Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Start-up programs vanished


  • Please log in to reply
8 replies to this topic

#1 applesauce10189

applesauce10189

  • Members
  • 115 posts
  • OFFLINE
  •  
  • Local time:07:32 AM

Posted 23 August 2013 - 03:34 AM

I'm not sure if "Start-up programs" was the correct term to use, basically I mean the programs that come on first thing when I log on, I know they have vanished because last time I got help from this website I got a program called WinPatrol and it interrupted my game with a bunch of pop-ups notifying me of each and every program that was deleted, I was scared because I only have about 2-3 programs that auto start up when I log in, and it was about 10 (estimate) pop-ups one after another notifying me, I read the first pop-up and then skimmed over the others because they were all the same, the only difference was the name of the program it was saying wouldn't start up as soon as I log in any more, after this I was scared maybe all my files and such were being deleted by a virus, so I closed every window I had open except for Itunes (I was listening to music and was annoyed at the time so honestly I didn't care) and skype then I ran a full scan with Microsoft Security Essentials, two hours later it found absolutely nothing, I'm unsure what to do,

 

 

Thank you for taking the time to read this.

 

Quick edit: I left my skype open because I had a friend that's insanely good with computers (compared to me anyways) I was hoping could help, but to no avail, he was clueless.


Edited by applesauce10189, 23 August 2013 - 03:37 AM.


BC AdBot (Login to Remove)

 


#2 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:02:32 PM

Posted 24 August 2013 - 12:53 PM

Hello,

I will be helping you with your problems. Please be patient while I assist you.

Some points for you to keep in mind while I am helping you to make things go easier and faster for both of us
 

  • Please do NOT run, install or uninstall any programs,  unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
          
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
          
  • Please read every post completely before doing anything. 
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
          
  • Please provide feedback about your experience as we go. 
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
          

NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.
- Do NOT backup any unknown files ending in .exe, .com, .scr, .pif, and .bat since files of these types are more likely to be infected.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.

----------------------------------------------

Please do the following:

:step1:

Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!


  • Double-click on TDSSKiller.exe on your desktop to run the tool for known TDSS variants.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click on change parameters
  • Under Objects to scan, check the boxes next to Verify file digital signatures, Detect TDLFS file system, then click OK.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not an option, Skip instead, do NOT choose Delete or Quarantine unless instructed.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the full contents of that file in your next reply. - If the log is too long, then split it into multiple posts.


:step2:

Please download AdwCleaner by Xplode onto your desktop.


  • Double click on AdwCleaner.exe to run the tool.
  • Click on Search.
  • A logfile will automatically open after the scan has finished.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[R1].txt as well.


:step3:

Please download Farbar Service Scanner and run it on the computer with the issue.


  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press Scan.
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the full contents of the log in your next reply.


:step4:

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:


  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices (Only Problems)
  • List Users, Partitions and Memory size.
  • List Minidump Files
  • List Restore points

NOTE: When using "Reset FF Proxy Settings" option Firefox should be closed.

Click Go and post the full contents of the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.


Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#3 applesauce10189

applesauce10189
  • Topic Starter

  • Members
  • 115 posts
  • OFFLINE
  •  
  • Local time:07:32 AM

Posted 24 August 2013 - 08:30 PM

18:13:49.0824 0x52e4  TDSS rootkit removing tool 2.9.2.0 Aug 15 2013 16:44:29
18:13:50.0363 0x52e4  ============================================================
18:13:50.0363 0x52e4  Current date / time: 2013/08/24 18:13:50.0363
18:13:50.0363 0x52e4  SystemInfo:
18:13:50.0363 0x52e4  
18:13:50.0363 0x52e4  OS Version: 6.1.7601 ServicePack: 1.0
18:13:50.0363 0x52e4  Product type: Workstation
18:13:50.0364 0x52e4  ComputerName: KYLENOBLE-PC
18:13:50.0364 0x52e4  UserName: Kyle Noble
18:13:50.0364 0x52e4  Windows directory: C:\windows
18:13:50.0364 0x52e4  System windows directory: C:\windows
18:13:50.0364 0x52e4  Running under WOW64
18:13:50.0364 0x52e4  Processor architecture: Intel x64
18:13:50.0364 0x52e4  Number of processors: 4
18:13:50.0364 0x52e4  Page size: 0x1000
18:13:50.0364 0x52e4  Boot type: Normal boot
18:13:50.0364 0x52e4  ============================================================
18:13:53.0195 0x52e4  Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:13:53.0202 0x52e4  ============================================================
18:13:53.0202 0x52e4  \Device\Harddisk0\DR0:
18:13:53.0202 0x52e4  MBR partitions:
18:13:53.0202 0x52e4  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x48928000
18:13:53.0202 0x52e4  ============================================================
18:13:53.0277 0x52e4  C: <-> \Device\Harddisk0\DR0\Partition1
18:13:53.0301 0x52e4  ============================================================
18:13:53.0301 0x52e4  Initialize success
18:13:53.0301 0x52e4  ============================================================
18:15:45.0047 0x088c  ============================================================
18:15:45.0047 0x088c  Scan started
18:15:45.0047 0x088c  Mode: Manual; SigCheck; TDLFS; 
18:15:45.0047 0x088c  ============================================================
18:15:46.0962 0x088c  ================ Scan system memory ========================
18:15:46.0962 0x088c  System memory - ok
18:15:46.0963 0x088c  ================ Scan services =============================
18:15:47.0445 0x088c  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\windows\system32\drivers\1394ohci.sys
18:15:47.0754 0x088c  1394ohci - ok
18:15:47.0919 0x088c  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\windows\system32\drivers\ACPI.sys
18:15:47.0940 0x088c  ACPI - ok
18:15:48.0025 0x088c  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\windows\system32\drivers\acpipmi.sys
18:15:48.0316 0x088c  AcpiPmi - ok
18:15:48.0428 0x088c  [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:15:48.0444 0x088c  AdobeARMservice - ok
18:15:48.0749 0x088c  [ 476BB014F3F68C0C15EDDD5B444DA8FF ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:15:48.0766 0x088c  AdobeFlashPlayerUpdateSvc - ok
18:15:48.0899 0x088c  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\windows\system32\drivers\adp94xx.sys
18:15:48.0924 0x088c  adp94xx - ok
18:15:49.0080 0x088c  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\windows\system32\drivers\adpahci.sys
18:15:49.0100 0x088c  adpahci - ok
18:15:49.0143 0x088c  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\windows\system32\drivers\adpu320.sys
18:15:49.0160 0x088c  adpu320 - ok
18:15:49.0235 0x088c  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\windows\System32\aelupsvc.dll
18:15:49.0924 0x088c  AeLookupSvc - ok
18:15:50.0096 0x088c  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\windows\system32\drivers\afd.sys
18:15:50.0242 0x088c  AFD - ok
18:15:50.0298 0x088c  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\windows\system32\drivers\agp440.sys
18:15:50.0314 0x088c  agp440 - ok
18:15:50.0418 0x088c  [ CCC1C25DDAE3FCF39D0849F6AFB19DDE ] aksdf           C:\windows\system32\drivers\aksdf.sys
18:15:50.0498 0x088c  aksdf - ok
18:15:50.0550 0x088c  [ BA2342582697D66A2BFE84B702BDD78F ] aksfridge       C:\windows\system32\drivers\aksfridge.sys
18:15:50.0578 0x088c  aksfridge - ok
18:15:50.0726 0x088c  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\windows\System32\alg.exe
18:15:50.0835 0x088c  ALG - ok
18:15:50.0883 0x088c  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\windows\system32\drivers\aliide.sys
18:15:50.0964 0x088c  aliide - ok
18:15:51.0045 0x088c  [ E9F172F8067830AB6418FCF13B7C82F1 ] AMD External Events Utility C:\windows\system32\atiesrxx.exe
18:15:51.0209 0x088c  AMD External Events Utility - ok
18:15:51.0250 0x088c  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\windows\system32\drivers\amdide.sys
18:15:51.0265 0x088c  amdide - ok
18:15:51.0308 0x088c  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\windows\system32\drivers\amdk8.sys
18:15:51.0373 0x088c  AmdK8 - ok
18:15:51.0871 0x088c  [ 3EA481540BF571CE2AC422249C4E18A9 ] amdkmdag        C:\windows\system32\DRIVERS\atikmdag.sys
18:15:52.0307 0x088c  amdkmdag - ok
18:15:52.0370 0x088c  [ C5228C5FD5CA78002255089C4E74DC0E ] amdkmdap        C:\windows\system32\DRIVERS\atikmpag.sys
18:15:52.0421 0x088c  amdkmdap - ok
18:15:52.0567 0x088c  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\windows\system32\DRIVERS\amdppm.sys
18:15:52.0601 0x088c  AmdPPM - ok
18:15:52.0742 0x088c  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\windows\system32\drivers\amdsata.sys
18:15:52.0758 0x088c  amdsata - ok
18:15:52.0937 0x088c  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\windows\system32\drivers\amdsbs.sys
18:15:52.0956 0x088c  amdsbs - ok
18:15:53.0135 0x088c  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\windows\system32\drivers\amdxata.sys
18:15:53.0150 0x088c  amdxata - ok
18:15:53.0239 0x088c  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\windows\system32\drivers\appid.sys
18:15:54.0296 0x088c  AppID - ok
18:15:54.0332 0x088c  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\windows\System32\appidsvc.dll
18:15:54.0467 0x088c  AppIDSvc - ok
18:15:54.0732 0x088c  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\windows\System32\appinfo.dll
18:15:54.0863 0x088c  Appinfo - ok
18:15:55.0008 0x088c  [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:15:55.0024 0x088c  Apple Mobile Device - ok
18:15:55.0094 0x088c  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\windows\system32\drivers\arc.sys
18:15:55.0110 0x088c  arc - ok
18:15:55.0155 0x088c  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\windows\system32\drivers\arcsas.sys
18:15:55.0171 0x088c  arcsas - ok
18:15:55.0377 0x088c  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
18:15:55.0431 0x088c  aspnet_state - ok
18:15:55.0540 0x088c  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\windows\system32\DRIVERS\asyncmac.sys
18:15:55.0730 0x088c  AsyncMac - ok
18:15:55.0757 0x088c  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\windows\system32\drivers\atapi.sys
18:15:55.0771 0x088c  atapi - ok
18:15:56.0023 0x088c  [ B2931C83CFB12A3223A47B180473AE1A ] athr            C:\windows\system32\DRIVERS\athrx.sys
18:15:56.0203 0x088c  athr - ok
18:15:56.0312 0x088c  [ 4BF5BCA6E2608CD8A00BC4A6673A9F47 ] AtiHDAudioService C:\windows\system32\drivers\AtihdW76.sys
18:15:56.0556 0x088c  AtiHDAudioService - ok
18:15:56.0672 0x088c  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
18:15:56.0745 0x088c  AudioEndpointBuilder - ok
18:15:56.0758 0x088c  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\windows\System32\Audiosrv.dll
18:15:56.0814 0x088c  AudioSrv - ok
18:15:56.0868 0x088c  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\windows\System32\AxInstSV.dll
18:15:57.0059 0x088c  AxInstSV - ok
18:15:57.0144 0x088c  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\windows\system32\drivers\bxvbda.sys
18:15:57.0275 0x088c  b06bdrv - ok
18:15:57.0381 0x088c  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\windows\system32\DRIVERS\b57nd60a.sys
18:15:57.0448 0x088c  b57nd60a - ok
18:15:57.0546 0x088c  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\windows\System32\bdesvc.dll
18:15:57.0705 0x088c  BDESVC - ok
18:15:57.0785 0x088c  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\windows\system32\drivers\Beep.sys
18:15:57.0853 0x088c  Beep - ok
18:15:57.0975 0x088c  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\windows\System32\bfe.dll
18:15:58.0064 0x088c  BFE - ok
18:15:58.0143 0x088c  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\windows\System32\qmgr.dll
18:15:58.0515 0x088c  BITS - ok
18:15:58.0768 0x088c  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\windows\system32\DRIVERS\blbdrive.sys
18:15:58.0834 0x088c  blbdrive - ok
18:15:59.0377 0x088c  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:15:59.0397 0x088c  Bonjour Service - ok
18:15:59.0505 0x088c  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\windows\system32\DRIVERS\bowser.sys
18:15:59.0608 0x088c  bowser - ok
18:15:59.0663 0x088c  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\windows\system32\drivers\BrFiltLo.sys
18:15:59.0703 0x088c  BrFiltLo - ok
18:15:59.0727 0x088c  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\windows\system32\drivers\BrFiltUp.sys
18:15:59.0819 0x088c  BrFiltUp - ok
18:15:59.0938 0x088c  [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP        C:\windows\system32\DRIVERS\bridge.sys
18:16:00.0002 0x088c  BridgeMP - ok
18:16:00.0082 0x088c  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\windows\System32\browser.dll
18:16:00.0190 0x088c  Browser - ok
18:16:00.0227 0x088c  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\windows\System32\Drivers\Brserid.sys
18:16:00.0332 0x088c  Brserid - ok
18:16:00.0374 0x088c  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\windows\System32\Drivers\BrSerWdm.sys
18:16:00.0421 0x088c  BrSerWdm - ok
18:16:00.0452 0x088c  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\windows\System32\Drivers\BrUsbMdm.sys
18:16:00.0488 0x088c  BrUsbMdm - ok
18:16:00.0494 0x088c  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\windows\System32\Drivers\BrUsbSer.sys
18:16:00.0533 0x088c  BrUsbSer - ok
18:16:00.0617 0x088c  [ 2347ABBD13BADA65826FDAB4CAAFE357 ] BtFilter        C:\windows\system32\DRIVERS\btfilter.sys
18:16:00.0631 0x088c  BtFilter - ok
18:16:00.0690 0x088c  [ CF98190A94F62E405C8CB255018B2315 ] BthEnum         C:\windows\system32\drivers\BthEnum.sys
18:16:00.0813 0x088c  BthEnum - ok
18:16:00.0837 0x088c  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\windows\system32\drivers\bthmodem.sys
18:16:00.0891 0x088c  BTHMODEM - ok
18:16:00.0934 0x088c  [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan          C:\windows\system32\DRIVERS\bthpan.sys
18:16:01.0051 0x088c  BthPan - ok
18:16:01.0172 0x088c  [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT         C:\windows\System32\Drivers\BTHport.sys
18:16:01.0215 0x088c  BTHPORT - ok
18:16:01.0240 0x088c  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\windows\system32\bthserv.dll
18:16:01.0305 0x088c  bthserv - ok
18:16:01.0361 0x088c  [ F188B7394D81010767B6DF3178519A37 ] BTHUSB          C:\windows\System32\Drivers\BTHUSB.sys
18:16:01.0475 0x088c  BTHUSB - ok
18:16:01.0493 0x088c  catchme - ok
18:16:01.0515 0x088c  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\windows\system32\DRIVERS\cdfs.sys
18:16:01.0583 0x088c  cdfs - ok
18:16:01.0706 0x088c  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\windows\system32\DRIVERS\cdrom.sys
18:16:01.0802 0x088c  cdrom - ok
18:16:01.0885 0x088c  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\windows\System32\certprop.dll
18:16:01.0955 0x088c  CertPropSvc - ok
18:16:01.0983 0x088c  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\windows\system32\drivers\circlass.sys
18:16:02.0032 0x088c  circlass - ok
18:16:02.0128 0x088c  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\windows\system32\CLFS.sys
18:16:02.0149 0x088c  CLFS - ok
18:16:02.0217 0x088c  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:16:02.0231 0x088c  clr_optimization_v2.0.50727_32 - ok
18:16:02.0293 0x088c  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:16:02.0326 0x088c  clr_optimization_v2.0.50727_64 - ok
18:16:02.0474 0x088c  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:16:02.0575 0x088c  clr_optimization_v4.0.30319_32 - ok
18:16:02.0608 0x088c  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:16:02.0647 0x088c  clr_optimization_v4.0.30319_64 - ok
18:16:02.0711 0x088c  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\windows\system32\DRIVERS\CmBatt.sys
18:16:02.0755 0x088c  CmBatt - ok
18:16:02.0774 0x088c  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\windows\system32\drivers\cmdide.sys
18:16:02.0789 0x088c  cmdide - ok
18:16:02.0852 0x088c  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\windows\system32\Drivers\cng.sys
18:16:02.0916 0x088c  CNG - ok
18:16:02.0958 0x088c  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\windows\system32\drivers\compbatt.sys
18:16:02.0973 0x088c  Compbatt - ok
18:16:02.0992 0x088c  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\windows\system32\DRIVERS\CompositeBus.sys
18:16:03.0030 0x088c  CompositeBus - ok
18:16:03.0070 0x088c  COMSysApp - ok
18:16:03.0119 0x088c  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\windows\system32\drivers\crcdisk.sys
18:16:03.0134 0x088c  crcdisk - ok
18:16:03.0205 0x088c  [ 6B400F211BEE880A37A1ED0368776BF4 ] CryptSvc        C:\windows\system32\cryptsvc.dll
18:16:03.0328 0x088c  CryptSvc - ok
18:16:03.0397 0x088c  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\windows\system32\rpcss.dll
18:16:03.0466 0x088c  DcomLaunch - ok
18:16:03.0518 0x088c  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\windows\System32\defragsvc.dll
18:16:03.0590 0x088c  defragsvc - ok
18:16:03.0617 0x088c  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\windows\system32\Drivers\dfsc.sys
18:16:03.0678 0x088c  DfsC - ok
18:16:03.0751 0x088c  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\windows\system32\dhcpcore.dll
18:16:03.0857 0x088c  Dhcp - ok
18:16:03.0908 0x088c  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\windows\system32\drivers\discache.sys
18:16:03.0982 0x088c  discache - ok
18:16:04.0043 0x088c  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\windows\system32\drivers\disk.sys
18:16:04.0059 0x088c  Disk - ok
18:16:04.0117 0x088c  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\windows\System32\dnsrslvr.dll
18:16:04.0186 0x088c  Dnscache - ok
18:16:04.0200 0x088c  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\windows\System32\dot3svc.dll
18:16:04.0289 0x088c  dot3svc - ok
18:16:04.0356 0x088c  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\windows\system32\dps.dll
18:16:04.0423 0x088c  DPS - ok
18:16:04.0462 0x088c  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\windows\system32\drivers\drmkaud.sys
18:16:04.0500 0x088c  drmkaud - ok
18:16:04.0598 0x088c  [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl         C:\windows\System32\drivers\dxgkrnl.sys
18:16:04.0630 0x088c  DXGKrnl - ok
18:16:04.0694 0x088c  EagleX64 - ok
18:16:04.0759 0x088c  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\windows\System32\eapsvc.dll
18:16:04.0837 0x088c  EapHost - ok
18:16:05.0493 0x088c  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\windows\system32\drivers\evbda.sys
18:16:05.0656 0x088c  ebdrv - ok
18:16:05.0713 0x088c  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\windows\System32\lsass.exe
18:16:05.0797 0x088c  EFS - ok
18:16:05.0854 0x088c  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\windows\ehome\ehRecvr.exe
18:16:05.0961 0x088c  ehRecvr - ok
18:16:06.0102 0x088c  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\windows\ehome\ehsched.exe
18:16:06.0122 0x088c  ehSched - ok
18:16:06.0252 0x088c  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\windows\system32\drivers\elxstor.sys
18:16:06.0272 0x088c  elxstor - ok
18:16:06.0292 0x088c  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\windows\system32\drivers\errdev.sys
18:16:06.0342 0x088c  ErrDev - ok
18:16:06.0402 0x088c  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\windows\system32\es.dll
18:16:06.0472 0x088c  EventSystem - ok
18:16:06.0552 0x088c  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\windows\system32\drivers\exfat.sys
18:16:06.0602 0x088c  exfat - ok
18:16:06.0622 0x088c  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\windows\system32\drivers\fastfat.sys
18:16:06.0682 0x088c  fastfat - ok
18:16:06.0732 0x088c  FastFreeConverterUpdt - ok
18:16:06.0802 0x088c  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\windows\system32\fxssvc.exe
18:16:06.0932 0x088c  Fax - ok
18:16:06.0992 0x088c  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\windows\system32\drivers\fdc.sys
