Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

C:\Windows\system32\svchost.exe Virus?


  • This topic is locked This topic is locked
40 replies to this topic

#1 Wii8461

Wii8461

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:06:15 PM

Posted 01 January 2014 - 01:31 AM

Hi, I have never had a virus on my computer before so I do not know what is necessary for describing in this topic. Sorry if I do not post enough information.

I was using my computer and It randomly restarted on it's own. About 5 minutes after it restarted, my antivirus program (which is Avast!) has continuously been telling me it has blocked a harmful webpage or file. 

It looks something like this (except the object is different every time):

20k2b00.jpg

Clicking on more details gives no extra information.

 

I have tried to use several tutorials to fix this, but none of them work. What can I do to fix this? Thanks!

 



BC AdBot (Login to Remove)

 


#2 jeffce

jeffce

    Bleepin' Super Saiyan


  • Malware Response Team
  • 3,442 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:06:15 PM

Posted 05 January 2014 - 06:15 PM

Hi and Welcome!!   

My name is Jeff. I would be more than happy to take a look at your malware results logs and help you with solving any malware problems you might have. Logs can take a while to research, so please be patient and know that I am working hard to get you a clean and functional system back in your hands. I'd be grateful if you would note the following:

  • The fixes are specific to your problem and should only be used for the issues on this machine.
  • It's often worth reading through these instructions and printing them for ease of reference.
  • If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry.
  • Please reply to this thread. Do not start a new topic.
  • If you happen to have a flash drive/thumb drive please have that ready in the event that we need to use it.
  • Please be sure to subscribe to the topic if you have not already done so.

IMPORTANT NOTE : Please do not delete, download or install anything unless instructed to do so.
DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision. Doing so could make your system inoperable and could require a full reinstall of your operating system and losing all your programs and data.


Having said that....   YBCQLm4.gif   Let's get going!!  
----------
 
Please download DDS from either of these links

LINK 1
LINK 2

and save it to your desktop.

  • Disable any antivirus programs during the scan (If you have difficulty properly disabling your protective programs, refer to this link here )
  • Double click dds to run the tool.
  • When done, two DDS.txt's will open.
  • Save both reports to your desktop.

---------------------------------------------------
Please include the contents of the following in your next reply:

DDS.txt

Attach.txt
----------
 
weVCzW0.jpg Please download TDSSKiller

  • Double click TDSSKiller.exe
  • Press Start Scan but do nothing else as we are just looking for what is there.
  • If Malicious objects are found, select Skip by changing the Cure dropdown in the upper right.
  • Attach the log in your next reply
    • A copy of the log will be saved automatically to the root of the drive (typically C:\)

----------
 
81mYIKe.jpg  AdwCleaner

Please download AdwCleaner by Xplode and save to your Desktop.

  • Double click on AdwCleaner.exe to run the tool
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

----------


WFxJwA4.png
 
mvp_horizontal_fullcolor-(copy2).jpeg
 


#3 Wii8461

Wii8461
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:06:15 PM

Posted 06 January 2014 - 12:56 PM

Hi, thanks for the reply!

 

Here are the logs for DDS:

DDS:

DDS (Ver_2012-11-20.01) - NTFS_x86 
Internet Explorer: 8.0.7601.17514  BrowserJavaVersion: 10.45.2
Run by Link at 12:42:48 on 2014-01-06
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.3069.1803 [GMT -5:00]
.
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_b8cef5f1d6fff385\STacSV.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_b8cef5f1d6fff385\aestsrv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Windows\system32\nlssrv32.exe
C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\rundll32.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Windows\system32\conhost.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\iPod\bin\iPodService.exe
c:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k secsvcs
.
============== Pseudo HJT Report ===============
.
BHO: BitComet Helper: {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - c:\program files\bitcomet\tools\BitCometBHO_1.5.4.11.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
uRun: [AdobeBridge] <no file>
mRun: [SysTrayApp] c:\program files\idt\wdm\sttray.exe
mRun: [Nvtmru] "c:\program files\nvidia corporation\nvidia update core\nvtmru.exe"
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe"
mRun: [SwitchBoard] c:\program files\common files\adobe\switchboard\SwitchBoard.exe
mRun: [AdobeCS6ServiceManager] "c:\program files\common files\adobe\cs6servicemanager\CS6ServiceManager.exe" -launchedbylogin
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [ShadowPlay] c:\windows\system32\rundll32.exe c:\windows\system32\nvspcap.dll,ShadowPlayOnSystemStart
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [AvastUI.exe] "c:\program files\avast software\avast\AvastUI.exe" /nogui
mRun: [NvBackend] "c:\program files\nvidia corporation\update core\NvBackend.exe"
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: &D&ownload &with BitComet - c:\program files\bitcomet\BitComet.exe/AddLink.htm
IE: &D&ownload all with BitComet - c:\program files\bitcomet\BitComet.exe/AddAllLink.htm
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\micros~3\office14\ONBttnIE.dll/105
IE: Send image to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - c:\program files\hewlett-packard\smart print 2.0\smartprintsetup.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - c:\program files\bitcomet\tools\BitCometBHO_1.5.4.11.dll/206
TCP: NameServer = 65.32.5.111 65.32.5.112
TCP: Interfaces\{2C24E864-D1BD-444B-AA96-EC9155179C61} : DHCPNameServer = 65.32.5.111 65.32.5.112
TCP: Interfaces\{2C24E864-D1BD-444B-AA96-EC9155179C61}\05279667164756 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{2C24E864-D1BD-444B-AA96-EC9155179C61}\2375942554037353 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{2C24E864-D1BD-444B-AA96-EC9155179C61}\2375942554932373 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{2C24E864-D1BD-444B-AA96-EC9155179C61}\2456C6B696E6F574F505C65737F5D494D4F4F5134444033314 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{2C24E864-D1BD-444B-AA96-EC9155179C61}\562796B6E63696E64697 : DHCPNameServer = 10.0.0.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\31.0.1650.63\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\link\appdata\roaming\mozilla\firefox\profiles\rfwepbke.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.youtube.com/
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=586383&p=
FF - plugin: c:\progra~1\micros~3\office14\NPAUTHZ.DLL
FF - plugin: c:\progra~1\micros~3\office14\NPSPWRAP.DLL
FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\update\1.3.22.3\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\users\link\appdata\roaming\mozilla\firefox\profiles\rfwepbke.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}\plugins\npAclmPlugin.dll
FF - plugin: c:\users\link\appdata\roaming\mozilla\firefox\profiles\rfwepbke.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}\plugins\npPitPlugin.dll
FF - plugin: c:\users\link\appdata\roaming\mozilla\firefox\profiles\rfwepbke.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}\plugins\npProductDetectPlugin.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_8_800_168.dll
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [2013-6-24 49944]
R0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [2013-6-24 178304]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2013-6-24 774392]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2013-6-24 403440]
R2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\driverstore\filerepository\stwrt.inf_x86_neutral_b8cef5f1d6fff385\AEstSrv.exe [2013-6-24 81920]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2013-6-24 35656]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-6-24 70384]
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2013-12-8 50344]
R2 nlsX86cc;Nalpeiron Licensing Service;c:\windows\system32\nlssrv32.exe [2013-12-6 66560]
R2 NvNetworkService;NVIDIA Network Service;c:\program files\nvidia corporation\netservice\NvNetworkService.exe [2013-12-18 1494304]
R2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe [2013-8-3 14658848]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\skype\toolbars\skype c2c service\c2c_service.exe [2013-10-9 3275136]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\drivers\btwl2cap.sys [2013-6-24 29472]
R3 enecir;ENE CIR Receiver;c:\windows\system32\drivers\enecir.sys [2008-4-28 54784]
R3 ManyCam;ManyCam Virtual Webcam;c:\windows\system32\drivers\mcvidrv.sys [2013-9-15 34432]
R3 mcaudrv_simple;ManyCam Virtual Microphone;c:\windows\system32\drivers\mcaudrv.sys [2013-1-31 22656]
R3 netw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\netw5v32.sys [2009-6-10 4231168]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad32v.sys [2013-12-18 34080]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2009-6-10 139776]
R3 SCREAMINGBDRIVER;Screaming Bee Audio;c:\windows\system32\drivers\ScreamingBAudio.sys [2010-7-1 34896]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-10-23 172192]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 BITCOMET_HELPER_SERVICE;BitComet Disk Boost Service;c:\program files\bitcomet\tools\bitcometservice.exe -service --> c:\program files\bitcomet\tools\BitCometService.exe -service [?]
S3 Com4QLBEx;Com4QLBEx;c:\program files\hewlett-packard\hp quick launch buttons\Com4QLBEx.exe [2013-6-24 228408]
S3 ElgatoGC658Y;Elgato Game Capture;c:\windows\system32\drivers\ElgatoGC658.sys [2013-12-26 32240]
S3 EvoSvc;Evolve Service;c:\program files\echobit\evolve\EvoSvc.exe [2014-1-5 1579424]
S3 JMCR;JMCR;c:\windows\system32\drivers\jmcr.sys [2008-7-20 100184]
S3 SwitchBoard;Adobe SwitchBoard;c:\program files\common files\adobe\switchboard\SwitchBoard.exe [2010-2-19 517096]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2010-11-20 52224]
S3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
.
=============== File Associations ===============
.
ShellExec: dreamweaver.exe: Open="c:\program files\adobe\adobe dreamweaver cs6\dreamweaver.exe", "%1"
.
=============== Created Last 30 ================
.
2014-01-05 22:27:52 -------- d-----w- c:\program files\Echobit
2014-01-05 22:27:10 -------- d-----w- c:\programdata\Echobit
2014-01-05 22:27:09 -------- d-----w- c:\users\link\appdata\local\Echobit
2014-01-05 18:19:35 -------- d-----w- c:\users\link\appdata\roaming\Malwarebytes
2014-01-05 18:18:43 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-01-05 18:18:43 -------- d-----w- c:\programdata\Malwarebytes
2014-01-05 18:18:42 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-12-26 05:02:12 32240 ----a-w- c:\windows\system32\drivers\ElgatoGC658.sys
2013-12-26 05:02:01 -------- d-----w- c:\users\link\appdata\roaming\Elgato
2013-12-26 05:01:51 -------- d-----w- c:\program files\Elgato
2013-12-23 23:51:33 917816 ----a-w- c:\program files\mozilla firefox\plugins\npBitCometAgent.dll
2013-12-23 23:51:33 4879744 ----a-w- c:\program files\mozilla firefox\extensions\{82af8dca-6de9-405d-bd5e-43525bdad38a}\components\SkypeFfComponent.dll
2013-12-23 23:51:33 4879744 ----a-w- c:\program files\mozilla firefox\browser\extensions\{82af8dca-6de9-405d-bd5e-43525bdad38a}\components\SkypeFfComponent.dll
2013-12-23 23:51:33 209472 ----a-w- c:\program files\mozilla firefox\plugins\nppdf32.dll
2013-12-18 13:10:00 34080 ----a-w- c:\windows\system32\drivers\nvvad32v.sys
2013-12-08 23:10:41 -------- d-----w- c:\users\link\appdata\roaming\AVAST Software
.
==================== Find3M  ====================
.
2013-12-10 02:13:11 982232 ----a-w- c:\windows\system32\nvspcap.dll
2013-12-08 18:16:38 79720 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-12-08 18:16:38 774392 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-12-08 18:16:38 70384 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-12-08 18:16:38 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-12-08 18:16:38 43152 ----a-w- c:\windows\avastSS.scr
2013-12-08 18:16:38 178304 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-12-05 08:42:26 32544 ----a-w- c:\windows\system32\nvaudcap32v.dll
2013-12-03 14:19:12 82432 ----a-w- c:\windows\system32\msxml4r.dll
2013-12-03 14:19:12 1275392 ----a-w- c:\windows\system32\msxml4.dll
.
============= FINISH: 12:43:07.62 ===============

 

 

 

Attach:

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium 
Boot Device: \Device\HarddiskVolume1
Install Date: 6/24/2013 7:00:19 PM
System Uptime: 1/6/2014 12:25:54 PM (0 hours ago)
.
Motherboard: Compal |  | 30F4
Processor: Intel® Core™2 Duo CPU     P8600  @ 2.40GHz | CPU | 2401/1066mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 233 GiB total, 36.412 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: 
Description: Multimedia Controller
Device ID: PCI\VEN_1131&DEV_7160&SUBSYS_10551461&REV_03\4&94547FB&0&00E2
Manufacturer: 
Name: Multimedia Controller
PNP Device ID: PCI\VEN_1131&DEV_7160&SUBSYS_10551461&REV_03\4&94547FB&0&00E2
Service: 
.
Class GUID: 
Description: Bluetooth Peripheral Device
Device ID: BTHENUM\{00001132-0000-1000-8000-00805F9B34FB}_VID&000205AC_PID&12AA\7&EA8CE32&0&F41BA1D4A782_C00000003
Manufacturer: 
Name: Bluetooth Peripheral Device
PNP Device ID: BTHENUM\{00001132-0000-1000-8000-00805F9B34FB}_VID&000205AC_PID&12AA\7&EA8CE32&0&F41BA1D4A782_C00000003
Service: 
.
Class GUID: 
Description: 
Device ID: ACPI\HPQ0004\3&21436425&0
Manufacturer: 
Name: 
PNP Device ID: ACPI\HPQ0004\3&21436425&0
Service: 
.
Class GUID: 
Description: Bluetooth Peripheral Device
Device ID: BTHENUM\{00000000-DECA-FADE-DECA-DEAFDECACAFE}_VID&000205AC_PID&12AA\7&EA8CE32&0&F41BA1D4A782_C00000003
Manufacturer: 
Name: Bluetooth Peripheral Device
PNP Device ID: BTHENUM\{00000000-DECA-FADE-DECA-DEAFDECACAFE}_VID&000205AC_PID&12AA\7&EA8CE32&0&F41BA1D4A782_C00000003
Service: 
.
==== System Restore Points ===================
.
RP73: 12/8/2013 1:13:55 PM - avast! antivirus system restore point
RP74: 12/17/2013 4:57:00 PM - Scheduled Checkpoint
RP76: 12/18/2013 8:10:34 AM - Installed DirectX
RP77: 12/25/2013 10:35:00 AM - Installed GCT to TXT
RP78: 12/26/2013 12:01:41 AM - Installed Elgato Game Capture HD
RP79: 1/5/2014 3:47:17 PM - Scheduled Checkpoint
RP81: 1/5/2014 5:29:10 PM - Installed DirectX
.
==== Installed Programs ======================
.
Adobe AIR
Adobe Creative Suite 6 Master Collection
Adobe Flash Player 11 Plugin
Adobe Help Manager
Adobe Reader XI (11.0.03)
Adobe Widget Browser
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Audacity 2.0.3
avast! Free Antivirus
AVS Video Converter 8
BitComet 1.36
bl
Bonjour
Camtasia Studio 8
CyberLink YouCam
D3DX10
Definition update for Microsoft Office 2010 (KB982726)
DiscJuggler
Elgato Game Capture HD
Evolve
Female Voice Pack
Game Capture HD v2.3.3.38
GCT to TXT
GeForce Experience NvStream Client Components
Google Chrome
Google Update Helper
HP Deskjet 3510 series Basic Device Software
HP Integrated Module with Bluetooth wireless technology
HP Product Detection
HP Quick Launch Buttons
IDT Audio
iTunes
Java 7 Update 45
Java Auto Updater
JMicron JMB38X Flash Media Controller
Male Voice Pack
Malwarebytes Anti-Malware version 1.75.0.1300
ManyCam 3.1.59
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Single Image 2010
Microsoft Office Word MUI (English) 2010
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft_VC80_CRT_x86
Microsoft_VC90_CRT_x86
Microsoft_VC90_MFC_x86
Microsoft_VC90_MFCLOC_x86
MilkShape 3D 1.8.5
Minecraft1.6.2
MorphVOX Effects Rack
MorphVOX Pro
Movie Maker
Mozilla Firefox 26.0 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSVCRT110
Notepad++
NVIDIA Control Panel 327.23
NVIDIA GeForce Experience 1.8.1
NVIDIA Graphics Driver 327.23
NVIDIA Install Application
NVIDIA LED Visualizer 1.0
NVIDIA Network Service
NVIDIA PhysX
NVIDIA PhysX System Software 9.13.0725
NVIDIA ShadowPlay 10.11.15
NVIDIA Update 10.11.15
NVIDIA Update Core
NVIDIA Virtual Audio 1.2.19
Paint.NET v3.5.10
PDF Settings CS6
Personality Voices
ph
Photo Common
Photo Gallery
Project64 1.6
QLBCASL
SHIELD Streaming
SketchUp 2013
Skype Click to Call
Skype™ 6.11
Source Filmmaker
Source SDK
Special Effects Voices
Steam
StudioCompiler v0.4A
Synaptics Pointing Device Driver
Text-To-VoIP Plug-in
Translator Fun Voice Pack
VideoPad Video Editor
VLC media player 2.0.8
Windows Driver Package - Broadcom Bluetooth  (06/15/2009 6.2.0.9000)
Windows Driver Package - Broadcom Bluetooth  (07/30/2009 6.2.0.9405)
Windows Driver Package - Broadcom HIDClass  (07/28/2009 6.2.0.9800)
Windows Driver Package - ENE (enecir) HIDClass  (04/29/2008 2.5.0.0)
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
WinRAR 5.00 beta 6 (32-bit)
Youtube Downloader HD v. 2.9.9.10
.
==== Event Viewer Messages From Past Week ========
.
1/6/2014 12:26:16 PM, Error: Service Control Manager [7023]  - The Power service terminated with the following error:  The WMI request could not be completed and should be retried.
1/5/2014 1:21:13 PM, Error: Service Control Manager [7034]  - The Nalpeiron Licensing Service service terminated unexpectedly.  It has done this 1 time(s).
1/1/2014 9:59:33 AM, Error: BTHUSB [17]  - The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.
.
==== End Of File ===========================

