Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Desktop unresponsive after start-up, applications do not run when double-clicked


  • Please log in to reply
15 replies to this topic

#1 ckbruin

ckbruin

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:19 PM

Posted 28 February 2013 - 09:15 PM

After coming home from school I turned on my computer - only to find that I couldn't launch my internet browsers nor log in to Skype or Steam. I attempted an anti-virus scan with Malwarebytes, only to find that it would not run either. Each time I tried starting an application, a dialog box came up stating: "(location of application on hard drive) The service did not respond to the start or control request in a timely fashion." I found this a bit puzzling, as my computer was running completely fine just yesterday. I realize this may not be a malware problem, but I just need to ask. Could malware stay hidden then cause this? Thanks in advance to anyone who can help here.

Background info:
Custom-built PC
Windows 7 32-bit
Internal 120 GB drive + added 500GB drive
I left the computer on the night before, rendering a video in Sony Vegas 11. I turned it off promptly the next morning (it was finished rendering)

 

EDIT: Computer can spontaneously start Mozilla Firefox in normal start-up mode every now and then, but all other applications still fail to launch.


Edited by ckbruin, 01 March 2013 - 10:06 AM.


BC AdBot (Login to Remove)

 


#2 ckbruin

ckbruin
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:19 PM

Posted 28 February 2013 - 09:28 PM

(sorry for the double post, using my phone to make this topic) Also, I should note that I CAN open folders but CANNOT open the volume sliders or open task manager through ctrl+alt+delete.

 

EDIT: I can access the internet using Safe Mode with Networking.


Edited by ckbruin, 28 February 2013 - 09:34 PM.


#3 ckbruin

ckbruin
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:19 PM

Posted 03 March 2013 - 06:46 PM

I believe my computer was also keylogged or is being controlled remotely, as my Facebook got hacked (unless that's been going around recently)



#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,489 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:19 AM

Posted 03 March 2013 - 10:12 PM

Hello and sorry we're late here.. Letrs see if we can determine what it is. See if you can run all

 

 Safe Mode with Networking

 

 

 

Download [url=http://download.bleepingcomputer.com/FixExec/32-bit/FixExec.exe]FixExec.exe[/url] to your desktop.
Double click on the downloaded file to run the fix.
When the program has finished, it will generate a log on the desktop called [b]FixExec.txt[/b].
Post the log in your next reply.

[u][b]NOTE:[/b][/u] If for any reason you're not able to execute FixExec.exe rename it to FixExec.com, FixExec.pif or FixExec.scr.

 

 

 

MiniToolBox
Please download MiniToolBox, save it to your desktop and run it.Checkmark the following checkboxes:


  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.

 

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.

 

 

 

Please download Rkill by Grinler and save it to your desktop.Link 1
Link 2

  • Double-click on the Rkill desktop icon to run the tool.
  • If using Vista, right-click on it and Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
  • If the tool does not run from any of the links provided, please let me know.

Do not reboot the computer, you will need to run the application again.

 

 

 

Please Download TDSSkiller
Launch it.
Click on change parameters-Select TDLFS file system
Click on "Scan".
Please post the LOG report(log file should be in your C drive)
 
Do not change the default options on scan results.

 

 

 

Please download AdwCleaner by Xplode onto your desktop.
•Close all open programs and internet browsers.
•Double click on adwcleaner.exe to run the tool.
•Click on Delete.
•Confirm each time with Ok.
•You will be prompted to restart your computer. A text file will open after the restart.
•Please post the contents of that logfile with your next reply.
•You can find the logfile at C:\AdwCleaner[S1].txt as well.


>>>>

Now I'd like us to scan your machine with ESET OnlineScan

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png  button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the esetsmartinstaller_enu.png
       icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.

 

NOTE:Sometimes if ESET finds no infections it will not create a log.


Edited by boopme, 03 March 2013 - 10:13 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 ckbruin

ckbruin
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:19 PM

Posted 04 March 2013 - 10:21 AM

==FixExec Results==

 

FixExec by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about FixExec can be found at this link:
 http://www.bleepingcomputer.com/download/windows/utilities/fixexec

Program started at: 03/03/2013 10:02:31 PM in x86 mode.
Windows Version: Windows 7

Checking for processes to terminate before fixing executable associations.
 * No processes found to kill.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.


Program finished at: 03/03/2013 10:02:39 PM
Execution time: 0 hours(s), 0 minute(s), and 8 seconds(s)
 

 

==MiniToolBox Results==

MiniToolBox by Farbar  Version:01-03-2013
Ran by Telesis (administrator) on 03-03-2013 at 22:03:36
Running from "C:\Users\Telesis\Desktop"
Windows 7 Professional Service Pack 1 (X86)
Boot Mode: Network
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.no_proxies_on", "*.local"
"network.proxy.type", 0

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================
127.0.0.1 activation.cloud.techsmith.com
127.0.0.1 65.52.240.48
127.0.0.1 activation.cloud.techsmith.com

========================= IP Configuration: ================================

Realtek RTL8168D/8111D Family PCI-E Gigabit Ethernet NIC (NDIS 6.20) = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global taskoffload=disabled
add route prefix=0.0.0.0/0 interface="ethernet_9" nexthop=25.0.0.1 publish=Yes
set interface interface="ethernet_9" forwarding=disabled advertise=disabled metric=9000 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : Telesis-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Broadcast
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Realtek RTL8168D/8111D Family PCI-E Gigabit Ethernet NIC (NDIS 6.20)
   Physical Address. . . . . . . . . : 00-27-0E-0C-A3-91
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::518d:3efc:6644:8d7c%10(Preferred)
   IPv4 Address. . . . . . . . . . . : 10.0.0.2(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Sunday, March 03, 2013 9:54:52 PM
   Lease Expires . . . . . . . . . . : Monday, March 04, 2013 9:54:51 PM
   Default Gateway . . . . . . . . . : 10.0.0.1
   DHCP Server . . . . . . . . . . . : 10.0.0.1
   DHCPv6 IAID . . . . . . . . . . . : 234891022
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-66-A7-5E-00-27-0E-0C-A3-91
   DNS Servers . . . . . . . . . . . : 10.0.0.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{353DFAAC-1F5A-4015-AE8E-FB16982DC885}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  UnKnown
Address:  10.0.0.1

Name:    google.com
Addresses:  2607:f8b0:4007:800::1003
      74.125.224.233
      74.125.224.238
      74.125.224.224
      74.125.224.225
      74.125.224.226
      74.125.224.227
      74.125.224.228
      74.125.224.229
      74.125.224.230
      74.125.224.231
      74.125.224.232


Pinging google.com [74.125.224.161] with 32 bytes of data:
Reply from 74.125.224.161: bytes=32 time=6ms TTL=52
Reply from 74.125.224.161: bytes=32 time=7ms TTL=52

Ping statistics for 74.125.224.161:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 6ms, Maximum = 7ms, Average = 6ms
Server:  UnKnown
Address:  10.0.0.1

Name:    yahoo.com
Addresses:  98.139.183.24
      206.190.36.45
      98.138.253.109


Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=79ms TTL=45
Reply from 98.138.253.109: bytes=32 time=98ms TTL=45

Ping statistics for 98.138.253.109:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 79ms, Maximum = 98ms, Average = 88ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 10...00 27 0e 0c a3 91 ......Realtek RTL8168D/8111D Family PCI-E Gigabit Ethernet NIC (NDIS 6.20)
  1...........................Software Loopback Interface 1
 13...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0         10.0.0.1         10.0.0.2     20
         10.0.0.0    255.255.255.0         On-link          10.0.0.2    276
         10.0.0.2  255.255.255.255         On-link          10.0.0.2    276
       10.0.0.255  255.255.255.255         On-link          10.0.0.2    276
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link          10.0.0.2    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link          10.0.0.2    276
===========================================================================
Persistent Routes:
  Network Address          Netmask  Gateway Address  Metric
          0.0.0.0          0.0.0.0         25.0.0.1  Default
===========================================================================

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 10    276 fe80::/64                On-link
 10    276 fe80::518d:3efc:6644:8d7c/128
                                    On-link
  1    306 ff00::/8                 On-link
 10    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
 If Metric Network Destination      Gateway
  0 4294967295 2620:9b::/96             On-link
  0   9000 ::/0                     2620:9b::500:1
===========================================================================
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\System32\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\System32\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
Catalog9 01 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (03/01/2013 06:06:23 PM) (Source: BstHdAndroidSvc) (User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (03/01/2013 06:57:28 AM) (Source: BstHdAndroidSvc) (User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (02/28/2013 09:41:18 PM) (Source: BstHdAndroidSvc) (User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (02/28/2013 08:55:07 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: The Cryptographic Services service failed to initialize the VSS backup "System Writer" object.


Details:
Could not query the status of the EventSystem service.

System Error:
A system shutdown is in progress.
.

Error: (02/28/2013 06:50:46 PM) (Source: BstHdAndroidSvc) (User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (02/28/2013 05:56:31 PM) (Source: BstHdAndroidSvc) (User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (02/28/2013 05:41:49 PM) (Source: BstHdAndroidSvc) (User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (02/28/2013 05:35:22 PM) (Source: BstHdAndroidSvc) (User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (02/28/2013 05:25:53 PM) (Source: BstHdAndroidSvc) (User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (02/27/2013 09:34:23 PM) (Source: Application Error) (User: )
Description: Faulting application name: Engine.exe, version: 0.0.0.0, time stamp: 0x512b0330
Faulting module name: cshell.dll, version: 0.0.0.0, time stamp: 0x512b032f
Exception code: 0xc0000005
Fault offset: 0x003b41e3
Faulting process id: 0x1e9c
Faulting application start time: 0xEngine.exe0
Faulting application path: Engine.exe1
Faulting module path: Engine.exe2
Report Id: Engine.exe3


System errors:
=============
Error: (03/03/2013 10:02:08 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (03/03/2013 10:02:08 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (03/03/2013 10:02:08 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (03/03/2013 09:57:08 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (03/03/2013 09:57:08 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (03/03/2013 09:57:08 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (03/03/2013 09:55:22 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (03/03/2013 09:55:22 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (03/03/2013 09:55:22 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (03/03/2013 09:55:21 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:
%%1068


Microsoft Office Sessions:
=========================
Error: (03/01/2013 06:06:23 PM) (Source: BstHdAndroidSvc)(User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (03/01/2013 06:57:28 AM) (Source: BstHdAndroidSvc)(User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (02/28/2013 09:41:18 PM) (Source: BstHdAndroidSvc)(User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (02/28/2013 08:55:07 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:
Details:
Could not query the status of the EventSystem service.

System Error:
A system shutdown is in progress.

Error: (02/28/2013 06:50:46 PM) (Source: BstHdAndroidSvc)(User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (02/28/2013 05:56:31 PM) (Source: BstHdAndroidSvc)(User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (02/28/2013 05:41:49 PM) (Source: BstHdAndroidSvc)(User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (02/28/2013 05:35:22 PM) (Source: BstHdAndroidSvc)(User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (02/28/2013 05:25:53 PM) (Source: BstHdAndroidSvc)(User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (02/27/2013 09:34:23 PM) (Source: Application Error)(User: )
Description: Engine.exe0.0.0.0512b0330cshell.dll0.0.0.0512b032fc0000005003b41e31e9c01ce1571d80232daF:\Program Files\Steam\steamapps\common\Combat Arms\Engine.exeF:\Program Files\Steam\steamapps\common\Combat Arms\Game\cshell.dll81c2c881-8168-11e2-93da-00270e0ca391


=========================== Installed Programs ============================

µTorrent (Version: 3.1.3)
10,000,000
18 Wheels of Steel: Haulin'  (Version: )