18:16:07.0062 0x088c  fdc - ok
18:16:07.0162 0x088c  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\windows\system32\fdPHost.dll
18:16:07.0252 0x088c  fdPHost - ok
18:16:07.0282 0x088c  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\windows\system32\fdrespub.dll
18:16:07.0332 0x088c  FDResPub - ok
18:16:07.0342 0x088c  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\windows\system32\drivers\fileinfo.sys
18:16:07.0352 0x088c  FileInfo - ok
18:16:07.0372 0x088c  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\windows\system32\drivers\filetrace.sys
18:16:07.0442 0x088c  Filetrace - ok
18:16:07.0722 0x088c  [ 7E76EED28B8B8696B7F7ED5F757AA304 ] FileZilla Server C:\Program Files (x86)\FileZilla Server\FileZilla Server.exe
18:16:07.0772 0x088c  FileZilla Server ( UnsignedFile.Multi.Generic ) - warning
18:16:07.0772 0x088c  FileZilla Server - detected UnsignedFile.Multi.Generic (1)
18:16:07.0822 0x088c  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\windows\system32\drivers\flpydisk.sys
18:16:07.0842 0x088c  flpydisk - ok
18:16:07.0952 0x088c  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\windows\system32\drivers\fltmgr.sys
18:16:07.0972 0x088c  FltMgr - ok
18:16:08.0122 0x088c  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\windows\system32\FntCache.dll
18:16:08.0232 0x088c  FontCache - ok
18:16:08.0382 0x088c  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:16:08.0392 0x088c  FontCache3.0.0.0 - ok
18:16:08.0452 0x088c  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\windows\system32\drivers\FsDepends.sys
18:16:08.0472 0x088c  FsDepends - ok
18:16:08.0522 0x088c  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\windows\system32\drivers\Fs_Rec.sys
18:16:08.0532 0x088c  Fs_Rec - ok
18:16:08.0642 0x088c  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\windows\system32\DRIVERS\fvevol.sys
18:16:08.0662 0x088c  fvevol - ok
18:16:08.0712 0x088c  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\windows\system32\drivers\gagp30kx.sys
18:16:08.0732 0x088c  gagp30kx - ok
18:16:08.0992 0x088c  [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
18:16:09.0012 0x088c  GamesAppService - ok
18:16:09.0072 0x088c  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\windows\system32\DRIVERS\GEARAspiWDM.sys
18:16:09.0082 0x088c  GEARAspiWDM - ok
18:16:09.0242 0x088c  [ FA07EC01952729DDDDC5BF4BAE06B09E ] GFNEXSrv        C:\Windows\System32\GFNEXSrv.exe
18:16:09.0262 0x088c  GFNEXSrv - ok
18:16:09.0392 0x088c  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\windows\System32\gpsvc.dll
18:16:09.0452 0x088c  gpsvc - ok
18:16:09.0542 0x088c  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:16:09.0562 0x088c  gupdate - ok
18:16:09.0582 0x088c  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:16:09.0592 0x088c  gupdatem - ok
18:16:09.0702 0x088c  [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
18:16:09.0722 0x088c  gusvc - ok
18:16:09.0822 0x088c  [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi         C:\windows\system32\DRIVERS\hamachi.sys
18:16:09.0842 0x088c  hamachi - ok
18:16:10.0162 0x088c  [ B1E3F445943F06E36DC079AF28D0F86B ] Hamachi2Svc     C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
18:16:10.0272 0x088c  Hamachi2Svc - ok
18:16:10.0392 0x088c  [ 2C03A69F76A5075C9B63893503A36B87 ] hardlock        C:\windows\system32\drivers\hardlock.sys
18:16:10.0572 0x088c  hardlock - ok
18:16:10.0782 0x088c  hasplms - ok
18:16:10.0892 0x088c  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\windows\system32\drivers\hcw85cir.sys
18:16:11.0062 0x088c  hcw85cir - ok
18:16:11.0202 0x088c  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
18:16:11.0242 0x088c  HdAudAddService - ok
18:16:11.0292 0x088c  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\windows\system32\DRIVERS\HDAudBus.sys
18:16:11.0333 0x088c  HDAudBus - ok
18:16:11.0393 0x088c  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\windows\system32\drivers\HidBatt.sys
18:16:11.0433 0x088c  HidBatt - ok
18:16:11.0453 0x088c  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\windows\system32\drivers\hidbth.sys
18:16:11.0473 0x088c  HidBth - ok
18:16:11.0513 0x088c  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\windows\system32\drivers\hidir.sys
18:16:11.0533 0x088c  HidIr - ok
18:16:11.0563 0x088c  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\windows\System32\hidserv.dll
18:16:11.0633 0x088c  hidserv - ok
18:16:11.0773 0x088c  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\windows\system32\DRIVERS\hidusb.sys
18:16:11.0803 0x088c  HidUsb - ok
18:16:12.0023 0x088c  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\windows\system32\kmsvc.dll
18:16:12.0113 0x088c  hkmsvc - ok
18:16:12.0133 0x088c  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll
18:16:12.0333 0x088c  HomeGroupListener - ok
18:16:12.0363 0x088c  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll
18:16:12.0393 0x088c  HomeGroupProvider - ok
18:16:12.0433 0x088c  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\windows\system32\drivers\HpSAMD.sys
18:16:12.0453 0x088c  HpSAMD - ok
18:16:12.0483 0x088c  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\windows\system32\drivers\HTTP.sys
18:16:12.0553 0x088c  HTTP - ok
18:16:12.0583 0x088c  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\windows\system32\drivers\hwpolicy.sys
18:16:12.0603 0x088c  hwpolicy - ok
18:16:12.0673 0x088c  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\windows\system32\DRIVERS\i8042prt.sys
18:16:12.0683 0x088c  i8042prt - ok
18:16:12.0713 0x088c  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\windows\system32\drivers\iaStorV.sys
18:16:12.0733 0x088c  iaStorV - ok
18:16:12.0783 0x088c  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:16:12.0803 0x088c  idsvc - ok
18:16:12.0833 0x088c  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\windows\system32\drivers\iirsp.sys
18:16:12.0853 0x088c  iirsp - ok
18:16:12.0913 0x088c  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\windows\System32\ikeext.dll
18:16:12.0973 0x088c  IKEEXT - ok
18:16:13.0073 0x088c  [ 028E40182A6F0374978C755F85B9F07C ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
18:16:13.0123 0x088c  IntcAzAudAddService - ok
18:16:13.0173 0x088c  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\windows\system32\drivers\intelide.sys
18:16:13.0183 0x088c  intelide - ok
18:16:13.0223 0x088c  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\windows\system32\drivers\intelppm.sys
18:16:13.0253 0x088c  intelppm - ok
18:16:13.0293 0x088c  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\windows\system32\ipbusenum.dll
18:16:13.0353 0x088c  IPBusEnum - ok
18:16:13.0373 0x088c  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\windows\system32\DRIVERS\ipfltdrv.sys
18:16:13.0433 0x088c  IpFilterDriver - ok
18:16:13.0483 0x088c  [ 08C2957BB30058E663720C5606885653 ] IpHlpSvc        C:\windows\System32\iphlpsvc.dll
18:16:13.0553 0x088c  IpHlpSvc - ok
18:16:13.0573 0x088c  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\windows\system32\drivers\IPMIDrv.sys
18:16:13.0603 0x088c  IPMIDRV - ok
18:16:13.0643 0x088c  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\windows\system32\drivers\ipnat.sys
18:16:13.0693 0x088c  IPNAT - ok
18:16:13.0753 0x088c  [ 4EFFC8FF6D349E971E94B1C670C0C66A ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
18:16:13.0773 0x088c  iPod Service - ok
18:16:13.0813 0x088c  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\windows\system32\drivers\irenum.sys
18:16:13.0833 0x088c  IRENUM - ok
18:16:13.0843 0x088c  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\windows\system32\drivers\isapnp.sys
18:16:13.0853 0x088c  isapnp - ok
18:16:13.0873 0x088c  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\windows\system32\drivers\msiscsi.sys
18:16:13.0893 0x088c  iScsiPrt - ok
18:16:13.0913 0x088c  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\windows\system32\DRIVERS\kbdclass.sys
18:16:13.0933 0x088c  kbdclass - ok
18:16:13.0963 0x088c  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\windows\system32\DRIVERS\kbdhid.sys
18:16:13.0983 0x088c  kbdhid - ok
18:16:14.0003 0x088c  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\windows\system32\lsass.exe
18:16:14.0013 0x088c  KeyIso - ok
18:16:14.0033 0x088c  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\windows\system32\Drivers\ksecdd.sys
18:16:14.0053 0x088c  KSecDD - ok
18:16:14.0063 0x088c  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\windows\system32\Drivers\ksecpkg.sys
18:16:14.0083 0x088c  KSecPkg - ok
18:16:14.0113 0x088c  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\windows\system32\drivers\ksthunk.sys
18:16:14.0183 0x088c  ksthunk - ok
18:16:14.0213 0x088c  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\windows\system32\msdtckrm.dll
18:16:14.0283 0x088c  KtmRm - ok
18:16:14.0333 0x088c  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\windows\System32\srvsvc.dll
18:16:14.0393 0x088c  LanmanServer - ok
18:16:14.0433 0x088c  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
18:16:14.0483 0x088c  LanmanWorkstation - ok
18:16:14.0523 0x088c  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\windows\system32\DRIVERS\lltdio.sys
18:16:14.0583 0x088c  lltdio - ok
18:16:14.0623 0x088c  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\windows\System32\lltdsvc.dll
18:16:14.0683 0x088c  lltdsvc - ok
18:16:14.0703 0x088c  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\windows\System32\lmhsvc.dll
18:16:14.0743 0x088c  lmhosts - ok
18:16:14.0783 0x088c  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\windows\system32\drivers\lsi_fc.sys
18:16:14.0793 0x088c  LSI_FC - ok
18:16:14.0813 0x088c  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\windows\system32\drivers\lsi_sas.sys
18:16:14.0833 0x088c  LSI_SAS - ok
18:16:14.0853 0x088c  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\windows\system32\drivers\lsi_sas2.sys
18:16:14.0863 0x088c  LSI_SAS2 - ok
18:16:14.0883 0x088c  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\windows\system32\drivers\lsi_scsi.sys
18:16:14.0903 0x088c  LSI_SCSI - ok
18:16:14.0943 0x088c  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\windows\system32\drivers\luafv.sys
18:16:15.0023 0x088c  luafv - ok
18:16:15.0063 0x088c  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\windows\system32\Mcx2Svc.dll
18:16:15.0083 0x088c  Mcx2Svc - ok
18:16:15.0103 0x088c  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\windows\system32\drivers\megasas.sys
18:16:15.0113 0x088c  megasas - ok
18:16:15.0143 0x088c  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\windows\system32\drivers\MegaSR.sys
18:16:15.0163 0x088c  MegaSR - ok
18:16:15.0193 0x088c  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\windows\system32\mmcss.dll
18:16:15.0253 0x088c  MMCSS - ok
18:16:15.0263 0x088c  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\windows\system32\drivers\modem.sys
18:16:15.0333 0x088c  Modem - ok
18:16:15.0373 0x088c  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\windows\system32\DRIVERS\monitor.sys
18:16:15.0403 0x088c  monitor - ok
18:16:15.0433 0x088c  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\windows\system32\DRIVERS\mouclass.sys
18:16:15.0453 0x088c  mouclass - ok
18:16:15.0473 0x088c  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\windows\system32\DRIVERS\mouhid.sys
18:16:15.0503 0x088c  mouhid - ok
18:16:15.0533 0x088c  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\windows\system32\drivers\mountmgr.sys
18:16:15.0543 0x088c  mountmgr - ok
18:16:15.0643 0x088c  [ 825BF0E46B4470A463AEB641480C5FCA ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:16:15.0653 0x088c  MozillaMaintenance - ok
18:16:15.0703 0x088c  [ F8A10560B35C66F9DE212F03DAD5BFA7 ] MpFilter        C:\windows\system32\DRIVERS\MpFilter.sys
18:16:15.0723 0x088c  MpFilter - ok
18:16:15.0743 0x088c  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\windows\system32\drivers\mpio.sys
18:16:15.0763 0x088c  mpio - ok
18:16:15.0783 0x088c  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\windows\system32\drivers\mpsdrv.sys
18:16:15.0823 0x088c  mpsdrv - ok
18:16:15.0893 0x088c  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\windows\system32\mpssvc.dll
18:16:15.0963 0x088c  MpsSvc - ok
18:16:15.0993 0x088c  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\windows\system32\drivers\mrxdav.sys
18:16:16.0033 0x088c  MRxDAV - ok
18:16:16.0053 0x088c  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\windows\system32\DRIVERS\mrxsmb.sys
18:16:16.0143 0x088c  mrxsmb - ok
18:16:16.0163 0x088c  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\windows\system32\DRIVERS\mrxsmb10.sys
18:16:16.0193 0x088c  mrxsmb10 - ok
18:16:16.0213 0x088c  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\windows\system32\DRIVERS\mrxsmb20.sys
18:16:16.0243 0x088c  mrxsmb20 - ok
18:16:16.0263 0x088c  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\windows\system32\DRIVERS\msahci.sys
18:16:16.0273 0x088c  msahci - ok
18:16:16.0293 0x088c  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\windows\system32\drivers\msdsm.sys
18:16:16.0313 0x088c  msdsm - ok
18:16:16.0343 0x088c  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\windows\System32\msdtc.exe
18:16:16.0383 0x088c  MSDTC - ok
18:16:16.0403 0x088c  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\windows\system32\drivers\Msfs.sys
18:16:16.0453 0x088c  Msfs - ok
18:16:16.0533 0x088c  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\windows\System32\drivers\mshidkmdf.sys
18:16:16.0593 0x088c  mshidkmdf - ok
18:16:16.0613 0x088c  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\windows\system32\drivers\msisadrv.sys
18:16:16.0623 0x088c  msisadrv - ok
18:16:16.0663 0x088c  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\windows\system32\iscsiexe.dll
18:16:16.0723 0x088c  MSiSCSI - ok
18:16:16.0723 0x088c  msiserver - ok
18:16:16.0753 0x088c  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\windows\system32\drivers\MSKSSRV.sys
18:16:16.0813 0x088c  MSKSSRV - ok
18:16:16.0903 0x088c  [ E07DEC52FF801841BA9B6878A60304FB ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
18:16:16.0923 0x088c  MsMpSvc - ok
18:16:16.0953 0x088c  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\windows\system32\drivers\MSPCLOCK.sys
18:16:16.0993 0x088c  MSPCLOCK - ok
18:16:17.0013 0x088c  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\windows\system32\drivers\MSPQM.sys
18:16:17.0063 0x088c  MSPQM - ok
18:16:17.0083 0x088c  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\windows\system32\drivers\MsRPC.sys
18:16:17.0103 0x088c  MsRPC - ok
18:16:17.0123 0x088c  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\windows\system32\DRIVERS\mssmbios.sys
18:16:17.0143 0x088c  mssmbios - ok
18:16:17.0163 0x088c  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\windows\system32\drivers\MSTEE.sys
18:16:17.0213 0x088c  MSTEE - ok
18:16:17.0243 0x088c  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\windows\system32\drivers\MTConfig.sys
18:16:17.0263 0x088c  MTConfig - ok
18:16:17.0283 0x088c  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\windows\system32\Drivers\mup.sys
18:16:17.0303 0x088c  Mup - ok
18:16:17.0333 0x088c  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\windows\system32\qagentRT.dll
18:16:17.0393 0x088c  napagent - ok
18:16:17.0443 0x088c  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\windows\system32\DRIVERS\nwifi.sys
18:16:17.0503 0x088c  NativeWifiP - ok
18:16:17.0573 0x088c  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\windows\system32\drivers\ndis.sys
18:16:17.0613 0x088c  NDIS - ok
18:16:17.0643 0x088c  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\windows\system32\DRIVERS\ndiscap.sys
18:16:17.0693 0x088c  NdisCap - ok
18:16:17.0733 0x088c  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\windows\system32\DRIVERS\ndistapi.sys
18:16:17.0773 0x088c  NdisTapi - ok
18:16:17.0783 0x088c  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\windows\system32\DRIVERS\ndisuio.sys
18:16:17.0843 0x088c  Ndisuio - ok
18:16:17.0863 0x088c  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\windows\system32\DRIVERS\ndiswan.sys
18:16:17.0923 0x088c  NdisWan - ok
18:16:17.0953 0x088c  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\windows\system32\drivers\NDProxy.sys
18:16:17.0993 0x088c  NDProxy - ok
18:16:18.0023 0x088c  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\windows\system32\DRIVERS\netbios.sys
18:16:18.0073 0x088c  NetBIOS - ok
18:16:18.0103 0x088c  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\windows\system32\DRIVERS\netbt.sys
18:16:18.0143 0x088c  NetBT - ok
18:16:18.0163 0x088c  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\windows\system32\lsass.exe
