Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

WINRSCMDE USING 100% OF MY CPU / "SVCHOST"


  • Please log in to reply
16 replies to this topic

#1 patrickbutters

patrickbutters

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:07:45 AM

Posted 19 March 2013 - 01:11 PM

I ve been having problems for the last 2 days i do not know what i did wrong to get this and i would like some help plz and ty



BC AdBot (Login to Remove)

 


#2 patrickbutters

patrickbutters
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:07:45 AM

Posted 19 March 2013 - 01:13 PM

I ve been having problems for the last 2 days i do not know what i did wrong to get this and i would like some help plz and ty

o yah im running a windows 7 home premium 64 bit if that helps any



#3 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:45 AM

Posted 19 March 2013 - 01:16 PM

  • Please download TDSSKiller from here and save it to your Desktop
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters


    tds2.jpg
     
  • Check Loaded Modules  and Detect TDLFS file systemDo not check Verify file digital signatures (even though it is checked in the example)
  • If you are asked to reboot because an "Extended Monitoring Driver is required" please click Reboot now


    2012081514h0118.png
     
  • Click Start Scan and allow the scan process to run
     
  • If threats are detected select Skip for all of them unless I instruct you otherwise
  • Click Continue


    tds6.jpg
     
  • Click Reboot computer
  • Please post the contents of  TDSSKiller.[Version]_[Date]_[Time]_log.txt found in your root directory (typically c:\)in your reply


===================================================


aswMBR

--------------------
 

  • Download aswMBR and save it to your desktop.
  • Please disable your real time protection of any Antivirus, Antispyware or Antimalware programs temporarily. They will interfere and may cause unexpected results.
  • If you need help to disable your protection programs see here
  • Double click the aswMBR.exe file to run it. Please allow when you are asked to download AVAST antivirus engine defs.
  • Wait until the AV update is done, then click on the Scan button to start. The program will launch a scan.


    aswMBR1.png
  • When done, you will see Scan finished successfully. Please click on Save log and save the file to your desktop.


    aswMBR2.png
  • Please post the contents of the log in your next reply.

NOTE:  aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.


===================================================


ESET Online Scanner

--------------------

I'd like us to scan your machine with ESET OnlineScan  This process may may take several hours, that is normal



  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png  button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the icon on your desktop.

    esetsmartinstaller_enu.png

  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Copy and paste the information in your next reply.   Note:  If no malware was found you will not get a log.
  • Click the Back button.
  • Click the Finish button.


===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:
 

  • TDSSKiller log
  • aswMBR log
  • ESET results


#4 patrickbutters

patrickbutters
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:07:45 AM

Posted 19 March 2013 - 02:28 PM

sry i think i got it to work


Edited by patrickbutters, 19 March 2013 - 02:37 PM.


#5 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:45 AM

Posted 19 March 2013 - 02:32 PM

Skip ASWMBR for now.

 

Try to start it in normal mode.If that doesnt work boot into normal mode and post the logs.

 

You may have issues posting TDSSkiller log.Just post last few lines alone.

 

Allow TDSSkiller to do its default options like Cure or SKIP .Do not change it



#6 patrickbutters

patrickbutters
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:07:45 AM

Posted 19 March 2013 - 03:53 PM

do you want me to post the devices that was posted after the scan was finished on the TDSSkiller log because i see 4 different TDSSkiller logs in  c:\ drive one has 4kb , 915kb , 4kb , and 469kb ???

and another thing that im confused with do you want me to open up 1 of those logs and copy and paste that on this forum? sry for the inconvience



#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:45 AM

Posted 19 March 2013 - 04:08 PM

I just need the recent one.Open it,copy the last few lines of the log,paste it.I need it together with ESET online scan log.



#8 patrickbutters

patrickbutters
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:07:45 AM

Posted 19 March 2013 - 10:04 PM

15:01:33.0387 4184  Detected object count: 2
15:01:33.0387 4184  Actual detected object count: 2
15:05:31.0880 4184  \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - skipped by user
15:05:31.0880 4184  \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Skip
15:05:31.0880 4184  \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
15:05:31.0880 4184  \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
15:12:42.0556 4420  Deinitialize success

 

aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2013-03-19 15:32:58
-----------------------------
15:32:58.401    OS Version: Windows x64 6.1.7601 Service Pack 1
15:32:58.401    Number of processors: 2 586 0x602
15:32:58.401    ComputerName: OWNER-HP  UserName: owner
15:34:00.486    Initialize success
15:34:36.341    AVAST engine defs: 13031900
15:36:06.268    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000062
15:36:06.284    Disk 0 Vendor: ST350041 HP35 Size: 476940MB BusType: 11
15:36:06.284    Device \Driver\amdsata -> MajorFunction fffffa80038575e8
15:36:06.299    Disk 0 MBR read successfully
15:36:06.315    Disk 0 MBR scan
15:36:06.315    Disk 0 unknown MBR code
15:36:06.362    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS          100 MB offset 2048
15:36:06.424    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS       463568 MB offset 206848
15:36:06.486    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS        13270 MB offset 949594112
15:36:06.596    Disk 0 scanning C:\Windows\system32\drivers
15:37:06.887    Service scanning
15:39:25.921    Modules scanning
15:39:25.936    Disk 0 trace - called modules:
15:39:26.061    ntoskrnl.exe CLASSPNP.SYS disk.sys amdxata.sys >>UNKNOWN [0xfffffa80038575e8]<<
15:39:26.077    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80031e5410]
15:39:26.092    3 CLASSPNP.SYS[fffff88001b0943f] -> nt!IofCallDriver -> [0xfffffa8003185040]
15:39:26.092    5 amdxata.sys[fffff880010727a8] -> nt!IofCallDriver -> \Device\00000062[0xfffffa800317f060]
15:39:26.108    \Driver\amdsata[0xfffffa800383da70] -> IRP_MJ_CREATE -> 0xfffffa80038575e8
15:39:34.407    AVAST engine scan C:\Windows
15:39:58.026    AVAST engine scan C:\Windows\system32
15:45:35.916    AVAST engine scan C:\Windows\system32\drivers
15:46:02.531    AVAST engine scan C:\Users\owner
15:53:09.084    Disk 0 MBR has been saved successfully to "C:\Users\owner\Desktop\MBR.dat"
15:53:09.097    The log file has been saved successfully to "C:\Users\owner\Desktop\aswMBR.txt"
16:05:34.812    AVAST engine scan C:\ProgramData
16:12:39.425    Scan finished successfully
16:16:35.830    Disk 0 MBR has been saved successfully to "C:\Users\owner\Desktop\MBR.dat"
16:16:35.840    The log file has been saved successfully to "C:\Users\owner\Desktop\aswMBR.txt"

 

C:\Users\All Users\Microsoft\Windows\DRM\EAAF.tmp Win64/Olmarik.AY trojan 
C:\Users\All Users\Microsoft\Windows\DRM\EAB0.tmp Win64/Olmarik.AY trojan 
C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarApp.dll a variant of Win32/Toolbar.Babylon application cleaned by deleting - quarantined
C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarEng.dll Win32/Toolbar.Babylon application cleaned by deleting - quarantined
C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarsrv.exe probably a variant of Win32/Toolbar.Babylon application cleaned by deleting - quarantined
C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll Win32/Toolbar.Babylon application cleaned by deleting - quarantined
C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll Win32/Toolbar.Babylon application cleaned by deleting - quarantined
C:\ProgramData\Microsoft\Windows\DRM\EAAF.tmp Win64/Olmarik.AY trojan cleaned by deleting - quarantined
C:\ProgramData\Microsoft\Windows\DRM\EAB0.tmp Win64/Olmarik.AY trojan cleaned by deleting - quarantined
C:\Users\owner\Downloads\flstudio-10.0.9c.exe Win32/OpenCandy application cleaned by deleting - quarantined
C:\Users\owner\RSWebclients\ErasedPkz\ErasedPkzCache.zip a variant of Java/JShrink.A application deleted - quarantined
C:\Users\owner\RSWebclients\ErasedPkz\JFrame\WorldMap\WorldMap.jar a variant of Java/JShrink.A application cleaned by deleting - quarantined
C:\Users\owner\RSWebclients\InsidiaX\InsidiaXCache.zip a variant of Java/JShrink.A application deleted - quarantined
C:\Users\owner\RSWebclients\InsidiaX\JFrame\WorldMap\WorldMap.jar a variant of Java/JShrink.A application cleaned by deleting - quarantined
C:\Users\Public\Downloads\Collapse2_TryGames-dm.exe a variant of Win32/Adware.Trymedia.A application cleaned by deleting - quarantined



#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:45 AM

Posted 19 March 2013 - 10:06 PM

Run TDSSkiller again and select CURE for

 

12:03:57.0286 4264  \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Skip

 

and skip TDSSfilesystem

 

Restart the PC and run TDSSkiller again and if rootkit is not detected this time,select DELETE for


12:03:57.0286 4264  \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user

 

Malwarebytes

--------------------

Please download Malwarebytes Anti-Malware and save it to your desktop.  If you already have it installed launch the program and update the database.

  • Make sure you are connected to the Internet and double-click on the it to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings except to uncheck any offer for a free Pro trial version
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.

Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.


===================================================


Farbar's MiniToolBox

--------------------

  • Please download MiniToolBox, save it to your desktop
  • Please close any Firefox browsers you may have open
  • Double click the MiniToolBox.jpg icon to launch the program
  • Make sure the following options are checked:

    • Flush DNS
    • Report IE Proxy Settings
    • Reset IE Proxy Settings
    • Report FF Proxy Settings
    • Reset FF Proxy Settings
    • List content of Hosts
    • List IP configuration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List Installed Programs
    • List Devices
    • List Users, Partitions and Memory size.
  • Click Go and once the scan is completed a Result.txt Notepad document will open on your desktop
  • Please copy and paste the contents in your reply


===================================================


Farbar's Service Scanner

--------------------

Please download Farbar Service Scanner, save it to your desktop, and run it.

  • Make sure the following options are checked:

    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


===================================================


AdwCleaner by Xplode - Search for Adware

-------------------

  • Please download AdwCleaner by Xplode onto your desktop.
  • Double click on AdwCleaner.exe, select OK, then Run
  • Click on DELETE
  • A logfile will automatically open after the scan has finished
  • Copy and paste the contents in your reply
  • You can find the logfile at C:\AdwCleaner[R1].txt as well


===================================================


Junkware Removal Tooll by thisisu

-------------------

  • Please download Junkware Removal Tool and save it to your desktop.
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Right-mouse click JRT.exe and select Run as administrator (Windows XP double click the icon)
  • Please allow the program time to run
  • Once completed a Notepad document will open on your desktop
  • Copy and paste the contents in your reply


===================================================


Rkill

-------------------

Please download Rkill by Grinler from one of the 4 links below (if one of them does not work try another...) and save it to your desktop:


  • In order for Rkill to run properly you must disable your anti-malware software.  Please refer to this page if you are not sure how.
  • Double-click on Rkill. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
    • Note:  You may have to run Rkill a few times before it is successful.  You may also have to download Rkill from a different link which will save it as a different file name.
  • A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
  • An Rkill.log will appear.  Please copy and paste the contents in your reply (file also located at c:\rkill.log)
  • Do not reboot your computer after running Rkill as the malware programs will start again.  If your computer reboots, run Rkill again before continuing on to the next step.
  • If nothing happens or if the tool does not run, please let me know in your next reply.


===================================================


Autoruns

--------------------

  • Please download AutoRuns and save it to your desktop
  • Double click the AutoRuns.zip folder
  • Double click autoruns.exe (not autorunsc.exe), select Run, then Run again and allow the information to populate
  • Select File, Save, Desktop (in the left hand pane), then Save filename as Autoruns.txt and change Save as type to  Text(*.txt).
  • Double click on the text file,copy and paste the contents in your reply


===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • Malwarebytes log
  • MiniToolBox log
  • Farbar's Service Scanner log
  • AdwCleaner log
  • Junkware Removal Tool log
  • Rkill log
  • Autoruns log

 



#10 patrickbutters

patrickbutters
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:07:45 AM

Posted 20 March 2013 - 12:03 AM

hi im having a problem with the autoruns log there are a crap ton on txt in that file and it isnt letting me post it i have everything else ready to go but this autorun log is confusing to me



#11 patrickbutters

patrickbutters
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:07:45 AM

Posted 20 March 2013 - 12:05 AM

hi im having a problem with the autoruns log there are a crap ton on txt in that file and it isnt letting me post it i have everything else ready to go but this autorun log is confusing to me

 figured it out will post all info you need shortly



#12 patrickbutters

patrickbutters
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:07:45 AM

Posted 20 March 2013 - 12:24 AM

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Database version: v2013.03.19.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
owner :: OWNER-HP [administrator]

3/19/2013 11:27:02 PM
mbam-log-2013-03-19 (23-27-02).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 210294
Time elapsed: 4 minute(s), 22 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 3
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110011221158} (Adware.GamePlayLab) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011221158} (Adware.GamePlayLab) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{65bcd620-07dd-012f-819f-073cf1b8f7c6} (Adware.GamePlayLab) -> Quarantined and deleted successfully.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 5
C:\Program Files (x86)\I Want This (Adware.GamePlayLab) -> Quarantined and deleted successfully.
C:\Users\owner\Local Settings\Application Data\I Want This (Adware.GamePlayLab) -> Quarantined and deleted successfully.
C:\Users\owner\Local Settings\Application Data\I Want This\Chrome (Adware.GamePlayLab) -> Quarantined and deleted successfully.
C:\Users\owner\AppData\Local\I Want This (Adware.GamePlayLab) -> Quarantined and deleted successfully.
C:\Users\owner\AppData\Local\I Want This\Chrome (Adware.GamePlayLab) -> Quarantined and deleted successfully.