32 Bit HP CIO Components Installer (Version: 4.1.1)
Adobe AIR (Version: 2.6.0.19140)
Adobe Download Assistant (Version: 1.2.3)
Adobe Flash Player 11 ActiveX (Version: 11.6.602.171)
Adobe Flash Player 11 Plugin (Version: 11.6.602.171)
Adobe Reader X (10.1.4) (Version: 10.1.4)
Adobe Shockwave Player 11.6 (Version: 11.6.7.637)
Alien Shooter 2: Reloaded
Amazon Add to Wish List IE Extension 1.1 (Version: 1.1)
AMD Accelerated Video Transcoding (Version: 12.5.100.21202)
AMD APP SDK Runtime (Version: 10.0.1084.2)
AMD Catalyst Install Manager (Version: 8.0.903.0)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Media Foundation Decoders (Version: 1.0.71202.0304)
Amnesia: The Dark Descent
Antichamber
Any Video Converter 3.5.5
Apple Application Support (Version: 2.2.2)
Apple Mobile Device Support (Version: 6.0.0.59)
Apple Software Update (Version: 2.1.3.127)
ARMA 2: Free
ARMA 2: Operation Arrowhead
Audacity 2.0.2 (Version: 2.0.2)
Bastion
BattlEye (A2Free) Uninstall
BattlEye for OA Uninstall
Beat Hazard
Binary Domain
Bing Bar (Version: 7.1.391.0)
BlueStacks App Player (Version: 0.7.9.860)
BlueStacks Notification Center (Version: 0.7.9.860)
Bonjour (Version: 3.0.0.10)
Borderlands 2
BrickForce 1.4.40 (Version: 1.4.40)
Call of Duty 4: Modern Warfare
Call of Duty: World at War
Camtasia Studio 8 (Version: 8.0.2.918)
Castle Crashers
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center (Version: 2012.1202.303.5362)
Catalyst Control Center Graphics Previews Common (Version: 2012.1202.303.5362)
Catalyst Control Center InstallProxy (Version: 2012.1202.303.5362)
Catalyst Control Center Localization All (Version: 2012.1202.303.5362)
CCC Help Chinese Standard (Version: 2012.1202.0302.5362)
CCC Help Chinese Traditional (Version: 2012.1202.0302.5362)
CCC Help Czech (Version: 2012.1202.0302.5362)
CCC Help Danish (Version: 2012.1202.0302.5362)
CCC Help Dutch (Version: 2012.1202.0302.5362)
CCC Help English (Version: 2012.1202.0302.5362)
CCC Help Finnish (Version: 2012.1202.0302.5362)
CCC Help French (Version: 2012.1202.0302.5362)
CCC Help German (Version: 2012.1202.0302.5362)
CCC Help Greek (Version: 2012.1202.0302.5362)
CCC Help Hungarian (Version: 2012.1202.0302.5362)
CCC Help Italian (Version: 2012.1202.0302.5362)
CCC Help Japanese (Version: 2012.1202.0302.5362)
CCC Help Korean (Version: 2012.1202.0302.5362)
CCC Help Norwegian (Version: 2012.1202.0302.5362)
CCC Help Polish (Version: 2012.1202.0302.5362)
CCC Help Portuguese (Version: 2012.1202.0302.5362)
CCC Help Russian (Version: 2012.1202.0302.5362)
CCC Help Spanish (Version: 2012.1202.0302.5362)
CCC Help Swedish (Version: 2012.1202.0302.5362)
CCC Help Thai (Version: 2012.1202.0302.5362)
CCC Help Turkish (Version: 2012.1202.0302.5362)
ccc-utility (Version: 2012.1202.303.5362)
Chivalry: Medieval Warfare
Citrix online plug-in - web (Version: 11.2.0.31560)
Citrix online plug-in (DV) (Version: 11.2.0.31560)
Citrix online plug-in (HDX) (Version: 11.2.0.31560)
Citrix online plug-in (USB) (Version: 11.2.0.31560)
Citrix online plug-in (Web) (Version: 11.2.0.31560)
Cobian Backup 11 Gravity
Combat Arms
Counter-Strike: Global Offensive
Counter-Strike: Source
Cthulhu Saves the World
D3DX10 (Version: 15.4.2368.0902)
Dead Island
Dead Rising 2: Off The Record (Version: 1.0.0001.131)
Dead Rising 2: OTR (Version: 1.0.0000.131)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dropbox (Version: 1.6.16)
Dungeon Defenders
erLT (Version: 1.20.0137)
ESET Online Scanner v3
Far Cry 3 (Version: 1.01)
File Type Assistant
FileZilla Client 3.5.3 (Version: 3.5.3)
FinalTorrent 2011
GamersFirst LIVE!
Garry's Mod
Ghost Recon Online (NCSA-Live) (Version: 1.30.5141.1)
Google Chrome (Version: 25.0.1364.97)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.4.3607.2246)
Google Update Helper (Version: 1.3.21.135)
Gotham City Impostors: Free To Play
GRID (Version: 1.30.0000)
Half-Life 2: Deathmatch
HandBrake 0.9.8 (Version: 0.9.8)
Hi-Rez Studios Authenticate and Update Service (Version: 3.0.0.0)
IAHGames Player 2.03.2331
InstallIQ Updater (Version: 1.4.2.0)
iTunes (Version: 10.7.0.21)
Jamestown
Java 7 Update 9 (Version: 7.0.90)
Java Auto Updater (Version: 2.1.9.0)
join.me (Version: 1.7.0.138)
Junk Mail filter update (Version: 16.4.3503.0728)
KeePass Password Safe 1.23 (Version: 1.23)
Killing Floor
Killing Floor Beta Dedicated Server
League of Legends (Version: 1.3)
Left 4 Dead 2
Logitech SetPoint 5.20 (Version: 5.20)
MagicDisc 2.7.106
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
MapleStory
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (Version: 3.5.30730.0)
Microsoft Expression Encoder 4 (Version: 4.0.4276.0)
Microsoft Expression Encoder 4 Screen Capture Codec (Version: 4.0.4276.0)
Microsoft Games for Windows - LIVE Redistributable (Version: 3.5.92.0)
Microsoft Games for Windows Marketplace (Version: 3.5.50.0)
Microsoft IntelliType Pro 8.2 (Version: 8.20.469.0)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook Connector (Version: 14.0.5118.5000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (Version: 14.0.5120.5000)
Microsoft Security Client (Version: 4.0.1526.0)
Microsoft Security Essentials (Version: 4.0.1526.0)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SkyDrive (Version: 16.4.6010.0727)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft XNA Framework Redistributable 3.1 (Version: 3.1.10527.0)
Microsoft XNA Framework Redistributable 4.0 (Version: 4.0.20823.0)
MixMeister BPM Analyzer 1.0
Model ChemLab - Evaluation Version (Version: 2.5.1)
Movie Maker (Version: 16.4.3503.0728)
Mozilla Firefox 19.0 (x86 en-US) (Version: 19.0)
Mozilla Maintenance Service (Version: 19.0)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT Redists (Version: 1.0)
MSVCRT110 (Version: 16.4.1108.0727)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
My Game Long Name
Nero BurnLite 10 (Version: 10.0.10100.1.100)
Nero BurnLite 10 (Version: 10.0.10500)
Nero Control Center 10 (Version: 10.0.13100.3.1)
Nero ControlCenter 10 Help (CHM) (Version: 1.0.10700)
Nero Core Components 10 (Version: 2.0.15100.0.1)
Nero Update (Version: 1.0.0018)
Nexon Game Manager
Notepad++ (Version: 6.1.2)
NVIDIA 3D Vision Controller Driver (Version: 280.19)
NVIDIA 3D Vision Controller Driver 280.19 (Version: 280.19)
NVIDIA Control Panel 280.26 (Version: 280.26)
NVIDIA Display Control Panel (Version: 6.14.12.5896)
NVIDIA Graphics Driver 280.26 (Version: 280.26)
NVIDIA Install Application (Version: 2.1000.25.170)
NVIDIA PhysX (Version: 9.12.0613)
NVIDIA Update 1.4.28 (Version: 1.4.28)
NVIDIA Update Components (Version: 1.4.28)
OpenAL
osu! (Version: 0.0.0.0)
Pando Media Booster (Version: 2.6.0.8)
PAYDAY: The Heist
PDoD Uninstallation (Version: 0.3.09)
PeerGuardian 2.0 (Version: 2.1.0.2)
Photo Common (Version: 16.4.3503.0728)
Photo Gallery (Version: 16.4.3503.0728)
PlayClaw (Version: 2.1.0.1502)
PlayClaw 3 (Version: 3)
Pokemon Online 2.0.1
Poker Night at the Inventory
PunkBuster Services (Version: 0.993)
puush (Version: 1.0.0.0)
PVSonyDll (Version: 1.00.0001)
QuickTime (Version: 7.72.80.56)
RAGE
Realm of the Mad God
Saints Row: The Third
Six Updater (Version: 2.09.7016)
Sizer 3.33 (Version: 1.0.0.0)
Skype™ 6.1 (Version: 6.1.129)
Sniper Elite V2
Source SDK Base 2006
Source SDK Base 2007
Spotify (Version: 0.8.5.1333.g822e0de8)
Steam (Version: 1.0.0.0)
StepMania v5.0 alpha 1a (remove only) (Version: )
swMSM (Version: 12.0.0.1)
System Requirements Lab CYRI (Version: 4.5.1.0)
System Requirements Lab Detection (Version: 1.0.5.0)
Team Fortress 2
Terraria
Torchlight II
TrackMania Nations Forever
Unity Web Player (Version: 2.6.1f3_31223)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Uplay (Version: 2.0)
User's Guides (Version: 1.20.0000)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
Vegas Pro 11.0 (Version: 11.0.682)
ViewSonic Monitor Drivers
War Inc. Battlezone
WhatPulse 1.7.1 (Version: 1.7.1)
WhatPulse version 2.0 (Version: 2.0)
Who's That Flying?!
Windows Live Communications Platform (Version: 16.4.3503.0728)
Windows Live Essentials (Version: 16.4.3503.0728)
Windows Live Family Safety (Version: 16.4.3503.0728)
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0)
Windows Live Installer (Version: 16.4.3503.0728)
Windows Live Mail (Version: 16.4.3503.0728)
Windows Live Messenger (Version: 16.4.3503.0728)
Windows Live MIME IFilter (Version: 16.4.3503.0728)
Windows Live Photo Common (Version: 16.4.3503.0728)
Windows Live PIMT Platform (Version: 16.4.3503.0728)
Windows Live SOXE (Version: 16.4.3503.0728)
Windows Live SOXE Definitions (Version: 16.4.3503.0728)
Windows Live UX Platform (Version: 16.4.3503.0728)
Windows Live UX Platform Language Pack (Version: 16.4.3503.0728)
Windows Live Writer (Version: 16.4.3503.0728)
Windows Live Writer Resources (Version: 16.4.3503.0728)
WinPcap 4.1.2 (Version: 4.1.0.2001)
WinRAR 4.00 (32-bit) (Version: 4.00.0)
Xfire
Yahoo! Messenger
Yahoo! Software Update
Yahoo! Toolbar
Zombie Driver


========================= Memory info: ===================================

Percentage of memory in use: 13%
Total physical RAM: 3067.58 MB
Available physical RAM: 2655.81 MB
Total Pagefile: 6133.44 MB
Available Pagefile: 5759.32 MB
Total Virtual: 2047.88 MB
Available Virtual: 1939.38 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:148.95 GB) (Free:73.98 GB) NTFS
4 Drive f: (500GB_WD) (Fixed) (Total:465.76 GB) (Free:163.41 GB) NTFS
5 Drive g: (Far Cry 3) (CDROM) (Total:1.94 GB) (Free:0 GB) CDFS

========================= Users: ========================================

User accounts for \\TELESIS-PC

Administrator            Guest                    Telesis                  
UpdatusUser              


**** End of log ****
 

 

==RKill Results== *Ran twice by accident, didn't look like anything necessary was overwritten in the log*

 

Rkill 2.4.7 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 03/03/2013 10:07:45 PM in x86 mode.
Windows Version: Windows 7 Professional Service Pack 1

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * No malware processes found to kill.

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * No issues found.

Checking Windows Service Integrity:

 * COM+ Event System (EventSystem) is not Running.
   Startup Type set to: Automatic

 * Security Center (wscsvc) is not Running.
   Startup Type set to: Automatic (Delayed Start)

 * Windows Update (wuauserv) is not Running.
   Startup Type set to: Automatic (Delayed Start)

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * HOSTS file entries found:

  127.0.0.1 65.52.240.48
  127.0.0.1 activation.cloud.techsmith.com

Program finished at: 03/03/2013 10:07:49 PM
Execution time: 0 hours(s), 0 minute(s), and 4 seconds(s)
 

 

==TDSSKiller Results==

 