18:16:18.0183 0x088c  Netlogon - ok
18:16:18.0223 0x088c  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\windows\System32\netman.dll
18:16:18.0293 0x088c  Netman - ok
18:16:18.0353 0x088c  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:16:18.0393 0x088c  NetMsmqActivator - ok
18:16:18.0433 0x088c  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:16:18.0443 0x088c  NetPipeActivator - ok
18:16:18.0473 0x088c  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\windows\System32\netprofm.dll
18:16:18.0533 0x088c  netprofm - ok
18:16:18.0553 0x088c  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:16:18.0563 0x088c  NetTcpActivator - ok
18:16:18.0573 0x088c  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:16:18.0583 0x088c  NetTcpPortSharing - ok
18:16:18.0623 0x088c  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\windows\system32\drivers\nfrd960.sys
18:16:18.0643 0x088c  nfrd960 - ok
18:16:18.0683 0x088c  [ 162100E0BC8377710F9D170631921C03 ] NisDrv          C:\windows\system32\DRIVERS\NisDrvWFP.sys
18:16:18.0693 0x088c  NisDrv - ok
18:16:18.0723 0x088c  [ C6E15F2F95F9C0A6098D43510B604E52 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
18:16:18.0753 0x088c  NisSrv - ok
18:16:18.0793 0x088c  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\windows\System32\nlasvc.dll
18:16:18.0823 0x088c  NlaSvc - ok
18:16:18.0863 0x088c  Norton PC Checkup Application Launcher - ok
18:16:18.0893 0x088c  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\windows\system32\drivers\Npfs.sys
18:16:18.0943 0x088c  Npfs - ok
18:16:18.0973 0x088c  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\windows\system32\nsisvc.dll
18:16:19.0033 0x088c  nsi - ok
18:16:19.0053 0x088c  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\windows\system32\drivers\nsiproxy.sys
18:16:19.0113 0x088c  nsiproxy - ok
18:16:19.0193 0x088c  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\windows\system32\drivers\Ntfs.sys
18:16:19.0233 0x088c  Ntfs - ok
18:16:19.0253 0x088c  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\windows\system32\drivers\Null.sys
18:16:19.0293 0x088c  Null - ok
18:16:19.0313 0x088c  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\windows\system32\drivers\nvraid.sys
18:16:19.0333 0x088c  nvraid - ok
18:16:19.0343 0x088c  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\windows\system32\drivers\nvstor.sys
18:16:19.0363 0x088c  nvstor - ok
18:16:19.0393 0x088c  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\windows\system32\drivers\nv_agp.sys
18:16:19.0413 0x088c  nv_agp - ok
18:16:19.0433 0x088c  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\windows\system32\drivers\ohci1394.sys
18:16:19.0443 0x088c  ohci1394 - ok
18:16:19.0483 0x088c  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\windows\system32\pnrpsvc.dll
18:16:19.0533 0x088c  p2pimsvc - ok
18:16:19.0553 0x088c  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\windows\system32\p2psvc.dll
18:16:19.0573 0x088c  p2psvc - ok
18:16:19.0603 0x088c  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\windows\system32\drivers\parport.sys
18:16:19.0613 0x088c  Parport - ok
18:16:19.0643 0x088c  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\windows\system32\drivers\partmgr.sys
18:16:19.0663 0x088c  partmgr - ok
18:16:19.0693 0x088c  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\windows\System32\pcasvc.dll
18:16:19.0743 0x088c  PcaSvc - ok
18:16:19.0763 0x088c  [ 2F86BE1818C2D7AC90478E3323EE7FCB ] PCCUJobMgr      C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe
18:16:19.0783 0x088c  PCCUJobMgr - ok
18:16:19.0803 0x088c  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\windows\system32\drivers\pci.sys
18:16:19.0823 0x088c  pci - ok
18:16:19.0833 0x088c  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\windows\system32\DRIVERS\pciide.sys
18:16:19.0853 0x088c  pciide - ok
18:16:19.0873 0x088c  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\windows\system32\drivers\pcmcia.sys
18:16:19.0883 0x088c  pcmcia - ok
18:16:19.0903 0x088c  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\windows\system32\drivers\pcw.sys
18:16:19.0913 0x088c  pcw - ok
18:16:19.0933 0x088c  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\windows\system32\drivers\peauth.sys
18:16:20.0023 0x088c  PEAUTH - ok
18:16:20.0103 0x088c  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\windows\SysWow64\perfhost.exe
18:16:20.0263 0x088c  PerfHost - ok
18:16:20.0313 0x088c  [ 91111CEBBDE8015E822C46120ED9537C ] PGEffect        C:\windows\system32\DRIVERS\pgeffect.sys
18:16:20.0323 0x088c  PGEffect - ok
18:16:20.0384 0x088c  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\windows\system32\pla.dll
18:16:20.0474 0x088c  pla - ok
18:16:20.0524 0x088c  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\windows\system32\umpnpmgr.dll
18:16:20.0594 0x088c  PlugPlay - ok
18:16:20.0614 0x088c  PnkBstrA - ok
18:16:20.0634 0x088c  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\windows\system32\pnrpauto.dll
18:16:20.0664 0x088c  PNRPAutoReg - ok
18:16:20.0694 0x088c  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\windows\system32\pnrpsvc.dll
18:16:20.0714 0x088c  PNRPsvc - ok
18:16:20.0774 0x088c  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\windows\System32\ipsecsvc.dll
18:16:20.0834 0x088c  PolicyAgent - ok
18:16:20.0874 0x088c  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\windows\system32\umpo.dll
18:16:20.0934 0x088c  Power - ok
18:16:21.0004 0x088c  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\windows\system32\DRIVERS\raspptp.sys
18:16:21.0164 0x088c  PptpMiniport - ok
18:16:21.0364 0x088c  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\windows\system32\drivers\processr.sys
18:16:21.0404 0x088c  Processor - ok
18:16:21.0444 0x088c  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\windows\system32\profsvc.dll
18:16:21.0514 0x088c  ProfSvc - ok
18:16:21.0524 0x088c  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe
18:16:21.0534 0x088c  ProtectedStorage - ok
18:16:21.0564 0x088c  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\windows\system32\DRIVERS\pacer.sys
18:16:21.0624 0x088c  Psched - ok
18:16:21.0694 0x088c  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\windows\system32\drivers\ql2300.sys
18:16:21.0724 0x088c  ql2300 - ok
18:16:21.0764 0x088c  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\windows\system32\drivers\ql40xx.sys
18:16:21.0784 0x088c  ql40xx - ok
18:16:21.0814 0x088c  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\windows\system32\qwave.dll
18:16:21.0834 0x088c  QWAVE - ok
18:16:21.0854 0x088c  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\windows\system32\drivers\qwavedrv.sys
18:16:21.0894 0x088c  QWAVEdrv - ok
18:16:21.0914 0x088c  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\windows\system32\DRIVERS\rasacd.sys
18:16:21.0974 0x088c  RasAcd - ok
18:16:22.0004 0x088c  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\windows\system32\DRIVERS\AgileVpn.sys
18:16:22.0044 0x088c  RasAgileVpn - ok
18:16:22.0084 0x088c  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\windows\System32\rasauto.dll
18:16:22.0174 0x088c  RasAuto - ok
18:16:22.0224 0x088c  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\windows\system32\DRIVERS\rasl2tp.sys
18:16:22.0274 0x088c  Rasl2tp - ok
18:16:22.0324 0x088c  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\windows\System32\rasmans.dll
18:16:22.0374 0x088c  RasMan - ok
18:16:22.0414 0x088c  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\windows\system32\DRIVERS\raspppoe.sys
18:16:22.0474 0x088c  RasPppoe - ok
18:16:22.0504 0x088c  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\windows\system32\DRIVERS\rassstp.sys
18:16:22.0554 0x088c  RasSstp - ok
18:16:22.0604 0x088c  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\windows\system32\DRIVERS\rdbss.sys
18:16:22.0664 0x088c  rdbss - ok
18:16:22.0684 0x088c  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\windows\system32\drivers\rdpbus.sys
18:16:22.0724 0x088c  rdpbus - ok
18:16:22.0734 0x088c  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\windows\system32\DRIVERS\RDPCDD.sys
18:16:22.0794 0x088c  RDPCDD - ok
18:16:22.0824 0x088c  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\windows\system32\drivers\rdpencdd.sys
18:16:22.0884 0x088c  RDPENCDD - ok
18:16:22.0904 0x088c  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\windows\system32\drivers\rdprefmp.sys
18:16:22.0944 0x088c  RDPREFMP - ok
18:16:22.0984 0x088c  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\windows\system32\drivers\RDPWD.sys
18:16:23.0024 0x088c  RDPWD - ok
18:16:23.0044 0x088c  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\windows\system32\drivers\rdyboost.sys
18:16:23.0064 0x088c  rdyboost - ok
18:16:23.0154 0x088c  [ B2D01290C0E0465ACA54C2088E947823 ] RealNetworks Downloader Resolver Service C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
18:16:23.0164 0x088c  RealNetworks Downloader Resolver Service - ok
18:16:23.0204 0x088c  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\windows\System32\mprdim.dll
18:16:23.0264 0x088c  RemoteAccess - ok
18:16:23.0304 0x088c  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\windows\system32\regsvc.dll
18:16:23.0354 0x088c  RemoteRegistry - ok
18:16:23.0404 0x088c  [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM          C:\windows\system32\DRIVERS\rfcomm.sys
18:16:23.0444 0x088c  RFCOMM - ok
18:16:23.0484 0x088c  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\windows\System32\RpcEpMap.dll
18:16:23.0544 0x088c  RpcEptMapper - ok
18:16:23.0594 0x088c  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\windows\system32\locator.exe
18:16:23.0614 0x088c  RpcLocator - ok
18:16:23.0634 0x088c  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\windows\system32\rpcss.dll
18:16:23.0684 0x088c  RpcSs - ok
18:16:23.0724 0x088c  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\windows\system32\DRIVERS\rspndr.sys
18:16:23.0784 0x088c  rspndr - ok
18:16:23.0844 0x088c  [ BE29B0A3AC1E8BD02FFAB8CEE86BADFA ] RSUSBSTOR       C:\windows\system32\Drivers\RtsUStor.sys
18:16:23.0864 0x088c  RSUSBSTOR - ok
18:16:23.0894 0x088c  [ 6D3C7E7D82D3DC92DC2A8B0DF9F20F8A ] RTL8167         C:\windows\system32\DRIVERS\Rt64win7.sys
18:16:23.0914 0x088c  RTL8167 - ok
18:16:23.0934 0x088c  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\windows\system32\lsass.exe
18:16:23.0944 0x088c  SamSs - ok
18:16:23.0964 0x088c  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\windows\system32\drivers\sbp2port.sys
18:16:23.0984 0x088c  sbp2port - ok
18:16:24.0004 0x088c  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\windows\System32\SCardSvr.dll
18:16:24.0054 0x088c  SCardSvr - ok
18:16:24.0064 0x088c  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\windows\system32\DRIVERS\scfilter.sys
18:16:24.0134 0x088c  scfilter - ok
18:16:24.0194 0x088c  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\windows\system32\schedsvc.dll
18:16:24.0264 0x088c  Schedule - ok
18:16:24.0314 0x088c  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\windows\System32\certprop.dll
18:16:24.0354 0x088c  SCPolicySvc - ok
18:16:24.0394 0x088c  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\windows\System32\SDRSVC.dll
18:16:24.0464 0x088c  SDRSVC - ok
18:16:24.0484 0x088c  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\windows\system32\drivers\secdrv.sys
18:16:24.0534 0x088c  secdrv - ok
18:16:24.0614 0x088c  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\windows\system32\seclogon.dll
18:16:24.0654 0x088c  seclogon - ok
18:16:24.0684 0x088c  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\windows\system32\sens.dll
18:16:24.0734 0x088c  SENS - ok
18:16:24.0754 0x088c  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\windows\system32\sensrsvc.dll
18:16:24.0824 0x088c  SensrSvc - ok
18:16:24.0844 0x088c  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\windows\system32\drivers\serenum.sys
18:16:24.0864 0x088c  Serenum - ok
18:16:24.0904 0x088c  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\windows\system32\drivers\serial.sys
18:16:24.0934 0x088c  Serial - ok
18:16:24.0964 0x088c  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\windows\system32\drivers\sermouse.sys
18:16:24.0984 0x088c  sermouse - ok
18:16:25.0024 0x088c  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\windows\system32\sessenv.dll
18:16:25.0084 0x088c  SessionEnv - ok
18:16:25.0114 0x088c  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\windows\system32\drivers\sffdisk.sys
18:16:25.0174 0x088c  sffdisk - ok
18:16:25.0174 0x088c  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\windows\system32\drivers\sffp_mmc.sys
18:16:25.0194 0x088c  sffp_mmc - ok
18:16:25.0194 0x088c  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\windows\system32\drivers\sffp_sd.sys
18:16:25.0214 0x088c  sffp_sd - ok
18:16:25.0224 0x088c  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\windows\system32\drivers\sfloppy.sys
18:16:25.0244 0x088c  sfloppy - ok
18:16:25.0284 0x088c  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\windows\System32\ipnathlp.dll
18:16:25.0344 0x088c  SharedAccess - ok
18:16:25.0384 0x088c  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll
18:16:25.0444 0x088c  ShellHWDetection - ok
18:16:25.0474 0x088c  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\windows\system32\drivers\SiSRaid2.sys
18:16:25.0494 0x088c  SiSRaid2 - ok
18:16:25.0504 0x088c  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\windows\system32\drivers\sisraid4.sys
18:16:25.0544 0x088c  SiSRaid4 - ok
18:16:25.0794 0x088c  [ D0776778A9FC5E37F2E9EB21FC8A9709 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
18:16:25.0884 0x088c  Skype C2C Service - ok
18:16:25.0994 0x088c  [ 3E587DBBDFF938DDE5D4CE4047BE9041 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
18:16:26.0004 0x088c  SkypeUpdate - ok
18:16:26.0034 0x088c  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\windows\system32\DRIVERS\smb.sys
18:16:26.0094 0x088c  Smb - ok
18:16:26.0134 0x088c  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\windows\System32\snmptrap.exe
18:16:26.0154 0x088c  SNMPTRAP - ok
18:16:26.0174 0x088c  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\windows\system32\drivers\spldr.sys
18:16:26.0194 0x088c  spldr - ok
18:16:26.0214 0x088c  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\windows\System32\spoolsv.exe
18:16:26.0284 0x088c  Spooler - ok
18:16:26.0404 0x088c  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\windows\system32\sppsvc.exe
18:16:26.0524 0x088c  sppsvc - ok
18:16:26.0554 0x088c  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\windows\system32\sppuinotify.dll
18:16:26.0594 0x088c  sppuinotify - ok
18:16:26.0624 0x088c  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\windows\system32\DRIVERS\srv.sys
18:16:26.0704 0x088c  srv - ok
18:16:26.0724 0x088c  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\windows\system32\DRIVERS\srv2.sys
18:16:26.0754 0x088c  srv2 - ok
18:16:26.0784 0x088c  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\windows\system32\DRIVERS\srvnet.sys
18:16:26.0794 0x088c  srvnet - ok
18:16:26.0824 0x088c  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\windows\System32\ssdpsrv.dll
18:16:26.0874 0x088c  SSDPSRV - ok
18:16:26.0904 0x088c  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\windows\system32\sstpsvc.dll
18:16:26.0944 0x088c  SstpSvc - ok
18:16:27.0044 0x088c  [ 9E1380328C39D661E085B24D6A6E044E ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
18:16:27.0064 0x088c  Steam Client Service - ok
18:16:27.0074 0x088c  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\windows\system32\drivers\stexstor.sys
18:16:27.0084 0x088c  stexstor - ok
18:16:27.0134 0x088c  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\windows\System32\wiaservc.dll
18:16:27.0164 0x088c  stisvc - ok
18:16:27.0184 0x088c  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\windows\system32\DRIVERS\swenum.sys
18:16:27.0204 0x088c  swenum - ok
18:16:27.0234 0x088c  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\windows\System32\swprv.dll
18:16:27.0294 0x088c  swprv - ok
18:16:27.0364 0x088c  [ F5B46DF59FEAA48A442AED7EEB754D4B ] SynTP           C:\windows\system32\DRIVERS\SynTP.sys
18:16:27.0394 0x088c  SynTP - ok
18:16:27.0454 0x088c  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\windows\system32\sysmain.dll
18:16:27.0514 0x088c  SysMain - ok
18:16:27.0534 0x088c  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll
18:16:27.0574 0x088c  TabletInputService - ok
18:16:27.0614 0x088c  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\windows\System32\tapisrv.dll
18:16:27.0674 0x088c  TapiSrv - ok
