:03:27.0218 2004  C:\Windows\System32\efslsaext.dll - ok
12:03:27.0234 2004  [ 52D3D5E3586988D4D9E34ACAAC33105C ] C:\Windows\System32\credssp.dll
12:03:27.0234 2004  C:\Windows\System32\credssp.dll - ok
12:03:27.0234 2004  [ ED78427259134C63ED69804D2132B86C ] C:\Windows\System32\scecli.dll
12:03:27.0234 2004  C:\Windows\System32\scecli.dll - ok
12:03:27.0234 2004  [ 7CC7DF5B654DA579613F811D8C637E29 ] C:\Windows\System32\ubpm.dll
12:03:27.0234 2004  C:\Windows\System32\ubpm.dll - ok
12:03:27.0234 2004  [ C78655BC80301D76ED4FEF1C1EA40A7D ] C:\Windows\System32\svchost.exe
12:03:27.0234 2004  C:\Windows\System32\svchost.exe - ok
12:03:27.0234 2004  [ 25FBDEF06C4D92815B353F6E792C8129 ] C:\Windows\System32\umpnpmgr.dll
12:03:27.0234 2004  C:\Windows\System32\umpnpmgr.dll - ok
12:03:27.0249 2004  [ E6EB44ABAAF1F330119F854856C53EBE ] C:\Windows\System32\SPInf.dll
12:03:27.0249 2004  C:\Windows\System32\SPInf.dll - ok
12:03:27.0249 2004  [ CD1B5AD07E5F7FEF30E055DCC9E96180 ] C:\Windows\System32\devrtl.dll
12:03:27.0249 2004  C:\Windows\System32\devrtl.dll - ok
12:03:27.0249 2004  [ 7A17485DC7D8A7AC81321A42CD034519 ] C:\Windows\System32\userenv.dll
12:03:27.0249 2004  C:\Windows\System32\userenv.dll - ok
12:03:27.0249 2004  [ 9C9307C95671AC962F3D6EB3A4A89BAE ] C:\Windows\System32\gpapi.dll
12:03:27.0249 2004  C:\Windows\System32\gpapi.dll - ok
12:03:27.0249 2004  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] C:\Windows\System32\umpo.dll
12:03:27.0249 2004  C:\Windows\System32\umpo.dll - ok
12:03:27.0265 2004  [ F6C011B46FAEEF33536B2E80F48B5CBE ] C:\Windows\System32\pcwum.dll
12:03:27.0265 2004  C:\Windows\System32\pcwum.dll - ok
12:03:27.0296 2004  [ 716175021BDA290504CE434273F666BC ] C:\Windows\System32\powrprof.dll
12:03:27.0296 2004  C:\Windows\System32\powrprof.dll - ok
12:03:27.0296 2004  [ AB886378EEB55C6C75B4F2D14B6C869F ] C:\Windows\System32\drivers\WUDFPf.sys
12:03:27.0296 2004  C:\Windows\System32\drivers\WUDFPf.sys - ok
12:03:27.0312 2004  [ 5C627D1B1138676C0A7AB2C2C190D123 ] C:\Windows\System32\rpcss.dll
12:03:27.0312 2004  C:\Windows\System32\rpcss.dll - ok
12:03:27.0312 2004  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] C:\Windows\System32\RpcEpMap.dll
12:03:27.0312 2004  C:\Windows\System32\RpcEpMap.dll - ok
12:03:27.0312 2004  [ 31559F3244C6BC00A52030CAA83B6B91 ] C:\Windows\System32\WSHTCPIP.DLL
12:03:27.0312 2004  C:\Windows\System32\WSHTCPIP.DLL - ok
12:03:27.0312 2004  [ 16E964ABF6D1E0F0CC7822FCA9BA754D ] C:\Windows\System32\wshqos.dll
12:03:27.0312 2004  C:\Windows\System32\wshqos.dll - ok
12:03:27.0312 2004  [ 9AD9E06F8656F296D91FAE8EE5B95A27 ] C:\Windows\System32\FirewallAPI.dll
12:03:27.0312 2004  C:\Windows\System32\FirewallAPI.dll - ok
12:03:27.0327 2004  [ 715F03B4C7223349768013EA95D9E5B7 ] C:\Windows\System32\LogonUI.exe
12:03:27.0327 2004  C:\Windows\System32\LogonUI.exe - ok
12:03:27.0343 2004  [ 94E026870A55AAEAFF7853C1754091E9 ] C:\Windows\System32\version.dll
12:03:27.0343 2004  C:\Windows\System32\version.dll - ok
12:03:27.0343 2004  [ 0BEE002C68E28CE6DA161DCF1376D7D7 ] C:\Windows\System32\authui.dll
12:03:27.0343 2004  C:\Windows\System32\authui.dll - ok
12:03:27.0343 2004  [ 6011714C8C5C55CBFFAD24D61E879FBD ] C:\Windows\System32\wevtsvc.dll
12:03:27.0343 2004  C:\Windows\System32\wevtsvc.dll - ok
12:03:27.0343 2004  [ B3BFBD758506ECB50C5804AAA76318F9 ] C:\Windows\System32\cryptui.dll
12:03:27.0343 2004  C:\Windows\System32\cryptui.dll - ok
12:03:27.0343 2004  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] C:\Windows\System32\profsvc.dll
12:03:27.0343 2004  C:\Windows\System32\profsvc.dll - ok
12:03:27.0358 2004  [ 58775492FFD419248B08325E583C527F ] C:\Windows\System32\atl.dll
12:03:27.0358 2004  C:\Windows\System32\atl.dll - ok
12:03:27.0358 2004  [ 588CD0C78A7FAAE4186B5EEA0AF3ED67 ] C:\Windows\System32\adtschema.dll
12:03:27.0358 2004  C:\Windows\System32\adtschema.dll - ok
12:03:27.0358 2004  [ B20F051B03A966392364C83F009F7D17 ] C:\Windows\System32\WUDFSvc.dll
12:03:27.0358 2004  C:\Windows\System32\WUDFSvc.dll - ok
12:03:27.0358 2004  [ B1DF2D87DC8BF6072699AC8301B37796 ] C:\Windows\System32\WUDFPlatform.dll
12:03:27.0358 2004  C:\Windows\System32\WUDFPlatform.dll - ok
12:03:27.0374 2004  [ 7FA8FDC2C2A27817FD0F624E78D3B50C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
12:03:27.0374 2004  C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok
12:03:27.0374 2004  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] C:\Windows\System32\wlansvc.dll
12:03:27.0374 2004  C:\Windows\System32\wlansvc.dll - ok
12:03:27.0374 2004  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] C:\Windows\System32\drivers\nwifi.sys
12:03:27.0374 2004  C:\Windows\System32\drivers\nwifi.sys - ok
12:03:27.0374 2004  [ 136185F9FB2CC61E573E676AA5402356 ] C:\Windows\System32\drivers\ndisuio.sys
12:03:27.0374 2004  C:\Windows\System32\drivers\ndisuio.sys - ok
12:03:27.0374 2004  [ F993A32249B66C9D622EA5592A8B76B8 ] C:\Windows\System32\lmhsvc.dll
12:03:27.0374 2004  C:\Windows\System32\lmhsvc.dll - ok
12:03:27.0390 2004  [ D54BFDF3E0C953F823B3D0BFE4732528 ] C:\Windows\System32\nsisvc.dll
12:03:27.0390 2004  C:\Windows\System32\nsisvc.dll - ok
12:03:27.0405 2004  [ 2B81776DA02017A37FE26C662827470E ] C:\Windows\System32\IPHLPAPI.DLL
12:03:27.0405 2004  C:\Windows\System32\IPHLPAPI.DLL - ok
12:03:27.0405 2004  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] C:\Windows\System32\dnsrslvr.dll
12:03:27.0405 2004  C:\Windows\System32\dnsrslvr.dll - ok
12:03:27.0405 2004  [ F9EC845C5EECF20E9A67F9F805F2EF1F ] C:\Windows\System32\keyiso.dll
12:03:27.0405 2004  C:\Windows\System32\keyiso.dll - ok
12:03:27.0405 2004  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] C:\Windows\System32\eapsvc.dll
12:03:27.0405 2004  C:\Windows\System32\eapsvc.dll - ok
12:03:27.0405 2004  [ 4C9210E8F4E052F6A4EB87716DA0C24C ] C:\Windows\System32\winnsi.dll
12:03:27.0405 2004  C:\Windows\System32\winnsi.dll - ok
12:03:27.0421 2004  [ B73A6E4B319AFFE64582AC5C1801BB3F ] C:\Windows\System32\nrpsrv.dll
12:03:27.0421 2004  C:\Windows\System32\nrpsrv.dll - ok
12:03:27.0421 2004  [ 87356377F31DA5F20A833811CD59499C ] C:\Windows\System32\eapphost.dll
12:03:27.0421 2004  C:\Windows\System32\eapphost.dll - ok
12:03:27.0421 2004  [ 0040C486584A8E582C861CFB57AB5387 ] C:\Windows\System32\FWPUCLNT.DLL
12:03:27.0421 2004  C:\Windows\System32\FWPUCLNT.DLL - ok
12:03:27.0421 2004  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] C:\Windows\System32\dhcpcore.dll
12:03:27.0421 2004  C:\Windows\System32\dhcpcore.dll - ok
12:03:27.0421 2004  [ 4E9C2DB10F7E6AE91BF761139D4B745B ] C:\Windows\System32\shacct.dll
12:03:27.0421 2004  C:\Windows\System32\shacct.dll - ok
12:03:27.0436 2004  [ 885D0942E0F28DB90919BE3129ECF279 ] C:\Windows\System32\dnsext.dll
12:03:27.0436 2004  C:\Windows\System32\dnsext.dll - ok
12:03:27.0436 2004  [ 3CC16A849E6092E43909F48EF0E60306 ] C:\Windows\System32\dhcpcore6.dll
12:03:27.0436 2004  C:\Windows\System32\dhcpcore6.dll - ok
12:03:27.0436 2004  [ F568F7C08458D69E4FCD8675BBB107E4 ] C:\Windows\System32\dhcpcsvc.dll
12:03:27.0436 2004  C:\Windows\System32\dhcpcsvc.dll - ok
12:03:27.0436 2004  [ 5B3EBFC3DA142324B388DDCC4465E1FF ] C:\Windows\System32\samlib.dll
12:03:27.0436 2004  C:\Windows\System32\samlib.dll - ok
12:03:27.0436 2004  [ 3C06D5A929B798D0B13F6481242A0FD2 ] C:\Windows\System32\dhcpcsvc6.dll
12:03:27.0436 2004  C:\Windows\System32\dhcpcsvc6.dll - ok
12:03:27.0452 2004  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] C:\Windows\System32\netprofm.dll
12:03:27.0452 2004  C:\Windows\System32\netprofm.dll - ok
12:03:27.0483 2004  [ F06BB4E336EA57511FDBAFAFCC47DE62 ] C:\Windows\System32\propsys.dll
12:03:27.0483 2004  C:\Windows\System32\propsys.dll - ok
12:03:27.0483 2004  [ 9FCA3A84338ADEF2AFF67CDA46EF8539 ] C:\Windows\System32\umb.dll
12:03:27.0483 2004  C:\Windows\System32\umb.dll - ok
12:03:27.0499 2004  [ BD3674BE7FC9D8D3732C83E8499576ED ] C:\Windows\System32\wtsapi32.dll
12:03:27.0499 2004  C:\Windows\System32\wtsapi32.dll - ok
12:03:27.0499 2004  [ A77BE7CB3222B4FB0AC6C71D1C2698D4 ] C:\Windows\System32\dsrole.dll
12:03:27.0499 2004  C:\Windows\System32\dsrole.dll - ok
12:03:27.0499 2004  [ A648C4A06DE367065B24056D067B4460 ] C:\Windows\System32\wlanmsm.dll
12:03:27.0499 2004  C:\Windows\System32\wlanmsm.dll - ok
12:03:27.0499 2004  [ 50544D04AD845C43130B70212EC05CCD ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
12:03:27.0499 2004  C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
12:03:27.0499 2004  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] C:\Windows\System32\MPSSVC.dll
12:03:27.0499 2004  C:\Windows\System32\MPSSVC.dll - ok
12:03:27.0514 2004  [ 06A1386B6E3A0CBC368665C1840906F4 ] C:\Windows\System32\wlansec.dll
12:03:27.0514 2004  C:\Windows\System32\wlansec.dll - ok
12:03:27.0530 2004  [ D29E998E8277666982B4F0303BF4E7AF ] C:\Windows\System32\uxtheme.dll
12:03:27.0530 2004  C:\Windows\System32\uxtheme.dll - ok
12:03:27.0530 2004  [ 73FCB7919DEE80EE556F2E498594EBAE ] C:\Windows\System32\onex.dll
12:03:27.0530 2004  C:\Windows\System32\onex.dll - ok
12:03:27.0530 2004  [ 179E8401224D557ECFF3695F2016EA5B ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll
12:03:27.0530 2004  C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll - ok
12:03:27.0530 2004  [ 65522E77A1360DBC8D199DA3BF5EFFE4 ] C:\Windows\System32\eappprxy.dll
12:03:27.0530 2004  C:\Windows\System32\eappprxy.dll - ok
12:03:27.0546 2004  [ DA6B67270FD9DB3697B20FCE94950741 ] C:\Windows\System32\drivers\fltMgr.sys
12:03:27.0546 2004  C:\Windows\System32\drivers\fltMgr.sys - ok
12:03:27.0546 2004  [ 0D753307D274F3688BD21C377B616700 ] C:\Windows\System32\eappcfg.dll
12:03:27.0546 2004  C:\Windows\System32\eappcfg.dll - ok
12:03:27.0546 2004  [ A3DB3C17EE6CAE65D53602B4E80BCCBC ] C:\Windows\System32\PSHED.DLL
12:03:27.0546 2004  C:\Windows\System32\PSHED.DLL - ok
12:03:27.0546 2004  [ 730BF204A595D5B6D7DC57A247CC741C ] C:\Windows\System32\wlgpclnt.dll
12:03:27.0546 2004  C:\Windows\System32\wlgpclnt.dll - ok
12:03:27.0546 2004  [ 97E43F324BE1503CB2FFB058534688DA ] C:\Windows\System32\l2gpstore.dll
12:03:27.0546 2004  C:\Windows\System32\l2gpstore.dll - ok
12:03:27.0561 2004  [ 7F1B4C6FF3B85F9ADF74055187B8A22C ] C:\Windows\System32\wlanutil.dll
12:03:27.0561 2004  C:\Windows\System32\wlanutil.dll - ok
12:03:27.0561 2004  [ 7D5645EE0EA77D539828433D9B95F5EB ] C:\Windows\System32\WinSCard.dll
12:03:27.0561 2004  C:\Windows\System32\WinSCard.dll - ok
12:03:27.0561 2004  [ 4FFDE68C4B7C9993FA551E7E36DDB34D ] C:\Windows\System32\msxml6.dll
12:03:27.0561 2004  C:\Windows\System32\msxml6.dll - ok
12:03:27.0561 2004  [ 3CB6A7286422C72C34DAB54A5DFF1A34 ] C:\Windows\System32\dui70.dll
12:03:27.0561 2004  C:\Windows\System32\dui70.dll - ok
12:03:27.0561 2004  [ 8CCDE014A4CDF84564E03ACE064CA753 ] C:\Windows\System32\duser.dll
12:03:27.0561 2004  C:\Windows\System32\duser.dll - ok
12:03:27.0577 2004  [ D7F1EF374A90709B31591823B002F918 ] C:\Windows\System32\SndVolSSO.dll
12:03:27.0577 2004  C:\Windows\System32\SndVolSSO.dll - ok
12:03:27.0592 2004  [ 896F15A6434D93EDB42519D5E18E6B50 ] C:\Windows\System32\hid.dll
12:03:27.0592 2004  C:\Windows\System32\hid.dll - ok
12:03:27.0592 2004  [ DA1B7075260F3872585BFCDD668C648B ] C:\Windows\System32\dwmapi.dll
12:03:27.0592 2004  C:\Windows\System32\dwmapi.dll - ok
12:03:27.0592 2004  [ 227E2C382A1E02F8D4965E664D3BBE43 ] C:\Windows\System32\MMDevAPI.dll
12:03:27.0592 2004  C:\Windows\System32\MMDevAPI.dll - ok
12:03:27.0592 2004  [ 43FAB56AE5F639AD59D7209693F4C4C2 ] C:\Windows\System32\wlanext.exe
12:03:27.0592 2004  C:\Windows\System32\wlanext.exe - ok
12:03:27.0592 2004  [ 6F8B48F3D343E4B186AB6A9E302B7E16 ] C:\Windows\System32\xmllite.dll
12:03:27.0592 2004  C:\Windows\System32\xmllite.dll - ok
12:03:27.0608 2004  [ 82974D6A2FD19445CC5171FC378668A4 ] C:\Windows\System32\BFE.DLL
12:03:27.0608 2004  C:\Windows\System32\BFE.DLL - ok
12:03:27.0608 2004  [ 3326166011C9BC13D6A8EFD856E9921C ] C:\Windows\System32\conhost.exe
12:03:27.0608 2004  C:\Windows\System32\conhost.exe - ok
12:03:27.0608 2004  [ 26B73A85855681500BCC25C7CD9FF5B1 ] C:\Windows\System32\WindowsCodecs.dll
12:03:27.0608 2004  C:\Windows\System32\WindowsCodecs.dll - ok
12:03:27.0608 2004  [ BE097F5BB10F9079FCEB2DC4E7E20F02 ] C:\Windows\System32\slc.dll
12:03:27.0608 2004  C:\Windows\System32\slc.dll - ok
12:03:27.0624 2004  [ 6C02A83164F5CC0A262F4199F0871CF5 ] C:\Windows\System32\drivers\bowser.sys
12:03:27.0624 2004  C:\Windows\System32\drivers\bowser.sys - ok
12:03:27.0624 2004  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] C:\Windows\System32\drivers\mpsdrv.sys
12:03:27.0624 2004  C:\Windows\System32\drivers\mpsdrv.sys - ok
12:03:27.0624 2004  [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D ] C:\Windows\System32\winbrand.dll
12:03:27.0624 2004  C:\Windows\System32\winbrand.dll - ok
12:03:27.0624 2004  [ A5D9106A73DC88564C825D317CAC68AC ] C:\Windows\System32\drivers\mrxsmb.sys
12:03:27.0624 2004  C:\Windows\System32\drivers\mrxsmb.sys - ok
12:03:27.0624 2004  [ C67F8A962B2534224D5908D16D2AD3CE ] C:\Windows\System32\wfapigp.dll
12:03:27.0624 2004  C:\Windows\System32\wfapigp.dll - ok
12:03:27.0639 2004  [ CA2985996BB49924B677113DF95CFEA7 ] C:\Windows\System32\SmartcardCredentialProvider.dll
12:03:27.0639 2004  C:\Windows\System32\SmartcardCredentialProvider.dll - ok
12:03:27.0670 2004  [ D711B3C1D5F42C0C2415687BE09FC163 ] C:\Windows\System32\drivers\mrxsmb10.sys
12:03:27.0670 2004  C:\Windows\System32\drivers\mrxsmb10.sys - ok
12:03:27.0670 2004  [ C2762A57DF0EE85E63CE4893C5215313 ] C:\Windows\System32\VaultCredProvider.dll
12:03:27.0670 2004  C:\Windows\System32\VaultCredProvider.dll - ok
12:03:27.0686 2004  [ 1834B31C749B86DAC233BBBA1C03BC48 ] C:\Windows\System32\mscms.dll
12:03:27.0686 2004  C:\Windows\System32\mscms.dll - ok
12:03:27.0686 2004  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] C:\Windows\System32\drivers\mrxsmb20.sys
12:03:27.0686 2004  C:\Windows\System32\drivers\mrxsmb20.sys - ok
12:03:27.0686 2004  [ 851A1382EED3E3A7476DB004F4EE3E1A ] C:\Windows\System32\wkssvc.dll
12:03:27.0686 2004  C:\Windows\System32\wkssvc.dll - ok
12:03:27.0686 2004  [ 3AEAA8B561E63452C655DC0584922257 ] C:\Windows\System32\pcasvc.dll
12:03:27.0686 2004  C:\Windows\System32\pcasvc.dll - ok
12:03:27.0686 2004  [ 6CECA4C6A489C9B2E6073AFDAAE3F607 ] C:\Windows\System32\netutils.dll
12:03:27.0686 2004  C:\Windows\System32\netutils.dll - ok
12:03:27.0702 2004  [ FCD84C381E0140AF901E58D48882D26B ] C:\Windows\System32\IKEEXT.DLL
12:03:27.0702 2004  C:\Windows\System32\IKEEXT.DLL - ok
12:03:27.0717 2004  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] C:\Windows\System32\cryptsvc.dll
12:03:27.0717 2004  C:\Windows\System32\cryptsvc.dll - ok
12:03:27.0717 2004  [ 9BC8610C32C96A2983A65DC21CAFA921 ] C:\Windows\System32\UXInit.dll
12:03:27.0717 2004  C:\Windows\System32\UXInit.dll - ok
12:03:27.0717 2004  [ 6313F223E817CC09AA41811DAA7F541D ] C:\Windows\System32\snmptrap.exe
12:03:27.0717 2004  C:\Windows\System32\snmptrap.exe - ok
12:03:27.0717 2004  [ 8792BAB371B4B1589E015B6FD1ED3B15 ] C:\Windows\System32\cryptnet.dll
12:03:27.0717 2004  C:\Windows\System32\cryptnet.dll - ok
12:03:27.0717 2004  [ 8AD77806D336673F270DB31645267293 ] C:\Windows\System32\nlasvc.dll
12:03:27.0717 2004  C:\Windows\System32\nlasvc.dll - ok
12:03:27.0733 2004  [ 1F4492FE41767CDB8B89D17655847CDD ] C:\Windows\System32\ntmarta.dll
12:03:27.0733 2004  C:\Windows\System32\ntmarta.dll - ok
12:03:27.0733 2004  [ D4FAC263861BAE06971C7F7D0A8EBF15 ] C:\Windows\System32\ncsi.dll
12:03:27.0733 2004  C:\Windows\System32\ncsi.dll - ok
12:03:27.0733 2004  [ 519CB7D7F697F4BA47DE05845C20F158 ] C:\Windows\System32\tlntsvr.exe
12:03:27.0733 2004  C:\Windows\System32\tlntsvr.exe - ok
12:03:27.0733 2004  [ 19B07E7E8915D701225DA41CB3877306 ] C:\Windows\System32\wbem\WMIsvc.dll
12:03:27.0733 2004  C:\Windows\System32\wbem\WMIsvc.dll - ok
12:03:27.0733 2004  [ 5DCD36FC4A6ECBF6E7F9B3BF7E0D0F55 ] C:\Windows\System32\lpdsvc.dll
12:03:27.0733 2004  C:\Windows\System32\lpdsvc.dll - ok
12:03:27.0748 2004  [ 7DB5AA22A8A8E5C2D335F44853C1F6DE ] C:\Windows\System32\wbemcomn.dll