Files Detected: 10
C:\Windows\svchost.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files (x86)\I Want This\I Want This.ini (Adware.GamePlayLab) -> Quarantined and deleted successfully.
C:\Program Files (x86)\I Want This\appAPIinternalWrapper.js (Adware.GamePlayLab) -> Quarantined and deleted successfully.
C:\Program Files (x86)\I Want This\I Want This.ico (Adware.GamePlayLab) -> Quarantined and deleted successfully.
C:\Program Files (x86)\I Want This\I Want ThisGui.exe (Adware.GamePlayLab) -> Quarantined and deleted successfully.
C:\Program Files (x86)\I Want This\I Want ThisInstaller.log (Adware.GamePlayLab) -> Quarantined and deleted successfully.
C:\Program Files (x86)\I Want This\json.js (Adware.GamePlayLab) -> Quarantined and deleted successfully.
C:\Program Files (x86)\I Want This\Uninstall.exe (Adware.GamePlayLab) -> Quarantined and deleted successfully.
C:\Users\owner\Local Settings\Application Data\I Want This\Chrome\I Want This.crx (Adware.GamePlayLab) -> Quarantined and deleted successfully.
C:\Users\owner\AppData\Local\I Want This\Chrome\I Want This.crx (Adware.GamePlayLab) -> Quarantined and deleted successfully.

(end)

 

 

MiniToolBox by Farbar  Version:05-03-2013
Ran by owner (administrator) on 19-03-2013 at 23:43:41
Running from "C:\Users\owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\47IQ21Q5"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

 

========================= IP Configuration: ================================

Realtek PCIe FE Family Controller = Local Area Connection 2 (Connected)
802.11n Wireless LAN Card = Wireless Network Connection 2 (Connected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 3 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global defaultcurhoplimit=64 icmpredirects=enabled
add route prefix=0.0.0.0/0 interface="ethernet_10" nexthop=5.0.0.1 publish=Yes
set interface interface="Local Area Connection" forwarding=disabled advertise=disabled mtu=1500 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled
set interface interface="Wireless Network Connection" forwarding=disabled advertise=disabled mtu=1500 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled
set interface interface="Local Area Connection 2" forwarding=disabled advertise=disabled mtu=1500 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled
set interface interface="Wireless Network Connection 2" forwarding=disabled advertise=disabled mtu=1500 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled
set interface interface="ethernet_10" forwarding=disabled advertise=disabled metric=9000 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled


popd
# End of IPv4 configuration

 

Windows IP Configuration

   Host Name . . . . . . . . . . . . : owner-HP
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : hsd1.mi.comcast.net.

Wireless LAN adapter Wireless Network Connection 3:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
   Physical Address. . . . . . . . . : 1C-65-9D-69-40-3F
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 2:

   Connection-specific DNS Suffix  . : hsd1.mi.comcast.net.
   Description . . . . . . . . . . . : 802.11n Wireless LAN Card #2
   Physical Address. . . . . . . . . : 1C-65-9D-69-40-3E
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : fd9f:18f3:6af5:0:c55f:dca9:9519:aeff(Preferred)
   Temporary IPv6 Address. . . . . . : fd9f:18f3:6af5:0:d68:b3d8:f943:8773(Preferred)
   Link-local IPv6 Address . . . . . : fe80::c55f:dca9:9519:aeff%14(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.109(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Tuesday, March 19, 2013 11:38:31 PM
   Lease Expires . . . . . . . . . . : Wednesday, March 20, 2013 11:38:33 PM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 370959773
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-24-04-2A-70-71-BC-A0-23-7A
   DNS Servers . . . . . . . . . . . : 75.75.76.76
                                       75.75.75.75
                                       192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection 2:

   Connection-specific DNS Suffix  . : hsd1.mi.comcast.net.
   Description . . . . . . . . . . . : Realtek PCIe FE Family Controller #2
   Physical Address. . . . . . . . . : 70-71-BC-B8-E9-AC
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : fd9f:18f3:6af5:0:e42c:352c:a72b:a6d9(Preferred)
   Temporary IPv6 Address. . . . . . : fd9f:18f3:6af5:0:f57c:6caa:ea1e:3944(Preferred)
   Link-local IPv6 Address . . . . . : fe80::e42c:352c:a72b:a6d9%13(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.108(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Tuesday, March 19, 2013 11:38:28 PM
   Lease Expires . . . . . . . . . . : Wednesday, March 20, 2013 11:38:28 PM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 326136252
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-24-04-2A-70-71-BC-A0-23-7A
   DNS Servers . . . . . . . . . . . : 75.75.76.76
                                       75.75.75.75
                                       192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.gha.chartermi.net:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:3093:9e2:3f57:fe93(Preferred)
   Link-local IPv6 Address . . . . . : fe80::3093:9e2:3f57:fe93%16(Preferred)
   Default Gateway . . . . . . . . . :
   NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.hsd1.mi.comcast.net.:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : hsd1.mi.comcast.net.
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{92764976-A8F0-4E8B-B70F-7A9D1A764510}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{A3308DC7-0CF7-4063-B6CC-F1D6968ABE81}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter 6TO4 Adapter:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 12:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #5
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  cdns02.comcast.net
Address:  75.75.76.76

Name:    google.com
Addresses:  2607:f8b0:4009:803::1002
   74.125.225.135
   74.125.225.133
   74.125.225.137
   74.125.225.130
   74.125.225.142
   74.125.225.128
   74.125.225.136
   74.125.225.132
   74.125.225.131
   74.125.225.134
   74.125.225.129


Pinging google.com [74.125.225.142] with 32 bytes of data:
Reply from 74.125.225.142: bytes=32 time=19ms TTL=54
Reply from 74.125.225.142: bytes=32 time=20ms TTL=54

Ping statistics for 74.125.225.142:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 19ms, Maximum = 20ms, Average = 19ms
Server:  cdns02.comcast.net
Address:  75.75.76.76

DNS request timed out.
    timeout was 2 seconds.
Name:    yahoo.com
Addresses:  98.138.253.109
   206.190.36.45
   98.139.183.24


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=570ms TTL=49
Reply from 98.139.183.24: bytes=32 time=555ms TTL=51

Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 555ms, Maximum = 570ms, Average = 562ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=64
Reply from 127.0.0.1: bytes=32 time<1ms TTL=64

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 18...1c 65 9d 69 40 3f ......Microsoft Virtual WiFi Miniport Adapter
 14...1c 65 9d 69 40 3e ......802.11n Wireless LAN Card #2
 13...70 71 bc b8 e9 ac ......Realtek PCIe FE Family Controller #2
  1...........................Software Loopback Interface 1
 15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 16...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 23...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
 20...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
 19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
 22...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
 36...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #5
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1    192.168.1.108     20
          0.0.0.0          0.0.0.0      192.168.1.1    192.168.1.109     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link     192.168.1.108    276
      192.168.1.0    255.255.255.0         On-link     192.168.1.109    281
    192.168.1.108  255.255.255.255         On-link     192.168.1.108    276
    192.168.1.109  255.255.255.255         On-link     192.168.1.109    281
    192.168.1.255  255.255.255.255         On-link     192.168.1.108    276
    192.168.1.255  255.255.255.255         On-link     192.168.1.109    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.1.108    276
        224.0.0.0        240.0.0.0         On-link     192.168.1.109    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.1.108    276
  255.255.255.255  255.255.255.255         On-link     192.168.1.109    281
===========================================================================
Persistent Routes:
  Network Address          Netmask  Gateway Address  Metric
          0.0.0.0          0.0.0.0          5.0.0.1  Default
===========================================================================

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 16     58 2001::/32                On-link
 16    306 2001:0:9d38:6ab8:3093:9e2:3f57:fe93/128
                                    On-link
 13     28 fd9f:18f3:6af5::/64      On-link
 14     33 fd9f:18f3:6af5::/64      On-link
 14    281 fd9f:18f3:6af5:0:d68:b3d8:f943:8773/128
                                    On-link
 14    281 fd9f:18f3:6af5:0:c55f:dca9:9519:aeff/128
                                    On-link
 13    276 fd9f:18f3:6af5:0:e42c:352c:a72b:a6d9/128
                                    On-link
 13    276 fd9f:18f3:6af5:0:f57c:6caa:ea1e:3944/128
                                    On-link
 13    276 fe80::/64                On-link
 14    281 fe80::/64                On-link
 16    306 fe80::/64                On-link
 16    306 fe80::3093:9e2:3f57:fe93/128
                                    On-link
 14    281 fe80::c55f:dca9:9519:aeff/128
                                    On-link
 13    276 fe80::e42c:352c:a72b:a6d9/128
                                    On-link
  1    306 ff00::/8                 On-link
 16    306 ff00::/8                 On-link
 13    276 ff00::/8                 On-link
 14    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 08 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304] (Microsoft Corporation)
x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 08 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (03/19/2013 11:07:26 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc3c5
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x816e34ac
Faulting process id: 0x1540
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3

Error: (03/19/2013 10:28:57 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc3c5
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x50a96dfa
Faulting process id: 0x1a54
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3

Error: (03/19/2013 07:49:44 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc3c5
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0xd96e5350
Faulting process id: 0x11c4
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3

Error: (03/19/2013 07:16:24 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc3c5
Faulting module name: MSHTML.dll, version: 9.0.8112.16470, time stamp: 0x510c9046
Exception code: 0xc0000005
Fault offset: 0x00434709
Faulting process id: 0xe20
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3

Error: (03/19/2013 05:45:41 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc3c5
Faulting module name: MSHTML.dll, version: 9.0.8112.16470, time stamp: 0x510c9046
Exception code: 0xc0000005
Fault offset: 0x002bf8b2
Faulting process id: 0x1254
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3

Error: (03/19/2013 05:13:41 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc3c5
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x8301890c
Faulting process id: 0x1b9c
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3

Error: (03/19/2013 04:33:51 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc3c5
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x85e96e38
Faulting process id: 0x1bf8
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3

Error: (03/19/2013 04:21:24 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (03/19/2013 04:20:24 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (03/19/2013 03:57:41 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc3c5
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x73dac9f1
Faulting process id: 0x5b0
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3


System errors:
=============
Error: (03/19/2013 11:38:29 PM) (Source: Service Control Manager) (User: )
Description: The Client Virtualization Handler service depends on the Application Virtualization Client service which failed to start because of the following error:
%%1058

Error: (03/19/2013 11:19:52 PM) (Source: Service Control Manager) (User: )
Description: The Client Virtualization Handler service depends on the Application Virtualization Client service which failed to start because of the following error:
%%1058

Error: (03/19/2013 03:20:10 PM) (Source: Service Control Manager) (User: )
Description: The Client Virtualization Handler service depends on the Application Virtualization Client service which failed to start because of the following error:
%%1058

Error: (03/19/2013 03:19:42 PM) (Source: BugCheck) (User: )
Description: 0x0000001e (0xffffffff80000004, 0xfffff80002ee850c, 0x0000000000000000, 0x0000000000000000)C:\Windows\Minidump\031913-53305-01.dmp031913-53305-01

Error: (03/19/2013 03:19:42 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 3:17:28 PM on ?3/?19/?2013 was unexpected.