18:16:27.0704 0x088c  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\windows\System32\tbssvc.dll
18:16:27.0744 0x088c  TBS - ok
18:16:27.0874 0x088c  [ DB74544B75566C974815E79A62433F29 ] Tcpip           C:\windows\system32\drivers\tcpip.sys
18:16:27.0924 0x088c  Tcpip - ok
18:16:28.0004 0x088c  [ DB74544B75566C974815E79A62433F29 ] TCPIP6          C:\windows\system32\DRIVERS\tcpip.sys
18:16:28.0034 0x088c  TCPIP6 - ok
18:16:28.0074 0x088c  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\windows\system32\drivers\tcpipreg.sys
18:16:28.0084 0x088c  tcpipreg - ok
18:16:28.0114 0x088c  [ FD542B661BD22FA69CA789AD0AC58C29 ] tdcmdpst        C:\windows\system32\DRIVERS\tdcmdpst.sys
18:16:28.0124 0x088c  tdcmdpst - ok
18:16:28.0154 0x088c  TDEIO - ok
18:16:28.0184 0x088c  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\windows\system32\drivers\tdpipe.sys
18:16:28.0234 0x088c  TDPIPE - ok
18:16:28.0254 0x088c  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\windows\system32\drivers\tdtcp.sys
18:16:28.0294 0x088c  TDTCP - ok
18:16:28.0324 0x088c  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\windows\system32\DRIVERS\tdx.sys
18:16:28.0364 0x088c  tdx - ok
18:16:28.0954 0x088c  [ 402794A75A899E296AB3EDEC4ECCB9A8 ] TeamViewer8     C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
18:16:29.0224 0x088c  TeamViewer8 - ok
18:16:29.0314 0x088c  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\windows\system32\DRIVERS\termdd.sys
18:16:29.0334 0x088c  TermDD - ok
18:16:29.0364 0x088c  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\windows\System32\termsrv.dll
18:16:29.0434 0x088c  TermService - ok
18:16:29.0444 0x088c  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\windows\system32\themeservice.dll
18:16:29.0464 0x088c  Themes - ok
18:16:29.0594 0x088c  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\windows\system32\mmcss.dll
18:16:29.0634 0x088c  THREADORDER - ok
18:16:29.0734 0x088c  [ 71C321649B28638EE80A2EEB164C1DC8 ] TMachInfo       C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
18:16:29.0744 0x088c  TMachInfo - ok
18:16:29.0894 0x088c  [ 8E2C799D3476EAC32C3BA0DF7CE6AF19 ] TODDSrv         C:\windows\system32\TODDSrv.exe
18:16:29.0904 0x088c  TODDSrv - ok
18:16:30.0174 0x088c  [ 1C73689B900428C7D054A41C4687F55C ] TosCoSrv        C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
18:16:30.0194 0x088c  TosCoSrv - ok
18:16:30.0244 0x088c  [ A22DEB5EC05FEBFDCA1D3FF70FA1FF46 ] TOSHIBA Bluetooth Service C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
18:16:30.0264 0x088c  TOSHIBA Bluetooth Service - ok
18:16:30.0314 0x088c  [ 63AAFCF3EA5DBB17123E0BAE9AFE4D58 ] TOSHIBA eco Utility Service C:\Program Files\TOSHIBA\TECO\TecoService.exe
18:16:30.0324 0x088c  TOSHIBA eco Utility Service - ok
18:16:30.0354 0x088c  [ 29D0886CF250FCEF1BF9E65AB8D2C0C8 ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
18:16:30.0374 0x088c  TOSHIBA HDD SSD Alert Service - ok
18:16:30.0414 0x088c  [ 09CF82C0068C7CFF7E2B3797BE7F5CC2 ] tosrfbd         C:\windows\system32\DRIVERS\tosrfbd.sys
18:16:30.0424 0x088c  tosrfbd - ok
18:16:30.0434 0x088c  Tosrfcom - ok
18:16:30.0444 0x088c  [ F5E3AC4CBCD154EE80849B21887FD0B0 ] tosrfec         C:\windows\system32\DRIVERS\tosrfec.sys
18:16:30.0454 0x088c  tosrfec - ok
18:16:30.0474 0x088c  [ 7D2467D3EB9BAA4B69AE4A28C83DE57A ] Tosrfhid        C:\windows\system32\DRIVERS\Tosrfhid.sys
18:16:30.0494 0x088c  Tosrfhid - ok
18:16:30.0504 0x088c  [ 7A0048693F98460FF537BE31C741B927 ] Tosrfusb        C:\windows\system32\DRIVERS\tosrfusb.sys
18:16:30.0524 0x088c  Tosrfusb - ok
18:16:30.0574 0x088c  [ 098B8A408C17E125A3D9A8E1166780C8 ] TPCHSrv         C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
18:16:30.0594 0x088c  TPCHSrv - ok
18:16:30.0624 0x088c  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\windows\System32\trkwks.dll
18:16:30.0684 0x088c  TrkWks - ok
18:16:30.0724 0x088c  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
18:16:30.0764 0x088c  TrustedInstaller - ok
18:16:30.0804 0x088c  [ 4CE278FC9671BA81A138D70823FCAA09 ] tssecsrv        C:\windows\system32\DRIVERS\tssecsrv.sys
18:16:30.0874 0x088c  tssecsrv - ok
18:16:30.0904 0x088c  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\windows\system32\drivers\tsusbflt.sys
18:16:30.0964 0x088c  TsUsbFlt - ok
18:16:30.0974 0x088c  [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD         C:\windows\system32\drivers\TsUsbGD.sys
18:16:31.0014 0x088c  TsUsbGD - ok
18:16:31.0054 0x088c  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\windows\system32\DRIVERS\tunnel.sys
18:16:31.0104 0x088c  tunnel - ok
18:16:31.0144 0x088c  [ 550B567F9364D8F7684C3FB3EA665A72 ] TVALZ           C:\windows\system32\DRIVERS\TVALZ_O.SYS
18:16:31.0154 0x088c  TVALZ - ok
18:16:31.0174 0x088c  [ 9C7191F4B2E49BFF47A6C1144B5923FA ] TVALZFL         C:\windows\system32\DRIVERS\TVALZFL.sys
18:16:31.0184 0x088c  TVALZFL - ok
18:16:31.0214 0x088c  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\windows\system32\drivers\uagp35.sys
18:16:31.0224 0x088c  uagp35 - ok
18:16:31.0244 0x088c  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\windows\system32\DRIVERS\udfs.sys
18:16:31.0294 0x088c  udfs - ok
18:16:31.0324 0x088c  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\windows\system32\UI0Detect.exe
18:16:31.0334 0x088c  UI0Detect - ok
18:16:31.0364 0x088c  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\windows\system32\drivers\uliagpkx.sys
18:16:31.0384 0x088c  uliagpkx - ok
18:16:31.0404 0x088c  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\windows\system32\DRIVERS\umbus.sys
18:16:31.0424 0x088c  umbus - ok
18:16:31.0454 0x088c  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\windows\system32\DRIVERS\umpass.sys
18:16:31.0474 0x088c  UmPass - ok
18:16:31.0504 0x088c  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\windows\System32\upnphost.dll
18:16:31.0564 0x088c  upnphost - ok
18:16:31.0624 0x088c  [ C9E9D59C0099A9FF51697E9306A44240 ] USBAAPL64       C:\windows\system32\Drivers\usbaapl64.sys
18:16:31.0664 0x088c  USBAAPL64 - ok
18:16:31.0684 0x088c  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio        C:\windows\system32\drivers\usbaudio.sys
18:16:31.0724 0x088c  usbaudio - ok
18:16:31.0744 0x088c  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\windows\system32\DRIVERS\usbccgp.sys
18:16:31.0784 0x088c  usbccgp - ok
18:16:31.0804 0x088c  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\windows\system32\drivers\usbcir.sys
18:16:31.0824 0x088c  usbcir - ok
18:16:31.0834 0x088c  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\windows\system32\DRIVERS\usbehci.sys
18:16:31.0874 0x088c  usbehci - ok
18:16:31.0904 0x088c  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\windows\system32\DRIVERS\usbhub.sys
18:16:31.0944 0x088c  usbhub - ok
18:16:31.0964 0x088c  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\windows\system32\DRIVERS\usbohci.sys
18:16:31.0984 0x088c  usbohci - ok
18:16:32.0014 0x088c  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\windows\system32\drivers\usbprint.sys
18:16:32.0034 0x088c  usbprint - ok
18:16:32.0054 0x088c  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\windows\system32\DRIVERS\USBSTOR.SYS
18:16:32.0114 0x088c  USBSTOR - ok
18:16:32.0134 0x088c  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\windows\system32\drivers\usbuhci.sys
18:16:32.0164 0x088c  usbuhci - ok
18:16:32.0194 0x088c  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\windows\system32\Drivers\usbvideo.sys
18:16:32.0214 0x088c  usbvideo - ok
18:16:32.0244 0x088c  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\windows\System32\uxsms.dll
18:16:32.0294 0x088c  UxSms - ok
18:16:32.0314 0x088c  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\windows\system32\lsass.exe
18:16:32.0324 0x088c  VaultSvc - ok
18:16:32.0354 0x088c  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\windows\system32\drivers\vdrvroot.sys
18:16:32.0374 0x088c  vdrvroot - ok
18:16:32.0394 0x088c  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\windows\System32\vds.exe
18:16:32.0454 0x088c  vds - ok
18:16:32.0474 0x088c  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\windows\system32\DRIVERS\vgapnp.sys
18:16:32.0494 0x088c  vga - ok
18:16:32.0514 0x088c  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\windows\System32\drivers\vga.sys
18:16:32.0564 0x088c  VgaSave - ok
18:16:32.0584 0x088c  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\windows\system32\drivers\vhdmp.sys
18:16:32.0594 0x088c  vhdmp - ok
18:16:32.0614 0x088c  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\windows\system32\drivers\viaide.sys
18:16:32.0624 0x088c  viaide - ok
18:16:32.0634 0x088c  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\windows\system32\drivers\volmgr.sys
18:16:32.0654 0x088c  volmgr - ok
18:16:32.0674 0x088c  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\windows\system32\drivers\volmgrx.sys
18:16:32.0694 0x088c  volmgrx - ok
18:16:32.0714 0x088c  [ DF8126BD41180351A093A3AD2FC8903B ] volsnap         C:\windows\system32\drivers\volsnap.sys
18:16:32.0734 0x088c  volsnap - ok
18:16:32.0764 0x088c  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\windows\system32\drivers\vsmraid.sys
18:16:32.0774 0x088c  vsmraid - ok
18:16:32.0824 0x088c  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\windows\system32\vssvc.exe
18:16:32.0904 0x088c  VSS - ok
18:16:32.0924 0x088c  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\windows\system32\DRIVERS\vwifibus.sys
18:16:32.0954 0x088c  vwifibus - ok
18:16:32.0994 0x088c  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\windows\system32\DRIVERS\vwififlt.sys
18:16:33.0034 0x088c  vwififlt - ok
18:16:33.0064 0x088c  [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp         C:\windows\system32\DRIVERS\vwifimp.sys
18:16:33.0074 0x088c  vwifimp - ok
18:16:33.0104 0x088c  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\windows\system32\w32time.dll
18:16:33.0154 0x088c  W32Time - ok
18:16:33.0174 0x088c  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\windows\system32\drivers\wacompen.sys
18:16:33.0194 0x088c  WacomPen - ok
18:16:33.0234 0x088c  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\windows\system32\DRIVERS\wanarp.sys
18:16:33.0294 0x088c  WANARP - ok
18:16:33.0294 0x088c  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\windows\system32\DRIVERS\wanarp.sys
18:16:33.0334 0x088c  Wanarpv6 - ok
18:16:33.0394 0x088c  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\windows\system32\Wat\WatAdminSvc.exe
18:16:33.0424 0x088c  WatAdminSvc - ok
18:16:33.0484 0x088c  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\windows\system32\wbengine.exe
18:16:33.0564 0x088c  wbengine - ok
18:16:33.0584 0x088c  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\windows\System32\wbiosrvc.dll
18:16:33.0604 0x088c  WbioSrvc - ok
18:16:33.0644 0x088c  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\windows\System32\wcncsvc.dll
18:16:33.0684 0x088c  wcncsvc - ok
18:16:33.0704 0x088c  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
18:16:33.0744 0x088c  WcsPlugInService - ok
18:16:33.0774 0x088c  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\windows\system32\drivers\wd.sys
18:16:33.0784 0x088c  Wd - ok
18:16:33.0824 0x088c  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\windows\system32\drivers\Wdf01000.sys
18:16:33.0854 0x088c  Wdf01000 - ok
18:16:33.0874 0x088c  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\windows\system32\wdi.dll
18:16:33.0964 0x088c  WdiServiceHost - ok
18:16:33.0964 0x088c  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\windows\system32\wdi.dll
18:16:33.0984 0x088c  WdiSystemHost - ok
18:16:34.0004 0x088c  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\windows\System32\webclnt.dll
18:16:34.0044 0x088c  WebClient - ok
18:16:34.0084 0x088c  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\windows\system32\wecsvc.dll
18:16:34.0134 0x088c  Wecsvc - ok
18:16:34.0154 0x088c  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\windows\System32\wercplsupport.dll
18:16:34.0194 0x088c  wercplsupport - ok
18:16:34.0224 0x088c  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\windows\System32\WerSvc.dll
18:16:34.0264 0x088c  WerSvc - ok
18:16:34.0304 0x088c  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\windows\system32\DRIVERS\wfplwf.sys
18:16:34.0345 0x088c  WfpLwf - ok
18:16:34.0355 0x088c  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\windows\system32\drivers\wimmount.sys
18:16:34.0365 0x088c  WIMMount - ok
18:16:34.0395 0x088c  WinDefend - ok
18:16:34.0415 0x088c  WinHttpAutoProxySvc - ok
18:16:34.0465 0x088c  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\windows\system32\wbem\WMIsvc.dll
18:16:34.0525 0x088c  Winmgmt - ok
18:16:34.0585 0x088c  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\windows\system32\WsmSvc.dll
18:16:34.0665 0x088c  WinRM - ok
18:16:34.0735 0x088c  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\windows\system32\DRIVERS\WinUsb.sys
18:16:34.0765 0x088c  WinUsb - ok
18:16:34.0805 0x088c  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\windows\System32\wlansvc.dll
18:16:34.0865 0x088c  Wlansvc - ok
18:16:34.0925 0x088c  [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
18:16:34.0935 0x088c  wlcrasvc - ok
18:16:35.0115 0x088c  [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:16:35.0205 0x088c  wlidsvc - ok
18:16:35.0265 0x088c  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\windows\system32\DRIVERS\wmiacpi.sys
18:16:35.0305 0x088c  WmiAcpi - ok
18:16:35.0335 0x088c  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\windows\system32\wbem\WmiApSrv.exe
18:16:35.0375 0x088c  wmiApSrv - ok
18:16:35.0405 0x088c  WMPNetworkSvc - ok
18:16:35.0445 0x088c  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\windows\System32\wpcsvc.dll
18:16:35.0465 0x088c  WPCSvc - ok
18:16:35.0475 0x088c  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\windows\system32\wpdbusenum.dll
18:16:35.0535 0x088c  WPDBusEnum - ok
18:16:35.0555 0x088c  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\windows\system32\drivers\ws2ifsl.sys
18:16:35.0595 0x088c  ws2ifsl - ok
18:16:35.0625 0x088c  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\windows\system32\wscsvc.dll
18:16:35.0655 0x088c  wscsvc - ok
18:16:35.0655 0x088c  WSearch - ok
18:16:35.0735 0x088c  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\windows\system32\wuaueng.dll
18:16:35.0785 0x088c  wuauserv - ok
18:16:35.0805 0x088c  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\windows\system32\drivers\WudfPf.sys
18:16:35.0865 0x088c  WudfPf - ok
18:16:35.0895 0x088c  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\windows\system32\DRIVERS\WUDFRd.sys
18:16:35.0935 0x088c  WUDFRd - ok
18:16:35.0965 0x088c  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\windows\System32\WUDFSvc.dll
18:16:36.0005 0x088c  wudfsvc - ok
18:16:36.0055 0x088c  [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc         C:\windows\System32\wwansvc.dll
18:16:36.0115 0x088c  WwanSvc - ok
18:16:36.0165 0x088c  X6va011 - ok
18:16:36.0215 0x088c  [ 4A5CE13408945E525503B5F73D29B9C5 ] xnacc           C:\windows\system32\DRIVERS\xnacc.sys
18:16:36.0245 0x088c  xnacc - ok
18:16:36.0275 0x088c  ================ Scan global ===============================
18:16:36.0305 0x088c  [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
18:16:36.0335 0x088c  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\windows\system32\winsrv.dll
18:16:36.0345 0x088c  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\windows\system32\winsrv.dll
18:16:36.0365 0x088c  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
18:16:36.0395 0x088c  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe
18:16:36.0405 0x088c  [Global] - ok
18:16:36.0405 0x088c  ================ Scan MBR ==================================
18:16:36.0425 0x088c  [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR0
18:16:36.0735 0x088c  \Device\Harddisk0\DR0 - ok
18:16:36.0735 0x088c  ================ Scan VBR ==================================
18:16:36.0775 0x088c  [ A34C67791CD669792A9A2E3159C081F3 ] \Device\Harddisk0\DR0\Partition1
18:16:36.0775 0x088c  \Device\Harddisk0\DR0\Partition1 - ok
18:16:36.0775 0x088c  ============================================================
18:16:36.0775 0x088c  Scan finished
18:16:36.0775 0x088c  ============================================================
18:16:36.0785 0x527c  Detected object count: 1
18:16:36.0785 0x527c  Actual detected object count: 1
18:20:00.0337 0x527c  FileZilla Server ( UnsignedFile.Multi.Generic ) - skipped by user
18:20:00.0337 0x527c  FileZilla Server ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:20:13.0813 0x108c  Deinitialize success
 