 

 
 

Here are the logs for TDSSKiller:

12:44:52.0706 5244  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42

12:44:54.0697 5244  ============================================================
12:44:54.0697 5244  Current date / time: 2014/01/06 12:44:54.0697
12:44:54.0697 5244  SystemInfo:
12:44:54.0697 5244  
12:44:54.0697 5244  OS Version: 6.1.7601 ServicePack: 1.0
12:44:54.0697 5244  Product type: Workstation
12:44:54.0697 5244  ComputerName: LINK-PC
12:44:54.0698 5244  UserName: Link
12:44:54.0698 5244  Windows directory: C:\Windows
12:44:54.0698 5244  System windows directory: C:\Windows
12:44:54.0698 5244  Processor architecture: Intel x86
12:44:54.0698 5244  Number of processors: 2
12:44:54.0698 5244  Page size: 0x1000
12:44:54.0698 5244  Boot type: Normal boot
12:44:54.0698 5244  ============================================================
12:44:55.0042 5244  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
12:44:55.0048 5244  ============================================================
12:44:55.0048 5244  \Device\Harddisk0\DR0:
12:44:55.0049 5244  MBR partitions:
12:44:55.0049 5244  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1D1C4800
12:44:55.0049 5244  ============================================================
12:44:55.0050 5244  C: <-> \Device\Harddisk0\DR0\Partition1
12:44:55.0050 5244  ============================================================
12:44:55.0050 5244  Initialize success
12:44:55.0050 5244  ============================================================
12:44:56.0232 2540  ============================================================
12:44:56.0232 2540  Scan started
12:44:56.0232 2540  Mode: Manual; 
12:44:56.0232 2540  ============================================================
12:44:56.0468 2540  ================ Scan system memory ========================
12:44:56.0468 2540  System memory - ok
12:44:56.0468 2540  ================ Scan services =============================
12:44:56.0503 2540  [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
12:44:56.0505 2540  1394ohci - ok
12:44:56.0512 2540  [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
12:44:56.0514 2540  ACPI - ok
12:44:56.0519 2540  [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
12:44:56.0520 2540  AcpiPmi - ok
12:44:56.0526 2540  [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
12:44:56.0527 2540  AdobeARMservice - ok
12:44:56.0536 2540  [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
12:44:56.0538 2540  adp94xx - ok
12:44:56.0546 2540  [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
12:44:56.0549 2540  adpahci - ok
12:44:56.0555 2540  [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
12:44:56.0556 2540  adpu320 - ok
12:44:56.0564 2540  [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
12:44:56.0565 2540  AeLookupSvc - ok
12:44:56.0579 2540  [ 827DBC22C96EECF6D36A13162FABAFD3 ] AESTFilters     C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_b8cef5f1d6fff385\aestsrv.exe
12:44:56.0580 2540  AESTFilters - ok
12:44:56.0588 2540  [ 1151FD4FB0216CFED887BFDE29EBD516 ] AFD             C:\Windows\system32\drivers\afd.sys
12:44:56.0590 2540  AFD - ok
12:44:56.0597 2540  [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440          C:\Windows\system32\drivers\agp440.sys
12:44:56.0597 2540  agp440 - ok
12:44:56.0603 2540  [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
12:44:56.0603 2540  aic78xx - ok
12:44:56.0609 2540  [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG             C:\Windows\System32\alg.exe
12:44:56.0610 2540  ALG - ok
12:44:56.0615 2540  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide          C:\Windows\system32\drivers\aliide.sys
12:44:56.0616 2540  aliide - ok
12:44:56.0621 2540  [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
12:44:56.0621 2540  amdagp - ok
12:44:56.0626 2540  [ CD5914170297126B6266860198D1D4F0 ] amdide          C:\Windows\system32\drivers\amdide.sys
12:44:56.0627 2540  amdide - ok
12:44:56.0633 2540  [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
12:44:56.0634 2540  AmdK8 - ok
12:44:56.0639 2540  [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
12:44:56.0639 2540  AmdPPM - ok
12:44:56.0645 2540  [ E7F4D42D8076EC60E21715CD11743A0D ] amdsata         C:\Windows\system32\drivers\amdsata.sys
12:44:56.0646 2540  amdsata - ok
12:44:56.0653 2540  [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
12:44:56.0655 2540  amdsbs - ok
12:44:56.0660 2540  [ 146459D2B08BFDCBFA856D9947043C81 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
12:44:56.0661 2540  amdxata - ok
12:44:56.0667 2540  [ AEA177F783E20150ACE5383EE368DA19 ] AppID           C:\Windows\system32\drivers\appid.sys
12:44:56.0668 2540  AppID - ok
12:44:56.0672 2540  [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
12:44:56.0673 2540  AppIDSvc - ok
12:44:56.0679 2540  [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo         C:\Windows\System32\appinfo.dll
12:44:56.0680 2540  Appinfo - ok
12:44:56.0685 2540  [ 30E3850F303EAE5C364782EA78579CC9 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:44:56.0686 2540  Apple Mobile Device - ok
12:44:56.0692 2540  [ 2932004F49677BD84DBC72EDB754FFB3 ] arc             C:\Windows\system32\drivers\arc.sys
12:44:56.0693 2540  arc - ok
12:44:56.0699 2540  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
12:44:56.0700 2540  arcsas - ok
12:44:56.0714 2540  [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
12:44:56.0715 2540  aspnet_state - ok
12:44:56.0720 2540  [ 74202D5A696A412733B387BD18400E4C ] aswFsBlk        C:\Windows\system32\drivers\aswFsBlk.sys
12:44:56.0721 2540  aswFsBlk - ok
12:44:56.0726 2540  [ AA3397F034871DE76A74585774029580 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
12:44:56.0727 2540  aswMonFlt - ok
12:44:56.0733 2540  [ 2206985EF126AB90F3D7F1A020589DC9 ] aswRdr          C:\Windows\system32\drivers\aswRdr2.sys
12:44:56.0734 2540  aswRdr - ok
12:44:56.0739 2540  [ F385467DF95D0A73775CB3B076B8B969 ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
12:44:56.0739 2540  aswRvrt - ok
12:44:56.0754 2540  [ BB27A67D7F465D2720D74B5223DD91E4 ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
12:44:56.0758 2540  aswSnx - ok
12:44:56.0769 2540  [ 259E864BFB9268CD7CEFA5849A3B374B ] aswSP           C:\Windows\system32\drivers\aswSP.sys
12:44:56.0772 2540  aswSP - ok
12:44:56.0777 2540  [ AB499F3325E62E157F8E8302065B1B30 ] aswTdi          C:\Windows\system32\drivers\aswTdi.sys
12:44:56.0778 2540  aswTdi - ok
12:44:56.0785 2540  [ BADA8FD627F1D0E22308211C33F0BDB5 ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
12:44:56.0786 2540  aswVmm - ok
12:44:56.0791 2540  [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
12:44:56.0792 2540  AsyncMac - ok
12:44:56.0797 2540  [ 338C86357871C167A96AB976519BF59E ] atapi           C:\Windows\system32\drivers\atapi.sys
12:44:56.0798 2540  atapi - ok
12:44:56.0808 2540  [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:44:56.0812 2540  AudioEndpointBuilder - ok
12:44:56.0820 2540  [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
12:44:56.0824 2540  Audiosrv - ok
12:44:56.0830 2540  [ 4D41D30E2FAB3307967C7A0B045DC874 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
12:44:56.0831 2540  avast! Antivirus - ok
12:44:56.0836 2540  [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
12:44:56.0837 2540  AxInstSV - ok
12:44:56.0846 2540  [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv         C:\Windows\system32\drivers\bxvbdx.sys
12:44:56.0850 2540  b06bdrv - ok
12:44:56.0856 2540  [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
12:44:56.0858 2540  b57nd60x - ok
12:44:56.0866 2540  [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC          C:\Windows\System32\bdesvc.dll
12:44:56.0868 2540  BDESVC - ok
12:44:56.0872 2540  [ 505506526A9D467307B3C393DEDAF858 ] Beep            C:\Windows\system32\drivers\Beep.sys
12:44:56.0873 2540  Beep - ok
12:44:56.0884 2540  [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE             C:\Windows\System32\bfe.dll
12:44:56.0887 2540  BFE - ok
12:44:56.0891 2540  BITCOMET_HELPER_SERVICE - ok
12:44:56.0905 2540  [ E585445D5021971FAE10393F0F1C3961 ] BITS            C:\Windows\System32\qmgr.dll
12:44:56.0911 2540  BITS - ok
12:44:56.0917 2540  [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
12:44:56.0917 2540  blbdrive - ok
12:44:56.0925 2540  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
12:44:56.0928 2540  Bonjour Service - ok
12:44:56.0933 2540  [ FCAFAEF6798D7B51FF029F99A9898961 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
12:44:56.0934 2540  bowser - ok
12:44:56.0939 2540  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
12:44:56.0940 2540  BrFiltLo - ok
12:44:56.0944 2540  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
12:44:56.0945 2540  BrFiltUp - ok
12:44:56.0951 2540  [ 6E11F33D14D020F58D5E02E4D67DFA19 ] Browser         C:\Windows\System32\browser.dll
12:44:56.0952 2540  Browser - ok
12:44:56.0960 2540  [ 845B8CE732E67F3B4133164868C666EA ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
12:44:56.0963 2540  Brserid - ok
12:44:56.0968 2540  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
12:44:56.0969 2540  BrSerWdm - ok
12:44:56.0974 2540  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
12:44:56.0974 2540  BrUsbMdm - ok
12:44:56.0979 2540  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
12:44:56.0980 2540  BrUsbSer - ok
12:44:56.0985 2540  [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum         C:\Windows\system32\DRIVERS\BthEnum.sys
12:44:56.0986 2540  BthEnum - ok
12:44:56.0991 2540  [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
12:44:56.0992 2540  BTHMODEM - ok
12:44:56.0998 2540  [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
12:44:56.0999 2540  BthPan - ok
12:44:57.0009 2540  [ 195C41CC67E9E1CEDD960CCB74925920 ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
12:44:57.0012 2540  BTHPORT - ok
12:44:57.0018 2540  [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv         C:\Windows\system32\bthserv.dll
12:44:57.0019 2540  bthserv - ok
12:44:57.0024 2540  [ 43B3206DD654E783AA7E4EAD340A43B8 ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
12:44:57.0025 2540  BTHUSB - ok
12:44:57.0031 2540  [ CE5833C144CA6623BCBDE93B188AA850 ] btwaudio        C:\Windows\system32\drivers\btwaudio.sys
12:44:57.0032 2540  btwaudio - ok
12:44:57.0038 2540  [ AF9148C3E844131AC954CB53FF43D971 ] btwavdt         C:\Windows\system32\drivers\btwavdt.sys
12:44:57.0039 2540  btwavdt - ok
12:44:57.0051 2540  [ F55C99818FD1EACFC7784958A8592536 ] btwdins         c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
12:44:57.0055 2540  btwdins - ok
12:44:57.0060 2540  [ AAFD7CB76BA61FBB08E302DA208C974A ] btwl2cap        C:\Windows\system32\DRIVERS\btwl2cap.sys
12:44:57.0061 2540  btwl2cap - ok
12:44:57.0066 2540  [ 480B3D195854B2E55299CDDDDC50BCF9 ] btwrchid        C:\Windows\system32\DRIVERS\btwrchid.sys
12:44:57.0067 2540  btwrchid - ok
12:44:57.0071 2540  [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
12:44:57.0072 2540  cdfs - ok
12:44:57.0078 2540  [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
12:44:57.0079 2540  cdrom - ok
12:44:57.0084 2540  [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc     C:\Windows\System32\certprop.dll
12:44:57.0085 2540  CertPropSvc - ok
12:44:57.0090 2540  [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
12:44:57.0091 2540  circlass - ok
12:44:57.0098 2540  [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS            C:\Windows\system32\CLFS.sys
12:44:57.0100 2540  CLFS - ok
12:44:57.0106 2540  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:44:57.0107 2540  clr_optimization_v2.0.50727_32 - ok
12:44:57.0112 2540  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:44:57.0113 2540  clr_optimization_v4.0.30319_32 - ok
12:44:57.0118 2540  [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
12:44:57.0119 2540  CmBatt - ok
12:44:57.0123 2540  [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
12:44:57.0124 2540  cmdide - ok
12:44:57.0132 2540  [ 1B675691ED940766149C93E8F4488D68 ] CNG             C:\Windows\system32\Drivers\cng.sys
12:44:57.0135 2540  CNG - ok
12:44:57.0142 2540  [ F9A79C5B27037821112C50A9C8FB367A ] Com4QLBEx       C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
12:44:57.0143 2540  Com4QLBEx - ok
12:44:57.0149 2540  [ A6023D3823C37043986713F118A89BEE ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
12:44:57.0150 2540  Compbatt - ok
12:44:57.0154 2540  [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
12:44:57.0155 2540  CompositeBus - ok
12:44:57.0159 2540  COMSysApp - ok
12:44:57.0166 2540  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
12:44:57.0166 2540  crcdisk - ok
12:44:57.0174 2540  [ A585BEBF7D054BD9618EDA0922D5484A ] CryptSvc        C:\Windows\system32\cryptsvc.dll
12:44:57.0176 2540  CryptSvc - ok
12:44:57.0187 2540  [ 50479DCEB042A89BD442C7F2AA50BFBC ] DcomLaunch      C:\Windows\system32\rpcss.dll
12:44:57.0192 2540  DcomLaunch - ok
12:44:57.0202 2540  [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc       C:\Windows\System32\defragsvc.dll
12:44:57.0204 2540  defragsvc - ok
12:44:57.0210 2540  [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
12:44:57.0211 2540  DfsC - ok
12:44:57.0219 2540  [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp            C:\Windows\system32\dhcpcore.dll
12:44:57.0221 2540  Dhcp - ok
12:44:57.0226 2540  [ 1A050B0274BFB3890703D490F330C0DA ] discache        C:\Windows\system32\drivers\discache.sys
12:44:57.0227 2540  discache - ok
12:44:57.0232 2540  [ 565003F326F99802E68CA78F2A68E9FF ] Disk            C:\Windows\system32\drivers\disk.sys
12:44:57.0233 2540  Disk - ok
12:44:57.0239 2540  [ 2FE30D71919C51131405797620E0A714 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
12:44:57.0241 2540  Dnscache - ok
12:44:57.0248 2540  [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc         C:\Windows\System32\dot3svc.dll
12:44:57.0251 2540  dot3svc - ok
12:44:57.0257 2540  [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS             C:\Windows\system32\dps.dll
12:44:57.0259 2540  DPS - ok
12:44:57.0264 2540  [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
12:44:57.0265 2540  drmkaud - ok
12:44:57.0281 2540  [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
12:44:57.0285 2540  DXGKrnl - ok
12:44:57.0290 2540  [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost         C:\Windows\System32\eapsvc.dll
12:44:57.0293 2540  EapHost - ok
12:44:57.0332 2540  [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv           C:\Windows\system32\drivers\evbdx.sys
12:44:57.0349 2540  ebdrv - ok
12:44:57.0355 2540  [ F42309C4191C506B71DB5D1126D26318 ] EFS             C:\Windows\System32\lsass.exe
12:44:57.0358 2540  EFS - ok
12:44:57.0368 2540  [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
12:44:57.0372 2540  ehRecvr - ok
12:44:57.0376 2540  [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched         C:\Windows\ehome\ehsched.exe
12:44:57.0377 2540  ehSched - ok
12:44:57.0383 2540  [ 55E196790E9BE20D5F62C28B91E7B1F2 ] ElgatoGC658Y    C:\Windows\system32\Drivers\ElgatoGC658.sys
12:44:57.0384 2540  ElgatoGC658Y - ok
12:44:57.0393 2540  [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor         C:\Windows\system32\drivers\elxstor.sys
12:44:57.0395 2540  elxstor - ok
12:44:57.0402 2540  [ 6C74035909B31F873D85B25E00BEB984 ] enecir          C:\Windows\system32\DRIVERS\enecir.sys
12:44:57.0403 2540  enecir - ok
12:44:57.0407 2540  [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
12:44:57.0408 2540  ErrDev - ok
12:44:57.0421 2540  [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem     C:\Windows\system32\es.dll
12:44:57.0424 2540  EventSystem - ok
12:44:57.0446 2540  [ 62930C2AFA29031B83D448A14F568A1D ] EvoSvc          C:\Program Files\Echobit\Evolve\EvoSvc.exe
12:44:57.0455 2540  EvoSvc - ok
12:44:57.0462 2540  [ 2DC9108D74081149CC8B651D3A26207F ] exfat           C:\Windows\system32\drivers\exfat.sys
12:44:57.0463 2540  exfat - ok
12:44:57.0469 2540  [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
12:44:57.0471 2540  fastfat - ok
12:44:57.0480 2540  [ 967EA5B213E9984CBE270205DF37755B ] Fax             C:\Windows\system32\fxssvc.exe
12:44:57.0485 2540  Fax - ok
12:44:57.0489 2540  [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc             C:\Windows\system32\drivers\fdc.sys
12:44:57.0490 2540  fdc - ok
12:44:57.0494 2540  [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost         C:\Windows\system32\fdPHost.dll
12:44:57.0497 2540  fdPHost - ok
12:44:57.0502 2540  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub        C:\Windows\system32\fdrespub.dll
12:44:57.0504 2540  FDResPub - ok
12:44:57.0509 2540  [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
12:44:57.0510 2540  FileInfo - ok
12:44:57.0515 2540  [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
12:44:57.0516 2540  Filetrace - ok
12:44:57.0521 2540  [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
12:44:57.0522 2540  flpydisk - ok
12:44:57.0528 2540  [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
12:44:57.0530 2540  FltMgr - ok
12:44:57.0543 2540  [ FA6C66E4364D7DA57AADE5DCC03BB999 ] FontCache       C:\Windows\system32\FntCache.dll
12:44:57.0549 2540  FontCache - ok
12:44:57.0554 2540  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
12:44:57.0555 2540  FontCache3.0.0.0 - ok
12:44:57.0559 2540  [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
12:44:57.0560 2540  FsDepends - ok
12:44:57.0566 2540  [ A574B4360E438977038AAE4BF60D79A2 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
12:44:57.0567 2540  Fs_Rec - ok
12:44:57.0573 2540  [ 8A73E79089B282100B9393B644CB853B ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
12:44:57.0575 2540  fvevol - ok
12:44:57.0580 2540  [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
12:44:57.0581 2540  gagp30kx - ok
12:44:57.0585 2540  [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
12:44:57.0586 2540  GEARAspiWDM - ok
12:44:57.0597 2540  [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc           C:\Windows\System32\gpsvc.dll
12:44:57.0603 2540  gpsvc - ok
12:44:57.0608 2540  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
12:44:57.0609 2540  gupdate - ok
12:44:57.0614 2540  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
12:44:57.0615 2540  gupdatem - ok
12:44:57.0621 2540  [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
12:44:57.0622 2540  hcw85cir - ok
12:44:57.0636 2540  [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:44:57.0638 2540  HdAudAddService - ok
12:44:57.0646 2540  [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
12:44:57.0647 2540  HDAudBus - ok
12:44:57.0652 2540  [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
12:44:57.0653 2540  HidBatt - ok
12:44:57.0667 2540  [ 89448F40E6DF260C206A193A4683BA78 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
12:44:57.0668 2540  HidBth - ok
12:44:57.0672 2540  [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
12:44:57.0673 2540  HidIr - ok
12:44:57.0678 2540  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv         C:\Windows\system32\hidserv.dll
12:44:57.0680 2540  hidserv - ok
12:44:57.0685 2540  [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
12:44:57.0686 2540  HidUsb - ok
12:44:57.0691 2540  [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc          C:\Windows\system32\kmsvc.dll
12:44:57.0694 2540  hkmsvc - ok
12:44:57.0700 2540  [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:44:57.0704 2540  HomeGroupListener - ok
12:44:57.0710 2540  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:44:57.0714 2540  HomeGroupProvider - ok
12:44:57.0719 2540  [ 1210960FF8928950D2A786895B0C424A ] HpqKbFiltr      C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
12:44:57.0720 2540  HpqKbFiltr - ok