12:03:27.0748 2004  C:\Windows\System32\wbemcomn.dll - ok
12:03:27.0748 2004  [ 58F4493BF748A3A89689997B7BD00E95 ] C:\Windows\System32\winhttp.dll
12:03:27.0748 2004  C:\Windows\System32\winhttp.dll - ok
12:03:27.0748 2004  [ 908ACB1F594274965A53926B10C81E89 ] C:\Windows\System32\provsvc.dll
12:03:27.0748 2004  C:\Windows\System32\provsvc.dll - ok
12:03:27.0748 2004  [ 3C91392D448F6E5D525A85B7550D8BA9 ] C:\Windows\System32\wkscli.dll
12:03:27.0748 2004  C:\Windows\System32\wkscli.dll - ok
12:03:27.0748 2004  [ 603EBD34E216C5654A2D774EAC98D278 ] C:\Windows\System32\webio.dll
12:03:27.0748 2004  C:\Windows\System32\webio.dll - ok
12:03:27.0764 2004  [ 0C52762C606BCF6A377D5E4688191A6B ] C:\Windows\System32\wbem\WmiDcPrv.dll
12:03:27.0764 2004  C:\Windows\System32\wbem\WmiDcPrv.dll - ok
12:03:27.0780 2004  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] C:\Windows\System32\sstpsvc.dll
12:03:27.0780 2004  C:\Windows\System32\sstpsvc.dll - ok
12:03:27.0780 2004  [ A3F5E8EC1316C3E2562B82694A251C9E ] C:\Windows\System32\wbem\fastprox.dll
12:03:27.0780 2004  C:\Windows\System32\wbem\fastprox.dll - ok
12:03:27.0780 2004  [ 2BBF3FDB70B8965DFA0258CBAB41ECCE ] C:\Windows\System32\ssdpapi.dll
12:03:27.0780 2004  C:\Windows\System32\ssdpapi.dll - ok
12:03:27.0780 2004  [ FC51229C7D4AFA0D6F186133728B95AB ] C:\Windows\System32\samcli.dll
12:03:27.0780 2004  C:\Windows\System32\samcli.dll - ok
12:03:27.0795 2004  [ 77B5035BC6EDF4D1B6265391AECEE4C0 ] C:\Windows\System32\vpnikeapi.dll
12:03:27.0795 2004  C:\Windows\System32\vpnikeapi.dll - ok
12:03:27.0811 2004  [ 5AA945234E9D4CCE4F715276B9AA712C ] C:\Windows\System32\imageres.dll
12:03:27.0811 2004  C:\Windows\System32\imageres.dll - ok
12:03:27.0811 2004  [ EE26D130808D16C0E417BBBED0451B34 ] C:\Windows\System32\ntdsapi.dll
12:03:27.0811 2004  C:\Windows\System32\ntdsapi.dll - ok
12:03:27.0826 2004  [ 0255C22D99602534F15CBB8D9B6F152F ] C:\Windows\System32\wbem\WinMgmtR.dll
12:03:27.0826 2004  C:\Windows\System32\wbem\WinMgmtR.dll - ok
12:03:27.0842 2004  [ 666A60F6F5E719856FF6254E0966EFF7 ] C:\Windows\System32\wbem\wbemprox.dll
12:03:27.0842 2004  C:\Windows\System32\wbem\wbemprox.dll - ok
12:03:27.0842 2004  [ 0E2F58F6E698EDCB9E58FAD0CBCD0567 ] C:\Windows\System32\vssapi.dll
12:03:27.0842 2004  C:\Windows\System32\vssapi.dll - ok
12:03:27.0842 2004  [ 287923557447D7E4BDD7E65B1F0F5428 ] C:\Windows\System32\vsstrace.dll
12:03:27.0842 2004  C:\Windows\System32\vsstrace.dll - ok
12:03:27.0842 2004  [ 5EB55F661DEBF156E126160BCD4D89F8 ] C:\Windows\System32\wbem\wbemcore.dll
12:03:27.0842 2004  C:\Windows\System32\wbem\wbemcore.dll - ok
12:03:27.0858 2004  [ 087D8668C71634A3A3761135ABF16EEE ] C:\Windows\System32\wbem\esscli.dll
12:03:27.0858 2004  C:\Windows\System32\wbem\esscli.dll - ok
12:03:27.0858 2004  [ 718B6F51AB7F6FE2988A36868F9AD3AB ] C:\Windows\System32\wbem\wbemsvc.dll
12:03:27.0858 2004  C:\Windows\System32\wbem\wbemsvc.dll - ok
12:03:27.0858 2004  [ 0143DB80DACFB7C2B5B7009ED9063353 ] C:\Windows\System32\wbem\wmiutils.dll
12:03:27.0858 2004  C:\Windows\System32\wbem\wmiutils.dll - ok
12:03:27.0858 2004  [ 0AB34456654C283DAA13B8D2BA21439B ] C:\Windows\System32\wbem\repdrvfs.dll
12:03:27.0858 2004  C:\Windows\System32\wbem\repdrvfs.dll - ok
12:03:27.0858 2004  [ DDD0357A92FA843EFF8915ED17253D6C ] C:\Windows\System32\wbem\WmiPrvSD.dll
12:03:27.0858 2004  C:\Windows\System32\wbem\WmiPrvSD.dll - ok
12:03:27.0873 2004  [ D41FEBD098234F02485A4EA98D4730A4 ] C:\Windows\System32\ncobjapi.dll
12:03:27.0873 2004  C:\Windows\System32\ncobjapi.dll - ok
12:03:27.0873 2004  [ 6F40D6FB05E0C1E5402812B426971AF0 ] C:\Windows\System32\wbem\wbemess.dll
12:03:27.0873 2004  C:\Windows\System32\wbem\wbemess.dll - ok
12:03:27.0873 2004  [ 893C44082C97F7AED3E7C180FA1F93D8 ] C:\Windows\System32\mpnotify.exe
12:03:27.0873 2004  C:\Windows\System32\mpnotify.exe - ok
12:03:27.0873 2004  [ 6CEF7856A3EFAC59470F6208F0F585CE ] C:\Windows\System32\mpr.dll
12:03:27.0873 2004  C:\Windows\System32\mpr.dll - ok
12:03:27.0873 2004  [ 4E30A12A6C4B9886208F0A994D91786B ] C:\Windows\System32\BCMLogon.dll
12:03:27.0873 2004  C:\Windows\System32\BCMLogon.dll - ok
12:03:27.0889 2004  [ A08C010D859F8EB42BDD7E1D55B8CA27 ] C:\Windows\System32\mscoree.dll
12:03:27.0889 2004  C:\Windows\System32\mscoree.dll - ok
12:03:27.0904 2004  [ 4BD79D03984226DB22D19BBE79369E0E ] C:\Windows\winsxs\amd64_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_044aad0bab1eb146\mfc90u.dll
12:03:27.0904 2004  C:\Windows\winsxs\amd64_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_044aad0bab1eb146\mfc90u.dll - ok
12:03:27.0904 2004  [ D233C7FEAE3FAA25F93A9E6B46815ADC ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll
12:03:27.0904 2004  C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll - ok
12:03:27.0904 2004  [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll
12:03:27.0904 2004  C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll - ok
12:03:27.0904 2004  [ E424B3EF666B184CEE0B6871AAA8C9F6 ] C:\Windows\System32\msimg32.dll
12:03:27.0904 2004  C:\Windows\System32\msimg32.dll - ok
12:03:27.0920 2004  [ DB4BC74DC444CC7A5F8F6DF2D38FBD96 ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcm90.dll
12:03:27.0920 2004  C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcm90.dll - ok
12:03:27.0920 2004  [ D918AF3EA07D248F911F7C6B801AA1E3 ] C:\Windows\winsxs\amd64_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_01c9581e60cbee58\MFC90ENU.DLL
12:03:27.0920 2004  C:\Windows\winsxs\amd64_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_01c9581e60cbee58\MFC90ENU.DLL - ok
12:03:27.0920 2004  [ AA794B099F776B37ACCDEAD00E0FBFC9 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
12:03:27.0920 2004  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok
12:03:27.0920 2004  [ 02CD5B2C3B017122CAC00BDB520CD7AC ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll
12:03:27.0920 2004  C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll - ok
12:03:27.0920 2004  [ EC6BA7C92FA5B2AA4AFDF4DF22AEDAB7 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcr80.dll
12:03:27.0920 2004  C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcr80.dll - ok
12:03:27.0936 2004  [ 01AEA2F16FE0C522DDFD7FAFFC959C6A ] C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\74a5f0c2bc0d0e6e3c4ec4886b9be891\mscorlib.ni.dll
12:03:27.0936 2004  C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\74a5f0c2bc0d0e6e3c4ec4886b9be891\mscorlib.ni.dll - ok
12:03:27.0936 2004  [ 3ABB7ADB9CCBCD24D6C55201A3842A94 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll
12:03:27.0936 2004  C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll - ok
12:03:27.0936 2004  [ A8EDB86FC2A4D6D1285E4C70384AC35A ] C:\Windows\System32\dllhost.exe
12:03:27.0936 2004  C:\Windows\System32\dllhost.exe - ok
12:03:27.0936 2004  [ A0A2C1D812C231C9BFE119FDC68E341B ] C:\Windows\System32\IDStore.dll
12:03:27.0936 2004  C:\Windows\System32\IDStore.dll - ok
12:03:27.0936 2004  [ 23566F9723771108D2E6CD768AC27407 ] C:\Windows\System32\AtBroker.exe
12:03:27.0936 2004  C:\Windows\System32\AtBroker.exe - ok
12:03:27.0982 2004  [ 5F639198C4137075DA50E61C23963C11 ] C:\Windows\System32\drprov.dll
12:03:27.0982 2004  C:\Windows\System32\drprov.dll - ok
12:03:27.0982 2004  [ BC566D17914B07ABAAB3A5A385CC3300 ] C:\Windows\System32\ntlanman.dll
12:03:27.0982 2004  C:\Windows\System32\ntlanman.dll - ok
12:03:27.0982 2004  [ B3A33600DCDFB84D7FBE09ADEB1C9B8A ] C:\Windows\System32\davclnt.dll
12:03:27.0982 2004  C:\Windows\System32\davclnt.dll - ok
12:03:27.0998 2004  [ 1BF0CB861A48FEB1638228760750F3CB ] C:\Windows\System32\cscapi.dll
12:03:27.0998 2004  C:\Windows\System32\cscapi.dll - ok
12:03:27.0998 2004  [ 45B24A357C801CE62052FE0CDC8BD4D2 ] C:\Windows\System32\davhlpr.dll
12:03:27.0998 2004  C:\Windows\System32\davhlpr.dll - ok
12:03:27.0998 2004  [ 58A0CDABEA255616827B1C22C9994466 ] C:\Windows\System32\NapiNSP.dll
12:03:27.0998 2004  C:\Windows\System32\NapiNSP.dll - ok
12:03:27.0998 2004  [ 613C8CE10A5FDE582BA5FA64C4D56AAA ] C:\Windows\System32\pnrpnsp.dll
12:03:27.0998 2004  C:\Windows\System32\pnrpnsp.dll - ok
12:03:28.0014 2004  [ 46BB91A169B9B31FF44EB04C48EC1D41 ] C:\Windows\System32\nlaapi.dll
12:03:28.0014 2004  C:\Windows\System32\nlaapi.dll - ok
12:03:28.0029 2004  [ 748849C42DEA24C723048E24BCA1BD55 ] C:\Windows\System32\wshbth.dll
12:03:28.0029 2004  C:\Windows\System32\wshbth.dll - ok
12:03:28.0029 2004  [ 28AD5E311996A34025CFB07E131058DD ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
12:03:28.0029 2004  C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL - ok
12:03:28.0029 2004  [ 88351B29B622B30962D2FEB6CA8D860B ] C:\Windows\System32\rasadhlp.dll
12:03:28.0029 2004  C:\Windows\System32\rasadhlp.dll - ok
12:03:28.0029 2004  [ 2E2072EB48238FCA8FBB7A9F5FABAC45 ] C:\Windows\System32\winrnr.dll
12:03:28.0029 2004  C:\Windows\System32\winrnr.dll - ok
12:03:28.0029 2004  [ BAFE84E637BF7388C96EF48D4D3FDD53 ] C:\Windows\System32\userinit.exe
12:03:28.0029 2004  C:\Windows\System32\userinit.exe - ok
12:03:28.0045 2004  [ 332FEAB1435662FC6C672E25BEB37BE3 ] C:\Windows\explorer.exe
12:03:28.0045 2004  C:\Windows\explorer.exe - ok
12:03:28.0045 2004  [ EED05D42D91835064703E2318552ED25 ] C:\Windows\System32\ExplorerFrame.dll
12:03:28.0045 2004  C:\Windows\System32\ExplorerFrame.dll - ok
12:03:28.0045 2004  [ 90499F3163A9F815CF196A205EA3CD5D ] C:\Windows\System32\apphelp.dll
12:03:28.0045 2004  C:\Windows\System32\apphelp.dll - ok
12:03:28.0045 2004  [ 024352FEEC9042260BB4CFB4D79A206B ] C:\Windows\System32\EhStorShell.dll
12:03:28.0045 2004  C:\Windows\System32\EhStorShell.dll - ok
12:03:28.0045 2004  [ 037A719DAD50603202C978CD802623E4 ] C:\Windows\System32\ntshrui.dll
12:03:28.0045 2004  C:\Windows\System32\ntshrui.dll - ok
12:03:28.0060 2004  [ 1D63F4366288B8A7595397E27010FD44 ] C:\Windows\System32\IconCodecService.dll
12:03:28.0060 2004  C:\Windows\System32\IconCodecService.dll - ok
12:03:28.0060 2004  [ 025E7DBDB98866ED3CB2D4DDA70B364D ] C:\Windows\System32\runonce.exe
12:03:28.0060 2004  C:\Windows\System32\runonce.exe - ok
12:03:28.0060 2004  [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\SysWOW64\runonce.exe
12:03:28.0060 2004  C:\Windows\SysWOW64\runonce.exe - ok
12:03:28.0060 2004  [ E73B0F1819602CB6EF176FB78D76A47B ] C:\Windows\SysWOW64\ntdll.dll
12:03:28.0060 2004  C:\Windows\SysWOW64\ntdll.dll - ok
12:03:28.0060 2004  [ 15B30F15BD13640B337A0FC37BD48CDE ] C:\Windows\System32\wow64.dll
12:03:28.0060 2004  C:\Windows\System32\wow64.dll - ok
12:03:28.0076 2004  [ 98168B9B0656A01A321FF1BECB2C03E1 ] C:\Windows\System32\wow64cpu.dll
12:03:28.0076 2004  C:\Windows\System32\wow64cpu.dll - ok
12:03:28.0092 2004  [ 2970785A72054740E1A5DCEB32485486 ] C:\Windows\System32\wow64win.dll
12:03:28.0092 2004  C:\Windows\System32\wow64win.dll - ok
12:03:28.0092 2004  [ D4F3176082566CEFA633B4945802D4C4 ] C:\Windows\SysWOW64\kernel32.dll
12:03:28.0092 2004  C:\Windows\SysWOW64\kernel32.dll - ok
12:03:28.0092 2004  [ 0978C2B33BDD0A7E6C563AA337DC8BA0 ] C:\Windows\SysWOW64\KernelBase.dll
12:03:28.0092 2004  C:\Windows\SysWOW64\KernelBase.dll - ok
12:03:28.0092 2004  [ 03706015DB44368375AEBE6339490E66 ] C:\Windows\System32\netcfgx.dll
12:03:28.0092 2004  C:\Windows\System32\netcfgx.dll - ok
12:03:28.0107 2004  [ 95E2376B3323F062EB562B8586D0F14A ] C:\Windows\SysWOW64\advapi32.dll
12:03:28.0107 2004  C:\Windows\SysWOW64\advapi32.dll - ok
12:03:28.0123 2004  [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] C:\Windows\System32\drivers\vwifimp.sys
12:03:28.0123 2004  C:\Windows\System32\drivers\vwifimp.sys - ok
12:03:28.0123 2004  [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\SysWOW64\msvcrt.dll
12:03:28.0123 2004  C:\Windows\SysWOW64\msvcrt.dll - ok
12:03:28.0138 2004  [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\SysWOW64\sechost.dll
12:03:28.0138 2004  C:\Windows\SysWOW64\sechost.dll - ok
12:03:28.0154 2004  [ C5AD8083CF94201F1F8084ECC696A8B7 ] C:\Windows\SysWOW64\rpcrt4.dll
12:03:28.0154 2004  C:\Windows\SysWOW64\rpcrt4.dll - ok
12:03:28.0154 2004  [ EDA7AD21DF8945528F01F0A86D69E524 ] C:\Windows\SysWOW64\sspicli.dll
12:03:28.0154 2004  C:\Windows\SysWOW64\sspicli.dll - ok
12:03:28.0154 2004  [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\SysWOW64\cryptbase.dll
12:03:28.0154 2004  C:\Windows\SysWOW64\cryptbase.dll - ok
12:03:28.0154 2004  [ D6D3AD7BF1D6F6CE9547613ED5E170A2 ] C:\Windows\SysWOW64\gdi32.dll
12:03:28.0154 2004  C:\Windows\SysWOW64\gdi32.dll - ok
12:03:28.0170 2004  [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 ] C:\Windows\SysWOW64\user32.dll
12:03:28.0170 2004  C:\Windows\SysWOW64\user32.dll - ok
12:03:28.0170 2004  [ 384721EF4024890092625E20CADFAF85 ] C:\Windows\SysWOW64\lpk.dll
12:03:28.0170 2004  C:\Windows\SysWOW64\lpk.dll - ok
12:03:28.0170 2004  [ 804AAAFEBB3AD5F49334DD906BCB1DE5 ] C:\Windows\SysWOW64\usp10.dll
12:03:28.0170 2004  C:\Windows\SysWOW64\usp10.dll - ok
12:03:28.0170 2004  [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\SysWOW64\shlwapi.dll
12:03:28.0170 2004  C:\Windows\SysWOW64\shlwapi.dll - ok
12:03:28.0170 2004  [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\SysWOW64\ole32.dll
12:03:28.0170 2004  C:\Windows\SysWOW64\ole32.dll - ok
12:03:28.0185 2004  [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
12:03:28.0185 2004  C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
12:03:28.0185 2004  [ 29E9794708DF51DB5DC89FB2E903A0F6 ] C:\Windows\SysWOW64\shell32.dll
12:03:28.0185 2004  C:\Windows\SysWOW64\shell32.dll - ok
12:03:28.0185 2004  [ A6F09E5669D9A19035F6D942CAA15882 ] C:\Windows\SysWOW64\imm32.dll
12:03:28.0185 2004  C:\Windows\SysWOW64\imm32.dll - ok
12:03:28.0185 2004  [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\SysWOW64\msctf.dll
12:03:28.0185 2004  C:\Windows\SysWOW64\msctf.dll - ok
12:03:28.0185 2004  [ 42B6A94DD747DF2B5F628A2752E62A98 ] C:\Windows\System32\ctfmon.exe
12:03:28.0185 2004  C:\Windows\System32\ctfmon.exe - ok
12:03:28.0201 2004  [ FB10715E4099AF9FA389C71873245226 ] C:\Windows\System32\timedate.cpl
12:03:28.0201 2004  C:\Windows\System32\timedate.cpl - ok
12:03:28.0216 2004  [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA ] C:\Windows\System32\MsCtfMonitor.dll
12:03:28.0216 2004  C:\Windows\System32\MsCtfMonitor.dll - ok
12:03:28.0216 2004  [ F09A9A1AD21FE618C4C8B0A0D830C886 ] C:\Windows\System32\msutb.dll
12:03:28.0216 2004  C:\Windows\System32\msutb.dll - ok
12:03:28.0216 2004  [ 732E668096B1A37B7BFD4B9021E69A8E ] C:\Windows\System32\oleres.dll
12:03:28.0216 2004  C:\Windows\System32\oleres.dll - ok
12:03:28.0216 2004  [ C4F40F6CACD796A8E16671D0E9A2F319 ] C:\Windows\System32\shdocvw.dll
12:03:28.0216 2004  C:\Windows\System32\shdocvw.dll - ok
12:03:28.0216 2004  [ A0A65D306A5490D2EB8E7DE66898ECFD ] C:\Windows\System32\linkinfo.dll
12:03:28.0216 2004  C:\Windows\System32\linkinfo.dll - ok
12:03:28.0232 2004  [ FA752544EE1EE59E8AD938CBB43CAC93 ] C:\PROGRA~2\WIC4A1~1\MESSEN~1\msgslang.dll
12:03:28.0232 2004  C:\PROGRA~2\WIC4A1~1\MESSEN~1\msgslang.dll - ok
12:03:28.0232 2004  [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86 ] C:\Windows\System32\msftedit.dll
12:03:28.0232 2004  C:\Windows\System32\msftedit.dll - ok
12:03:28.0232 2004  [ 7FCAB194F01E3403C300EB034E480B36 ] C:\Windows\System32\msls31.dll
12:03:28.0232 2004  C:\Windows\System32\msls31.dll - ok
12:03:28.0232 2004  [ 7DBA84667DC18877AEF693E3543DFAD7 ] C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll
12:03:28.0232 2004  C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll - ok
12:03:28.0232 2004  [ 3504B34CD2DE00BA3CC1A195F1B739BD ] C:\Windows\System32\gameux.dll
12:03:28.0232 2004  C:\Windows\System32\gameux.dll - ok
12:03:28.0248 2004  [ 9689A9C7F7C2A1A423CDA2C3B43FFF65 ] C:\Windows\System32\wer.dll
12:03:28.0248 2004  C:\Windows\System32\wer.dll - ok
12:03:28.0248 2004  [ 4C2C4640BF23AAFCF90519E0F34436CE ] C:\Windows\System32\DeviceCenter.dll
12:03:28.0248 2004  C:\Windows\System32\DeviceCenter.dll - ok
12:03:28.0248 2004  [ 405F4D32D2185F1F1BD753D8EEAFFB3A ] C:\Windows\System32\networkexplorer.dll