I'm assuming with this log that the AdwCleaner log wont fit so I'm going to use two posts



# AdwCleaner v3.001 - Report created 24/08/2013 at 18:24:38
# Updated 24/08/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Kyle Noble - KYLENOBLE-PC
# Running from : C:\Users\Kyle Noble\Downloads\AdwCleaner.exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
File Found : C:\Users\Kyle Noble\Documents\iLivid.lnk
File Found : C:\windows\System32\Tasks\BrowserDefendert
File Found : C:\windows\System32\Tasks\Dealply
File Found : C:\windows\System32\Tasks\DealPlyUpdate
File Found : C:\windows\System32\Tasks\EPUpdater
Folder Found C:\ProgramData\InstallMate
Folder Found C:\Users\Kyle Noble\AppData\Local\cre
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Webplayer
Key Found : [x64] HKCU\Software\Webplayer
Key Found : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_hamachi_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_hamachi_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_marble-blast-gold_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_marble-blast-gold_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v10.0.9200.16660
 
 
-\\ Mozilla Firefox v21.0 (en-US)
 
[ File : C:\Users\Kyle Noble\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js ]
 
 
[ File : C:\Users\Kyle Noble\AppData\Roaming\Mozilla\Firefox\Profiles\nd0sf1ek.default\prefs.js ]
 
 
-\\ Google Chrome v29.0.1547.57
 
[ File : C:\Users\Kyle Noble\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [2626 octets] - [24/08/2013 18:24:38]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [2686 octets] ##########


#4 applesauce10189

applesauce10189
  • Topic Starter

  • Members
  • 115 posts
  • OFFLINE
  •  
  • Local time:07:32 AM

Posted 24 August 2013 - 08:33 PM

Farbar Service Scanner Version: 18-08-2013
Ran by Kyle Noble (administrator) on 24-08-2013 at 18:32:34
Running from "C:\Users\Kyle Noble\Downloads"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************
 
Internet Services:
============
 
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
 
 
Windows Firewall:
=============
 
Firewall Disabled Policy: 
==================
 
 
System Restore:
============
 
System Restore Disabled Policy: 
========================
 
 
Action Center:
============
 
 
Windows Update:
============
 
Windows Autoupdate Disabled Policy: 
============================
 
 
Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.
 