12:44:57.0726 2540  [ FDF273A845F1FFCCEADF363AAF47582F ] hpqwmiex        C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
12:44:57.0727 2540  hpqwmiex - ok
12:44:57.0733 2540  [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
12:44:57.0734 2540  HpSAMD - ok
12:44:57.0743 2540  [ 871917B07A141BFF43D76D8844D48106 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
12:44:57.0747 2540  HTTP - ok
12:44:57.0753 2540  [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
12:44:57.0754 2540  hwpolicy - ok
12:44:57.0759 2540  [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
12:44:57.0760 2540  i8042prt - ok
12:44:57.0767 2540  [ A3CAE5D281DB4CFF7CFF8233507EE5AD ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
12:44:57.0770 2540  iaStorV - ok
12:44:57.0783 2540  [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
12:44:57.0788 2540  idsvc - ok
12:44:57.0794 2540  [ 4173FF5708F3236CF25195FECD742915 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
12:44:57.0795 2540  iirsp - ok
12:44:57.0806 2540  [ F95622F161474511B8D80D6B093AA610 ] IKEEXT          C:\Windows\System32\ikeext.dll
12:44:57.0812 2540  IKEEXT - ok
12:44:57.0820 2540  [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide        C:\Windows\system32\drivers\intelide.sys
12:44:57.0821 2540  intelide - ok
12:44:57.0826 2540  [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
12:44:57.0826 2540  intelppm - ok
12:44:57.0832 2540  [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
12:44:57.0834 2540  IPBusEnum - ok
12:44:57.0839 2540  [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:44:57.0840 2540  IpFilterDriver - ok
12:44:57.0849 2540  [ 4D65A07B795D6674312F879D09AA7663 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
12:44:57.0854 2540  iphlpsvc - ok
12:44:57.0859 2540  [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
12:44:57.0860 2540  IPMIDRV - ok
12:44:57.0865 2540  [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
12:44:57.0867 2540  IPNAT - ok
12:44:57.0876 2540  [ 066F2BBE2EEC9A42B065B552BF356B4E ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
12:44:57.0879 2540  iPod Service - ok
12:44:57.0884 2540  [ 42996CFF20A3084A56017B7902307E9F ] IRENUM          C:\Windows\system32\drivers\irenum.sys
12:44:57.0885 2540  IRENUM - ok
12:44:57.0890 2540  [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
12:44:57.0891 2540  isapnp - ok
12:44:57.0898 2540  [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
12:44:57.0900 2540  iScsiPrt - ok
12:44:57.0905 2540  [ ED9103E5B70761EBC9809F4BD9673BB2 ] JMCR            C:\Windows\system32\DRIVERS\jmcr.sys
12:44:57.0906 2540  JMCR - ok
12:44:57.0911 2540  [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
12:44:57.0912 2540  kbdclass - ok
12:44:57.0917 2540  [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
12:44:57.0918 2540  kbdhid - ok
12:44:57.0923 2540  [ F42309C4191C506B71DB5D1126D26318 ] KeyIso          C:\Windows\system32\lsass.exe
12:44:57.0926 2540  KeyIso - ok
12:44:57.0930 2540  [ 412CEA1AA78CC02A447F5C9E62B32FF1 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
12:44:57.0932 2540  KSecDD - ok
12:44:57.0937 2540  [ 26C046977E85B95036453D7B88BA1820 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
12:44:57.0939 2540  KSecPkg - ok
12:44:57.0946 2540  [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm           C:\Windows\system32\msdtckrm.dll
12:44:57.0951 2540  KtmRm - ok
12:44:57.0957 2540  [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer    C:\Windows\system32\srvsvc.dll
12:44:57.0962 2540  LanmanServer - ok
12:44:57.0967 2540  [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:44:57.0973 2540  LanmanWorkstation - ok
12:44:57.0980 2540  [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
12:44:57.0981 2540  lltdio - ok
12:44:57.0988 2540  [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
12:44:57.0991 2540  lltdsvc - ok
12:44:57.0995 2540  [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts         C:\Windows\System32\lmhsvc.dll
12:44:57.0998 2540  lmhosts - ok
12:44:58.0006 2540  [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
12:44:58.0007 2540  LSI_FC - ok
12:44:58.0012 2540  [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
12:44:58.0014 2540  LSI_SAS - ok
12:44:58.0020 2540  [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
12:44:58.0021 2540  LSI_SAS2 - ok
12:44:58.0026 2540  [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
12:44:58.0027 2540  LSI_SCSI - ok
12:44:58.0032 2540  [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv           C:\Windows\system32\drivers\luafv.sys
12:44:58.0033 2540  luafv - ok
12:44:58.0038 2540  [ D8C0B2EB928D57C928522EFF500C4BA8 ] ManyCam         C:\Windows\system32\DRIVERS\mcvidrv.sys
12:44:58.0039 2540  ManyCam - ok
12:44:58.0046 2540  [ DFAA87E30868FE4CB7D335837A4BF39C ] mcaudrv_simple  C:\Windows\system32\drivers\mcaudrv.sys
12:44:58.0046 2540  mcaudrv_simple - ok
12:44:58.0053 2540  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
12:44:58.0056 2540  Mcx2Svc - ok
12:44:58.0061 2540  [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas         C:\Windows\system32\drivers\megasas.sys
12:44:58.0062 2540  megasas - ok
12:44:58.0069 2540  [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
12:44:58.0070 2540  MegaSR - ok
12:44:58.0075 2540  [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS           C:\Windows\system32\mmcss.dll
12:44:58.0078 2540  MMCSS - ok
12:44:58.0083 2540  [ F001861E5700EE84E2D4E52C712F4964 ] Modem           C:\Windows\system32\drivers\modem.sys
12:44:58.0084 2540  Modem - ok
12:44:58.0089 2540  [ 79D10964DE86B292320E9DFE02282A23 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
12:44:58.0090 2540  monitor - ok
12:44:58.0094 2540  [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
12:44:58.0095 2540  mouclass - ok
12:44:58.0100 2540  [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
12:44:58.0101 2540  mouhid - ok
12:44:58.0108 2540  [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
12:44:58.0110 2540  mountmgr - ok
12:44:58.0115 2540  [ 3B9398E0146855B1DC0E3D9769C80F01 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
12:44:58.0116 2540  MozillaMaintenance - ok
12:44:58.0123 2540  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio            C:\Windows\system32\drivers\mpio.sys
12:44:58.0124 2540  mpio - ok
12:44:58.0129 2540  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
12:44:58.0130 2540  mpsdrv - ok
12:44:58.0141 2540  [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc          C:\Windows\system32\mpssvc.dll
12:44:58.0147 2540  MpsSvc - ok
12:44:58.0152 2540  [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
12:44:58.0154 2540  MRxDAV - ok
12:44:58.0159 2540  [ B272B4C3E085EA860C12F2E4FAF2FFA2 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
12:44:58.0161 2540  mrxsmb - ok
12:44:58.0169 2540  [ 9AC33EF26C8A3AD0F117D00EB7301D03 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:44:58.0171 2540  mrxsmb10 - ok
12:44:58.0175 2540  [ E0ABDB5ED7E199E242A7D028E76C1D3A ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:44:58.0177 2540  mrxsmb20 - ok
12:44:58.0182 2540  [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci          C:\Windows\system32\drivers\msahci.sys
12:44:58.0183 2540  msahci - ok
12:44:58.0188 2540  [ 55055F8AD8BE27A64C831322A780A228 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
12:44:58.0190 2540  msdsm - ok
12:44:58.0195 2540  [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC           C:\Windows\System32\msdtc.exe
12:44:58.0199 2540  MSDTC - ok
12:44:58.0208 2540  [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs            C:\Windows\system32\drivers\Msfs.sys
12:44:58.0209 2540  Msfs - ok
12:44:58.0214 2540  [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
12:44:58.0215 2540  mshidkmdf - ok
12:44:58.0220 2540  [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
12:44:58.0221 2540  msisadrv - ok
12:44:58.0227 2540  [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
12:44:58.0230 2540  MSiSCSI - ok
12:44:58.0235 2540  msiserver - ok
12:44:58.0241 2540  [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
12:44:58.0242 2540  MSKSSRV - ok
12:44:58.0247 2540  [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
12:44:58.0248 2540  MSPCLOCK - ok
12:44:58.0255 2540  [ F456E973590D663B1073E9C463B40932 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
12:44:58.0256 2540  MSPQM - ok
12:44:58.0263 2540  [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
12:44:58.0265 2540  MsRPC - ok
12:44:58.0278 2540  [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
12:44:58.0279 2540  mssmbios - ok
12:44:58.0285 2540  [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
12:44:58.0285 2540  MSTEE - ok
12:44:58.0293 2540  [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
12:44:58.0294 2540  MTConfig - ok
12:44:58.0299 2540  [ 159FAD02F64E6381758C990F753BCC80 ] Mup             C:\Windows\system32\Drivers\mup.sys
12:44:58.0300 2540  Mup - ok
12:44:58.0308 2540  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent        C:\Windows\system32\qagentRT.dll
12:44:58.0313 2540  napagent - ok
12:44:58.0321 2540  [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
12:44:58.0323 2540  NativeWifiP - ok
12:44:58.0335 2540  [ E7C54812A2AAF43316EB6930C1FFA108 ] NDIS            C:\Windows\system32\drivers\ndis.sys
12:44:58.0339 2540  NDIS - ok
12:44:58.0344 2540  [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
12:44:58.0346 2540  NdisCap - ok
12:44:58.0350 2540  [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
12:44:58.0351 2540  NdisTapi - ok
12:44:58.0357 2540  [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
12:44:58.0358 2540  Ndisuio - ok
12:44:58.0363 2540  [ 38FBE267E7E6983311179230FACB1017 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
12:44:58.0365 2540  NdisWan - ok
12:44:58.0371 2540  [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
12:44:58.0372 2540  NDProxy - ok
12:44:58.0377 2540  [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
12:44:58.0378 2540  NetBIOS - ok
12:44:58.0384 2540  [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
12:44:58.0386 2540  NetBT - ok
12:44:58.0390 2540  [ F42309C4191C506B71DB5D1126D26318 ] Netlogon        C:\Windows\system32\lsass.exe
12:44:58.0393 2540  Netlogon - ok
12:44:58.0401 2540  [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman          C:\Windows\System32\netman.dll
12:44:58.0406 2540  Netman - ok
12:44:58.0410 2540  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
12:44:58.0412 2540  NetMsmqActivator - ok
12:44:58.0416 2540  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
12:44:58.0418 2540  NetPipeActivator - ok
12:44:58.0426 2540  [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm        C:\Windows\System32\netprofm.dll
12:44:58.0431 2540  netprofm - ok
12:44:58.0437 2540  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
12:44:58.0439 2540  NetTcpActivator - ok
12:44:58.0443 2540  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
12:44:58.0444 2540  NetTcpPortSharing - ok
12:44:58.0500 2540  [ 58218EC6B61B1169CF54AAB0D00F5FE2 ] netw5v32        C:\Windows\system32\DRIVERS\netw5v32.sys
12:44:58.0522 2540  netw5v32 - ok
12:44:58.0528 2540  [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
12:44:58.0529 2540  nfrd960 - ok
12:44:58.0536 2540  [ 912084381D30D8B89EC4E293053F4710 ] NlaSvc          C:\Windows\System32\nlasvc.dll
12:44:58.0541 2540  NlaSvc - ok
12:44:58.0546 2540  [ B1EF4686961986DFFB7FE8F18E6FCB5B ] nlsX86cc        C:\Windows\system32\nlssrv32.exe
12:44:58.0549 2540  nlsX86cc - ok
12:44:58.0555 2540  [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
12:44:58.0556 2540  Npfs - ok
12:44:58.0560 2540  [ BA387E955E890C8A88306D9B8D06BF17 ] nsi             C:\Windows\system32\nsisvc.dll
12:44:58.0564 2540  nsi - ok
12:44:58.0568 2540  [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
12:44:58.0569 2540  nsiproxy - ok
12:44:58.0589 2540  [ 33C3093D09017CFE2E219F2472BFF6EB ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
12:44:58.0595 2540  Ntfs - ok
12:44:58.0600 2540  [ F9756A98D69098DCA8945D62858A812C ] Null            C:\Windows\system32\drivers\Null.sys
12:44:58.0601 2540  Null - ok
12:44:58.0608 2540  [ ED53B817E63AFFBA328C2E9632FBF487 ] NVHDA           C:\Windows\system32\drivers\nvhda32v.sys
12:44:58.0609 2540  NVHDA - ok
12:44:58.0708 2540  [ FD5A76AF84FC210CD15548C701243A3F ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
12:44:58.0758 2540  nvlddmkm - ok
12:44:58.0779 2540  [ 1C7C6D7481CABD4EF38A81F5B68F02E8 ] NvNetworkService C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
12:44:58.0786 2540  NvNetworkService - ok
12:44:58.0792 2540  [ AF2EEC9580C1D32FB7EAF105D9784061 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
12:44:58.0794 2540  nvraid - ok
12:44:58.0799 2540  [ 9283C58EBAA2618F93482EB5DABCEC82 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
12:44:58.0801 2540  nvstor - ok
12:44:58.0959 2540  [ 47BE5424331F159AEE96B0EBBBE4ACB3 ] NvStreamSvc     C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
12:44:59.0036 2540  NvStreamSvc - ok
12:44:59.0056 2540  [ 6004D55C0434E15CE98A4CF2A6A4BE94 ] nvsvc           C:\Windows\system32\nvvsvc.exe
12:44:59.0063 2540  nvsvc - ok
12:44:59.0068 2540  [ DAC9726D9C90631D6A1C0ECAA0226021 ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad32v.sys
12:44:59.0069 2540  nvvad_WaveExtensible - ok
12:44:59.0074 2540  [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
12:44:59.0075 2540  nv_agp - ok
12:44:59.0080 2540  [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
12:44:59.0081 2540  ohci1394 - ok
12:44:59.0087 2540  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:44:59.0088 2540  ose - ok
12:44:59.0139 2540  [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
12:44:59.0165 2540  osppsvc - ok
12:44:59.0176 2540  [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
12:44:59.0181 2540  p2pimsvc - ok
12:44:59.0189 2540  [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc          C:\Windows\system32\p2psvc.dll
12:44:59.0194 2540  p2psvc - ok
12:44:59.0199 2540  [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport         C:\Windows\system32\drivers\parport.sys
12:44:59.0200 2540  Parport - ok
12:44:59.0205 2540  [ BF8F6AF06DA75B336F07E23AEF97D93B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
12:44:59.0206 2540  partmgr - ok
12:44:59.0212 2540  [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
12:44:59.0213 2540  Parvdm - ok
12:44:59.0219 2540  [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc          C:\Windows\System32\pcasvc.dll
12:44:59.0224 2540  PcaSvc - ok
12:44:59.0230 2540  [ 673E55C3498EB970088E812EA820AA8F ] pci             C:\Windows\system32\drivers\pci.sys
12:44:59.0231 2540  pci - ok
12:44:59.0235 2540  [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide          C:\Windows\system32\drivers\pciide.sys
12:44:59.0236 2540  pciide - ok
12:44:59.0244 2540  [ F396431B31693E71E8A80687EF523506 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
12:44:59.0246 2540  pcmcia - ok
12:44:59.0250 2540  [ 250F6B43D2B613172035C6747AEEB19F ] pcw             C:\Windows\system32\drivers\pcw.sys
12:44:59.0252 2540  pcw - ok
12:44:59.0262 2540  [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
12:44:59.0266 2540  PEAUTH - ok
12:44:59.0300 2540  [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla             C:\Windows\system32\pla.dll
12:44:59.0312 2540  pla - ok
12:44:59.0320 2540  [ 92DC6E68D2C856C5C2F21AE9E22112B8 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
12:44:59.0326 2540  PlugPlay - ok
12:44:59.0330 2540  [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
12:44:59.0334 2540  PNRPAutoReg - ok
12:44:59.0341 2540  [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
12:44:59.0346 2540  PNRPsvc - ok
12:44:59.0354 2540  [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
12:44:59.0358 2540  PolicyAgent - ok
12:44:59.0366 2540  [ F87D30E72E03D579A5199CCB3831D6EA ] Power           C:\Windows\system32\umpo.dll
12:44:59.0371 2540  Power - ok
12:44:59.0376 2540  [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
12:44:59.0378 2540  PptpMiniport - ok
12:44:59.0382 2540  [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor       C:\Windows\system32\drivers\processr.sys
12:44:59.0384 2540  Processor - ok
12:44:59.0390 2540  [ 43CA4CCC22D52FB58E8988F0198851D0 ] ProfSvc         C:\Windows\system32\profsvc.dll
12:44:59.0394 2540  ProfSvc - ok
12:44:59.0398 2540  [ F42309C4191C506B71DB5D1126D26318 ] ProtectedStorage C:\Windows\system32\lsass.exe
12:44:59.0401 2540  ProtectedStorage - ok
12:44:59.0407 2540  [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
12:44:59.0408 2540  Psched - ok
12:44:59.0413 2540  [ 053A608BCFEB5A4D0CECDDA703B08C83 ] PxHelp20        C:\Windows\system32\Drivers\PxHelp20.sys
12:44:59.0414 2540  PxHelp20 - ok
12:44:59.0432 2540  [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
12:44:59.0441 2540  ql2300 - ok
12:44:59.0449 2540  [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
12:44:59.0451 2540  ql40xx - ok
12:44:59.0458 2540  [ 31AC809E7707EB580B2BDB760390765A ] QWAVE           C:\Windows\system32\qwave.dll
12:44:59.0463 2540  QWAVE - ok
12:44:59.0468 2540  [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
12:44:59.0469 2540  QWAVEdrv - ok
12:44:59.0475 2540  [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
12:44:59.0476 2540  RasAcd - ok
12:44:59.0480 2540  [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
12:44:59.0481 2540  RasAgileVpn - ok
12:44:59.0487 2540  [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto         C:\Windows\System32\rasauto.dll
12:44:59.0491 2540  RasAuto - ok
12:44:59.0498 2540  [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
12:44:59.0499 2540  Rasl2tp - ok
12:44:59.0509 2540  [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan          C:\Windows\System32\rasmans.dll
12:44:59.0514 2540  RasMan - ok
12:44:59.0519 2540  [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
12:44:59.0520 2540  RasPppoe - ok
12:44:59.0526 2540  [ 44101F495A83EA6401D886E7FD70096B ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
12:44:59.0527 2540  RasSstp - ok
12:44:59.0533 2540  [ D528BC58A489409BA40334EBF96A311B ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
12:44:59.0535 2540  rdbss - ok
12:44:59.0541 2540  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
12:44:59.0542 2540  rdpbus - ok
12:44:59.0546 2540  [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
12:44:59.0547 2540  RDPCDD - ok
12:44:59.0554 2540  [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
12:44:59.0555 2540  RDPENCDD - ok
12:44:59.0562 2540  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
12:44:59.0563 2540  RDPREFMP - ok
12:44:59.0569 2540  [ 288B06960D78428FF89E811632684E20 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
12:44:59.0571 2540  RDPWD - ok
12:44:59.0580 2540  [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
12:44:59.0581 2540  rdyboost - ok
12:44:59.0586 2540  [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess    C:\Windows\System32\mprdim.dll
12:44:59.0590 2540  RemoteAccess - ok
12:44:59.0595 2540  [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
12:44:59.0599 2540  RemoteRegistry - ok
12:44:59.0606 2540  [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
12:44:59.0608 2540  RFCOMM - ok
12:44:59.0612 2540  [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
12:44:59.0617 2540  RpcEptMapper - ok
12:44:59.0624 2540  [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator      C:\Windows\system32\locator.exe
12:44:59.0627 2540  RpcLocator - ok
12:44:59.0634 2540  [ 50479DCEB042A89BD442C7F2AA50BFBC ] RpcSs           C:\Windows\system32\rpcss.dll
12:44:59.0641 2540  RpcSs - ok
