Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

rootkit.boot.Harbinger.a


  • This topic is locked This topic is locked
48 replies to this topic

#1 kbresli2

kbresli2

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:12:27 AM

Posted 12 July 2013 - 07:57 PM

My computer wouldn't load webpages, froze after being idle for a few minutes and would not go into "sleep" mode.  When I turned my speakers on, there were several audio "commercials" running simultaneously, in English & Spanish.  I ran TDSSKILLER and malware was detected, which was cured.  All seemed successful, until I tried to go online and received the message that the internet could not be found although it was working on other computers in the house.  I ended up running a system restore, and was able to access the internet.  The audio commercials have stopped, but I'm concerned that I put the malware back with the system restore.  The TDSSKILLER log file reads that rootkit.boot.Harbinger.a was cured.  How can I be sure that my computer is clean?  Thank you for any help.

 

 



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,573 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:27 PM

Posted 12 July 2013 - 08:26 PM

Hello, I moved this to the Am I Infected forum from Win7.. Let's run these and be sure.


Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



Please Download TDSSkiller
Launch it.
Click on change parameters-Select TDLFS file system
Click on "Scan".
Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results.



Please download AdwCleaner by Xplode onto your desktop.
Close all open programs and internet browsers.
Double click on adwcleaner.exe to run the tool.
Click on Delete.
Confirm each time with Ok.
You will be prompted to restart your computer. A text file will open after the restart.
Please post the contents of that logfile with your next reply.
You can find the logfile at C:\AdwCleaner[S1].txt as well.



Last run ESET.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.
Please download Rkill by Grinler and save it to your desktop.
  • Link 1
  • Link 2
    • Double-click on the Rkill desktop icon to run the tool.
    • If using Vista, right-click on it and Run As Administrator.
    • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
    • If not, delete the file, then download and use the one provided in Link 2.
    • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
    • If the tool does not run from any of the links provided, please let me know.
  • Do not reboot the computer, you will need to run the application again.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 hamluis

hamluis

    Moderator


  • Moderator
  • 56,565 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:10:27 PM

Posted 14 July 2013 - 04:30 PM

Requested data submitted via Report button by OP.:

 

I am submitting these results individually. Here is the report for MiniToolBox:

MiniToolBox by Farbar Version: 13-07-2013
Ran by KB (administrator) on 14-07-2013 at 17:03:35
Running from "C:\Users\KB\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Linksys AE2500 = Wireless Network Connection 4 (Connected)
Realtek PCIe FE Family Controller = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : kbcomputer
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection 4:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Linksys AE2500
Physical Address. . . . . . . . . : C0-C1-C0-60-0C-30
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::31b0:ccd2:b5f8:3e84%18(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.102(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Sunday, July 14, 2013 4:54:55 PM
Lease Expires . . . . . . . . . . : Monday, July 15, 2013 4:55:01 PM
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DHCPv6 IAID . . . . . . . . . . . : 432062912
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-37-B4-9A-D4-85-64-C1-65-E8
DNS Servers . . . . . . . . . . . : 167.206.251.129
167.206.251.130
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : sgt.cpqcorp.net
Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
Physical Address. . . . . . . . . : D4-85-64-C1-65-E8
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Teredo Tunneling Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{C3A64A69-FFC3-4F38-AEE3-4428526F3CCC}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: vdns1.srv.whplny.cv.net
Address: 167.206.251.129

Name: google.com
Addresses: 2607:f8b0:4006:801::1003
74.125.226.194
74.125.226.199
74.125.226.197
74.125.226.195
74.125.226.198
74.125.226.193
74.125.226.200
74.125.226.196
74.125.226.206
74.125.226.201
74.125.226.192


Pinging google.com [74.125.226.229] with 32 bytes of data:
Reply from 74.125.226.229: bytes=32 time=12ms TTL=55
Reply from 74.125.226.229: bytes=32 time=13ms TTL=55

Ping statistics for 74.125.226.229:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 12ms, Maximum = 13ms, Average = 12ms
Server: vdns1.srv.whplny.cv.net
Address: 167.206.251.129

Name: yahoo.com
Addresses: 98.139.183.24
206.190.36.45
98.138.253.109


Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=57ms TTL=50
Reply from 98.138.253.109: bytes=32 time=91ms TTL=49

Ping statistics for 98.138.253.109:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 57ms, Maximum = 91ms, Average = 74ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
18...c0 c1 c0 60 0c 30 ......Linksys AE2500
11...d4 85 64 c1 65 e8 ......Realtek PCIe FE Family Controller
1...........................Software Loopback Interface 1
10...00 00 00 00 00 00 00 e0 Microsoft Teredo Tunneling Adapter
22...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.102 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.0.0 255.255.255.0 On-link 192.168.0.102 281
192.168.0.102 255.255.255.255 On-link 192.168.0.102 281
192.168.0.255 255.255.255.255 On-link 192.168.0.102 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.0.102 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.0.102 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
18 281 fe80::/64 On-link
18 281 fe80::31b0:ccd2:b5f8:3e84/128
On-link
1 306 ff00::/8 On-link
18 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 08 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304] (Microsoft Corporation)
x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 08 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (07/12/2013 11:04:46 AM) (Source: System Restore) (User: )
Description: Failed to create restore point (Process = C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Setup.exe Files (x86)\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Setup.exe" -Embedding; Description = Configured Microsoft Office Home and Business 2010; Error = 0x8007043c).

Error: (07/12/2013 10:33:45 AM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 10.0.9200.16635 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 12cc

Start Time: 01ce7f0cac1c0116

Termination Time: 27

Application Path: C:\Program Files\Internet Explorer\iexplore.exe

Report Id: 06d2f7af-eb00-11e2-9913-d48564c165e8

Error: (07/12/2013 07:57:41 AM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 10.0.9200.16635 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 330

Start Time: 01ce7ef6c1b88351

Termination Time: 0

Application Path: C:\Program Files\Internet Explorer\iexplore.exe

Report Id: 344d9bcb-eaea-11e2-87b5-d48564c165e8

Error: (07/11/2013 10:43:46 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc3c1
Faulting module name: ole32.dll, version: 6.1.7601.17514, time stamp: 0x4ce7c92c
Exception code: 0xc0000005
Fault offset: 0x0000000000007624
Faulting process id: 0x1674
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3

Error: (07/11/2013 10:06:19 PM) (Source: Application Hang) (User: )
Description: The program Explorer.EXE version 6.1.7601.17567 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 10a0

Start Time: 01ce7ea37e58f892

Termination Time: 0

Application Path: C:\Windows\Explorer.EXE

Report Id:

Error: (07/11/2013 08:43:48 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc3c1
Faulting module name: ole32.dll, version: 6.1.7601.17514, time stamp: 0x4ce7c92c
Exception code: 0xc0000005
Fault offset: 0x0000000000007624
Faulting process id: 0xdb8
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3

Error: (07/11/2013 07:18:08 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc3c1
Faulting module name: MSHTML.dll, version: 10.0.9200.16635, time stamp: 0x51b7ad9b
Exception code: 0xc0000005
Fault offset: 0x000000000064de43
Faulting process id: 0x1a4c
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3

Error: (07/11/2013 07:00:55 PM) (Source: Application Hang) (User: )
Description: The program Skype.exe version 5.10.0.116 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 998

Start Time: 01ce7e89e4b01aaf

Termination Time: 59

Application Path: C:\Program Files (x86)\Skype\Phone\Skype.exe

Report Id:

Error: (07/11/2013 06:08:16 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc3c1
Faulting module name: ole32.dll, version: 6.1.7601.17514, time stamp: 0x4ce7c92c
Exception code: 0xc0000005
Fault offset: 0x0000000000007624
Faulting process id: 0x1698
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3

Error: (07/10/2013 07:49:26 AM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc3c1
Faulting module name: MSHTML.dll, version: 10.0.9200.16635, time stamp: 0x51b7ad9b
Exception code: 0xc0000005
Fault offset: 0x000000000064de43
Faulting process id: 0x263c
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3


System errors:
=============
Error: (07/12/2013 03:58:57 PM) (Source: Service Control Manager) (User: )
Description: The Google Update Service (gupdate) service terminated unexpectedly. It has done this 1 time(s).

Error: (07/12/2013 11:09:59 AM) (Source: Service Control Manager) (User: )
Description: The Windows Firewall service terminated with service-specific error %%5.

Error: (07/12/2013 11:05:54 AM) (Source: DCOM) (User: )
Description: 1084wuauserv{E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error: (07/12/2013 11:04:46 AM) (Source: DCOM) (User: )
Description: 1084MSIServer{000C101C-0000-0000-C000-000000000046}

Error: (07/12/2013 10:59:51 AM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (07/12/2013 10:59:51 AM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (07/12/2013 10:59:51 AM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (07/12/2013 10:59:51 AM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (07/12/2013 10:59:51 AM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (07/12/2013 10:59:51 AM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068


Microsoft Office Sessions:
=========================
Error: (07/12/2013 11:04:46 AM) (Source: System Restore)(User: )
Description: C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Setup.exe Files (x86)\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Setup.exe" -EmbeddingConfigured Microsoft Office Home and Business 20100x8007043c

Error: (07/12/2013 10:33:45 AM) (Source: Application Hang)(User: )
Description: iexplore.exe10.0.9200.1663512cc01ce7f0cac1c011627C:\Program Files\Internet Explorer\iexplore.exe06d2f7af-eb00-11e2-9913-d48564c165e8

Error: (07/12/2013 07:57:41 AM) (Source: Application Hang)(User: )
Description: iexplore.exe10.0.9200.1663533001ce7ef6c1b883510C:\Program Files\Internet Explorer\iexplore.exe344d9bcb-eaea-11e2-87b5-d48564c165e8

Error: (07/11/2013 10:43:46 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc3c1ole32.dll6.1.7601.175144ce7c92cc00000050000000000007624167401ce7ea892d5d2f3C:\Windows\system32\svchost.exeC:\Windows\system32\ole32.dlldf7efabc-ea9c-11e2-a93e-d48564c165e8

Error: (07/11/2013 10:06:19 PM) (Source: Application Hang)(User: )
Description: Explorer.EXE6.1.7601.1756710a001ce7ea37e58f8920C:\Windows\Explorer.EXE

Error: (07/11/2013 08:43:48 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc3c1ole32.dll6.1.7601.175144ce7c92cc00000050000000000007624db801ce7e97c9ef3842C:\Windows\system32\svchost.exeC:\Windows\system32\ole32.dll1d129f3d-ea8c-11e2-bf82-d48564c165e8

Error: (07/11/2013 07:18:08 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc3c1MSHTML.dll10.0.9200.1663551b7ad9bc0000005000000000064de431a4c01ce7e8c6c958ff4C:\Windows\system32\svchost.exeC:\Windows\system32\MSHTML.dll250af2db-ea80-11e2-bfcd-d48564c165e8

Error: (07/11/2013 07:00:55 PM) (Source: Application Hang)(User: )
Description: Skype.exe5.10.0.11699801ce7e89e4b01aaf59C:\Program Files (x86)\Skype\Phone\Skype.exe

Error: (07/11/2013 06:08:16 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc3c1ole32.dll6.1.7601.175144ce7c92cc00000050000000000007624169801ce7e8213ccc546C:\Windows\system32\svchost.exeC:\Windows\system32\ole32.dll628ade5f-ea76-11e2-a690-d48564c165e8

Error: (07/10/2013 07:49:26 AM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc3c1MSHTML.dll10.0.9200.1663551b7ad9bc0000005000000000064de43263c01ce7d629cee9ffaC:\Windows\system32\svchost.exeC:\Windows\system32\MSHTML.dllc513c6e3-e956-11e2-a942-d48564c165e8


CodeIntegrity Errors:
===================================
Date: 2013-07-12 10:31:29.757
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-07-12 09:29:13.269
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-07-12 07:54:15.517
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-07-11 22:28:22.444
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-07-11 21:58:02.565
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-07-11 20:28:07.765
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-07-11 18:56:26.392
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-07-11 17:52:42.952
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-07-10 20:26:02.392
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-07-10 16:37:19.414
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.


=========================== Installed Programs ============================

Adobe AIR (Version: 1.5.3.9130)
Adobe Flash Player 11 ActiveX (Version: 11.7.700.224)
Adobe Reader X (10.1.4) (Version: 10.1.4)
Adobe Shockwave Player 11.6 (Version: 11.6.4.634)
Apple Application Support (Version: 2.1.7)
Apple Software Update (Version: 2.1.3.127)
ATI Catalyst Install Manager (Version: 3.0.774.0)
Bejeweled 2 Deluxe (Version: 2.2.0.95)
Blackhawk Striker 2 (Version: 2.2.0.95)
Build-a-lot 2 (Version: 2.2.0.95)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Core Implementation (Version: 2010.0511.2153.37435)
Catalyst Control Center Graphics Full Existing (Version: 2010.0511.2153.37435)
Catalyst Control Center Graphics Full New (Version: 2010.0511.2153.37435)
Catalyst Control Center Graphics Light (Version: 2010.0511.2153.37435)
Catalyst Control Center Graphics Previews Vista (Version: 2010.0511.2153.37435)
Catalyst Control Center InstallProxy (Version: 2010.0511.2153.37435)
Catalyst Control Center Localization All (Version: 2010.0511.2153.37435)
CCC Help Chinese Standard (Version: 2010.0511.2152.37435)
CCC Help Chinese Traditional (Version: 2010.0511.2152.37435)
CCC Help Czech (Version: 2010.0511.2152.37435)
CCC Help Danish (Version: 2010.0511.2152.37435)
CCC Help Dutch (Version: 2010.0511.2152.37435)
CCC Help English (Version: 2010.0511.2152.37435)
CCC Help Finnish (Version: 2010.0511.2152.37435)
CCC Help French (Version: 2010.0511.2152.37435)
CCC Help German (Version: 2010.0511.2152.37435)
CCC Help Greek (Version: 2010.0511.2152.37435)
CCC Help Hungarian (Version: 2010.0511.2152.37435)
CCC Help Italian (Version: 2010.0511.2152.37435)
CCC Help Japanese (Version: 2010.0511.2152.37435)
CCC Help Korean (Version: 2010.0511.2152.37435)
CCC Help Norwegian (Version: 2010.0511.2152.37435)
CCC Help Polish (Version: 2010.0511.2152.37435)
CCC Help Portuguese (Version: 2010.0511.2152.37435)
CCC Help Russian (Version: 2010.0511.2152.37435)
CCC Help Spanish (Version: 2010.0511.2152.37435)
CCC Help Swedish (Version: 2010.0511.2152.37435)
CCC Help Thai (Version: 2010.0511.2152.37435)
CCC Help Turkish (Version: 2010.0511.2152.37435)
ccc-core-static (Version: 2010.0511.2153.37435)
ccc-utility64 (Version: 2010.0511.2153.37435)
Chuzzle Deluxe (Version: 2.2.0.95)
CinemaNow Media Manager (Version: 1.9.1.105)
CyberLink DVD Suite Deluxe (Version: 7.0.2823)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Diner Dash 2 Restaurant Rescue (Version: 2.2.0.95)
Dora's Carnival Adventure (Version: 2.2.0.95)
DVD Menu Pack for HP MediaSmart Video (Version: 4.1.4030)
Escape Rosecliff Island (Version: 2.2.0.95)
FamilySearch Indexing 3.11.0 (Version: 3.11.0)
FATE (Version: 2.2.0.95)
Final Drive Nitro (Version: 2.2.0.95)
Google Drive (Version: 1.10.4769.632)
Google Update Helper (Version: 1.3.21.153)
Heroes of Hellas 2 - Olympia (Version: 2.2.0.95)
HP Advisor (Version: 3.4.10262.3295)
HP Customer Experience Enhancements (Version: 6.0.1.4)
HP Game Console
HP Games (Version: 1.0.1.3)
HP MediaSmart CinemaNow 2.0 (Version: 2.0)
HP MediaSmart DVD (Version: 4.1.4229)
HP MediaSmart Music (Version: 4.1.4301)
HP MediaSmart Photo (Version: 4.1.4211)
HP MediaSmart SmartMenu (Version: 3.1.1.12)
HP MediaSmart Video (Version: 4.1.4214)
HP MediaSmart/TouchSmart Netflix (Version: 1.0.3.0)
HP Odometer (Version: 2.10.0000)
HP Setup (Version: 8.1.4186.3400)
HP Support Information (Version: 10.1.0002)
HP Update (Version: 5.002.003.003)
HP Vision Hardware Diagnostics (Version: 2.1.2.27173)
Hulu Desktop (Version: 0.9.13)
Internet Explorer Toolbar 4.7 by SweetPacks (Version: 4.7.0008)
Java Auto Updater (Version: 2.0.6.1)
Java™ 6 Update 30 (Version: 6.0.300)
Jewel Quest 3 (Version: 2.2.0.95)
Jewel Quest Solitaire 2 (Version: 2.2.0.95)
Junk Mail filter update (Version: 14.0.8089.726)
Kobo
LabelPrint (Version: 2.5.2823)
LightScribe System Software (Version: 1.18.15.1)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Home and Business 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
Movie Theme Pack for HP MediaSmart Video (Version: 4.1.4030)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
NCLEX-RN 3500 - Individual Version
Norton 360 (Version: 5.2.2.3)
Norton Online Backup (Version: 2.1.17869)
PDF Complete Special Edition (Version: 3.5.111)
Penguins! (Version: 2.2.0.95)
PhotoNow! (Version: 1.1.6904)
PictureMover (Version: 3.5.0.28)
Plants vs. Zombies (Version: 2.2.0.95)
PlayReady PC Runtime amd64 (Version: 1.3.0)
Poker Superstars III (Version: 2.2.0.95)
Polar Bowler (Version: 2.2.0.95)
Polar Golfer (Version: 2.2.0.95)
Power2Go (Version: 6.1.4022)
PowerDirector (Version: 8.0.2906)
PressReader (Version: 5.10.621.0)
QuickTime (Version: 7.72.80.56)
Realtek High Definition Audio Driver (Version: 6.0.1.6132)
Recovery Manager (Version: 5.5.2926)
Roxio CinemaNow 2.0 (Version: 1.0.284)
Skype 5.10 (Version: 5.10.116)
swMSM (Version: 12.0.0.1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
Virtual Families (Version: 2.2.0.95)
Virtual Villagers - The Secret City (Version: 2.2.0.95)
Wheel of Fortune 2 (Version: 2.2.0.95)
Windows Live Call (Version: 14.0.8064.0206)
Windows Live Communications Platform (Version: 14.0.8064.206)
Windows Live Essentials (Version: 14.0.8089.0726)
Windows Live Essentials (Version: 14.0.8089.726)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
Windows Live Mail (Version: 14.0.8089.0726)
Windows Live Messenger (Version: 14.0.8089.0726)
Windows Live Photo Gallery (Version: 14.0.8081.709)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Live Writer (Version: 14.0.8089.0726)
Zinio Reader 4 (Version: 4.0.2811)
Zuma Deluxe (Version: 2.2.0.95)