 
Windows Defender Disabled Policy: 
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1
 
 
Other Services:
==============
Checking FirewallRules of SharedAccess: ATTENTION!=====> Unable to open "SharedAccess\Defaults\FirewallPolicy\FirewallRules" registry key. The key does not exist.
 
 
File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
 
 
**** End of log ****


#5 applesauce10189

applesauce10189
  • Topic Starter

  • Members
  • 115 posts
  • OFFLINE
  •  
  • Local time:07:32 AM

Posted 24 August 2013 - 08:35 PM

MiniToolBox by Farbar  Version: 13-07-2013
Ran by Kyle Noble (administrator) on 24-08-2013 at 18:34:05
Running from "C:\Users\Kyle Noble\Downloads"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
========================= Hosts content: =================================
 
127.0.0.1       localhost
 
========================= IP Configuration: ================================
 
Atheros AR9002WB-1NG Wireless Network Adapter = Wireless Network Connection (Connected)
Hamachi Network Interface = Local Area Connection 2 (Connected)
Realtek PCIe FE Family Controller = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
add route prefix=0.0.0.0/0 interface="Local Area Connection 2" nexthop=25.0.0.1 publish=Yes
set interface interface="Local Area Connection 2" forwarding=disabled advertise=disabled metric=9000 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : KyleNoble-PC
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : hsd1.or.comcast.net.
 
Wireless LAN adapter Wireless Network Connection 2:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
   Physical Address. . . . . . . . . : BE-B7-0D-C0-FD-F9
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Ethernet adapter Local Area Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : nomadix.com
   Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
   Physical Address. . . . . . . . . : E8-40-F2-62-D1-34
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Wireless Network Connection:
 
   Connection-specific DNS Suffix  . : hsd1.or.comcast.net.
   Description . . . . . . . . . . . : Atheros AR9002WB-1NG Wireless Network Adapter
   Physical Address. . . . . . . . . : 9C-B7-0D-C0-FD-F9
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::20f5:cd23:fae1:c4bf%13(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.1.131(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Tuesday, August 20, 2013 11:30:26 AM
   Lease Expires . . . . . . . . . . : Sunday, August 25, 2013 4:08:24 PM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 295483149
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-E5-89-28-9C-B7-0D-C0-FD-F9
   DNS Servers . . . . . . . . . . . : 75.75.75.75
                                       75.75.76.76
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Ethernet adapter Local Area Connection 2:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Hamachi Network Interface
   Physical Address. . . . . . . . . : 7A-79-19-7A-7F-81
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2620:9b::197a:7f81(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::21d3:da5e:bd2e:264e%17(Preferred) 
   IPv4 Address. . . . . . . . . . . : 25.122.127.129(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.0.0.0
   Lease Obtained. . . . . . . . . . : Thursday, August 15, 2013 7:39:43 AM
   Lease Expires . . . . . . . . . . : Sunday, August 24, 2014 1:03:34 PM
   Default Gateway . . . . . . . . . : 2620:9b::1900:1
                                       25.0.0.1
   DHCP Server . . . . . . . . . . . : 25.0.0.1
   DHCPv6 IAID . . . . . . . . . . . : 544897323
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-E5-89-28-9C-B7-0D-C0-FD-F9
   DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
                                       fec0:0:0:ffff::2%1
                                       fec0:0:0:ffff::3%1
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Tunnel adapter isatap.{7330096B-D970-4510-91C1-ACBF9A701A23}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.{3CD97652-76B0-4CC5-8672-3320DCD25647}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Teredo Tunneling Pseudo-Interface:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:10e3:2411:e7ea:c641(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::10e3:2411:e7ea:c641%15(Preferred) 
   Default Gateway . . . . . . . . . : 
   NetBIOS over Tcpip. . . . . . . . : Disabled
 
Tunnel adapter isatap.nomadix.com:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.hsd1.or.comcast.net.:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : hsd1.or.comcast.net.
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  cdns01.comcast.net
Address:  75.75.75.75
 
Name:    google.com
Addresses:  2607:f8b0:400a:801::1006
 173.194.33.14
 173.194.33.2
 173.194.33.1
 173.194.33.7
 173.194.33.3
 173.194.33.6
 173.194.33.8
 173.194.33.5
 173.194.33.4
 173.194.33.0
 173.194.33.9
 
 
Pinging google.com [173.194.33.9] with 32 bytes of data:
Reply from 173.194.33.9: bytes=32 time=11ms TTL=55
Reply from 173.194.33.9: bytes=32 time=13ms TTL=55
 
Ping statistics for 173.194.33.9:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 11ms, Maximum = 13ms, Average = 12ms
Server:  cdns01.comcast.net
Address:  75.75.75.75
 
DNS request timed out.
    timeout was 2 seconds.
 
Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=130ms TTL=49
Reply from 98.138.253.109: bytes=32 time=130ms TTL=49
 
Ping statistics for 98.138.253.109:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 130ms, Maximum = 130ms, Average = 130ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 16...be b7 0d c0 fd f9 ......Microsoft Virtual WiFi Miniport Adapter
 14...e8 40 f2 62 d1 34 ......Realtek PCIe FE Family Controller
 13...9c b7 0d c0 fd f9 ......Atheros AR9002WB-1NG Wireless Network Adapter
 17...7a 79 19 7a 7f 81 ......Hamachi Network Interface
  1...........................Software Loopback Interface 1
 18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 20...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
 15...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
 22...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0         25.0.0.1   25.122.127.129   9256
          0.0.0.0          0.0.0.0      192.168.1.1    192.168.1.131     25
         25.0.0.0        255.0.0.0         On-link    25.122.127.129   9256
   25.122.127.129  255.255.255.255         On-link    25.122.127.129   9256
   25.255.255.255  255.255.255.255         On-link    25.122.127.129   9256
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link     192.168.1.131    281
    192.168.1.131  255.255.255.255         On-link     192.168.1.131    281
    192.168.1.255  255.255.255.255         On-link     192.168.1.131    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link    25.122.127.129   9256
        224.0.0.0        240.0.0.0         On-link     192.168.1.131    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link    25.122.127.129   9256
  255.255.255.255  255.255.255.255         On-link     192.168.1.131    281
===========================================================================
Persistent Routes:
  Network Address          Netmask  Gateway Address  Metric
          0.0.0.0          0.0.0.0         25.0.0.1  Default 
===========================================================================
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 17   9020 ::/0                     2620:9b::1900:1
  1    306 ::1/128                  On-link
 15     58 2001::/32                On-link
 15    306 2001:0:4137:9e76:10e3:2411:e7ea:c641/128
                                    On-link
 17    276 2620:9b::/96             On-link
 17    276 2620:9b::197a:7f81/128   On-link
 17    276 fe80::/64                On-link
 13    281 fe80::/64                On-link
 15    306 fe80::/64                On-link
 15    306 fe80::10e3:2411:e7ea:c641/128
                                    On-link
 13    281 fe80::20f5:cd23:fae1:c4bf/128
                                    On-link
 17    276 fe80::21d3:da5e:bd2e:264e/128
                                    On-link
  1    306 ff00::/8                 On-link
 15    306 ff00::/8                 On-link
 17    276 ff00::/8                 On-link
 13    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
 If Metric Network Destination      Gateway
  0 4294967295 2620:9b::/96             On-link
  0   9000 ::/0                     2620:9b::1900:1
===========================================================================
========================= Winsock entries =====================================
 
Catalog5 01 C:\windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 10 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 09 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 10 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (08/24/2013 02:39:25 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 19546
 
Error: (08/24/2013 02:39:25 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 19546
 
Error: (08/24/2013 02:39:25 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (08/24/2013 02:39:24 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 18548
 
Error: (08/24/2013 02:39:24 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 18548
 
Error: (08/24/2013 02:39:24 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (08/24/2013 02:39:23 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 17550
 
Error: (08/24/2013 02:39:23 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 17550
 
Error: (08/24/2013 02:39:23 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (08/24/2013 02:39:22 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 16551
 
 
System errors:
=============
Error: (08/21/2013 10:10:46 AM) (Source: DCOM) (User: )
Description: {4EB61BAC-A3B6-4760-9581-655041EF4D69}
 
Error: (08/21/2013 10:10:17 AM) (Source: Service Control Manager) (User: )
Description: The Google Update Service (gupdate) service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (08/18/2013 08:04:34 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the TeamViewer8 service.
 
Error: (08/15/2013 07:39:45 AM) (Source: Service Control Manager) (User: )
Description: The FastFreeConverterUpdt service failed to start due to the following error: 
%%2
 
Error: (07/31/2013 07:13:05 PM) (Source: Service Control Manager) (User: )
Description: The Steam Client Service service failed to start due to the following error: 
%%1053
 
Error: (07/31/2013 07:13:05 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.
 
Error: (07/31/2013 06:56:05 PM) (Source: Service Control Manager) (User: )
Description: The FastFreeConverterUpdt service failed to start due to the following error: 
%%2
 
Error: (07/31/2013 11:21:40 AM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
 
Error: (07/30/2013 10:22:45 AM) (Source: DCOM) (User: )
Description: {4EB61BAC-A3B6-4760-9581-655041EF4D69}
 
Error: (07/30/2013 10:22:44 AM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
 
 
Microsoft Office Sessions:
=========================
Error: (08/24/2013 02:39:25 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 19546
 
Error: (08/24/2013 02:39:25 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 19546
 
Error: (08/24/2013 02:39:25 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (08/24/2013 02:39:24 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 18548
 
Error: (08/24/2013 02:39:24 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 18548
 
Error: (08/24/2013 02:39:24 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (08/24/2013 02:39:23 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 17550
 
Error: (08/24/2013 02:39:23 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 17550
 
Error: (08/24/2013 02:39:23 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (08/24/2013 02:39:22 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 16551
 
 
CodeIntegrity Errors:
===================================
  Date: 2013-07-27 14:46:27.447
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-07-27 14:46:27.259
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
=========================== Installed Programs ============================
 