Error: (03/19/2013 02:51:45 PM) (Source: Service Control Manager) (User: )
Description: The Client Virtualization Handler service depends on the Application Virtualization Client service which failed to start because of the following error:
%%1058

Error: (03/19/2013 02:45:53 PM) (Source: Service Control Manager) (User: )
Description: The Client Virtualization Handler service depends on the Application Virtualization Client service which failed to start because of the following error:
%%1058

Error: (03/19/2013 02:35:37 PM) (Source: Service Control Manager) (User: )
Description: The Client Virtualization Handler service depends on the Application Virtualization Client service which failed to start because of the following error:
%%1058

Error: (03/19/2013 11:27:10 AM) (Source: Service Control Manager) (User: )
Description: The Client Virtualization Handler service depends on the Application Virtualization Client service which failed to start because of the following error:
%%1058

Error: (03/19/2013 04:06:12 AM) (Source: Service Control Manager) (User: )
Description: The Client Virtualization Handler service depends on the Application Virtualization Client service which failed to start because of the following error:
%%1058


Microsoft Office Sessions:
=========================
Error: (03/19/2013 11:07:26 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc3c5unknown0.0.0.000000000c0000005816e34ac154001ce2513c02d67a5\\.\globalroot\systemroot\svchost.exeunknown4aa1e17d-910b-11e2-80b3-7071bcb8e9ac

Error: (03/19/2013 10:28:57 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc3c5unknown0.0.0.000000000c000000550a96dfa1a5401ce24fd34d8653e\\.\globalroot\systemroot\svchost.exeunknownea317b58-9105-11e2-80b3-7071bcb8e9ac

Error: (03/19/2013 07:49:44 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc3c5unknown0.0.0.000000000c0000005d96e535011c401ce24f90391ef00\\.\globalroot\systemroot\svchost.exeunknownabf7afc1-90ef-11e2-80b3-7071bcb8e9ac

Error: (03/19/2013 07:16:24 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc3c5MSHTML.dll9.0.8112.16470510c9046c000000500434709e2001ce24ec272e75d9\\.\globalroot\systemroot\svchost.exeC:\Windows\system32\MSHTML.dll0440257c-90eb-11e2-80b3-7071bcb8e9ac

Error: (03/19/2013 05:45:41 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc3c5MSHTML.dll9.0.8112.16470510c9046c0000005002bf8b2125401ce24e774865905\\.\globalroot\systemroot\svchost.exeC:\Windows\system32\MSHTML.dll57bcb2ba-90de-11e2-80b3-7071bcb8e9ac

Error: (03/19/2013 05:13:41 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc3c5unknown0.0.0.000000000c00000058301890c1b9c01ce24e28dbaa8f0\\.\globalroot\systemroot\svchost.exeunknowndf2f3ef0-90d9-11e2-80b3-7071bcb8e9ac

Error: (03/19/2013 04:33:51 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc3c5unknown0.0.0.000000000c000000585e96e381bf801ce24dd68460635\\.\globalroot\systemroot\svchost.exeunknown4eef5323-90d4-11e2-80b3-7071bcb8e9ac

Error: (03/19/2013 04:21:24 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\47IQ21Q5\esetsmartinstaller_enu.exe

Error: (03/19/2013 04:20:24 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\47IQ21Q5\esetsmartinstaller_enu.exe

Error: (03/19/2013 03:57:41 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc3c5unknown0.0.0.000000000c000000573dac9f15b001ce24d8e7702403\\.\globalroot\systemroot\svchost.exeunknown419e5dcf-90cf-11e2-80b3-7071bcb8e9ac


=========================== Installed Programs ============================

ActiveCheck component for HP Active Support Library (Version: 3.0.0.3)
Adobe AIR (Version: 1.5.3.9130)
Adobe Flash Player 11 ActiveX (Version: 11.6.602.180)
Adobe Flash Player 11 Plugin (Version: 11.6.602.180)
Adobe Shockwave Player 11.6 (Version: 11.6.3.633)
Anti-phishing Domain Advisor (Version: 1.0.0.0)
ATI Catalyst Install Manager (Version: 3.0.774.0)
Babylon toolbar on IE
Bandisoft MPEG-1 Decoder
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Core Implementation (Version: 2010.0511.2153.37435)
Catalyst Control Center Graphics Full Existing (Version: 2010.0511.2153.37435)
Catalyst Control Center Graphics Full New (Version: 2010.0511.2153.37435)
Catalyst Control Center Graphics Light (Version: 2010.0511.2153.37435)
Catalyst Control Center Graphics Previews Vista (Version: 2010.0511.2153.37435)
Catalyst Control Center InstallProxy (Version: 2010.0511.2153.37435)
Catalyst Control Center Localization All (Version: 2010.0511.2153.37435)
CCC Help Chinese Standard (Version: 2010.0511.2152.37435)
CCC Help Chinese Traditional (Version: 2010.0511.2152.37435)
CCC Help Czech (Version: 2010.0511.2152.37435)
CCC Help Danish (Version: 2010.0511.2152.37435)
CCC Help Dutch (Version: 2010.0511.2152.37435)
CCC Help English (Version: 2010.0511.2152.37435)
CCC Help Finnish (Version: 2010.0511.2152.37435)
CCC Help French (Version: 2010.0511.2152.37435)
CCC Help German (Version: 2010.0511.2152.37435)
CCC Help Greek (Version: 2010.0511.2152.37435)
CCC Help Hungarian (Version: 2010.0511.2152.37435)
CCC Help Italian (Version: 2010.0511.2152.37435)
CCC Help Japanese (Version: 2010.0511.2152.37435)
CCC Help Korean (Version: 2010.0511.2152.37435)
CCC Help Norwegian (Version: 2010.0511.2152.37435)
CCC Help Polish (Version: 2010.0511.2152.37435)
CCC Help Portuguese (Version: 2010.0511.2152.37435)
CCC Help Russian (Version: 2010.0511.2152.37435)
CCC Help Spanish (Version: 2010.0511.2152.37435)
CCC Help Swedish (Version: 2010.0511.2152.37435)
CCC Help Thai (Version: 2010.0511.2152.37435)
CCC Help Turkish (Version: 2010.0511.2152.37435)
ccc-core-static (Version: 2010.0511.2153.37435)
ccc-utility64 (Version: 2010.0511.2153.37435)
CinemaNow Media Manager (Version: 1.9.1.105)
Cisco Connect (Version: 1.4.12263.1)
CyberLink DVD Suite Deluxe (Version: 7.0.2823)
DVD Menu Pack for HP MediaSmart Video (Version: 4.1.4030)
ESET Online Scanner v3
Google Chrome (Version: 25.0.1364.172)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.4.3607.2246)
Google Update Helper (Version: 1.3.21.135)
Heroes of Might and Magic V
Hi-Rez Studios Authenticate and Update Service (Version: 3.0.0.0)
HP Advisor (Version: 3.4.10262.3295)
HP Customer Experience Enhancements (Version: 6.0.1.4)
HP Deskjet 2050 J510 series Basic Device Software (Version: 22.50.231.0)
HP Deskjet 2050 J510 series Help (Version: 140.0.61.61)
HP Deskjet 2050 J510 series Product Improvement Study (Version: 22.50.231.0)
HP MediaSmart CinemaNow 2.0 (Version: 2.0)
HP MediaSmart DVD (Version: 4.1.4229)
HP MediaSmart Music (Version: 4.1.4301)
HP MediaSmart Photo (Version: 4.1.4211)
HP MediaSmart SmartMenu (Version: 3.1.1.12)
HP MediaSmart Video (Version: 4.1.4214)
HP MediaSmart Webcam (Version: 4.1.3107)
HP MediaSmart/TouchSmart Netflix (Version: 1.0.3.0)
HP My Display (Version: 1.00.165)
HP Odometer (Version: 2.10.0000)
HP Setup (Version: 8.1.4186.3400)
HP Support Information (Version: 10.1.0002)
HP Update (Version: 5.005.000.002)
HP Vision Hardware Diagnostics (Version: 2.1.4.0)
HPAsset component for HP Active Support Library (Version: 3.0.0.3)
iolo technologies' System Mechanic (Version: 11.5.2)
Java Auto Updater (Version: 2.0.6.1)
Java™ 6 Update 29 (Version: 6.0.290)
Junk Mail filter update (Version: 14.0.8089.726)
Kobo
League of Legends (Version: 1.3)
Left 4 Dead 2
LightScribe System Software (Version: 1.18.15.1)
Logitech G930 (Version: 1.0.364)
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office Home and Business 2010 - English (Version: 14.0.6114.5002)
Microsoft Office Starter 2010 - English (Version: 14.0.4763.1000)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
Movie Theme Pack for HP MediaSmart Video (Version: 4.1.4030)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Nexon Game Manager
Norton Online Backup (Version: 2.1.17869)
Norton Security Suite (Version: 20.2.0.19)
Pando Media Booster (Version: 2.6.0.8)
PDF Complete Special Edition (Version: 3.5.111)
PhotoNow! (Version: 1.1.6904)
PictureMover (Version: 3.5.0.28)
PlayReady PC Runtime amd64 (Version: 1.3.0)
Power2Go (Version: 6.1.4022)
PowerDirector (Version: 8.0.2906)
PressReader (Version: 5.10.621.0)
Realtek High Definition Audio Driver (Version: 6.0.1.6146)
Recovery Manager (Version: 5.5.3025)
Roxio CinemaNow 2.0 (Version: 1.0.284)
SDK (Version: 2.22.002)
Sid Meier's Civilization V
Simple Adblock (Version: 1.1.5)
Skype Click to Call (Version: 6.6.11664)
Skype™ 6.1 (Version: 6.1.129)
Smite (Version: 0.1.1376.3)
Steam (Version: 1.0.0.0)
Stronghold 2 (Version: 1.40.1000)
swMSM (Version: 12.0.0.1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update Installer for WildTangent Games App
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
Ventrilo Client (Version: 3.0.8)
Warcraft III
WildTangent Games App (HP Games) (Version: 4.0.5.36)
Windows Live Call (Version: 14.0.8064.0206)
Windows Live Communications Platform (Version: 14.0.8064.206)
Windows Live Essentials (Version: 14.0.8089.0726)
Windows Live Essentials (Version: 14.0.8089.726)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
Windows Live Mail (Version: 14.0.8089.0726)
Windows Live Messenger (Version: 14.0.8089.0726)
Windows Live Photo Gallery (Version: 14.0.8081.709)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Live Writer (Version: 14.0.8089.0726)
World of Warcraft (Version: 5.2.0.16650)

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 46%
Total physical RAM: 2815.3 MB
Available physical RAM: 1514.4 MB
Total Pagefile: 5628.8 MB
Available Pagefile: 4150.6 MB
Total Virtual: 4095.88 MB
Available Virtual: 3962.86 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:452.7 GB) (Free:314.35 GB) NTFS
2 Drive d: (HP_RECOVERY) (Fixed) (Total:12.96 GB) (Free:1.59 GB) NTFS

========================= Users: ========================================

User accounts for \\OWNER-HP

Administrator            Guest                    owner                   


**** End of log ****

 

 

Farbar Service Scanner Version: 03-03-2013
Ran by owner (administrator) on 19-03-2013 at 23:49:13
Running from "C:\Users\owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9I5M4LST"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

 

 

# AdwCleaner v2.115 - Logfile created 03/19/2013 at 23:51:48
# Updated 17/03/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : owner - OWNER-HP
# Boot Mode : Normal
# Running from : C:\Users\owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HT0Z3Z6Y\AdwCleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\END
File Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
File Deleted : C:\user.js
File Deleted : C:\Users\Public\Desktop\eBay.lnk
Folder Deleted : C:\Program Files (x86)\BabylonToolbar
Folder Deleted : C:\ProgramData\Anti-phishing Domain Advisor
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\Users\owner\AppData\Local\Babylon
Folder Deleted : C:\Users\owner\AppData\Local\blekkotb
Folder Deleted : C:\Users\owner\AppData\LocalLow\BabylonToolbar
Folder Deleted : C:\Users\owner\AppData\Roaming\Babylon

***** [Registry] *****

Key Deleted : HKCU\Software\Alexa Internet
Key Deleted : HKCU\Software\AppDataLow\Software\blekkotb
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\I Want This
Key Deleted : HKCU\Software\BabylonToolbar
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\BabylonToolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\b
Key Deleted : HKLM\SOFTWARE\Classes\Babylon.dskBnd
Key Deleted : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore
Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Deleted : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
Key Deleted : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BabylonToolbarsrv_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BabylonToolbarsrv_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\I Want This_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\I Want This_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Anti-phishing Domain Advisor
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Anti-phishing Domain Advisor]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16470

[OK] Registry is clean.

-\\ Google Chrome v25.0.1364.172

File : C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted [l.15] : homepage = "hxxp://www.amazon.com/websearch/ref=bit_bds-amzn_serp_home?ie=UTF8&tagbase=bds-am[...]
Deleted [l.19] : urls_to_restore_on_startup = [ "hxxp://www.amazon.com/websearch/ref=bit_bds-amzn_serp_home[...]
Deleted [l.47] : keyword = "blekko",
Deleted [l.50] : search_url = "hxxp://blekko.com/?source=c3348dd4&tbp=rbox&toolbarid=blekkotb&u=20120430DDAF46[...]
Deleted [l.1624] : homepage = "hxxp://www.amazon.com/websearch/ref=bit_bds-amzn_serp_home?ie=UTF8&tagbase=bds-amzn&[...]
Deleted [l.1904] : urls_to_restore_on_startup = [ "hxxp://www.amazon.com/websearch/ref=bit_bds-amzn_serp_home?ie[...]