========================= Memory info: ===================================

Percentage of memory in use: 28%
Total physical RAM: 5887.29 MB
Available physical RAM: 4205.36 MB
Total Pagefile: 11772.75 MB
Available Pagefile: 9954.52 MB
Total Virtual: 4095.88 MB
Available Virtual: 3972.52 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:919.35 GB) (Free:847.72 GB) NTFS
2 Drive d: (HP_RECOVERY) (Fixed) (Total:12.07 GB) (Free:1.47 GB) NTFS

========================= Users: ========================================

User accounts for \\KBCOMPUTER

Administrator Guest KB


**** End of log ****
 

 

Here is the TDSSKILLER report:

17:09:16.0862 3300 TDSS rootkit removing tool 2.8.18.0 Jun 10 2013 21:44:19
17:09:17.0262 3300 ============================================================
17:09:17.0262 3300 Current date / time: 2013/07/14 17:09:17.0262
17:09:17.0262 3300 SystemInfo:
17:09:17.0262 3300
17:09:17.0262 3300 OS Version: 6.1.7601 ServicePack: 1.0
17:09:17.0262 3300 Product type: Workstation
17:09:17.0262 3300 ComputerName: KBCOMPUTER
17:09:17.0262 3300 UserName: KB
17:09:17.0262 3300 Windows directory: C:\Windows
17:09:17.0262 3300 System windows directory: C:\Windows
17:09:17.0262 3300 Running under WOW64
17:09:17.0262 3300 Processor architecture: Intel x64
17:09:17.0262 3300 Number of processors: 4
17:09:17.0262 3300 Page size: 0x1000
17:09:17.0262 3300 Boot type: Normal boot
17:09:17.0262 3300 ============================================================
17:09:18.0712 3300 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:09:18.0732 3300 ============================================================
17:09:18.0732 3300 \Device\Harddisk0\DR0:
17:09:18.0732 3300 MBR partitions:
17:09:18.0732 3300 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
17:09:18.0732 3300 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x72EB2000
17:09:18.0732 3300 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x72EE4800, BlocksNum 0x1821800
17:09:18.0732 3300 ============================================================
17:09:18.0752 3300 C: <-> \Device\Harddisk0\DR0\Partition2
17:09:18.0802 3300 D: <-> \Device\Harddisk0\DR0\Partition3
17:09:18.0802 3300 ============================================================
17:09:18.0802 3300 Initialize success
17:09:18.0802 3300 ============================================================
17:09:37.0002 0776 ============================================================
17:09:37.0002 0776 Scan started
17:09:37.0002 0776 Mode: Manual; TDLFS;
17:09:37.0002 0776 ============================================================
17:09:37.0632 0776 ================ Scan system memory ========================
17:09:37.0632 0776 System memory - ok
17:09:37.0632 0776 ================ Scan services =============================
17:09:37.0762 0776 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
17:09:37.0772 0776 1394ohci - ok
17:09:37.0792 0776 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
17:09:37.0802 0776 ACPI - ok
17:09:37.0822 0776 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
17:09:37.0832 0776 AcpiPmi - ok
17:09:37.0932 0776 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:09:37.0932 0776 AdobeARMservice - ok
17:09:38.0082 0776 [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:09:38.0092 0776 AdobeFlashPlayerUpdateSvc - ok
17:09:38.0132 0776 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
17:09:38.0162 0776 adp94xx - ok
17:09:38.0192 0776 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
17:09:38.0202 0776 adpahci - ok
17:09:38.0212 0776 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
17:09:38.0222 0776 adpu320 - ok
17:09:38.0252 0776 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:09:38.0252 0776 AeLookupSvc - ok
17:09:38.0302 0776 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
17:09:38.0302 0776 AFD - ok
17:09:38.0332 0776 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
17:09:38.0332 0776 agp440 - ok
17:09:38.0352 0776 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
17:09:38.0362 0776 ALG - ok
17:09:38.0382 0776 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
17:09:38.0382 0776 aliide - ok
17:09:38.0412 0776 [ CA0D6C1390F4B3BAF2A0A69D1A7F8332 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
17:09:38.0412 0776 AMD External Events Utility - ok
17:09:38.0432 0776 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
17:09:38.0432 0776 amdide - ok
17:09:38.0452 0776 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
17:09:38.0452 0776 AmdK8 - ok
17:09:38.0602 0776 [ 75E4BACA583AE02C11E9AC8747E2ABE0 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
17:09:38.0722 0776 amdkmdag - ok
17:09:38.0742 0776 [ B765CF4B32F347BE747B21AE22641025 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
17:09:38.0762 0776 amdkmdap - ok
17:09:38.0792 0776 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
17:09:38.0792 0776 AmdPPM - ok
17:09:38.0812 0776 [ F747497A0EE5498F79B207F215B3D2D8 ] amdsata C:\Windows\system32\DRIVERS\amdsata.sys
17:09:38.0812 0776 amdsata - ok
17:09:38.0842 0776 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
17:09:38.0852 0776 amdsbs - ok
17:09:38.0872 0776 [ 2946D695E158615BAAA16248E63C7ADB ] amdxata C:\Windows\system32\DRIVERS\amdxata.sys
17:09:38.0892 0776 amdxata - ok
17:09:38.0932 0776 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
17:09:38.0962 0776 AppID - ok
17:09:38.0992 0776 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
17:09:38.0992 0776 AppIDSvc - ok
17:09:39.0022 0776 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll
17:09:39.0022 0776 Appinfo - ok
17:09:39.0032 0776 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
17:09:39.0032 0776 arc - ok
17:09:39.0042 0776 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
17:09:39.0042 0776 arcsas - ok
17:09:39.0072 0776 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:09:39.0082 0776 AsyncMac - ok
17:09:39.0122 0776 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
17:09:39.0122 0776 atapi - ok
17:09:39.0172 0776 [ E82E61F46D1336447F4DEFF8C074F13E ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie64.sys
17:09:39.0192 0776 AtiPcie - ok
17:09:39.0222 0776 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:09:39.0242 0776 AudioEndpointBuilder - ok
17:09:39.0252 0776 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
17:09:39.0262 0776 AudioSrv - ok
17:09:39.0302 0776 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
17:09:39.0302 0776 AxInstSV - ok
17:09:39.0352 0776 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
17:09:39.0362 0776 b06bdrv - ok
17:09:39.0392 0776 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
17:09:39.0392 0776 b57nd60a - ok
17:09:39.0422 0776 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
17:09:39.0422 0776 BDESVC - ok
17:09:39.0452 0776 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
17:09:39.0452 0776 Beep - ok
17:09:39.0512 0776 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
17:09:39.0512 0776 BFE - ok
17:09:39.0702 0776 [ 6E10DB69DB1AA96207F4B14B18FF12F8 ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\BASHDefs\20130702.001\BHDrvx64.sys
17:09:39.0722 0776 BHDrvx64 - ok
17:09:39.0752 0776 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
17:09:39.0762 0776 BITS - ok
17:09:39.0792 0776 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
17:09:39.0802 0776 blbdrive - ok
17:09:39.0832 0776 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:09:39.0852 0776 bowser - ok
17:09:39.0892 0776 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:09:39.0892 0776 BrFiltLo - ok
17:09:39.0912 0776 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:09:39.0912 0776 BrFiltUp - ok
17:09:39.0942 0776 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
17:09:39.0942 0776 Browser - ok
17:09:39.0962 0776 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
17:09:39.0972 0776 Brserid - ok
17:09:39.0992 0776 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
17:09:39.0992 0776 BrSerWdm - ok
17:09:40.0012 0776 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
17:09:40.0012 0776 BrUsbMdm - ok
17:09:40.0022 0776 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
17:09:40.0022 0776 BrUsbSer - ok
17:09:40.0042 0776 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
17:09:40.0042 0776 BTHMODEM - ok
17:09:40.0082 0776 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
17:09:40.0092 0776 bthserv - ok
17:09:40.0122 0776 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:09:40.0122 0776 cdfs - ok
17:09:40.0162 0776 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
17:09:40.0182 0776 cdrom - ok
17:09:40.0212 0776 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
17:09:40.0212 0776 CertPropSvc - ok
17:09:40.0262 0776 [ EA3333DB9AB03106EEC0D6D9D487ED01 ] CinemaNow Service C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe
17:09:40.0282 0776 CinemaNow Service - ok
17:09:40.0312 0776 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
17:09:40.0312 0776 circlass - ok
17:09:40.0362 0776 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
17:09:40.0372 0776 CLFS - ok
17:09:40.0492 0776 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:09:40.0512 0776 clr_optimization_v2.0.50727_32 - ok
17:09:40.0562 0776 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:09:40.0562 0776 clr_optimization_v2.0.50727_64 - ok
17:09:40.0652 0776 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:09:40.0652 0776 clr_optimization_v4.0.30319_32 - ok
17:09:40.0682 0776 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:09:40.0692 0776 clr_optimization_v4.0.30319_64 - ok
17:09:40.0732 0776 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
17:09:40.0732 0776 CmBatt - ok
17:09:40.0762 0776 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
17:09:40.0762 0776 cmdide - ok
17:09:40.0812 0776 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
17:09:40.0822 0776 CNG - ok
17:09:40.0852 0776 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
17:09:40.0852 0776 Compbatt - ok
17:09:40.0882 0776 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
17:09:40.0882 0776 CompositeBus - ok
17:09:40.0892 0776 COMSysApp - ok
17:09:40.0902 0776 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
17:09:40.0902 0776 crcdisk - ok
17:09:40.0942 0776 [ D8129C49798CBBFB2E4351D4B7B8EF9C ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:09:40.0942 0776 CryptSvc - ok
17:09:40.0972 0776 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
17:09:40.0982 0776 DcomLaunch - ok
17:09:41.0012 0776 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
17:09:41.0012 0776 defragsvc - ok
17:09:41.0042 0776 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:09:41.0042 0776 DfsC - ok
17:09:41.0072 0776 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
17:09:41.0072 0776 Dhcp - ok
17:09:41.0102 0776 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
17:09:41.0102 0776 discache - ok
17:09:41.0132 0776 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
17:09:41.0142 0776 Disk - ok
17:09:41.0172 0776 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:09:41.0182 0776 Dnscache - ok
17:09:41.0222 0776 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
17:09:41.0222 0776 dot3svc - ok
17:09:41.0272 0776 [ B42ED0320C6E41102FDE0005154849BB ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
17:09:41.0292 0776 Dot4 - ok
17:09:41.0332 0776 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\Windows\system32\drivers\Dot4Prt.sys
17:09:41.0342 0776 Dot4Print - ok
17:09:41.0352 0776 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
17:09:41.0362 0776 dot4usb - ok
17:09:41.0392 0776 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
17:09:41.0392 0776 DPS - ok
17:09:41.0422 0776 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:09:41.0422 0776 drmkaud - ok
17:09:41.0472 0776 [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:09:41.0492 0776 DXGKrnl - ok
17:09:41.0512 0776 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
17:09:41.0512 0776 EapHost - ok
17:09:41.0592 0776 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
17:09:41.0642 0776 ebdrv - ok
17:09:41.0692 0776 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
17:09:41.0722 0776 eeCtrl - ok
17:09:41.0752 0776 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
17:09:41.0752 0776 EFS - ok
17:09:41.0812 0776 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:09:41.0832 0776 ehRecvr - ok
17:09:41.0842 0776 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
17:09:41.0852 0776 ehSched - ok
17:09:41.0902 0776 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
17:09:41.0912 0776 elxstor - ok
17:09:41.0962 0776 [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
17:09:41.0972 0776 EraserUtilRebootDrv - ok
17:09:42.0002 0776 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
17:09:42.0002 0776 ErrDev - ok
17:09:42.0052 0776 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
17:09:42.0052 0776 EventSystem - ok
17:09:42.0102 0776 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
17:09:42.0112 0776 exfat - ok
17:09:42.0122 0776 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:09:42.0132 0776 fastfat - ok
17:09:42.0182 0776 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
17:09:42.0202 0776 Fax - ok
17:09:42.0222 0776 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
17:09:42.0222 0776 fdc - ok
17:09:42.0252 0776 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
17:09:42.0252 0776 fdPHost - ok
17:09:42.0262 0776 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
17:09:42.0272 0776 FDResPub - ok
17:09:42.0282 0776 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:09:42.0282 0776 FileInfo - ok
17:09:42.0292 0776 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:09:42.0292 0776 Filetrace - ok
17:09:42.0312 0776 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
17:09:42.0342 0776 flpydisk - ok
17:09:42.0372 0776 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:09:42.0372 0776 FltMgr - ok
17:09:42.0452 0776 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
17:09:42.0482 0776 FontCache - ok
17:09:42.0522 0776 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:09:42.0532 0776 FontCache3.0.0.0 - ok
17:09:42.0552 0776 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
17:09:42.0552 0776 FsDepends - ok
17:09:42.0582 0776 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:09:42.0592 0776 Fs_Rec - ok
17:09:42.0632 0776 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
17:09:42.0642 0776 fvevol - ok
17:09:42.0682 0776 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
17:09:42.0682 0776 gagp30kx - ok
17:09:42.0742 0776 [ CE16683CFD11FE70BDE435DDA5EA1FCA ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
17:09:42.0762 0776 GameConsoleService - ok
17:09:42.0802 0776 [ AF4DEE5531395DEE72B35B36C9671FD0 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
17:09:42.0812 0776 GEARAspiWDM - ok
17:09:42.0862 0776 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
17:09:42.0872 0776 gpsvc - ok
17:09:42.0942 0776 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:09:42.0952 0776 gupdate - ok
17:09:42.0952 0776 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:09:42.0962 0776 gupdatem - ok
17:09:42.0992 0776 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
17:09:43.0002 0776 hcw85cir - ok
17:09:43.0052 0776 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:09:43.0062 0776 HdAudAddService - ok
17:09:43.0082 0776 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
17:09:43.0082 0776 HDAudBus - ok
17:09:43.0092 0776 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
17:09:43.0102 0776 HidBatt - ok
17:09:43.0102 0776 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
17:09:43.0112 0776 HidBth - ok
17:09:43.0122 0776 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
17:09:43.0132 0776 HidIr - ok
17:09:43.0152 0776 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
17:09:43.0152 0776 hidserv - ok
17:09:43.0202 0776 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
17:09:43.0202 0776 HidUsb - ok
17:09:43.0252 0776 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
17:09:43.0252 0776 hkmsvc - ok
17:09:43.0282 0776 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:09:43.0292 0776 HomeGroupListener - ok
17:09:43.0322 0776 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:09:43.0322 0776 HomeGroupProvider - ok
17:09:43.0382 0776 hpqwmiex - ok
17:09:43.0412 0776 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
17:09:43.0412 0776 HpSAMD - ok
17:09:43.0462 0776 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:09:43.0472 0776 HTTP - ok
17:09:43.0492 0776 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
17:09:43.0492 0776 hwpolicy - ok
17:09:43.0532 0776 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
17:09:43.0542 0776 i8042prt - ok
17:09:43.0572 0776 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
17:09:43.0592 0776 iaStorV - ok
17:09:43.0662 0776 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:09:43.0682 0776 idsvc - ok
17:09:43.0762 0776 [ A48928D4CCA6F8B731989DB08CF2C0AB ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\IPSDefs\20130712.001\IDSvia64.sys
17:09:43.0772 0776 IDSVia64 - ok
17:09:43.0802 0776 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
17:09:43.0802 0776 iirsp - ok
17:09:43.0842 0776 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
17:09:43.0852 0776 IKEEXT - ok
17:09:43.0932 0776 [ 2B888BBDF6962E608A5E1A1D7A626ADF ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
17:09:43.0952 0776 IntcAzAudAddService - ok
17:09:43.0962 0776 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
17:09:43.0962 0776 intelide - ok
17:09:43.0992 0776 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
17:09:43.0992 0776 intelppm - ok
17:09:44.0022 0776 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:09:44.0032 0776 IPBusEnum - ok
17:09:44.0052 0776 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:09:44.0062 0776 IpFilterDriver - ok
17:09:44.0092 0776 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
17:09:44.0102 0776 iphlpsvc - ok
17:09:44.0132 0776 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
17:09:44.0132 0776 IPMIDRV - ok
17:09:44.0162 0776 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
17:09:44.0162 0776 IPNAT - ok
17:09:44.0192 0776 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:09:44.0192 0776 IRENUM - ok
17:09:44.0212 0776 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
17:09:44.0222 0776 isapnp - ok
17:09:44.0242 0776 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
17:09:44.0242 0776 iScsiPrt - ok
17:09:44.0262 0776 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
17:09:44.0262 0776 kbdclass - ok
17:09:44.0272 0776 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
17:09:44.0282 0776 kbdhid - ok
17:09:44.0302 0776 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
17:09:44.0302 0776 KeyIso - ok
17:09:44.0332 0776 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:09:44.0362 0776 KSecDD - ok
17:09:44.0422 0776 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
17:09:44.0422 0776 KSecPkg - ok
17:09:44.0452 0776 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
17:09:44.0462 0776 ksthunk - ok
17:09:44.0502 0776 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
17:09:44.0532 0776 KtmRm - ok
17:09:44.0572 0776 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
17:09:44.0572 0776 LanmanServer - ok
17:09:44.0612 0776 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:09:44.0622 0776 LanmanWorkstation - ok
17:09:44.0672 0776 [ 7550D101BF49FDB1F92666A233EE36C4 ] LightScribeService c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
17:09:44.0672 0776 LightScribeService - ok
17:09:44.0732 0776 [ 584528BF596A54B2BF6BE5067ADDA44A ] Linksys_adapter_H C:\Windows\system32\DRIVERS\AE2500w764.sys
17:09:44.0752 0776 Linksys_adapter_H - ok
17:09:44.0782 0776 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:09:44.0782 0776 lltdio - ok
17:09:44.0822 0776 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:09:44.0832 0776 lltdsvc - ok
17:09:44.0852 0776 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
17:09:44.0852 0776 lmhosts - ok
17:09:44.0902 0776 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
17:09:44.0912 0776 LSI_FC - ok
17:09:44.0922 0776 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
17:09:44.0922 0776 LSI_SAS - ok
17:09:44.0952 0776 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:09:44.0952 0776 LSI_SAS2 - ok
17:09:44.0972 0776 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:09:44.0972 0776 LSI_SCSI - ok
17:09:45.0012 0776 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
17:09:45.0022 0776 luafv - ok
17:09:45.0072 0776 [ 0C85B2B6FB74B36A251792D45E0EF860 ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys
17:09:45.0092 0776 LVRS64 - ok
17:09:45.0212 0776 [ FF3A488924B0032B1A9CA6948C1FA9E8 ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys
17:09:45.0242 0776 LVUVC64 - ok
17:09:45.0272 0776 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:09:45.0292 0776 Mcx2Svc - ok
17:09:45.0312 0776 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
17:09:45.0322 0776 megasas - ok
17:09:45.0362 0776 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
17:09:45.0372 0776 MegaSR - ok
17:09:45.0392 0776 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
17:09:45.0402 0776 MMCSS - ok
17:09:45.0412 0776 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
17:09:45.0422 0776 Modem - ok
17:09:45.0452 0776 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:09:45.0462 0776 monitor - ok
17:09:45.0492 0776 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys
17:09:45.0492 0776 mouclass - ok
17:09:45.0512 0776 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
17:09:45.0512 0776 mouhid - ok
17:09:45.0542 0776 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
17:09:45.0542 0776 mountmgr - ok
17:09:45.0572 0776 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
17:09:45.0582 0776 mpio - ok
17:09:45.0592 0776 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:09:45.0592 0776 mpsdrv - ok
17:09:45.0632 0776 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
17:09:45.0642 0776 MpsSvc - ok
17:09:45.0672 0776 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:09:45.0672 0776 MRxDAV - ok
17:09:45.0702 0776 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:09:45.0712 0776 mrxsmb - ok
17:09:45.0742 0776 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:09:45.0772 0776 mrxsmb10 - ok
17:09:45.0792 0776 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:09:45.0812 0776 mrxsmb20 - ok
17:09:45.0832 0776 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
17:09:45.0852 0776 msahci - ok
17:09:45.0872 0776 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
17:09:45.0872 0776 msdsm - ok
17:09:45.0892 0776 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
17:09:45.0902 0776 MSDTC - ok
17:09:45.0952 0776 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:09:45.0952 0776 Msfs - ok
17:09:45.0972 0776 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
17:09:45.0982 0776 mshidkmdf - ok
17:09:46.0002 0776 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
17:09:46.0012 0776 msisadrv - ok
17:09:46.0042 0776 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:09:46.0062 0776 MSiSCSI - ok
17:09:46.0072 0776 msiserver - ok
17:09:46.0102 0776 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:09:46.0102 0776 MSKSSRV - ok
17:09:46.0122 0776 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:09:46.0122 0776 MSPCLOCK - ok
17:09:46.0132 0776 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:09:46.0142 0776 MSPQM - ok
17:09:46.0172 0776 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:09:46.0182 0776 MsRPC - ok
17:09:46.0212 0776 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
17:09:46.0212 0776 mssmbios - ok
17:09:46.0232 0776 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:09:46.0232 0776 MSTEE - ok
17:09:46.0242 0776 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
17:09:46.0242 0776 MTConfig - ok
17:09:46.0262 0776 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
17:09:46.0262 0776 Mup - ok
17:09:46.0372 0776 [ E78A365CC3E0FBFC018A33DCE01909F8 ] N360 C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ccSvcHst.exe
17:09:46.0372 0776 N360 - ok
17:09:46.0442 0776 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