12:03:28.0248 2004  C:\Windows\System32\networkexplorer.dll - ok
12:03:28.0248 2004  [ EF2AE43BCD46ABB13FC3E5B2B1935C73 ] C:\Windows\System32\winmm.dll
12:03:28.0248 2004  C:\Windows\System32\winmm.dll - ok
12:03:28.0248 2004  [ 1473768973453DE50DC738C2955FC4DD ] C:\Windows\System32\wdmaud.drv
12:03:28.0248 2004  C:\Windows\System32\wdmaud.drv - ok
12:03:28.0294 2004  [ 8560FFFC8EB3A806DCD4F82252CFC8C6 ] C:\Windows\System32\ksuser.dll
12:03:28.0294 2004  C:\Windows\System32\ksuser.dll - ok
12:03:28.0294 2004  [ 78A1E65207484B7F8D3217507745F47C ] C:\Windows\System32\avrt.dll
12:03:28.0294 2004  C:\Windows\System32\avrt.dll - ok
12:03:28.0294 2004  [ 69754747274B76E7FAF287239333D7E6 ] C:\Windows\System32\msiltcfg.dll
12:03:28.0294 2004  C:\Windows\System32\msiltcfg.dll - ok
12:03:28.0310 2004  [ 5EB6E9C8BE1ACC5830780E0F9A846255 ] C:\Windows\System32\msi.dll
12:03:28.0310 2004  C:\Windows\System32\msi.dll - ok
12:03:28.0310 2004  [ 9FF83A273E863936E823A71DBAB68162 ] C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe
12:03:28.0310 2004  C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe - ok
12:03:28.0310 2004  [ 458F4590F80563EB2A0A72709BFC2BD9 ] C:\Windows\System32\mspaint.exe
12:03:28.0310 2004  C:\Windows\System32\mspaint.exe - ok
12:03:28.0310 2004  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] C:\Windows\System32\IPSECSVC.DLL
12:03:28.0310 2004  C:\Windows\System32\IPSECSVC.DLL - ok
12:03:28.0326 2004  [ 9BC93C9ACFA34DB5A41B89357B31E4ED ] C:\Windows\System32\FwRemoteSvr.dll
12:03:28.0326 2004  C:\Windows\System32\FwRemoteSvr.dll - ok
12:03:28.0341 2004  [ C3761661C17C2248A9379A8FB89E3DE1 ] C:\Windows\System32\stobject.dll
12:03:28.0341 2004  C:\Windows\System32\stobject.dll - ok
12:03:28.0341 2004  [ F832EEEA97CDDA1AF577E721F652A0D1 ] C:\Windows\System32\batmeter.dll
12:03:28.0341 2004  C:\Windows\System32\batmeter.dll - ok
12:03:28.0341 2004  [ 4166F82BE4D24938977DD1746BE9B8A0 ] C:\Windows\System32\es.dll
12:03:28.0341 2004  C:\Windows\System32\es.dll - ok
12:03:28.0341 2004  [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122 ] C:\Windows\System32\prnfldr.dll
12:03:28.0341 2004  C:\Windows\System32\prnfldr.dll - ok
12:03:28.0341 2004  [ 0015ACFBBDD164A8A730009908868CA7 ] C:\Windows\System32\winspool.drv
12:03:28.0341 2004  C:\Windows\System32\winspool.drv - ok
12:03:28.0357 2004  [ B5055B51BAA0FD0A736A88653DA3C1C0 ] C:\Windows\System32\fundisc.dll
12:03:28.0357 2004  C:\Windows\System32\fundisc.dll - ok
12:03:28.0357 2004  [ 2A436796758BF2555A26C770FE8A6FEE ] C:\Windows\System32\fdProxy.dll
12:03:28.0357 2004  C:\Windows\System32\fdProxy.dll - ok
12:03:28.0357 2004  [ 42A9CB6906D9A8BEDC83B57163E62924 ] C:\Windows\System32\DXP.dll
12:03:28.0357 2004  C:\Windows\System32\DXP.dll - ok
12:03:28.0357 2004  [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891 ] C:\Windows\System32\Syncreg.dll
12:03:28.0357 2004  C:\Windows\System32\Syncreg.dll - ok
12:03:28.0357 2004  [ DB70FE36AC8F594E9E69479C076BADB8 ] C:\Windows\System32\HelpPaneProxy.dll
12:03:28.0357 2004  C:\Windows\System32\HelpPaneProxy.dll - ok
12:03:28.0372 2004  [ CD47548A52B02D254BF6D7F7A5F2BFD3 ] C:\Windows\HelpPane.exe
12:03:28.0372 2004  C:\Windows\HelpPane.exe - ok
12:03:28.0372 2004  [ 86F1F949DD51FB5A044F1BD34CBE4AA8 ] C:\Windows\System32\apds.dll
12:03:28.0372 2004  C:\Windows\System32\apds.dll - ok
12:03:28.0372 2004  [ C71E7ABB1A34E56CE73AE117C8DD566F ] C:\Windows\System32\ieframe.dll
12:03:28.0372 2004  C:\Windows\System32\ieframe.dll - ok
12:03:28.0372 2004  [ CF636C92B762B26F0B39B38E92380A09 ] C:\Windows\System32\oleacc.dll
12:03:28.0372 2004  C:\Windows\System32\oleacc.dll - ok
12:03:28.0372 2004  [ E7368F0A8D19445EAF5C5D0DBB8B8DAB ] C:\Windows\System32\AltTab.dll
12:03:28.0372 2004  C:\Windows\System32\AltTab.dll - ok
12:03:28.0388 2004  [ 0B2D65FDDE31069299AA6330F359FF9C ] C:\Windows\System32\msxml3.dll
12:03:28.0388 2004  C:\Windows\System32\msxml3.dll - ok
12:03:28.0404 2004  [ 10F815BE90A66AAFC6C713D1BD626064 ] C:\Windows\System32\pnidui.dll
12:03:28.0404 2004  C:\Windows\System32\pnidui.dll - ok
12:03:28.0404 2004  [ 019CD868461B646E09BDF04474C19341 ] C:\Windows\System32\rasapi32.dll
12:03:28.0404 2004  C:\Windows\System32\rasapi32.dll - ok
12:03:28.0404 2004  [ B28DEEC597C8DEB70C744C7CF9210E3E ] C:\Windows\System32\rasman.dll
12:03:28.0404 2004  C:\Windows\System32\rasman.dll - ok
12:03:28.0404 2004  [ B53C4B69B695EDA1B7E41D35CA4244E2 ] C:\Windows\System32\rtutils.dll
12:03:28.0404 2004  C:\Windows\System32\rtutils.dll - ok
12:03:28.0404 2004  [ B9F0A4020AA98B7A20287BF7FE99A1FD ] C:\Windows\System32\QUTIL.DLL
12:03:28.0404 2004  C:\Windows\System32\QUTIL.DLL - ok
12:03:28.0419 2004  [ F7A256EC899C72B4ECDD2C02CB592EFD ] C:\Windows\System32\bthprops.cpl
12:03:28.0419 2004  C:\Windows\System32\bthprops.cpl - ok
12:03:28.0419 2004  [ 847D3AE376C0817161A14A82C8922A9E ] C:\Windows\System32\netman.dll
12:03:28.0419 2004  C:\Windows\System32\netman.dll - ok
12:03:28.0419 2004  [ 92DBF0A4C9239169010FC6E07859C82E ] C:\Windows\System32\ActionCenter.dll
12:03:28.0419 2004  C:\Windows\System32\ActionCenter.dll - ok
12:03:28.0419 2004  [ A42F2C1EB3B66C54FB3C7B79D30C1A6D ] C:\Windows\System32\netshell.dll
12:03:28.0419 2004  C:\Windows\System32\netshell.dll - ok
12:03:28.0435 2004  [ CFF3C4ABDCC5356B0674743BDF0FB674 ] C:\Windows\System32\mshtml.dll
12:03:28.0435 2004  C:\Windows\System32\mshtml.dll - ok
12:03:28.0450 2004  [ F7073C962C4FB7C415565DDE109DE49F ] C:\Windows\System32\npmproxy.dll
12:03:28.0450 2004  C:\Windows\System32\npmproxy.dll - ok
12:03:28.0450 2004  [ D2155709E336C3BC15729EB87FEC6064 ] C:\Windows\System32\rasdlg.dll
12:03:28.0450 2004  C:\Windows\System32\rasdlg.dll - ok
12:03:28.0466 2004  [ 2DF29664ED261F0FC448E58F338F0671 ] C:\Windows\System32\mprapi.dll
12:03:28.0466 2004  C:\Windows\System32\mprapi.dll - ok
12:03:28.0466 2004  [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2 ] C:\Windows\System32\dot3api.dll
12:03:28.0466 2004  C:\Windows\System32\dot3api.dll - ok
12:03:28.0466 2004  [ 357BE883C5236BFC7341CB9E82308908 ] C:\Windows\System32\wlanapi.dll
12:03:28.0466 2004  C:\Windows\System32\wlanapi.dll - ok
12:03:28.0466 2004  [ E4FCA0F99A41E460C84016DEFD31E6EF ] C:\Windows\System32\wlanhlp.dll
12:03:28.0466 2004  C:\Windows\System32\wlanhlp.dll - ok
12:03:28.0466 2004  [ 3B367397320C26DBA890B260F80D1B1B ] C:\Windows\System32\hnetcfg.dll
12:03:28.0466 2004  C:\Windows\System32\hnetcfg.dll - ok
12:03:28.0482 2004  [ 6699A112A3BDC9B52338512894EBA9D6 ] C:\Program Files\Windows Media Player\wmpnscfg.exe
12:03:28.0482 2004  C:\Program Files\Windows Media Player\wmpnscfg.exe - ok
12:03:28.0482 2004  [ 5DA219F57A9076FB6FBD3C9C3713A672 ] C:\Windows\System32\WWanAPI.dll
12:03:28.0482 2004  C:\Windows\System32\WWanAPI.dll - ok
12:03:28.0482 2004  [ C7494C67A6BF6FE914808E42F8265FEF ] C:\Program Files\Windows Media Player\wmpnssci.dll
12:03:28.0482 2004  C:\Program Files\Windows Media Player\wmpnssci.dll - ok
12:03:28.0482 2004  [ 62C7AACC746C9723468A8F2169ED3E85 ] C:\Windows\System32\wwapi.dll
12:03:28.0482 2004  C:\Windows\System32\wwapi.dll - ok
12:03:28.0497 2004  [ 6B851E682A36453E1B1EE297FFB6E2AB ] C:\Windows\System32\QAGENT.DLL
12:03:28.0497 2004  C:\Windows\System32\QAGENT.DLL - ok
12:03:28.0497 2004  [ C836175870E00ACC546066632E15BD10 ] C:\Windows\ehome\ehSSO.dll
12:03:28.0497 2004  C:\Windows\ehome\ehSSO.dll - ok
12:03:28.0497 2004  [ C8FDF0FA9E97E2FAAF3F814716AAA881 ] C:\Windows\System32\WPDShServiceObj.dll
12:03:28.0497 2004  C:\Windows\System32\WPDShServiceObj.dll - ok
12:03:28.0497 2004  [ 4F3CD1C59EA71401E155C432BCECE180 ] C:\Windows\System32\PortableDeviceTypes.dll
12:03:28.0497 2004  C:\Windows\System32\PortableDeviceTypes.dll - ok
12:03:28.0497 2004  [ E64D9EC8018C55873B40FDEE9DBEF5B3 ] C:\Windows\System32\PortableDeviceApi.dll
12:03:28.0497 2004  C:\Windows\System32\PortableDeviceApi.dll - ok
12:03:28.0513 2004  [ 8569E35D00F45972E506502EEE622BA4 ] C:\Windows\System32\srchadmin.dll
12:03:28.0513 2004  C:\Windows\System32\srchadmin.dll - ok
12:03:28.0528 2004  [ CAF01663BA1865FBBB1958D060B5D514 ] C:\Program Files\WIDCOMM\Bluetooth Software\BTNCopy.dll
12:03:28.0528 2004  C:\Program Files\WIDCOMM\Bluetooth Software\BTNCopy.dll - ok
12:03:28.0528 2004  [ BAAFAF9CEAEC0B73C2A3550A01F6CECB ] C:\Windows\System32\taskschd.dll
12:03:28.0528 2004  C:\Windows\System32\taskschd.dll - ok
12:03:28.0528 2004  [ D7CEAEDD5F75D2C8A2E80887D7C114CE ] C:\Windows\System32\webcheck.dll
12:03:28.0528 2004  C:\Windows\System32\webcheck.dll - ok
12:03:28.0528 2004  [ 8494E126F0B10180F3293AF861CE1F7A ] C:\Windows\System32\mlang.dll
12:03:28.0528 2004  C:\Windows\System32\mlang.dll - ok
12:03:28.0528 2004  [ 862596399AAFD2A21DB2AF9270CD4F70 ] C:\Windows\System32\mstask.dll
12:03:28.0528 2004  C:\Windows\System32\mstask.dll - ok
12:03:28.0544 2004  [ 101797BA603D227946B4B5109867EB19 ] C:\Windows\System32\SyncCenter.dll
12:03:28.0544 2004  C:\Windows\System32\SyncCenter.dll - ok
12:03:28.0544 2004  [ 8130391F82D52D36C0441F714136957F ] C:\Windows\System32\imapi2.dll
12:03:28.0544 2004  C:\Windows\System32\imapi2.dll - ok
12:03:28.0544 2004  [ 6A5C1A8AC0B572679361026D0E900420 ] C:\Windows\System32\hgcpl.dll
12:03:28.0544 2004  C:\Windows\System32\hgcpl.dll - ok
12:03:28.0544 2004  [ E6F0F82788E8BD0F7A616350EFA0761C ] C:\Windows\System32\actxprxy.dll
12:03:28.0544 2004  C:\Windows\System32\actxprxy.dll - ok
12:03:28.0544 2004  [ C1D0691BE5DDB0C230D8370BD96BBE8B ] C:\Program Files\Internet Explorer\ieproxy.dll
12:03:28.0544 2004  C:\Program Files\Internet Explorer\ieproxy.dll - ok
12:03:28.0560 2004  [ C746F3BF98E92FB137B5BD2B8B5925BD ] C:\Windows\System32\FXSST.dll
12:03:28.0560 2004  C:\Windows\System32\FXSST.dll - ok
12:03:28.0560 2004  [ 650CAEA856943E29F25A25D31E004B18 ] C:\Windows\System32\FXSAPI.dll
12:03:28.0560 2004  C:\Windows\System32\FXSAPI.dll - ok
12:03:28.0560 2004  [ C8E8B8239FCF17BEA10E751BE5854631 ] C:\Windows\System32\FXSRESM.dll
12:03:28.0560 2004  C:\Windows\System32\FXSRESM.dll - ok
12:03:28.0560 2004  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] C:\Windows\System32\FXSSVC.exe
12:03:28.0560 2004  C:\Windows\System32\FXSSVC.exe - ok
12:03:28.0575 2004  [ C6DCD1D11ED6827F05C00773C3E7053C ] C:\Windows\System32\sfc.dll
12:03:28.0575 2004  C:\Windows\System32\sfc.dll - ok
12:03:28.0606 2004  [ 895C9AB0A855547445C4181195230757 ] C:\Windows\System32\sfc_os.dll
12:03:28.0606 2004  C:\Windows\System32\sfc_os.dll - ok
12:03:28.0606 2004  [ 178A34E5554DCE485E1262DDF027960C ] C:\Users\DataDoctors\Desktop\tdsskiller.exe
12:03:28.0606 2004  C:\Users\DataDoctors\Desktop\tdsskiller.exe - ok
12:03:28.0606 2004  [ 60D21799A4AF4EDCE65FB98830E4B0C8 ] C:\Windows\SysWOW64\crypt32.dll
12:03:28.0606 2004  C:\Windows\SysWOW64\crypt32.dll - ok
12:03:28.0622 2004  [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\SysWOW64\msasn1.dll
12:03:28.0622 2004  C:\Windows\SysWOW64\msasn1.dll - ok
12:03:28.0622 2004  [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\SysWOW64\oleaut32.dll
12:03:28.0622 2004  C:\Windows\SysWOW64\oleaut32.dll - ok
12:03:28.0622 2004  [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\SysWOW64\setupapi.dll
12:03:28.0622 2004  C:\Windows\SysWOW64\setupapi.dll - ok
12:03:28.0622 2004  [ F436E847FA799ECD75AD8C313673F450 ] C:\Windows\SysWOW64\cfgmgr32.dll
12:03:28.0622 2004  C:\Windows\SysWOW64\cfgmgr32.dll - ok
12:03:28.0638 2004  [ 2EEFF4502F5E13B1BED4A04CCAD64C08 ] C:\Windows\SysWOW64\devobj.dll
12:03:28.0638 2004  C:\Windows\SysWOW64\devobj.dll - ok
12:03:28.0653 2004  [ 702254574E7E52052DE39408457B7149 ] C:\Windows\SysWOW64\version.dll
12:03:28.0653 2004  C:\Windows\SysWOW64\version.dll - ok
12:03:28.0653 2004  [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\SysWOW64\winhttp.dll
12:03:28.0653 2004  C:\Windows\SysWOW64\winhttp.dll - ok
12:03:28.0653 2004  [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\SysWOW64\webio.dll
12:03:28.0653 2004  C:\Windows\SysWOW64\webio.dll - ok
12:03:28.0653 2004  [ 17448AF0BBA9E7AB5EC955AF93F271BD ] C:\Windows\SysWOW64\wintrust.dll
12:03:28.0653 2004  C:\Windows\SysWOW64\wintrust.dll - ok
12:03:28.0653 2004  [ 43964FA89CCF97BA6BE34D69455AC65F ] C:\Windows\SysWOW64\uxtheme.dll
12:03:28.0653 2004  C:\Windows\SysWOW64\uxtheme.dll - ok
12:03:28.0669 2004  [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\SysWOW64\ws2_32.dll
12:03:28.0669 2004  C:\Windows\SysWOW64\ws2_32.dll - ok
12:03:28.0669 2004  [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\SysWOW64\nsi.dll
12:03:28.0669 2004  C:\Windows\SysWOW64\nsi.dll - ok
12:03:28.0669 2004  [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\SysWOW64\cryptsp.dll
12:03:28.0669 2004  C:\Windows\SysWOW64\cryptsp.dll - ok
12:03:28.0669 2004  [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\SysWOW64\credssp.dll
12:03:28.0669 2004  C:\Windows\SysWOW64\credssp.dll - ok
12:03:28.0669 2004  [ 8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\Windows\SysWOW64\mswsock.dll
12:03:28.0669 2004  C:\Windows\SysWOW64\mswsock.dll - ok
12:03:28.0684 2004  [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\SysWOW64\wship6.dll
12:03:28.0684 2004  C:\Windows\SysWOW64\wship6.dll - ok
12:03:28.0684 2004  [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
12:03:28.0684 2004  C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
12:03:28.0684 2004  [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\SysWOW64\dnsapi.dll
12:03:28.0684 2004  C:\Windows\SysWOW64\dnsapi.dll - ok
12:03:28.0684 2004  [ 9D4A1690AF93F233E15380398BEC7431 ] C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL
12:03:28.0684 2004  C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL - ok
12:03:28.0684 2004  [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\SysWOW64\psapi.dll
12:03:28.0684 2004  C:\Windows\SysWOW64\psapi.dll - ok
12:03:28.0700 2004  [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
12:03:28.0700 2004  C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
12:03:28.0716 2004  [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\SysWOW64\winnsi.dll
12:03:28.0716 2004  C:\Windows\SysWOW64\winnsi.dll - ok
12:03:28.0716 2004  [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\SysWOW64\rasadhlp.dll
12:03:28.0716 2004  C:\Windows\SysWOW64\rasadhlp.dll - ok
12:03:28.0716 2004  [ 03A03A453F1AAAE0C73AAAF895321C7A ] C:\Windows\SysWOW64\FWPUCLNT.DLL
12:03:28.0716 2004  C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
12:03:28.0716 2004  [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\14414627.sys
12:03:28.0716 2004  C:\Windows\System32\drivers\14414627.sys - ok
12:03:28.0731 2004  [ A6C29DB53ECA94FA8591C5388D604B82 ] C:\Windows\SysWOW64\msi.dll
12:03:28.0731 2004  C:\Windows\SysWOW64\msi.dll - ok
12:03:28.0731 2004  [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\SysWOW64\userenv.dll
12:03:28.0731 2004  C:\Windows\SysWOW64\userenv.dll - ok
12:03:28.0731 2004  [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\SysWOW64\profapi.dll
12:03:28.0731 2004  C:\Windows\SysWOW64\profapi.dll - ok
12:03:28.0731 2004  [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\SysWOW64\riched20.dll
12:03:28.0731 2004  C:\Windows\SysWOW64\riched20.dll - ok
12:03:28.0731 2004  [ FF5688D309347F2720911D8796912834 ] C:\Windows\SysWOW64\clbcatq.dll
12:03:28.0731 2004  C:\Windows\SysWOW64\clbcatq.dll - ok
12:03:28.0731 2004  [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\SysWOW64\ExplorerFrame.dll
12:03:28.0731 2004  C:\Windows\SysWOW64\ExplorerFrame.dll - ok
12:03:28.0762 2004  [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\SysWOW64\duser.dll
12:03:28.0762 2004  C:\Windows\SysWOW64\duser.dll - ok
12:03:28.0762 2004  [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\SysWOW64\dui70.dll
12:03:28.0762 2004  C:\Windows\SysWOW64\dui70.dll - ok
12:03:28.0778 2004  ============================================================
12:03:28.0778 2004  Scan finished
12:03:28.0778 2004  ============================================================
12:03:28.0778 1996  Detected object count: 0
12:03:28.0778 1996  Actual detected object count: 0
12:09:19.0467 1884  Deinitialize success