12:44:59.0646 2540  [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
12:44:59.0647 2540  rspndr - ok
12:44:59.0654 2540  [ 7DFD48E24479B68B258D8770121155A0 ] RTL8167         C:\Windows\system32\DRIVERS\Rt86win7.sys
12:44:59.0656 2540  RTL8167 - ok
12:44:59.0660 2540  [ F42309C4191C506B71DB5D1126D26318 ] SamSs           C:\Windows\system32\lsass.exe
12:44:59.0663 2540  SamSs - ok
12:44:59.0668 2540  [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
12:44:59.0669 2540  sbp2port - ok
12:44:59.0676 2540  [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
12:44:59.0681 2540  SCardSvr - ok
12:44:59.0687 2540  [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
12:44:59.0688 2540  scfilter - ok
12:44:59.0701 2540  [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule        C:\Windows\system32\schedsvc.dll
12:44:59.0709 2540  Schedule - ok
12:44:59.0714 2540  [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc     C:\Windows\System32\certprop.dll
12:44:59.0715 2540  SCPolicySvc - ok
12:44:59.0719 2540  [ A689D522EEDF89401E1DA2FE883AA7EC ] SCREAMINGBDRIVER C:\Windows\system32\drivers\ScreamingBAudio.sys
12:44:59.0721 2540  SCREAMINGBDRIVER - ok
12:44:59.0726 2540  [ 0328BE1C7F1CBA23848179F8762E391C ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
12:44:59.0728 2540  sdbus - ok
12:44:59.0733 2540  [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
12:44:59.0738 2540  SDRSVC - ok
12:44:59.0742 2540  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
12:44:59.0744 2540  secdrv - ok
12:44:59.0748 2540  [ A59B3A4442C52060CC7A85293AA3546F ] seclogon        C:\Windows\system32\seclogon.dll
12:44:59.0752 2540  seclogon - ok
12:44:59.0760 2540  [ DCB7FCDCC97F87360F75D77425B81737 ] SENS            C:\Windows\System32\sens.dll
12:44:59.0764 2540  SENS - ok
12:44:59.0769 2540  [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc        C:\Windows\system32\sensrsvc.dll
12:44:59.0773 2540  SensrSvc - ok
12:44:59.0777 2540  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum         C:\Windows\system32\drivers\serenum.sys
12:44:59.0778 2540  Serenum - ok
12:44:59.0783 2540  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial          C:\Windows\system32\drivers\serial.sys
12:44:59.0785 2540  Serial - ok
12:44:59.0790 2540  [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
12:44:59.0791 2540  sermouse - ok
12:44:59.0803 2540  [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv      C:\Windows\system32\sessenv.dll
12:44:59.0808 2540  SessionEnv - ok
12:44:59.0812 2540  [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk         C:\Windows\system32\DRIVERS\sffdisk.sys
12:44:59.0813 2540  sffdisk - ok
12:44:59.0817 2540  [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
12:44:59.0818 2540  sffp_mmc - ok
12:44:59.0823 2540  [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd         C:\Windows\system32\DRIVERS\sffp_sd.sys
12:44:59.0824 2540  sffp_sd - ok
12:44:59.0829 2540  [ DB96666CC8312EBC45032F30B007A547 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
12:44:59.0830 2540  sfloppy - ok
12:44:59.0839 2540  [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
12:44:59.0842 2540  SharedAccess - ok
12:44:59.0850 2540  [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:44:59.0856 2540  ShellHWDetection - ok
12:44:59.0861 2540  [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp          C:\Windows\system32\drivers\sisagp.sys
12:44:59.0862 2540  sisagp - ok
12:44:59.0867 2540  [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
12:44:59.0868 2540  SiSRaid2 - ok
12:44:59.0873 2540  [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
12:44:59.0875 2540  SiSRaid4 - ok
12:44:59.0912 2540  [ 9F712B26EE3B0242DE997A42FD302E2C ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
12:44:59.0929 2540  Skype C2C Service - ok
12:44:59.0935 2540  [ 50D9949020E02B847CD48F1243FCB895 ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
12:44:59.0937 2540  SkypeUpdate - ok
12:44:59.0942 2540  [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb             C:\Windows\system32\DRIVERS\smb.sys
12:44:59.0944 2540  Smb - ok
12:44:59.0953 2540  [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
12:44:59.0957 2540  SNMPTRAP - ok
12:44:59.0962 2540  [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr           C:\Windows\system32\drivers\spldr.sys
12:44:59.0963 2540  spldr - ok
12:44:59.0970 2540  [ 866A43013535DC8587C258E43579C764 ] Spooler         C:\Windows\System32\spoolsv.exe
12:44:59.0976 2540  Spooler - ok
12:45:00.0014 2540  [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc          C:\Windows\system32\sppsvc.exe
12:45:00.0034 2540  sppsvc - ok
12:45:00.0040 2540  [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
12:45:00.0044 2540  sppuinotify - ok
12:45:00.0051 2540  [ 112127C3B2E64D7680CC39CD0A39DD7E ] srv             C:\Windows\system32\DRIVERS\srv.sys
12:45:00.0053 2540  srv - ok
12:45:00.0062 2540  [ E5DD784A4EE5EBC72A86C677C988FCDB ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
12:45:00.0064 2540  srv2 - ok
12:45:00.0069 2540  [ CDBE627E16CC9E98F343D73F8E81D258 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
12:45:00.0071 2540  srvnet - ok
12:45:00.0077 2540  [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
12:45:00.0082 2540  SSDPSRV - ok
12:45:00.0088 2540  [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
12:45:00.0093 2540  SstpSvc - ok
12:45:00.0107 2540  [ 69ED80A440E5AE12D04135494128934F ] STacSV          C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_b8cef5f1d6fff385\STacSV.exe
12:45:00.0108 2540  STacSV - ok
12:45:00.0118 2540  [ A87A39F9B42D82F5D60D36BB1D3CC9D3 ] Steam Client Service C:\Program Files\Common Files\Steam\SteamService.exe
12:45:00.0121 2540  Steam Client Service - ok
12:45:00.0127 2540  [ DB32D325C192B801DF274BFD12A7E72B ] stexstor        C:\Windows\system32\drivers\stexstor.sys
12:45:00.0128 2540  stexstor - ok
12:45:00.0136 2540  [ 9750ADF4DE24C096355E717802B52484 ] STHDA           C:\Windows\system32\DRIVERS\stwrt.sys
12:45:00.0139 2540  STHDA - ok
12:45:00.0144 2540  [ EDB05BD63148796F23EA78506404A538 ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
12:45:00.0145 2540  StillCam - ok
12:45:00.0154 2540  [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc          C:\Windows\System32\wiaservc.dll
12:45:00.0161 2540  StiSvc - ok
12:45:00.0165 2540  [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
12:45:00.0167 2540  swenum - ok
12:45:00.0176 2540  [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard     C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
12:45:00.0179 2540  SwitchBoard - ok
12:45:00.0188 2540  [ A28BD92DF340E57B024BA433165D34D7 ] swprv           C:\Windows\System32\swprv.dll
12:45:00.0194 2540  swprv - ok
12:45:00.0201 2540  [ BF7AA84D5AF0FAA0978C840E63B17DBF ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
12:45:00.0202 2540  SynTP - ok
12:45:00.0218 2540  [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain         C:\Windows\system32\sysmain.dll
12:45:00.0229 2540  SysMain - ok
12:45:00.0234 2540  [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:45:00.0239 2540  TabletInputService - ok
12:45:00.0246 2540  [ 613BF4820361543956909043A265C6AC ] TapiSrv         C:\Windows\System32\tapisrv.dll
12:45:00.0251 2540  TapiSrv - ok
12:45:00.0256 2540  [ B799D9FDB26111737F58288D8DC172D9 ] TBS             C:\Windows\System32\tbssvc.dll
12:45:00.0261 2540  TBS - ok
12:45:00.0281 2540  [ 37E8FA3779668837CA9E2C36D2415949 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
12:45:00.0289 2540  Tcpip - ok
12:45:00.0308 2540  [ 37E8FA3779668837CA9E2C36D2415949 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
12:45:00.0315 2540  TCPIP6 - ok
12:45:00.0322 2540  [ CCA24162E055C3714CE5A88B100C64ED ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
12:45:00.0324 2540  tcpipreg - ok
12:45:00.0330 2540  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
12:45:00.0332 2540  TDPIPE - ok
12:45:00.0337 2540  [ 2C10395BAA4847F83042813C515CC289 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
12:45:00.0338 2540  TDTCP - ok
12:45:00.0344 2540  [ B459575348C20E8121D6039DA063C704 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
12:45:00.0346 2540  tdx - ok
12:45:00.0351 2540  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
12:45:00.0352 2540  TermDD - ok
12:45:00.0362 2540  [ 382C804C92811BE57829D8E550A900E2 ] TermService     C:\Windows\System32\termsrv.dll
12:45:00.0369 2540  TermService - ok
12:45:00.0374 2540  [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes          C:\Windows\system32\themeservice.dll
12:45:00.0379 2540  Themes - ok
12:45:00.0383 2540  [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER     C:\Windows\system32\mmcss.dll
12:45:00.0387 2540  THREADORDER - ok
12:45:00.0392 2540  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks          C:\Windows\System32\trkwks.dll
12:45:00.0397 2540  TrkWks - ok
12:45:00.0402 2540  [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:45:00.0404 2540  TrustedInstaller - ok
12:45:00.0411 2540  [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
12:45:00.0413 2540  tssecsrv - ok
12:45:00.0417 2540  [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
12:45:00.0418 2540  TsUsbFlt - ok
12:45:00.0423 2540  [ 01246F0BAAD7B68EC0F472AA41E33282 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
12:45:00.0424 2540  TsUsbGD - ok
12:45:00.0429 2540  [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
12:45:00.0431 2540  tunnel - ok
12:45:00.0436 2540  [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35          C:\Windows\system32\drivers\uagp35.sys
12:45:00.0437 2540  uagp35 - ok
12:45:00.0445 2540  [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
12:45:00.0447 2540  udfs - ok
12:45:00.0456 2540  [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
12:45:00.0461 2540  UI0Detect - ok
12:45:00.0465 2540  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
12:45:00.0467 2540  uliagpkx - ok
12:45:00.0471 2540  [ D295BED4B898F0FD999FCFA9B32B071B ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
12:45:00.0472 2540  umbus - ok
12:45:00.0481 2540  [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass          C:\Windows\system32\drivers\umpass.sys
12:45:00.0482 2540  UmPass - ok
12:45:00.0494 2540  [ 833FBB672460EFCE8011D262175FAD33 ] upnphost        C:\Windows\System32\upnphost.dll
12:45:00.0500 2540  upnphost - ok
12:45:00.0509 2540  [ 6E421CCC57059B0186C6259CA3B6DFC9 ] USBAAPL         C:\Windows\system32\Drivers\usbaapl.sys
12:45:00.0510 2540  USBAAPL - ok
12:45:00.0519 2540  [ 7E72E7D7E0757D59481D530FD2B0BFAE ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
12:45:00.0520 2540  usbccgp - ok
12:45:00.0526 2540  [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
12:45:00.0527 2540  usbcir - ok
12:45:00.0532 2540  [ CFBCE999C057D78979A181C9C60F208E ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
12:45:00.0533 2540  usbehci - ok
12:45:00.0540 2540  [ 9D22AAD9AC6A07C691A1113E5F860868 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
12:45:00.0542 2540  usbhub - ok
12:45:00.0547 2540  [ A6FB7957EA7AFB1165991E54CE934B74 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
12:45:00.0548 2540  usbohci - ok
12:45:00.0553 2540  [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint        C:\Windows\system32\drivers\usbprint.sys
12:45:00.0554 2540  usbprint - ok
12:45:00.0560 2540  [ BF63EBFC6979FEFB2BC03DF7989A0C1A ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:45:00.0561 2540  USBSTOR - ok
12:45:00.0565 2540  [ 78780C3EBCE17405B1CCD07A3A8A7D72 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
12:45:00.0566 2540  usbuhci - ok
12:45:00.0573 2540  [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
12:45:00.0575 2540  usbvideo - ok
12:45:00.0580 2540  [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms           C:\Windows\System32\uxsms.dll
12:45:00.0585 2540  UxSms - ok
12:45:00.0590 2540  [ F42309C4191C506B71DB5D1126D26318 ] VaultSvc        C:\Windows\system32\lsass.exe
12:45:00.0593 2540  VaultSvc - ok
12:45:00.0598 2540  [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
12:45:00.0599 2540  vdrvroot - ok
12:45:00.0608 2540  [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds             C:\Windows\System32\vds.exe
12:45:00.0616 2540  vds - ok
12:45:00.0626 2540  [ 17C408214EA61696CEC9C66E388B14F3 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
12:45:00.0627 2540  vga - ok
12:45:00.0633 2540  [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave         C:\Windows\System32\drivers\vga.sys
12:45:00.0634 2540  VgaSave - ok
12:45:00.0641 2540  [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
12:45:00.0642 2540  vhdmp - ok
12:45:00.0647 2540  [ C829317A37B4BEA8F39735D4B076E923 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
12:45:00.0648 2540  viaagp - ok
12:45:00.0654 2540  [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7           C:\Windows\system32\drivers\viac7.sys
12:45:00.0656 2540  ViaC7 - ok
12:45:00.0664 2540  [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide          C:\Windows\system32\drivers\viaide.sys
12:45:00.0665 2540  viaide - ok
12:45:00.0670 2540  [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
12:45:00.0671 2540  volmgr - ok
12:45:00.0679 2540  [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
12:45:00.0682 2540  volmgrx - ok
12:45:00.0688 2540  [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
12:45:00.0690 2540  volsnap - ok
12:45:00.0697 2540  [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
12:45:00.0699 2540  vsmraid - ok
12:45:00.0714 2540  [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS             C:\Windows\system32\vssvc.exe
12:45:00.0724 2540  VSS - ok
12:45:00.0730 2540  [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
12:45:00.0732 2540  vwifibus - ok
12:45:00.0742 2540  [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time         C:\Windows\system32\w32time.dll
12:45:00.0748 2540  W32Time - ok
12:45:00.0755 2540  [ DE3721E89C653AA281428C8A69745D90 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
12:45:00.0756 2540  WacomPen - ok
12:45:00.0762 2540  [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
12:45:00.0764 2540  WANARP - ok
12:45:00.0767 2540  [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
12:45:00.0769 2540  Wanarpv6 - ok
12:45:00.0785 2540  [ 691E3285E53DCA558E1A84667F13E15A ] wbengine        C:\Windows\system32\wbengine.exe
12:45:00.0796 2540  wbengine - ok
12:45:00.0802 2540  [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
12:45:00.0808 2540  WbioSrvc - ok
12:45:00.0815 2540  [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc         C:\Windows\System32\wcncsvc.dll
12:45:00.0821 2540  wcncsvc - ok
12:45:00.0826 2540  [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:45:00.0831 2540  WcsPlugInService - ok
12:45:00.0835 2540  [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd              C:\Windows\system32\drivers\wd.sys
12:45:00.0836 2540  Wd - ok
12:45:00.0845 2540  [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
12:45:00.0848 2540  Wdf01000 - ok
12:45:00.0853 2540  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
12:45:00.0859 2540  WdiServiceHost - ok
12:45:00.0863 2540  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
12:45:00.0868 2540  WdiSystemHost - ok
12:45:00.0874 2540  [ A9D880F97530D5B8FEE278923349929D ] WebClient       C:\Windows\System32\webclnt.dll
12:45:00.0880 2540  WebClient - ok
12:45:00.0885 2540  [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc          C:\Windows\system32\wecsvc.dll
12:45:00.0891 2540  Wecsvc - ok
12:45:00.0899 2540  [ AC804569BB2364FB6017370258A4091B ] wercplsupport   C:\Windows\System32\wercplsupport.dll
12:45:00.0904 2540  wercplsupport - ok
12:45:00.0921 2540  [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc          C:\Windows\System32\WerSvc.dll
12:45:00.0926 2540  WerSvc - ok
12:45:00.0930 2540  [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
12:45:00.0932 2540  WfpLwf - ok
12:45:00.0936 2540  [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
12:45:00.0937 2540  WIMMount - ok
12:45:00.0948 2540  [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
12:45:00.0952 2540  WinDefend - ok
12:45:00.0961 2540  WinHttpAutoProxySvc - ok
12:45:00.0971 2540  [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
12:45:00.0973 2540  Winmgmt - ok
12:45:00.0990 2540  [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM           C:\Windows\system32\WsmSvc.dll
12:45:01.0001 2540  WinRM - ok
12:45:01.0010 2540  [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
12:45:01.0012 2540  WinUsb - ok
12:45:01.0024 2540  [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc         C:\Windows\System32\wlansvc.dll
12:45:01.0034 2540  Wlansvc - ok
12:45:01.0055 2540  [ 5E7C103F8475C4289847D15E129C20F7 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
12:45:01.0064 2540  wlidsvc - ok
12:45:01.0069 2540  [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
12:45:01.0070 2540  WmiAcpi - ok
12:45:01.0078 2540  [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
12:45:01.0080 2540  wmiApSrv - ok
12:45:01.0095 2540  [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
12:45:01.0101 2540  WMPNetworkSvc - ok
12:45:01.0106 2540  [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc          C:\Windows\System32\wpcsvc.dll
12:45:01.0112 2540  WPCSvc - ok
12:45:01.0116 2540  [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
12:45:01.0122 2540  WPDBusEnum - ok
12:45:01.0126 2540  [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
12:45:01.0127 2540  ws2ifsl - ok
12:45:01.0133 2540  [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc          C:\Windows\System32\wscsvc.dll
12:45:01.0138 2540  wscsvc - ok
12:45:01.0142 2540  WSearch - ok
12:45:01.0170 2540  [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv        C:\Windows\system32\wuaueng.dll
12:45:01.0185 2540  wuauserv - ok
12:45:01.0193 2540  [ E714A1C0354636837E20CCBF00888EE7 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
12:45:01.0194 2540  WudfPf - ok
12:45:01.0200 2540  [ 1023EE888C9B47178C5293ED5336AB69 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
12:45:01.0201 2540  WUDFRd - ok
12:45:01.0206 2540  [ 8D1E1E529A2C9E9B6A85B55A345F7629 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
12:45:01.0212 2540  wudfsvc - ok
12:45:01.0218 2540  [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc         C:\Windows\System32\wwansvc.dll
12:45:01.0224 2540  WwanSvc - ok
12:45:01.0234 2540  ================ Scan global ===============================
12:45:01.0238 2540  [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
12:45:01.0244 2540  [ A9F564F254E9DDDE120A7135767EC24B ] C:\Windows\system32\winsrv.dll
12:45:01.0255 2540  [ A9F564F254E9DDDE120A7135767EC24B ] C:\Windows\system32\winsrv.dll
12:45:01.0266 2540  [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
12:45:01.0275 2540  [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
12:45:01.0280 2540  [Global] - ok
12:45:01.0281 2540  ================ Scan MBR ==================================
12:45:01.0283 2540  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
12:45:01.0338 2540  \Device\Harddisk0\DR0 - ok
12:45:01.0339 2540  ================ Scan VBR ==================================
12:45:01.0341 2540  [ E6E15BC6F44339185C84F863BBE6ED44 ] \Device\Harddisk0\DR0\Partition1
12:45:01.0343 2540  \Device\Harddisk0\DR0\Partition1 - ok
12:45:01.0344 2540  ============================================================
12:45:01.0344 2540  Scan finished
12:45:01.0344 2540  ============================================================
12:45:01.0355 1724  Detected object count: 0
12:45:01.0355 1724  Actual detected object count: 0
12:45:03.0130 2456  Deinitialize success
 