7-Zip 9.20
AdiIRC
Adobe Flash Player 11 ActiveX (Version: 11.8.800.94)
Adobe Flash Player 11 Plugin (Version: 11.8.800.94)
Adobe Reader XI (11.0.03) (Version: 11.0.03)
Adobe Shockwave Player 12.0 (Version: 12.0.2.122)
AMD VISION Engine Control Center (Version: 2011.0420.1613.27244)
Anarchy Online (Version: 18.6.1_EP1)
APB Reloaded (Version: 1.5.7.601022)
Apple Application Support (Version: 2.3.3)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (Version: 2.1.3.127)
ARMA 2
ARMA 2: Operation Arrowhead
Atheros Bluetooth Filter Driver Package (Version: 1.00.007)
Atheros Driver Installation Program (Version: 9.2)
ATI Catalyst Install Manager (Version: 3.0.820.0)
Battlefield 3™ (Version: 1.6.0.0)
Battlelog Web Plugins (Version: 2.1.3)
BattlEye for OA Uninstall
BattlEye Uninstall
Bejeweled 3 (Version: 2.2.0.97)
Blacklight: Retribution
Bluetooth Stack for Windows by Toshiba (Version: v8.00.07(T))
Bonjour (Version: 3.0.0.10)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (Version: 2011.0420.1613.27244)
Catalyst Control Center Localization All (Version: 2011.0420.1613.27244)
CCC Help Chinese Standard (Version: 2011.0420.1612.27244)
CCC Help Chinese Traditional (Version: 2011.0420.1612.27244)
CCC Help Czech (Version: 2011.0420.1612.27244)
CCC Help Danish (Version: 2011.0420.1612.27244)
CCC Help Dutch (Version: 2011.0420.1612.27244)
CCC Help English (Version: 2011.0420.1612.27244)
CCC Help Finnish (Version: 2011.0420.1612.27244)
CCC Help French (Version: 2011.0420.1612.27244)
CCC Help German (Version: 2011.0420.1612.27244)
CCC Help Greek (Version: 2011.0420.1612.27244)
CCC Help Hungarian (Version: 2011.0420.1612.27244)
CCC Help Italian (Version: 2011.0420.1612.27244)
CCC Help Japanese (Version: 2011.0420.1612.27244)
CCC Help Korean (Version: 2011.0420.1612.27244)
CCC Help Norwegian (Version: 2011.0420.1612.27244)
CCC Help Polish (Version: 2011.0420.1612.27244)
CCC Help Portuguese (Version: 2011.0420.1612.27244)
CCC Help Russian (Version: 2011.0420.1612.27244)
CCC Help Spanish (Version: 2011.0420.1612.27244)
CCC Help Swedish (Version: 2011.0420.1612.27244)
CCC Help Thai (Version: 2011.0420.1612.27244)
CCC Help Turkish (Version: 2011.0420.1612.27244)
ccc-utility64 (Version: 2011.0420.1613.27244)
CCleaner (Version: 3.20)
Chuzzle Deluxe (Version: 2.2.0.95)
Clownfish for Skype
Combat Arms
Company of Heroes 2
Counter-Strike: Source
Counter-Strike: Source Beta
CWA Reminder by We-Care.com v4.1.17.3 (Version: 4.1.17.3)
D3DX10 (Version: 15.4.2368.0902)
DayZ Commander (Version: 0.9.117)
DebugMode Wax 2.0
Disney Pirates of the Caribbean Online (Version: )
Disney Toontown Online (Version: )
Dxtory version 2.0.119 (Version: 2.0.119)
ESN Sonar (Version: 0.70.4)
FATE - The Traitor Soul (Version: 2.2.0.95)
Fiesta (Version: 10.0.0400)
FileZilla Client 3.7.1.1 (Version: 3.7.1.1)
FileZilla Server (Version: beta 0.9.41)
Fishdom ™ 2 (Version: 2.2.0.98)
Fraps (remove only)
Game Dev Tycoon version 1.3.9 (Version: 1.3.9)
GamersFirst LIVE!
Garry's Mod
Google Chrome (Version: 29.0.1547.57)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.5.4413.1752)
Google Update Helper (Version: 1.3.21.153)
Half-Life 2: Episode One
Half-Life 2: Episode Two
HyperCam 2 (Version: 2.27.00)
iCloud (Version: 2.1.1.3)
iTunes (Version: 11.0.2.26)
Java 7 Update 25 (Version: 7.0.250)
Java Auto Updater (Version: 2.1.9.5)
Java™ 7 Update 5 (64-bit) (Version: 7.0.50)
Junk Mail filter update (Version: 15.4.3502.0922)
Kalydo Player 4.07.02 (Version: 4.07.02)
Kerbal Space Program
Label@Once 1.0 (Version: 1.0)
Lightworks (Version: 11.1.0.0)
Little Inferno
LogMeIn Hamachi (Version: 2.1.0.374)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Marble Blast Gold Demo (remove only)
Media Player Classic - Home Cinema v1.5.2.3456 (Version: 1.5.2.3456)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Security Client (Version: 4.2.0223.1)
Microsoft Security Essentials (Version: 4.2.223.1)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
mIRC (Version: 7.27)
Mozilla Firefox 21.0 (x86 en-US) (Version: 21.0)
Mozilla Maintenance Service (Version: 21.0)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
Mumble 1.2.3 (Version: 1.2.3)
Nexon Game Manager
NVIDIA PhysX (Version: 9.10.0513)
Online Weather (Version: 1.0)
Origin (Version: 9.1.13.85)
Penguins! (Version: 2.2.0.95)
Plants vs. Zombies - Game of the Year (Version: 2.2.0.95)
PlayReady PC Runtime amd64 (Version: 1.3.0)
PlayReady PC Runtime x86 (Version: 1.3.0)
Polar Bowler (Version: 2.2.0.97)
Portal 2
PunkBuster Services (Version: 0.991)
QuickTime (Version: 7.73.80.64)
RealArcade
RealDownloader (Version: 1.3.2)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0)
RealPlayer (Version: 16.0.2)
Realtek Ethernet Controller Driver (Version: 7.38.113.2011)
Realtek High Definition Audio Driver (Version: 6.0.1.6410)
Realtek USB 2.0 Card Reader (Version: 6.1.7600.30126)
RealUpgrade 1.1 (Version: 1.1.0)
Resource Hacker Version 3.6.0
Revo Uninstaller 1.95 (Version: 1.95)
ROBLOX Player for Kyle Noble
SimCity™ (Version: 1.0.0.0)
Skype Click to Call (Version: 6.11.13348)
Skype Launcher (Version: 2.01)
Skype™ 6.6 (Version: 6.6.106)
Spotify (Version: master-0.1.0.26.g765bd1e0)
Steam (Version: 1.0.0.0)
swMSM (Version: 12.0.0.1)
Synaptics Pointing Device Driver (Version: 15.2.11.1)
Team Fortress 2
TeamSpeak 3 Client (Version: 3.0.11.1)
TeamViewer 8 (Version: 8.0.19617)
Tom Clancy's Splinter Cell (Version: 2.2.0.97)
Toshiba App Place (Version: 1.0.6.3)
TOSHIBA Application Installer (Version: 9.0.1.2)
TOSHIBA Assist (Version: 4.2.3.0)
Toshiba Book Place (Version: 2.2.7530)
TOSHIBA Bulletin Board (Version: 1.6.08.64)
TOSHIBA Disc Creator (Version: 2.1.0.11 for x64)
TOSHIBA eco Utility (Version: 1.3.5.64)
TOSHIBA Face Recognition (Version: 3.1.17.64)
TOSHIBA Hardware Setup (Version: 2.00.0014)
TOSHIBA HDD/SSD Alert (Version: 3.1.64.9)
Toshiba Laptop Checkup (Version: 2.0.13.11)
TOSHIBA Media Controller (Version: 1.0.87.4)
TOSHIBA Media Controller Plug-in (Version: 1.0.7.5)
Toshiba Online Backup (Version: 2.0.0.31)
TOSHIBA PC Health Monitor (Version: 1.7.9.64)
TOSHIBA Quality Application (Version: 1.0.3)
TOSHIBA Recovery Media Creator (Version: 2.1.5.5109a)
TOSHIBA ReelTime (Version: 1.7.21.64)
TOSHIBA Resolution+ Plug-in for Windows Media Player (Version: 1.1.2001)
TOSHIBA Service Station (Version: 2.2.12)
TOSHIBA Sleep Utility (Version: 1.4.2.8)
TOSHIBA Supervisor Password (Version: 2.00.0007)
TOSHIBA Value Added Package (Version: 1.6.1.64)
TOSHIBA Web Camera Application (Version: 2.0.3.3)
TOSHIBA Wireless LAN Indicator (Version: 1.0.5)
TOSHIBARegistration (Version: 1.0.6)
Tropix
Unity Web Player (Version: )
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (Version: 1)
Update Installer for WildTangent Games App
VideoPad Video Editor
Virtual Villagers 5 - New Believers (Version: 2.2.0.97)
VLC media player 2.0.2 (Version: 2.0.2)
WavePad Sound Editor
WildTangent Games (Version: 1.0.2.5)
WildTangent Games App (Toshiba Games) (Version: 4.0.10.2)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3538.0513)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3538.0513)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Movie Maker 2.6 (Version: 2.6.4037.0)
WinPatrol (Version: 28.5.2013.0)
WinRAR 4.20 (32-bit) (Version: 4.20.0)
WMV9/VC-1 Video Playback (Version: 1.00.0000)
XSplit (Version: 1.2.1303.0101)
Zuma's Revenge (Version: 2.2.0.97)
 
========================= Devices: ================================
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 66%
Total physical RAM: 5610.12 MB
Available physical RAM: 1888.85 MB
Total Pagefile: 11218.42 MB
Available Pagefile: 5737.55 MB
Total Virtual: 4095.88 MB
Available Virtual: 3974.11 MB
 
========================= Partitions: =====================================
 
1 Drive c: (TI106231W0C) (Fixed) (Total:580.58 GB) (Free:186.16 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\KYLENOBLE-PC
 
Administrator            Guest                    Kyle Noble               
Mcx1-KYLENOBLE-PC        Parents                  
 
========================= Minidump Files ==================================
 
No minidump file found
 
========================= Restore Points ==================================
 
18-08-2013 12:46:11 Windows Update
18-08-2013 14:17:23 Installed XSplit
20-08-2013 01:18:31 Installed Voice Changer for Skype
20-08-2013 01:30:06 Removed Voice Changer for Skype
21-08-2013 17:22:10 Windows Update
 
**** End of log ****


#6 applesauce10189

applesauce10189
  • Topic Starter

  • Members
  • 115 posts
  • OFFLINE
  •  
  • Local time:07:32 AM

Posted 24 August 2013 - 08:37 PM

My computer has neither sped up or slowed down, it's doing great though,



#7 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:02:32 PM

Posted 25 August 2013 - 04:54 AM

Hi

Please do the following next:

:step1:

Backup Your Registry with ERUNT

  • Please use the following link and scroll down to ERUNT and download it.
  • http://aumha.org/freeware/freeware.php
  • For version with the Installer:
    Use the setup program to install ERUNT on your computer
  • For the zipped version:
    Unzip all the files into a folder of your choice.
  • Right click on Erunt.exe and click "Run as Adminstrator" (use the shortcut on your desktop if you used the installer).
  • If you get a message box with the title "Welcome", click on "OK"
  • Follow the subsequent prompts, leaving the values at default, and click on "OK"
  • If you get asked whether to create a folder please click "Yes".

 

:step2:

Please download SharedAccess.reg from link to your desktop.
Double click on it, allow it to run, and alow in to merge into the Registry.


:step3:

Rerun FSS as per my previous post.
Post the full contents of the log in your next reply.


Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#8 applesauce10189

applesauce10189
  • Topic Starter

  • Members
  • 115 posts
  • OFFLINE
  •  
  • Local time:07:32 AM

Posted 25 August 2013 - 08:34 PM

Farbar Service Scanner Version: 18-08-2013
Ran by Kyle Noble (administrator) on 25-08-2013 at 18:34:06
Running from "C:\Users\Kyle Noble\Downloads"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************
 
Internet Services:
============
 
Connection Status:
==============
Attempt to access Local Host IP returned error: Localhost is blocked: Other errors
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
 
 
Windows Firewall:
=============
 
Firewall Disabled Policy: 
==================
 
 
System Restore:
============
 
System Restore Disabled Policy: 
========================
 
 
Action Center:
============
 
 
Windows Update:
============
 
Windows Autoupdate Disabled Policy: 
============================
 
 
Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.
 
 
Windows Defender Disabled Policy: 
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1
 
 
Other Services:
==============
 
 
File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
 
 
**** End of log ****


#9 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:02:32 PM

Posted 26 August 2013 - 03:08 AM

Hi

 

Please do the following next:

 

:step1:

 

Online Gaming Warning!

Online gaming sites are a security risk which can make your computer susceptible to a large number of malware infections, remote attacks, exposure of personal information, and identity theft. They can lead to other sites containing malware which you can inadvertently download without knowledge. Users visiting such sites may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users. Gaming sites can put you at risk to fraud, phishing and theft of personal data. Even if the gaming site is a clean site, there is always the potential of some type of malware making its way there and then onto your system. In some instances an infection may have caused so much damage to your system that it cannot be successfully cleaned or repaired. In those cases, recovery is not possible and the only option is to reformat/reinstall the OS.

More specifically, I noticed you had WildTangent on your computer.
WildTangent Program Warning

Wild Tangent is a video game software company specializing in online games. It has even made a partnership with AOL to include itself as part of the AOL Instant Messenger for their AIM games section. The WildTangent Web Driver is their technology that allows you to play 3D games over the Internet. Although its not technically considered spyware it does have built in components to update itself and gather information about the computer system including:

  • Operating System Version
  • CPU Type and Speed
  • Memory Amount
  • Video Card type and Driver Version
  • Sound Card type and Driver Version
  • DirectX Version
  • Location that the Web Driver was installed from

For that reason I would suggest you uninstalled it via add/remove.

Reboot after the uninstallation.<- Important.

 

 

 

:step2:

 

  • Launch Malwarebytes' Anti-Malware (MBAM)
  • Click on the tab update, then click Check for Updates
  • If an update is found, it will download and install the latest version.
  • Then on the Scanner tab select Perform full scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • When completed, a log will open in Notepad.
  • Post the full contents of the log in your next reply.

Note: Be sure to restart the computer.

The log can also be found here:
C:\Users\<Username>\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt

 

 

 

:step3:

 

I'd like us to scan your machine with ESET Online Scanner:

Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.

Note: Vista / Windows 7 / Windows 8 users: You will need to to right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator from the context menu.
 

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png  button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the esetsmartinstaller_enu.png
       icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • On ESET: Click the Back button, then the Finish button.

Note: Do not forget to re-enable your Anti-Virus application after running the above scan!

 

 


Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users