22:08:38.0165 0520  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
22:08:38.0602 0520  ============================================================
22:08:38.0602 0520  Current date / time: 2013/03/03 22:08:38.0602
22:08:38.0602 0520  SystemInfo:
22:08:38.0602 0520  
22:08:38.0602 0520  OS Version: 6.1.7601 ServicePack: 1.0
22:08:38.0602 0520  Product type: Workstation
22:08:38.0602 0520  ComputerName: TELESIS-PC
22:08:38.0602 0520  UserName: Telesis
22:08:38.0602 0520  Windows directory: C:\Windows
22:08:38.0602 0520  System windows directory: C:\Windows
22:08:38.0602 0520  Processor architecture: Intel x86
22:08:38.0602 0520  Number of processors: 4
22:08:38.0602 0520  Page size: 0x1000
22:08:38.0602 0520  Boot type: Safe boot with network
22:08:38.0602 0520  ============================================================
22:08:39.0631 0520  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
22:08:39.0631 0520  Drive \Device\Harddisk1\DR1 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
22:08:39.0647 0520  ============================================================
22:08:39.0647 0520  \Device\Harddisk0\DR0:
22:08:39.0647 0520  MBR partitions:
22:08:39.0647 0520  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C02
22:08:39.0647 0520  \Device\Harddisk1\DR1:
22:08:39.0647 0520  MBR partitions:
22:08:39.0647 0520  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
22:08:39.0647 0520  \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x129E6800
22:08:39.0647 0520  ============================================================
22:08:39.0663 0520  C: <-> \Device\Harddisk1\DR1\Partition2
22:08:39.0678 0520  F: <-> \Device\Harddisk0\DR0\Partition1
22:08:39.0678 0520  ============================================================
22:08:39.0678 0520  Initialize success
22:08:39.0678 0520  ============================================================
22:08:53.0905 0444  ============================================================
22:08:53.0905 0444  Scan started
22:08:53.0905 0444  Mode: Manual; TDLFS;
22:08:53.0905 0444  ============================================================
22:08:54.0342 0444  ================ Scan system memory ========================
22:08:54.0342 0444  System memory - ok
22:08:54.0342 0444  ================ Scan services =============================
22:08:54.0467 0444  [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
22:08:54.0483 0444  1394ohci - ok
22:08:54.0529 0444  [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
22:08:54.0529 0444  ACPI - ok
22:08:54.0529 0444  [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
22:08:54.0545 0444  AcpiPmi - ok
22:08:54.0639 0444  [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
22:08:54.0639 0444  AdobeARMservice - ok
22:08:54.0732 0444  [ 9942DC4CC265CDA00486504444EF521D ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
22:08:54.0732 0444  AdobeFlashPlayerUpdateSvc - ok
22:08:54.0763 0444  [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
22:08:54.0763 0444  adp94xx - ok
22:08:54.0779 0444  [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
22:08:54.0779 0444  adpahci - ok
22:08:54.0795 0444  [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
22:08:54.0810 0444  adpu320 - ok
22:08:54.0826 0444  [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
22:08:54.0841 0444  AeLookupSvc - ok
22:08:54.0888 0444  [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD             C:\Windows\system32\drivers\afd.sys
22:08:54.0888 0444  AFD - ok
22:08:54.0919 0444  [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440          C:\Windows\system32\drivers\agp440.sys
22:08:54.0919 0444  agp440 - ok
22:08:54.0951 0444  [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx         C:\Windows\system32\DRIVERS\djsvs.sys
22:08:54.0951 0444  aic78xx - ok
22:08:54.0966 0444  [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG             C:\Windows\System32\alg.exe
22:08:54.0966 0444  ALG - ok
22:08:54.0997 0444  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide          C:\Windows\system32\drivers\aliide.sys
22:08:55.0013 0444  aliide - ok
22:08:55.0044 0444  [ 95C788B852A0F9F0DA6C2B98A50FB11E ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
22:08:55.0044 0444  AMD External Events Utility - ok
22:08:55.0075 0444  [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
22:08:55.0075 0444  amdagp - ok
22:08:55.0091 0444  [ CD5914170297126B6266860198D1D4F0 ] amdide          C:\Windows\system32\drivers\amdide.sys
22:08:55.0091 0444  amdide - ok
22:08:55.0107 0444  [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
22:08:55.0122 0444  AmdK8 - ok
22:08:55.0341 0444  [ 8353397CB0F1374A08A07C1BC3A21699 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
22:08:55.0528 0444  amdkmdag - ok
22:08:55.0575 0444  [ D72E92D3E488BF0A9DC0B78F759FCE59 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
22:08:55.0575 0444  amdkmdap - ok
22:08:55.0590 0444  [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
22:08:55.0590 0444  AmdPPM - ok
22:08:55.0637 0444  [ D320BF87125326F996D4904FE24300FC ] amdsata         C:\Windows\system32\drivers\amdsata.sys
22:08:55.0637 0444  amdsata - ok
22:08:55.0653 0444  [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
22:08:55.0653 0444  amdsbs - ok
22:08:55.0668 0444  [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
22:08:55.0668 0444  amdxata - ok
22:08:55.0715 0444  [ AEA177F783E20150ACE5383EE368DA19 ] AppID           C:\Windows\system32\drivers\appid.sys
22:08:55.0715 0444  AppID - ok
22:08:55.0731 0444  [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
22:08:55.0731 0444  AppIDSvc - ok
22:08:55.0777 0444  [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo         C:\Windows\System32\appinfo.dll
22:08:55.0777 0444  Appinfo - ok
22:08:55.0887 0444  [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
22:08:55.0887 0444  Apple Mobile Device - ok
22:08:55.0918 0444  [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt         C:\Windows\System32\appmgmts.dll
22:08:55.0918 0444  AppMgmt - ok
22:08:55.0949 0444  [ 2932004F49677BD84DBC72EDB754FFB3 ] arc             C:\Windows\system32\DRIVERS\arc.sys
22:08:55.0949 0444  arc - ok
22:08:55.0965 0444  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
22:08:55.0965 0444  arcsas - ok
22:08:56.0043 0444  [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
22:08:56.0136 0444  aspnet_state - ok
22:08:56.0152 0444  [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
22:08:56.0152 0444  AsyncMac - ok
22:08:56.0199 0444  [ 338C86357871C167A96AB976519BF59E ] atapi           C:\Windows\system32\drivers\atapi.sys
22:08:56.0199 0444  atapi - ok
22:08:56.0245 0444  [ 434192D027A6A11E32E1C74C7C43E1ED ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW73.sys
22:08:56.0245 0444  AtiHDAudioService - ok
22:08:56.0433 0444  [ 8353397CB0F1374A08A07C1BC3A21699 ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
22:08:56.0479 0444  atikmdag - ok
22:08:56.0542 0444  [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:08:56.0542 0444  AudioEndpointBuilder - ok
22:08:56.0573 0444  [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
22:08:56.0573 0444  Audiosrv - ok
22:08:56.0620 0444  [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
22:08:56.0620 0444  AxInstSV - ok
22:08:56.0667 0444  [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbdx.sys
22:08:56.0667 0444  b06bdrv - ok
22:08:56.0698 0444  [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
22:08:56.0698 0444  b57nd60x - ok
22:08:56.0823 0444  [ F48FEB7DA35821DA15E0B006DCB9A169 ] BBSvc           C:\Program Files\Microsoft\BingBar\7.1.391.0\BBSvc.exe
22:08:56.0838 0444  BBSvc - ok
22:08:56.0885 0444  [ 8E16F7A85441986FD2B9CE6C879524E4 ] BBUpdate        C:\Program Files\Microsoft\BingBar\7.1.391.0\SeaPort.exe
22:08:56.0901 0444  BBUpdate - ok
22:08:56.0916 0444  [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC          C:\Windows\System32\bdesvc.dll
22:08:56.0916 0444  BDESVC - ok
22:08:56.0947 0444  [ 505506526A9D467307B3C393DEDAF858 ] Beep            C:\Windows\system32\drivers\Beep.sys
22:08:56.0947 0444  Beep - ok
22:08:57.0010 0444  [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE             C:\Windows\System32\bfe.dll
22:08:57.0010 0444  BFE - ok
22:08:57.0057 0444  [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
22:08:57.0057 0444  blbdrive - ok
22:08:57.0150 0444  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
22:08:57.0150 0444  Bonjour Service - ok
22:08:57.0181 0444  [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
22:08:57.0181 0444  bowser - ok
22:08:57.0197 0444  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
22:08:57.0197 0444  BrFiltLo - ok
22:08:57.0197 0444  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
22:08:57.0197 0444  BrFiltUp - ok
22:08:57.0228 0444  [ 77361D72A04F18809D0EFB6CCEB74D4B ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
22:08:57.0228 0444  BridgeMP - ok
22:08:57.0259 0444  [ 6E11F33D14D020F58D5E02E4D67DFA19 ] Browser         C:\Windows\System32\browser.dll
22:08:57.0259 0444  Browser - ok
22:08:57.0291 0444  [ 845B8CE732E67F3B4133164868C666EA ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
22:08:57.0291 0444  Brserid - ok
22:08:57.0337 0444  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
22:08:57.0384 0444  BrSerWdm - ok
22:08:57.0400 0444  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
22:08:57.0400 0444  BrUsbMdm - ok
22:08:57.0415 0444  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
22:08:57.0415 0444  BrUsbSer - ok
22:08:57.0525 0444  [ 173BBAE8027339608CBD5C5369BCDDDD ] BstHdAndroidSvc C:\Program Files\BlueStacks\HD-Service.exe
22:08:57.0525 0444  BstHdAndroidSvc - ok
22:08:57.0540 0444  [ 9DD09756BDD8032459698428BD0A1763 ] BstHdDrv        C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys
22:08:57.0540 0444  BstHdDrv - ok
22:08:57.0571 0444  [ D9BD54860A00FE88B660D26E66EB075A ] BstHdLogRotatorSvc C:\Program Files\BlueStacks\HD-LogRotatorService.exe
22:08:57.0571 0444  BstHdLogRotatorSvc - ok
22:08:57.0587 0444  [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
22:08:57.0587 0444  BTHMODEM - ok
22:08:57.0618 0444  [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv         C:\Windows\system32\bthserv.dll
22:08:57.0618 0444  bthserv - ok
22:08:57.0696 0444  catchme - ok
22:08:57.0759 0444  [ 58BF7714A312698108A96D0DE2BB6825 ] cbVSCService11  C:\Program Files\Cobian Backup 11\cbVSCService11.exe
22:08:57.0774 0444  cbVSCService11 - ok
22:08:57.0790 0444  [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
22:08:57.0790 0444  cdfs - ok
22:08:57.0868 0444  [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
22:08:57.0868 0444  cdrom - ok
22:08:57.0915 0444  [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc     C:\Windows\System32\certprop.dll
22:08:57.0915 0444  CertPropSvc - ok
22:08:57.0946 0444  [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
22:08:57.0946 0444  circlass - ok
22:08:57.0977 0444  [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS            C:\Windows\system32\CLFS.sys
22:08:57.0977 0444  CLFS - ok
22:08:58.0008 0444  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:08:58.0024 0444  clr_optimization_v2.0.50727_32 - ok
22:08:58.0071 0444  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:08:58.0164 0444  clr_optimization_v4.0.30319_32 - ok
22:08:58.0195 0444  [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
22:08:58.0195 0444  CmBatt - ok
22:08:58.0195 0444  [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
22:08:58.0195 0444  cmdide - ok
22:08:58.0242 0444  [ 6427525D76F61D0C519B008D3680E8E7 ] CNG             C:\Windows\system32\Drivers\cng.sys
22:08:58.0242 0444  CNG - ok
22:08:58.0305 0444  [ EB188C4E6926BE55A0564CE68F3528FC ] CobianBackup11  C:\Program Files\Cobian Backup 11\cbService.exe
22:08:58.0336 0444  CobianBackup11 - ok
22:08:58.0351 0444  [ A6023D3823C37043986713F118A89BEE ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
22:08:58.0351 0444  Compbatt - ok
22:08:58.0383 0444  [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
22:08:58.0383 0444  CompositeBus - ok
22:08:58.0398 0444  COMSysApp - ok
22:08:58.0414 0444  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
22:08:58.0414 0444  crcdisk - ok
22:08:58.0476 0444  [ 06E771AA596B8761107AB57E99F128D7 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
22:08:58.0476 0444  CryptSvc - ok
22:08:58.0507 0444  [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC             C:\Windows\system32\drivers\csc.sys
22:08:58.0523 0444  CSC - ok
22:08:58.0539 0444  [ 15F93B37F6801943360D9EB42485D5D3 ] CscService      C:\Windows\System32\cscsvc.dll
22:08:58.0554 0444  CscService - ok
22:08:58.0617 0444  [ CB6FF7012BB5D59D7C12350DB795CE1F ] ctxusbm         C:\Windows\system32\DRIVERS\ctxusbm.sys
22:08:58.0617 0444  ctxusbm - ok
22:08:58.0663 0444  [ 90F8539FA0DE4AAFE4FDBE7F95D6A512 ] dc3d            C:\Windows\system32\DRIVERS\dc3d.sys
22:08:58.0663 0444  dc3d - ok
22:08:58.0679 0444  [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch      C:\Windows\system32\rpcss.dll
22:08:58.0695 0444  DcomLaunch - ok
22:08:58.0710 0444  [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc       C:\Windows\System32\defragsvc.dll
22:08:58.0710 0444  defragsvc - ok
22:08:58.0741 0444  [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
22:08:58.0757 0444  DfsC - ok
22:08:58.0804 0444  [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp            C:\Windows\system32\dhcpcore.dll
22:08:58.0804 0444  Dhcp - ok
22:08:58.0819 0444  [ 1A050B0274BFB3890703D490F330C0DA ] discache        C:\Windows\system32\drivers\discache.sys
22:08:58.0835 0444  discache - ok
22:08:58.0851 0444  [ 565003F326F99802E68CA78F2A68E9FF ] Disk            C:\Windows\system32\DRIVERS\disk.sys
22:08:58.0851 0444  Disk - ok
22:08:58.0882 0444  [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
22:08:58.0882 0444  Dnscache - ok
22:08:58.0913 0444  [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc         C:\Windows\System32\dot3svc.dll
22:08:58.0913 0444  dot3svc - ok
22:08:58.0944 0444  [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS             C:\Windows\system32\dps.dll
22:08:58.0944 0444  DPS - ok
22:08:58.0975 0444  [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
22:08:58.0975 0444  drmkaud - ok
22:08:59.0007 0444  [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
22:08:59.0007 0444  DXGKrnl - ok
22:08:59.0038 0444  EagleXNt - ok
22:08:59.0053 0444  [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost         C:\Windows\System32\eapsvc.dll
22:08:59.0053 0444  EapHost - ok
22:08:59.0147 0444  [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv           C:\Windows\system32\DRIVERS\evbdx.sys
22:08:59.0241 0444  ebdrv - ok
22:08:59.0272 0444  [ 81951F51E318AECC2D68559E47485CC4 ] EFS             C:\Windows\System32\lsass.exe
22:08:59.0287 0444  EFS - ok