 

Here are the logs for AdwCleaner:

# AdwCleaner v3.016 - Report created 06/01/2014 at 12:45:35
# Updated 23/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : Link - LINK-PC
# Running from : C:\Users\Link\Desktop\AdwCleaner.exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
File Found : C:\Users\Link\AppData\Local\Temp\Uninstall.exe
File Found : C:\Windows\System32\Tasks\NCH Software
Folder Found C:\Program Files\NCH Software
Folder Found C:\ProgramData\NCH Software
Folder Found C:\Users\Link\AppData\Roaming\NCH Software
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKCU\Software\NCH Software
Key Found : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\Software\Conduit
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C1399FDF-C5E6-4840-B978-9B64FDF3ACFB}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
Key Found : HKLM\Software\NCH Software
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v8.0.7601.17514
 
 
-\\ Mozilla Firefox v26.0 (en-US)
 
[ File : C:\Users\Link\AppData\Roaming\Mozilla\Firefox\Profiles\rfwepbke.default\prefs.js ]
 
 
-\\ Google Chrome v31.0.1650.63
 
[ File : C:\Users\Link\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [2982 octets] - [06/01/2014 12:45:35]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [3042 octets] ##########


#4 jeffce

jeffce

    Bleepin' Super Saiyan


  • Malware Response Team
  • 3,442 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:06:15 PM

Posted 06 January 2014 - 12:59 PM

ComboFix

Download Combofix from either of the links below, and save it to your desktop.  
Link 1
Link 2

**Note:  It is important that it is saved directly to your desktop**
If you get a message saying "Illegal operation attempted on a registry key that has been marked for deletion", please restart your computer.



--------------------------------------------------------------------

IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here

--------------------------------------------------------------------

Right-Click and Run as Administrator on ComboFix.exe & follow the prompts.

  • When finished, it will produce a report for you.
  • Please post the C:\ComboFix.txt for further review.

WFxJwA4.png
 
mvp_horizontal_fullcolor-(copy2).jpeg
 


#5 Wii8461

Wii8461
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:06:15 PM

Posted 06 January 2014 - 03:14 PM

ComboFix Report:

 