17:09:46.0492 0776 napagent - ok
17:09:46.0642 0776 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:09:46.0692 0776 NativeWifiP - ok
17:09:46.0772 0776 [ 56540E526B46E379A476FB5BC381B290 ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\VirusDefs\20130712.016\ENG64.SYS
17:09:46.0772 0776 NAVENG - ok
17:09:46.0832 0776 [ 8A19D3991F9F14B885CDE8BC640F6B68 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\VirusDefs\20130712.016\EX64.SYS
17:09:46.0852 0776 NAVEX15 - ok
17:09:46.0912 0776 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
17:09:46.0922 0776 NDIS - ok
17:09:46.0952 0776 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
17:09:46.0962 0776 NdisCap - ok
17:09:46.0992 0776 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:09:46.0992 0776 NdisTapi - ok
17:09:47.0022 0776 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:09:47.0022 0776 Ndisuio - ok
17:09:47.0062 0776 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:09:47.0062 0776 NdisWan - ok
17:09:47.0092 0776 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:09:47.0092 0776 NDProxy - ok
17:09:47.0112 0776 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:09:47.0112 0776 NetBIOS - ok
17:09:47.0132 0776 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
17:09:47.0142 0776 NetBT - ok
17:09:47.0172 0776 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
17:09:47.0172 0776 Netlogon - ok
17:09:47.0212 0776 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
17:09:47.0222 0776 Netman - ok
17:09:47.0242 0776 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
17:09:47.0242 0776 netprofm - ok
17:09:47.0292 0776 [ 81B8D0C1CE44A7FDBD596B693783950C ] netr7364 C:\Windows\system32\DRIVERS\netr7364.sys
17:09:47.0312 0776 netr7364 - ok
17:09:47.0332 0776 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:09:47.0342 0776 NetTcpPortSharing - ok
17:09:47.0382 0776 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
17:09:47.0382 0776 nfrd960 - ok
17:09:47.0402 0776 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
17:09:47.0402 0776 NlaSvc - ok
17:09:47.0462 0776 [ 5839A8027D6D324A7CD494051A96628C ] NOBU C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
17:09:47.0492 0776 NOBU - ok
17:09:47.0502 0776 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:09:47.0502 0776 Npfs - ok
17:09:47.0522 0776 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
17:09:47.0522 0776 nsi - ok
17:09:47.0532 0776 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:09:47.0532 0776 nsiproxy - ok
17:09:47.0582 0776 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:09:47.0632 0776 Ntfs - ok
17:09:47.0652 0776 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
17:09:47.0662 0776 Null - ok
17:09:47.0702 0776 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
17:09:47.0712 0776 nvraid - ok
17:09:47.0732 0776 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
17:09:47.0742 0776 nvstor - ok
17:09:47.0762 0776 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
17:09:47.0772 0776 nv_agp - ok
17:09:47.0792 0776 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
17:09:47.0792 0776 ohci1394 - ok
17:09:47.0862 0776 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:09:47.0872 0776 ose - ok
17:09:48.0042 0776 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:09:48.0092 0776 osppsvc - ok
17:09:48.0122 0776 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
17:09:48.0122 0776 p2pimsvc - ok
17:09:48.0142 0776 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
17:09:48.0152 0776 p2psvc - ok
17:09:48.0192 0776 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
17:09:48.0202 0776 Parport - ok
17:09:48.0222 0776 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:09:48.0242 0776 partmgr - ok
17:09:48.0272 0776 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
17:09:48.0272 0776 PcaSvc - ok
17:09:48.0292 0776 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
17:09:48.0302 0776 pci - ok
17:09:48.0332 0776 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
17:09:48.0342 0776 pciide - ok
17:09:48.0382 0776 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
17:09:48.0392 0776 pcmcia - ok
17:09:48.0412 0776 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
17:09:48.0412 0776 pcw - ok
17:09:48.0452 0776 pdfcDispatcher - ok
17:09:48.0482 0776 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:09:48.0502 0776 PEAUTH - ok
17:09:48.0572 0776 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
17:09:48.0582 0776 PerfHost - ok
17:09:48.0632 0776 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
17:09:48.0652 0776 pla - ok
17:09:48.0682 0776 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:09:48.0692 0776 PlugPlay - ok
17:09:48.0702 0776 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
17:09:48.0702 0776 PNRPAutoReg - ok
17:09:48.0722 0776 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
17:09:48.0732 0776 PNRPsvc - ok
17:09:48.0742 0776 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:09:48.0752 0776 PolicyAgent - ok
17:09:48.0782 0776 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
17:09:48.0782 0776 Power - ok
17:09:48.0812 0776 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:09:48.0812 0776 PptpMiniport - ok
17:09:48.0832 0776 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
17:09:48.0832 0776 Processor - ok
17:09:48.0862 0776 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
17:09:48.0872 0776 ProfSvc - ok
17:09:48.0882 0776 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:09:48.0882 0776 ProtectedStorage - ok
17:09:48.0912 0776 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
17:09:48.0912 0776 Psched - ok
17:09:48.0952 0776 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
17:09:48.0972 0776 ql2300 - ok
17:09:48.0982 0776 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
17:09:48.0982 0776 ql40xx - ok
17:09:49.0002 0776 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
17:09:49.0012 0776 QWAVE - ok
17:09:49.0022 0776 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:09:49.0022 0776 QWAVEdrv - ok
17:09:49.0042 0776 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:09:49.0042 0776 RasAcd - ok
17:09:49.0082 0776 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
17:09:49.0082 0776 RasAgileVpn - ok
17:09:49.0092 0776 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
17:09:49.0092 0776 RasAuto - ok
17:09:49.0132 0776 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:09:49.0132 0776 Rasl2tp - ok
17:09:49.0172 0776 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
17:09:49.0182 0776 RasMan - ok
17:09:49.0192 0776 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:09:49.0202 0776 RasPppoe - ok
17:09:49.0222 0776 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
17:09:49.0222 0776 RasSstp - ok
17:09:49.0262 0776 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:09:49.0262 0776 rdbss - ok
17:09:49.0272 0776 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
17:09:49.0272 0776 rdpbus - ok
17:09:49.0292 0776 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
17:09:49.0292 0776 RDPCDD - ok
17:09:49.0322 0776 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
17:09:49.0322 0776 RDPENCDD - ok
17:09:49.0342 0776 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
17:09:49.0342 0776 RDPREFMP - ok
17:09:49.0372 0776 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
17:09:49.0392 0776 RDPWD - ok
17:09:49.0432 0776 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
17:09:49.0452 0776 rdyboost - ok
17:09:49.0482 0776 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
17:09:49.0492 0776 RemoteAccess - ok
17:09:49.0522 0776 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:09:49.0542 0776 RemoteRegistry - ok
17:09:49.0562 0776 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
17:09:49.0572 0776 RpcEptMapper - ok
17:09:49.0582 0776 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
17:09:49.0602 0776 RpcLocator - ok
17:09:49.0642 0776 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
17:09:49.0652 0776 RpcSs - ok
17:09:49.0692 0776 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:09:49.0702 0776 rspndr - ok
17:09:49.0742 0776 [ 7EA8D2EB9BBFD2AB8A3117A1E96D3B3A ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
17:09:49.0752 0776 RTL8167 - ok
17:09:49.0772 0776 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
17:09:49.0772 0776 SamSs - ok
17:09:49.0802 0776 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
17:09:49.0812 0776 sbp2port - ok
17:09:49.0832 0776 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:09:49.0862 0776 SCardSvr - ok
17:09:49.0882 0776 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
17:09:49.0892 0776 scfilter - ok
17:09:49.0942 0776 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
17:09:49.0962 0776 Schedule - ok
17:09:49.0992 0776 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
17:09:49.0992 0776 SCPolicySvc - ok
17:09:50.0002 0776 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
17:09:50.0022 0776 SDRSVC - ok
17:09:50.0052 0776 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:09:50.0052 0776 secdrv - ok
17:09:50.0092 0776 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
17:09:50.0092 0776 seclogon - ok
17:09:50.0122 0776 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
17:09:50.0132 0776 SENS - ok
17:09:50.0152 0776 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
17:09:50.0152 0776 SensrSvc - ok
17:09:50.0182 0776 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
17:09:50.0192 0776 Serenum - ok
17:09:50.0202 0776 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
17:09:50.0202 0776 Serial - ok
17:09:50.0242 0776 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
17:09:50.0242 0776 sermouse - ok
17:09:50.0282 0776 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
17:09:50.0282 0776 SessionEnv - ok
17:09:50.0302 0776 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
17:09:50.0302 0776 sffdisk - ok
17:09:50.0312 0776 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
17:09:50.0312 0776 sffp_mmc - ok
17:09:50.0332 0776 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
17:09:50.0332 0776 sffp_sd - ok
17:09:50.0362 0776 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
17:09:50.0362 0776 sfloppy - ok
17:09:50.0382 0776 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
17:09:50.0382 0776 SharedAccess - ok
17:09:50.0402 0776 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:09:50.0412 0776 ShellHWDetection - ok
17:09:50.0432 0776 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:09:50.0432 0776 SiSRaid2 - ok
17:09:50.0452 0776 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
17:09:50.0452 0776 SiSRaid4 - ok
17:09:50.0492 0776 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
17:09:50.0492 0776 SkypeUpdate - ok
17:09:50.0522 0776 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
17:09:50.0532 0776 Smb - ok
17:09:50.0562 0776 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:09:50.0572 0776 SNMPTRAP - ok
17:09:50.0582 0776 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
17:09:50.0582 0776 spldr - ok
17:09:50.0622 0776 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
17:09:50.0632 0776 Spooler - ok
17:09:50.0722 0776 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
17:09:50.0762 0776 sppsvc - ok
17:09:50.0772 0776 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
17:09:50.0792 0776 sppuinotify - ok
17:09:50.0872 0776 [ 90EF30C3867BCDE4579C01A6D6E75A7A ] SRTSP C:\Windows\System32\Drivers\N360x64\0502020.003\SRTSP64.SYS
17:09:50.0892 0776 SRTSP - ok
17:09:50.0902 0776 [ C513E8A5E7978DA49077F5484344EE1B ] SRTSPX C:\Windows\system32\drivers\N360x64\0502020.003\SRTSPX64.SYS
17:09:50.0902 0776 SRTSPX - ok
17:09:50.0932 0776 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
17:09:50.0952 0776 srv - ok
17:09:50.0982 0776 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:09:51.0002 0776 srv2 - ok
17:09:51.0022 0776 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:09:51.0022 0776 srvnet - ok
17:09:51.0052 0776 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:09:51.0062 0776 SSDPSRV - ok
17:09:51.0072 0776 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
17:09:51.0082 0776 SstpSvc - ok
17:09:51.0092 0776 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
17:09:51.0092 0776 stexstor - ok
17:09:51.0142 0776 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
17:09:51.0152 0776 stisvc - ok
17:09:51.0172 0776 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
17:09:51.0172 0776 swenum - ok
17:09:51.0192 0776 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
17:09:51.0192 0776 swprv - ok
17:09:51.0222 0776 [ 6160145C7A87FC7672E8E3B886888176 ] SymDS C:\Windows\system32\drivers\N360x64\0502020.003\SYMDS64.SYS
17:09:51.0232 0776 SymDS - ok
17:09:51.0272 0776 [ 96AEED40D4D3521568B42027687E69E0 ] SymEFA C:\Windows\system32\drivers\N360x64\0502020.003\SYMEFA64.SYS
17:09:51.0282 0776 SymEFA - ok
17:09:51.0312 0776 [ 21A1C2D694C3CF962D31F5E873AB3D6F ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
17:09:51.0332 0776 SymEvent - ok
17:09:51.0362 0776 [ BD0D711D8CBFCAA19CA123306EAF53A5 ] SymIRON C:\Windows\system32\drivers\N360x64\0502020.003\Ironx64.SYS
17:09:51.0362 0776 SymIRON - ok
17:09:51.0412 0776 [ A6ADB3D83023F8DAA0F7B6FDA785D83B ] SymNetS C:\Windows\System32\Drivers\N360x64\0502020.003\SYMNETS.SYS
17:09:51.0422 0776 SymNetS - ok
17:09:51.0492 0776 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
17:09:51.0522 0776 SysMain - ok
17:09:51.0552 0776 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:09:51.0562 0776 TabletInputService - ok
17:09:51.0582 0776 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
17:09:51.0582 0776 TapiSrv - ok
17:09:51.0602 0776 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
17:09:51.0602 0776 TBS - ok
17:09:51.0672 0776 [ 9849EA3843A2ADBDD1497E97A85D8CAE ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:09:51.0722 0776 Tcpip - ok
17:09:51.0762 0776 [ 9849EA3843A2ADBDD1497E97A85D8CAE ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
17:09:51.0772 0776 TCPIP6 - ok
17:09:51.0802 0776 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:09:51.0812 0776 tcpipreg - ok
17:09:51.0852 0776 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
17:09:51.0872 0776 TDPIPE - ok
17:09:51.0892 0776 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
17:09:51.0912 0776 TDTCP - ok
17:09:51.0932 0776 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:09:51.0942 0776 tdx - ok
17:09:51.0972 0776 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
17:09:51.0982 0776 TermDD - ok
17:09:52.0012 0776 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
17:09:52.0022 0776 TermService - ok
17:09:52.0042 0776 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
17:09:52.0052 0776 Themes - ok
17:09:52.0072 0776 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
17:09:52.0082 0776 THREADORDER - ok
17:09:52.0082 0776 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
17:09:52.0092 0776 TrkWks - ok
17:09:52.0132 0776 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:09:52.0132 0776 TrustedInstaller - ok
17:09:52.0172 0776 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
17:09:52.0172 0776 tssecsrv - ok
17:09:52.0192 0776 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
17:09:52.0202 0776 TsUsbFlt - ok
17:09:52.0242 0776 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:09:52.0252 0776 tunnel - ok
17:09:52.0272 0776 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
17:09:52.0272 0776 uagp35 - ok
17:09:52.0302 0776 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:09:52.0312 0776 udfs - ok
17:09:52.0362 0776 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:09:52.0372 0776 UI0Detect - ok
17:09:52.0402 0776 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
17:09:52.0402 0776 uliagpkx - ok
17:09:52.0442 0776 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
17:09:52.0442 0776 umbus - ok
17:09:52.0462 0776 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
17:09:52.0462 0776 UmPass - ok
17:09:52.0512 0776 [ 67A95B9D129ED5399E7965CD09CF30E7 ] UMVPFSrv C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
17:09:52.0512 0776 UMVPFSrv - ok
17:09:52.0532 0776 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
17:09:52.0532 0776 upnphost - ok
17:09:52.0582 0776 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
17:09:52.0582 0776 usbaudio - ok
17:09:52.0602 0776 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
17:09:52.0612 0776 usbccgp - ok
17:09:52.0642 0776 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
17:09:52.0642 0776 usbcir - ok
17:09:52.0682 0776 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
17:09:52.0682 0776 usbehci - ok
17:09:52.0712 0776 [ 2C780746DC44A28FE67004DC58173F05 ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys
17:09:52.0712 0776 usbfilter - ok
17:09:52.0752 0776 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
17:09:52.0762 0776 usbhub - ok
17:09:52.0762 0776 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
17:09:52.0772 0776 usbohci - ok
17:09:52.0792 0776 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
17:09:52.0802 0776 usbprint - ok
17:09:52.0822 0776 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:09:52.0822 0776 USBSTOR - ok
17:09:52.0842 0776 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
17:09:52.0842 0776 usbuhci - ok
17:09:52.0872 0776 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
17:09:52.0872 0776 UxSms - ok
17:09:52.0882 0776 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
17:09:52.0892 0776 VaultSvc - ok
17:09:52.0902 0776 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
17:09:52.0902 0776 vdrvroot - ok
17:09:52.0942 0776 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
17:09:52.0952 0776 vds - ok
17:09:52.0972 0776 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
17:09:52.0982 0776 vga - ok
17:09:52.0992 0776 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
17:09:52.0992 0776 VgaSave - ok
17:09:53.0022 0776 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
17:09:53.0032 0776 vhdmp - ok
17:09:53.0052 0776 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
17:09:53.0052 0776 viaide - ok
17:09:53.0072 0776 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
17:09:53.0072 0776 volmgr - ok
17:09:53.0112 0776 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:09:53.0122 0776 volmgrx - ok
17:09:53.0142 0776 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
17:09:53.0152 0776 volsnap - ok
17:09:53.0192 0776 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
17:09:53.0212 0776 vsmraid - ok
17:09:53.0282 0776 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
17:09:53.0302 0776 VSS - ok
17:09:53.0322 0776 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
17:09:53.0322 0776 vwifibus - ok
17:09:53.0342 0776 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
17:09:53.0352 0776 vwififlt - ok
17:09:53.0392 0776 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
17:09:53.0392 0776 W32Time - ok
17:09:53.0412 0776 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
17:09:53.0412 0776 WacomPen - ok
17:09:53.0452 0776 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
17:09:53.0472 0776 WANARP - ok
17:09:53.0472 0776 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:09:53.0482 0776 Wanarpv6 - ok
17:09:53.0522 0776 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
17:09:53.0552 0776 WatAdminSvc - ok
17:09:53.0612 0776 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
17:09:53.0632 0776 wbengine - ok
17:09:53.0652 0776 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
17:09:53.0672 0776 WbioSrvc - ok
17:09:53.0702 0776 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:09:53.0712 0776 wcncsvc - ok
17:09:53.0722 0776 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:09:53.0722 0776 WcsPlugInService - ok
17:09:53.0742 0776 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
17:09:53.0752 0776 Wd - ok
17:09:53.0782 0776 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:09:53.0812 0776 Wdf01000 - ok
17:09:53.0832 0776 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:09:53.0832 0776 WdiServiceHost - ok
17:09:53.0832 0776 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:09:53.0842 0776 WdiSystemHost - ok
17:09:53.0872 0776 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
17:09:53.0882 0776 WebClient - ok
17:09:53.0902 0776 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
17:09:53.0902 0776 Wecsvc - ok
17:09:53.0922 0776 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:09:53.0922 0776 wercplsupport - ok
17:09:53.0952 0776 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
17:09:53.0962 0776 WerSvc - ok
17:09:54.0002 0776 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
17:09:54.0002 0776 WfpLwf - ok
17:09:54.0022 0776 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
17:09:54.0022 0776 WIMMount - ok
17:09:54.0042 0776 WinDefend - ok
17:09:54.0052 0776 WinHttpAutoProxySvc - ok
17:09:54.0102 0776 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:09:54.0112 0776 Winmgmt - ok
17:09:54.0182 0776 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
17:09:54.0212 0776 WinRM - ok
17:09:54.0242 0776 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
17:09:54.0252 0776 WinUsb - ok
17:09:54.0292 0776 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
17:09:54.0312 0776 Wlansvc - ok
17:09:54.0402 0776 [ 98F138897EF4246381D197CB81846D62 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:09:54.0432 0776 wlidsvc - ok
17:09:54.0472 0776 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
17:09:54.0472 0776 WmiAcpi - ok
17:09:54.0502 0776 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:09:54.0502 0776 wmiApSrv - ok
17:09:54.0552 0776 WMPNetworkSvc - ok
17:09:54.0572 0776 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:09:54.0592 0776 WPCSvc - ok
17:09:54.0622 0776 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:09:54.0622 0776 WPDBusEnum - ok
17:09:54.0652 0776 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:09:54.0652 0776 ws2ifsl - ok
17:09:54.0672 0776 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
17:09:54.0682 0776 wscsvc - ok
17:09:54.0692 0776 WSearch - ok
17:09:54.0782 0776 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
17:09:54.0822 0776 wuauserv - ok
17:09:54.0852 0776 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
17:09:54.0852 0776 WudfPf - ok
17:09:54.0882 0776 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
17:09:54.0882 0776 WUDFRd - ok
17:09:54.0922 0776 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:09:54.0922 0776 wudfsvc - ok
17:09:54.0952 0776 [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc C:\Windows\System32\wwansvc.dll
17:09:54.0982 0776 WwanSvc - ok
17:09:55.0022 0776 ================ Scan global ===============================
17:09:55.0042 0776 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
17:09:55.0072 0776 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
17:09:55.0102 0776 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
17:09:55.0142 0776 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
17:09:55.0162 0776 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
17:09:55.0162 0776 [Global] - ok
17:09:55.0162 0776 ================ Scan MBR ==================================
17:09:55.0172 0776 [ E055DCD3A6826C7B2C0044A28D3E8D02 ] \Device\Harddisk0\DR0
17:09:55.0572 0776 \Device\Harddisk0\DR0 - ok
17:09:55.0572 0776 ================ Scan VBR ==================================
17:09:55.0582 0776 [ 007271197F9937F9580E5C0725343B67 ] \Device\Harddisk0\DR0\Partition1
17:09:55.0582 0776 \Device\Harddisk0\DR0\Partition1 - ok
17:09:55.0622 0776 [ 80DE05870B3673F15E9F7C5D0C9DF168 ] \Device\Harddisk0\DR0\Partition2
17:09:55.0622 0776 \Device\Harddisk0\DR0\Partition2 - ok
17:09:55.0662 0776 [ 58D41E8B76FF291CC156C86873A9C10B ] \Device\Harddisk0\DR0\Partition3
17:09:55.0662 0776 \Device\Harddisk0\DR0\Partition3 - ok
17:09:55.0662 0776 ============================================================
17:09:55.0662 0776 Scan finished
17:09:55.0662 0776 ============================================================
17:09:55.0692 2268 Detected object count: 0
17:09:55.0692 2268 Actual detected object count: 0
17:10:15.0762 4052 Deinitialize success
 