*************************

AdwCleaner[S1].txt - [9760 octets] - [19/03/2013 23:51:48]

########## EOF - C:\AdwCleaner[S1].txt - [9820 octets] ##########

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.7.2 (03.15.2013:1)
OS: Windows 7 Home Premium x64
Ran by owner on Wed 03/20/2013 at  0:08:08.57
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 


~~~ Services

 

~~~ Registry Values

 

~~~ Registry Keys

 

~~~ Files

 

~~~ Folders

Successfully deleted: [Folder] "C:\Users\owner\AppData\Roaming\registry mechanic"

 

~~~ Event Viewer Logs were cleared

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 03/20/2013 at  0:19:26.68
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" ""
+ "rdpclip" "" "" "File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "hpsysdrv" "hpsysdrv" "Hewlett-Packard" "c:\program files (x86)\hewlett-packard\hp odometer\hpsysdrv.exe"
+ "RtHDVCpl" "Realtek HD Audio Manager" "Realtek Semiconductor" "c:\program files\realtek\audio\hda\ravcpl64.exe"
+ "SmartMenu" "SmartMenu" "" "c:\program files\hewlett-packard\hp mediasmart\smartmenu.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "HP Software Update" "hpwuSchd Application" "Hewlett-Packard" "c:\program files (x86)\hp\hp software update\hpwuschd2.exe"
+ "Logitech G930" "Logitech© G930 Headset" "Logitech©" "c:\program files (x86)\logitech\g930\g930.exe"
+ "Norton Online Backup" "Norton Online Backup Service" "Symantec Corporation" "c:\program files (x86)\symantec\norton online backup\nobuclient.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Google Chrome" "Google Chrome" "Google Inc." "c:\program files (x86)\google\chrome\application\25.0.1364.172\installer\chrmstp.exe"
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKLM\SOFTWARE\Classes\Protocols\Handler" "" "" ""
+ "skype-ie-addon-data" "Skype Click to Call for Internet Explorer" "Skype Technologies S.A." "c:\program files (x86)\skype\toolbars\internet explorer x64\skypeieplugin.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "BUContextMenu" "Backup Shell" "Symantec Corporation" "c:\program files (x86)\norton security suite\engine64\20.2.0.19\bushell.dll"
+ "Incinerator" "iolo Incinerator ®" "iolo technologies, LLC" "c:\windows\system32\incinerator64.dll"
+ "Symantec.Norton.Antivirus.IEContextMenu" "Symantec Shared Component Shell Extension Module" "Symantec Corporation" "c:\program files (x86)\norton security suite\engine64\20.2.0.19\navshext.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "Incinerator" "iolo Incinerator ®" "iolo technologies, LLC" "c:\windows\syswow64\incinerator32.dll"
"HKLM\Software\Classes\*\ShellEx\PropertySheetHandlers" "" "" ""
+ "BuPropertySheet" "Backup Shell" "Symantec Corporation" "c:\program files (x86)\norton security suite\engine64\20.2.0.19\bushell.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "Incinerator" "iolo Incinerator ®" "iolo technologies, LLC" "c:\windows\system32\incinerator64.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "Incinerator" "iolo Incinerator ®" "iolo technologies, LLC" "c:\windows\syswow64\incinerator32.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "ACE" "AMD Desktop Control Panel" "Advanced Micro Devices, Inc." "c:\program files (x86)\ati technologies\ati.ace\core-static\atiacm64.dll"
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "BUContextMenu" "Backup Shell" "Symantec Corporation" "c:\program files (x86)\norton security suite\engine64\20.2.0.19\bushell.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "Symantec.Norton.Antivirus.IEContextMenu" "Symantec Shared Component Shell Extension Module" "Symantec Corporation" "c:\program files (x86)\norton security suite\engine64\20.2.0.19\navshext.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "OverlayExcluded" "Backup Shell" "Symantec Corporation" "c:\program files (x86)\norton security suite\engine64\20.2.0.19\bushell.dll"
+ "OverlayPending" "Backup Shell" "Symantec Corporation" "c:\program files (x86)\norton security suite\engine64\20.2.0.19\bushell.dll"
+ "OverlayProtected" "Backup Shell" "Symantec Corporation" "c:\program files (x86)\norton security suite\engine64\20.2.0.19\bushell.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Google Toolbar Helper" "Google Toolbar" "Google Inc." "c:\program files (x86)\google\google toolbar\googletoolbar_64.dll"
+ "SimpleAdblock Class" "Simple Adblock Module" "Simple Adblock" "c:\program files (x86)\common files\simple adblock\simpleadblockx64.dll"
+ "Skype add-on for Internet Explorer" "Skype Click to Call for Internet Explorer" "Skype Technologies S.A." "c:\program files (x86)\skype\toolbars\internet explorer x64\skypeieplugin.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corporation" "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Norton Identity Protection" "coIEPlugIn" "Symantec Corporation" "c:\program files (x86)\norton security suite\engine\20.2.0.19\coieplg.dll"
+ "Norton Vulnerability Protection" "IPS Browser Helper DLL" "Symantec Corporation" "c:\program files (x86)\norton security suite\engine\20.2.0.19\ips\ipsbho.dll"
+ "SimpleAdblock Class" "Simple Adblock Module" "Simple Adblock" "c:\program files (x86)\common files\simple adblock\simpleadblock.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "Google Toolbar" "Google Toolbar" "Google Inc." "c:\program files (x86)\google\google toolbar\googletoolbar_64.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "Norton Toolbar" "coIEPlugIn" "Symantec Corporation" "c:\program files (x86)\norton security suite\engine\20.2.0.19\coieplg.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "Skype Click to Call" "Skype Click to Call for Internet Explorer" "Skype Technologies S.A." "c:\program files (x86)\skype\toolbars\internet explorer x64\skypeieplugin.dll"
"Task Scheduler" "" "" ""
+ "\Adobe Flash Player Updater" "Adobe® Flash® Player Update Service 11.6 r602" "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "\GoogleUpdateTaskMachineCore" "Google Installer" "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskMachineUA" "Google Installer" "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "\Hewlett-Packard\HP Support Assistant\PC Health Analysis" "HP Support Assistant" "Hewlett-Packard Company" "c:\program files (x86)\hewlett-packard\hp support framework\hpsf.exe"
+ "\Hewlett-Packard\HP Support Assistant\PC Tuneup" "HP Support Assistant" "Hewlett-Packard Company" "c:\program files (x86)\hewlett-packard\hp support framework\hpsf.exe"
+ "\HPCustParticipation HP Deskjet 2050 J510 series" "HP Customer Participation." "Hewlett-Packard Co." "c:\program files\hp\hp deskjet 2050 j510 series\bin\hpcustpartic.exe"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
+ "\MirageAgent" "YouCam Mirage" "CyberLink" "c:\program files (x86)\hewlett-packard\media\webcam\ycmmirage.exe"
+ "\Norton Security Suite\Norton Error Analyzer" "Symantec Error Reporting" "Symantec Corporation" "c:\program files (x86)\norton security suite\engine\20.2.0.19\symerr.exe"
+ "\Norton Security Suite\Norton Error Processor" "Symantec Error Reporting" "Symantec Corporation" "c:\program files (x86)\norton security suite\engine\20.2.0.19\symerr.exe"
+ "\Norton WSC Integration" "WSCStub" "Symantec Corporation" "c:\program files (x86)\norton security suite\engine\20.2.0.19\wscstub.exe"
+ "\RecoveryCDWin7" "ESAdvRemIntegrator" "" "c:\program files (x86)\hewlett-packard\hp setup\remengine.exe"
+ "\Registration" "ESAdvRemIntegrator" "" "c:\program files (x86)\hewlett-packard\hp setup\remengine.exe"
+ "\SidebarExecute" "Windows Desktop Gadgets" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sidebar.exe"
+ "\{4CC29A91-095A-49E6-9FF8-B0590BE08806}" "" "" "c:\riot games\league of legends\lol.launcher.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "AERTFilters" "Andrea Service" "Andrea Electronics Corporation" "c:\program files\realtek\audio\hda\aertsr64.exe"
+ "cvhsvc" "Client Virtualization Handler Service (unlocalized description)" "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\virtualization handler\cvhsvc.exe"
+ "gusvc" "Google Updater keeps your Google software up to date. If Google Updater Service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work." "Google" "c:\program files (x86)\google\common\google updater\googleupdaterservice.exe"
+ "ioloSystemService" "iolo System component" "iolo technologies, LLC" "c:\program files (x86)\iolo\common\lib\ioloservicemanager.exe"
+ "LightScribeService" "Used by the LightScribe software components to support 3rd party disc labeling applications using the LightScribe COM Application Programming Interface (LSCAPI). This service needs to run for LightScribe direct disc labeling to work." "Hewlett-Packard Company" "c:\program files (x86)\common files\lightscribe\lssrvc.exe"
+ "N360" "Norton Security Suite" "Symantec Corporation" "c:\program files (x86)\norton security suite\engine\20.2.0.19\ccsvchst.exe"
+ "NOBU" "Norton Online Backup Service" "Symantec Corporation" "c:\program files (x86)\symantec\norton online backup\nobuagent.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"
+ "osppsvc" "Office Software Protection Platform Service (unlocalized description)" "Microsoft Corporation" "c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe"
+ "SkypeUpdate" "Enables the detection, download and installation of updates for Skype." "Skype Technologies" "c:\program files (x86)\skype\updater\updater.exe"
+ "Steam Client Service" "Steam Client Service monitors and updates Steam content" "Valve Corporation" "c:\program files (x86)\common files\steam\steamservice.exe"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "wlidsvc" "Enables Windows Live ID authentication." "Microsoft Corporation" "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "ACPIService" "Buttons and OSDs ACPI driver gen2" "" "c:\windows\system32\drivers\osdacpi.sys"
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdkmdag" "ATI Radeon Kernel Mode Driver" "ATI Technologies Inc." "c:\windows\system32\drivers\atikmdag.sys"
+ "amdkmdap" "AMD multi-vendor Miniport Driver" "Advanced Micro Devices, Inc." "c:\windows\system32\drivers\atikmpag.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Stor Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "AtiPcie" "AMD PCIE Filter Driver for ATI PCIE chipset" "Advanced Micro Devices Inc." "c:\windows\system32\drivers\atipcie64.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "BHDrvx64" "SONAR Engine Driver" "Symantec Corporation" "c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_20.1.0.24\definitions\bashdefs\20130301.001\bhdrvx64.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "ccSet_N360" "Common Client Settings Driver" "Symantec Corporation" "c:\windows\system32\drivers\n360x64\1402000.013\ccsetx64.sys"