22:08:59.0334 0444  [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
22:08:59.0350 0444  ehRecvr - ok
22:08:59.0365 0444  [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched         C:\Windows\ehome\ehsched.exe
22:08:59.0365 0444  ehSched - ok
22:08:59.0412 0444  [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
22:08:59.0428 0444  elxstor - ok
22:08:59.0428 0444  [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
22:08:59.0428 0444  ErrDev - ok
22:08:59.0459 0444  [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem     C:\Windows\system32\es.dll
22:08:59.0459 0444  EventSystem - ok
22:08:59.0490 0444  [ 2DC9108D74081149CC8B651D3A26207F ] exfat           C:\Windows\system32\drivers\exfat.sys
22:08:59.0490 0444  exfat - ok
22:08:59.0506 0444  [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
22:08:59.0506 0444  fastfat - ok
22:08:59.0553 0444  [ 967EA5B213E9984CBE270205DF37755B ] Fax             C:\Windows\system32\fxssvc.exe
22:08:59.0553 0444  Fax - ok
22:08:59.0568 0444  [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
22:08:59.0568 0444  fdc - ok
22:08:59.0584 0444  [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost         C:\Windows\system32\fdPHost.dll
22:08:59.0584 0444  fdPHost - ok
22:08:59.0584 0444  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub        C:\Windows\system32\fdrespub.dll
22:08:59.0584 0444  FDResPub - ok
22:08:59.0615 0444  [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
22:08:59.0615 0444  FileInfo - ok
22:08:59.0631 0444  [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
22:08:59.0631 0444  Filetrace - ok
22:08:59.0646 0444  [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
22:08:59.0646 0444  flpydisk - ok
22:08:59.0662 0444  [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
22:08:59.0662 0444  FltMgr - ok
22:08:59.0709 0444  [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache       C:\Windows\system32\FntCache.dll
22:08:59.0724 0444  FontCache - ok
22:08:59.0771 0444  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
22:08:59.0771 0444  FontCache3.0.0.0 - ok
22:08:59.0787 0444  [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
22:08:59.0787 0444  FsDepends - ok
22:08:59.0833 0444  [ BB05E1C467029D7EA275FAF5E9108A5D ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
22:08:59.0833 0444  fssfltr - ok
22:08:59.0943 0444  [ 4E2E6FEDFE4A3445DBD0C623A242362D ] fsssvc          C:\Program Files\Windows Live\Family Safety\fsssvc.exe
22:08:59.0974 0444  fsssvc - ok
22:09:00.0005 0444  [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
22:09:00.0005 0444  Fs_Rec - ok
22:09:00.0052 0444  [ 8A73E79089B282100B9393B644CB853B ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
22:09:00.0052 0444  fvevol - ok
22:09:00.0083 0444  [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
22:09:00.0083 0444  gagp30kx - ok
22:09:00.0130 0444  [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
22:09:00.0130 0444  GEARAspiWDM - ok
22:09:00.0177 0444  [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc           C:\Windows\System32\gpsvc.dll
22:09:00.0208 0444  gpsvc - ok
22:09:00.0317 0444  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
22:09:00.0317 0444  gupdate - ok
22:09:00.0364 0444  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
22:09:00.0364 0444  gupdatem - ok
22:09:00.0379 0444  [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc           C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
22:09:00.0379 0444  gusvc - ok
22:09:00.0426 0444  [ 833051C6C6C42117191935F734CFBD97 ] hamachi         C:\Windows\system32\DRIVERS\hamachi.sys
22:09:00.0426 0444  hamachi - ok
22:09:00.0442 0444  [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
22:09:00.0442 0444  hcw85cir - ok
22:09:00.0504 0444  [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
22:09:00.0504 0444  HdAudAddService - ok
22:09:00.0551 0444  [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
22:09:00.0551 0444  HDAudBus - ok
22:09:00.0567 0444  [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
22:09:00.0567 0444  HidBatt - ok
22:09:00.0582 0444  [ 89448F40E6DF260C206A193A4683BA78 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
22:09:00.0582 0444  HidBth - ok
22:09:00.0598 0444  [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
22:09:00.0598 0444  HidIr - ok
22:09:00.0629 0444  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv         C:\Windows\System32\hidserv.dll
22:09:00.0629 0444  hidserv - ok
22:09:00.0676 0444  [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
22:09:00.0676 0444  HidUsb - ok
22:09:00.0738 0444  [ 8D1F00F4254C3EF428B715484940427C ] HiPatchService  F:\Program Files\Hi-Rez Studios\HiPatchService.exe
22:09:00.0738 0444  HiPatchService - ok
22:09:00.0769 0444  [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc          C:\Windows\system32\kmsvc.dll
22:09:00.0785 0444  hkmsvc - ok
22:09:00.0816 0444  [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
22:09:00.0816 0444  HomeGroupListener - ok
22:09:00.0863 0444  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
22:09:00.0863 0444  HomeGroupProvider - ok
22:09:00.0910 0444  [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
22:09:00.0910 0444  HpSAMD - ok
22:09:00.0972 0444  [ 871917B07A141BFF43D76D8844D48106 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
22:09:00.0972 0444  HTTP - ok
22:09:01.0003 0444  [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
22:09:01.0003 0444  hwpolicy - ok
22:09:01.0066 0444  [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
22:09:01.0066 0444  i8042prt - ok
22:09:01.0097 0444  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
22:09:01.0097 0444  iaStorV - ok
22:09:01.0159 0444  [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
22:09:01.0191 0444  idsvc - ok
22:09:01.0347 0444  [ AD626F6964F4D364D226C39E06872DD3 ] igfx            C:\Windows\system32\DRIVERS\igdkmd32.sys
22:09:01.0456 0444  igfx - ok
22:09:01.0487 0444  [ 4173FF5708F3236CF25195FECD742915 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
22:09:01.0487 0444  iirsp - ok
22:09:01.0549 0444  [ F95622F161474511B8D80D6B093AA610 ] IKEEXT          C:\Windows\System32\ikeext.dll
22:09:01.0581 0444  IKEEXT - ok
22:09:01.0612 0444  [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide        C:\Windows\system32\drivers\intelide.sys
22:09:01.0627 0444  intelide - ok
22:09:01.0643 0444  [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
22:09:01.0643 0444  intelppm - ok
22:09:01.0659 0444  [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
22:09:01.0674 0444  IPBusEnum - ok
22:09:01.0690 0444  [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:09:01.0690 0444  IpFilterDriver - ok
22:09:01.0737 0444  [ 4D65A07B795D6674312F879D09AA7663 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
22:09:01.0752 0444  iphlpsvc - ok
22:09:01.0799 0444  [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
22:09:01.0799 0444  IPMIDRV - ok
22:09:01.0815 0444  [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
22:09:01.0815 0444  IPNAT - ok
22:09:01.0893 0444  [ BC0EA61246F8D940FBC5F652D337D6BD ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
22:09:01.0908 0444  iPod Service - ok
22:09:01.0939 0444  [ 42996CFF20A3084A56017B7902307E9F ] IRENUM          C:\Windows\system32\drivers\irenum.sys
22:09:01.0939 0444  IRENUM - ok
22:09:01.0971 0444  [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
22:09:01.0971 0444  isapnp - ok
22:09:02.0017 0444  [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
22:09:02.0033 0444  iScsiPrt - ok
22:09:02.0049 0444  [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
22:09:02.0049 0444  kbdclass - ok
22:09:02.0080 0444  [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
22:09:02.0080 0444  kbdhid - ok
22:09:02.0080 0444  [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso          C:\Windows\system32\lsass.exe
22:09:02.0080 0444  KeyIso - ok
22:09:02.0127 0444  [ F4647BB23DB9038A7536CF6B68F4207F ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
22:09:02.0127 0444  KSecDD - ok
22:09:02.0158 0444  [ E73CAE53BBB72BA26918492C6B4C229D ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
22:09:02.0158 0444  KSecPkg - ok
22:09:02.0173 0444  [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm           C:\Windows\system32\msdtckrm.dll
22:09:02.0189 0444  KtmRm - ok
22:09:02.0220 0444  [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer    C:\Windows\System32\srvsvc.dll
22:09:02.0220 0444  LanmanServer - ok
22:09:02.0236 0444  [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:09:02.0236 0444  LanmanWorkstation - ok
22:09:02.0283 0444  [ 7F9C7B28CF1C859E1C42619EEA946DC8 ] LHidFilt        C:\Windows\system32\DRIVERS\LHidFilt.Sys
22:09:02.0283 0444  LHidFilt - ok
22:09:02.0314 0444  [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
22:09:02.0314 0444  lltdio - ok
22:09:02.0329 0444  [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
22:09:02.0329 0444  lltdsvc - ok
22:09:02.0345 0444  [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts         C:\Windows\System32\lmhsvc.dll
22:09:02.0345 0444  lmhosts - ok
22:09:02.0361 0444  [ AB33792A87285344F43B5CE23421BAB0 ] LMouFilt        C:\Windows\system32\DRIVERS\LMouFilt.Sys
22:09:02.0361 0444  LMouFilt - ok
22:09:02.0392 0444  [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
22:09:02.0392 0444  LSI_FC - ok
22:09:02.0407 0444  [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
22:09:02.0407 0444  LSI_SAS - ok
22:09:02.0423 0444  [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
22:09:02.0423 0444  LSI_SAS2 - ok
22:09:02.0439 0444  [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
22:09:02.0439 0444  LSI_SCSI - ok
22:09:02.0454 0444  [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv           C:\Windows\system32\drivers\luafv.sys
22:09:02.0454 0444  luafv - ok
22:09:02.0517 0444  [ 8FD868E32459ECE2A1BB0169F513D31E ] mcdbus          C:\Windows\system32\DRIVERS\mcdbus.sys
22:09:02.0517 0444  mcdbus - ok
22:09:02.0548 0444  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
22:09:02.0563 0444  Mcx2Svc - ok
22:09:02.0563 0444  [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
22:09:02.0579 0444  megasas - ok
22:09:02.0610 0444  [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
22:09:02.0610 0444  MegaSR - ok
22:09:02.0673 0444  Microsoft SharePoint Workspace Audit Service - ok
22:09:02.0704 0444  [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS           C:\Windows\system32\mmcss.dll
22:09:02.0704 0444  MMCSS - ok
22:09:02.0704 0444  [ F001861E5700EE84E2D4E52C712F4964 ] Modem           C:\Windows\system32\drivers\modem.sys
22:09:02.0704 0444  Modem - ok
22:09:02.0751 0444  [ 79D10964DE86B292320E9DFE02282A23 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
22:09:02.0751 0444  monitor - ok
22:09:02.0797 0444  [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
22:09:02.0797 0444  mouclass - ok
22:09:02.0829 0444  [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
22:09:02.0829 0444  mouhid - ok
22:09:02.0860 0444  [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
22:09:02.0860 0444  mountmgr - ok
22:09:02.0922 0444  [ 5C5E45DDABEFBC9F564F1D5C83258B8F ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
22:09:02.0922 0444  MozillaMaintenance - ok
22:09:02.0969 0444  [ D993BEA500E7382DC4E760BF4F35EFCB ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
22:09:02.0969 0444  MpFilter - ok
22:09:03.0000 0444  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio            C:\Windows\system32\drivers\mpio.sys
22:09:03.0000 0444  mpio - ok
22:09:03.0000 0444  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
22:09:03.0000 0444  mpsdrv - ok
22:09:03.0063 0444  [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc          C:\Windows\system32\mpssvc.dll
22:09:03.0078 0444  MpsSvc - ok
22:09:03.0125 0444  [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
22:09:03.0125 0444  MRxDAV - ok
22:09:03.0172 0444  [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
22:09:03.0172 0444  mrxsmb - ok
22:09:03.0219 0444  [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:09:03.0219 0444  mrxsmb10 - ok
22:09:03.0250 0444  [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:09:03.0250 0444  mrxsmb20 - ok
22:09:03.0281 0444  [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci          C:\Windows\system32\drivers\msahci.sys
22:09:03.0281 0444  msahci - ok
22:09:03.0328 0444  [ 55055F8AD8BE27A64C831322A780A228 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
22:09:03.0328 0444  msdsm - ok
22:09:03.0359 0444  [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC           C:\Windows\System32\msdtc.exe
22:09:03.0359 0444  MSDTC - ok
22:09:03.0390 0444  [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs            C:\Windows\system32\drivers\Msfs.sys
22:09:03.0390 0444  Msfs - ok
22:09:03.0406 0444  [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
22:09:03.0406 0444  mshidkmdf - ok
22:09:03.0421 0444  [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
22:09:03.0421 0444  msisadrv - ok
22:09:03.0453 0444  [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
22:09:03.0453 0444  MSiSCSI - ok
22:09:03.0468 0444  msiserver - ok
22:09:03.0484 0444  [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
22:09:03.0484 0444  MSKSSRV - ok
22:09:03.0499 0444  [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
22:09:03.0499 0444  MSPCLOCK - ok
22:09:03.0515 0444  [ F456E973590D663B1073E9C463B40932 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
22:09:03.0515 0444  MSPQM - ok
22:09:03.0531 0444  [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
22:09:03.0531 0444  MsRPC - ok
22:09:03.0546 0444  [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
22:09:03.0546 0444  mssmbios - ok
22:09:03.0562 0444  [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
22:09:03.0562 0444  MSTEE - ok
22:09:03.0577 0444  [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
22:09:03.0577 0444  MTConfig - ok
22:09:03.0577 0444  [ 159FAD02F64E6381758C990F753BCC80 ] Mup             C:\Windows\system32\Drivers\mup.sys
22:09:03.0577 0444  Mup - ok
22:09:03.0624 0444  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent        C:\Windows\system32\qagentRT.dll
22:09:03.0624 0444  napagent - ok
22:09:03.0655 0444  [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
22:09:03.0655 0444  NativeWifiP - ok
22:09:03.0749 0444  [ 9D1CCE440552500DED3A62F9D779CDB4 ] NAUpdate        C:\Program Files\Nero\Update\NASvc.exe
22:09:03.0765 0444  NAUpdate - ok
22:09:03.0811 0444  [ E7C54812A2AAF43316EB6930C1FFA108 ] NDIS            C:\Windows\system32\drivers\ndis.sys
22:09:03.0827 0444  NDIS - ok
22:09:03.0843 0444  [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
22:09:03.0843 0444  NdisCap - ok
22:09:03.0858 0444  [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
22:09:03.0858 0444  NdisTapi - ok