 

 

Here is the AdwCleaner report:

# AdwCleaner v2.305 - Logfile created 07/14/2013 at 17:12:45
# Updated 11/07/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : KB - KBCOMPUTER
# Boot Mode : Normal
# Running from : C:\Users\KB\Downloads\AdwCleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v10.0.9200.16635

[OK] Registry is clean.

-\\ Mozilla Firefox v [Unable to get version]

File : C:\Users\KB\AppData\Roaming\Mozilla\Firefox\Profiles\flq4xt7i.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v [Unable to get version]

File : C:\Users\KB\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [4753 octets] - [14/07/2013 16:51:18]
AdwCleaner[S1].txt - [4525 octets] - [14/07/2013 16:52:33]
AdwCleaner[S2].txt - [945 octets] - [14/07/2013 17:12:45]

########## EOF - C:\AdwCleaner[S2].txt - [1004 octets] ##########

Above data submitted by OP of this topic.

 

Louis


Edited by hamluis, 14 July 2013 - 04:40 PM.


#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,573 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:27 PM

Posted 14 July 2013 - 08:11 PM

Hello, the Harbinger.a rootkit is hidden/protected, We will need stronger tools and a deeper look. Please follow this Preparation Guide and post in a new topic.
Let me know if all went well.


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 kbresli2

kbresli2
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:12:27 AM

Posted 14 July 2013 - 09:16 PM

This is the TDSSKILLER report that was run before I contacted bleepingcomputer.com.  After I ran TDSSKILLER at that time, I did not have an internet connection, which prompted me to perform a system restore.  The end of the report shows the rootkit.boot.Harbinger.a that was "cured".  It does not show up on the TDSSKILLER report I ran in response to the instructions you provided.  I took this to mean that it was successfully removed.  Was I wrong?  I can run through the instructions in the "Preparation Guide" you provided, but I wanted to make sure it was necessary.  Thanks again for your help.  All the instructions are very clear and easy to follow.

 