+ "clwvd" "CyberLink WebCam Virtual Driver" "Windows ® Win 7 DDK provider" "c:\windows\system32\drivers\clwvd.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "EagleX64" "" "" "File not found: C:\Windows\system32\drivers\EagleX64.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "eeCtrl" "Symantec Eraser Control Driver" "Symantec Corporation" "c:\program files (x86)\common files\symantec shared\eengine\eectrl64.sys"
+ "ElRawDisk" "RawDisk Driver. Allows write access to raw disk sectors for user mode applications in Windows 2000, XP, 2003, Vista, 2008." "EldoS Corporation" "c:\windows\system32\drivers\elrawdsk.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "EraserUtilRebootDrv" "Symantec Eraser Utility Driver" "Symantec Corporation" "c:\program files (x86)\common files\symantec shared\eengine\eraserutilrebootdrv.sys"
+ "hamachi" "Hamachi Virtual Network Interface Driver" "LogMeIn, Inc." "c:\windows\system32\drivers\hamachi.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "IDSVia64" "Symantec Intrusion Prevention Driver" "Symantec Corporation" "c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_20.1.0.24\definitions\ipsdefs\20130319.002\idsvia64.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "IntcAzAudAddService" "Realtek® High Definition Audio Function Driver" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtkvhd64.sys"
+ "LADF_BakerCOnly" "BakerC Filter Driver" "Logitech" "c:\windows\system32\drivers\ladfbakercamd64.sys"
+ "LADF_BakerROnly" "DPL2/EQ Filter Driver" "Logitech" "c:\windows\system32\drivers\ladfbakerramd64.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "NAVENG" "AV Engine" "Symantec Corporation" "c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_20.1.0.24\definitions\virusdefs\20130319.018\eng64.sys"
+ "NAVEX15" "AV Engine" "Symantec Corporation" "c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_20.1.0.24\definitions\virusdefs\20130319.018\ex64.sys"
+ "netr28x" "Ralink 802.11 Wireless Adapter Driver" "Ralink Technology, Corp." "c:\windows\system32\drivers\netr28x.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "PDFsFilter" "Raxco File System Minifilter Driver" "Raxco Software, Inc." "c:\windows\system32\drivers\pdfsfilter.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "RTL8167" "Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver                " "Realtek                                            " "c:\windows\system32\drivers\rt64win7.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "SRTSP" "Symantec AutoProtect" "Symantec Corporation" "c:\windows\system32\drivers\n360x64\1402000.013\srtsp64.sys"
+ "SRTSPX" "Symantec AutoProtect" "Symantec Corporation" "c:\windows\system32\drivers\n360x64\1402000.013\srtspx64.sys"
+ "stexstor" "Promise  SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "SymDS" "Symantec Data Store" "Symantec Corporation" "c:\windows\system32\drivers\n360x64\1402000.013\symds64.sys"
+ "SymEFA" "Symantec Extended File Attributes" "Symantec Corporation" "c:\windows\system32\drivers\n360x64\1402000.013\symefa64.sys"
+ "SymEvent" "Symantec Event Library" "Symantec Corporation" "c:\windows\system32\drivers\symevent64x86.sys"
+ "SymIRON" "Iron Driver" "Symantec Corporation" "c:\windows\system32\drivers\n360x64\1402000.013\ironx64.sys"
+ "SymNetS" "Network Security Driver" "Symantec Corporation" "c:\windows\system32\drivers\n360x64\1402000.013\symnets.sys"
+ "usbfilter" "AMD USB Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\usbfilter.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.bdmpeg" "" "" "c:\windows\system32\bdmpega64.acm"
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
+ "vidc.mjpg" "" "" "c:\windows\system32\bdmjpeg64.dll"
+ "vidc.mpeg" "" "" "c:\windows\system32\bdmpegv64.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.bdmpeg" "" "" "c:\windows\syswow64\bdmpega.acm"
+ "msacm.iac2" "Indeo® audio software" "Intel Corporation" "c:\windows\syswow64\iac25_32.ax"
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "msacm.vorbis" "Ogg Vorbis CODEC for MSACM" "HMS http://hp.vector.co.jp/authors/VA012897/" "c:\windows\syswow64\vorbis.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
+ "VIDC.IV41" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\syswow64\ir41_32.ax"
+ "vidc.iv50" "Intel Indeo® video 5.10" "Intel Corporation" "c:\windows\syswow64\ir50_32.dll"
+ "vidc.mjpg" "" "" "c:\windows\syswow64\bdmjpeg.dll"
+ "vidc.mpeg" "" "" "c:\windows\syswow64\bdmpegv.dll"
"HKLM\Software\Classes\Filter" "" "" ""
+ "Indeo® video 4.4 Compression Filter" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\syswow64\ir41_32.ax"
+ "Indeo® video 4.4 Decompression Filter" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\syswow64\ir41_32.ax"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "Bandisoft MPEG-1 Audio Decoder" "Bandisoft Directshow Filter" "www.Bandisoft.com" "c:\program files (x86)\bandimpeg1\bdfilters64.dll"
+ "Bandisoft MPEG-1 Video Decoder" "Bandisoft Directshow Filter" "www.Bandisoft.com" "c:\program files (x86)\bandimpeg1\bdfilters64.dll"
+ "MS PR Source Filter" "PlayReady DirectShow Source Filter DLL" "Microsoft Corporation" "c:\program files\playready\prsource.dll"
+ "PlayReady DMO Wrapper" "PlayReady DirectShow DMO Wrapper Filter DLL" "Microsoft Corporation" "c:\program files\playready\prdmowrapper.dll"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "Bandisoft MPEG-1 Audio Decoder" "Bandisoft Directshow Filter" "www.Bandisoft.com" "c:\program files (x86)\bandimpeg1\bdfilters.dll"
+ "Bandisoft MPEG-1 Video Decoder" "Bandisoft Directshow Filter" "www.Bandisoft.com" "c:\program files (x86)\bandimpeg1\bdfilters.dll"
+ "Capture File Writer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "CyberLink Audio Decoder (HP)" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\media\dvd\kernel\movie\claud.ax"
+ "CyberLink Audio Effect (HP)" "CyberLink Audio Effect Filter" "CyberLink Corporation" "c:\program files (x86)\hewlett-packard\media\dvd\kernel\movie\claudfx.ax"
+ "CyberLink Audio Noise Reduction" "CLAuNR" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gaunrwrapper.ax"
+ "CyberLink Audio Resampler" "CLAuRsmpl.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gaursmpl.ax"
+ "CyberLink Audio VolumeBooster" "CyberLink Audio Volume Booster Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gvb.ax"
+ "CyberLink AudioCD Filter" "CyberLink AudioCD Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gaudiocd.ax"
+ "Cyberlink Dump Dispatch Filter" "Cyberlink File Dump Dispatch Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gdumpdispatch.ax"
+ "Cyberlink Dump Filter" "Cyberlink File Dump Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gdump.ax"
+ "CyberLink DVD Navigator (HP)" "CyberLink DVD Navigation Filter" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\media\dvd\kernel\movie\clnavx.ax"
+ "CyberLink Editing Service 3.0 (Source)" "CES Kernel" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gedtkrn.dll"
+ "Cyberlink File Reader (Async.)" "Cyberlink MPEG File Reader" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2greader.ax"
+ "CyberLink Line21 Decoder Filter (HP)" "CyberLink Line21 Decoder Filter" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\media\dvd\kernel\movie\clline21.ax"
+ "CyberLink Load Image Filter" "CLImage" "CyberLink" "c:\program files (x86)\cyberlink\shared files\climage.ax"
+ "CyberLink M2V Writer" "CLM2VWriter" "CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gm2vwriter.ax"
+ "CyberLink MP3/WAV Wrapper" "CyberLink MP3 Wrapper" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gmp3wrap.ax"
+ "CyberLink MPEG Decoder" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gmvd.ax"
+ "CyberLink MPEG Muxer" "MpgMux" "CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gmpgmux.ax"
+ "CyberLink MPEG Video Encoder" "CyberLink MPEG Video Encoder                               " "CyberLink Corp.                                            " "c:\program files (x86)\cyberlink\power2go\p2gvidenc.ax"
+ "CyberLink MPEG-1 Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gm1spliter.ax"
+ "CyberLink MPEG-2 Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gm2spliter.ax"
+ "CyberLink PCM Wrapper" "CyberLink PCM Wrapper" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gpcmenc.ax"
+ "Cyberlink SubTitle(HP)" "CLSubTitle.ax" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\media\dvd\kernel\movie\clsubtitle.ax"
+ "CyberLink TimeStretch Filter (CES)" "CLAuTS.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gauts.ax"
+ "CyberLink TL MPEG Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gtlmsplter.ax"
+ "CyberLink Tzan Filter (HP)" "Cyberlink Tzan Filter" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\media\dvd\kernel\movie\cltzan.ax"
+ "CyberLink Video Effect" "CLVidFx" "CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gvidfx.ax"
+ "CyberLink Video Regulator" "CLRGL" "Cyberlink" "c:\program files (x86)\cyberlink\power2go\p2grgl.ax"
+ "CyberLink Video Stabilizer" "CLVideoDeShaking" "CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gvideostabilizer.ax"
+ "CyberLink Video/SP Decoder (HP)" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\media\dvd\kernel\movie\clvsd.ax"
+ "DivX for Blizzard Decoder Filter" "DivX ™ Decoder Filter" "DivXNetworks, Inc." "c:\program files (x86)\warcraft iii\blizzard.ax"
+ "Indeo® audio software" "Indeo® audio software" "Intel Corporation" "c:\windows\syswow64\iac25_32.ax"
+ "Indeo® video 5.10 Compression Filter" "Intel Indeo® video 5.10" "Intel Corporation" "c:\windows\syswow64\ir50_32.dll"
+ "Indeo® video 5.10 Decompression Filter" "Intel Indeo® video 5.10" "Intel Corporation" "c:\windows\syswow64\ir50_32.dll"
+ "MSDVD Audio Wizard (HP)" "CyberLink Audio Wizard Filter" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\media\dvd\kernel\movie\claudwizard.ax"
+ "P2G Audio Decoder" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gaud.ax"
+ "P2G Audio Encoder" "CyberLink Audio Encoder Filter" "Cyberlink Corp." "c:\program files (x86)\cyberlink\power2go\p2gaudenc.ax"
+ "P2G Video Decoder" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gvsd.ax"
+ "P2G Video Regulator" "CyberLink Video Regulator" "CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gresample.ax"
+ "Record Queue" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WM VIH2 Fix" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT DV Extract Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" "" "" ""
+ "WLIDCredentialProvider" "Microsoft® Windows Live ID Credential Provider" "Microsoft Corporation" "c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" ""
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corporation" "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corporation" "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "HP 8711 Status Monitor" "Print Status Language Monitor" "Hewlett-Packard Co." "c:\windows\system32\hpinksts8711lm.dll"
+ "PDFC" "PDF Complete Print Monitor" "PDF Complete, Inc." "c:\windows\system32\pdfc_port.dll"