22:09:03.0905 0444  [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
22:09:03.0905 0444  Ndisuio - ok
22:09:03.0921 0444  [ 38FBE267E7E6983311179230FACB1017 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
22:09:03.0921 0444  NdisWan - ok
22:09:03.0952 0444  [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
22:09:03.0952 0444  NDProxy - ok
22:09:04.0014 0444  [ 69C503C004F49AEE8B8E3067CC047BA7 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
22:09:04.0014 0444  Net Driver HPZ12 - ok
22:09:04.0030 0444  [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
22:09:04.0030 0444  NetBIOS - ok
22:09:04.0077 0444  [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
22:09:04.0077 0444  NetBT - ok
22:09:04.0108 0444  [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon        C:\Windows\system32\lsass.exe
22:09:04.0108 0444  Netlogon - ok
22:09:04.0155 0444  [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman          C:\Windows\System32\netman.dll
22:09:04.0155 0444  Netman - ok
22:09:04.0201 0444  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
22:09:04.0279 0444  NetMsmqActivator - ok
22:09:04.0295 0444  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
22:09:04.0295 0444  NetPipeActivator - ok
22:09:04.0311 0444  [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm        C:\Windows\System32\netprofm.dll
22:09:04.0311 0444  netprofm - ok
22:09:04.0326 0444  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
22:09:04.0326 0444  NetTcpActivator - ok
22:09:04.0326 0444  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
22:09:04.0342 0444  NetTcpPortSharing - ok
22:09:04.0373 0444  [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
22:09:04.0373 0444  nfrd960 - ok
22:09:04.0420 0444  [ B52F26BADE7D7E4A79706E3FD91834CD ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
22:09:04.0420 0444  NisDrv - ok
22:09:04.0498 0444  [ 290C0D4C4889398797F8DF3BE00B9698 ] NisSrv          C:\Program Files\Microsoft Security Client\NisSrv.exe
22:09:04.0498 0444  NisSrv - ok
22:09:04.0529 0444  [ 912084381D30D8B89EC4E293053F4710 ] NlaSvc          C:\Windows\System32\nlasvc.dll
22:09:04.0545 0444  NlaSvc - ok
22:09:04.0607 0444  [ B48DC6ABCD3AEFF8618350CCBDC6B09A ] NPF             C:\Windows\system32\drivers\npf.sys
22:09:04.0607 0444  NPF - ok
22:09:04.0623 0444  [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
22:09:04.0623 0444  Npfs - ok
22:09:04.0638 0444  npggsvc - ok
22:09:04.0654 0444  [ BA387E955E890C8A88306D9B8D06BF17 ] nsi             C:\Windows\system32\nsisvc.dll
22:09:04.0654 0444  nsi - ok
22:09:04.0685 0444  [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
22:09:04.0685 0444  nsiproxy - ok
22:09:04.0747 0444  [ 81189C3D7763838E55C397759D49007A ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
22:09:04.0763 0444  Ntfs - ok
22:09:04.0763 0444  [ F9756A98D69098DCA8945D62858A812C ] Null            C:\Windows\system32\drivers\Null.sys
22:09:04.0763 0444  Null - ok
22:09:05.0013 0444  [ 4152708C0C24E30DAE7FA87D5AFE1D7B ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
22:09:05.0231 0444  nvlddmkm - ok
22:09:05.0247 0444  [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
22:09:05.0247 0444  nvraid - ok
22:09:05.0293 0444  [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
22:09:05.0293 0444  nvstor - ok
22:09:05.0356 0444  [ 26DB28B32E8D2F57CB5065A4A053801A ] nvsvc           C:\Windows\system32\nvvsvc.exe
22:09:05.0356 0444  nvsvc - ok
22:09:05.0465 0444  [ A19BBE1E3E3FEF50B94CA07DCC0FB776 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
22:09:05.0512 0444  nvUpdatusService - ok
22:09:05.0559 0444  [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
22:09:05.0559 0444  nv_agp - ok
22:09:05.0590 0444  [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
22:09:05.0605 0444  ohci1394 - ok
22:09:05.0668 0444  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:09:05.0668 0444  ose - ok
22:09:05.0824 0444  [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
22:09:05.0917 0444  osppsvc - ok
22:09:05.0949 0444  [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
22:09:05.0949 0444  p2pimsvc - ok
22:09:05.0980 0444  [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc          C:\Windows\system32\p2psvc.dll
22:09:05.0980 0444  p2psvc - ok
22:09:06.0011 0444  [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
22:09:06.0011 0444  Parport - ok
22:09:06.0042 0444  [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
22:09:06.0042 0444  partmgr - ok
22:09:06.0058 0444  [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
22:09:06.0058 0444  Parvdm - ok
22:09:06.0073 0444  [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc          C:\Windows\System32\pcasvc.dll
22:09:06.0073 0444  PcaSvc - ok
22:09:06.0120 0444  [ 673E55C3498EB970088E812EA820AA8F ] pci             C:\Windows\system32\drivers\pci.sys
22:09:06.0120 0444  pci - ok
22:09:06.0151 0444  [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide          C:\Windows\system32\drivers\pciide.sys
22:09:06.0151 0444  pciide - ok
22:09:06.0151 0444  [ F396431B31693E71E8A80687EF523506 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
22:09:06.0167 0444  pcmcia - ok
22:09:06.0183 0444  [ 250F6B43D2B613172035C6747AEEB19F ] pcw             C:\Windows\system32\drivers\pcw.sys
22:09:06.0183 0444  pcw - ok
22:09:06.0214 0444  [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
22:09:06.0229 0444  PEAUTH - ok
22:09:06.0261 0444  [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
22:09:06.0292 0444  PeerDistSvc - ok
22:09:06.0354 0444  [ 2CF226173B467AB48F89D77E89936951 ] pgfilter        F:\Program Files\PeerGuardian2\pgfilter.sys
22:09:06.0354 0444  pgfilter - ok
22:09:06.0417 0444  [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla             C:\Windows\system32\pla.dll
22:09:06.0448 0444  pla - ok
22:09:06.0510 0444  [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
22:09:06.0526 0444  PlugPlay - ok
22:09:06.0573 0444  [ 12B4549D515CB26BB8D375038017CA65 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
22:09:06.0573 0444  Pml Driver HPZ12 - ok
22:09:06.0635 0444  [ 3A2E85F7D90D15460C337CE80C2E3B29 ] PnkBstrA        C:\Windows\system32\PnkBstrA.exe
22:09:06.0635 0444  PnkBstrA - ok
22:09:06.0666 0444  [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
22:09:06.0666 0444  PNRPAutoReg - ok
22:09:06.0682 0444  [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
22:09:06.0682 0444  PNRPsvc - ok
22:09:06.0729 0444  [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
22:09:06.0729 0444  PolicyAgent - ok
22:09:06.0760 0444  [ F87D30E72E03D579A5199CCB3831D6EA ] Power           C:\Windows\system32\umpo.dll
22:09:06.0760 0444  Power - ok
22:09:06.0791 0444  [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
22:09:06.0791 0444  PptpMiniport - ok
22:09:06.0807 0444  [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
22:09:06.0807 0444  Processor - ok
22:09:06.0853 0444  [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc         C:\Windows\system32\profsvc.dll
22:09:06.0853 0444  ProfSvc - ok
22:09:06.0869 0444  [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
22:09:06.0869 0444  ProtectedStorage - ok
22:09:06.0885 0444  [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
22:09:06.0885 0444  Psched - ok
22:09:06.0947 0444  [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
22:09:06.0978 0444  ql2300 - ok
22:09:06.0994 0444  [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
22:09:06.0994 0444  ql40xx - ok
22:09:07.0025 0444  [ 31AC809E7707EB580B2BDB760390765A ] QWAVE           C:\Windows\system32\qwave.dll
22:09:07.0025 0444  QWAVE - ok
22:09:07.0041 0444  [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
22:09:07.0041 0444  QWAVEdrv - ok
22:09:07.0056 0444  [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
22:09:07.0056 0444  RasAcd - ok
22:09:07.0087 0444  [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
22:09:07.0087 0444  RasAgileVpn - ok
22:09:07.0103 0444  [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto         C:\Windows\System32\rasauto.dll
22:09:07.0103 0444  RasAuto - ok
22:09:07.0119 0444  [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
22:09:07.0119 0444  Rasl2tp - ok
22:09:07.0181 0444  [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan          C:\Windows\System32\rasmans.dll
22:09:07.0181 0444  RasMan - ok
22:09:07.0212 0444  [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
22:09:07.0212 0444  RasPppoe - ok
22:09:07.0243 0444  [ 44101F495A83EA6401D886E7FD70096B ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
22:09:07.0243 0444  RasSstp - ok
22:09:07.0290 0444  [ D528BC58A489409BA40334EBF96A311B ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
22:09:07.0290 0444  rdbss - ok
22:09:07.0306 0444  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
22:09:07.0306 0444  rdpbus - ok
22:09:07.0337 0444  [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
22:09:07.0353 0444  RDPCDD - ok
22:09:07.0384 0444  [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
22:09:07.0384 0444  RDPDR - ok
22:09:07.0399 0444  [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
22:09:07.0399 0444  RDPENCDD - ok
22:09:07.0415 0444  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
22:09:07.0415 0444  RDPREFMP - ok
22:09:07.0446 0444  [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
22:09:07.0446 0444  RDPWD - ok
22:09:07.0493 0444  [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
22:09:07.0493 0444  rdyboost - ok
22:09:07.0524 0444  [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess    C:\Windows\System32\mprdim.dll
22:09:07.0524 0444  RemoteAccess - ok
22:09:07.0555 0444  [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
22:09:07.0555 0444  RemoteRegistry - ok
22:09:07.0618 0444  [ B60F58F175DE20A6739194E85B035178 ] rpcapd          C:\Program Files\WinPcap\rpcapd.exe
22:09:07.0618 0444  rpcapd - ok
22:09:07.0633 0444  [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
22:09:07.0633 0444  RpcEptMapper - ok
22:09:07.0649 0444  [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator      C:\Windows\system32\locator.exe
22:09:07.0649 0444  RpcLocator - ok
22:09:07.0665 0444  [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs           C:\Windows\system32\rpcss.dll
22:09:07.0665 0444  RpcSs - ok
22:09:07.0711 0444  [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
22:09:07.0711 0444  rspndr - ok
22:09:07.0758 0444  [ 3983CEA05BB855351D75F5482B6C42CE ] RTL8167         C:\Windows\system32\DRIVERS\Rt86win7.sys
22:09:07.0758 0444  RTL8167 - ok
22:09:07.0805 0444  [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
22:09:07.0805 0444  s3cap - ok
22:09:07.0836 0444  [ 81951F51E318AECC2D68559E47485CC4 ] SamSs           C:\Windows\system32\lsass.exe
22:09:07.0836 0444  SamSs - ok
22:09:07.0899 0444  [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
22:09:07.0899 0444  sbp2port - ok
22:09:07.0914 0444  SBRE - ok
22:09:07.0961 0444  [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
22:09:07.0961 0444  SCardSvr - ok
22:09:07.0992 0444  [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
22:09:07.0992 0444  scfilter - ok
22:09:08.0039 0444  [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule        C:\Windows\system32\schedsvc.dll
22:09:08.0039 0444  Schedule - ok
22:09:08.0086 0444  [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc     C:\Windows\System32\certprop.dll
22:09:08.0086 0444  SCPolicySvc - ok
22:09:08.0117 0444  [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
22:09:08.0133 0444  SDRSVC - ok
22:09:08.0148 0444  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
22:09:08.0164 0444  secdrv - ok
22:09:08.0195 0444  [ A59B3A4442C52060CC7A85293AA3546F ] seclogon        C:\Windows\system32\seclogon.dll
22:09:08.0195 0444  seclogon - ok
22:09:08.0211 0444  [ DCB7FCDCC97F87360F75D77425B81737 ] SENS            C:\Windows\system32\sens.dll
22:09:08.0226 0444  SENS - ok
22:09:08.0242 0444  [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc        C:\Windows\system32\sensrsvc.dll
22:09:08.0242 0444  SensrSvc - ok
22:09:08.0273 0444  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
22:09:08.0273 0444  Serenum - ok
22:09:08.0289 0444  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
22:09:08.0289 0444  Serial - ok
22:09:08.0304 0444  [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
22:09:08.0304 0444  sermouse - ok
22:09:08.0335 0444  [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv      C:\Windows\system32\sessenv.dll
22:09:08.0335 0444  SessionEnv - ok
22:09:08.0398 0444  [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
22:09:08.0398 0444  sffdisk - ok
22:09:08.0413 0444  [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
22:09:08.0413 0444  sffp_mmc - ok
22:09:08.0429 0444  [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
22:09:08.0429 0444  sffp_sd - ok
22:09:08.0429 0444  [ DB96666CC8312EBC45032F30B007A547 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
22:09:08.0429 0444  sfloppy - ok
22:09:08.0476 0444  [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
22:09:08.0476 0444  SharedAccess - ok
22:09:08.0491 0444  [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:09:08.0507 0444  ShellHWDetection - ok
22:09:08.0523 0444  [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp          C:\Windows\system32\drivers\sisagp.sys
22:09:08.0523 0444  sisagp - ok
22:09:08.0554 0444  [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
22:09:08.0554 0444  SiSRaid2 - ok
22:09:08.0569 0444  [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
22:09:08.0569 0444  SiSRaid4 - ok
22:09:08.0632 0444  [ 8C4F0DCC6A5100D48F9B2F950CDD220F ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
22:09:08.0632 0444  SkypeUpdate - ok
22:09:08.0663 0444  [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb             C:\Windows\system32\DRIVERS\smb.sys
22:09:08.0663 0444  Smb - ok
22:09:08.0694 0444  [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
22:09:08.0694 0444  SNMPTRAP - ok
22:09:08.0710 0444  [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr           C:\Windows\system32\drivers\spldr.sys
22:09:08.0710 0444  spldr - ok
22:09:08.0757 0444  [ 866A43013535DC8587C258E43579C764 ] Spooler         C:\Windows\System32\spoolsv.exe
22:09:08.0757 0444  Spooler - ok
22:09:08.0850 0444  [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc          C:\Windows\system32\sppsvc.exe
22:09:08.0913 0444  sppsvc - ok
22:09:08.0944 0444  [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
22:09:08.0944 0444  sppuinotify - ok
22:09:08.0991 0444  [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv             C:\Windows\system32\DRIVERS\srv.sys
22:09:08.0991 0444  srv - ok
22:09:08.0991 0444  [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
22:09:08.0991 0444  srv2 - ok
22:09:09.0006 0444  [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
22:09:09.0006 0444  srvnet - ok