10:46:26.0443 4940  TDSS rootkit removing tool 2.8.18.0 Jun 10 2013 21:44:19
10:46:26.0855 4940  ============================================================
10:46:26.0855 4940  Current date / time: 2013/07/12 10:46:26.0855
10:46:26.0855 4940  SystemInfo:
10:46:26.0855 4940 
10:46:26.0855 4940  OS Version: 6.1.7601 ServicePack: 1.0
10:46:26.0855 4940  Product type: Workstation
10:46:26.0855 4940  ComputerName: KBCOMPUTER
10:46:26.0855 4940  UserName: KB
10:46:26.0855 4940  Windows directory: C:\Windows
10:46:26.0855 4940  System windows directory: C:\Windows
10:46:26.0855 4940  Running under WOW64
10:46:26.0855 4940  Processor architecture: Intel x64
10:46:26.0855 4940  Number of processors: 4
10:46:26.0855 4940  Page size: 0x1000
10:46:26.0855 4940  Boot type: Normal boot
10:46:26.0855 4940  ============================================================
10:46:28.0222 4940  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:46:28.0243 4940  ============================================================
10:46:28.0243 4940  \Device\Harddisk0\DR0:
10:46:28.0243 4940  MBR partitions:
10:46:28.0243 4940  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
10:46:28.0243 4940  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x72EB2000
10:46:28.0243 4940  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x72EE4800, BlocksNum 0x1821800
10:46:28.0243 4940  ============================================================
10:46:28.0263 4940  C: <-> \Device\Harddisk0\DR0\Partition2
10:46:28.0313 4940  D: <-> \Device\Harddisk0\DR0\Partition3
10:46:28.0313 4940  ============================================================
10:46:28.0313 4940  Initialize success
10:46:28.0313 4940  ============================================================
10:46:30.0380 1516  ============================================================
10:46:30.0381 1516  Scan started
10:46:30.0381 1516  Mode: Manual;
10:46:30.0381 1516  ============================================================
10:46:33.0245 1516  ================ Scan system memory ========================
10:46:33.0245 1516  System memory - ok
10:46:33.0245 1516  ================ Scan services =============================
10:46:33.0407 1516  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
10:46:33.0449 1516  1394ohci - ok
10:46:33.0479 1516  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
10:46:33.0479 1516  ACPI - ok
10:46:33.0514 1516  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
10:46:33.0516 1516  AcpiPmi - ok
10:46:33.0621 1516  [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
10:46:33.0621 1516  AdobeARMservice - ok
10:46:33.0752 1516  [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
10:46:33.0764 1516  AdobeFlashPlayerUpdateSvc - ok
10:46:33.0793 1516  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
10:46:33.0813 1516  adp94xx - ok
10:46:33.0843 1516  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
10:46:33.0843 1516  adpahci - ok
10:46:33.0853 1516  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
10:46:33.0853 1516  adpu320 - ok
10:46:33.0884 1516  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
10:46:33.0885 1516  AeLookupSvc - ok
10:46:33.0910 1516  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
10:46:33.0927 1516  AFD - ok
10:46:33.0967 1516  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
10:46:33.0970 1516  agp440 - ok
10:46:33.0985 1516  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
10:46:33.0987 1516  ALG - ok
10:46:34.0005 1516  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
10:46:34.0005 1516  aliide - ok
10:46:34.0035 1516  [ CA0D6C1390F4B3BAF2A0A69D1A7F8332 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
10:46:34.0035 1516  AMD External Events Utility - ok
10:46:34.0045 1516  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
10:46:34.0055 1516  amdide - ok
10:46:34.0084 1516  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
10:46:34.0087 1516  AmdK8 - ok
10:46:34.0198 1516  [ 75E4BACA583AE02C11E9AC8747E2ABE0 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
10:46:34.0281 1516  amdkmdag - ok
10:46:34.0299 1516  [ B765CF4B32F347BE747B21AE22641025 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
10:46:34.0313 1516  amdkmdap - ok
10:46:34.0341 1516  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
10:46:34.0341 1516  AmdPPM - ok
10:46:34.0351 1516  [ F747497A0EE5498F79B207F215B3D2D8 ] amdsata         C:\Windows\system32\DRIVERS\amdsata.sys
10:46:34.0361 1516  amdsata - ok
10:46:34.0381 1516  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
10:46:34.0381 1516  amdsbs - ok
10:46:34.0391 1516  [ 2946D695E158615BAAA16248E63C7ADB ] amdxata         C:\Windows\system32\DRIVERS\amdxata.sys
10:46:34.0409 1516  amdxata - ok
10:46:34.0455 1516  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
10:46:34.0457 1516  AppID - ok
10:46:34.0478 1516  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
10:46:34.0493 1516  AppIDSvc - ok
10:46:34.0513 1516  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\Windows\System32\appinfo.dll
10:46:34.0513 1516  Appinfo - ok
10:46:34.0513 1516  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
10:46:34.0523 1516  arc - ok
10:46:34.0523 1516  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
10:46:34.0523 1516  arcsas - ok
10:46:34.0548 1516  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
10:46:34.0565 1516  AsyncMac - ok
10:46:34.0595 1516  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
10:46:34.0595 1516  atapi - ok
10:46:34.0628 1516  [ E82E61F46D1336447F4DEFF8C074F13E ] AtiPcie         C:\Windows\system32\DRIVERS\AtiPcie64.sys
10:46:34.0630 1516  AtiPcie - ok
10:46:34.0666 1516  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:46:34.0673 1516  AudioEndpointBuilder - ok
10:46:34.0682 1516  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
10:46:34.0687 1516  AudioSrv - ok
10:46:34.0723 1516  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
10:46:34.0737 1516  AxInstSV - ok
10:46:34.0767 1516  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
10:46:34.0793 1516  b06bdrv - ok
10:46:34.0810 1516  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
10:46:34.0814 1516  b57nd60a - ok
10:46:34.0839 1516  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
10:46:34.0839 1516  BDESVC - ok
10:46:34.0859 1516  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
10:46:34.0859 1516  Beep - ok
10:46:34.0902 1516  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
10:46:34.0910 1516  BFE - ok
10:46:35.0071 1516  [ 6E10DB69DB1AA96207F4B14B18FF12F8 ] BHDrvx64        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\BASHDefs\20130702.001\BHDrvx64.sys
10:46:35.0071 1516  BHDrvx64 - ok
10:46:35.0101 1516  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
10:46:35.0111 1516  BITS - ok
10:46:35.0143 1516  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
10:46:35.0145 1516  blbdrive - ok
10:46:35.0203 1516  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
10:46:35.0213 1516  bowser - ok
10:46:35.0253 1516  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
10:46:35.0255 1516  BrFiltLo - ok
10:46:35.0266 1516  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
10:46:35.0268 1516  BrFiltUp - ok
10:46:35.0325 1516  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
10:46:35.0325 1516  Browser - ok
10:46:35.0375 1516  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
10:46:35.0415 1516  Brserid - ok
10:46:35.0487 1516  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
10:46:35.0556 1516  BrSerWdm - ok
10:46:35.0585 1516  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
10:46:35.0586 1516  BrUsbMdm - ok
10:46:35.0587 1516  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
10:46:35.0587 1516  BrUsbSer - ok
10:46:35.0607 1516  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
10:46:35.0607 1516  BTHMODEM - ok
10:46:35.0637 1516  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
10:46:35.0647 1516  bthserv - ok
10:46:35.0677 1516  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
10:46:35.0679 1516  cdfs - ok
10:46:35.0709 1516  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\drivers\cdrom.sys
10:46:35.0729 1516  cdrom - ok
10:46:35.0769 1516  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
10:46:35.0769 1516  CertPropSvc - ok
10:46:35.0809 1516  [ EA3333DB9AB03106EEC0D6D9D487ED01 ] CinemaNow Service C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe
10:46:35.0819 1516  CinemaNow Service - ok
10:46:35.0857 1516  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
10:46:35.0859 1516  circlass - ok
10:46:35.0891 1516  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
10:46:35.0895 1516  CLFS - ok
10:46:35.0949 1516  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:46:35.0961 1516  clr_optimization_v2.0.50727_32 - ok
10:46:36.0008 1516  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:46:36.0023 1516  clr_optimization_v2.0.50727_64 - ok
10:46:36.0063 1516  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:46:36.0063 1516  clr_optimization_v4.0.30319_32 - ok
10:46:36.0097 1516  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:46:36.0098 1516  clr_optimization_v4.0.30319_64 - ok
10:46:36.0120 1516  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
10:46:36.0132 1516  CmBatt - ok
10:46:36.0158 1516  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
10:46:36.0160 1516  cmdide - ok
10:46:36.0185 1516  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
10:46:36.0195 1516  CNG - ok
10:46:36.0215 1516  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
10:46:36.0215 1516  Compbatt - ok
10:46:36.0237 1516  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
10:46:36.0239 1516  CompositeBus - ok
10:46:36.0252 1516  COMSysApp - ok
10:46:36.0259 1516  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
10:46:36.0260 1516  crcdisk - ok
10:46:36.0303 1516  [ D8129C49798CBBFB2E4351D4B7B8EF9C ] CryptSvc        C:\Windows\system32\cryptsvc.dll
10:46:36.0306 1516  CryptSvc - ok
10:46:36.0337 1516  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
10:46:36.0337 1516  DcomLaunch - ok
10:46:36.0365 1516  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
10:46:36.0370 1516  defragsvc - ok
10:46:36.0398 1516  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
10:46:36.0400 1516  DfsC - ok
10:46:36.0423 1516  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
10:46:36.0427 1516  Dhcp - ok
10:46:36.0446 1516  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
10:46:36.0448 1516  discache - ok
10:46:36.0469 1516  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
10:46:36.0469 1516  Disk - ok
10:46:36.0489 1516  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
10:46:36.0489 1516  Dnscache - ok
10:46:36.0531 1516  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
10:46:36.0541 1516  dot3svc - ok
10:46:36.0571 1516  [ B42ED0320C6E41102FDE0005154849BB ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys
10:46:36.0591 1516  Dot4 - ok
10:46:36.0639 1516  [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print       C:\Windows\system32\drivers\Dot4Prt.sys
10:46:36.0641 1516  Dot4Print - ok
10:46:36.0643 1516  [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
10:46:36.0643 1516  dot4usb - ok
10:46:36.0673 1516  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
10:46:36.0673 1516  DPS - ok
10:46:36.0693 1516  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
10:46:36.0693 1516  drmkaud - ok
10:46:36.0733 1516  [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
10:46:36.0743 1516  DXGKrnl - ok
10:46:36.0753 1516  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
10:46:36.0763 1516  EapHost - ok
10:46:36.0815 1516  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
10:46:36.0867 1516  ebdrv - ok
10:46:36.0917 1516  [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl          C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
10:46:36.0927 1516  eeCtrl - ok
10:46:36.0958 1516  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
10:46:36.0959 1516  EFS - ok
10:46:37.0013 1516  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
10:46:37.0021 1516  ehRecvr - ok
10:46:37.0042 1516  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
10:46:37.0052 1516  ehSched - ok
10:46:37.0091 1516  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
10:46:37.0098 1516  elxstor - ok
10:46:37.0149 1516  [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
10:46:37.0169 1516  EraserUtilRebootDrv - ok
10:46:37.0190 1516  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
10:46:37.0192 1516  ErrDev - ok
10:46:37.0229 1516  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
10:46:37.0233 1516  EventSystem - ok
10:46:37.0249 1516  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
10:46:37.0254 1516  exfat - ok
10:46:37.0263 1516  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
10:46:37.0266 1516  fastfat - ok
10:46:37.0307 1516  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
10:46:37.0315 1516  Fax - ok
10:46:37.0341 1516  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
10:46:37.0341 1516  fdc - ok
10:46:37.0351 1516  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
10:46:37.0351 1516  fdPHost - ok
10:46:37.0371 1516  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
10:46:37.0371 1516  FDResPub - ok
10:46:37.0381 1516  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
10:46:37.0381 1516  FileInfo - ok
10:46:37.0398 1516  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
10:46:37.0400 1516  Filetrace - ok
10:46:37.0422 1516  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
10:46:37.0430 1516  flpydisk - ok
10:46:37.0448 1516  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
10:46:37.0452 1516  FltMgr - ok
10:46:37.0499 1516  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
10:46:37.0510 1516  FontCache - ok
10:46:37.0553 1516  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:46:37.0553 1516  FontCache3.0.0.0 - ok
10:46:37.0573 1516  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
10:46:37.0573 1516  FsDepends - ok
10:46:37.0604 1516  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
10:46:37.0615 1516  Fs_Rec - ok
10:46:37.0653 1516  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
10:46:37.0655 1516  fvevol - ok
10:46:37.0665 1516  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
10:46:37.0675 1516  gagp30kx - ok
10:46:37.0715 1516  [ CE16683CFD11FE70BDE435DDA5EA1FCA ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
10:46:37.0735 1516  GameConsoleService - ok
10:46:37.0765 1516  [ AF4DEE5531395DEE72B35B36C9671FD0 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
10:46:37.0775 1516  GEARAspiWDM - ok
10:46:37.0816 1516  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
10:46:37.0824 1516  gpsvc - ok
10:46:37.0897 1516  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:46:37.0907 1516  gupdate - ok
10:46:37.0907 1516  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:46:37.0907 1516  gupdatem - ok
10:46:37.0942 1516  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
10:46:37.0944 1516  hcw85cir - ok
10:46:37.0986 1516  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
10:46:37.0992 1516  HdAudAddService - ok
10:46:38.0008 1516  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
10:46:38.0010 1516  HDAudBus - ok
10:46:38.0026 1516  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
10:46:38.0028 1516  HidBatt - ok
10:46:38.0029 1516  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
10:46:38.0029 1516  HidBth - ok
10:46:38.0049 1516  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
10:46:38.0059 1516  HidIr - ok
10:46:38.0083 1516  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
10:46:38.0085 1516  hidserv - ok
10:46:38.0111 1516  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
10:46:38.0112 1516  HidUsb - ok
10:46:38.0145 1516  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
10:46:38.0147 1516  hkmsvc - ok
10:46:38.0175 1516  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
10:46:38.0179 1516  HomeGroupListener - ok
10:46:38.0201 1516  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
10:46:38.0211 1516  HomeGroupProvider - ok
10:46:38.0251 1516  hpqwmiex - ok
10:46:38.0271 1516  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
10:46:38.0281 1516  HpSAMD - ok
10:46:38.0331 1516  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
10:46:38.0341 1516  HTTP - ok
10:46:38.0351 1516  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
10:46:38.0351 1516  hwpolicy - ok
10:46:38.0383 1516  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
10:46:38.0393 1516  i8042prt - ok
10:46:38.0403 1516  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
10:46:38.0427 1516  iaStorV - ok
10:46:38.0475 1516  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:46:38.0485 1516  idsvc - ok
10:46:38.0595 1516  [ A48928D4CCA6F8B731989DB08CF2C0AB ] IDSVia64        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\IPSDefs\20130711.001\IDSvia64.sys
10:46:38.0595 1516  IDSVia64 - ok
10:46:38.0625 1516  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
10:46:38.0625 1516  iirsp - ok
10:46:38.0667 1516  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
10:46:38.0677 1516  IKEEXT - ok
10:46:38.0739 1516  [ 2B888BBDF6962E608A5E1A1D7A626ADF ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
10:46:38.0749 1516  IntcAzAudAddService - ok
10:46:38.0759 1516  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
10:46:38.0769 1516  intelide - ok
10:46:38.0790 1516  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
10:46:38.0791 1516  intelppm - ok
10:46:38.0821 1516  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
10:46:38.0821 1516  IPBusEnum - ok
10:46:38.0851 1516  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:46:38.0851 1516  IpFilterDriver - ok
10:46:38.0885 1516  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
10:46:38.0891 1516  iphlpsvc - ok
10:46:38.0913 1516  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
10:46:38.0913 1516  IPMIDRV - ok
10:46:38.0933 1516  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
10:46:38.0933 1516  IPNAT - ok
10:46:38.0962 1516  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
10:46:38.0964 1516  IRENUM - ok
10:46:38.0978 1516  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
10:46:38.0980 1516  isapnp - ok
10:46:38.0985 1516  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
10:46:38.0995 1516  iScsiPrt - ok
10:46:39.0031 1516  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
10:46:39.0032 1516  kbdclass - ok
10:46:39.0047 1516  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
10:46:39.0047 1516  kbdhid - ok
10:46:39.0057 1516  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
10:46:39.0057 1516  KeyIso - ok
10:46:39.0077 1516  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
10:46:39.0096 1516  KSecDD - ok
10:46:39.0129 1516  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
10:46:39.0132 1516  KSecPkg - ok
10:46:39.0144 1516  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
10:46:39.0161 1516  ksthunk - ok
10:46:39.0189 1516  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
10:46:39.0209 1516  KtmRm - ok
10:46:39.0246 1516  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
10:46:39.0249 1516  LanmanServer - ok
10:46:39.0271 1516  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:46:39.0271 1516  LanmanWorkstation - ok
10:46:39.0311 1516  [ 7550D101BF49FDB1F92666A233EE36C4 ] LightScribeService c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
10:46:39.0321 1516  LightScribeService - ok
10:46:39.0351 1516  [ 584528BF596A54B2BF6BE5067ADDA44A ] Linksys_adapter_H C:\Windows\system32\DRIVERS\AE2500w764.sys
10:46:39.0361 1516  Linksys_adapter_H - ok
10:46:39.0387 1516  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
10:46:39.0389 1516  lltdio - ok
10:46:39.0416 1516  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
10:46:39.0422 1516  lltdsvc - ok
10:46:39.0436 1516  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
10:46:39.0438 1516  lmhosts - ok
10:46:39.0473 1516  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
10:46:39.0473 1516  LSI_FC - ok
10:46:39.0485 1516  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
10:46:39.0488 1516  LSI_SAS - ok
10:46:39.0502 1516  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
10:46:39.0505 1516  LSI_SAS2 - ok
10:46:39.0523 1516  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
10:46:39.0525 1516  LSI_SCSI - ok
10:46:39.0543 1516  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
10:46:39.0546 1516  luafv - ok
10:46:39.0588 1516  [ 0C85B2B6FB74B36A251792D45E0EF860 ] LVRS64          C:\Windows\system32\DRIVERS\lvrs64.sys
10:46:39.0606 1516  LVRS64 - ok
10:46:39.0685 1516  [ FF3A488924B0032B1A9CA6948C1FA9E8 ] LVUVC64         C:\Windows\system32\DRIVERS\lvuvc64.sys
10:46:39.0728 1516  LVUVC64 - ok
10:46:39.0761 1516  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
10:46:39.0776 1516  Mcx2Svc - ok
10:46:39.0789 1516  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
10:46:39.0800 1516  megasas - ok
10:46:39.0837 1516  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
10:46:39.0837 1516  MegaSR - ok
10:46:39.0857 1516  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
10:46:39.0857 1516  MMCSS - ok
10:46:39.0878 1516  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
10:46:39.0880 1516  Modem - ok
10:46:39.0903 1516  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
10:46:39.0904 1516  monitor - ok
10:46:39.0918 1516  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\drivers\mouclass.sys
10:46:39.0921 1516  mouclass - ok
10:46:39.0927 1516  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
10:46:39.0929 1516  mouhid - ok
10:46:39.0949 1516  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
10:46:39.0949 1516  mountmgr - ok
10:46:39.0988 1516  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
10:46:39.0990 1516  mpio - ok
10:46:40.0007 1516  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
10:46:40.0009 1516  mpsdrv - ok
10:46:40.0041 1516  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
10:46:40.0049 1516  MpsSvc - ok
10:46:40.0081 1516  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
10:46:40.0084 1516  MRxDAV - ok
10:46:40.0101 1516  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
10:46:40.0121 1516  mrxsmb - ok
10:46:40.0161 1516  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:46:40.0178 1516  mrxsmb10 - ok
10:46:40.0193 1516  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:46:40.0203 1516  mrxsmb20 - ok
10:46:40.0233 1516  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
10:46:40.0244 1516  msahci - ok
10:46:40.0255 1516  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
10:46:40.0255 1516  msdsm - ok
10:46:40.0265 1516  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
10:46:40.0275 1516  MSDTC - ok
10:46:40.0312 1516  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
10:46:40.0313 1516  Msfs - ok
10:46:40.0327 1516  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
10:46:40.0347 1516  mshidkmdf - ok
10:46:40.0367 1516  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
10:46:40.0367 1516  msisadrv - ok
10:46:40.0407 1516  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
10:46:40.0422 1516  MSiSCSI - ok
10:46:40.0426 1516  msiserver - ok
10:46:40.0455 1516  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
10:46:40.0457 1516  MSKSSRV - ok
10:46:40.0473 1516  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
10:46:40.0476 1516  MSPCLOCK - ok
10:46:40.0490 1516  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
10:46:40.0492 1516  MSPQM - ok
10:46:40.0520 1516  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
10:46:40.0525 1516  MsRPC - ok
10:46:40.0549 1516  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
10:46:40.0550 1516  mssmbios - ok
10:46:40.0570 1516  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
10:46:40.0582 1516  MSTEE - ok
10:46:40.0599 1516  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
10:46:40.0599 1516  MTConfig - ok
10:46:40.0641 1516  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
10:46:40.0642 1516  Mup - ok
10:46:40.0711 1516  [ E78A365CC3E0FBFC018A33DCE01909F8 ] N360            C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ccSvcHst.exe
10:46:40.0711 1516  N360 - ok
10:46:40.0741 1516  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
10:46:40.0741 1516  napagent - ok
10:46:40.0771 1516  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
10:46:40.0781 1516  NativeWifiP - ok
10:46:40.0881 1516  [ 56540E526B46E379A476FB5BC381B290 ] NAVENG          C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\VirusDefs\20130712.003\ENG64.SYS
10:46:40.0891 1516  NAVENG - ok
10:46:40.0951 1516  [ 8A19D3991F9F14B885CDE8BC640F6B68 ] NAVEX15         C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\VirusDefs\20130712.003\EX64.SYS
10:46:40.0961 1516  NAVEX15 - ok
10:46:41.0001 1516  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
10:46:41.0011 1516  NDIS - ok