#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:45 AM

Posted 20 March 2013 - 05:49 AM

Other logs? especially TDSSkiller log.



#14 patrickbutters

patrickbutters
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:07:45 AM

Posted 20 March 2013 - 10:57 AM

23:22:42.0963 1308  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
23:22:44.0554 1308  ============================================================
23:22:44.0554 1308  Current date / time: 2013/03/19 23:22:44.0554
23:22:44.0554 1308  SystemInfo:
23:22:44.0554 1308 
23:22:44.0554 1308  OS Version: 6.1.7601 ServicePack: 1.0
23:22:44.0554 1308  Product type: Workstation
23:22:44.0554 1308  ComputerName: OWNER-HP
23:22:44.0554 1308  UserName: owner
23:22:44.0554 1308  Windows directory: C:\Windows
23:22:44.0554 1308  System windows directory: C:\Windows
23:22:44.0554 1308  Running under WOW64
23:22:44.0554 1308  Processor architecture: Intel x64
23:22:44.0554 1308  Number of processors: 2
23:22:44.0554 1308  Page size: 0x1000
23:22:44.0554 1308  Boot type: Normal boot
23:22:44.0554 1308  ============================================================
23:22:45.0412 1308  BG loaded
23:22:45.0740 1308  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:22:45.0755 1308  ============================================================
23:22:45.0755 1308  \Device\Harddisk0\DR0:
23:22:45.0755 1308  MBR partitions:
23:22:45.0755 1308  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
23:22:45.0755 1308  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x38968000
23:22:45.0755 1308  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x3899A800, BlocksNum 0x19EB000
23:22:45.0755 1308  ============================================================
23:22:45.0755 1308  C: <-> \Device\Harddisk0\DR0\Partition2
23:22:45.0802 1308  D: <-> \Device\Harddisk0\DR0\Partition3
23:22:45.0802 1308  ============================================================
23:22:45.0802 1308  Initialize success
23:22:45.0802 1308  ============================================================
23:22:48.0392 2012  ============================================================
23:22:48.0392 2012  Scan started
23:22:48.0392 2012  Mode: Manual;
23:22:48.0392 2012  ============================================================
23:22:49.0702 2012  ================ Scan system memory ========================
23:22:49.0702 2012  System memory - ok
23:22:49.0702 2012  ================ Scan services =============================
23:22:49.0811 2012  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
23:22:49.0811 2012  1394ohci - ok
23:22:49.0842 2012  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
23:22:49.0842 2012  ACPI - ok
23:22:49.0889 2012  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
23:22:49.0889 2012  AcpiPmi - ok
23:22:49.0905 2012  [ DE7E8D852A806BE6091983838BF9697F ] ACPIService     C:\Windows\system32\DRIVERS\OSDACPI.SYS
23:22:49.0905 2012  ACPIService - ok
23:22:49.0983 2012  [ EA856F4A46320389D1899B2CAA7BF40F ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
23:22:49.0983 2012  AdobeFlashPlayerUpdateSvc - ok
23:22:50.0014 2012  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
23:22:50.0014 2012  adp94xx - ok
23:22:50.0030 2012  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
23:22:50.0045 2012  adpahci - ok
23:22:50.0061 2012  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
23:22:50.0061 2012  adpu320 - ok
23:22:50.0076 2012  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
23:22:50.0092 2012  AeLookupSvc - ok
23:22:50.0123 2012  [ D1E343BC00136CE03C4D403194D06A80 ] AERTFilters     C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE
23:22:50.0123 2012  AERTFilters - ok
23:22:50.0170 2012  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
23:22:50.0170 2012  AFD - ok
23:22:50.0201 2012  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
23:22:50.0217 2012  agp440 - ok
23:22:50.0217 2012  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
23:22:50.0217 2012  ALG - ok
23:22:50.0232 2012  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
23:22:50.0248 2012  aliide - ok
23:22:50.0279 2012  [ CA0D6C1390F4B3BAF2A0A69D1A7F8332 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
23:22:50.0295 2012  AMD External Events Utility - ok
23:22:50.0310 2012  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
23:22:50.0310 2012  amdide - ok
23:22:50.0326 2012  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
23:22:50.0342 2012  AmdK8 - ok
23:22:50.0482 2012  [ 75E4BACA583AE02C11E9AC8747E2ABE0 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
23:22:50.0607 2012  amdkmdag - ok
23:22:50.0638 2012  [ B765CF4B32F347BE747B21AE22641025 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
23:22:50.0638 2012  amdkmdap - ok
23:22:50.0654 2012  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
23:22:50.0654 2012  AmdPPM - ok
23:22:50.0669 2012  [ F747497A0EE5498F79B207F215B3D2D8 ] amdsata         C:\Windows\system32\DRIVERS\amdsata.sys
23:22:50.0669 2012  amdsata - ok
23:22:50.0685 2012  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
23:22:50.0685 2012  amdsbs - ok
23:22:50.0700 2012  [ 2946D695E158615BAAA16248E63C7ADB ] amdxata         C:\Windows\system32\DRIVERS\amdxata.sys
23:22:50.0716 2012  amdxata - ok
23:22:50.0732 2012  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
23:22:50.0732 2012  AppID - ok
23:22:50.0747 2012  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
23:22:50.0747 2012  AppIDSvc - ok
23:22:50.0778 2012  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
23:22:50.0778 2012  Appinfo - ok
23:22:50.0794 2012  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
23:22:50.0794 2012  arc - ok
23:22:50.0810 2012  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
23:22:50.0810 2012  arcsas - ok
23:22:50.0856 2012  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
23:22:50.0872 2012  aspnet_state - ok
23:22:50.0888 2012  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
23:22:50.0903 2012  AsyncMac - ok
23:22:50.0919 2012  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
23:22:50.0919 2012  atapi - ok
23:22:50.0934 2012  [ E82E61F46D1336447F4DEFF8C074F13E ] AtiPcie         C:\Windows\system32\DRIVERS\AtiPcie64.sys
23:22:50.0934 2012  AtiPcie - ok
23:22:50.0966 2012  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
23:22:50.0966 2012  AudioEndpointBuilder - ok
23:22:50.0981 2012  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
23:22:50.0981 2012  AudioSrv - ok
23:22:51.0012 2012  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
23:22:51.0012 2012  AxInstSV - ok
23:22:51.0028 2012  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
23:22:51.0044 2012  b06bdrv - ok
23:22:51.0059 2012  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
23:22:51.0059 2012  b57nd60a - ok
23:22:51.0090 2012  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
23:22:51.0090 2012  BDESVC - ok
23:22:51.0106 2012  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
23:22:51.0106 2012  Beep - ok
23:22:51.0137 2012  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
23:22:51.0153 2012  BFE - ok
23:22:51.0246 2012  [ 866335C9C0E6733C753FB472C539A6B9 ] BHDrvx64        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130301.001\BHDrvx64.sys
23:22:51.0278 2012  BHDrvx64 - ok
23:22:51.0309 2012  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
23:22:51.0309 2012  BITS - ok
23:22:51.0340 2012  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
23:22:51.0340 2012  blbdrive - ok
23:22:51.0371 2012  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
23:22:51.0371 2012  bowser - ok
23:22:51.0371 2012  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
23:22:51.0371 2012  BrFiltLo - ok
23:22:51.0387 2012  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
23:22:51.0387 2012  BrFiltUp - ok
23:22:51.0418 2012  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
23:22:51.0418 2012  Browser - ok
23:22:51.0449 2012  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
23:22:51.0449 2012  Brserid - ok
23:22:51.0449 2012  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
23:22:51.0449 2012  BrSerWdm - ok
23:22:51.0465 2012  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
23:22:51.0465 2012  BrUsbMdm - ok
23:22:51.0480 2012  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
23:22:51.0480 2012  BrUsbSer - ok
23:22:51.0480 2012  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
23:22:51.0480 2012  BTHMODEM - ok
23:22:51.0512 2012  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
23:22:51.0512 2012  bthserv - ok
23:22:51.0558 2012  [ 248C952C82DF1E23775432774CBB20F1 ] ccSet_N360      C:\Windows\system32\drivers\N360x64\1402000.013\ccSetx64.sys
23:22:51.0558 2012  ccSet_N360 - ok
23:22:51.0574 2012  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
23:22:51.0574 2012  cdfs - ok
23:22:51.0605 2012  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\drivers\cdrom.sys
23:22:51.0605 2012  cdrom - ok
23:22:51.0621 2012  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
23:22:51.0621 2012  CertPropSvc - ok
23:22:51.0668 2012  [ EA3333DB9AB03106EEC0D6D9D487ED01 ] CinemaNow Service C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe
23:22:51.0683 2012  CinemaNow Service - ok
23:22:51.0699 2012  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
23:22:51.0699 2012  circlass - ok
23:22:51.0730 2012  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
23:22:51.0730 2012  CLFS - ok
23:22:51.0777 2012  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:22:51.0777 2012  clr_optimization_v2.0.50727_32 - ok
23:22:51.0824 2012  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
23:22:51.0824 2012  clr_optimization_v2.0.50727_64 - ok
23:22:51.0886 2012  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:22:51.0948 2012  clr_optimization_v4.0.30319_32 - ok
23:22:51.0980 2012  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
23:22:52.0011 2012  clr_optimization_v4.0.30319_64 - ok
23:22:52.0026 2012  [ 9573E8C7C3B3D1625FD941841FD0859C ] clwvd           C:\Windows\system32\DRIVERS\clwvd.sys
23:22:52.0026 2012  clwvd - ok
23:22:52.0042 2012  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
23:22:52.0042 2012  CmBatt - ok
23:22:52.0058 2012  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
23:22:52.0058 2012  cmdide - ok
23:22:52.0089 2012  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
23:22:52.0104 2012  CNG - ok
23:22:52.0120 2012  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
23:22:52.0120 2012  Compbatt - ok
23:22:52.0136 2012  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
23:22:52.0151 2012  CompositeBus - ok
23:22:52.0151 2012  COMSysApp - ok
23:22:52.0167 2012  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
23:22:52.0167 2012  crcdisk - ok
23:22:52.0198 2012  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
23:22:52.0198 2012  CryptSvc - ok
23:22:52.0276 2012  [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc          C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
23:22:52.0292 2012  cvhsvc - ok
23:22:52.0338 2012  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
23:22:52.0338 2012  DcomLaunch - ok
23:22:52.0354 2012  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
23:22:52.0370 2012  defragsvc - ok
23:22:52.0385 2012  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
23:22:52.0385 2012  DfsC - ok
23:22:52.0401 2012  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
23:22:52.0401 2012  Dhcp - ok
23:22:52.0416 2012  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
23:22:52.0416 2012  discache - ok
23:22:52.0448 2012  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
23:22:52.0448 2012  Disk - ok
23:22:52.0479 2012  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
23:22:52.0479 2012  Dnscache - ok
23:22:52.0510 2012  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
23:22:52.0510 2012  dot3svc - ok
23:22:52.0541 2012  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
23:22:52.0541 2012  DPS - ok
23:22:52.0557 2012  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
23:22:52.0572 2012  drmkaud - ok
23:22:52.0604 2012  [ B1A72A497951217AE862117E8304F4E8 ] DTSRVC          C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe
23:22:52.0604 2012  DTSRVC - ok
23:22:52.0650 2012  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
23:22:52.0650 2012  DXGKrnl - ok
23:22:52.0666 2012  EagleX64 - ok
23:22:52.0682 2012  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
23:22:52.0697 2012  EapHost - ok
23:22:52.0775 2012  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
23:22:52.0838 2012  ebdrv - ok
23:22:52.0884 2012  [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl          C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
23:22:52.0884 2012  eeCtrl - ok
23:22:52.0900 2012  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
23:22:52.0900 2012  EFS - ok
23:22:52.0978 2012  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
23:22:52.0978 2012  ehRecvr - ok
23:22:53.0009 2012  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
23:22:53.0025 2012  ehSched - ok
23:22:53.0040 2012  [ D38A883309E04B9FBFFE1ACA60EA3BBF ] ElRawDisk       C:\Windows\system32\drivers\ElRawDsk.sys
23:22:53.0040 2012  ElRawDisk - ok
23:22:53.0087 2012  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
23:22:53.0087 2012  elxstor - ok
23:22:53.0150 2012  [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
23:22:53.0150 2012  EraserUtilRebootDrv - ok
23:22:53.0181 2012  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
23:22:53.0181 2012  ErrDev - ok
23:22:53.0212 2012  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
23:22:53.0212 2012  EventSystem - ok
23:22:53.0228 2012  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
23:22:53.0228 2012  exfat - ok
23:22:53.0243 2012  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
23:22:53.0243 2012  fastfat - ok
23:22:53.0274 2012  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
23:22:53.0290 2012  Fax - ok
23:22:53.0306 2012  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
23:22:53.0306 2012  fdc - ok
23:22:53.0321 2012  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
23:22:53.0321 2012  fdPHost - ok
23:22:53.0321 2012  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
23:22:53.0337 2012  FDResPub - ok
23:22:53.0352 2012  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
23:22:53.0352 2012  FileInfo - ok
23:22:53.0352 2012  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
23:22:53.0352 2012  Filetrace - ok
23:22:53.0368 2012  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
23:22:53.0368 2012  flpydisk - ok
23:22:53.0384 2012  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
23:22:53.0384 2012  FltMgr - ok
23:22:53.0430 2012  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
23:22:53.0446 2012  FontCache - ok
23:22:53.0477 2012  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
23:22:53.0477 2012  FontCache3.0.0.0 - ok
23:22:53.0493 2012  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
23:22:53.0508 2012  FsDepends - ok
23:22:53.0540 2012  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
23:22:53.0540 2012  Fs_Rec - ok
23:22:53.0555 2012  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
23:22:53.0571 2012  fvevol - ok
23:22:53.0586 2012  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
23:22:53.0586 2012  gagp30kx - ok
23:22:53.0649 2012  [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
23:22:53.0664 2012  GamesAppService - ok
23:22:53.0727 2012  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
23:22:53.0727 2012  gpsvc - ok
23:22:53.0789 2012  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:22:53.0789 2012  gupdate - ok
23:22:53.0789 2012  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:22:53.0789 2012  gupdatem - ok
23:22:53.0805 2012  [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
23:22:53.0805 2012  gusvc - ok
23:22:53.0836 2012  [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi         C:\Windows\system32\DRIVERS\hamachi.sys
23:22:53.0836 2012  hamachi - ok
23:22:53.0852 2012  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
23:22:53.0852 2012  hcw85cir - ok
23:22:53.0883 2012  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
23:22:53.0883 2012  HdAudAddService - ok
23:22:53.0914 2012  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
23:22:53.0914 2012  HDAudBus - ok
23:22:53.0914 2012  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
23:22:53.0930 2012  HidBatt - ok
23:22:53.0930 2012  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
23:22:53.0930 2012  HidBth - ok
23:22:53.0945 2012  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
23:22:53.0945 2012  HidIr - ok
23:22:53.0961 2012  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
23:22:53.0961 2012  hidserv - ok
23:22:53.0992 2012  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
23:22:53.0992 2012  HidUsb - ok
23:22:54.0023 2012  [ 1256F6834307B38594CEB034BAF52568 ] HiPatchService  C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
23:22:54.0023 2012  HiPatchService - ok
23:22:54.0054 2012  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
23:22:54.0054 2012  hkmsvc - ok
23:22:54.0086 2012  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
23:22:54.0086 2012  HomeGroupListener - ok
23:22:54.0101 2012  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
23:22:54.0101 2012  HomeGroupProvider - ok
23:22:54.0148 2012  [ 3F4ADD4196E2B860019539837BE305F9 ] HP Health Check Service C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
23:22:54.0148 2012  HP Health Check Service - ok
23:22:54.0195 2012  [ EF3EA06057132138B4E5895A61601DBE ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
23:22:54.0195 2012  hpqwmiex - ok