ComboFix 14-01-04.03 - Link 01/06/2014  15:02:27.1.2 - x86

Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.3069.1624 [GMT -5:00]
Running from: c:\users\Link\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Created a new restore point
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Link\AppData\Local\assembly\tmp
c:\users\Link\AppData\Local\Microsoft\Windows\Temporary Internet Files\{EE84AAF9-BDB2-4BB3-BBEF-0CD218439D4E}.xps
c:\windows\system32\sysprep\cryptbase.dll
.
.
(((((((((((((((((((((((((   Files Created from 2013-12-06 to 2014-01-06  )))))))))))))))))))))))))))))))
.
.
2014-01-06 20:09 . 2014-01-06 20:09 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-01-06 17:45 . 2014-01-06 17:46 -------- d-----w- C:\AdwCleaner
2014-01-05 22:27 . 2014-01-05 22:27 -------- d-----w- c:\program files\Echobit
2014-01-05 22:27 . 2014-01-05 22:27 -------- d-----w- c:\programdata\Echobit
2014-01-05 22:27 . 2014-01-05 22:27 -------- d-----w- c:\users\Link\AppData\Local\Echobit
2014-01-05 18:19 . 2014-01-05 18:19 -------- d-----w- c:\users\Link\AppData\Roaming\Malwarebytes
2014-01-05 18:18 . 2014-01-05 18:18 -------- d-----w- c:\programdata\Malwarebytes
2014-01-05 18:18 . 2013-04-04 19:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-01-05 18:18 . 2014-01-05 18:18 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-12-26 23:34 . 2013-12-26 23:34 -------- d-----w- c:\program files\Mozilla Maintenance Service
2013-12-26 05:02 . 2012-11-12 08:49 32240 ----a-w- c:\windows\system32\drivers\ElgatoGC658.sys
2013-12-26 05:02 . 2013-12-26 05:02 -------- d-----w- c:\users\Link\AppData\Roaming\Elgato
2013-12-26 05:01 . 2013-12-26 05:02 -------- d-----w- c:\program files\Elgato
2013-12-18 13:10 . 2013-12-05 08:42 34080 ----a-w- c:\windows\system32\drivers\nvvad32v.sys
2013-12-08 23:10 . 2013-12-08 23:10 -------- d-----w- c:\users\Link\AppData\Roaming\AVAST Software
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-12-10 02:13 . 2013-10-29 13:16 982232 ----a-w- c:\windows\system32\nvspcap.dll
2013-12-08 18:16 . 2013-06-24 23:05 57672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-12-08 18:16 . 2013-06-24 23:05 79720 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-12-08 18:16 . 2013-06-24 23:05 403440 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-12-08 18:16 . 2013-06-24 23:05 35656 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-12-08 18:16 . 2013-06-24 23:05 774392 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-12-08 18:16 . 2013-06-24 23:05 70384 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-12-08 18:16 . 2013-06-24 23:05 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-12-08 18:16 . 2013-06-24 23:05 269216 ----a-w- c:\windows\system32\aswBoot.exe
2013-12-08 18:16 . 2013-06-24 23:05 178304 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-12-08 18:16 . 2013-06-24 23:05 43152 ----a-w- c:\windows\avastSS.scr
2013-12-05 08:42 . 2013-08-03 17:58 32544 ----a-w- c:\windows\system32\nvaudcap32v.dll
2013-12-03 14:19 . 2013-12-03 14:19 82432 ----a-w- c:\windows\system32\msxml4r.dll
2013-12-03 14:19 . 2013-12-03 14:19 1275392 ----a-w- c:\windows\system32\msxml4.dll
2013-10-30 13:32 . 2013-10-30 13:32 40960 ----a-r- c:\users\Link\AppData\Roaming\Microsoft\Installer\{9559F7CA-5E34-4237-A2D9-D856464AD727}\NewShortcut1_9559F7CA5E344237A2D9D856464AD727.exe
2013-10-30 13:32 . 2013-10-30 13:32 40960 ----a-r- c:\users\Link\AppData\Roaming\Microsoft\Installer\{9559F7CA-5E34-4237-A2D9-D856464AD727}\ARPPRODUCTICON.exe
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2010-11-20 . 50479DCEB042A89BD442C7F2AA50BFBC . 377344 . . [6.1.7601.17514] . . c:\windows\System32\rpcss.dll
[7] 2010-11-20 . 7660F01D3B38ACA1747E397D21D790AF . 376832 . . [6.1.7601.17514] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.1.7601.17514_none_6bd245e79c221747\rpcss.dll
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-12-08 18:16 321752 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EvolveClient"="c:\program files\Echobit\Evolve\EvolveClient.exe" [2014-01-05 3216800]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2009-05-26 450652]
"Nvtmru"="c:\program files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-11-08 1028384]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-01-18 1033512]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]
"SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS6ServiceManager"="c:\program files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-22 59720]
"ShadowPlay"="c:\windows\system32\nvspcap.dll" [2013-12-10 982232]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2013-11-02 152392]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2013-12-08 3568312]
"NvBackend"="c:\program files\NVIDIA Corporation\Update Core\NvBackend.exe" [2013-12-10 2279712]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-9-4 795936]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2013-05-11 10:37 958576 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2013-04-22 04:43 59720 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Deskjet 3510 series (NET)]
2012-10-17 08:05 1837672 ----a-w- c:\program files\HP\HP Deskjet 3510 series\Bin\ScanToPCActivationApp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2013-11-02 05:29 152392 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl.exe]
2009-11-24 18:07 323640 ----a-w- c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2013-12-11 19:40 1823656 ----a-w- c:\program files\Steam\Steam.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2013-07-02 13:16 254336 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-10-09 3275136]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2013-10-23 172192]
R3 BITCOMET_HELPER_SERVICE;BitComet Disk Boost Service;c:\program files\BitComet\tools\BitCometService.exe [2010-12-28 1296728]
R3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408]
R3 ElgatoGC658Y;Elgato Game Capture;c:\windows\system32\Drivers\ElgatoGC658.sys [2012-11-12 32240]
R3 EvoSvc;Evolve Service;c:\program files\Echobit\Evolve\EvoSvc.exe [2014-01-05 1579424]
R3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2008-07-21 100184]
R3 SwitchBoard;Adobe SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2013-12-08 774392]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2013-12-08 403440]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_b8cef5f1d6fff385\aestsrv.exe [2009-05-26 81920]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2013-12-08 35656]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-12-08 70384]
S2 nlsX86cc;Nalpeiron Licensing Service;c:\windows\system32\nlssrv32.exe [2012-12-21 66560]
S2 NvNetworkService;NVIDIA Network Service;c:\program files\NVIDIA Corporation\NetService\NvNetworkService.exe [2013-12-10 1494304]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-12-10 14658848]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-09-17 29472]
S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [2008-04-28 54784]
S3 ManyCam;ManyCam Virtual Webcam;c:\windows\system32\DRIVERS\mcvidrv.sys [2012-10-11 34432]
S3 mcaudrv_simple;ManyCam Virtual Microphone;c:\windows\system32\drivers\mcaudrv.sys [2013-01-31 22656]
S3 netw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad32v.sys [2013-12-05 34080]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-07-13 139776]
S3 SCREAMINGBDRIVER;Screaming Bee Audio;c:\windows\system32\drivers\ScreamingBAudio.sys [2010-07-01 34896]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-12-05 14:36 1210320 ----a-w- c:\program files\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-01-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-06-24 23:16]
.
2014-01-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-06-24 23:16]
.
.
------- Supplementary Scan -------
.
IE: &D&ownload &with BitComet - c:\program files\BitComet\BitComet.exe/AddLink.htm
IE: &D&ownload all with BitComet - c:\program files\BitComet\BitComet.exe/AddAllLink.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 65.32.5.111 65.32.5.112
FF - ProfilePath - c:\users\Link\AppData\Roaming\Mozilla\Firefox\Profiles\rfwepbke.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.youtube.com/
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=586383&p=
.
- - - - ORPHANS REMOVED - - - -
.
HKCU-Run-AdobeBridge - (no file)
MSConfigStartUp-SearchProtection - c:\users\Link\AppData\Roaming\Search Protection\SearchProtection.EXE
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2014-01-06  15:10:54
ComboFix-quarantined-files.txt  2014-01-06 20:10
.
Pre-Run: 44,115,009,536 bytes free
Post-Run: 46,639,923,200 bytes free
.
- - End Of File - - 43B7499F7954A3EE446243B4B802D1A5
A36C5E4F47E84449FF07ED3517B43A31


#6 jeffce

jeffce

    Bleepin' Super Saiyan


  • Malware Response Team
  • 3,442 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:06:15 PM

Posted 06 January 2014 - 03:49 PM

Hi,
 
81mYIKe.jpg  AdwCleaner

Please download AdwCleaner by Xplode and save to your Desktop.

  • Double click on AdwCleaner.exe to run the tool
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

----------
 
Post the new log and let me know how your system is running.  :)


WFxJwA4.png
 
mvp_horizontal_fullcolor-(copy2).jpeg
 


#7 Wii8461

Wii8461
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:06:15 PM

Posted 07 January 2014 - 09:15 AM

AdwCleaner Log:

 

# AdwCleaner v3.016 - Report created 07/01/2014 at 09:09:27
# Updated 23/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : Link - LINK-PC
# Running from : C:\Users\Link\Desktop\AdwCleaner.exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
File Found : C:\Windows\System32\Tasks\NCH Software
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v8.0.7601.17514
 
 
-\\ Mozilla Firefox v26.0 (en-US)
 
[ File : C:\Users\Link\AppData\Roaming\Mozilla\Firefox\Profiles\rfwepbke.default\prefs.js ]
 
 
-\\ Google Chrome v31.0.1650.63
 
[ File : C:\Users\Link\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [3122 octets] - [06/01/2014 12:45:35]
AdwCleaner[R3].txt - [864 octets] - [07/01/2014 09:09:27]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R3].txt - [923 octets] ##########


#8 jeffce

jeffce

    Bleepin' Super Saiyan


  • Malware Response Team
  • 3,442 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:06:15 PM

Posted 07 January 2014 - 10:11 AM

and let me know how your system is running.

 

:)


WFxJwA4.png
 
mvp_horizontal_fullcolor-(copy2).jpeg
 


#9 Wii8461

Wii8461
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:06:15 PM

Posted 07 January 2014 - 10:31 AM

My system is running okay, but when I reactivated my Avast it still says it is blocking something.



#10 jeffce

jeffce

    Bleepin' Super Saiyan


  • Malware Response Team
  • 3,442 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:06:15 PM

Posted 07 January 2014 - 10:39 AM

but when I reactivated my Avast it still says it is blocking something.

Is that when you are online or just happens on its own?
 
GUZVCQN.jpgMalwarebytes

Please open Malwarebytes, update it and then run a Full Scan.  Save the log that is created for your next reply.
----------
 
ESET Online Scanner

Go here to run an online scannner from ESET. Windows Vista/Windows 7 users will need to right click on their Internet Explorer shortcut, and select Run as Administrator

  • Note: For browsers other than Internet Explorer, you will be prompted to download and install esetsmartinstaller_enu.exe. Click on the link and save the file to a convenient location. Double click on it to install and a new window will open. Follow the prompts.
  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activex control to install
  • Click Start
  • Make sure that the option Remove found threats is unticked and the Scan Archives option is ticked.
  • Click on Advanced Settings, ensure the options Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.
  • Click Scan
  • Wait for the scan to finish
  • When the scan is done, if it shows a screen that says "Threats found!", then click "List of found threats", and then click "Export to text file..."
  • Save that text file on your desktop. Copy and paste the contents of that log as a reply to this topic.
  • Close the ESET online scan, and let me know how things are now.

----------


WFxJwA4.png
 
mvp_horizontal_fullcolor-(copy2).jpeg
 


#11 Wii8461

Wii8461
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:06:15 PM

Posted 08 January 2014 - 10:39 AM

 

 

Is that when you are online or just happens on its own?

It happens when I'm both online and offline.

 

--------

 

Malwarebytes Log:

 

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
 
Database version: v2014.01.08.04
 
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 8.0.7601.17514
Link :: LINK-PC [administrator]
 
1/8/2014 8:26:45 AM
MBAM-log-2014-01-08 (09-11-18).txt
 
Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 563805
Time elapsed: 43 minute(s), 15 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 10
C:\Program Files\Adobe\Adobe Audition CS6\amtlib.dll (PUP.RiskwareTool.CK) -> No action taken.
C:\Program Files\Adobe\Adobe Bridge CS6\AMTLib.dll (PUP.RiskwareTool.CK) -> No action taken.
C:\Program Files\Adobe\Adobe Dreamweaver CS6\amtlib.dll (PUP.RiskwareTool.CK) -> No action taken.
C:\Program Files\Adobe\Adobe Fireworks CS6\amtlib.dll (PUP.RiskwareTool.CK) -> No action taken.
C:\Program Files\Adobe\Adobe Flash CS6\amtlib.dll (PUP.RiskwareTool.CK) -> No action taken.
C:\Program Files\Adobe\Adobe Illustrator CS6\Support Files\Contents\Windows\amtlib.dll (PUP.RiskwareTool.CK) -> No action taken.
C:\Program Files\Adobe\Adobe InDesign CS6\amtlib.dll (PUP.RiskwareTool.CK) -> No action taken.
C:\Program Files\Adobe\Adobe Media Encoder CS6\amtlib.dll (PUP.RiskwareTool.CK) -> No action taken.
C:\Program Files\Adobe\Adobe Photoshop CS6\amtlib.dll (PUP.RiskwareTool.CK) -> No action taken.
C:\Program Files\Adobe\Adobe Prelude CS6\amtlib.dll (PUP.RiskwareTool.CK) -> No action taken.
 
(end)
 
ESET Log:
There was no threats found.
 
--------
 
My computer doesn't seem to be doing anything weird, but I'm still getting the message from Avast. 


#12 jeffce

jeffce

    Bleepin' Super Saiyan


  • Malware Response Team
  • 3,442 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:06:15 PM

Posted 08 January 2014 - 12:51 PM

Run Malwarebytes again and this time, please remove anything found.  Post the new log.   :)
 
----------------
 
LlJESjW.jpgMalwarebytes Anti-Rootkit
 
Please download Malwarebytes Anti-Rootkit and save it to your desktop.

  • Be sure to print out and follow the instructions provided on that same page.
  • Caution: This is a beta version so please be sure to read the disclaimer and back up all your data before using.
  • Scan your system for malware
  • If malware is found, please go to the MBAR folder and then copy/paste the contents of the MBAR-log-***.txt file to your next reply.

If there is no malware found, please let me know as well.
----------


WFxJwA4.png
 
mvp_horizontal_fullcolor-(copy2).jpeg
 


#13 Wii8461

Wii8461
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:06:15 PM

Posted 08 January 2014 - 01:57 PM

Malwarebytes Log:

Malwarebytes Anti-Malware 1.75.0.1300

www.malwarebytes.org
 
Database version: v2014.01.08.04
 
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 8.0.7601.17514
Link :: LINK-PC [administrator]
 
1/8/2014 12:56:01 PM
mbam-log-2014-01-08 (12-56-01).txt
 
Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 563130
Time elapsed: 41 minute(s), 18 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 10
C:\Program Files\Adobe\Adobe Audition CS6\amtlib.dll (PUP.RiskwareTool.CK) -> Quarantined and deleted successfully.
C:\Program Files\Adobe\Adobe Bridge CS6\AMTLib.dll (PUP.RiskwareTool.CK) -> Quarantined and deleted successfully.
C:\Program Files\Adobe\Adobe Dreamweaver CS6\amtlib.dll (PUP.RiskwareTool.CK) -> Quarantined and deleted successfully.
C:\Program Files\Adobe\Adobe Fireworks CS6\amtlib.dll (PUP.RiskwareTool.CK) -> Quarantined and deleted successfully.
C:\Program Files\Adobe\Adobe Flash CS6\amtlib.dll (PUP.RiskwareTool.CK) -> Quarantined and deleted successfully.
C:\Program Files\Adobe\Adobe Illustrator CS6\Support Files\Contents\Windows\amtlib.dll (PUP.RiskwareTool.CK) -> Quarantined and deleted successfully.
C:\Program Files\Adobe\Adobe InDesign CS6\amtlib.dll (PUP.RiskwareTool.CK) -> Quarantined and deleted successfully.
C:\Program Files\Adobe\Adobe Media Encoder CS6\amtlib.dll (PUP.RiskwareTool.CK) -> Quarantined and deleted successfully.
C:\Program Files\Adobe\Adobe Photoshop CS6\amtlib.dll (PUP.RiskwareTool.CK) -> Quarantined and deleted successfully.
C:\Program Files\Adobe\Adobe Prelude CS6\amtlib.dll (PUP.RiskwareTool.CK) -> Quarantined and deleted successfully.
 
(end)
 
-----------
 
Malwarebytes Anti-Rootkit didn't find any malware.


#14 jeffce

jeffce

    Bleepin' Super Saiyan


  • Malware Response Team
  • 3,442 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:06:15 PM

Posted 08 January 2014 - 02:36 PM

ttLR1ki.jpg

  • Download OTL to your desktop.
  • Right-click and Run as Administrator on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • Check the boxes beside LOP Check and Purity Check.
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt.
      Note:These logs can be located in the OTL. folder on you C:\ drive if they fail to open automatically.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them both in.

----------


WFxJwA4.png
 
mvp_horizontal_fullcolor-(copy2).jpeg
 


#15 Wii8461

Wii8461
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:06:15 PM

Posted 09 January 2014 - 12:48 PM

OTL.txt Log:

OTL logfile created on: 1/9/2014 12:39:28 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Link\Desktop
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.00 Gb Total Physical Memory | 2.28 Gb Available Physical Memory | 76.19% Memory free
5.99 Gb Paging File | 4.85 Gb Available in Paging File | 80.98% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232.88 Gb Total Space | 40.84 Gb Free Space | 17.54% Space Free | Partition Type: NTFS
 
Computer Name: LINK-PC | User Name: Link | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Link\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
PRC - C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation)
PRC - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe (NVIDIA Corporation)
PRC - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
PRC - C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation)
PRC - C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation)
PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Windows\System32\nlssrv32.exe (Nalpeiron Ltd.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)
PRC - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
PRC - c:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe (Broadcom Corporation.)
PRC - c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
PRC - C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
PRC - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_b8cef5f1d6fff385\stacsv.exe (IDT, Inc.)
PRC - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_b8cef5f1d6fff385\AEstSrv.exe (Andrea Electronics Corporation)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files\AVAST Software\Avast\libcef.dll ()
MOD - C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files\Notepad++\NppShell_05.dll ()
MOD - C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll ()
 