10:46:41.0031 1516  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
10:46:41.0031 1516  NdisCap - ok
10:46:41.0058 1516  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
10:46:41.0060 1516  NdisTapi - ok
10:46:41.0088 1516  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
10:46:41.0090 1516  Ndisuio - ok
10:46:41.0122 1516  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
10:46:41.0123 1516  NdisWan - ok
10:46:41.0153 1516  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
10:46:41.0163 1516  NDProxy - ok
10:46:41.0183 1516  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
10:46:41.0183 1516  NetBIOS - ok
10:46:41.0213 1516  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
10:46:41.0213 1516  NetBT - ok
10:46:41.0223 1516  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
10:46:41.0233 1516  Netlogon - ok
10:46:41.0271 1516  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
10:46:41.0274 1516  Netman - ok
10:46:41.0294 1516  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
10:46:41.0298 1516  netprofm - ok
10:46:41.0336 1516  [ 81B8D0C1CE44A7FDBD596B693783950C ] netr7364        C:\Windows\system32\DRIVERS\netr7364.sys
10:46:41.0345 1516  netr7364 - ok
10:46:41.0363 1516  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
10:46:41.0375 1516  NetTcpPortSharing - ok
10:46:41.0405 1516  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
10:46:41.0405 1516  nfrd960 - ok
10:46:41.0415 1516  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
10:46:41.0425 1516  NlaSvc - ok
10:46:41.0477 1516  [ 5839A8027D6D324A7CD494051A96628C ] NOBU            C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
10:46:41.0507 1516  NOBU - ok
10:46:41.0517 1516  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
10:46:41.0517 1516  Npfs - ok
10:46:41.0537 1516  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
10:46:41.0537 1516  nsi - ok
10:46:41.0547 1516  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
10:46:41.0557 1516  nsiproxy - ok
10:46:41.0602 1516  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
10:46:41.0629 1516  Ntfs - ok
10:46:41.0659 1516  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
10:46:41.0659 1516  Null - ok
10:46:41.0699 1516  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
10:46:41.0709 1516  nvraid - ok
10:46:41.0719 1516  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
10:46:41.0719 1516  nvstor - ok
10:46:41.0739 1516  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
10:46:41.0739 1516  nv_agp - ok
10:46:41.0759 1516  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
10:46:41.0759 1516  ohci1394 - ok
10:46:41.0819 1516  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:46:41.0819 1516  ose - ok
10:46:41.0941 1516  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
10:46:41.0983 1516  osppsvc - ok
10:46:42.0013 1516  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
10:46:42.0024 1516  p2pimsvc - ok
10:46:42.0040 1516  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
10:46:42.0046 1516  p2psvc - ok
10:46:42.0068 1516  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
10:46:42.0081 1516  Parport - ok
10:46:42.0105 1516  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
10:46:42.0105 1516  partmgr - ok
10:46:42.0115 1516  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
10:46:42.0115 1516  PcaSvc - ok
10:46:42.0125 1516  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
10:46:42.0135 1516  pci - ok
10:46:42.0165 1516  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
10:46:42.0167 1516  pciide - ok
10:46:42.0186 1516  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
10:46:42.0190 1516  pcmcia - ok
10:46:42.0204 1516  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
10:46:42.0206 1516  pcw - ok
10:46:42.0232 1516  pdfcDispatcher - ok
10:46:42.0247 1516  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
10:46:42.0257 1516  PEAUTH - ok
10:46:42.0309 1516  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
10:46:42.0309 1516  PerfHost - ok
10:46:42.0389 1516  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
10:46:42.0433 1516  pla - ok
10:46:42.0479 1516  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
10:46:42.0484 1516  PlugPlay - ok
10:46:42.0533 1516  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
10:46:42.0536 1516  PNRPAutoReg - ok
10:46:42.0577 1516  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
10:46:42.0580 1516  PNRPsvc - ok
10:46:42.0618 1516  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
10:46:42.0624 1516  PolicyAgent - ok
10:46:42.0693 1516  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
10:46:42.0695 1516  Power - ok
10:46:42.0711 1516  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
10:46:42.0711 1516  PptpMiniport - ok
10:46:42.0731 1516  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
10:46:42.0731 1516  Processor - ok
10:46:42.0771 1516  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
10:46:42.0771 1516  ProfSvc - ok
10:46:42.0781 1516  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
10:46:42.0781 1516  ProtectedStorage - ok
10:46:42.0820 1516  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
10:46:42.0822 1516  Psched - ok
10:46:42.0843 1516  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
10:46:42.0863 1516  ql2300 - ok
10:46:42.0883 1516  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
10:46:42.0893 1516  ql40xx - ok
10:46:42.0928 1516  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
10:46:42.0933 1516  QWAVE - ok
10:46:42.0944 1516  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
10:46:42.0946 1516  QWAVEdrv - ok
10:46:42.0960 1516  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
10:46:42.0962 1516  RasAcd - ok
10:46:42.0994 1516  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
10:46:42.0996 1516  RasAgileVpn - ok
10:46:43.0011 1516  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
10:46:43.0014 1516  RasAuto - ok
10:46:43.0044 1516  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
10:46:43.0046 1516  Rasl2tp - ok
10:46:43.0066 1516  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
10:46:43.0076 1516  RasMan - ok
10:46:43.0086 1516  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
10:46:43.0096 1516  RasPppoe - ok
10:46:43.0106 1516  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
10:46:43.0106 1516  RasSstp - ok
10:46:43.0138 1516  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
10:46:43.0142 1516  rdbss - ok
10:46:43.0154 1516  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
10:46:43.0157 1516  rdpbus - ok
10:46:43.0168 1516  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
10:46:43.0171 1516  RDPCDD - ok
10:46:43.0198 1516  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
10:46:43.0199 1516  RDPENCDD - ok
10:46:43.0213 1516  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
10:46:43.0215 1516  RDPREFMP - ok
10:46:43.0248 1516  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
10:46:43.0258 1516  RDPWD - ok
10:46:43.0304 1516  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
10:46:43.0317 1516  rdyboost - ok
10:46:43.0340 1516  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
10:46:43.0340 1516  RemoteAccess - ok
10:46:43.0370 1516  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
10:46:43.0386 1516  RemoteRegistry - ok
10:46:43.0401 1516  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
10:46:43.0403 1516  RpcEptMapper - ok
10:46:43.0414 1516  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
10:46:43.0427 1516  RpcLocator - ok
10:46:43.0452 1516  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
10:46:43.0452 1516  RpcSs - ok
10:46:43.0472 1516  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
10:46:43.0492 1516  rspndr - ok
10:46:43.0533 1516  [ 7EA8D2EB9BBFD2AB8A3117A1E96D3B3A ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
10:46:43.0536 1516  RTL8167 - ok
10:46:43.0552 1516  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
10:46:43.0553 1516  SamSs - ok
10:46:43.0584 1516  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
10:46:43.0584 1516  sbp2port - ok
10:46:43.0608 1516  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
10:46:43.0621 1516  SCardSvr - ok
10:46:43.0642 1516  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
10:46:43.0644 1516  scfilter - ok
10:46:43.0683 1516  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
10:46:43.0695 1516  Schedule - ok
10:46:43.0724 1516  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
10:46:43.0725 1516  SCPolicySvc - ok
10:46:43.0736 1516  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
10:46:43.0739 1516  SDRSVC - ok
10:46:43.0759 1516  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
10:46:43.0760 1516  secdrv - ok
10:46:43.0787 1516  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
10:46:43.0790 1516  seclogon - ok
10:46:43.0806 1516  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
10:46:43.0807 1516  SENS - ok
10:46:43.0821 1516  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
10:46:43.0824 1516  SensrSvc - ok
10:46:43.0851 1516  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
10:46:43.0858 1516  Serenum - ok
10:46:43.0869 1516  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
10:46:43.0872 1516  Serial - ok
10:46:43.0902 1516  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
10:46:43.0904 1516  sermouse - ok
10:46:43.0945 1516  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
10:46:43.0948 1516  SessionEnv - ok
10:46:43.0966 1516  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
10:46:43.0966 1516  sffdisk - ok
10:46:43.0976 1516  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
10:46:43.0976 1516  sffp_mmc - ok
10:46:43.0986 1516  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
10:46:43.0996 1516  sffp_sd - ok
10:46:44.0006 1516  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
10:46:44.0006 1516  sfloppy - ok
10:46:44.0033 1516  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
10:46:44.0039 1516  SharedAccess - ok
10:46:44.0054 1516  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:46:44.0057 1516  ShellHWDetection - ok
10:46:44.0074 1516  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
10:46:44.0076 1516  SiSRaid2 - ok
10:46:44.0090 1516  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
10:46:44.0092 1516  SiSRaid4 - ok
10:46:44.0132 1516  [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
10:46:44.0135 1516  SkypeUpdate - ok
10:46:44.0148 1516  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
10:46:44.0158 1516  Smb - ok
10:46:44.0189 1516  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
10:46:44.0191 1516  SNMPTRAP - ok
10:46:44.0199 1516  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
10:46:44.0200 1516  spldr - ok
10:46:44.0230 1516  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
10:46:44.0240 1516  Spooler - ok
10:46:44.0310 1516  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
10:46:44.0342 1516  sppsvc - ok
10:46:44.0391 1516  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
10:46:44.0410 1516  sppuinotify - ok
10:46:44.0484 1516  [ 90EF30C3867BCDE4579C01A6D6E75A7A ] SRTSP           C:\Windows\System32\Drivers\N360x64\0502020.003\SRTSP64.SYS
10:46:44.0504 1516  SRTSP - ok
10:46:44.0540 1516  [ C513E8A5E7978DA49077F5484344EE1B ] SRTSPX          C:\Windows\system32\drivers\N360x64\0502020.003\SRTSPX64.SYS
10:46:44.0541 1516  SRTSPX - ok
10:46:44.0648 1516  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
10:46:44.0688 1516  srv - ok
10:46:44.0765 1516  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
10:46:44.0782 1516  srv2 - ok
10:46:44.0802 1516  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
10:46:44.0802 1516  srvnet - ok
10:46:44.0836 1516  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
10:46:44.0839 1516  SSDPSRV - ok
10:46:44.0855 1516  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
10:46:44.0858 1516  SstpSvc - ok
10:46:44.0882 1516  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
10:46:44.0884 1516  stexstor - ok
10:46:44.0918 1516  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
10:46:44.0924 1516  stisvc - ok
10:46:44.0944 1516  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
10:46:44.0944 1516  swenum - ok
10:46:44.0954 1516  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
10:46:44.0964 1516  swprv - ok
10:46:44.0984 1516  [ 6160145C7A87FC7672E8E3B886888176 ] SymDS           C:\Windows\system32\drivers\N360x64\0502020.003\SYMDS64.SYS
10:46:44.0984 1516  SymDS - ok
10:46:45.0033 1516  [ 96AEED40D4D3521568B42027687E69E0 ] SymEFA          C:\Windows\system32\drivers\N360x64\0502020.003\SYMEFA64.SYS
10:46:45.0043 1516  SymEFA - ok
10:46:45.0081 1516  [ 21A1C2D694C3CF962D31F5E873AB3D6F ] SymEvent        C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
10:46:45.0096 1516  SymEvent - ok
10:46:45.0167 1516  [ 3AA3B2DF451DA88C38AB00B19FA3562E ] SymIM           C:\Windows\system32\DRIVERS\SymIMv.sys
10:46:45.0169 1516  SymIM - ok
10:46:45.0188 1516  [ BD0D711D8CBFCAA19CA123306EAF53A5 ] SymIRON         C:\Windows\system32\drivers\N360x64\0502020.003\Ironx64.SYS
10:46:45.0198 1516  SymIRON - ok
10:46:45.0238 1516  [ A6ADB3D83023F8DAA0F7B6FDA785D83B ] SymNetS         C:\Windows\System32\Drivers\N360x64\0502020.003\SYMNETS.SYS
10:46:45.0238 1516  SymNetS - ok
10:46:45.0288 1516  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
10:46:45.0308 1516  SysMain - ok
10:46:45.0337 1516  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:46:45.0355 1516  TabletInputService - ok
10:46:45.0375 1516  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
10:46:45.0380 1516  TapiSrv - ok
10:46:45.0400 1516  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
10:46:45.0400 1516  TBS - ok
10:46:45.0472 1516  [ 9849EA3843A2ADBDD1497E97A85D8CAE ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
10:46:45.0512 1516  Tcpip - ok
10:46:45.0554 1516  [ 9849EA3843A2ADBDD1497E97A85D8CAE ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
10:46:45.0564 1516  TCPIP6 - ok
10:46:45.0597 1516  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
10:46:45.0612 1516  tcpipreg - ok
10:46:45.0642 1516  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
10:46:45.0658 1516  TDPIPE - ok
10:46:45.0674 1516  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
10:46:45.0684 1516  TDTCP - ok
10:46:45.0714 1516  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
10:46:45.0714 1516  tdx - ok
10:46:45.0734 1516  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
10:46:45.0734 1516  TermDD - ok
10:46:45.0762 1516  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
10:46:45.0772 1516  TermService - ok
10:46:45.0794 1516  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
10:46:45.0796 1516  Themes - ok
10:46:45.0816 1516  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
10:46:45.0816 1516  THREADORDER - ok
10:46:45.0826 1516  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
10:46:45.0836 1516  TrkWks - ok
10:46:45.0889 1516  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:46:45.0893 1516  TrustedInstaller - ok
10:46:45.0925 1516  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
10:46:45.0926 1516  tssecsrv - ok
10:46:45.0951 1516  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
10:46:45.0953 1516  TsUsbFlt - ok
10:46:46.0001 1516  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
10:46:46.0003 1516  tunnel - ok
10:46:46.0028 1516  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
10:46:46.0028 1516  uagp35 - ok
10:46:46.0048 1516  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
10:46:46.0048 1516  udfs - ok
10:46:46.0084 1516  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
10:46:46.0088 1516  UI0Detect - ok
10:46:46.0121 1516  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
10:46:46.0123 1516  uliagpkx - ok
10:46:46.0140 1516  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\drivers\umbus.sys
10:46:46.0142 1516  umbus - ok
10:46:46.0161 1516  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
10:46:46.0162 1516  UmPass - ok
10:46:46.0207 1516  [ 67A95B9D129ED5399E7965CD09CF30E7 ] UMVPFSrv        C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
10:46:46.0214 1516  UMVPFSrv - ok
10:46:46.0237 1516  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
10:46:46.0243 1516  upnphost - ok
10:46:46.0304 1516  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
10:46:46.0307 1516  usbaudio - ok
10:46:46.0341 1516  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
10:46:46.0372 1516  usbccgp - ok
10:46:46.0469 1516  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
10:46:46.0475 1516  usbcir - ok
10:46:46.0511 1516  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
10:46:46.0513 1516  usbehci - ok
10:46:46.0560 1516  [ 2C780746DC44A28FE67004DC58173F05 ] usbfilter       C:\Windows\system32\DRIVERS\usbfilter.sys
10:46:46.0564 1516  usbfilter - ok
10:46:46.0640 1516  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
10:46:46.0645 1516  usbhub - ok
10:46:46.0681 1516  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
10:46:46.0682 1516  usbohci - ok
10:46:46.0752 1516  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
10:46:46.0772 1516  usbprint - ok
10:46:46.0792 1516  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:46:46.0792 1516  USBSTOR - ok
10:46:46.0802 1516  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
10:46:46.0802 1516  usbuhci - ok
10:46:46.0822 1516  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
10:46:46.0822 1516  UxSms - ok
10:46:46.0832 1516  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
10:46:46.0832 1516  VaultSvc - ok
10:46:46.0842 1516  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
10:46:46.0842 1516  vdrvroot - ok
10:46:46.0877 1516  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
10:46:46.0884 1516  vds - ok
10:46:46.0894 1516  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
10:46:46.0894 1516  vga - ok
10:46:46.0914 1516  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
10:46:46.0914 1516  VgaSave - ok
10:46:46.0940 1516  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
10:46:46.0943 1516  vhdmp - ok
10:46:46.0966 1516  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
10:46:46.0966 1516  viaide - ok
10:46:46.0976 1516  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
10:46:46.0976 1516  volmgr - ok
10:46:47.0016 1516  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
10:46:47.0018 1516  volmgrx - ok
10:46:47.0028 1516  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
10:46:47.0028 1516  volsnap - ok
10:46:47.0058 1516  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
10:46:47.0068 1516  vsmraid - ok
10:46:47.0118 1516  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
10:46:47.0138 1516  VSS - ok
10:46:47.0148 1516  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
10:46:47.0148 1516  vwifibus - ok
10:46:47.0158 1516  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
10:46:47.0158 1516  vwififlt - ok
10:46:47.0190 1516  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
10:46:47.0200 1516  W32Time - ok
10:46:47.0210 1516  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
10:46:47.0220 1516  WacomPen - ok
10:46:47.0270 1516  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
10:46:47.0280 1516  WANARP - ok
10:46:47.0280 1516  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
10:46:47.0280 1516  Wanarpv6 - ok
10:46:47.0320 1516  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
10:46:47.0350 1516  WatAdminSvc - ok
10:46:47.0395 1516  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
10:46:47.0412 1516  wbengine - ok
10:46:47.0432 1516  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
10:46:47.0432 1516  WbioSrvc - ok
10:46:47.0472 1516  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
10:46:47.0472 1516  wcncsvc - ok
10:46:47.0492 1516  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:46:47.0492 1516  WcsPlugInService - ok
10:46:47.0502 1516  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
10:46:47.0502 1516  Wd - ok
10:46:47.0542 1516  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
10:46:47.0552 1516  Wdf01000 - ok
10:46:47.0562 1516  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
10:46:47.0562 1516  WdiServiceHost - ok
10:46:47.0572 1516  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
10:46:47.0572 1516  WdiSystemHost - ok
10:46:47.0611 1516  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
10:46:47.0615 1516  WebClient - ok
10:46:47.0624 1516  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
10:46:47.0634 1516  Wecsvc - ok
10:46:47.0644 1516  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
10:46:47.0654 1516  wercplsupport - ok
10:46:47.0674 1516  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
10:46:47.0674 1516  WerSvc - ok
10:46:47.0694 1516  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
10:46:47.0694 1516  WfpLwf - ok
10:46:47.0694 1516  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
10:46:47.0694 1516  WIMMount - ok
10:46:47.0714 1516  WinDefend - ok
10:46:47.0724 1516  WinHttpAutoProxySvc - ok
10:46:47.0764 1516  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
10:46:47.0774 1516  Winmgmt - ok
10:46:47.0812 1516  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
10:46:47.0845 1516  WinRM - ok
10:46:47.0885 1516  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
10:46:47.0887 1516  WinUsb - ok
10:46:47.0926 1516  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
10:46:47.0936 1516  Wlansvc - ok
10:46:47.0996 1516  [ 98F138897EF4246381D197CB81846D62 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
10:46:48.0016 1516  wlidsvc - ok
10:46:48.0052 1516  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
10:46:48.0052 1516  WmiAcpi - ok
10:46:48.0078 1516  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
10:46:48.0088 1516  wmiApSrv - ok
10:46:48.0108 1516  WMPNetworkSvc - ok
10:46:48.0118 1516  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
10:46:48.0139 1516  WPCSvc - ok
10:46:48.0164 1516  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
10:46:48.0166 1516  WPDBusEnum - ok
10:46:48.0180 1516  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
10:46:48.0190 1516  ws2ifsl - ok
10:46:48.0210 1516  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
10:46:48.0210 1516  wscsvc - ok
10:46:48.0210 1516  WSearch - ok
10:46:48.0280 1516  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
10:46:48.0310 1516  wuauserv - ok
10:46:48.0330 1516  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
10:46:48.0360 1516  WudfPf - ok
10:46:48.0380 1516  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
10:46:48.0406 1516  WUDFRd - ok
10:46:48.0432 1516  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
10:46:48.0432 1516  wudfsvc - ok
10:46:48.0452 1516  [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc         C:\Windows\System32\wwansvc.dll
10:46:48.0462 1516  WwanSvc - ok
10:46:48.0482 1516  ================ Scan global ===============================
10:46:48.0506 1516  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
10:46:48.0528 1516  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
10:46:48.0544 1516  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
10:46:48.0574 1516  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
10:46:48.0584 1516  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
10:46:48.0584 1516  [Global] - ok
10:46:48.0584 1516  ================ Scan MBR ==================================
10:46:48.0604 1516  [ 6015CBA88E2D6C17A78E26584A23C433 ] \Device\Harddisk0\DR0
10:46:48.0604 1516  Suspicious mbr (Forged): \Device\Harddisk0\DR0
10:46:48.0656 1516  \Device\Harddisk0\DR0 ( Rootkit.Boot.Harbinger.a ) - infected
10:46:48.0656 1516  \Device\Harddisk0\DR0 - detected Rootkit.Boot.Harbinger.a (0)
10:46:48.0656 1516  ================ Scan VBR ==================================
10:46:48.0656 1516  [ 007271197F9937F9580E5C0725343B67 ] \Device\Harddisk0\DR0\Partition1
10:46:48.0656 1516  \Device\Harddisk0\DR0\Partition1 - ok
10:46:48.0696 1516  [ 80DE05870B3673F15E9F7C5D0C9DF168 ] \Device\Harddisk0\DR0\Partition2
10:46:48.0696 1516  \Device\Harddisk0\DR0\Partition2 - ok
10:46:48.0736 1516  [ 58D41E8B76FF291CC156C86873A9C10B ] \Device\Harddisk0\DR0\Partition3
10:46:48.0736 1516  \Device\Harddisk0\DR0\Partition3 - ok
10:46:48.0736 1516  ============================================================
10:46:48.0736 1516  Scan finished
10:46:48.0736 1516  ============================================================
10:46:48.0756 2300  Detected object count: 1
10:46:48.0756 2300  Actual detected object count: 1
10:47:07.0481 2300  \Device\Harddisk0\DR0\# - copied to quarantine
10:47:07.0481 2300  \Device\Harddisk0\DR0 - copied to quarantine
10:47:07.0661 2300  \Device\Harddisk0\DR0 ( Rootkit.Boot.Harbinger.a ) - will be cured on reboot
10:47:07.0701 2300  \Device\Harddisk0\DR0 - ok
10:47:08.0101 2300  \Device\Harddisk0\DR0 ( Rootkit.Boot.Harbinger.a ) - User select action: Cure
10:47:14.0087 2464  Deinitialize success
 