 

-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

 


aswMBR log:

 

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-02-24 12:14:03
-----------------------------
12:14:03.657    OS Version: Windows x64 6.1.7601 Service Pack 1
12:14:03.657    Number of processors: 4 586 0x2505
12:14:03.657    ComputerName: DATADOCTORS-PC  UserName: DataDoctors
12:14:04.577    Initialize success
12:15:57.194    AVAST engine defs: 13022400
12:16:27.895    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
12:16:27.910    Disk 0 Vendor: Hitachi_ PB4O Size: 476940MB BusType: 3
12:16:27.926    Disk 0 MBR read successfully
12:16:27.942    Disk 0 MBR scan
12:16:27.942    Disk 0 Windows 7 default MBR code
12:16:27.942    Disk 0 Partition 1 00     DE Dell Utility Dell 8.0       86 MB offset 63
12:16:27.957    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS         8818 MB offset 178176
12:16:27.973    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS       468034 MB offset 18237440
12:16:28.004    Disk 0 scanning C:\Windows\system32\drivers
12:16:37.817    Service scanning
12:17:04.695    Modules scanning
12:17:04.695    Disk 0 trace - called modules:
12:17:04.727    ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
12:17:04.727    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004b62060]
12:17:04.727    3 CLASSPNP.SYS[fffff88001b6343f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80048ed050]
12:17:05.647    AVAST engine scan C:\
12:33:30.601    File: C:\ProgramData\zljlvtoxhmvM.exe  **INFECTED** Win32:Reveton-LG [Trj]
12:41:25.030    File: C:\Users\DataDoctors\AppData\Local\Temp\7YLLZ7Z.exe  **INFECTED** Win32:Reveton-LG [Trj]
12:41:54.046    File: C:\Users\DataDoctors\AppData\Local\zljlvtoxhmvM.exe  **INFECTED** Win32:Reveton-LG [Trj]
12:44:26.130    File: C:\Users\DataDoctors\AppData\Roaming\zljlvtoxhmvM.exe  **INFECTED** Win32:Reveton-LG [Trj]
14:22:28.292    Scan finished successfully
14:27:17.766    Disk 0 MBR has been saved successfully to "C:\Users\DataDoctors\Desktop\MBR.dat"
14:27:17.782    The log file has been saved successfully to "C:\Users\DataDoctors\Desktop\aswMBR.txt"


------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

 

ESET results:

 

C:\Users\All Users\zljlvtoxhmvM.exe a variant of Win32/Injector.AAUU trojan 
C:\ProgramData\zljlvtoxhmvM.exe a variant of Win32/Injector.AAUU trojan cleaned by deleting - quarantined
C:\Users\DataDoctors\AppData\Local\zljlvtoxhmvM.exe a variant of Win32/Injector.AAUU trojan cleaned by deleting - quarantined
C:\Users\DataDoctors\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\QRHT83K2\askn[1].htm JS/Exploit.Agent.NEF trojan cleaned by deleting - quarantined
C:\Users\DataDoctors\AppData\Local\Temp\7YLLZ7Z.exe a variant of Win32/Injector.AAUU trojan cleaned by deleting - quarantined
C:\Users\DataDoctors\AppData\Roaming\zljlvtoxhmvM.exe a variant of Win32/Injector.AAUU trojan cleaned by deleting - quarantined
 

 

 

 

Thanks,



#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:34 PM

Posted 24 February 2013 - 05:19 PM

Reboot into normal mode and run these scans.

 


Malwarebytes

--------------------

Please download Malwarebytes Anti-Malware and save it to your desktop.  If you already have it installed launch the program and update the database.

  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.  You can also right click on the link and select Save Link As

Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • Make sure you are connected to the Internet and double-click on the renamed file to install the application.
    For instructions with screenshots, please refer to this Guide.
  • When the installation begins, follow the prompts and do not make any changes to default settings except to uncheck any offer for a free Pro trial version
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.

Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.


===================================================


Farbar's MiniToolBox

--------------------

  • Please download MiniToolBox, save it to your desktop
  • Please close any Firefox browsers you may have open
  • Double click the icon to launch the program
  • Make sure the following options are checked:

    • Flush DNS
    • Report IE Proxy Settings
    • Reset IE Proxy Settings
    • Report FF Proxy Settings
    • Reset FF Proxy Settings
    • List content of Hosts
    • List IP configuration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List Installed Programs
    • List Devices
    • List Users, Partitions and Memory size.
  • Click Go and once the scan is completed a Result.txt Notepad document will open on your desktop
  • Please copy and paste the contents in your reply


===================================================


Farbar's Service Scanner

--------------------

Please download Farbar Service Scanner, save it to your desktop, and run it.

  • Make sure the following options are checked:

    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


===================================================


AdwCleaner by Xplode - Search for Adware

-------------------

  • Please download AdwCleaner by Xplode onto your desktop.
  • Double click on AdwCleaner.exe, select OK, then Run
  • Click on Search
  • A logfile will automatically open after the scan has finished
  • Copy and paste the contents in your reply
  • You can find the logfile at C:\AdwCleaner[R1].txt as well


===================================================


Junkware Removal Tooll by thisisu

-------------------

  • Please download Junkware Removal Tool and save it to your desktop.
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Right-mouse click JRT.exe and select Run as administrator (Windows XP double click the icon)
  • Please allow the program time to run
  • Once completed a Notepad document will open on your desktop
  • Copy and paste the contents in your reply


===================================================


Rkill

-------------------

Please download Rkill by Grinler from one of the 4 links below (if one of them does not work try another...) and save it to your desktop:


  • In order for Rkill to run properly you must disable your anti-malware software.  Please refer to this page if you are not sure how.
  • Double-click on Rkill. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
    • Note:  You may have to run Rkill a few times before it is successful.  You may also have to download Rkill from a different link which will save it as a different file name.
  • A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
  • An Rkill.log will appear.  Please copy and paste the contents in your reply (file also located at c:\rkill.log)
  • Do not reboot your computer after running Rkill as the malware programs will start again.  If your computer reboots, run Rkill again before continuing on to the next step.
  • If nothing happens or if the tool does not run, please let me know in your next reply.


===================================================


Autoruns

--------------------

  • Please download AutoRuns and save it to your desktop
  • Double click the AutoRuns.zip folder
  • Double click autoruns.exe (not autorunsc.exe), select Run, then Run again and allow the information to populate
  • Select File, Save, Desktop (in the left hand pane), then Save filename as Autoruns.txt and change Save as type to  Text(*.txt).
  • Double click on the text file,copy and paste the contents in your reply


===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • Malwarebytes log
  • MiniToolBox log
  • Farbar's Service Scanner log
  • AdwCleaner log
  • Junkware Removal Tool log
  • Rkill log
  • Autoruns log

 



#5 19Kilo

19Kilo
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Way Far North
  • Local time:09:34 PM

Posted 24 February 2013 - 06:29 PM

Hallo narenxp,

 

Malwarebytes log:

 

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Database version: v2013.02.24.06

Windows 7 Service Pack 1 x64 NTFS (Safe Mode/Networking)
Internet Explorer 9.0.8112.16421
DataDoctors :: DATADOCTORS-PC [administrator]

2/24/2013 4:33:22 PM
mbam-log-2013-02-24 (16-33-22).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 233368
Time elapsed: 3 minute(s), 10 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

 

-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

 

 

 

 

MiniToolBox log:

 

MiniToolBox by Farbar  Version:10-01-2013
Ran by DataDoctors (administrator) on 24-02-2013 at 16:41:05
Running from "C:\Users\DataDoctors\Desktop"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Network
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================


127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com

There are 15265 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================

DW1501 Wireless-N WLAN Half-Mini Card = Wireless Network Connection (Connected)
Atheros AR8152 PCI-E Fast Ethernet Controller = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration

 

Windows IP Configuration

   Host Name . . . . . . . . . . . . : DataDoctors-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
   Physical Address. . . . . . . . . : 70-F1-A1-C3-51-30
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Atheros AR8152 PCI-E Fast Ethernet Controller
   Physical Address. . . . . . . . . : B8-AC-6F-6E-94-38
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : DW1501 Wireless-N WLAN Half-Mini Card
   Physical Address. . . . . . . . . : 70-F1-A1-C3-51-30
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::6520:fa81:858:894%10(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.15.104(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Sunday, February 24, 2013 4:27:39 PM
   Lease Expires . . . . . . . . . . : Monday, February 25, 2013 4:27:39 PM
   Default Gateway . . . . . . . . . : 192.168.15.1
   DHCP Server . . . . . . . . . . . : 192.168.15.1
   DHCPv6 IAID . . . . . . . . . . . : 191951265
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-FD-FA-00-B8-AC-6F-6E-94-38
   DNS Servers . . . . . . . . . . . : 8.8.8.8
                                       208.67.222.222
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  google-public-dns-a.google.com
Address:  8.8.8.8

Name:    google.com
Addresses:  2607:f8b0:4001:c02::64
   74.125.142.100
   74.125.142.138
   74.125.142.102
   74.125.142.113
   74.125.142.139
   74.125.142.101


Pinging google.com [74.125.142.100] with 32 bytes of data:
Reply from 74.125.142.100: bytes=32 time=33ms TTL=47
Reply from 74.125.142.100: bytes=32 time=34ms TTL=47

Ping statistics for 74.125.142.100:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 33ms, Maximum = 34ms, Average = 33ms
Server:  google-public-dns-a.google.com
Address:  8.8.8.8

Name:    yahoo.com
Addresses:  98.139.183.24
   98.138.253.109
   206.190.36.45


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=160ms TTL=48
Reply from 98.139.183.24: bytes=32 time=495ms TTL=50

Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 160ms, Maximum = 495ms, Average = 327ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 14...70 f1 a1 c3 51 30 ......Microsoft Virtual WiFi Miniport Adapter
 11...b8 ac 6f 6e 94 38 ......Atheros AR8152 PCI-E Fast Ethernet Controller
 10...70 f1 a1 c3 51 30 ......DW1501 Wireless-N WLAN Half-Mini Card
  1...........................Software Loopback Interface 1
 15...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0     192.168.15.1   192.168.15.104     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
     192.168.15.0    255.255.255.0         On-link    192.168.15.104    281
   192.168.15.104  255.255.255.255         On-link    192.168.15.104    281
   192.168.15.255  255.255.255.255         On-link    192.168.15.104    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link    192.168.15.104    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link    192.168.15.104    281
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 10    281 fe80::/64                On-link
 10    281 fe80::6520:fa81:858:894/128
                                    On-link
  1    306 ff00::/8                 On-link
 10    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 09 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 09 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (01/05/2013 10:58:47 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"1".
Dependent Assembly rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (01/05/2013 10:58:35 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

Error: (12/30/2012 05:00:20 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"1".
Dependent Assembly rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (12/30/2012 05:00:11 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

Error: (12/26/2012 01:45:40 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"1".
Dependent Assembly rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (12/26/2012 01:45:26 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

Error: (12/24/2012 11:48:38 PM) (Source: Application Error) (User: )
Description: Faulting application name: recordingmanager.exe, version: 1.3.0.208, time stamp: 0x50b836fe
Faulting module name: recordingmanager.exe, version: 1.3.0.208, time stamp: 0x50b836fe
Exception code: 0xc0000005
Fault offset: 0x0000ef47
Faulting process id: 0x908
Faulting application start time: 0xrecordingmanager.exe0
Faulting application path: recordingmanager.exe1
Faulting module path: recordingmanager.exe2
Report Id: recordingmanager.exe3

Error: (12/24/2012 10:59:34 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"1".
Dependent Assembly rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (12/24/2012 10:59:34 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"1".
Dependent Assembly rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (12/23/2012 03:07:29 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.