 
========== Services (SafeList) ==========
 
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (NvNetworkService) -- C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation)
SRV - (NvStreamSvc) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation)
SRV - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (Skype C2C Service) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (nlsX86cc) -- C:\Windows\System32\nlssrv32.exe (Nalpeiron Ltd.)
SRV - (BITCOMET_HELPER_SERVICE) -- C:\Program Files\BitComet\tools\BitCometService.exe (www.BitComet.com)
SRV - (SwitchBoard) -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (btwdins) -- c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (STacSV) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_b8cef5f1d6fff385\stacsv.exe (IDT, Inc.)
SRV - (AESTFilters) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_b8cef5f1d6fff385\AEstSrv.exe (Andrea Electronics Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (catchme) -- C:\Users\Link\AppData\Local\Temp\catchme.sys File not found
DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswSnx) -- C:\Windows\System32\drivers\aswSnx.sys (AVAST Software)
DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswVmm) -- C:\Windows\System32\drivers\aswVmm.sys ()
DRV - (aswRdr) -- C:\Windows\System32\drivers\aswRdr2.sys (AVAST Software)
DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (AVAST Software)
DRV - (aswRvrt) -- C:\Windows\System32\drivers\aswRvrt.sys ()
DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (nvvad_WaveExtensible) -- C:\Windows\System32\drivers\nvvad32v.sys (NVIDIA Corporation)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (NVHDA) -- C:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation)
DRV - (mcaudrv_simple) -- C:\Windows\System32\drivers\mcaudrv.sys (ManyCam LLC)
DRV - (ElgatoGC658Y) -- C:\Windows\System32\drivers\ElgatoGC658.sys (UB658)
DRV - (ManyCam) -- C:\Windows\System32\drivers\mcvidrv.sys (ManyCam LLC)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (TsUsbGD) -- C:\Windows\System32\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV - (SCREAMINGBDRIVER) -- C:\Windows\System32\drivers\ScreamingBAudio.sys (Screaming Bee LLC)
DRV - (netw5v32) -- C:\Windows\System32\drivers\netw5v32.sys (Intel Corporation)
DRV - (STHDA) -- C:\Windows\System32\drivers\stwrt.sys (IDT, Inc.)
DRV - (HpqKbFiltr) -- C:\Windows\System32\drivers\HpqKbFiltr.sys (Hewlett-Packard Development Company, L.P.)
DRV - (JMCR) -- C:\Windows\System32\drivers\jmcr.sys (JMicron Technology Corporation)
DRV - (enecir) -- C:\Windows\System32\drivers\enecir.sys (ENE TECHNOLOGY INC.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 4F 53 11 F3 7B 0C CF 01  [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{E1DBA46C-1A89-4A48-882C-A6757DE2FB5A}: "URL" = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=586383&p={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=586383"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.youtube.com/"
FF - prefs.js..extensions.enabledAddons: %7B888d99e7-e8b5-46a3-851e-1ec45da1e644%7D:17.0.0
FF - prefs.js..extensions.enabledAddons: %7Ba0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7%7D:20131118
FF - prefs.js..extensions.enabledAddons: %7Bab91efd4-6975-4081-8552-1b3922ed79e2%7D:1.0.27.1
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3508.0205: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.8: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013/12/08 13:16:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/12/23 18:51:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/12/23 18:51:33 | 000,000,000 | ---D | M]
 
[2013/06/24 18:06:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Link\AppData\Roaming\Mozilla\Extensions
[2014/01/05 12:53:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Link\AppData\Roaming\Mozilla\Firefox\Profiles\rfwepbke.default\extensions
[2013/11/27 15:26:40 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Link\AppData\Roaming\Mozilla\Firefox\Profiles\rfwepbke.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2013/06/24 18:07:45 | 000,000,000 | ---D | M] (HP Detect) -- C:\Users\Link\AppData\Roaming\Mozilla\Firefox\Profiles\rfwepbke.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}
[2013/08/12 11:45:01 | 000,000,000 | ---D | M] (BitComet Video Downloader) -- C:\Users\Link\AppData\Roaming\Mozilla\Firefox\Profiles\rfwepbke.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}
[2013/08/27 17:28:13 | 000,030,502 | ---- | M] () (No name found) -- C:\Users\Link\AppData\Roaming\Mozilla\Firefox\Profiles\rfwepbke.default\extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}.xpi
[2014/01/05 12:53:19 | 000,018,899 | ---- | M] () (No name found) -- C:\Users\Link\AppData\Roaming\Mozilla\Firefox\Profiles\rfwepbke.default\extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi
[2013/10/10 07:57:57 | 000,915,554 | ---- | M] () (No name found) -- C:\Users\Link\AppData\Roaming\Mozilla\Firefox\Profiles\rfwepbke.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/12/23 18:51:33 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/12/23 18:51:33 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/12/26 18:34:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/12/23 18:51:33 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/12/26 18:34:36 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2012/01/12 03:58:30 | 000,917,816 | ---- | M] (BitComet) -- C:\Program Files\mozilla firefox\plugins\npBitCometAgent.dll
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: https://www.google.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\31.0.1650.63\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
CHR - plugin: BitCometAgent (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 7 U25 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Java Deployment Toolkit 7.0.250.17 (Enabled) = C:\Windows\system32\npDeployJava1.dll
CHR - Extension: Magic Actions for YouTube™ = C:\Users\Link\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif\6.7.1_0\
CHR - Extension: Google Docs = C:\Users\Link\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\Link\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: WOT = C:\Users\Link\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\2.4.5_0\
CHR - Extension: YouTube = C:\Users\Link\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\Link\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: WOT Safe Search = C:\Users\Link\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddcihbboebboehpkkdfdkhbodacmmfkk\2_0\
CHR - Extension: User-Agent Switcher for Chrome = C:\Users\Link\AppData\Local\Google\Chrome\User Data\Default\Extensions\djflhoibgkdhkhhcedjiklpkjnoahfmg\1.0.26_0\
CHR - Extension: AdBlock = C:\Users\Link\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.16_0\
CHR - Extension: Skype Click to Call = C:\Users\Link\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.13.0.13771_0\
CHR - Extension: Google Wallet = C:\Users\Link\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\
CHR - Extension: Auto Refresh Plus = C:\Users\Link\AppData\Local\Google\Chrome\User Data\Default\Extensions\oilipfekkmncanaajkapbpancpelijih\1.8.9.23_0\
CHR - Extension: Gmail = C:\Users\Link\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2014/01/06 15:09:42 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll (BitComet)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [NvBackend] C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [Nvtmru] C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [ShadowPlay] C:\Windows\System32\nvspcap.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: &D&ownload &with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: &D&ownload all with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Send image to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe (Hewlett-Packard)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @c:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @c:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll (BitComet)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2C24E864-D1BD-444B-AA96-EC9155179C61}: DhcpNameServer = 10.0.0.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 16:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/01/09 09:59:17 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Link\Desktop\OTL.exe
[2014/01/08 13:43:47 | 000,104,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
[2014/01/08 13:43:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
[2014/01/08 13:43:08 | 000,074,456 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamchameleon.sys
[2014/01/08 13:43:02 | 000,000,000 | ---D | C] -- C:\Users\Link\Desktop\New folder
[2014/01/08 12:54:56 | 012,582,688 | ---- | C] (Malwarebytes Corp.) -- C:\Users\Link\Desktop\mbar-1.07.0.1008.exe
[2014/01/08 08:26:12 | 000,000,000 | ---D | C] -- C:\Users\Link\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices
[2014/01/06 15:11:01 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2014/01/06 15:10:56 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2014/01/06 13:57:17 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2014/01/06 13:57:17 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2014/01/06 13:57:17 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2014/01/06 13:56:09 | 000,000,000 | ---D | C] -- C:\Qoobox
[2014/01/06 13:56:01 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2014/01/06 13:54:28 | 005,160,001 | R--- | C] (Swearware) -- C:\Users\Link\Desktop\ComboFix.exe
[2014/01/06 12:45:30 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/01/06 12:40:58 | 002,237,968 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Link\Desktop\tdsskiller.exe
[2014/01/06 12:39:07 | 000,688,992 | R--- | C] (Swearware) -- C:\Users\Link\Desktop\dds.com
[2014/01/05 17:27:52 | 000,000,000 | ---D | C] -- C:\Program Files\Echobit
[2014/01/05 17:27:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Echobit
[2014/01/05 17:27:09 | 000,000,000 | ---D | C] -- C:\Users\Link\AppData\Local\Echobit
[2014/01/05 13:19:35 | 000,000,000 | ---D | C] -- C:\Users\Link\AppData\Roaming\Malwarebytes
[2014/01/05 13:18:43 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2014/01/05 13:18:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/01/05 13:18:42 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013/12/26 18:34:37 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2013/12/26 00:02:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elgato
[2013/12/26 00:02:12 | 000,032,240 | ---- | C] (UB658) -- C:\Windows\System32\drivers\ElgatoGC658.sys
[2013/12/26 00:02:01 | 000,000,000 | ---D | C] -- C:\Users\Link\AppData\Roaming\Elgato
[2013/12/26 00:01:51 | 000,000,000 | ---D | C] -- C:\Program Files\Elgato
[2013/12/23 18:51:33 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013/12/18 08:10:00 | 000,034,080 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvvad32v.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2014/01/09 12:31:34 | 000,000,087 | ---- | M] () -- C:\Windows\System32\kufl.apv
[2014/01/09 11:58:00 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/01/09 11:28:40 | 000,659,818 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014/01/09 11:28:40 | 000,120,714 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014/01/09 11:26:25 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/01/09 09:59:20 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Link\Desktop\OTL.exe
[2014/01/08 17:58:00 | 000,000,878 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/01/08 13:46:51 | 000,028,912 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/01/08 13:46:51 | 000,028,912 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/01/08 13:43:47 | 000,104,664 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
[2014/01/08 13:43:08 | 000,074,456 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamchameleon.sys
[2014/01/08 13:39:22 | 2413,522,944 | -HS- | M] () -- C:\hiberfil.sys
[2014/01/08 12:55:26 | 012,582,688 | ---- | M] (Malwarebytes Corp.) -- C:\Users\Link\Desktop\mbar-1.07.0.1008.exe
[2014/01/07 08:44:20 | 001,233,962 | ---- | M] () -- C:\Users\Link\Desktop\AdwCleaner.exe
[2014/01/06 15:09:42 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2014/01/06 13:54:34 | 005,160,001 | R--- | M] (Swearware) -- C:\Users\Link\Desktop\ComboFix.exe
[2014/01/06 12:41:12 | 002,237,968 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Link\Desktop\tdsskiller.exe
[2014/01/06 12:39:15 | 000,688,992 | R--- | M] (Swearware) -- C:\Users\Link\Desktop\dds.com
[2014/01/01 00:54:08 | 000,028,672 | ---- | M] () -- C:\Windows\System32\ujuv.xzt
[2014/01/01 00:54:08 | 000,000,096 | ---- | M] () -- C:\Windows\System32\lseg.kge
[2014/01/01 00:33:30 | 000,000,064 | ---- | M] () -- C:\Windows\System32\drek.izf
[2014/01/01 00:17:48 | 000,101,213 | --S- | M] () -- C:\Windows\System32\qdmgnvk.lhr
[2013/12/28 10:18:11 | 000,009,216 | ---- | M] () -- C:\Users\Link\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/12/26 18:34:39 | 000,001,105 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013/12/26 00:02:13 | 000,001,092 | ---- | M] () -- C:\Users\Public\Desktop\Game Capture HD.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2014/01/06 13:57:17 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2014/01/06 13:57:17 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2014/01/06 13:57:17 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2014/01/06 13:57:17 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2014/01/06 13:57:17 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2014/01/06 12:41:15 | 001,233,962 | ---- | C] () -- C:\Users\Link\Desktop\AdwCleaner.exe
[2014/01/01 00:54:08 | 000,028,672 | ---- | C] () -- C:\Windows\System32\ujuv.xzt
[2014/01/01 00:43:36 | 000,000,087 | ---- | C] () -- C:\Windows\System32\kufl.apv
[2014/01/01 00:33:30 | 000,000,096 | ---- | C] () -- C:\Windows\System32\lseg.kge
[2014/01/01 00:33:30 | 000,000,064 | ---- | C] () -- C:\Windows\System32\drek.izf
[2014/01/01 00:17:48 | 000,101,213 | --S- | C] () -- C:\Windows\System32\qdmgnvk.lhr
[2013/12/26 18:34:39 | 000,001,117 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013/12/26 18:34:39 | 000,001,105 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013/12/26 00:02:13 | 000,001,092 | ---- | C] () -- C:\Users\Public\Desktop\Game Capture HD.lnk
[2013/11/16 10:45:30 | 000,009,216 | ---- | C] () -- C:\Users\Link\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/08/22 16:51:18 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2013/08/18 12:45:17 | 000,000,600 | ---- | C] () -- C:\Users\Link\PUTTY.RND
[2013/06/24 18:05:49 | 000,178,304 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys
[2013/06/24 18:05:49 | 000,049,944 | ---- | C] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2013/06/24 18:00:20 | 000,060,096 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2013/06/24 17:59:30 | 000,060,096 | ---- | C] () -- C:\ProgramData\nvModes.001
 
========== ZeroAccess Check ==========
 
[2009/07/13 23:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2010/11/20 16:29:11 | 012,872,192 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 16:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/13 20:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2013/08/09 15:20:58 | 000,000,000 | ---D | M] -- C:\Users\Link\AppData\Roaming\.minecraft
[2013/12/25 21:32:40 | 000,000,000 | ---D | M] -- C:\Users\Link\AppData\Roaming\Audacity
[2013/12/08 18:10:41 | 000,000,000 | ---D | M] -- C:\Users\Link\AppData\Roaming\AVAST Software
[2014/01/01 00:32:06 | 000,000,000 | ---D | M] -- C:\Users\Link\AppData\Roaming\BitComet
[2013/09/01 21:46:46 | 000,000,000 | ---D | M] -- C:\Users\Link\AppData\Roaming\BitTorrent
[2013/08/28 07:58:17 | 000,000,000 | ---D | M] -- C:\Users\Link\AppData\Roaming\Blackboard
[2013/12/26 00:02:01 | 000,000,000 | ---D | M] -- C:\Users\Link\AppData\Roaming\Elgato
[2013/08/04 00:19:29 | 000,000,000 | ---D | M] -- C:\Users\Link\AppData\Roaming\Jasc
[2013/11/26 12:37:43 | 000,000,000 | ---D | M] -- C:\Users\Link\AppData\Roaming\ManyCam
[2013/11/27 18:37:20 | 000,000,000 | ---D | M] -- C:\Users\Link\AppData\Roaming\MilkShape 3D 1.x.x
[2013/09/02 21:12:24 | 000,000,000 | ---D | M] -- C:\Users\Link\AppData\Roaming\Notepad++
[2013/12/06 17:44:45 | 000,000,000 | ---D | M] -- C:\Users\Link\AppData\Roaming\onOne Software
[2013/11/24 21:17:49 | 000,000,000 | ---D | M] -- C:\Users\Link\AppData\Roaming\Screaming Bee
[2013/10/29 07:45:26 | 000,000,000 | ---D | M] -- C:\Users\Link\AppData\Roaming\SketchUp
[2013/09/14 22:25:48 | 000,000,000 | ---D | M] -- C:\Users\Link\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2013/08/28 18:24:35 | 000,000,000 | ---D | M] -- C:\Users\Link\AppData\Roaming\TechSmith
[2013/12/18 10:47:25 | 000,000,000 | ---D | M] -- C:\Users\Link\AppData\Roaming\Youtube Downloader HD
 
========== Purity Check ==========
 
 
 
< End of report >
 
 
Extras.txt Log:

OTL Extras logfile created on: 1/9/2014 12:39:28 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Link\Desktop
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.00 Gb Total Physical Memory | 2.28 Gb Available Physical Memory | 76.19% Memory free
5.99 Gb Paging File | 4.85 Gb Available in Paging File | 80.98% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232.88 Gb Total Space | 40.84 Gb Free Space | 17.54% Space Free | Partition Type: NTFS
 