 



#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,573 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:27 PM

Posted 15 July 2013 - 12:57 PM

OK,sorry, yes it was removed.. I mistakenly thought it was hidden as I forgot the first log ...

Do run the ESET..
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 kbresli2

kbresli2
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:12:27 AM

Posted 15 July 2013 - 05:27 PM

Here is the ESET and Rkill reports:

 

 

ESET report:

 

C:\Users\KB\AppData\LocalLow\10B9.tmp a variant of Win64/Olmarik.AY trojan cleaned by deleting - quarantined
C:\Users\KB\AppData\LocalLow\10BA.tmp a variant of Win64/Olmarik.AY trojan cleaned by deleting - quarantined
 

 

Rkill report:

 

Rkill 2.5.5 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 07/15/2013 06:21:53 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * No malware processes found to kill.

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * Windows Defender Disabled

   [HKLM\SOFTWARE\Microsoft\Windows Defender]
   "DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity:

 * Windows Defender (WinDefend) is not Running.
   Startup Type set to: Manual

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * No issues found.

Program finished at: 07/15/2013 06:26:16 PM
Execution time: 0 hours(s), 4 minute(s), and 23 seconds(s)



#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,573 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:27 PM

Posted 15 July 2013 - 08:41 PM

Hello the Win64/Olmarik.AY trojan serves as a backdoor. It can be controlled remotely. If you do any banking/credit card actions on here I would notify my banks. Also change ALL passwords.
But it is clean now.

Edited by boopme, 15 July 2013 - 08:42 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 kbresli2

kbresli2
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:12:27 AM

Posted 15 July 2013 - 09:07 PM

Glad to hear it's clean now :) Thanks....I appreciate all your help and time! Actually, it was a painless process thanks to the excellent directions. I'm so happy I found your website/service...I'll be sure to recommend it in the future. I'll change all passwords and take steps to protect our information. I was surprised to find my firewall was off so that was probably an issue, but my anti-viral software didn't catch this either. Is there a particular software you would recommend (maybe I need to change what I have) or is there something else I should run in tandem to make sure this doesn't happen again?

Thanks again!

#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,573 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:27 PM

Posted 15 July 2013 - 09:54 PM

You're welcome and my pleasure.
 
 The malware is most likely what shut off your firewall as a backdoor it needed to phone home.
When your Norton expires uninstall that and install ESET or Kaspersky paid  AV.
 
Please remove this in Control Panel., old versions are exploitable by malware.
Java™ 6 Update 30 (Version: 6.0.300)
Reboot
Install Version 7 Update 25
 
Run one more tool also
thisisujrt.gif Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

Malware is getting smarter everyday.
Update and run these every month and your AV scan
AdwCleaner above
Install either MBAM (MalwareBytes)or SAS (SUPERAntispyware) and run monthly also.

Get them from our list here under Malware Removal

 

Freeware Replacements

 

 

Good read How Malware Spreads - How did I get infected


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#11 kbresli2

kbresli2
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:12:27 AM

Posted 16 July 2013 - 09:13 PM

I tried uninstalling the Java™ 6 Update 30 (Version: 6.0.300), but all it does is update & not uninstall.  Downloaded Java 7, but still can't get rid of Java 6.  Thanks you for the software suggestions.  I'll update and run monthly as suggested.

 

 

Here is the log from the Junkware Removal Tool.  It found some additional items to delete.  Hopefully, this computer is scrubbed clean!

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.1.2 (07.16.2013:1)
OS: Windows 7 Home Premium x64
Ran by KB on Tue 07/16/2013 at 22:00:22.92
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

~~~ Services

 

~~~ Registry Values

 

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{7960F9D3-989B-40E4-9CC6-6B8851BD4603}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{AE57892D-A1D9-4C79-9DAE-B9BDB9950E9E}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{7960F9D3-989B-40E4-9CC6-6B8851BD4603}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{AE57892D-A1D9-4C79-9DAE-B9BDB9950E9E}