23:22:54.0242 2012  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
23:22:54.0242 2012  HpSAMD - ok
23:22:54.0288 2012  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
23:22:54.0304 2012  HTTP - ok
23:22:54.0366 2012  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
23:22:54.0366 2012  hwpolicy - ok
23:22:54.0398 2012  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
23:22:54.0398 2012  i8042prt - ok
23:22:54.0444 2012  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
23:22:54.0460 2012  iaStorV - ok
23:22:54.0569 2012  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
23:22:54.0585 2012  idsvc - ok
23:22:54.0678 2012  [ A48928D4CCA6F8B731989DB08CF2C0AB ] IDSVia64        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130319.002\IDSvia64.sys
23:22:54.0678 2012  IDSVia64 - ok
23:22:54.0694 2012  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
23:22:54.0694 2012  iirsp - ok
23:22:54.0741 2012  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
23:22:54.0741 2012  IKEEXT - ok
23:22:54.0803 2012  [ 1C11E5D258BC374E7FBD598D75E49B75 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
23:22:54.0834 2012  IntcAzAudAddService - ok
23:22:54.0850 2012  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
23:22:54.0850 2012  intelide - ok
23:22:54.0866 2012  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
23:22:54.0866 2012  intelppm - ok
23:22:54.0928 2012  [ 4C279F23F88E0854CE94731E55BF6E77 ] ioloSystemService C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe
23:22:54.0944 2012  ioloSystemService - ok
23:22:54.0959 2012  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
23:22:54.0959 2012  IPBusEnum - ok
23:22:54.0990 2012  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:22:54.0990 2012  IpFilterDriver - ok
23:22:55.0022 2012  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
23:22:55.0022 2012  iphlpsvc - ok
23:22:55.0053 2012  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
23:22:55.0053 2012  IPMIDRV - ok
23:22:55.0068 2012  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
23:22:55.0068 2012  IPNAT - ok
23:22:55.0084 2012  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
23:22:55.0084 2012  IRENUM - ok
23:22:55.0115 2012  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
23:22:55.0115 2012  isapnp - ok
23:22:55.0146 2012  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
23:22:55.0146 2012  iScsiPrt - ok
23:22:55.0162 2012  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
23:22:55.0162 2012  kbdclass - ok
23:22:55.0178 2012  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
23:22:55.0178 2012  kbdhid - ok
23:22:55.0193 2012  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
23:22:55.0193 2012  KeyIso - ok
23:22:55.0224 2012  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
23:22:55.0224 2012  KSecDD - ok
23:22:55.0240 2012  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
23:22:55.0240 2012  KSecPkg - ok
23:22:55.0256 2012  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
23:22:55.0256 2012  ksthunk - ok
23:22:55.0302 2012  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
23:22:55.0302 2012  KtmRm - ok
23:22:55.0334 2012  [ 86F06574763A0E7CDCD57DD85632E44F ] LADF_BakerCOnly C:\Windows\system32\DRIVERS\ladfBakerCamd64.sys
23:22:55.0349 2012  LADF_BakerCOnly - ok
23:22:55.0349 2012  [ 89B4981F949A14148365DE8D98A310B5 ] LADF_BakerROnly C:\Windows\system32\DRIVERS\ladfBakerRamd64.sys
23:22:55.0365 2012  LADF_BakerROnly - ok
23:22:55.0380 2012  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
23:22:55.0396 2012  LanmanServer - ok
23:22:55.0412 2012  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
23:22:55.0412 2012  LanmanWorkstation - ok
23:22:55.0443 2012  [ 7550D101BF49FDB1F92666A233EE36C4 ] LightScribeService c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
23:22:55.0443 2012  LightScribeService - ok
23:22:55.0458 2012  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
23:22:55.0458 2012  lltdio - ok
23:22:55.0490 2012  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
23:22:55.0505 2012  lltdsvc - ok
23:22:55.0505 2012  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
23:22:55.0505 2012  lmhosts - ok
23:22:55.0536 2012  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
23:22:55.0536 2012  LSI_FC - ok
23:22:55.0552 2012  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
23:22:55.0552 2012  LSI_SAS - ok
23:22:55.0568 2012  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
23:22:55.0568 2012  LSI_SAS2 - ok
23:22:55.0583 2012  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
23:22:55.0583 2012  LSI_SCSI - ok
23:22:55.0599 2012  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
23:22:55.0599 2012  luafv - ok
23:22:55.0630 2012  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
23:22:55.0630 2012  Mcx2Svc - ok
23:22:55.0661 2012  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
23:22:55.0661 2012  megasas - ok
23:22:55.0677 2012  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
23:22:55.0677 2012  MegaSR - ok
23:22:55.0692 2012  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
23:22:55.0692 2012  MMCSS - ok
23:22:55.0708 2012  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
23:22:55.0708 2012  Modem - ok
23:22:55.0724 2012  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
23:22:55.0724 2012  monitor - ok
23:22:55.0755 2012  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
23:22:55.0755 2012  mouclass - ok
23:22:55.0770 2012  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
23:22:55.0786 2012  mouhid - ok
23:22:55.0802 2012  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
23:22:55.0802 2012  mountmgr - ok
23:22:55.0817 2012  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
23:22:55.0833 2012  mpio - ok
23:22:55.0848 2012  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
23:22:55.0848 2012  mpsdrv - ok
23:22:55.0880 2012  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
23:22:55.0895 2012  MpsSvc - ok
23:22:55.0926 2012  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
23:22:55.0926 2012  MRxDAV - ok
23:22:55.0958 2012  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
23:22:55.0958 2012  mrxsmb - ok
23:22:55.0973 2012  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:22:55.0973 2012  mrxsmb10 - ok
23:22:55.0989 2012  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:22:55.0989 2012  mrxsmb20 - ok
23:22:56.0020 2012  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
23:22:56.0020 2012  msahci - ok
23:22:56.0036 2012  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
23:22:56.0036 2012  msdsm - ok
23:22:56.0067 2012  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
23:22:56.0067 2012  MSDTC - ok
23:22:56.0098 2012  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
23:22:56.0098 2012  Msfs - ok
23:22:56.0114 2012  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
23:22:56.0129 2012  mshidkmdf - ok
23:22:56.0145 2012  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
23:22:56.0145 2012  msisadrv - ok
23:22:56.0176 2012  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
23:22:56.0176 2012  MSiSCSI - ok
23:22:56.0176 2012  msiserver - ok
23:22:56.0192 2012  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
23:22:56.0192 2012  MSKSSRV - ok
23:22:56.0207 2012  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
23:22:56.0207 2012  MSPCLOCK - ok
23:22:56.0223 2012  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
23:22:56.0223 2012  MSPQM - ok
23:22:56.0254 2012  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
23:22:56.0270 2012  MsRPC - ok
23:22:56.0301 2012  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
23:22:56.0301 2012  mssmbios - ok
23:22:56.0316 2012  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
23:22:56.0316 2012  MSTEE - ok
23:22:56.0363 2012  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
23:22:56.0363 2012  MTConfig - ok
23:22:56.0379 2012  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
23:22:56.0379 2012  Mup - ok
23:22:56.0426 2012  [ 4A9258B9597A31DB68EC9740F3A8A70B ] N360            C:\Program Files (x86)\Norton Security Suite\Engine\20.2.0.19\ccSvcHst.exe
23:22:56.0426 2012  N360 - ok
23:22:56.0472 2012  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
23:22:56.0472 2012  napagent - ok
23:22:56.0504 2012  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
23:22:56.0504 2012  NativeWifiP - ok
23:22:56.0597 2012  [ 88A2F45CE66B904285978D6BB13AFEB2 ] NAVENG          C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130319.018\ENG64.SYS
23:22:56.0597 2012  NAVENG - ok
23:22:56.0675 2012  [ D2A545DA3A90BBFA40E020C23F1B7A48 ] NAVEX15         C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130319.018\EX64.SYS
23:22:56.0691 2012  NAVEX15 - ok
23:22:56.0738 2012  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
23:22:56.0738 2012  NDIS - ok
23:22:56.0753 2012  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
23:22:56.0753 2012  NdisCap - ok
23:22:56.0769 2012  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
23:22:56.0769 2012  NdisTapi - ok
23:22:56.0816 2012  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
23:22:56.0816 2012  Ndisuio - ok
23:22:56.0831 2012  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
23:22:56.0831 2012  NdisWan - ok
23:22:56.0847 2012  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
23:22:56.0847 2012  NDProxy - ok
23:22:56.0862 2012  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
23:22:56.0862 2012  NetBIOS - ok
23:22:56.0878 2012  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
23:22:56.0878 2012  NetBT - ok
23:22:56.0878 2012  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
23:22:56.0894 2012  Netlogon - ok
23:22:56.0909 2012  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
23:22:56.0925 2012  Netman - ok
23:22:56.0940 2012  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:22:56.0956 2012  NetMsmqActivator - ok
23:22:56.0972 2012  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:22:56.0972 2012  NetPipeActivator - ok
23:22:56.0987 2012  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
23:22:56.0987 2012  netprofm - ok
23:22:57.0018 2012  [ 1982B291DF9833FB3ADC397EBD310A18 ] netr28x         C:\Windows\system32\DRIVERS\netr28x.sys
23:22:57.0034 2012  netr28x - ok
23:22:57.0034 2012  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:22:57.0034 2012  NetTcpActivator - ok
23:22:57.0050 2012  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:22:57.0050 2012  NetTcpPortSharing - ok
23:22:57.0081 2012  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
23:22:57.0081 2012  nfrd960 - ok
23:22:57.0112 2012  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
23:22:57.0112 2012  NlaSvc - ok
23:22:57.0190 2012  [ 5839A8027D6D324A7CD494051A96628C ] NOBU            C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
23:22:57.0221 2012  NOBU - ok
23:22:57.0237 2012  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
23:22:57.0237 2012  Npfs - ok
23:22:57.0268 2012  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
23:22:57.0268 2012  nsi - ok
23:22:57.0284 2012  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
23:22:57.0284 2012  nsiproxy - ok
23:22:57.0346 2012  [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
23:22:57.0377 2012  Ntfs - ok
23:22:57.0377 2012  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
23:22:57.0393 2012  Null - ok
23:22:57.0408 2012  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
23:22:57.0408 2012  nvraid - ok
23:22:57.0424 2012  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
23:22:57.0424 2012  nvstor - ok
23:22:57.0455 2012  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
23:22:57.0455 2012  nv_agp - ok
23:22:57.0471 2012  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
23:22:57.0471 2012  ohci1394 - ok
23:22:57.0502 2012  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:22:57.0502 2012  ose - ok
23:22:57.0627 2012  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
23:22:57.0658 2012  osppsvc - ok
23:22:57.0689 2012  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
23:22:57.0689 2012  p2pimsvc - ok
23:22:57.0705 2012  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
23:22:57.0720 2012  p2psvc - ok
23:22:57.0736 2012  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
23:22:57.0736 2012  Parport - ok
23:22:57.0767 2012  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
23:22:57.0767 2012  partmgr - ok
23:22:57.0783 2012  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
23:22:57.0783 2012  PcaSvc - ok
23:22:57.0830 2012  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
23:22:57.0830 2012  pci - ok
23:22:57.0845 2012  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
23:22:57.0845 2012  pciide - ok
23:22:57.0861 2012  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
23:22:57.0861 2012  pcmcia - ok
23:22:57.0876 2012  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
23:22:57.0876 2012  pcw - ok
23:22:57.0892 2012  pdfcDispatcher - ok
23:22:57.0908 2012  [ 8570C04D9DBFDDD2CCF655DEB4D84715 ] PDFsFilter      C:\Windows\system32\DRIVERS\PDFsFilter.sys
23:22:57.0908 2012  PDFsFilter - ok
23:22:57.0954 2012  [ 0A098DF98EC8FACAA30BD7DB4C7AEA06 ] PdiService      C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
23:22:57.0954 2012  PdiService - ok
23:22:57.0986 2012  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
23:22:57.0986 2012  PEAUTH - ok
23:22:58.0048 2012  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
23:22:58.0048 2012  PerfHost - ok
23:22:58.0110 2012  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
23:22:58.0126 2012  pla - ok
23:22:58.0173 2012  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
23:22:58.0173 2012  PlugPlay - ok
23:22:58.0204 2012  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
23:22:58.0204 2012  PNRPAutoReg - ok
23:22:58.0220 2012  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
23:22:58.0235 2012  PNRPsvc - ok
23:22:58.0251 2012  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
23:22:58.0266 2012  PolicyAgent - ok
23:22:58.0282 2012  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
23:22:58.0282 2012  Power - ok
23:22:58.0298 2012  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
23:22:58.0298 2012  PptpMiniport - ok
23:22:58.0329 2012  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
23:22:58.0329 2012  Processor - ok
23:22:58.0344 2012  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
23:22:58.0360 2012  ProfSvc - ok
23:22:58.0360 2012  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
23:22:58.0376 2012  ProtectedStorage - ok
23:22:58.0376 2012  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
23:22:58.0391 2012  Psched - ok
23:22:58.0422 2012  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
23:22:58.0438 2012  ql2300 - ok
23:22:58.0469 2012  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
23:22:58.0469 2012  ql40xx - ok
23:22:58.0500 2012  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
23:22:58.0500 2012  QWAVE - ok
23:22:58.0516 2012  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
23:22:58.0516 2012  QWAVEdrv - ok
23:22:58.0532 2012  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
23:22:58.0532 2012  RasAcd - ok
23:22:58.0563 2012  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
23:22:58.0563 2012  RasAgileVpn - ok
23:22:58.0578 2012  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
23:22:58.0578 2012  RasAuto - ok
23:22:58.0610 2012  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
23:22:58.0610 2012  Rasl2tp - ok
23:22:58.0625 2012  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
23:22:58.0625 2012  RasMan - ok
23:22:58.0641 2012  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
23:22:58.0641 2012  RasPppoe - ok
23:22:58.0656 2012  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
23:22:58.0656 2012  RasSstp - ok
23:22:58.0672 2012  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
23:22:58.0672 2012  rdbss - ok
23:22:58.0688 2012  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
23:22:58.0688 2012  rdpbus - ok
23:22:58.0703 2012  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
23:22:58.0703 2012  RDPCDD - ok
23:22:58.0719 2012  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
23:22:58.0719 2012  RDPENCDD - ok
23:22:58.0734 2012  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
23:22:58.0734 2012  RDPREFMP - ok
23:22:58.0766 2012  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
23:22:58.0766 2012  RDPWD - ok
23:22:58.0781 2012  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
23:22:58.0781 2012  rdyboost - ok
23:22:58.0812 2012  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
23:22:58.0812 2012  RemoteAccess - ok
23:22:58.0828 2012  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
23:22:58.0828 2012  RemoteRegistry - ok
23:22:58.0844 2012  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
23:22:58.0844 2012  RpcEptMapper - ok
23:22:58.0859 2012  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
23:22:58.0859 2012  RpcLocator - ok
23:22:58.0890 2012  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
23:22:58.0890 2012  RpcSs - ok
23:22:58.0906 2012  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
23:22:58.0906 2012  rspndr - ok
23:22:58.0937 2012  [ FCAF9C2C9EADF8F397C3350760EF500F ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
23:22:58.0937 2012  RTL8167 - ok
23:22:58.0953 2012  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
23:22:58.0953 2012  SamSs - ok
23:22:58.0984 2012  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
23:22:58.0984 2012  sbp2port - ok
23:22:59.0015 2012  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
23:22:59.0015 2012  SCardSvr - ok