Computer Name: LINK-PC | User Name: Link | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03235F5D-EE34-4907-AAD6-CCA0C93A0166}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe | 
"{1C1B7B7F-18B4-42E9-9995-78ADB85D6BBB}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe | 
"{2CD9C527-3CCD-4337-88F3-A62AFB91BFC5}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | 
"{311E0CCC-AF71-42E3-AB58-162C0F57E910}" = lport=80 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\netservice\nvnetworkservice.exe | 
"{4B5EE24B-CB2F-4C9B-81AF-9E2FAD25A7E4}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe | 
"{4BA5562F-DFAF-4295-BBEA-773991C528F9}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | 
"{574AA756-3740-4050-8A75-CCB8ECC7278C}" = lport=7935 | protocol=6 | dir=in | name=adobe flash builder 4.6 | 
"{5E01AA2F-B919-4B4D-A926-935A90EC0D25}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe | 
"{5E3C6A05-A0FA-4CAA-B6C0-A93522204375}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe | 
"{64F3079A-9BD5-4F9B-9636-22299245BAF3}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
"{6A95EB6E-4004-489F-B0A6-F11D1E53353B}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe | 
"{700AE9BC-25FA-4BD3-BFB2-B5A7A16F49D3}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | 
"{79E1CE5F-23EE-409C-A864-D07A71A5117F}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | 
"{7ACF6971-2DFC-4CE2-A39D-351B25CAE680}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | 
"{828989D5-3C88-400A-8C19-C19220DED8E2}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe | 
"{89FE5178-D3C4-4C89-AFDA-C9133D056052}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe | 
"{90ABDBC8-09EA-4C13-89FA-B9C3019D42D9}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | 
"{9585DDDA-143B-486E-AAB7-14DA455E084D}" = lport=443 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\netservice\nvnetworkservice.exe | 
"{A82700FA-4B50-47B9-A5C0-A28A489C64F5}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe | 
"{B43F164B-1E31-4EEF-8AC3-F364839838D2}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe | 
"{BF5B005D-6D73-40B0-9890-5610F63CF48A}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe | 
"{CC1EF46C-1FBB-4642-872F-E8DB0D8E7756}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | 
"{CF66298C-D817-4400-835B-44E99DBE4DC2}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | 
"{D35A1D6B-4586-4C2B-92A0-9ADC2301C136}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | 
"{F2994381-1AE2-4E65-8AC9-BD98DAA75AF0}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | 
"{F756C8AD-5269-4295-BFCF-F4E0C1C56423}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0328C003-6CC0-4BF4-B3B0-8CDA1580501E}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\nintendo8461\sourcesdk\bin\sdklauncher.exe | 
"{061AC8C6-F2F3-4857-B464-82065460AE6D}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\nintendo8461\sourcesdk\bin\sdklauncher.exe | 
"{0E55B0FB-C0A1-4E6C-BF97-9846707497B8}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe | 
"{1D69D7A0-E075-4AB6-847C-C412F1A71BB5}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\garrysmod\hl2.exe | 
"{1F9C8FD7-565A-4BEE-8830-BF9A913837C3}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe | 
"{202FF8EA-C737-40FE-8A7A-0B4EFFC1880C}" = protocol=17 | dir=in | app=c:\users\link\appdata\roaming\bittorrent\bittorrent.exe | 
"{320BF96D-5527-48BA-9FD7-B0E70E7031CB}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\natural selection 2\ns2.exe | 
"{395759B9-F1D0-4988-8814-137287A4A648}" = dir=in | app=c:\program files\hp\hp deskjet 3510 series\bin\devicesetup.exe | 
"{3A43334B-02C4-4D8D-A228-61D9B907540D}" = protocol=6 | dir=in | app=c:\program files\valve\garry's mod\hl2.exe | 
"{3EA39C84-98EE-48FA-A059-C853800ABBF5}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\natural selection 2\ns2.exe | 
"{53143081-B877-4158-92AD-CC4882288FE0}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\half-life 2\hl2.exe | 
"{5541D3A1-E4CD-4D22-8DE6-653FED4052A0}" = protocol=17 | dir=in | app=c:\program files\valve\garry's mod\hl2.exe | 
"{6356D0A0-3C6C-463E-955E-973DE4B9781E}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe | 
"{6A518CC2-D33C-4347-B2CB-89EF12C0EAFF}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{6AFDAE05-141B-4B4D-82D0-B8149C21AF31}" = dir=in | app=c:\program files\hp\hp deskjet 3510 series\bin\hpnetworkcommunicatorcom.exe | 
"{72515BF6-56FD-46A1-AAA2-A0951C22AD89}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\sourcefilmmaker\game\bin\qsdklauncher.exe | 
"{76BFF001-1954-47AC-91DA-06364B676688}" = protocol=6 | dir=in | app=c:\users\link\appdata\roaming\bittorrent\bittorrent.exe | 
"{7AFD6579-7632-4168-AE41-F5632F220DA0}" = dir=in | name=mitchribarytube | 
"{85F0DA8B-9AC4-493B-AF3D-71BC1270BB29}" = protocol=6 | dir=in | app=c:\program files\adobe\adobe flash builder 4.6\flashbuilder.exe | 
"{89BEE6F7-D706-40C5-BA04-C39CE3BE111E}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\half-life 2\hl2.exe | 
"{93A7658D-24B4-423B-AC50-0EB470CF07BA}" = dir=in | app=c:\program files\echobit\evolve\evolveclient.exe | 
"{999E7287-7935-4A56-9360-13C5C68B1814}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\sourcefilmmaker\game\sfm.exe | 
"{9DADBCD7-60D7-4292-B745-38DDCE92FC85}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\half-life 2\hl2.exe | 
"{A75CC86F-1483-49E9-86EC-05125B104626}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe | 
"{AF0942C0-59DC-436C-BF5B-8CC40E3C81D8}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{B12963B1-E3D6-4F45-B583-BC727D3E52F0}" = protocol=6 | dir=in | app=c:\program files\valve\garry's mod\srcds.exe | 
"{B9DEC29A-6508-4077-BE19-2082F8B38E19}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\sourcefilmmaker\game\sfm.exe | 
"{BF809326-02A4-4A6E-9343-67D5EA0E18D0}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\half-life 2\hl2.exe | 
"{C4025DA9-698E-4718-B90D-AA87016361D2}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{C7889819-26D5-46B4-8572-0D02B0C53A6D}" = protocol=17 | dir=in | app=c:\program files\adobe\adobe flash builder 4.6\flashbuilder.exe | 
"{C97478D3-0230-490C-86CA-B046B90D58D8}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe | 
"{CC4F4F19-EAB2-4110-B528-157C3781CE25}" = protocol=17 | dir=in | app=c:\program files\valve\garry's mod\srcds.exe | 
"{D605723C-3F64-4FB1-83F3-17101429FB93}" = dir=in | app=c:\program files\echobit\evolve\evosvc.exe | 
"{E3F998B3-D571-4DF7-9DB0-6E068AC71C19}" = dir=in | app=c:\program files\hp\hp deskjet 3510 series\bin\hpnetworkcommunicator.exe | 
"{EA4F0495-889F-4651-9061-CEE15E711233}" = protocol=17 | dir=in | app=c:\program files\bitcomet\bitcomet.exe | 
"{ED08841F-2DB5-4855-A581-DFE528476F92}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\sourcefilmmaker\game\bin\qsdklauncher.exe | 
"{F3272C58-814C-4C34-B3AA-958A48F6F03B}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe | 
"{F3FE9E16-9B7A-40FB-A29C-6CDBC100FE5D}" = dir=in | app=c:\program files\itunes\itunes.exe | 
"{FE4DE9DE-CBB0-45DF-B9E2-18CE5BEE9849}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\garrysmod\hl2.exe | 
"{FF0F1E59-7FD5-4253-9809-36828F790F82}" = protocol=6 | dir=in | app=c:\program files\bitcomet\bitcomet.exe | 
"TCP Query User{2E2D6212-5AC8-4C0B-B5A3-5843CAD8C4AE}C:\program files\onone software\perfect resize 7.5\perfect resize 7.5.exe" = protocol=6 | dir=in | app=c:\program files\onone software\perfect resize 7.5\perfect resize 7.5.exe | 
"TCP Query User{8D1F3230-AB96-4B05-B663-580A9DD57FE1}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe | 
"TCP Query User{9081FE02-F5E0-4E86-8DBD-333D7FFEEBE1}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" = protocol=6 | dir=in | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe | 
"TCP Query User{A4FD80D4-437F-490E-BA22-E428D878A30B}C:\program files\steam\steam.exe" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe | 
"TCP Query User{A97C1E0C-EB6D-4845-AE1B-2A311A1F87EA}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe | 
"UDP Query User{0A61CB12-E121-4DB2-84A9-537EB705CEF3}C:\program files\steam\steam.exe" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe | 
"UDP Query User{2CA8E6F2-D736-4C10-B859-E69B48CFEFE9}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe | 
"UDP Query User{70B47223-105C-4DA4-8E0A-CC13E7597025}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" = protocol=17 | dir=in | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe | 
"UDP Query User{8B807A07-67E6-43C2-9B40-92536B0EE48D}C:\program files\onone software\perfect resize 7.5\perfect resize 7.5.exe" = protocol=17 | dir=in | app=c:\program files\onone software\perfect resize 7.5\perfect resize 7.5.exe | 
"UDP Query User{D4D8ACF0-A505-4C04-B0B0-5FCE05C9FBBA}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{03D562B5-C4E2-4846-A920-33178788BE00}" = Windows Live Communications Platform
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0592EF96-69D8-4E4B-9CC9-88F58EA86F01}" = Apple Mobile Device Support
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0F929651-F516-4956-90F2-FFBD2CD5D30E}" = Photo Gallery
"{0FF9CC94-EF23-401E-BDBD-37403D1A2B38}" = Windows Live SOXE Definitions
"{185F9795-9663-4F13-9EF9-307A282ADB5A}" = ph
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron JMB38X Flash Media Controller
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 45
"{2A075BB4-E976-4278-BF3F-E5C6945D84C0}" = bl
"{2AC01935-3774-4981-98C8-14E93C14372C}" = Windows Live UX Platform Language Pack
"{2CC32E0E-9A10-4BCC-94F0-614F85375F59}" = Male Voice Pack
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4439ED25-D9ED-4E78-A41E-6C6C5DCEDE62}" = MorphVOX Effects Rack
"{45898170-E68C-4F02-AA35-C2186BF347A3}" = Movie Maker
"{46F044A5-CE8B-4196-984E-5BD6525E361D}" = Apple Application Support
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B886E97-AF5B-46F0-9F48-6BE03149D972}" = Personality Voices
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.11
"{529125EF-E3AC-4B74-97E6-F688A7C0F1BF}" = Paint.NET v3.5.10
"{5A0EE0F0-E909-4F3B-B437-AAD9252427CB}" = Windows Live Installer
"{5E094C92-6288-4F43-AA9A-D452D0218F3F}" = Windows Live Essentials
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{6B6923B9-8719-425B-916C-CD2908F31AAF}" = Windows Live SOXE
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{75B956F9-D72D-4929-B695-120D70E8AEE1}" = MorphVOX Pro
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7B5AA67E-FEA0-40BB-BAB5-CA56645A589C}" = NVIDIA PhysX
"{8256F87F-8554-4457-8C3D-3F3324697D9F}" = Windows Live ID Sign-in Assistant
"{89C7E0A7-4D9D-4DCC-8834-A9A2B92D7EBB}" = Photo Gallery
"{89D86886-A5D1-4BE5-8446-56D902C5F36D}" = GCT to TXT
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-0000-0000000FF1CE}_Office14.SingleImage_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{913C4C4F-9E3E-41A6-A614-1BDC1352A225}" = Special Effects Voices
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9559F7CA-5E34-4237-A2D9-D856464AD727}" = Project64 1.6
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = HP Integrated Module with Bluetooth wireless technology
"{9F1F6E90-519F-4217-9A4B-466632D5CCCB}" = HP Deskjet 3510 series Basic Device Software
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.03)
"{ACAA0152-96A4-4D93-92F5-1B4728C3D984}" = HP Product Detection
"{AF37176A-78CA-545B-34EF-8B6A21514DD1}" = Adobe Help Manager
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 327.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 327.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.8.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.13.0725
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 10.11.15
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamC" = GeForce Experience NvStream Client Components
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 10.11.15
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.19
"{B39A6825-EA20-43EA-AB2D-A6BC0298D9A1}" = Movie Maker
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{B75BC01B-4586-43F8-9349-D250DB98F26F}" = SketchUp 2013
"{BFA04EE0-8240-4667-8D53-45496A901C33}" = Camtasia Studio 8
"{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6
"{C197BC08-3D82-4651-8886-E68C21578A38}" = iTunes
"{C1A6E1A4-B337-41B5-B580-30EB1FF76D56}" = Text-To-VoIP Plug-in
"{C39768C1-82E7-4466-8526-2D8AC44B768F}" = Translator Fun Voice Pack
"{C6B0EE9E-2128-4448-B7AE-5E2B46E0F0E7}" = Windows Live Photo Common
"{D947A225-8C23-4E52-866E-CF3967476BFC}" = Female Voice Pack
"{DD4C0F22-1E75-4AF5-A2F1-DA40B25EA02A}" = Elgato Game Capture HD
"{DD7C5FC1-DCA5-487A-AF23-658B1C00243F}" = Photo Common
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3445598-4424-4EE2-B71C-C23325F7FB71}" = Windows Live PIMT Platform
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}" = Adobe Creative Suite 6 Master Collection
"{EFBE6DD5-B224-96E5-72B9-68D328CB12A6}" = Adobe Widget Browser
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E58739-2B4C-498F-9B0D-FF0F2FD52B61}" = Windows Live UX Platform
"{F1D7AC58-554A-4A58-B784-B61558B1449A}" = QLBCASL
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"5D38134BF8A10D640B30E6B014EECDBC5F881E3D" = Windows Driver Package - ENE (enecir) HIDClass  (04/29/2008 2.5.0.0)
"A6A8668C0A13640CA28FE2A7D9654BE4AE478B13" = Windows Driver Package - Broadcom Bluetooth  (07/30/2009 6.2.0.9405)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Audacity_is1" = Audacity 2.0.3
"avast" = avast! Free Antivirus
"AVS4YOU Video Converter 7_is1" = AVS Video Converter 8
"B7541EC5F72AA713F557569278EB6273725F5607" = Windows Driver Package - Broadcom Bluetooth  (06/15/2009 6.2.0.9000)
"BF20603967CFDCB2BBF91950E8A56DFBC5C833FE" = Windows Driver Package - Broadcom HIDClass  (07/28/2009 6.2.0.9800)
"BitComet" = BitComet 1.36
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Help Manager
"com.adobe.WidgetBrowser" = Adobe Widget Browser
"DiscJuggler" = DiscJuggler
"Game Capture HD v2.3.3.38" = Game Capture HD v2.3.3.38
"Google Chrome" = Google Chrome
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"ManyCam" = ManyCam 3.1.59
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"MilkShape 3D 1.8.5" = MilkShape 3D 1.8.5
"Minecraft1.6.2" = Minecraft1.6.2
"Mozilla Firefox 26.0 (x86 en-US)" = Mozilla Firefox 26.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Notepad++" = Notepad++
"Office14.SingleImage" = Microsoft Office Professional 2010
"Steam App 1840" = Source Filmmaker
"Steam App 211" = Source SDK
"StudioCompiler" = StudioCompiler v0.4A
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"VideoPad" = VideoPad Video Editor
"VLC media player" = VLC media player 2.0.8
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 5.00 beta 6 (32-bit)
"Youtube Downloader HD_is1" = Youtube Downloader HD v. 2.9.9.10
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 9/7/2013 9:39:32 AM | Computer Name = Link-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 9/9/2013 10:12:53 AM | Computer Name = Link-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 9/9/2013 10:12:51 AM | Computer Name = Link-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 9/9/2013 2:45:53 PM | Computer Name = Link-PC | Source = Application Error | ID = 1000
Description = Faulting application name: STacSV.exe, version: 1.0.6207.0, time stamp:
 0x4a1730ff  Faulting module name: STacSV.exe, version: 1.0.6207.0, time stamp: 0x4a1730ff
Exception
 code: 0xc0000094  Fault offset: 0x00002815  Faulting process id: 0x3e4  Faulting application
 start time: 0x01cead8ccbd947e0  Faulting application path: C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_b8cef5f1d6fff385\STacSV.exe
Faulting
 module path: C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_b8cef5f1d6fff385\STacSV.exe
Report
 Id: 0dbad7c4-1980-11e3-8701-00247e1c2b7f
 
Error - 9/9/2013 2:45:55 PM | Computer Name = Link-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 9/9/2013 2:45:54 PM | Computer Name = Link-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 9/9/2013 2:45:54 PM | Computer Name = Link-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 9/9/2013 3:07:23 PM | Computer Name = Link-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files\HP\HP Deskjet
 3510 series\DriverStore\Pipeline\amd64\hpinkinsAD11.exe".  Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
 could not be found.  Please use sxstrace.exe for detailed diagnosis.
 
Error - 9/9/2013 2:45:57 PM | Computer Name = Link-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 9/10/2013 2:25:20 PM | Computer Name = Link-PC | Source = WinMgmt | ID = 10
Description = 
 
[ System Events ]
Error - 11/5/2013 11:29:32 PM | Computer Name = Link-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable.  Please
 run the chkdsk utility on the volume E:.
 
Error - 11/5/2013 11:30:39 PM | Computer Name = Link-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR2.
 
Error - 11/5/2013 11:30:39 PM | Computer Name = Link-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR2.
 
Error - 11/5/2013 11:30:40 PM | Computer Name = Link-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR2.
 
Error - 11/5/2013 11:30:41 PM | Computer Name = Link-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR2.
 
Error - 11/5/2013 11:30:41 PM | Computer Name = Link-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR2.
 
Error - 11/5/2013 11:31:16 PM | Computer Name = Link-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR2.
 
Error - 11/5/2013 11:31:17 PM | Computer Name = Link-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR2.
 
Error - 11/5/2013 11:31:18 PM | Computer Name = Link-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR2.
 
Error - 1/1/2001 1:00:26 AM | Computer Name = Link-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 9:10:22 PM on ?11/?8/?2013 was unexpected.
 
 
< End of report >





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users