System errors:
=============
Error: (02/24/2013 04:42:07 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (02/24/2013 04:42:07 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (02/24/2013 04:42:07 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (02/24/2013 04:41:55 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (02/24/2013 04:41:55 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (02/24/2013 04:41:55 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (02/24/2013 04:37:07 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (02/24/2013 04:37:07 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (02/24/2013 04:37:07 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (02/24/2013 04:36:33 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068


Microsoft Office Sessions:
=========================
Error: (01/05/2013 10:58:47 AM) (Source: SideBySide)(User: )
Description: rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"C:\Windows\Installer\{AF7EBCA4-9FAF-4DC8-8D09-67854BB84D34}\recordingmanager.exe

Error: (01/05/2013 10:58:35 AM) (Source: SideBySide)(User: )
Description: assemblyIdentitylanguage*c:\program files (x86)\spybot - search & destroy\DelZip179.dllc:\program files (x86)\spybot - search & destroy\DelZip179.dll8

Error: (12/30/2012 05:00:20 PM) (Source: SideBySide)(User: )
Description: rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"C:\Windows\Installer\{AF7EBCA4-9FAF-4DC8-8D09-67854BB84D34}\recordingmanager.exe

Error: (12/30/2012 05:00:11 PM) (Source: SideBySide)(User: )
Description: assemblyIdentitylanguage*c:\program files (x86)\spybot - search & destroy\DelZip179.dllc:\program files (x86)\spybot - search & destroy\DelZip179.dll8

Error: (12/26/2012 01:45:40 PM) (Source: SideBySide)(User: )
Description: rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"C:\Windows\Installer\{AF7EBCA4-9FAF-4DC8-8D09-67854BB84D34}\recordingmanager.exe

Error: (12/26/2012 01:45:26 PM) (Source: SideBySide)(User: )
Description: assemblyIdentitylanguage*c:\program files (x86)\spybot - search & destroy\DelZip179.dllc:\program files (x86)\spybot - search & destroy\DelZip179.dll8

Error: (12/24/2012 11:48:38 PM) (Source: Application Error)(User: )
Description: recordingmanager.exe1.3.0.20850b836ferecordingmanager.exe1.3.0.20850b836fec00000050000ef4790801cde25c9b499aceC:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exeC:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exeba4ecc6c-4e56-11e2-af6f-b8ac6f6e9438

Error: (12/24/2012 10:59:34 PM) (Source: SideBySide)(User: )
Description: rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"C:\Windows\Installer\{AF7EBCA4-9FAF-4DC8-8D09-67854BB84D34}\recordingmanager.exe

Error: (12/24/2012 10:59:34 PM) (Source: SideBySide)(User: )
Description: rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"C:\Windows\Installer\{AF7EBCA4-9FAF-4DC8-8D09-67854BB84D34}\recordingmanager.exe

Error: (12/23/2012 03:07:29 PM) (Source: SideBySide)(User: )
Description: assemblyIdentitylanguage*c:\program files (x86)\spybot - search & destroy\DelZip179.dllc:\program files (x86)\spybot - search & destroy\DelZip179.dll8


=========================== Installed Programs ============================

3ivx MPEG-4 5.0.3 (remove only) (Version: 5.0.3)
Adobe AIR (Version: 2.0.3.13070)
Adobe Flash Player 11 ActiveX 64-bit (Version: 11.1.102.55)
Adobe Reader XI (Version: 11.0.00)
Adobe Shockwave Player 11.5 (Version: 11.5.8.612)
Advanced Audio FX Engine (Version: 1.12.05)
ATI Catalyst Control Center (Version: 2.010.0122.0857)
Avira Free Antivirus (Version: 13.0.0.2890)
CadStd (Version: 3.7.0)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Core Implementation (Version: 2010.0122.858.16002)
Catalyst Control Center Graphics Full Existing (Version: 2010.0122.858.16002)
Catalyst Control Center Graphics Full New (Version: 2010.0122.858.16002)
Catalyst Control Center Graphics Light (Version: 2010.0122.858.16002)
Catalyst Control Center Graphics Previews Common (Version: 2010.0122.858.16002)
Catalyst Control Center Graphics Previews Vista (Version: 2010.0122.858.16002)
Catalyst Control Center InstallProxy (Version: 2010.0122.858.16002)
Catalyst Control Center Localization All (Version: 2010.0122.858.16002)
ccc-core-static (Version: 2010.0122.858.16002)
ccc-utility64 (Version: 2010.0122.858.16002)
CCC Help Chinese Standard (Version: 2010.0122.0857.16002)
CCC Help Chinese Traditional (Version: 2010.0122.0857.16002)
CCC Help Danish (Version: 2010.0122.0857.16002)
CCC Help Dutch (Version: 2010.0122.0857.16002)
CCC Help English (Version: 2010.0122.0857.16002)
CCC Help Finnish (Version: 2010.0122.0857.16002)
CCC Help French (Version: 2010.0122.0857.16002)
CCC Help German (Version: 2010.0122.0857.16002)
CCC Help Italian (Version: 2010.0122.0857.16002)
CCC Help Japanese (Version: 2010.0122.0857.16002)
CCC Help Korean (Version: 2010.0122.0857.16002)
CCC Help Norwegian (Version: 2010.0122.0857.16002)
CCC Help Portuguese (Version: 2010.0122.0857.16002)
CCC Help Russian (Version: 2010.0122.0857.16002)
CCC Help Spanish (Version: 2010.0122.0857.16002)
CCC Help Swedish (Version: 2010.0122.0857.16002)
Cisco EAP-FAST Module (Version: 2.2.14)
Cisco LEAP Module (Version: 1.0.19)
Cisco PEAP Module (Version: 1.1.6)
Code 128 Versions : App. 2.0.0 Func. 1.1.0 Font 1.30
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
D-Link AirPlus Xtreme G AP Manager for DWL-2100AP
D3DX10 (Version: 15.4.2368.0902)
Dell Dock (Version: 2.0)
Dell Edoc Viewer (Version: 1.0.0)
Dell Support Center (Support Software) (Version: 2.5.09100)
Dell Webcam Central (Version: 1.40.05)
Delta Force: Xtreme (Version: 1.00.0000)
DF Favorites 3.1.6
DW WLAN Card Utility (Version: 5.60.48.18)
EchoLink (Version: 2.0.908)
ESET Online Scanner v3
FreeQRCreator 1.0.2
GoToAssist 8.0.0.514
Hamster Free ZIP Archiver 1.1.0.11 (Version: 1.1.0.11)
Intel® Management Engine Components (Version: 6.0.0.1179)
InterActual Player
Jasc Paint Shop Pro 9 (Version: 9.00.0000)
Java 7 Update 7 (Version: 7.0.70)
Java Auto Updater (Version: 2.1.9.0)
Java™ 6 Update 20 (64-bit) (Version: 6.0.200)
Java™ 6 Update 20 (Version: 6.0.200)
JavaFX 2.1.1 (Version: 2.1.1)
Joint Operations (Version: 1.00.0000)
Junk Mail filter update (Version: 15.4.3502.0922)
Live! Cam Avatar Creator (Version: 4.6.3009.1)
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Age of Empires
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Digital Image Library 10 (Version: 10.0.0612)
Microsoft Digital Image Library 9 - Blocker (Version: 9.00.0000)
Microsoft Digital Image Pro 10 (Version: 10.0.0612)
Microsoft Digital Image Suite 10 (Version: 10.0.0612)
Microsoft IntelliPoint 8.1 (Version: 8.15.406.0)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Office Small Business Edition 2003 (Version: 11.0.8173.0)
Microsoft Office XP Professional (Version: 10.0.6626.0)
Microsoft Search Enhancement Pack (Version: 3.0.133.0)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Works (Version: 9.7.0621)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
OpenOffice.org 3.2 (Version: 3.2.9502)
PowerDVD DX (Version: 8.3.6029)
Programmer's Notepad 2 (Version: 2.0.10.1010)
Quickset64 (Version: 10.6.2)
RaidCall (Version: 7.0.2-1.0.1512.32)
RealDownloader (Version: 1.3.0)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0)
RealPlayer (Version: 16.0.0)
Realtek High Definition Audio Driver (Version: 6.0.1.6039)
RealUpgrade 1.1 (Version: 1.1.0)
Roxio Burn (Version: 1.01)
Sid Meier's SimGolf
Skins (Version: 2010.0122.858.16002)
Spybot - Search & Destroy (Version: 1.6.2)
Synaptics Pointing Device Driver (Version: 15.0.20.0)
TeamSpeak 2 RC2 (Version: 2.0.32.60)
TeamSpeak 3 Client
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
WIDCOMM Bluetooth Software (Version: 6.2.0.9600)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3502.0922)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
World of Tanks
XML Notepad 2007 (Version: 2.3.0.0)
Yahoo! Messenger

========================= Devices: ================================

Name: DW1501 Wireless-N WLAN Half-Mini Card
Description: DW1501 Wireless-N WLAN Half-Mini Card
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Broadcom
Service: BCM43XX

Name: NDIS System Driver
Description: NDIS System Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NDIS

Name: ACPI Lid
Description: ACPI Lid
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Intel® Core™ i5 CPU       M 450  @ 2.40GHz
Description: Intel Processor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Intel
Service: intelppm

Name: WAN Miniport (Network Monitor)
Description: WAN Miniport (Network Monitor)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan

Name: Microsoft Composite Battery
Description: Microsoft Composite Battery
Class Guid: {72631e54-78a4-11d0-bcf7-00aa00b7b32a}
Manufacturer: Microsoft
Service: Compbatt

Name: NDIS Usermode I/O Protocol
Description: NDIS Usermode I/O Protocol
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Ndisuio

Name: ACPI Sleep Button
Description: ACPI Sleep Button
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: WAN Miniport (IP)
Description: WAN Miniport (IP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan

Name: Common Log (CLFS)
Description: Common Log (CLFS)
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: CLFS

Name: NDProxy
Description: NDProxy
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NDProxy

Name: Intel® 5 Series/3400 Series Chipset Family PCI Express Root Port 1 - 3B42
Description: Intel® 5 Series/3400 Series Chipset Family PCI Express Root Port 1 - 3B42
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: pci

Name: PCI standard host CPU bridge
Description: PCI standard host CPU bridge
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Atheros AR8152 PCI-E Fast Ethernet Controller
Description: Atheros AR8152 PCI-E Fast Ethernet Controller
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Atheros
Service: L1C

Name: TCP/IP Protocol Driver
Description: TCP/IP Protocol Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Tcpip

Name: Microsoft Windows Management Interface for ACPI
Description: Microsoft Windows Management Interface for ACPI
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: WmiAcpi

Name: WAN Miniport (IPv6)
Description: WAN Miniport (IPv6)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan

Name: CNG
Description: CNG
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: CNG

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: ACPI Thermal Zone
Description: ACPI Thermal Zone
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: TCP/IP Registry Compatibility
Description: TCP/IP Registry Compatibility
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: tcpipreg

Name: SanDisk Cruzer Mini USB Device
Description: Disk drive
Class Guid: {4d36e967-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard disk drives)
Service: disk

Name: WAN Miniport (PPPOE)
Description: WAN Miniport (PPPOE)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RasPppoe

Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: ACPI Thermal Zone
Description: ACPI Thermal Zone
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: NETBT
Description: NETBT
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NetBT

Name: Intel® 82802 Firmware Hub Device
Description: Intel® 82802 Firmware Hub Device
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service:

Name: NetIO Legacy TDI Support Driver
Description: NetIO Legacy TDI Support Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: tdx

Name: System Attribute Cache
Description: System Attribute Cache
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: discache

Name: Intel® 5 Series/3400 Series Chipset Family PCI Express Root Port 2 - 3B44
Description: Intel® 5 Series/3400 Series Chipset Family PCI Express Root Port 2 - 3B44
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: pci

Name: PCI standard host CPU bridge
Description: PCI standard host CPU bridge
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: WAN Miniport (PPTP)
Description: WAN Miniport (PPTP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: PptpMiniport

Name: Microsoft AC Adapter
Description: Microsoft AC Adapter
Class Guid: {72631e54-78a4-11d0-bcf7-00aa00b7b32a}
Manufacturer: Microsoft
Service: CmBatt

Name: Intel® processor DRAM Controller - 0044
Description: Intel® processor DRAM Controller - 0044
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service:

Name: Microsoft ACPI-Compliant System
Description: Microsoft ACPI-Compliant System
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: ACPI

Name: Programmable interrupt controller
Description: Programmable interrupt controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: LDDM Graphics Subsystem
Description: LDDM Graphics Subsystem
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: DXGKrnl

Name: HID Keyboard Device
Description: HID Keyboard Device
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard keyboards)
Service: kbdhid

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: WAN Miniport (SSTP)
Description: WAN Miniport (SSTP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RasSstp

Name: Synaptics PS/2 Port TouchPad
Description: Synaptics PS/2 Port TouchPad
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Synaptics
Service: i8042prt

Name: NSI proxy service driver.
Description: NSI proxy service driver.
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: nsiproxy

Name: VgaSave
Description: VgaSave
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: VgaSave

Name: System timer
Description: System timer
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Microsoft Virtual WiFi Miniport Adapter
Description: Microsoft Virtual WiFi Miniport Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp

Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap

Name: Terminal Server Keyboard Driver
Description: Terminal Server Keyboard Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: TermDD

Name: Intel® HM57 Express Chipset LPC Interface Controller - 3B0B
Description: Intel® HM57 Express Chipset LPC Interface Controller - 3B0B
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: msisadrv

Name: ACPI Fixed Feature Button
Description: ACPI Fixed Feature Button
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Intel® 5 Series/3400 Series Chipset Family PCI Express Root Port 6 - 3B4C
Description: Intel® 5 Series/3400 Series Chipset Family PCI Express Root Port 6 - 3B4C
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: pci

Name: HID-compliant mouse
Description: HID-compliant mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: mouhid

Name: Intel® processor PCI Express Root Port - 0045
Description: Intel® processor PCI Express Root Port - 0045
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: pci

Name: Dynamic Volume Manager
Description: Dynamic Volume Manager
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: volmgrx

Name: High precision event timer
Description: High precision event timer
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Terminal Server Mouse Driver
Description: Terminal Server Mouse Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: TermDD

Name: Null
Description: Null
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Null

Name: Intel® Core™ i5 CPU       M 450  @ 2.40GHz
Description: Intel Processor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Intel
Service: intelppm

Name: Plug and Play Software Device Enumerator
Description: Plug and Play Software Device Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: swenum

Name: Storage volumes
Description: Storage volumes
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: volsnap

Name: PLDS DVDRWBD DS-4E1S
Description: CD-ROM Drive
Class Guid: {4d36e965-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard CD-ROM drives)
Service: cdrom

Name: Direct memory access controller
Description: Direct memory access controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: HID-compliant consumer control device
Description: HID-compliant consumer control device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: Microsoft
Service:

Name: Microsoft USB Wheel Mouse Optical (IntelliPoint)
Description: Microsoft USB Wheel Mouse Optical (IntelliPoint)
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: mouhid

Name: Performance Counters for Windows Driver
Description: Performance Counters for Windows Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: pcw

Name: UMBus Root Bus Enumerator
Description: UMBus Root Bus Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: umbus

Name: Mount Point Manager
Description: Mount Point Manager
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: mountmgr

Name: Intel® 5 Series 6 Port SATA AHCI Controller
Description: Intel® 5 Series 6 Port SATA AHCI Controller
Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: iaStor

Name: USB Human Interface Device
Description: USB Human Interface Device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: Broadcom
Service: HidUsb

Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap

Name: High Definition Audio Controller
Description: High Definition Audio Controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: HDAudBus

Name: Virtual WiFi Filter Driver
Description: Virtual WiFi Filter Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: vwififlt

Name: Standard PS/2 Keyboard
Description: Standard PS/2 Keyboard
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard keyboards)
Service: i8042prt

Name: Intel® 82801 PCI Bridge - 2448
Description: Intel® 82801 PCI Bridge - 2448
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: pci

Name: Microsoft Virtual Drive Enumerator Driver
Description: Microsoft Virtual Drive Enumerator Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: vdrvroot

Name: PEAUTH
Description: PEAUTH
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: PEAUTH

Name: Ancillary Function Driver for Winsock
Description: Ancillary Function Driver for Winsock
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: AFD

Name: Remote Access IPv6 ARP Driver
Description: Remote Access IPv6 ARP Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Wanarpv6

Name: PCI bus
Description: PCI bus
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: pci

Name: Volume Manager
Description: Volume Manager
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: volmgr

Name: Bitlocker Drive Encryption Filter Driver
Description: Bitlocker Drive Encryption Filter Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: fvevol

Name: USB Human Interface Device
Description: USB Human Interface Device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: Broadcom
Service: HidUsb

Name: QoS Packet Scheduler
Description: QoS Packet Scheduler
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Psched

Name: amdkmdag
Description: amdkmdag
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: amdkmdag

Name: Windows Firewall Authorization Driver
Description: Windows Firewall Authorization Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: mpsdrv

Name: PCI bus
Description: PCI bus
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: pci

Name: Hitachi HTS545050B9A300
Description: Disk drive
Class Guid: {4d36e967-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard disk drives)
Service: disk

Name: Kernel Mode Driver Frameworks service
Description: Kernel Mode Driver Frameworks service
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Wdf01000

Name: HTTP
Description: HTTP
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: HTTP

Name: Intel® 5 Series/3400 Series Chipset Family SMBus Controller - 3B30
Description: Intel® 5 Series/3400 Series Chipset Family SMBus Controller - 3B30
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service:

Name: Intel® Management Engine Interface
Description: Intel® Management Engine Interface
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: HECIx64

Name: System CMOS/real time clock
Description: System CMOS/real time clock
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Intel® Core™ i5 CPU       M 450  @ 2.40GHz
Description: Intel Processor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Intel
Service: intelppm

Name: QuickPath Architecture Generic Non-core Registers - 2C62
Description: QuickPath Architecture Generic Non-core Registers - 2C62
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic USB Hub
Description: Generic USB Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Generic USB Hub)
Service: usbhub

Name: Hardware Policy Driver
Description: Hardware Policy Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: hwpolicy

Name: WFP Lightweight Filter
Description: WFP Lightweight Filter
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: WfpLwf

Name: ATI High Definition Audio Device
Description: ATI High Definition Audio Device
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: ATI Technologies Inc.
Service: AtiHdmiService

Name: USB Mass Storage Device
Description: USB Mass Storage Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Compatible USB storage device
Service: USBSTOR

Name: RDPCDD
Description: RDPCDD
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: RDPCDD

Name: Generic USB Hub
Description: Generic USB Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Generic USB Hub)
Service: usbhub

Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: User Mode Driver Frameworks Platform Driver
Description: User Mode Driver Frameworks Platform Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: WudfPf

Name: IP Traffic Filter Driver
Description: IP Traffic Filter Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: IpFilterDriver

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: RDP Encoder Mirror Driver
Description: RDP Encoder Mirror Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: RDPENCDD

Name: Generic USB Hub
Description: Generic USB Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Generic USB Hub)
Service: usbhub

Name: Intel® Turbo Boost Technology Driver
Description: Intel® Turbo Boost Technology Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: Impcd

Name: avipbb
Description: avipbb
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: avipbb

Name: Microsoft ISATAP Adapter #2
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel

Name: ATI Mobility Radeon HD 5470   
Description: ATI Mobility Radeon HD 5470   
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: ATI Technologies Inc.
Service: amdkmdap

Name: Numeric data processor
Description: Numeric data processor
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: QuickPath Architecture System Address Decoder - 2D01
Description: QuickPath Architecture System Address Decoder - 2D01
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service:

Name: Power Control [2010/08/18 13:39:53]
Description: Power Control [2010/08/18 13:39:53]
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: {1E444BE9-B8EC-4ce6-8C2B-6536FB7F4FB7}