22:09:09.0022 0444  [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
22:09:09.0037 0444  SSDPSRV - ok
22:09:09.0037 0444  [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
22:09:09.0037 0444  SstpSvc - ok
22:09:09.0053 0444  Steam Client Service - ok
22:09:09.0084 0444  [ DB32D325C192B801DF274BFD12A7E72B ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
22:09:09.0084 0444  stexstor - ok
22:09:09.0131 0444  [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc          C:\Windows\System32\wiaservc.dll
22:09:09.0131 0444  StiSvc - ok
22:09:09.0193 0444  [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
22:09:09.0193 0444  storflt - ok
22:09:09.0193 0444  [ 0BF669F0A910BEDA4A32258D363AF2A5 ] StorSvc         C:\Windows\system32\storsvc.dll
22:09:09.0193 0444  StorSvc - ok
22:09:09.0240 0444  [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
22:09:09.0240 0444  storvsc - ok
22:09:09.0287 0444  [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum          C:\Windows\system32\drivers\swenum.sys
22:09:09.0287 0444  swenum - ok
22:09:09.0303 0444  [ A28BD92DF340E57B024BA433165D34D7 ] swprv           C:\Windows\System32\swprv.dll
22:09:09.0303 0444  swprv - ok
22:09:09.0365 0444  [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain         C:\Windows\system32\sysmain.dll
22:09:09.0396 0444  SysMain - ok
22:09:09.0427 0444  [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
22:09:09.0427 0444  TabletInputService - ok
22:09:09.0474 0444  [ 613BF4820361543956909043A265C6AC ] TapiSrv         C:\Windows\System32\tapisrv.dll
22:09:09.0474 0444  TapiSrv - ok
22:09:09.0490 0444  [ B799D9FDB26111737F58288D8DC172D9 ] TBS             C:\Windows\System32\tbssvc.dll
22:09:09.0490 0444  TBS - ok
22:09:09.0552 0444  [ 7FA2E0F8B072BD04B77B421480B6CC22 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
22:09:09.0568 0444  Tcpip - ok
22:09:09.0615 0444  [ 7FA2E0F8B072BD04B77B421480B6CC22 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
22:09:09.0615 0444  TCPIP6 - ok
22:09:09.0661 0444  [ CCA24162E055C3714CE5A88B100C64ED ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
22:09:09.0661 0444  tcpipreg - ok
22:09:09.0708 0444  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
22:09:09.0708 0444  TDPIPE - ok
22:09:09.0739 0444  [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
22:09:09.0739 0444  TDTCP - ok
22:09:09.0786 0444  [ B459575348C20E8121D6039DA063C704 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
22:09:09.0786 0444  tdx - ok
22:09:09.0817 0444  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD          C:\Windows\system32\drivers\termdd.sys
22:09:09.0817 0444  TermDD - ok
22:09:09.0864 0444  [ 382C804C92811BE57829D8E550A900E2 ] TermService     C:\Windows\System32\termsrv.dll
22:09:09.0864 0444  TermService - ok
22:09:09.0911 0444  [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes          C:\Windows\system32\themeservice.dll
22:09:09.0911 0444  Themes - ok
22:09:09.0927 0444  [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER     C:\Windows\system32\mmcss.dll
22:09:09.0927 0444  THREADORDER - ok
22:09:09.0958 0444  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks          C:\Windows\System32\trkwks.dll
22:09:09.0958 0444  TrkWks - ok
22:09:10.0005 0444  [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:09:10.0005 0444  TrustedInstaller - ok
22:09:10.0036 0444  [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
22:09:10.0051 0444  tssecsrv - ok
22:09:10.0098 0444  [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
22:09:10.0098 0444  TsUsbFlt - ok
22:09:10.0145 0444  [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
22:09:10.0145 0444  tunnel - ok
22:09:10.0161 0444  [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
22:09:10.0161 0444  uagp35 - ok
22:09:10.0176 0444  [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
22:09:10.0192 0444  udfs - ok
22:09:10.0223 0444  [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
22:09:10.0223 0444  UI0Detect - ok
22:09:10.0270 0444  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
22:09:10.0270 0444  uliagpkx - ok
22:09:10.0285 0444  [ D295BED4B898F0FD999FCFA9B32B071B ] umbus           C:\Windows\system32\drivers\umbus.sys
22:09:10.0285 0444  umbus - ok
22:09:10.0317 0444  [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
22:09:10.0317 0444  UmPass - ok
22:09:10.0348 0444  [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService    C:\Windows\System32\umrdp.dll
22:09:10.0363 0444  UmRdpService - ok
22:09:10.0426 0444  [ 833FBB672460EFCE8011D262175FAD33 ] upnphost        C:\Windows\System32\upnphost.dll
22:09:10.0426 0444  upnphost - ok
22:09:10.0473 0444  [ 73B41F4EAD65F355962168D766AF0F2E ] USBAAPL         C:\Windows\system32\Drivers\usbaapl.sys
22:09:10.0488 0444  USBAAPL - ok
22:09:10.0519 0444  [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
22:09:10.0519 0444  usbccgp - ok
22:09:10.0566 0444  [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
22:09:10.0566 0444  usbcir - ok
22:09:10.0582 0444  [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
22:09:10.0582 0444  usbehci - ok
22:09:10.0613 0444  [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
22:09:10.0613 0444  usbhub - ok
22:09:10.0644 0444  [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
22:09:10.0644 0444  usbohci - ok
22:09:10.0675 0444  [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
22:09:10.0675 0444  usbprint - ok
22:09:10.0691 0444  [ F991AB9CC6B908DB552166768176896A ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:09:10.0691 0444  USBSTOR - ok
22:09:10.0707 0444  [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
22:09:10.0707 0444  usbuhci - ok
22:09:10.0722 0444  [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms           C:\Windows\System32\uxsms.dll
22:09:10.0722 0444  UxSms - ok
22:09:10.0738 0444  [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc        C:\Windows\system32\lsass.exe
22:09:10.0738 0444  VaultSvc - ok
22:09:10.0753 0444  [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
22:09:10.0753 0444  vdrvroot - ok
22:09:10.0785 0444  [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds             C:\Windows\System32\vds.exe
22:09:10.0800 0444  vds - ok
22:09:10.0831 0444  [ 17C408214EA61696CEC9C66E388B14F3 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
22:09:10.0831 0444  vga - ok
22:09:10.0863 0444  [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave         C:\Windows\System32\drivers\vga.sys
22:09:10.0863 0444  VgaSave - ok
22:09:10.0909 0444  [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
22:09:10.0909 0444  vhdmp - ok
22:09:10.0941 0444  [ C829317A37B4BEA8F39735D4B076E923 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
22:09:10.0941 0444  viaagp - ok
22:09:10.0956 0444  [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7           C:\Windows\system32\DRIVERS\viac7.sys
22:09:10.0956 0444  ViaC7 - ok
22:09:10.0987 0444  [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide          C:\Windows\system32\drivers\viaide.sys
22:09:10.0987 0444  viaide - ok
22:09:11.0003 0444  [ C2F2911156FDC7817C52829C86DA494E ] vmbus           C:\Windows\system32\drivers\vmbus.sys
22:09:11.0003 0444  vmbus - ok
22:09:11.0034 0444  [ D4D77455211E204F370D08F4963063CE ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
22:09:11.0034 0444  VMBusHID - ok
22:09:11.0050 0444  [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
22:09:11.0050 0444  volmgr - ok
22:09:11.0065 0444  [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
22:09:11.0065 0444  volmgrx - ok
22:09:11.0128 0444  [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
22:09:11.0128 0444  volsnap - ok
22:09:11.0159 0444  [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
22:09:11.0159 0444  vsmraid - ok
22:09:11.0206 0444  [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS             C:\Windows\system32\vssvc.exe
22:09:11.0253 0444  VSS - ok
22:09:11.0284 0444  [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
22:09:11.0284 0444  vwifibus - ok
22:09:11.0315 0444  [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time         C:\Windows\system32\w32time.dll
22:09:11.0315 0444  W32Time - ok
22:09:11.0331 0444  [ DE3721E89C653AA281428C8A69745D90 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
22:09:11.0331 0444  WacomPen - ok
22:09:11.0362 0444  [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
22:09:11.0362 0444  WANARP - ok
22:09:11.0362 0444  [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
22:09:11.0362 0444  Wanarpv6 - ok
22:09:11.0440 0444  [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
22:09:11.0487 0444  WatAdminSvc - ok
22:09:11.0533 0444  [ 691E3285E53DCA558E1A84667F13E15A ] wbengine        C:\Windows\system32\wbengine.exe
22:09:11.0565 0444  wbengine - ok
22:09:11.0596 0444  [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
22:09:11.0596 0444  WbioSrvc - ok
22:09:11.0643 0444  [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc         C:\Windows\System32\wcncsvc.dll
22:09:11.0643 0444  wcncsvc - ok
22:09:11.0674 0444  [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:09:11.0674 0444  WcsPlugInService - ok
22:09:11.0689 0444  [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd              C:\Windows\system32\DRIVERS\wd.sys
22:09:11.0689 0444  Wd - ok
22:09:11.0721 0444  [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
22:09:11.0721 0444  Wdf01000 - ok
22:09:11.0736 0444  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
22:09:11.0736 0444  WdiServiceHost - ok
22:09:11.0752 0444  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
22:09:11.0752 0444  WdiSystemHost - ok
22:09:11.0783 0444  [ A9D880F97530D5B8FEE278923349929D ] WebClient       C:\Windows\System32\webclnt.dll
22:09:11.0783 0444  WebClient - ok
22:09:11.0830 0444  [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc          C:\Windows\system32\wecsvc.dll
22:09:11.0830 0444  Wecsvc - ok
22:09:11.0845 0444  [ AC804569BB2364FB6017370258A4091B ] wercplsupport   C:\Windows\System32\wercplsupport.dll
22:09:11.0845 0444  wercplsupport - ok
22:09:11.0861 0444  [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc          C:\Windows\System32\WerSvc.dll
22:09:11.0861 0444  WerSvc - ok
22:09:11.0892 0444  [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
22:09:11.0892 0444  WfpLwf - ok
22:09:11.0908 0444  [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
22:09:11.0908 0444  WIMMount - ok
22:09:11.0955 0444  [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
22:09:12.0001 0444  WinDefend - ok
22:09:12.0001 0444  WinHttpAutoProxySvc - ok
22:09:12.0064 0444  [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
22:09:12.0064 0444  Winmgmt - ok
22:09:12.0111 0444  [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM           C:\Windows\system32\WsmSvc.dll
22:09:12.0157 0444  WinRM - ok
22:09:12.0220 0444  [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
22:09:12.0235 0444  WinUsb - ok
22:09:12.0267 0444  [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc         C:\Windows\System32\wlansvc.dll
22:09:12.0313 0444  Wlansvc - ok
22:09:12.0423 0444  [ 5E7C103F8475C4289847D15E129C20F7 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
22:09:12.0485 0444  wlidsvc - ok
22:09:12.0532 0444  [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
22:09:12.0532 0444  WmiAcpi - ok
22:09:12.0547 0444  [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
22:09:12.0563 0444  wmiApSrv - ok
22:09:12.0641 0444  [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
22:09:12.0657 0444  WMPNetworkSvc - ok
22:09:12.0688 0444  [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc          C:\Windows\System32\wpcsvc.dll
22:09:12.0688 0444  WPCSvc - ok
22:09:12.0719 0444  [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
22:09:12.0719 0444  WPDBusEnum - ok
22:09:12.0750 0444  [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
22:09:12.0750 0444  ws2ifsl - ok
22:09:12.0766 0444  [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc          C:\Windows\system32\wscsvc.dll
22:09:12.0766 0444  wscsvc - ok
22:09:12.0766 0444  WSearch - ok
22:09:12.0844 0444  [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv        C:\Windows\system32\wuaueng.dll
22:09:12.0891 0444  wuauserv - ok
22:09:12.0906 0444  [ E714A1C0354636837E20CCBF00888EE7 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
22:09:12.0906 0444  WudfPf - ok
22:09:12.0953 0444  [ 1023EE888C9B47178C5293ED5336AB69 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
22:09:12.0953 0444  WUDFRd - ok
22:09:13.0015 0444  [ 8D1E1E529A2C9E9B6A85B55A345F7629 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
22:09:13.0015 0444  wudfsvc - ok
22:09:13.0031 0444  [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc         C:\Windows\System32\wwansvc.dll
22:09:13.0047 0444  WwanSvc - ok
22:09:13.0078 0444  XDva389 - ok
22:09:13.0093 0444  XDva391 - ok
22:09:13.0109 0444  XDva392 - ok
22:09:13.0109 0444  XDva394 - ok
22:09:13.0125 0444  XDva397 - ok
22:09:13.0203 0444  [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService  C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
22:09:13.0218 0444  YahooAUService - ok
22:09:13.0218 0444  ================ Scan global ===============================
22:09:13.0265 0444  [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
22:09:13.0296 0444  [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\Windows\system32\winsrv.dll
22:09:13.0296 0444  [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\Windows\system32\winsrv.dll
22:09:13.0343 0444  [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
22:09:13.0359 0444  [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
22:09:13.0374 0444  [Global] - ok
22:09:13.0374 0444  ================ Scan MBR ==================================
22:09:13.0374 0444  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
22:09:13.0437 0444  \Device\Harddisk0\DR0 - ok
22:09:13.0437 0444  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
22:09:13.0764 0444  \Device\Harddisk1\DR1 - ok
22:09:13.0764 0444  ================ Scan VBR ==================================
22:09:13.0764 0444  [ 324D392529ADA95A7E8465425E9F3B51 ] \Device\Harddisk0\DR0\Partition1
22:09:13.0764 0444  \Device\Harddisk0\DR0\Partition1 - ok
22:09:13.0780 0444  [ 2D384005C9C2C409BEE2D2B77B14C6B7 ] \Device\Harddisk1\DR1\Partition1
22:09:13.0780 0444  \Device\Harddisk1\DR1\Partition1 - ok
22:09:13.0811 0444  [ 264AB2310AB8BB7B0D33B4CE8F8BC479 ] \Device\Harddisk1\DR1\Partition2
22:09:13.0811 0444  \Device\Harddisk1\DR1\Partition2 - ok
22:09:13.0811 0444  ============================================================
22:09:13.0811 0444  Scan finished
22:09:13.0811 0444  ============================================================
22:09:13.0811 1744  Detected object count: 0
22:09:13.0811 1744  Actual detected object count: 0
22:09:22.0999 0472  Deinitialize success
 