 

~~~ Files

 

~~~ Folders

 

~~~ Event Viewer Logs were cleared

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 07/16/2013 at 22:05:09.28
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 



#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,573 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:27 PM

Posted 16 July 2013 - 09:19 PM

This will remove all Java

Run JavaRa
  • Please download JavaRa and unzip it in a folder on your desktop.
  • Double-click on JavaRa.exe to start the program.
  • Click on Settings and Place a checkmark beside Create a log file. Click on Back.
  • Click on Update JavaRa Definitions. Click on download. When this is done click on Back.
  • Choose Remove JRE, since you already uninstalled Java, please click on Next.
  • Now click on Perform Removal Routine to remove the older versions of Java installed on your computer.
  • When that's succesfully done, please click OK to close the message.
  • Click on Next. Since you already downloaded the latest version of Java, please click on Next.
  • Now click on Close this wizard and click Finish.
  • From the main menu please choose Additional Tasks
  • Place a checkmark beside Remove Outdated JRE Firefox Extentions and click Run. Mozilla Firefox should be closed before running this task.
  • When that's succesfully done you will see a message at the top saying: "Selected tasks completed successfully".
  • A log file should be created in the same directory as JavaRa.
  • Please post the log in your next reply.
  • Close JavaRa by clicking the red cross button.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#13 kbresli2

kbresli2
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:12:27 AM

Posted 17 July 2013 - 08:56 PM

I ran the JavaRa program.  While it said it removed 38 items, it did not create a log of the session - at least I couldn't find it anywhere on the computer.  I did received the message "Selected tasks completed successfully."   So I ran it again, but this time the message said 0 items were found/removed.  Unfortunately, Java 6 is still listed, and will not uninstall.  If you think it's okay, I'll just leave it there, since I downloaded Java 7 - I'm assuming this will be the active file, and not Java 6.



#14 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,573 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:27 PM

Posted 18 July 2013 - 10:00 AM

Do you have MBAM installed?

If not lets run a Quick scan with it first.

Please download Malwarebytes Anti-Malware mbamicontw5.gif and save it to your desktop.
  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.
  • Double-click on the renamed file to install, then follow these instructions
  • for doing a Quick Scan in normal mode.
  • Don't forget to check for database definition updates through the program's interface (preferable method) before scanning.
  • If you cannot update Malwarebytes or use the Internet to download any files to the infected computer, manually update the database by following the instructions in FAQ Section A: 4. Issues
Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.
  • After completing the scan, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab .
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.
Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.

-- Some types of malware will target Malwarebytes and other security tools to keep them from running properly. If that's the case, use Malwarebytes Chameleon and follow the onscreen instructions. The Chameleon folder can be accessed by opening the program folder for Malwarebytes Anti-Malware (normally C:\Program Files\Malwarebytes' Anti-Malware or C:\Program Files (x86)\Malwarebytes' Anti-Malware).
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#15 eknirb

eknirb

  • Members
  • 71 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:27 PM

Posted 14 July 2014 - 02:42 PM

Just started to get this on my PC---random audio ads.  ran the mini toolkit among other things:

 

MiniToolBox by Farbar  Version: 06-07-2014
Ran by Brinke (administrator) on 14-07-2014 at 12:37:40
Running from "C:\Users\Brinke\Desktop"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
========================= Hosts content: =================================
 
 
 
========================= IP Configuration: ================================
 
Realtek PCIe GBE Family Controller = Local Area Connection (Connected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : Brinke-HP
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
 
Ethernet adapter Local Area Connection:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : E0-69-95-A7-4B-04
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::39cb:6ef:4978:6eb2%13(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.1.3(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Monday, July 14, 2014 12:28:53 PM
   Lease Expires . . . . . . . . . . : Tuesday, July 15, 2014 12:28:52 PM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 283142549
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-B0-46-7D-E0-69-95-A7-4B-04
   DNS Servers . . . . . . . . . . . : 192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Tunnel adapter isatap.{0473936C-1AD9-4B41-8CD6-D9D03CA158F1}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 9:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 12:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft Teredo Tunneling Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:189f:21e2:3f57:fefc(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::189f:21e2:3f57:fefc%12(Preferred) 
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  UnKnown
Address:  192.168.1.1
 
Name:    google.com
Addresses:  2607:f8b0:4002:c01::64
 74.125.137.113
 74.125.137.101
 74.125.137.138
 74.125.137.139
 74.125.137.100
 74.125.137.102
 
 
Pinging google.com [74.125.137.102] with 32 bytes of data:
Reply from 74.125.137.102: bytes=32 time=69ms TTL=43
Reply from 74.125.137.102: bytes=32 time=69ms TTL=43
 
Ping statistics for 74.125.137.102:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 69ms, Maximum = 69ms, Average = 69ms
Server:  UnKnown
Address:  192.168.1.1
 
Name:    yahoo.com
Addresses:  98.139.183.24
 98.138.253.109
 206.190.36.45
 
 
Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=35ms TTL=50
Reply from 206.190.36.45: bytes=32 time=35ms TTL=50
 
Ping statistics for 206.190.36.45:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 35ms, Maximum = 35ms, Average = 35ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 13...e0 69 95 a7 4b 04 ......Realtek PCIe GBE Family Controller
  1...........................Software Loopback Interface 1
 14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 11...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
 12...00 00 00 00 00 00 00 e0 Microsoft Teredo Tunneling Adapter
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1      192.168.1.3     20
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link       192.168.1.3    276
      192.168.1.3  255.255.255.255         On-link       192.168.1.3    276
    192.168.1.255  255.255.255.255         On-link       192.168.1.3    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link       192.168.1.3    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link       192.168.1.3    276
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 12     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 12     58 2001::/32                On-link
 12    306 2001:0:9d38:6ab8:189f:21e2:3f57:fefc/128
                                    On-link
 13    276 fe80::/64                On-link
 12    306 fe80::/64                On-link
 12    306 fe80::189f:21e2:3f57:fefc/128
                                    On-link
 13    276 fe80::39cb:6ef:4978:6eb2/128
                                    On-link
  1    306 ff00::/8                 On-link
 12    306 ff00::/8                 On-link
 13    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (07/14/2014 00:28:50 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/14/2014 00:09:23 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/14/2014 11:52:45 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/14/2014 11:38:40 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x000002d4,SYSTEM\CurrentControlSet\Services\VSS\Diag\VssvcPublisher,0,REG_BINARY,0000000001F1ED00.72).  hr = 0x80070005, Access is denied.
.
 
Error: (07/14/2014 11:38:40 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x00000310,(null),0,REG_BINARY,000000000228E0C0.72).  hr = 0x80070005, Access is denied.
.
 
 
Operation:
   BackupShutdown Event
 
Context:
   Execution Context: Writer
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {a0344308-1dd2-4ea0-b7b8-c36da46d52f8}
 
Error: (07/14/2014 11:38:40 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x000006c0,(null),0,REG_BINARY,000000000250E1A0.72).  hr = 0x80070005, Access is denied.
.
 
 
Operation:
   BackupShutdown Event
 
Context:
   Execution Context: Writer
   Writer Class Id: {a6ad56c2-b509-4e6c-bb19-49d8f43532f0}
   Writer Name: WMI Writer
   Writer Instance ID: {33bc8275-c697-46cb-a958-db56a3eaeb03}
 
Error: (07/14/2014 11:38:40 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x00001298,(null),0,REG_BINARY,000000000D23E440.72).  hr = 0x80070005, Access is denied.
.
 
 
Operation:
   BackupShutdown Event
 
Context:
   Execution Context: Writer
   Writer Class Id: {cd3f2362-8bef-46c7-9181-d62844cdc0b2}
   Writer Name: MSSearch Service Writer
   Writer Instance ID: {c98b240c-04fd-407c-b180-654d7db6dc7e}
 
Error: (07/14/2014 11:38:40 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x00000310,(null),0,REG_BINARY,000000000228E0C0.72).  hr = 0x80070005, Access is denied.
.
 
 
Operation:
   BackupShutdown Event
 
Context:
   Execution Context: Writer
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {a0344308-1dd2-4ea0-b7b8-c36da46d52f8}
 
Error: (07/14/2014 11:38:40 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x000001f0,SYSTEM\CurrentControlSet\Services\VSS\Diag\Shadow Copy Optimization Writer,0,REG_BINARY,0000000001B3E820.72).  hr = 0x80070005, Access is denied.
.
 
 
Operation:
   BackupShutdown Event
 
Context:
   Execution Context: Writer
   Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Writer Name: Shadow Copy Optimization Writer
   Writer Instance ID: {eb888690-3d1b-43b4-ae65-aa17c4023803}
 
Error: (07/14/2014 11:38:40 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x000001c0,SYSTEM\CurrentControlSet\Services\VSS\Diag\COM+ REGDB Writer,0,REG_BINARY,000000000210F3E0.72).  hr = 0x80070005, Access is denied.
.
 
 
Operation:
   BackupShutdown Event
 
Context:
   Execution Context: Writer
   Writer Class Id: {542da469-d3e1-473c-9f4f-7847f01fc64f}
   Writer Name: COM+ REGDB Writer
   Writer Instance ID: {06ecdccc-e734-47f0-a275-cdff8e651cb9}
 
 
System errors:
=============
Error: (07/14/2014 00:34:38 PM) (Source: Service Control Manager) (User: )
Description: The Windows Update service hung on starting.
 
Error: (07/14/2014 00:28:48 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.
 
Error: (07/14/2014 00:28:48 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.
 
Error: (07/14/2014 00:28:48 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.
 
Error: (07/14/2014 00:28:48 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.
 
Error: (07/14/2014 00:18:31 PM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
 
Error: (07/14/2014 00:15:42 PM) (Source: Service Control Manager) (User: )
Description: The Intel® Management and Security Application User Notification Service service hung on starting.
 
Error: (07/14/2014 00:13:41 PM) (Source: Service Control Manager) (User: )
Description: The Windows Update service hung on starting.
 
Error: (07/14/2014 11:58:30 AM) (Source: Service Control Manager) (User: )
Description: The Windows Update service hung on starting.
 
Error: (07/14/2014 11:52:09 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.
 
 
Microsoft Office Sessions:
=========================
Error: (07/14/2014 00:28:50 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/14/2014 00:09:23 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/14/2014 11:52:45 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/14/2014 11:38:40 AM) (Source: VSS)(User: )
Description: RegSetValueExW(0x000002d4,SYSTEM\CurrentControlSet\Services\VSS\Diag\VssvcPublisher,0,REG_BINARY,0000000001F1ED00.72)0x80070005, Access is denied.
 
Error: (07/14/2014 11:38:40 AM) (Source: VSS)(User: )
Description: RegSetValueExW(0x00000310,(null),0,REG_BINARY,000000000228E0C0.72)0x80070005, Access is denied.
 
 
Operation:
   BackupShutdown Event
 
Context:
   Execution Context: Writer
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {a0344308-1dd2-4ea0-b7b8-c36da46d52f8}
 
Error: (07/14/2014 11:38:40 AM) (Source: VSS)(User: )
Description: RegSetValueExW(0x000006c0,(null),0,REG_BINARY,000000000250E1A0.72)0x80070005, Access is denied.
 
 
Operation:
   BackupShutdown Event
 
Context:
   Execution Context: Writer
   Writer Class Id: {a6ad56c2-b509-4e6c-bb19-49d8f43532f0}
   Writer Name: WMI Writer
   Writer Instance ID: {33bc8275-c697-46cb-a958-db56a3eaeb03}
 
Error: (07/14/2014 11:38:40 AM) (Source: VSS)(User: )
Description: RegSetValueExW(0x00001298,(null),0,REG_BINARY,000000000D23E440.72)0x80070005, Access is denied.
 
 
Operation:
   BackupShutdown Event
 
Context:
   Execution Context: Writer
   Writer Class Id: {cd3f2362-8bef-46c7-9181-d62844cdc0b2}
   Writer Name: MSSearch Service Writer
   Writer Instance ID: {c98b240c-04fd-407c-b180-654d7db6dc7e}
 
Error: (07/14/2014 11:38:40 AM) (Source: VSS)(User: )
Description: RegSetValueExW(0x00000310,(null),0,REG_BINARY,000000000228E0C0.72)0x80070005, Access is denied.
 
 
Operation:
   BackupShutdown Event
 
Context:
   Execution Context: Writer
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {a0344308-1dd2-4ea0-b7b8-c36da46d52f8}
 
Error: (07/14/2014 11:38:40 AM) (Source: VSS)(User: )
Description: RegSetValueExW(0x000001f0,SYSTEM\CurrentControlSet\Services\VSS\Diag\Shadow Copy Optimization Writer,0,REG_BINARY,0000000001B3E820.72)0x80070005, Access is denied.
 
 
Operation:
   BackupShutdown Event
 
Context:
   Execution Context: Writer
   Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Writer Name: Shadow Copy Optimization Writer
   Writer Instance ID: {eb888690-3d1b-43b4-ae65-aa17c4023803}
 
Error: (07/14/2014 11:38:40 AM) (Source: VSS)(User: )
Description: RegSetValueExW(0x000001c0,SYSTEM\CurrentControlSet\Services\VSS\Diag\COM+ REGDB Writer,0,REG_BINARY,000000000210F3E0.72)0x80070005, Access is denied.
 
 
Operation:
   BackupShutdown Event
 
Context:
   Execution Context: Writer
   Writer Class Id: {542da469-d3e1-473c-9f4f-7847f01fc64f}
   Writer Name: COM+ REGDB Writer
   Writer Instance ID: {06ecdccc-e734-47f0-a275-cdff8e651cb9}
 
 
 
=========================== Installed Programs ============================
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 13.0.0.111 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 13.0.0.111 - Adobe Systems Incorporated) Hidden
Adobe Digital Editions 3.0 (HKLM-x32\...\Adobe Digital Editions 3.0) (Version: 3.0.1 - Adobe Systems Incorporated)
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader X (10.1.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.7.148 - Adobe Systems, Inc.)
Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent) Hidden
Amazon Music (HKCU\...\Amazon Amazon Music) (Version: 3.0.5.567 - Amazon Services LLC)
Amazon Music Importer (HKLM-x32\...\com.amazon.music.uploader) (Version: 3.0.0 - Amazon Services LLC)
Amazon Music Importer (x32 Version: 3.0.0 - Amazon Services LLC) Hidden
AMD APP SDK Runtime (Version: 2.5.732.1 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{58F369B9-E0E8-A7D0-E25B-E2661E33AACC}) (Version: 3.0.842.0 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{7446FE8D-C1F9-4D42-AAAE-5DBCE58605A6}) (Version: 6.0.0.59 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{C6579A65-9CAE-4B31-8B6B-3306E0630A66}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.0.4 (HKLM-x32\...\Audacity_is1) (Version: 2.0.4 - Audacity Team)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bejeweled 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bing Desktop (HKLM-x32\...\{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}) (Version: 1.3.472.0 - Microsoft Corporation)
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blasterball 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bounce Symphony (x32 Version: 2.2.0.95 - WildTangent) Hidden
Box Sync (x32 Version: 4.0.3234.0 - Box Inc.) Hidden
Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
Calisto DFU Driver (x64) (HKLM\...\{1C20E609-768A-4FDC-AC75-2CE466D81506}) (Version: 2.4.49092.0 - Plantronics, Inc.)
Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version:  - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (x32 Version: 2011.1024.117.375 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2011.1024.117.375 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2011.1024.117.375 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2011.1024.117.375 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Profiles Desktop (x32 Version: 2011.1024.117.375 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2011.1024.0116.375 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2011.1024.0116.375 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2011.1024.0116.375 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2011.1024.0116.375 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2011.1024.0116.375 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2011.1024.0116.375 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2011.1024.0116.375 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2011.1024.0116.375 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2011.1024.0116.375 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2011.1024.0116.375 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2011.1024.0116.375 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2011.1024.0116.375 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2011.1024.0116.375 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2011.1024.0116.375 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2011.1024.0116.375 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2011.1024.0116.375 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2011.1024.0116.375 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2011.1024.0116.375 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2011.1024.0116.375 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2011.1024.0116.375 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2011.1024.0116.375 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2011.1024.0116.375 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2011.1024.117.375 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.15 - Piriform)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{5C78021E-3C8E-4EDF-97EA-E9B8D808FD6D}) (Version:  - Microsoft)
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
Dropbox (HKCU\...\Dropbox) (Version: 2.10.1 - Dropbox, Inc.)
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE - The Traitor Soul (x32 Version: 2.2.0.95 - WildTangent) Hidden
Flickr Uploadr 3.2.1 (HKLM-x32\...\Flickr Uploadr) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Drive (HKLM-x32\...\{75939021-3B68-419D-8DC1-E9823BFF9658}) (Version: 1.16.7009.9618 - Google, Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Talk (remove only) (HKCU\...\{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk) (Version:  - )
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Advisor (HKLM-x32\...\{B53E61D7-7C80-40DF-82D2-CF5390D6D20A}) (Version: 3.2.9652.3188 - Hewlett-Packard)
HP Auto (Version: 1.0.12935.3667 - Hewlett-Packard Company) Hidden
HP Client Services (Version: 1.1.12938.3539 - Hewlett-Packard) Hidden
HP Customer Experience Enhancements (x32 Version: 6.0.1.8 - Hewlett-Packard) Hidden
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.4 - WildTangent)
HP LinkUp (HKLM-x32\...\{C1AD9241-3ADD-483F-914D-071F3E50855A}) (Version: 2.01.026 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Product Detection (HKLM-x32\...\{A436F67F-687E-4736-BD2B-537121A804CF}) (Version: 11.14.0001 - HP)
HP Remote Solution (HKLM-x32\...\HP Remote Solution) (Version: 1.1.14.0 - Hewlett-Packard)
HP Remote Solution (x32 Version: 1.1.14.0 - Hewlett-Packard) Hidden
HP Setup (HKLM-x32\...\{210A03F5-B2ED-4947-B27E-516F50CBB292}) (Version: 8.6.4530.3651 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.1.13253.3682 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{7F2A11F4-EAE8-4325-83EC-E3E99F85169E}) (Version: 10.1.1000 - Hewlett-Packard)
HP Update (HKLM-x32\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.5.0.0 - Hewlett-Packard)
HydraVision (x32 Version: 4.2.212.0 - Advanced Micro Devices, Inc.) Hidden
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6325.0 - IDT)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Internet TV for Windows Media Center (HKLM-x32\...\{9D318C86-AF4C-409F-A6AC-7183FF4CF424}) (Version: 4.2.2.0 - Microsoft Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
iTunes (HKLM\...\{1493B2AE-0261-47D2-B1AA-F4DAD0F6C48B}) (Version: 10.7.0.21 - Apple Inc.)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Corporation (Version: 9.1.0.0 - Microsoft Corporation) Hidden
Microsoft Corporation (x32 Version: 9.1.0.0 - Microsoft Corporation) Hidden
Microsoft LifeCam (HKLM\...\{5CE7E3F5-9803-4F32-AA89-2D8848A80109}) (Version: 3.60.253.0 - Microsoft Corporation)
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-0080-0409-0000-0000000FF1CE}) (Version: 14.0.6106.5001 - Microsoft Corporation)
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.3.1166.0618 - Microsoft Corporation)
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (HKLM-x32\...\{95140000-007D-0409-0000-0000000FF1CE}) (Version: 14.0.5120.5000 - Microsoft Corporation)
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0 - Microsoft Corp.) Hidden
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 30.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 en-US)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Music Manager (HKCU\...\MusicManager) (Version:  - Google, Inc.)
Mystery P.I. - Stolen in San Francisco (x32 Version: 2.2.0.95 - WildTangent) Hidden
Namco All-Stars PAC-MAN (x32 Version: 2.2.0.95 - WildTangent) Hidden
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
Photo Gallery (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Picasa Uploader (HKLM-x32\...\com.webkinesis.PicasaUploaderDesktop) (Version: 0.8 - UNKNOWN)
Picasa Uploader (x32 Version: 0.8 - UNKNOWN) Hidden
Plantronics Spokes Software (HKLM-x32\...\{E338AFA2-6923-4B30-97C2-F6E60EFD1081}) (Version: 2.6.54523.0 - Plantronics, Inc.)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 3.1 r2290 - )
RealDownloader (x32 Version: 1.3.3 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 16.0) (Version: 16.0.3 - RealNetworks)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Recovery Manager (x32 Version: 5.5.3621 - CyberLink Corp.) Hidden
Remote Graphics Receiver (HKLM-x32\...\{16FC3056-90C0-4757-8A68-64D8DA846ADA}) (Version: 5.4.5 - Hewlett-Packard)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
Skype Web Plugin (HKLM-x32\...\{B51DD93B-3CB5-4D9D-BFF2-FD19DBBBFD9A}) (Version: 2.9.13008.18866 - Skype Technologies S.A.)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Slingo Supreme (x32 Version: 2.2.0.95 - WildTangent) Hidden
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.0.1118 - SUPERAntiSpyware.com)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TweetDeck (HKLM-x32\...\{639BE5F5-720F-4290-84FA-1C53568EAAD4}) (Version: 3.3.3 - Twitter)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Excel 2010 (KB2837600) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{4ACD847E-547D-493F-9A86-F73EAE1B5174}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{C0BDC1DE-C35E-422B-8CBD-C1D555468720}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUSR_{794A0574-4E2F-4D58-B2A0-D7460ACDC85C}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{DCE104A1-1875-4469-A83D-A5BFA6C4640F}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{334AA0A1-2BB1-4D74-B66A-2B2C4D9C2C87}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version:  - Microsoft)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95 - WildTangent) Hidden
Wheel of Fortune 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
WildTangent Games App (HP Games) (x32 Version: 4.0.5.2 - WildTangent) Hidden
Windows Driver Package - Plantronics, Inc. (usbser.ntamd64) Ports  (04/21/2009 5.1) (HKLM\...\07AFE62D73C8799E9E5689F86FB9F48389717BA3) (Version: 04/21/2009 5.1 - Plantronics, Inc.)
Windows Live Communications Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Media Center Add-in for Flash (HKLM-x32\...\{E2D09AC2-4153-4817-AAEB-24F92A8BCE88}) (Version: 4.1.2.0 - Microsoft Corporation)
Windows Media Center Add-in for Silverlight (HKLM-x32\...\{0EDBEB2B-7C8D-42E6-8312-0F84394A3223}) (Version: 4.7.3.0 - Microsoft Corporation)
Yahoo! BrowserPlus 2.9.8 (HKCU\...\Yahoo! BrowserPlus) (Version:  - Yahoo! Inc.)
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
 
========================= Devices: ================================
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 26%
Total physical RAM: 12268.32 MB
Available physical RAM: 8972.45 MB
Total Pagefile: 24534.83 MB
Available Pagefile: 20500.18 MB
Total Virtual: 4095.88 MB
Available Virtual: 3971.56 MB
 
========================= Partitions: =====================================
 
1 Drive c: (OS) (Fixed) (Total:920.23 GB) (Free:732.19 GB) NTFS
2 Drive d: (HP_RECOVERY) (Fixed) (Total:11.19 GB) (Free:1.33 GB) NTFS
4 Drive f: (BRINKE'S IP) (Removable) (Total:74.36 GB) (Free:5.95 GB) FAT32
 
========================= Users: ========================================
 
User accounts for \\BRINKE-HP
 
Administrator            Brinke                   Guest                    
 
========================= Minidump Files ==================================
 
No minidump file found
 
========================= Restore Points ==================================
 
07-07-2014 01:12:48 Windows Update
07-07-2014 01:21:45 Removed Image Resizer Powertoy Clone for Windows (64 bit)
09-07-2014 15:09:18 Windows Update
12-07-2014 16:04:03 Windows Update
14-07-2014 18:37:40 Checkpoint by HitmanPro
14-07-2014 18:38:15 Checkpoint by HitmanPro
 
**** End of log ****





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users