Name: Reflector Display Driver used to gain access to graphics data
Description: Reflector Display Driver used to gain access to graphics data
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: RDPREFMP

Name: KSecDD
Description: KSecDD
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: KSecDD

Name: Microsoft ISATAP Adapter #3
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel

Name: avkmgr
Description: avkmgr
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: avkmgr

Name: Microsoft ACPI-Compliant Embedded Controller
Description: Microsoft ACPI-Compliant Embedded Controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Microsoft ISATAP Adapter #4
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel

Name: Realtek High Definition Audio
Description: Realtek High Definition Audio
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: IntcAzAudAddService

Name: Intel® Core™ i5 CPU       M 450  @ 2.40GHz
Description: Intel Processor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Intel
Service: intelppm

Name: KSecPkg
Description: KSecPkg
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: KSecPkg

Name: Link-Layer Topology Discovery Responder
Description: Link-Layer Topology Discovery Responder
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: rspndr

Name: USB Composite Device
Description: USB Composite Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbccgp

Name: BCM42RLY
Description: BCM42RLY
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: BCM42RLY

Name: msisadrv
Description: msisadrv
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: msisadrv

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel

Name: Microsoft ACPI-Compliant Control Method Battery
Description: Microsoft ACPI-Compliant Control Method Battery
Class Guid: {72631e54-78a4-11d0-bcf7-00aa00b7b32a}
Manufacturer: Microsoft
Service: CmBatt

Name: Intel® 5 Series/3400 Series Chipset Family USB Enhanced Host Controller - 3B34
Description: Intel® 5 Series/3400 Series Chipset Family USB Enhanced Host Controller - 3B34
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbehci

Name: Microsoft System Management BIOS Driver
Description: Microsoft System Management BIOS Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: mssmbios

Name: QPI Link 0 - 2D10
Description: QPI Link 0 - 2D10
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service:

Name: High Definition Audio Controller
Description: High Definition Audio Controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: HDAudBus

Name: Security Driver
Description: Security Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: secdrv

Name: Link-Layer Topology Discovery Mapper I/O Driver
Description: Link-Layer Topology Discovery Mapper I/O Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: lltdio

Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap

Name: ACPI Fan
Description: ACPI Fan
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Beep
Description: Beep
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Beep

Name: ACPI x64-based PC
Description: ACPI x64-based PC
Class Guid: {4d36e966-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard computers)
Service: \Driver\ACPI_HAL

Name: Integrated Webcam
Description: USB Video Device
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: usbvideo

Name: Microsoft Hardware USB Mouse
Description: Microsoft Hardware USB Mouse
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: Microsoft
Service: HidUsb

Name: WAN Miniport (IKEv2)
Description: WAN Miniport (IKEv2)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RasAgileVpn

Name: ACPI Fan
Description: ACPI Fan
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: spldr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: File as Volume Driver
Description: File as Volume Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: blbdrive

Name: NativeWiFi Filter
Description: NativeWiFi Filter
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NativeWifiP

Name: ACPI Power Button
Description: ACPI Power Button
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: WAN Miniport (L2TP)
Description: WAN Miniport (L2TP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: Rasl2tp

Name: Composite Bus Enumerator
Description: Composite Bus Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: CompositeBus

Name: Intel® 5 Series/3400 Series Chipset Family USB Enhanced Host Controller - 3B3C
Description: Intel® 5 Series/3400 Series Chipset Family USB Enhanced Host Controller - 3B3C
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbehci

Name: QPI Physical 0 - 2D11
Description: QPI Physical 0 - 2D11
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service:


========================= Memory info: ===================================

Percentage of memory in use: 19%
Total physical RAM: 3956.52 MB
Available physical RAM: 3172.58 MB
Total Pagefile: 7911.24 MB
Available Pagefile: 7177.87 MB
Total Virtual: 4095.88 MB
Available Virtual: 3980.14 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:457.06 GB) (Free:368.32 GB) NTFS
3 Drive e: () (Removable) (Total:0.95 GB) (Free:0.37 GB) FAT

========================= Users: ========================================

User accounts for \\DATADOCTORS-PC

Administrator            DataDoctors              Guest                   
remote                  


**** End of log ****

 

-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

 

Farbar's Service Scanner log:

 

Farbar Service Scanner Version: 20-02-2013
Ran by DataDoctors (administrator) on 24-02-2013 at 16:48:53
Running from "C:\Users\DataDoctors\Desktop"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Network
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============
SDRSVC Service is not running. Checking service configuration:
The start type of SDRSVC service is OK.
The ImagePath of SDRSVC service is OK.
The ServiceDll of SDRSVC service is OK.

VSS Service is not running. Checking service configuration:
The start type of VSS service is OK.
The ImagePath of VSS service is OK.


System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is OK.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.

BITS Service is not running. Checking service configuration:
The start type of BITS service is OK.
The ImagePath of BITS service is OK.
The ServiceDll of BITS service is OK.

EventSystem Service is not running. Checking service configuration:
The start type of EventSystem service is OK.
The ImagePath of EventSystem service is OK.
The ServiceDll of EventSystem service is OK.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

 

-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

 

 

AdwCleaner log:



#6 19Kilo

19Kilo
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Way Far North
  • Local time:09:34 PM

Posted 24 February 2013 - 06:45 PM

AdwCleaner log:

 

# AdwCleaner v2.113 - Logfile created 02/24/2013 at 16:50:19
# Updated 23/02/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : DataDoctors - DATADOCTORS-PC
# Boot Mode : Safe mode with networking
# Running from : C:\Users\DataDoctors\Desktop\AdwCleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****

Key Found : HKCU\Software\Zugo
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Registry is clean.

*************************

AdwCleaner[R1].txt - [842 octets] - [24/02/2013 16:50:19]

########## EOF - C:\AdwCleaner[R1].txt - [901 octets] ##########

 

-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

 

Junkware Removal Tool log:

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.6.5 (02.18.2013:1)
OS: Windows 7 Home Premium x64
Ran by DataDoctors on Sun 02/24/2013 at 17:06:09.59
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 


~~~ Services

 

~~~ Registry Values

 

~~~ Registry Keys

Successfully deleted: [Registry Key] hkey_current_user\software\zugo
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{02478d38-c3f9-4efb-9b51-7695eca05670}

 

~~~ Files

 

~~~ Folders

 

~~~ Event Viewer Logs were cleared

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 02/24/2013 at 17:08:23.58
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

 

Rkill log:

 

Rkill 2.4.7 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 02/24/2013 05:17:58 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* Explorer Policy Removed: NoActiveDesktopChanges [HKLM]

Backup Registry file created at:
C:\Users\DataDoctors\Desktop\rkill\rkill-02-24-2013-05-18-00.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity:

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Manual

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* Cannot edit the HOSTS file.
* Permissions Fixed. Administrators can now edit the HOSTS file.

* HOSTS file entries found:

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com

20 out of 15285 HOSTS entries shown.
Please review HOSTS file for further entries.

Program finished at: 02/24/2013 05:18:16 PM
Execution time: 0 hours(s), 0 minute(s), and 17 seconds(s)

 

-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

 

Autoruns log:

 

"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" ""
+ "rdpclip" "" "" "File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Broadcom Wireless Manager UI" "DW WLAN Card Wireless Network Tray Applet" "Dell Inc." "c:\program files\dell\dw wlan card\wltray.exe"
+ "IntelliPoint" "IPoint.exe" "Microsoft Corporation" "c:\program files\microsoft intellipoint\ipoint.exe"
+ "QuickSet" "QuickSet" "Dell Inc." "c:\program files\dell\quickset\quickset.exe"
+ "RtHDVCpl" "Realtek HD Audio Manager" "Realtek Semiconductor" "c:\program files\realtek\audio\hda\ravcpl64.exe"
+ "SynTPEnh" "Synaptics TouchPad Enhancements" "Synaptics Incorporated" "c:\program files\synaptics\syntp\syntpenh.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "avgnt" "Avira System Tray Tool" "Avira Operations GmbH & Co. KG" "c:\program files (x86)\avira\antivir desktop\avgnt.exe"
+ "StartCCC" "Catalyst® Control Center Launcher" "Advanced Micro Devices, Inc." "c:\program files (x86)\ati technologies\ati.ace\core-static\clistart.exe"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files (x86)\common files\java\java update\jusched.exe"
+ "TkBellExe" "RealNetworks Scheduler" "RealNetworks, Inc." "c:\program files (x86)\real\realplayer\update\realsched.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Sidebar" "" "" "File not found: C:\Program Files\Windows Sidebar\Sidebar.exe /autoRun"
+ "SpybotSD TeaTimer" "System settings protector" "Safer-Networking Ltd." "c:\program files (x86)\spybot - search & destroy\teatimer.exe"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "HamsterMenu" "HamsterSoft Free ZIP Archiver Context Menu" "HamsterSoft" "c:\program files\hamster soft\free zip archiver\hamstercontextmenu64.dll"
+ "Shell Extension for Malware scanning" "Avira Shell Extension Library 64-bit" "Avira Operations GmbH & Co. KG" "c:\program files (x86)\avira\antivir desktop\shlext64.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Classes\Directory\Shellex\CopyHookHandlers" "" "" ""
+ "Monitor" "BTNCopy Module" "Broadcom Corporation." "c:\program files\widcomm\bluetooth software\btncopy.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "ACE" "AMD Desktop Control Panel" "Advanced Micro Devices, Inc." "c:\program files (x86)\ati technologies\ati.ace\core-static\atiacm64.dll"
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" "" "OpenOffice.org" "c:\program files (x86)\openoffice.org 3\basis\program\shlxthdl\shlxthdl_x64.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
+ "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" "" "OpenOffice.org" "c:\program files (x86)\openoffice.org 3\basis\program\shlxthdl\shlxthdl.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "HamsterMenu" "HamsterSoft Free ZIP Archiver Context Menu" "HamsterSoft" "c:\program files\hamster soft\free zip archiver\hamstercontextmenu64.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "Shell Extension for Malware scanning" "Avira Shell Extension Library 64-bit" "Avira Operations GmbH & Co. KG" "c:\program files (x86)\avira\antivir desktop\shlext64.dll"
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "HamsterMenu" "HamsterSoft Free ZIP Archiver Context Menu" "HamsterSoft" "c:\program files\hamster soft\free zip archiver\hamstercontextmenu64.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files\java\jre6\bin\jp2ssv.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\java\jre7\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\java\jre7\bin\ssv.dll"
+ "RealNetworks Download and Record Plugin for Internet Explorer" "RealPlayer Download and Record Plugin" "RealDownloader" "c:\programdata\realnetworks\realdownloader\browserplugins\ie\rndlbrowserrecordplugin.dll"
+ "Search Helper" "Search Helper for Internet Explorer" "Microsoft Corporation" "c:\program files (x86)\microsoft\search enhancement pack\search helper\sepsearchhelperie.dll"
+ "Spybot-S&D IE Protection" "SBSD IE Protection" "Safer Networking Limited" "c:\program files (x86)\spybot - search & destroy\sdhelper.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "Send to &Bluetooth Device..." "" "" "c:\program files\widcomm\bluetooth software\btsendto_ie.htm"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "&Blog This in Windows Live Writer" "Windows Live Writer Blog This Extension" "Microsoft Corporation" "c:\program files (x86)\windows live\writer\writerbrowserextension.dll"
+ "Send to &Bluetooth Device..." "" "" "c:\program files\widcomm\bluetooth software\btsendto_ie.htm"
+ "Spybot - Search & Destroy Configuration" "SBSD IE Protection" "Safer Networking Limited" "c:\program files (x86)\spybot - search & destroy\sdhelper.dll"
"Task Scheduler" "" "" ""
+ "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task" "Windows Live Social Object Extractor Engine" "Microsoft Corporation" "c:\program files (x86)\windows live\soxe\wlsoxe.dll"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
+ "\Microsoft_Hardware_Launch_IPoint_exe" "IPoint.exe" "Microsoft Corporation" "c:\program files\microsoft intellipoint\ipoint.exe"
+ "\RealDownloaderDownloaderScheduledTaskS-1-5-21-1279883563-3621392022-3346676457-1001" "RealDownloader" "RealNetworks, Inc." "c:\program files (x86)\realnetworks\realdownloader\recordingmanager.exe"
+ "\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1279883563-3621392022-3346676457-1001" "RealUpgrade Launcher" "RealNetworks, Inc." "c:\program files (x86)\realnetworks\realdownloader\realupgrade.exe"
+ "\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1279883563-3621392022-3346676457-1001" "RealUpgrade Launcher" "RealNetworks, Inc." "c:\program files (x86)\realnetworks\realdownloader\realupgrade.exe"
+ "\RealPlayerRealUpgradeLogonTaskS-1-5-21-1279883563-3621392022-3346676457-1001" "RealUpgrade Launcher" "RealNetworks, Inc." "c:\program files (x86)\real\realupgrade\realupgrade.exe"
+ "\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1279883563-3621392022-3346676457-1001" "RealUpgrade Launcher" "RealNetworks, Inc." "c:\program files (x86)\real\realupgrade\realupgrade.exe"
+ "\RealUpgradeLogonTaskS-1-5-21-1279883563-3621392022-3346676457-1001" "RealUpgrade Launcher" "RealNetworks, Inc." "c:\program files (x86)\real\realupgrade\realupgrade.exe"
+ "\RealUpgradeScheduledTaskS-1-5-21-1279883563-3621392022-3346676457-1001" "RealUpgrade Launcher" "RealNetworks, Inc." "c:\program files (x86)\real\realupgrade\realupgrade.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AdobeARMservice" "Adobe Acrobat Updater keeps your Adobe software up to date." "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe"
+ "AERTFilters" "Andrea filters APO access service (64-bit)" "Andrea Electronics Corporation" "c:\program files\realtek\audio\hda\aertsr64.exe"
+ "AMD External Events Utility" "AMD External Events Service Module" "AMD" "c:\windows\system32\atiesrxx.exe"
+ "AntiVirSchedulerService" "Service to schedule Avira Free Antivirus jobs and updates." "Avira Operations GmbH & Co. KG" "c:\program files (x86)\avira\antivir desktop\sched.exe"
+ "AntiVirService" "Offers permanent protection against viruses and malware with the Avira search engine." "Avira Operations GmbH & Co. KG" "c:\program files (x86)\avira\antivir desktop\avguard.exe"
+ "btwdins" "Handles installation and removal of Bluetooth devices." "Broadcom Corporation." "c:\program files\widcomm\bluetooth software\btwdins.exe"
+ "DockLoginService" "Dock Login Service" "Stardock Corporation" "c:\program files\dell\delldock\docklogin.exe"
+ "GoToAssist" "Citrix GoToAssist provides remote help to this PC." "Citrix Online, a division of Citrix Systems, Inc." "c:\program files (x86)\citrix\gotoassist\514\g2aservice.exe"
+ "LMS" "Allows applications to access the local Intel® Management and Security Application using its locally-available selected network interfaces." "Intel Corporation" "c:\program files (x86)\intel\intel® management engine components\lms\lms.exe"
+ "MDM" "Supports local and remote debugging for Visual Studio and script debuggers. If this service is stopped, the debuggers will not function properly." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\vs7debug\mdm.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"
+ "RealNetworks Downloader Resolver Service" "Manage different Downloader versions in RealNetworks' products." "" "c:\program files (x86)\realnetworks\realdownloader\rndlresolversvc.exe"
+ "SBSDWSCService" "Spybot-S&D Security Center integration" "Safer Networking Ltd." "c:\program files (x86)\spybot - search & destroy\sdwinsec.exe"
+ "SeaPort" "Enables the detection, download and installation of up-to-date configuration files for Microsoft Search Enhancement applications. Also provides server communication for the customer experience improvement program. If this service is disabled, search enhancement features such as search history may not work correctly." "Microsoft Corporation" "c:\program files (x86)\microsoft\search enhancement pack\seaport\seaport.exe"
+ "sprtsvc_DellSupportCenter" "SupportSoft Sprocket Service (DellSupportCenter)" "SupportSoft, Inc." "c:\program files (x86)\dell support center\bin\sprtsvc.exe"
+ "UNS" "Intel® Management and Security Application User Notification Service - Updates the Windows Event Log with notifications of pre defined events received from the local Intel® Management and Security Application Device." "Intel Corporation" "c:\program files (x86)\intel\intel® management engine components\uns\uns.exe"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "wlidsvc" "Enables Windows Live ID authentication." "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
+ "wltrysvc" "Provides automatic configuration for the 802.11 adapter using the Broadcom supplicant." "Dell Inc." "c:\program files\dell\dw wlan card\wltrysvc.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdkmdag" "ATI Radeon Kernel Mode Driver" "ATI Technologies Inc." "c:\windows\system32\drivers\atipmdag.sys"
+ "amdkmdap" "AMD multi-vendor Miniport Driver" "Advanced Micro Devices, Inc." "c:\windows\system32\drivers\atikmpag.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "AtiHdmiService" "ATI High Definition Audio Function Driver" "ATI Technologies, Inc." "c:\windows\system32\drivers\atihdmi.sys"
+ "avgntflt" "Avira mini-filter driver" "Avira Operations GmbH & Co. KG" "c:\windows\system32\drivers\avgntflt.sys"
+ "avipbb" "Avira Security Enhancement Driver" "Avira Operations GmbH & Co. KG" "c:\windows\system32\drivers\avipbb.sys"
+ "avkmgr" "Avira Manager Driver" "Avira Operations GmbH & Co. KG" "c:\windows\system32\drivers\avkmgr.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "BCM42RLY" "Broadcom iLine10™ PCI Network Adapter Proxy Protocol Driver" "Broadcom Corporation" "c:\windows\system32\drivers\bcm42rly.sys"
+ "BCM43XX" "Broadcom 802.11 Network Adapter wireless driver" "Broadcom Corporation" "c:\windows\system32\drivers\bcmwl664.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "btusbflt" "Widcomm Bluetooth USB Filter for Windows XP" "Broadcom Corporation." "c:\windows\system32\drivers\btusbflt.sys"
+ "btwaudio" "Bluetooth Audio Device" "Broadcom Corporation." "c:\windows\system32\drivers\btwaudio.sys"
+ "btwavdt" "Broadcom Bluetooth AVDT Service" "Broadcom Corporation." "c:\windows\system32\drivers\btwavdt.sys"
+ "btwl2cap" "Broadcom Bluetooth L2CAP Service" "Broadcom Corporation." "c:\windows\system32\drivers\btwl2cap.sys"
+ "btwrchid" "Bluetooth Remote Control HID Minidriver" "Broadcom Corporation." "c:\windows\system32\drivers\btwrchid.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "CtClsFlt" "Video Class Upper Filter Driver (64-bit)" "Creative Technology Ltd." "c:\windows\system32\drivers\ctclsflt.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HECIx64" "Intel® Management Engine Interface" "Intel Corporation" "c:\windows\system32\drivers\hecix64.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStor" "Intel Rapid Storage Technology driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastor.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "Impcd" "Intel® Turbo Boost Technology Driver" "Intel Corporation" "c:\windows\system32\drivers\impcd.sys"
+ "IntcAzAudAddService" "Realtek® High Definition Audio Function Driver" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtkvhd64.sys"
+ "L1C" "Atheros L1c PCI-E Gigabit Ethernet Controller" "Atheros Communications, Inc." "c:\windows\system32\drivers\l1c62x64.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "PxHlpa64" "Px Engine Device Driver for 64-bit Windows" "Sonic Solutions" "c:\windows\system32\drivers\pxhlpa64.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "RSUSBSTOR" "Realtek USB Mass Storage Driver for 2K/XP/Vista/Win7" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtsustor.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "SynTP" "Synaptics Touchpad Driver" "Synaptics Incorporated" "c:\windows\system32\drivers\syntp.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
+ "{1E444BE9-B8EC-4ce6-8C2B-6536FB7F4FB7}" "" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\000.fcl"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "vidc.3IV2" "3ivx MPEG-4 5.0.3 Video for Windows Codec" "3ivx Technologies Pty. Ltd." "c:\windows\syswow64\3ivxvfwcodec.dll"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
+ "VIDC.IV41" "Intel Indeo® Video Interactive 32-bit Driver" "Intel Corporation" "c:\windows\syswow64\ir41_32.dll"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "3ivx Decoder Filter" "3ivx MPEG-4 5.0.3 DirectShow Video Decoder" "3ivx Technologies Pty. Ltd." "c:\program files (x86)\3ivx\3ivx mpeg-4 5.0.3\3ivxdsvideodecoder.ax"
+ "3ivx Media Muxer" "3ivx MPEG-4 5.0.3 DirectShow Media Muxer" "3ivx Technologies Pty. Ltd." "c:\program files (x86)\3ivx\3ivx mpeg-4 5.0.3\3ivxdsmediamux.ax"
+ "3ivx Media Splitter" "3ivx MPEG-4 5.0.3 DirectShow Media Splitter" "3ivx Technologies Pty. Ltd." "c:\program files (x86)\3ivx\3ivx mpeg-4 5.0.3\3ivxdsmediasplitter.ax"
+ "3ivx MPEG-4 Video Encoder" "3ivx MPEG-4 5.0.3 Video for Windows Codec" "3ivx Technologies Pty. Ltd." "c:\program files (x86)\3ivx\3ivx mpeg-4 5.0.3\3ivxdsvideoencoder.ax"
+ "ATI Ticker" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\ticker.ax"
+ "Capture File Writer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "Creative MJPEG Decoder 2" "Decoder" "Creative Technology Ltd." "c:\program files (x86)\creative\shared files\ctmjpgdec2.ax"
+ "Creative Video Processing Filter" "Creative Video Processing Filter" "Creative Technology Ltd." "c:\program files (x86)\creative\shared files\vidprocu.ax"
+ "CyberLink Audio Decoder" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\claud.ax"
+ "CyberLink Audio Effect" "CyberLink Audio Effect Filter" "CyberLink Corporation" "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\claudfx.ax"
+ "CyberLink Audio Spectrum Analyzer" "CLAudSpa.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\claudspa.ax"
+ "CyberLink Audio Wizard" "CyberLink Audio Wizard Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\claudwizard.ax"
+ "CyberLink AudioCD Filter" "CyberLink AudioCD Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\claudiocd.ax"
+ "CyberLink Demultiplexer" "MPEG-2 Dempltiplexer" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\cldemuxer.ax"
+ "CyberLink Demultiplexer" "MPEG-2 Dempltiplexer" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\bd\cldemuxer.ax"
+ "CyberLink DVD Navigator" "CyberLink DVD Navigation Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\bd\clnavx.ax"
+ "CyberLink DVD Navigator" "CyberLink DVD Navigation Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\clnavx.ax"
+ "CyberLink Line21 Decoder Filter" "CyberLink Line21 Decoder Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\bd\clline21.ax"
+ "CyberLink Line21 Decoder Filter" "CyberLink Line21 Decoder Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\clline21.ax"
+ "Cyberlink SubTitle Importor" "CLSubTitle.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\clsubtitle.ax"
+ "CyberLink TimeStretch Filter" "CLAuTS.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\clauts.ax"
+ "CyberLink TimeStretch Filter" "CLAuTS.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\bd\clauts.ax"
+ "CyberLink Tzan Filter" "Cyberlink Tzan Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\bd\cltzan.ax"
+ "CyberLink Tzan Filter" "Cyberlink Tzan Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\cltzan.ax"
+ "CyberLink Video Effect" "CLVidFx" "CyberLink" "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\clvidfx.ax"
+ "CyberLink Video/SP Decoder" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\clvsd.ax"
+ "DivX Video Encoder (3ivx)" "3ivx MPEG-4 5.0.3 Video for Windows Codec" "3ivx Technologies Pty. Ltd." "c:\program files (x86)\3ivx\3ivx mpeg-4 5.0.3\3ivxdsvideoencoder.ax"
+ "MMACE Deinterlace" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "MMACE ProcAmp" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "MMACE SoftEmu" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "RealPlayer Audio Filter" "Audio Filter Plugin" "RealNetworks, Inc." "c:\program files (x86)\real\realplayer\rdsf3260.dll"
+ "RealPlayer Mp3 Transform Filter" "Audio Filter Plugin" "RealNetworks, Inc." "c:\program files (x86)\real\realplayer\rdsf3260.dll"
+ "RealPlayer MPEG4 Transform Filter" "Audio Filter Plugin" "RealNetworks, Inc." "c:\program files (x86)\real\realplayer\rdsf3260.dll"
+ "RealPlayer Transcode Filter" "Audio Filter Plugin" "RealNetworks, Inc." "c:\program files (x86)\real\realplayer\rdsf3260.dll"
+ "RealPlayer Video Filter" "Audio Filter Plugin" "RealNetworks, Inc." "c:\program files (x86)\real\realplayer\rdsf3260.dll"
+ "Record Queue" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "Samsung Video Encoder (3ivx)" "3ivx MPEG-4 5.0.3 Video for Windows Codec" "3ivx Technologies Pty. Ltd." "c:\program files (x86)\3ivx\3ivx mpeg-4 5.0.3\3ivxdsvideoencoder.ax"
+ "WM VIH2 Fix" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT DV Extract Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" "" "" ""
+ "BtwCredentialProvider" "BtwCP DLL" "Broadcom Corporation." "c:\program files\widcomm\bluetooth software\btwcp.dll"
+ "WLIDCredentialProvider" "Microsoft® Windows Live ID Credential Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "GoToAssist" "" "" "File not found: C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" ""
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "LIDIL hpzlllhn" "LanguageMonitor" "Hewlett-Packard Company" "c:\windows\system32\hpzlllhn.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order" "" "" ""
+ "BCMLogon" "DW WLAN Card Logon Provider" "Dell Inc." "c:\windows\system32\bcmlogon.dll"