 

==AdwCleaner Results==

 

# AdwCleaner v2.113 - Logfile created 03/03/2013 at 22:10:52
# Updated 23/02/2013 by Xplode
# Operating system : Windows 7 Professional Service Pack 1 (32 bits)
# User : Telesis - TELESIS-PC
# Boot Mode : Safe mode with networking
# Running from : C:\Users\Telesis\Desktop\AdwCleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\END
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Users\Telesis\AppData\Local\Conduit
Folder Deleted : C:\Users\Telesis\AppData\Local\Google\Chrome\User Data\Default\Extensions\knkakpihealnpggeceajhaonlmgdkaip
Folder Deleted : C:\Users\Telesis\AppData\LocalLow\Conduit

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Google\Chrome\Extensions\knkakpihealnpggeceajhaonlmgdkaip
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\StartSearch
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2704262
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\Freeze.com
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\knkakpihealnpggeceajhaonlmgdkaip
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.7601.17514

[OK] Registry is clean.

-\\ Mozilla Firefox v19.0 (en-US)

File : C:\Users\Telesis\AppData\Roaming\Mozilla\Firefox\Profiles\y0j2hf25.default\prefs.js

C:\Users\Telesis\AppData\Roaming\Mozilla\Firefox\Profiles\y0j2hf25.default\user.js ... Deleted !

Deleted : user_pref("extensions.freecorder@freecorder.com.menuitems", "[{\"name\":\"Freecorder Menu Header\",\[...]

-\\ Google Chrome v25.0.1364.97

File : C:\Users\Telesis\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [3006 octets] - [03/03/2013 22:10:52]

########## EOF - C:\AdwCleaner[S1].txt - [3066 octets] ##########
 

 

==ESET Scan Results== *Probably the most significant*

 

C:\Users\Telesis\AppData\Local\Google\Chrome\User Data\Default\Default\aadgdededddfdidjggdbdcdgdedgdjgc\background.html    Win32/BHO.OEI trojan    cleaned by deleting - quarantined
C:\Users\Telesis\AppData\Local\Google\Chrome\User Data\Default\Default\aadgdededddfdidjggdbdcdgdedgdjgc\ContentScript.js    Win32/BHO.OEI trojan    cleaned by deleting - quarantined
C:\Users\Telesis\AppData\Local\{3F3EAC3C-BD5E-11E1-8270-B8AC6F996F26}\manager.js    JS/Redirector.NCG trojan    cleaned by deleting - quarantined
C:\Users\Telesis\AppData\Roaming\Mozilla\Firefox\Profiles\y0j2hf25.default\prefs.js    JS/SecurityDisabler.A.Gen application    cleaned by deleting - quarantined
C:\Users\Telesis\AppData\Roaming\Mozilla\Firefox\Profiles\y0j2hf25.default\extensions\olzrghkhrl@olzrghkhrl.org.xpi    JS/Redirector.NCA trojan    deleted - quarantined
C:\Users\Telesis\Downloads\xfire_installer_46025.exe    Win32/OpenCandy application    cleaned by deleting - quarantined
 

 

So that's all the logs...how is my machine looking so far?



#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,489 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:19 AM

Posted 04 March 2013 - 09:04 PM

It's looking much better.. I would suspect you infected yourself from downloading infected torrents..
 
Go into Control Panel >> uninstall and remove these. Older versions are expoitable.
 
Adobe Reader X
Java 7 Update 9 (Version: 7.0.90)
Remove any toolbars you really dont use
I am not a tool bar fan and most are spywaere anyway.
 
Reboot
Install...
Adobe Reader XI
Java 7 Update 17
 
 
Can you Update and run Malwarebytes now?
 
Please download and scan with SUPERAntiSpyware Free
  • Double-click SUPERAntiSypware.exe and use the default settings for installation.
    For instructions with screenshots, please refer to the How to use SUPERAntiSpyware to scan and remove malware from your computer Guide.
  • An icon will be created on your desktop. Double-click that icon to launch the program.
  • If it will not start, go to Start > All Prgrams > SUPERAntiSpyware and click on Alternate Start.
  • If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download them from here. Double-click on the hyperlink for Download Installer and save SASDEFINITIONS.EXE to your desktop. Then double-click on SASDEFINITIONS.EXE to install the definitions.
  • )
  • In the Main Menu, click the Preferences... button.
    • Click the "General and Startup" tab, and under Start-up Options, make sure "Start SUPERAntiSpyware when Windows starts" box is unchecked.
      • Click the "Scanning Control" tab, and under Scanner Options, make sure the following are checked (leave all other options as they are set):
        • Close browsers before scanning.
          • Scan for tracking cookies.
            • Terminate memory threats before quarantining.
        • Click the "Close" button to leave the Control Center screen.
          • Back on the main screen, under "Select Scan Type" check the box for Complete Scan.
            • If your computer is badly infected, be sure to check the box next to Enable Rescue Scan (Highly Infected Systems ONLY).
              • Click the Scan your computer... button.
                • After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
                  • Make sure everything has a checkmark next to it and click "Next".
                    • A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
                      • If asked if you want to reboot, click "Yes" and reboot normally.
                      To retrieve the scan log after reboot, launch SUPERAntiSpyware again.
                      • Click the View Scan Logs button at the bottom.
                        • This will open the Scanner Logs Window.
                          • Click on the log to highlight it and then click on View Selected Log to open it.
                            • Copy and paste the scan log results in your next reply.
                            -- Some types of malware will disable security tools. If SUPERAntiSpyware will not install, please refer to these instructions for using the SUPERAntiSpyware Installer. If SUPERAntiSpyware is already installed but will not run, then follow the instructions for using RUNSAS.EXE to launch the program. 
                             
                             
                             
                            And a RootKit check.
                             
                            Please download aswMBR ( 4.5MB ) to your desktop.
                            • Double click the aswMBR.exe icon, and click Run.
                            • When asked if you'd like to "download the latest Avast! virus definitions", click Yes.
                            • Click the Scan button to start the scan.
                            • On completion of the scan, click the  save log button, save it to your desktop, then copy and paste it in your next reply.
                            How is it Now??

Edited by boopme, 04 March 2013 - 09:04 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 ckbruin

ckbruin
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:19 PM

Posted 04 March 2013 - 11:18 PM

Unable to uninstall since Windows Installer does not function in Safe Mode...tried going to normal start-up in order to uninstall when I found that I still cannot: Open Malwarebytes, Navigate Firefox, or use Windows Installer. In addition, computer seems just as slow as before.

Back in Safe Mode + Networking, I installed SUPERAntiSpyware and am running a complete scan. Results look good (bad?) at the moment as it's find a lot of tracking cookie adware. Will post log when it's done.

 

EDIT: Computer froze during the scan, but on the screen before it froze it showed (what I believe to be) 292 tracking cookie adware, and 1 trojan hidden within my system.  Should I try and scan again / try using Rescue Scan option, or...?


Edited by ckbruin, 05 March 2013 - 12:03 AM.


#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,489 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:19 AM

Posted 05 March 2013 - 09:15 PM

Download Windows Repair (all in one) from this site

Install the program then run it.

Go to Step 2 and allow it to run CheckDisk by clicking on Do It button:





Once that is done then skip Steps 3 and 4.

Go to Start Repairs tab and click Start button.




Please ensure that ONLY items seen in the image below are ticked as indicated (they're all checked by default)(if you see extra items not shown, leave them un-checked):



Click on box next to the Restart System when Finished. Then click on Start.
 