23:22:59.0031 2012  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
23:22:59.0046 2012  scfilter - ok
23:22:59.0078 2012  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
23:22:59.0093 2012  Schedule - ok
23:22:59.0109 2012  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
23:22:59.0109 2012  SCPolicySvc - ok
23:22:59.0124 2012  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
23:22:59.0124 2012  SDRSVC - ok
23:22:59.0187 2012  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
23:22:59.0187 2012  secdrv - ok
23:22:59.0202 2012  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
23:22:59.0202 2012  seclogon - ok
23:22:59.0234 2012  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
23:22:59.0234 2012  SENS - ok
23:22:59.0265 2012  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
23:22:59.0265 2012  SensrSvc - ok
23:22:59.0280 2012  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
23:22:59.0280 2012  Serenum - ok
23:22:59.0312 2012  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
23:22:59.0312 2012  Serial - ok
23:22:59.0327 2012  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
23:22:59.0343 2012  sermouse - ok
23:22:59.0390 2012  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
23:22:59.0390 2012  SessionEnv - ok
23:22:59.0405 2012  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
23:22:59.0421 2012  sffdisk - ok
23:22:59.0436 2012  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
23:22:59.0436 2012  sffp_mmc - ok
23:22:59.0452 2012  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
23:22:59.0452 2012  sffp_sd - ok
23:22:59.0468 2012  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
23:22:59.0468 2012  sfloppy - ok
23:22:59.0499 2012  [ C6CC9297BD53E5229653303E556AA539 ] Sftfs           C:\Windows\system32\DRIVERS\Sftfslh.sys
23:22:59.0514 2012  Sftfs - ok
23:22:59.0561 2012  [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist         C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
23:22:59.0577 2012  sftlist - ok
23:22:59.0592 2012  [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay         C:\Windows\system32\DRIVERS\Sftplaylh.sys
23:22:59.0592 2012  Sftplay - ok
23:22:59.0608 2012  [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir        C:\Windows\system32\DRIVERS\Sftredirlh.sys
23:22:59.0608 2012  Sftredir - ok
23:22:59.0624 2012  [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol          C:\Windows\system32\DRIVERS\Sftvollh.sys
23:22:59.0624 2012  Sftvol - ok
23:22:59.0639 2012  [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa          C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
23:22:59.0639 2012  sftvsa - ok
23:22:59.0670 2012  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
23:22:59.0686 2012  SharedAccess - ok
23:22:59.0702 2012  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
23:22:59.0717 2012  ShellHWDetection - ok
23:22:59.0733 2012  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
23:22:59.0733 2012  SiSRaid2 - ok
23:22:59.0748 2012  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
23:22:59.0748 2012  SiSRaid4 - ok
23:22:59.0889 2012  [ 23E3C83DFF7B09A97B01A85ED8A44478 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
23:22:59.0967 2012  Skype C2C Service - ok
23:22:59.0998 2012  [ 8C4F0DCC6A5100D48F9B2F950CDD220F ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
23:22:59.0998 2012  SkypeUpdate - ok
23:23:00.0014 2012  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
23:23:00.0014 2012  Smb - ok
23:23:00.0045 2012  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
23:23:00.0045 2012  SNMPTRAP - ok
23:23:00.0060 2012  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
23:23:00.0060 2012  spldr - ok
23:23:00.0092 2012  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
23:23:00.0107 2012  Spooler - ok
23:23:00.0201 2012  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
23:23:00.0232 2012  sppsvc - ok
23:23:00.0248 2012  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
23:23:00.0263 2012  sppuinotify - ok
23:23:00.0310 2012  [ 3510E7021D2637A67FBCB5105EAE945D ] SRTSP           C:\Windows\System32\Drivers\N360x64\1402000.013\SRTSP64.SYS
23:23:00.0326 2012  SRTSP - ok
23:23:00.0357 2012  [ 1B884D876E87EABF5A3356BBD7321412 ] SRTSPX          C:\Windows\system32\drivers\N360x64\1402000.013\SRTSPX64.SYS
23:23:00.0357 2012  SRTSPX - ok
23:23:00.0404 2012  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
23:23:00.0404 2012  srv - ok
23:23:00.0419 2012  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
23:23:00.0435 2012  srv2 - ok
23:23:00.0435 2012  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
23:23:00.0450 2012  srvnet - ok
23:23:00.0466 2012  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
23:23:00.0466 2012  SSDPSRV - ok
23:23:00.0482 2012  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
23:23:00.0482 2012  SstpSvc - ok
23:23:00.0497 2012  Steam Client Service - ok
23:23:00.0513 2012  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
23:23:00.0513 2012  stexstor - ok
23:23:00.0560 2012  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
23:23:00.0560 2012  stisvc - ok
23:23:00.0575 2012  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
23:23:00.0591 2012  swenum - ok
23:23:00.0606 2012  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
23:23:00.0606 2012  swprv - ok
23:23:00.0638 2012  [ 777217682DA76337E8E6EC8AC4412B9B ] SymDS           C:\Windows\system32\drivers\N360x64\1402000.013\SYMDS64.SYS
23:23:00.0653 2012  SymDS - ok
23:23:00.0684 2012  [ 64D1AF3D04E70A681154FFF1893848F6 ] SymEFA          C:\Windows\system32\drivers\N360x64\1402000.013\SYMEFA64.SYS
23:23:00.0700 2012  SymEFA - ok
23:23:00.0731 2012  [ F5D6D3B7468C46EA2DDC1D19D2A6DA0F ] SymEvent        C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
23:23:00.0731 2012  SymEvent - ok
23:23:00.0747 2012  [ ADF37F1A715D6C56C8E065FD8569A9A4 ] SymIRON         C:\Windows\system32\drivers\N360x64\1402000.013\Ironx64.SYS
23:23:00.0747 2012  SymIRON - ok
23:23:00.0762 2012  [ 1605EBD8CB86AFC4430116065995279A ] SymNetS         C:\Windows\System32\Drivers\N360x64\1402000.013\SYMNETS.SYS
23:23:00.0778 2012  SymNetS - ok
23:23:00.0825 2012  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
23:23:00.0840 2012  SysMain - ok
23:23:00.0872 2012  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
23:23:00.0872 2012  TabletInputService - ok
23:23:00.0887 2012  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
23:23:00.0887 2012  TapiSrv - ok
23:23:00.0918 2012  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
23:23:00.0918 2012  TBS - ok
23:23:00.0996 2012  [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
23:23:01.0028 2012  Tcpip - ok
23:23:01.0059 2012  [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
23:23:01.0074 2012  TCPIP6 - ok
23:23:01.0121 2012  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
23:23:01.0121 2012  tcpipreg - ok
23:23:01.0137 2012  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
23:23:01.0137 2012  TDPIPE - ok
23:23:01.0152 2012  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
23:23:01.0152 2012  TDTCP - ok
23:23:01.0184 2012  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
23:23:01.0184 2012  tdx - ok
23:23:01.0215 2012  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
23:23:01.0215 2012  TermDD - ok
23:23:01.0262 2012  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
23:23:01.0262 2012  TermService - ok
23:23:01.0293 2012  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
23:23:01.0293 2012  Themes - ok
23:23:01.0308 2012  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
23:23:01.0308 2012  THREADORDER - ok
23:23:01.0324 2012  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
23:23:01.0324 2012  TrkWks - ok
23:23:01.0355 2012  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
23:23:01.0355 2012  TrustedInstaller - ok
23:23:01.0386 2012  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
23:23:01.0386 2012  tssecsrv - ok
23:23:01.0402 2012  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
23:23:01.0402 2012  TsUsbFlt - ok
23:23:01.0418 2012  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
23:23:01.0418 2012  tunnel - ok
23:23:01.0449 2012  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
23:23:01.0449 2012  uagp35 - ok
23:23:01.0464 2012  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
23:23:01.0464 2012  udfs - ok
23:23:01.0480 2012  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
23:23:01.0480 2012  UI0Detect - ok
23:23:01.0496 2012  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
23:23:01.0511 2012  uliagpkx - ok
23:23:01.0527 2012  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\drivers\umbus.sys
23:23:01.0527 2012  umbus - ok
23:23:01.0542 2012  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
23:23:01.0542 2012  UmPass - ok
23:23:01.0558 2012  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
23:23:01.0558 2012  upnphost - ok
23:23:01.0589 2012  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
23:23:01.0589 2012  usbaudio - ok
23:23:01.0605 2012  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
23:23:01.0605 2012  usbccgp - ok
23:23:01.0636 2012  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
23:23:01.0636 2012  usbcir - ok
23:23:01.0652 2012  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
23:23:01.0652 2012  usbehci - ok
23:23:01.0667 2012  [ 2C780746DC44A28FE67004DC58173F05 ] usbfilter       C:\Windows\system32\DRIVERS\usbfilter.sys
23:23:01.0683 2012  usbfilter - ok
23:23:01.0698 2012  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
23:23:01.0698 2012  usbhub - ok
23:23:01.0698 2012  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
23:23:01.0698 2012  usbohci - ok
23:23:01.0714 2012  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
23:23:01.0714 2012  usbprint - ok
23:23:01.0745 2012  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
23:23:01.0745 2012  usbscan - ok
23:23:01.0761 2012  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\drivers\USBSTOR.SYS
23:23:01.0761 2012  USBSTOR - ok
23:23:01.0776 2012  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
23:23:01.0776 2012  usbuhci - ok
23:23:01.0792 2012  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
23:23:01.0808 2012  usbvideo - ok
23:23:01.0823 2012  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
23:23:01.0823 2012  UxSms - ok
23:23:01.0823 2012  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
23:23:01.0839 2012  VaultSvc - ok
23:23:01.0870 2012  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
23:23:01.0870 2012  vdrvroot - ok
23:23:01.0901 2012  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
23:23:01.0901 2012  vds - ok
23:23:01.0917 2012  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
23:23:01.0917 2012  vga - ok
23:23:01.0948 2012  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
23:23:01.0948 2012  VgaSave - ok
23:23:02.0010 2012  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
23:23:02.0026 2012  vhdmp - ok
23:23:02.0042 2012  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
23:23:02.0042 2012  viaide - ok
23:23:02.0073 2012  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
23:23:02.0073 2012  volmgr - ok
23:23:02.0135 2012  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
23:23:02.0151 2012  volmgrx - ok
23:23:02.0198 2012  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
23:23:02.0213 2012  volsnap - ok
23:23:02.0244 2012  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
23:23:02.0244 2012  vsmraid - ok
23:23:02.0307 2012  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
23:23:02.0338 2012  VSS - ok
23:23:02.0369 2012  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
23:23:02.0385 2012  vwifibus - ok
23:23:02.0400 2012  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
23:23:02.0400 2012  vwififlt - ok
23:23:02.0416 2012  [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
23:23:02.0416 2012  vwifimp - ok
23:23:02.0478 2012  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
23:23:02.0494 2012  W32Time - ok
23:23:02.0556 2012  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
23:23:02.0556 2012  WacomPen - ok
23:23:02.0619 2012  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
23:23:02.0619 2012  WANARP - ok
23:23:02.0619 2012  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
23:23:02.0634 2012  Wanarpv6 - ok
23:23:02.0790 2012  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
23:23:02.0837 2012  WatAdminSvc - ok
23:23:03.0009 2012  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
23:23:03.0071 2012  wbengine - ok
23:23:03.0134 2012  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
23:23:03.0149 2012  WbioSrvc - ok
23:23:03.0212 2012  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
23:23:03.0227 2012  wcncsvc - ok
23:23:03.0258 2012  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
23:23:03.0258 2012  WcsPlugInService - ok
23:23:03.0274 2012  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
23:23:03.0274 2012  Wd - ok
23:23:03.0336 2012  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
23:23:03.0352 2012  Wdf01000 - ok
23:23:03.0383 2012  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
23:23:03.0383 2012  WdiServiceHost - ok
23:23:03.0383 2012  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
23:23:03.0414 2012  WdiSystemHost - ok
23:23:03.0446 2012  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
23:23:03.0446 2012  WebClient - ok
23:23:03.0461 2012  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
23:23:03.0477 2012  Wecsvc - ok
23:23:03.0524 2012  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
23:23:03.0524 2012  wercplsupport - ok
23:23:03.0555 2012  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
23:23:03.0555 2012  WerSvc - ok
23:23:03.0633 2012  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
23:23:03.0633 2012  WfpLwf - ok
23:23:03.0680 2012  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
23:23:03.0680 2012  WIMMount - ok
23:23:03.0695 2012  WinDefend - ok
23:23:03.0711 2012  WinHttpAutoProxySvc - ok
23:23:03.0960 2012  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
23:23:03.0960 2012  Winmgmt - ok
23:23:04.0194 2012  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
23:23:04.0257 2012  WinRM - ok
23:23:04.0304 2012  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
23:23:04.0304 2012  WinUsb - ok
23:23:04.0335 2012  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
23:23:04.0350 2012  Wlansvc - ok
23:23:04.0428 2012  [ 98F138897EF4246381D197CB81846D62 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
23:23:04.0460 2012  wlidsvc - ok
23:23:04.0491 2012  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
23:23:04.0491 2012  WmiAcpi - ok
23:23:04.0522 2012  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
23:23:04.0538 2012  wmiApSrv - ok
23:23:04.0538 2012  WMPNetworkSvc - ok
23:23:04.0569 2012  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
23:23:04.0569 2012  WPCSvc - ok
23:23:04.0600 2012  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
23:23:04.0600 2012  WPDBusEnum - ok
23:23:04.0631 2012  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
23:23:04.0631 2012  ws2ifsl - ok
23:23:04.0647 2012  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
23:23:04.0647 2012  wscsvc - ok
23:23:04.0647 2012  WSearch - ok
23:23:04.0709 2012  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
23:23:04.0740 2012  wuauserv - ok
23:23:04.0756 2012  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
23:23:04.0756 2012  WudfPf - ok
23:23:04.0787 2012  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
23:23:04.0787 2012  WUDFRd - ok
23:23:04.0818 2012  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
23:23:04.0818 2012  wudfsvc - ok
23:23:04.0834 2012  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
23:23:04.0850 2012  WwanSvc - ok
23:23:04.0865 2012  ================ Scan global ===============================
23:23:04.0943 2012  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
23:23:04.0974 2012  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
23:23:04.0990 2012  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
23:23:05.0021 2012  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
23:23:05.0052 2012  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
23:23:05.0068 2012  [Global] - ok
23:23:05.0068 2012  ================ Scan MBR ==================================
23:23:05.0068 2012  [ 62D495ED67B264F5410E0DCB25B02ADF ] \Device\Harddisk0\DR0
23:23:05.0240 2012  \Device\Harddisk0\DR0 - ok
23:23:05.0240 2012  ================ Scan VBR ==================================
23:23:05.0240 2012  [ 2EAF6EE9690186E7FD1019844CBD00F8 ] \Device\Harddisk0\DR0\Partition1
23:23:05.0255 2012  \Device\Harddisk0\DR0\Partition1 - ok
23:23:05.0255 2012  [ 3DDDA1812629B629E98BE51A8627DF91 ] \Device\Harddisk0\DR0\Partition2
23:23:05.0255 2012  \Device\Harddisk0\DR0\Partition2 - ok
23:23:05.0286 2012  [ 7E299507EF466ECE3E195CE0C805B3F4 ] \Device\Harddisk0\DR0\Partition3
23:23:05.0302 2012  \Device\Harddisk0\DR0\Partition3 - ok
23:23:05.0302 2012  ============================================================
23:23:05.0302 2012  Scan finished
23:23:05.0302 2012  ============================================================
23:23:05.0302 3812  Detected object count: 0
23:23:05.0302 3812  Actual detected object count: 0
23:23:09.0420 3804  Deinitialize success



#15 patrickbutters

patrickbutters
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:07:45 AM

Posted 20 March 2013 - 10:58 AM

there are like 7 different TDSSkiller logs that i have but this is the most recent of the 7






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users