 

 

 

 

 

Thanks,



#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:34 PM

Posted 24 February 2013 - 06:49 PM

Reboot into normal mode and run these scans.

 

?

 

You did all the scans from safemode



#8 19Kilo

19Kilo
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Way Far North
  • Local time:09:34 PM

Posted 24 February 2013 - 06:57 PM

Reboot into normal mode and run these scans.

 

?

 

You did all the scans from safemode

 

 

I missed your reboot to normal mode....just booted it back to safe. Last 3 scans in regular mode. Shall I start again?

 

Thanks,



#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:34 PM

Posted 24 February 2013 - 07:01 PM

Please run the scans which you didnot run in normal mode. and post the logs.



#10 19Kilo

19Kilo
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Way Far North
  • Local time:09:34 PM

Posted 24 February 2013 - 07:35 PM

Malwarebytes log:

 

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Database version: v2013.02.24.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
DataDoctors :: DATADOCTORS-PC [administrator]

2/24/2013 6:06:51 PM
mbam-log-2013-02-24 (18-06-51).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 234239
Time elapsed: 3 minute(s), 37 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

 

-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

 

MiniToolBox log:

 

MiniToolBox by Farbar  Version:10-01-2013
Ran by DataDoctors (administrator) on 24-02-2013 at 18:12:06
Running from "C:\Users\DataDoctors\Desktop"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================


127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com

There are 15265 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================

DW1501 Wireless-N WLAN Half-Mini Card = Wireless Network Connection (Connected)
Atheros AR8152 PCI-E Fast Ethernet Controller = Local Area Connection (Media disconnected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration

 

Windows IP Configuration

   Host Name . . . . . . . . . . . . : DataDoctors-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
   Physical Address. . . . . . . . . : 70-F1-A1-C3-51-30
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Bluetooth Network Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
   Physical Address. . . . . . . . . : C4-46-19-F8-AE-38
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Atheros AR8152 PCI-E Fast Ethernet Controller
   Physical Address. . . . . . . . . : B8-AC-6F-6E-94-38
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : DW1501 Wireless-N WLAN Half-Mini Card
   Physical Address. . . . . . . . . : 70-F1-A1-C3-51-30
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::6520:fa81:858:894%10(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.15.104(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Sunday, February 24, 2013 5:11:02 PM
   Lease Expires . . . . . . . . . . : Monday, February 25, 2013 5:11:01 PM
   Default Gateway . . . . . . . . . : 192.168.15.1
   DHCP Server . . . . . . . . . . . : 192.168.15.1
   DHCPv6 IAID . . . . . . . . . . . : 191951265
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-FD-FA-00-B8-AC-6F-6E-94-38
   DNS Servers . . . . . . . . . . . : 8.8.8.8
                                       208.67.222.222
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{2C5028D7-9383-4791-A8BE-86694BAAFA35}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:3812:3ba3:e789:dae4(Preferred)
   Link-local IPv6 Address . . . . . : fe80::3812:3ba3:e789:dae4%15(Preferred)
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  google-public-dns-a.google.com
Address:  8.8.8.8

Name:    google.com
Addresses:  2607:f8b0:4001:c02::66
   74.125.142.113
   74.125.142.100
   74.125.142.138
   74.125.142.101
   74.125.142.102
   74.125.142.139


Pinging google.com [74.125.142.113] with 32 bytes of data:
Reply from 74.125.142.113: bytes=32 time=40ms TTL=47
Reply from 74.125.142.113: bytes=32 time=37ms TTL=47

Ping statistics for 74.125.142.113:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 37ms, Maximum = 40ms, Average = 38ms
Server:  google-public-dns-a.google.com
Address:  8.8.8.8

Name:    yahoo.com
Addresses:  98.139.183.24
   98.138.253.109
   206.190.36.45


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=382ms TTL=48
Reply from 98.139.183.24: bytes=32 time=384ms TTL=50

Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 382ms, Maximum = 384ms, Average = 383ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 14...70 f1 a1 c3 51 30 ......Microsoft Virtual WiFi Miniport Adapter
 12...c4 46 19 f8 ae 38 ......Bluetooth Device (Personal Area Network)
 11...b8 ac 6f 6e 94 38 ......Atheros AR8152 PCI-E Fast Ethernet Controller
 10...70 f1 a1 c3 51 30 ......DW1501 Wireless-N WLAN Half-Mini Card
  1...........................Software Loopback Interface 1
 17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 15...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0     192.168.15.1   192.168.15.104     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
     192.168.15.0    255.255.255.0         On-link    192.168.15.104    281
   192.168.15.104  255.255.255.255         On-link    192.168.15.104    281
   192.168.15.255  255.255.255.255         On-link    192.168.15.104    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link    192.168.15.104    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link    192.168.15.104    281
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 15     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 15     58 2001::/32                On-link
 15    306 2001:0:9d38:6ab8:3812:3ba3:e789:dae4/128
                                    On-link
 10    281 fe80::/64                On-link
 15    306 fe80::/64                On-link
 15    306 fe80::3812:3ba3:e789:dae4/128
                                    On-link
 10    281 fe80::6520:fa81:858:894/128
                                    On-link
  1    306 ff00::/8                 On-link
 15    306 ff00::/8                 On-link
 10    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 09 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 09 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

3ivx MPEG-4 5.0.3 (remove only) (Version: 5.0.3)
Adobe AIR (Version: 2.0.3.13070)
Adobe Flash Player 11 ActiveX 64-bit (Version: 11.1.102.55)
Adobe Reader XI (Version: 11.0.00)
Adobe Shockwave Player 11.5 (Version: 11.5.8.612)
Advanced Audio FX Engine (Version: 1.12.05)
ATI Catalyst Control Center (Version: 2.010.0122.0857)
Avira Free Antivirus (Version: 13.0.0.3185)
CadStd (Version: 3.7.0)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Core Implementation (Version: 2010.0122.858.16002)
Catalyst Control Center Graphics Full Existing (Version: 2010.0122.858.16002)
Catalyst Control Center Graphics Full New (Version: 2010.0122.858.16002)
Catalyst Control Center Graphics Light (Version: 2010.0122.858.16002)
Catalyst Control Center Graphics Previews Common (Version: 2010.0122.858.16002)
Catalyst Control Center Graphics Previews Vista (Version: 2010.0122.858.16002)
Catalyst Control Center InstallProxy (Version: 2010.0122.858.16002)
Catalyst Control Center Localization All (Version: 2010.0122.858.16002)
ccc-core-static (Version: 2010.0122.858.16002)
ccc-utility64 (Version: 2010.0122.858.16002)
CCC Help Chinese Standard (Version: 2010.0122.0857.16002)
CCC Help Chinese Traditional (Version: 2010.0122.0857.16002)
CCC Help Danish (Version: 2010.0122.0857.16002)
CCC Help Dutch (Version: 2010.0122.0857.16002)
CCC Help English (Version: 2010.0122.0857.16002)
CCC Help Finnish (Version: 2010.0122.0857.16002)
CCC Help French (Version: 2010.0122.0857.16002)
CCC Help German (Version: 2010.0122.0857.16002)
CCC Help Italian (Version: 2010.0122.0857.16002)
CCC Help Japanese (Version: 2010.0122.0857.16002)
CCC Help Korean (Version: 2010.0122.0857.16002)
CCC Help Norwegian (Version: 2010.0122.0857.16002)
CCC Help Portuguese (Version: 2010.0122.0857.16002)
CCC Help Russian (Version: 2010.0122.0857.16002)
CCC Help Spanish (Version: 2010.0122.0857.16002)
CCC Help Swedish (Version: 2010.0122.0857.16002)
Cisco EAP-FAST Module (Version: 2.2.14)
Cisco LEAP Module (Version: 1.0.19)
Cisco PEAP Module (Version: 1.1.6)
Code 128 Versions : App. 2.0.0 Func. 1.1.0 Font 1.30
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
D-Link AirPlus Xtreme G AP Manager for DWL-2100AP
D3DX10 (Version: 15.4.2368.0902)
Dell Dock (Version: 2.0)
Dell Edoc Viewer (Version: 1.0.0)
Dell Support Center (Support Software) (Version: 2.5.09100)
Dell Webcam Central (Version: 1.40.05)
Delta Force: Xtreme (Version: 1.00.0000)
DF Favorites 3.1.6
DW WLAN Card Utility (Version: 5.60.48.18)
EchoLink (Version: 2.0.908)
ESET Online Scanner v3
FreeQRCreator 1.0.2
GoToAssist 8.0.0.514
Hamster Free ZIP Archiver 1.1.0.11 (Version: 1.1.0.11)
Intel® Management Engine Components (Version: 6.0.0.1179)
InterActual Player
Jasc Paint Shop Pro 9 (Version: 9.00.0000)
Java 7 Update 7 (Version: 7.0.70)
Java Auto Updater (Version: 2.1.9.0)
Java™ 6 Update 20 (64-bit) (Version: 6.0.200)
Java™ 6 Update 20 (Version: 6.0.200)
JavaFX 2.1.1 (Version: 2.1.1)
Joint Operations (Version: 1.00.0000)
Junk Mail filter update (Version: 15.4.3502.0922)
Live! Cam Avatar Creator (Version: 4.6.3009.1)
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Age of Empires
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Digital Image Library 10 (Version: 10.0.0612)
Microsoft Digital Image Library 9 - Blocker (Version: 9.00.0000)
Microsoft Digital Image Pro 10 (Version: 10.0.0612)
Microsoft Digital Image Suite 10 (Version: 10.0.0612)
Microsoft IntelliPoint 8.1 (Version: 8.15.406.0)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Office Small Business Edition 2003 (Version: 11.0.8173.0)
Microsoft Office XP Professional (Version: 10.0.6626.0)
Microsoft Search Enhancement Pack (Version: 3.0.133.0)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Works (Version: 9.7.0621)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
OpenOffice.org 3.2 (Version: 3.2.9502)
PowerDVD DX (Version: 8.3.6029)
Programmer's Notepad 2 (Version: 2.0.10.1010)
Quickset64 (Version: 10.6.2)
RaidCall (Version: 7.0.2-1.0.1512.32)
RealDownloader (Version: 1.3.0)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0)
RealPlayer (Version: 16.0.0)
Realtek High Definition Audio Driver (Version: 6.0.1.6039)
RealUpgrade 1.1 (Version: 1.1.0)
Roxio Burn (Version: 1.01)
Sid Meier's SimGolf
Skins (Version: 2010.0122.858.16002)
Spybot - Search & Destroy (Version: 1.6.2)
Synaptics Pointing Device Driver (Version: 15.0.20.0)
TeamSpeak 2 RC2 (Version: 2.0.32.60)
TeamSpeak 3 Client
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
WIDCOMM Bluetooth Software (Version: 6.2.0.9600)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3502.0922)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
World of Tanks
XML Notepad 2007 (Version: 2.3.0.0)
Yahoo! Messenger

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 41%
Total physical RAM: 3956.52 MB
Available physical RAM: 2299.36 MB
Total Pagefile: 7911.24 MB
Available Pagefile: 6062.3 MB
Total Virtual: 4095.88 MB
Available Virtual: 3971.29 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:457.06 GB) (Free:367.16 GB) NTFS

========================= Users: ========================================

User accounts for \\DATADOCTORS-PC

Administrator            DataDoctors              Guest                   
remote                  


**** End of log ****

 

-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

 

Farbar's Service Scanner log:

 

Farbar Service Scanner Version: 20-02-2013
Ran by DataDoctors (administrator) on 24-02-2013 at 18:14:54
Running from "C:\Users\DataDoctors\Desktop"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

 

-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

 

AdwCleaner log:

 

# AdwCleaner v2.113 - Logfile created 02/24/2013 at 18:15:32
# Updated 23/02/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : DataDoctors - DATADOCTORS-PC
# Boot Mode : Normal
# Running from : C:\Users\DataDoctors\Desktop\AdwCleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Registry is clean.

*************************

AdwCleaner[R1].txt - [969 octets] - [24/02/2013 16:50:19]
AdwCleaner[R2].txt - [707 octets] - [24/02/2013 18:15:32]

########## EOF - C:\AdwCleaner[R2].txt - [766 octets] ##########

 

-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

 

Junkware Removal Tool log:

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.6.5 (02.18.2013:1)
OS: Windows 7 Home Premium x64
Ran by DataDoctors on Sun 02/24/2013 at 18:16:45.46
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 


~~~ Services

 

~~~ Registry Values

 

~~~ Registry Keys

 

~~~ Files

 

~~~ Folders

 

~~~ Event Viewer Logs were cleared

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 02/24/2013 at 18:23:44.02
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

 

Rkill log:

 

Rkill 2.4.7 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 02/24/2013 06:25:48 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * No malware processes found to kill.

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * Windows Defender Disabled

   [HKLM\SOFTWARE\Microsoft\Windows Defender]
   "DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity:

 * Windows Defender (WinDefend) is not Running.
   Startup Type set to: Manual

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * Cannot edit the HOSTS file.
 * Permissions could not be fixed. Use Hosts-perm.bat to fix permissions: http://www.bleepingcomputer.com/download/hosts-permbat/

 * HOSTS file entries found:

  127.0.0.1 www.007guard.com
  127.0.0.1 007guard.com
  127.0.0.1 008i.com
  127.0.0.1 www.008k.com
  127.0.0.1 008k.com
  127.0.0.1 www.00hq.com
  127.0.0.1 00hq.com
  127.0.0.1 010402.com
  127.0.0.1 www.032439.com
  127.0.0.1 032439.com
  127.0.0.1 www.0scan.com
  127.0.0.1 0scan.com
  127.0.0.1 www.1000gratisproben.com
  127.0.0.1 1000gratisproben.com
  127.0.0.1 1001namen.com
  127.0.0.1 www.1001namen.com
  127.0.0.1 100888290cs.com
  127.0.0.1 www.100888290cs.com
  127.0.0.1 www.100sexlinks.com
  127.0.0.1 100sexlinks.com

  20 out of 15285 HOSTS entries shown.
  Please review HOSTS file for further entries.