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 ckbruin

ckbruin
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:19 PM

Posted 06 March 2013 - 12:10 AM

And this should be done in safe mode (since I can't get normal start-up working anyway)?

 

And what about the SUPERAntiSpyware scan? Perform this first before going back and scanning?


Edited by ckbruin, 06 March 2013 - 12:11 AM.


#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,489 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:19 AM

Posted 06 March 2013 - 10:56 AM

Yes and yes.. trying to straighten out some system issues first


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#11 ckbruin

ckbruin
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:19 PM

Posted 06 March 2013 - 08:18 PM

After performing Windows Repairs, normal start-up worked enough to complete the SUPERAntiSpyware scan.  Here it is:

 

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 03/06/2013 at 03:47 PM

Application Version : 5.6.1014

Core Rules Database Version : 10084
Trace Rules Database Version: 7896

Scan type       : Complete Scan
Total Scan Time : 01:07:27

Operating System Information
Windows 7 Professional 32-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Limited User

Memory items scanned      : 700
Memory threats detected   : 0
Registry items scanned    : 40676
Registry threats detected : 0
File items scanned        : 118009
File threats detected     : 905
 

Adware.Tracking Cookie

(There were 904 of these - cut them out of the log since it would make this post a LOT longer, not sure if you want the directories for all of them?)

 

Trojan.Agent/Gen-Frauder
    F:\PROGRAM FILES\SEGA\RENEGADE OPS\LAUNCHER.EXE

 

 

^This log confirms your suspicion that I got this from an infected torrent.  Note to self: Never torrent again unless I'm really desperate :P

 

Now the aswMBR log:

 

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-03-06 16:07:15
-----------------------------
16:07:15.405    OS Version: Windows 6.1.7601 Service Pack 1
16:07:15.405    Number of processors: 4 586 0x170A
16:07:15.405    ComputerName: TELESIS-PC  UserName: Telesis
16:07:16.465    Initialize success
16:11:33.146    AVAST engine defs: 13030601
16:12:55.904    Disk 0  \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-1
16:12:55.904    Disk 0 Vendor: WDC_WD5000AAKS-00V1A0 05.01D05 Size: 476940MB BusType: 3
16:12:55.904    Disk 1 (boot) \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP2T0L0-2
16:12:55.920    Disk 1 Vendor: ST3160815AS 4.AAA Size: 152627MB BusType: 3
16:12:55.936    Disk 1 MBR read successfully
16:12:55.936    Disk 1 MBR scan
16:12:55.951    Disk 1 Windows 7 default MBR code
16:12:55.967    Disk 1 Partition 1 80 (A) 07    HPFS/NTFS NTFS          100 MB offset 2048
16:12:55.982    Disk 1 Partition 2 00     07    HPFS/NTFS NTFS       152525 MB offset 206848
16:12:55.998    Disk 1 scanning sectors +312578048
16:12:56.076    Disk 1 scanning C:\Windows\system32\drivers
16:13:25.279    Service scanning
16:14:26.775    Modules scanning
16:14:53.185    Disk 1 trace - called modules:
16:14:53.201    ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll ataport.SYS intelide.sys PCIIDEX.SYS atapi.sys
16:14:53.201    1 nt!IofCallDriver -> \Device\Harddisk1\DR1[0x861cd950]
16:14:53.201    3 CLASSPNP.SYS[8b3b959e] -> nt!IofCallDriver -> [0x85cd0930]
16:14:53.217    5 ACPI.sys[8b0ad3d4] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-2[0x85d03030]
16:14:57.101    AVAST engine scan C:\Windows
16:15:02.623    AVAST engine scan C:\Windows\system32
16:22:15.160    AVAST engine scan C:\Windows\system32\drivers
16:22:38.654    AVAST engine scan C:\Users\Telesis
16:44:22.201    AVAST engine scan C:\ProgramData
16:48:42.000    Scan finished successfully
16:52:01.227    Disk 1 MBR has been saved successfully to "C:\Users\Telesis\Desktop\MBR.dat"
16:52:01.235    The log file has been saved successfully to "C:\Users\Telesis\Desktop\aswMBR.txt"


Computer is running significantly better than before, and Malwarebytes is functioning - seems this problem is almost resolved!  Thanks for your help!  Anything else to add? (In the middle of uninstalling older Adobe + Java versions)



#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,489 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:19 AM

Posted 06 March 2013 - 09:04 PM

I think we are in good shape .. Run these last 2 tools,they are quick.

 

Junkware Removal Tool
thisisujrt.gif  Please download to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

 

 

 

>>>>

Please download TFC (Temp File Cleaner) by Old Timer and save it to your desktop.
Alternate
download link

  • Save any unsaved work. TFC will close ALL open programs including your browser!
  • Double-click on TFC.exe to run it. If you are using Vista, right-click on the file and choose  Run As Administrator.
  • Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
  • TFC will clear out all temp folders for all user accounts (temp, IE temp, Java, FF, Opera, Chrome, Safari), including Administrator, All Users, LocalService, NetworkService, and any other accounts in the user folder.
  • Important!
  • If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway to ensure a complete clean.

Note: It is normal for the computer to be slow to boot after running TFC cleaner the first time.

 

 

 

 

Below I am copying our quietman7's comments on torrents etc..

 

The practice of using torrents, cracking tools, keygens, warez or any pirated software is not only considered illegal activity but it is a serious security risk.
 

Cracking applications are used for illegally breaking (cracking) various copy-protection and registration techniques used in commercial software. These programs may be distributed via Web sites, Usenet, and P2P networks.

trendmicro.com/vinfo
 

...warez and crack web pages are being used by cybercriminals as download sites for malware related to VIRUT and VIRUX. Searches for serial numbers, cracks, and even antivirus products like Trend Micro yield malcodes that come in the form of executables or self-extracting files...quick links in these sites also lead to malicious files. Ads and banners are also infection vectors...

Keygen and Crack Sites Distribute VIRUX and FakeAV
 

...warez/piracy sites ranked the highest in downloading spyware...just opening the web page usually sets off an exploit, never mind actually downloading anything. And by the time the malware is finished downloading, often the machine is trashed and rendered useless.

University of Washington spyware study
 

...One of the most aggressive and intrusive of all bad websites on the Internet are serial, warez, software cracking type sites...they sneak malware onto your system...Where do trojan viruses originate? One of the biggest malware distributors on the Internet are serial/warez/code cracking sites.

Bad Web Sites: Malware
 

...a staggering 59% of the key generators and crack tools downloaded from P2P networks represent a security liability since they contain malicious and unwanted code. "25% of the Web sites we accessed offering counterfeit product keys, pirated software, key generators or crack tools attempted to install either malicious software or potentially unwanted software. A significant number of these Web sites attempted to install malicious or unwanted code...In addition to the peer-to-peer networks, 11% of the key generators and crack tools downloaded from Web sites were also plagued by malicious and unwanted software.

Microsoft Reveals the Risks of Using Pirated XP and Office
Whatever You Do, Do Not Download Windows 7 Via Torrent Sites

When you use these kind of programs, be forewarned that some of the worst types of malware infections can be contracted and spread by visiting crack, keygen, warez and other pirated software sites. In many cases, those sites are infested with a smörgåsbord of malware and an increasing source of system infection. Those who attempt to get software for free can end up with a computer system so badly damaged that recovery is not possible and it cannot be repaired. When that happens there is nothing you can do besides reformatting and reinstalling a legitimate OS.

Using these types of programs or the websites visited to get them is almost a guaranteed way to get yourself infected!!


Edited by boopme, 06 March 2013 - 09:14 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#13 ckbruin

ckbruin
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:19 PM

Posted 07 March 2013 - 07:55 PM

JRT log:

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.6.9 (03.06.2013:1)
OS: Windows 7 Professional x86
Ran by Telesis on Wed 03/06/2013 at 23:00:07.58
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully deleted: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\toolbar\\{ef99bd32-c1fb-11d2-892f-0090271d4f88}



~~~ Registry Keys

Successfully deleted: [Registry Key] hkey_classes_root\yt.ytnavassistplugin
Successfully deleted: [Registry Key] hkey_classes_root\yt.ytnavassistplugin.1
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{ef99bd32-c1fb-11d2-892f-0090271d4f88}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\w3i"
Successfully deleted: [Folder] "C:\Program Files\w3i"
Successfully deleted: [Folder] "C:\Windows\system32\ai_recyclebin"



~~~ FireFox

Emptied folder: C:\Users\Telesis\AppData\Roaming\mozilla\firefox\profiles\y0j2hf25.default\minidumps [207 files]



~~~ Chrome

Dumping contents of C:\Users\Telesis\appdata\local\Google\Chrome\User Data\Default\Default
C:\Users\Telesis\appdata\local\Google\Chrome\User Data\Default\Default\aadgdededddfdidjggdbdcdgdedgdjgc
C:\Users\Telesis\appdata\local\Google\Chrome\User Data\Default\Default\aadgdededddfdidjggdbdcdgdedgdjgc\manifest.json

Successfully deleted: [Folder] C:\Users\Telesis\appdata\local\Google\Chrome\User Data\Default\Default [Default Extension 1.0]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 03/06/2013 at 23:02:35.65
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

 

Below I am copying our quietman7's comments on torrents etc..

 

The practice of using torrents, cracking tools, keygens, warez or any pirated software is not only considered illegal activity but it is a serious security risk.
 

Cracking applications are used for illegally breaking (cracking) various copy-protection and registration techniques used in commercial software. These programs may be distributed via Web sites, Usenet, and P2P networks.

trendmicro.com/vinfo
 

>

...warez and crack web pages are being used by cybercriminals as download sites for malware related to VIRUT and VIRUX. Searches for serial numbers, cracks, and even antivirus products like Trend Micro yield malcodes that come in the form of executables or self-extracting files...quick links in these sites also lead to malicious files. Ads and banners are also infection vectors...

Keygen and Crack Sites Distribute VIRUX and FakeAV
 

...warez/piracy sites ranked the highest in downloading spyware...just opening the web page usually sets off an exploit, never mind actually downloading anything. And by the time the malware is finished downloading, often the machine is trashed and rendered useless.

University of Washington spyware study
 

...One of the most aggressive and intrusive of all bad websites on the Internet are serial, warez, software cracking type sites...they sneak malware onto your system...Where do trojan viruses originate? One of the biggest malware distributors on the Internet are serial/warez/code cracking sites.

Bad Web Sites: Malware
 

...a staggering 59% of the key generators and crack tools downloaded from P2P networks represent a security liability since they contain malicious and unwanted code. "25% of the Web sites we accessed offering counterfeit product keys, pirated software, key generators or crack tools attempted to install either malicious software or potentially unwanted software. A significant number of these Web sites attempted to install malicious or unwanted code...In addition to the peer-to-peer networks, 11% of the key generators and crack tools downloaded from Web sites were also plagued by malicious and unwanted software.

Microsoft Reveals the Risks of Using Pirated XP and Office
Whatever You Do, Do Not Download Windows 7 Via Torrent Sites

When you use these kind of programs, be forewarned that some of the worst types of malware infections can be contracted and spread by visiting crack, keygen, warez and other pirated software sites. In many cases, those sites are infested with a smörgåsbord of malware and an increasing source of system infection. Those who attempt to get software for free can end up with a computer system so badly damaged that recovery is not possible and it cannot be repaired. When that happens there is nothing you can do besides reformatting and reinstalling a legitimate OS.

Using these types of programs or the websites visited to get them is almost a guaranteed way to get yourself infected!!

 

^ Understood.

 

Windows had to install 70+ updates (since I'm guessing one of the tools I used reset all the Windows Updates I already had?), but all is good now.  TFC successfully ran, and deleted a lot of temp. files on my hard drives.



#14 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,489 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:19 AM

Posted 07 March 2013 - 09:43 PM

Excellent.. Looks good.

 

In Control Panel>> Uninstall... Uninstall

 

Java 7 Update 9 (Version: 7.0.90)

Reboot and install

Version 7 Update 17

http://www.java.com/en/download/index.jsp

 

 

Now you should Create a New Restore Point

(alternate method

) to prevent possible reinfection from an old one. Some of the malware you picked up could have been

backed up, renamed and saved in System Restore. Since this is a protected directory your tools cannot access to delete these files, they

sometimes can reinfect your system if you accidentally use an old restore point. Setting a new restore point AFTER cleaning your system will

help prevent this and enable your computer to "roll-back" to a clean working state.

The easiest and safest way to

do this is:

  • Go to Start > All Programs > Accessories > System Tools and click "

    System Restore".

  • Choose the radio button marked "Create a Restore Point" on the first screen then click "

    Next". Give the R.P. a name, then click "Create". The new point will be stamped with the current date and time. Keep a log of this

    so you can find it easily should you need to use System Restore.


Then use Disk Cleanup to remove all but the newly created Restore Point.


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#15 ckbruin

ckbruin
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:19 PM

Posted 09 March 2013 - 04:53 AM

Done and done.  Anything else?






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users