Program finished at: 02/24/2013 06:25:59 PM
Execution time: 0 hours(s), 0 minute(s), and 10 seconds(s)

 

---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

 

Autoruns log:

 

"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" ""
+ "rdpclip" "" "" "File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Broadcom Wireless Manager UI" "DW WLAN Card Wireless Network Tray Applet" "Dell Inc." "c:\program files\dell\dw wlan card\wltray.exe"
+ "IntelliPoint" "IPoint.exe" "Microsoft Corporation" "c:\program files\microsoft intellipoint\ipoint.exe"
+ "QuickSet" "QuickSet" "Dell Inc." "c:\program files\dell\quickset\quickset.exe"
+ "RtHDVCpl" "Realtek HD Audio Manager" "Realtek Semiconductor" "c:\program files\realtek\audio\hda\ravcpl64.exe"
+ "SynTPEnh" "Synaptics TouchPad Enhancements" "Synaptics Incorporated" "c:\program files\synaptics\syntp\syntpenh.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "avgnt" "Avira System Tray Tool" "Avira Operations GmbH & Co. KG" "c:\program files (x86)\avira\antivir desktop\avgnt.exe"
+ "StartCCC" "Catalyst® Control Center Launcher" "Advanced Micro Devices, Inc." "c:\program files (x86)\ati technologies\ati.ace\core-static\clistart.exe"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files (x86)\common files\java\java update\jusched.exe"
+ "TkBellExe" "RealNetworks Scheduler" "RealNetworks, Inc." "c:\program files (x86)\real\realplayer\update\realsched.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Sidebar" "" "" "File not found: C:\Program Files\Windows Sidebar\Sidebar.exe /autoRun"
+ "SpybotSD TeaTimer" "System settings protector" "Safer-Networking Ltd." "c:\program files (x86)\spybot - search & destroy\teatimer.exe"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "HamsterMenu" "HamsterSoft Free ZIP Archiver Context Menu" "HamsterSoft" "c:\program files\hamster soft\free zip archiver\hamstercontextmenu64.dll"
+ "Shell Extension for Malware scanning" "Avira Shell Extension Library 64-bit" "Avira Operations GmbH & Co. KG" "c:\program files (x86)\avira\antivir desktop\shlext64.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Classes\Directory\Shellex\CopyHookHandlers" "" "" ""
+ "Monitor" "BTNCopy Module" "Broadcom Corporation." "c:\program files\widcomm\bluetooth software\btncopy.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "ACE" "AMD Desktop Control Panel" "Advanced Micro Devices, Inc." "c:\program files (x86)\ati technologies\ati.ace\core-static\atiacm64.dll"
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" "" "OpenOffice.org" "c:\program files (x86)\openoffice.org 3\basis\program\shlxthdl\shlxthdl_x64.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
+ "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" "" "OpenOffice.org" "c:\program files (x86)\openoffice.org 3\basis\program\shlxthdl\shlxthdl.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "HamsterMenu" "HamsterSoft Free ZIP Archiver Context Menu" "HamsterSoft" "c:\program files\hamster soft\free zip archiver\hamstercontextmenu64.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "Shell Extension for Malware scanning" "Avira Shell Extension Library 64-bit" "Avira Operations GmbH & Co. KG" "c:\program files (x86)\avira\antivir desktop\shlext64.dll"
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "HamsterMenu" "HamsterSoft Free ZIP Archiver Context Menu" "HamsterSoft" "c:\program files\hamster soft\free zip archiver\hamstercontextmenu64.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files\java\jre6\bin\jp2ssv.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\java\jre7\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\java\jre7\bin\ssv.dll"
+ "RealNetworks Download and Record Plugin for Internet Explorer" "RealPlayer Download and Record Plugin" "RealDownloader" "c:\programdata\realnetworks\realdownloader\browserplugins\ie\rndlbrowserrecordplugin.dll"
+ "Search Helper" "Search Helper for Internet Explorer" "Microsoft Corporation" "c:\program files (x86)\microsoft\search enhancement pack\search helper\sepsearchhelperie.dll"
+ "Spybot-S&D IE Protection" "SBSD IE Protection" "Safer Networking Limited" "c:\program files (x86)\spybot - search & destroy\sdhelper.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "Send to &Bluetooth Device..." "" "" "c:\program files\widcomm\bluetooth software\btsendto_ie.htm"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "&Blog This in Windows Live Writer" "Windows Live Writer Blog This Extension" "Microsoft Corporation" "c:\program files (x86)\windows live\writer\writerbrowserextension.dll"
+ "Send to &Bluetooth Device..." "" "" "c:\program files\widcomm\bluetooth software\btsendto_ie.htm"
+ "Spybot - Search & Destroy Configuration" "SBSD IE Protection" "Safer Networking Limited" "c:\program files (x86)\spybot - search & destroy\sdhelper.dll"
"Task Scheduler" "" "" ""
+ "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task" "Windows Live Social Object Extractor Engine" "Microsoft Corporation" "c:\program files (x86)\windows live\soxe\wlsoxe.dll"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
+ "\Microsoft_Hardware_Launch_IPoint_exe" "IPoint.exe" "Microsoft Corporation" "c:\program files\microsoft intellipoint\ipoint.exe"
+ "\RealDownloaderDownloaderScheduledTaskS-1-5-21-1279883563-3621392022-3346676457-1001" "RealDownloader" "RealNetworks, Inc." "c:\program files (x86)\realnetworks\realdownloader\recordingmanager.exe"
+ "\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1279883563-3621392022-3346676457-1001" "RealUpgrade Launcher" "RealNetworks, Inc." "c:\program files (x86)\realnetworks\realdownloader\realupgrade.exe"
+ "\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1279883563-3621392022-3346676457-1001" "RealUpgrade Launcher" "RealNetworks, Inc." "c:\program files (x86)\realnetworks\realdownloader\realupgrade.exe"
+ "\RealPlayerRealUpgradeLogonTaskS-1-5-21-1279883563-3621392022-3346676457-1001" "RealUpgrade Launcher" "RealNetworks, Inc." "c:\program files (x86)\real\realupgrade\realupgrade.exe"
+ "\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1279883563-3621392022-3346676457-1001" "RealUpgrade Launcher" "RealNetworks, Inc." "c:\program files (x86)\real\realupgrade\realupgrade.exe"
+ "\RealUpgradeLogonTaskS-1-5-21-1279883563-3621392022-3346676457-1001" "RealUpgrade Launcher" "RealNetworks, Inc." "c:\program files (x86)\real\realupgrade\realupgrade.exe"
+ "\RealUpgradeScheduledTaskS-1-5-21-1279883563-3621392022-3346676457-1001" "RealUpgrade Launcher" "RealNetworks, Inc." "c:\program files (x86)\real\realupgrade\realupgrade.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AdobeARMservice" "Adobe Acrobat Updater keeps your Adobe software up to date." "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe"
+ "AERTFilters" "Andrea filters APO access service (64-bit)" "Andrea Electronics Corporation" "c:\program files\realtek\audio\hda\aertsr64.exe"
+ "AMD External Events Utility" "AMD External Events Service Module" "AMD" "c:\windows\system32\atiesrxx.exe"
+ "AntiVirSchedulerService" "Service to schedule Avira Free Antivirus jobs and updates." "Avira Operations GmbH & Co. KG" "c:\program files (x86)\avira\antivir desktop\sched.exe"
+ "AntiVirService" "Offers permanent protection against viruses and malware with the Avira search engine." "Avira Operations GmbH & Co. KG" "c:\program files (x86)\avira\antivir desktop\avguard.exe"
+ "btwdins" "Handles installation and removal of Bluetooth devices." "Broadcom Corporation." "c:\program files\widcomm\bluetooth software\btwdins.exe"
+ "DockLoginService" "Dock Login Service" "Stardock Corporation" "c:\program files\dell\delldock\docklogin.exe"
+ "GoToAssist" "Citrix GoToAssist provides remote help to this PC." "Citrix Online, a division of Citrix Systems, Inc." "c:\program files (x86)\citrix\gotoassist\514\g2aservice.exe"
+ "LMS" "Allows applications to access the local Intel® Management and Security Application using its locally-available selected network interfaces." "Intel Corporation" "c:\program files (x86)\intel\intel® management engine components\lms\lms.exe"
+ "MDM" "Supports local and remote debugging for Visual Studio and script debuggers. If this service is stopped, the debuggers will not function properly." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\vs7debug\mdm.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"
+ "RealNetworks Downloader Resolver Service" "Manage different Downloader versions in RealNetworks' products." "" "c:\program files (x86)\realnetworks\realdownloader\rndlresolversvc.exe"
+ "SBSDWSCService" "Spybot-S&D Security Center integration" "Safer Networking Ltd." "c:\program files (x86)\spybot - search & destroy\sdwinsec.exe"
+ "SeaPort" "Enables the detection, download and installation of up-to-date configuration files for Microsoft Search Enhancement applications. Also provides server communication for the customer experience improvement program. If this service is disabled, search enhancement features such as search history may not work correctly." "Microsoft Corporation" "c:\program files (x86)\microsoft\search enhancement pack\seaport\seaport.exe"
+ "sprtsvc_DellSupportCenter" "SupportSoft Sprocket Service (DellSupportCenter)" "SupportSoft, Inc." "c:\program files (x86)\dell support center\bin\sprtsvc.exe"
+ "UNS" "Intel® Management and Security Application User Notification Service - Updates the Windows Event Log with notifications of pre defined events received from the local Intel® Management and Security Application Device." "Intel Corporation" "c:\program files (x86)\intel\intel® management engine components\uns\uns.exe"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "wlidsvc" "Enables Windows Live ID authentication." "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
+ "wltrysvc" "Provides automatic configuration for the 802.11 adapter using the Broadcom supplicant." "Dell Inc." "c:\program files\dell\dw wlan card\wltrysvc.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdkmdag" "ATI Radeon Kernel Mode Driver" "ATI Technologies Inc." "c:\windows\system32\drivers\atipmdag.sys"
+ "amdkmdap" "AMD multi-vendor Miniport Driver" "Advanced Micro Devices, Inc." "c:\windows\system32\drivers\atikmpag.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "AtiHdmiService" "ATI High Definition Audio Function Driver" "ATI Technologies, Inc." "c:\windows\system32\drivers\atihdmi.sys"
+ "avgntflt" "Avira mini-filter driver" "Avira Operations GmbH & Co. KG" "c:\windows\system32\drivers\avgntflt.sys"
+ "avipbb" "Avira Security Enhancement Driver" "Avira Operations GmbH & Co. KG" "c:\windows\system32\drivers\avipbb.sys"
+ "avkmgr" "Avira Manager Driver" "Avira Operations GmbH & Co. KG" "c:\windows\system32\drivers\avkmgr.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "BCM42RLY" "Broadcom iLine10™ PCI Network Adapter Proxy Protocol Driver" "Broadcom Corporation" "c:\windows\system32\drivers\bcm42rly.sys"
+ "BCM43XX" "Broadcom 802.11 Network Adapter wireless driver" "Broadcom Corporation" "c:\windows\system32\drivers\bcmwl664.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "btusbflt" "Widcomm Bluetooth USB Filter for Windows XP" "Broadcom Corporation." "c:\windows\system32\drivers\btusbflt.sys"
+ "btwaudio" "Bluetooth Audio Device" "Broadcom Corporation." "c:\windows\system32\drivers\btwaudio.sys"
+ "btwavdt" "Broadcom Bluetooth AVDT Service" "Broadcom Corporation." "c:\windows\system32\drivers\btwavdt.sys"
+ "btwl2cap" "Broadcom Bluetooth L2CAP Service" "Broadcom Corporation." "c:\windows\system32\drivers\btwl2cap.sys"
+ "btwrchid" "Bluetooth Remote Control HID Minidriver" "Broadcom Corporation." "c:\windows\system32\drivers\btwrchid.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "CtClsFlt" "Video Class Upper Filter Driver (64-bit)" "Creative Technology Ltd." "c:\windows\system32\drivers\ctclsflt.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HECIx64" "Intel® Management Engine Interface" "Intel Corporation" "c:\windows\system32\drivers\hecix64.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStor" "Intel Rapid Storage Technology driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastor.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "Impcd" "Intel® Turbo Boost Technology Driver" "Intel Corporation" "c:\windows\system32\drivers\impcd.sys"
+ "IntcAzAudAddService" "Realtek® High Definition Audio Function Driver" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtkvhd64.sys"
+ "L1C" "Atheros L1c PCI-E Gigabit Ethernet Controller" "Atheros Communications, Inc." "c:\windows\system32\drivers\l1c62x64.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "PxHlpa64" "Px Engine Device Driver for 64-bit Windows" "Sonic Solutions" "c:\windows\system32\drivers\pxhlpa64.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "RSUSBSTOR" "Realtek USB Mass Storage Driver for 2K/XP/Vista/Win7" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtsustor.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "stexstor" "Promise  SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "SynTP" "Synaptics Touchpad Driver" "Synaptics Incorporated" "c:\windows\system32\drivers\syntp.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
+ "{1E444BE9-B8EC-4ce6-8C2B-6536FB7F4FB7}" "" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\000.fcl"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "vidc.3IV2" "3ivx MPEG-4 5.0.3 Video for Windows Codec" "3ivx Technologies Pty. Ltd." "c:\windows\syswow64\3ivxvfwcodec.dll"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
+ "VIDC.IV41" "Intel Indeo® Video Interactive 32-bit Driver" "Intel Corporation" "c:\windows\syswow64\ir41_32.dll"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "3ivx Decoder Filter" "3ivx MPEG-4 5.0.3 DirectShow Video Decoder" "3ivx Technologies Pty. Ltd." "c:\program files (x86)\3ivx\3ivx mpeg-4 5.0.3\3ivxdsvideodecoder.ax"
+ "3ivx Media Muxer" "3ivx MPEG-4 5.0.3 DirectShow Media Muxer" "3ivx Technologies Pty. Ltd." "c:\program files (x86)\3ivx\3ivx mpeg-4 5.0.3\3ivxdsmediamux.ax"
+ "3ivx Media Splitter" "3ivx MPEG-4 5.0.3 DirectShow Media Splitter" "3ivx Technologies Pty. Ltd." "c:\program files (x86)\3ivx\3ivx mpeg-4 5.0.3\3ivxdsmediasplitter.ax"
+ "3ivx MPEG-4 Video Encoder" "3ivx MPEG-4 5.0.3 Video for Windows Codec" "3ivx Technologies Pty. Ltd." "c:\program files (x86)\3ivx\3ivx mpeg-4 5.0.3\3ivxdsvideoencoder.ax"
+ "ATI Ticker" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\ticker.ax"
+ "Capture File Writer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "Creative MJPEG Decoder 2" "Decoder" "Creative Technology Ltd." "c:\program files (x86)\creative\shared files\ctmjpgdec2.ax"
+ "Creative Video Processing Filter" "Creative Video Processing Filter" "Creative Technology Ltd." "c:\program files (x86)\creative\shared files\vidprocu.ax"
+ "CyberLink Audio Decoder" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\claud.ax"
+ "CyberLink Audio Effect" "CyberLink Audio Effect Filter" "CyberLink Corporation" "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\claudfx.ax"
+ "CyberLink Audio Spectrum Analyzer" "CLAudSpa.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\claudspa.ax"
+ "CyberLink Audio Wizard" "CyberLink Audio Wizard Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\claudwizard.ax"
+ "CyberLink AudioCD Filter" "CyberLink AudioCD Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\claudiocd.ax"
+ "CyberLink Demultiplexer" "MPEG-2 Dempltiplexer" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\cldemuxer.ax"
+ "CyberLink Demultiplexer" "MPEG-2 Dempltiplexer" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\bd\cldemuxer.ax"
+ "CyberLink DVD Navigator" "CyberLink DVD Navigation Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\bd\clnavx.ax"
+ "CyberLink DVD Navigator" "CyberLink DVD Navigation Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\clnavx.ax"
+ "CyberLink Line21 Decoder Filter" "CyberLink Line21 Decoder Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\bd\clline21.ax"
+ "CyberLink Line21 Decoder Filter" "CyberLink Line21 Decoder Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\clline21.ax"
+ "Cyberlink SubTitle Importor" "CLSubTitle.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\clsubtitle.ax"
+ "CyberLink TimeStretch Filter" "CLAuTS.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\clauts.ax"
+ "CyberLink TimeStretch Filter" "CLAuTS.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\bd\clauts.ax"
+ "CyberLink Tzan Filter" "Cyberlink Tzan Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\bd\cltzan.ax"
+ "CyberLink Tzan Filter" "Cyberlink Tzan Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\cltzan.ax"
+ "CyberLink Video Effect" "CLVidFx" "CyberLink" "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\clvidfx.ax"
+ "CyberLink Video/SP Decoder" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\clvsd.ax"
+ "DivX Video Encoder (3ivx)" "3ivx MPEG-4 5.0.3 Video for Windows Codec" "3ivx Technologies Pty. Ltd." "c:\program files (x86)\3ivx\3ivx mpeg-4 5.0.3\3ivxdsvideoencoder.ax"
+ "MMACE Deinterlace" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "MMACE ProcAmp" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "MMACE SoftEmu" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "RealPlayer Audio Filter" "Audio Filter Plugin" "RealNetworks, Inc." "c:\program files (x86)\real\realplayer\rdsf3260.dll"
+ "RealPlayer Mp3 Transform Filter" "Audio Filter Plugin" "RealNetworks, Inc." "c:\program files (x86)\real\realplayer\rdsf3260.dll"
+ "RealPlayer MPEG4 Transform Filter" "Audio Filter Plugin" "RealNetworks, Inc." "c:\program files (x86)\real\realplayer\rdsf3260.dll"
+ "RealPlayer Transcode Filter" "Audio Filter Plugin" "RealNetworks, Inc." "c:\program files (x86)\real\realplayer\rdsf3260.dll"
+ "RealPlayer Video Filter" "Audio Filter Plugin" "RealNetworks, Inc." "c:\program files (x86)\real\realplayer\rdsf3260.dll"
+ "Record Queue" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "Samsung Video Encoder (3ivx)" "3ivx MPEG-4 5.0.3 Video for Windows Codec" "3ivx Technologies Pty. Ltd." "c:\program files (x86)\3ivx\3ivx mpeg-4 5.0.3\3ivxdsvideoencoder.ax"
+ "WM VIH2 Fix" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT DV Extract Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" "" "" ""
+ "BtwCredentialProvider" "BtwCP DLL" "Broadcom Corporation." "c:\program files\widcomm\bluetooth software\btwcp.dll"
+ "WLIDCredentialProvider" "Microsoft® Windows Live ID Credential Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "GoToAssist" "" "" "File not found: C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" ""
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "LIDIL hpzlllhn" "LanguageMonitor" "Hewlett-Packard Company" "c:\windows\system32\hpzlllhn.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order" "" "" ""
+ "BCMLogon" "DW WLAN Card Logon Provider" "Dell Inc." "c:\windows\system32\bcmlogon.dll"
 

 

 

Thanks,



#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:34 PM

Posted 24 February 2013 - 07:46 PM

That looks good

Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

XP- http://support.microsoft.com/kb/310405

Vista & windows 7- http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing smile.png



#12 19Kilo

19Kilo
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Way Far North
  • Local time:09:34 PM

Posted 24 February 2013 - 07:52 PM

Thank you sir. icon_bananas.gif



#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:34 PM

Posted 24 February 2013 - 07:53 PM

welcome.gif






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users