Go Back   Cyber Tech Help Support Forums > Software > Malware Removal

Notices

Reply
 
Topic Tools
  #1  
Old November 1st, 2012, 11:32 PM
fredcoppola fredcoppola is offline
Senior Member
 
Join Date: Jul 2006
Posts: 199
Trying to help my son

I'm visiting my son and he says he thinks his computer has a virus. Well I look at it and find no anti virus software installed. So I installed AVG and AVAST. Not sure I'm making any progress since AVAST did a boot scan and took almost the whole day. I've had success with Cybertechhelp in the past but it has been a long time. I hope you can assist. Fredcoppola
Reply With Quote


  #2  
Old November 2nd, 2012, 12:18 AM
fredcoppola fredcoppola is offline
Senior Member
 
Join Date: Jul 2006
Posts: 199
I should have provided more information. I keep getting a message from AVAST saying "threat detected." It is the same each time. Win32 Sirefef-ADO Trojan And one other Win32 installer. Looks like the windows\system32\services.exe file is infected.???
Reply With Quote
  #3  
Old November 2nd, 2012, 12:38 AM
Jintan's Avatar
Jintan Jintan is offline
Cyber Tech Help Moderator
 
Join Date: Dec 2004
Posts: 52,002
Hello fredcoppola,

That warning suggests a bootkit there.

Quote:
So I installed AVG and AVAST
You can't have more than one antivirus on any one system - they damage each other, as well as system functions. To make repairs easier for us, please uninstall one, reboot, then uninstall the other, and reboot. Won't be able to install anything new, as the bootkit will just corrupt it. We can discuss reinstalling antivirus software once our work is done.


If the system is Vista/Windows7, when running any of the scan files we use, be sure to right click the file, then select "Run as administrator" to start the scan/tool.

And To make sure you have an accurate view of files there, make sure you can View Hidden Files. Also uncheck "Hide Extensions for Known File Types"


To keep them from interfering with the repairs, be sure to temporarily disable all antivirus/anti-spyware softwares while these steps are being completed. This can usually be done through right clicking the software's Taskbar icons, or accessing each software through Start - Programs. Here are some antivirus disable tips if needed.

-------

Click here and download OldTimer's OTL to your desktop, then click that to open the scan display. At the top click "Scan All Users", then click "Run Scan". Make no other changes at this time.

When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are also saved in the same location as OTL.exe. Post the contents of those back here please.

-----------

Click here and download the installer for Gmer to your desktop, then click that file to run Gmer.


Once the opening scan finishes, click on Scan (again, before scanning, make sure all other running programs are closed and no other actions like a scheduled antivirus scan will occur while this scan completes. Also do not use your computer during the scan).

When completed, click on the Copy button and rightclick on your Desktop, choose "New" > Text document. Once the file is created, open it and rightclick again and choose Paste. Copy the information and post it here please.

-----------

Download aswMBR ( 511KB ) to your desktop.
  • Double click the aswMBR.exe icon to run it
  • If you can have an open Internet connection, and allow it to download the latest Avast engine detections.
  • If avast! antivirus is already installed, just do the next step.
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.


A lot, but comprehensive, and will make sure we get a good view of everything.
Reply With Quote
  #4  
Old November 2nd, 2012, 02:40 AM
fredcoppola fredcoppola is offline
Senior Member
 
Join Date: Jul 2006
Posts: 199
I'm working on it... Old Timer has been running for like an hour!
Reply With Quote
  #5  
Old November 2nd, 2012, 10:12 AM
fredcoppola fredcoppola is offline
Senior Member
 
Join Date: Jul 2006
Posts: 199
OTL logfile created on: 11/1/2012 8:15:11 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Vince\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

6.00 Gb Total Physical Memory | 4.17 Gb Available Physical Memory | 69.59% Memory free
12.00 Gb Paging File | 10.09 Gb Available in Paging File | 84.11% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931.41 Gb Total Space | 594.25 Gb Free Space | 63.80% Space Free | Partition Type: NTFS

Computer Name: VINCE-PC | User Name: Vince | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/11/01 20:14:46 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Vince\Desktop\OTL.exe
PRC - [2012/10/23 05:17:40 | 004,297,136 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012/07/08 15:37:14 | 000,686,280 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_ 3_300_257_ActiveX.exe
PRC - [2012/02/29 19:02:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012/02/29 13:26:46 | 000,382,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011/10/21 04:09:36 | 000,198,032 | ---- | M] (Lavasoft) -- C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
PRC - [2011/09/05 05:52:14 | 000,265,928 | ---- | M] (SpeedBit Ltd.) -- C:\Program Files (x86)\SpeedBit Video Accelerator\VideoAcceleratorService.exe
PRC - [2011/04/10 09:27:57 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2010/10/22 16:25:42 | 002,836,656 | ---- | M] (SpeedBit Ltd.) -- C:\Program Files (x86)\DAP\DAP.exe
PRC - [2009/11/20 06:17:54 | 000,106,496 | ---- | M] (NEC Electronics Corporation) -- C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2009/10/15 20:47:48 | 001,003,520 | ---- | M] (Gigabyte Technology CO., LTD.) -- C:\Program Files (x86)\GIGABYTE\smart6\timelock\AlarmClock.exe
PRC - [2009/10/13 15:39:46 | 000,114,688 | ---- | M] (Gigabyte Technology CO., LTD.) -- C:\Program Files (x86)\GIGABYTE\smart6\timelock\TimeMgmtDaemon.exe
PRC - [2009/08/06 00:51:20 | 000,065,536 | R--- | M] () -- C:\Windows\SysWOW64\XSrvSetup.exe
PRC - [2009/08/04 16:29:54 | 000,219,360 | ---- | M] (DeviceVM, Inc.) -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe
PRC - [2009/08/04 16:29:52 | 000,346,320 | ---- | M] (DeviceVM, Inc.) -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe


========== Modules (No Company Name) ==========

MOD - [2011/03/16 23:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010/11/20 07:19:56 | 000,232,448 | ---- | M] () -- \\?\globalroot\systemroot\syswow64\mswsock.DLL
MOD - [2010/11/20 07:19:56 | 000,232,448 | ---- | M] () -- \\.\globalroot\systemroot\syswow64\mswsock.dll
MOD - [2010/10/22 16:25:41 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\DAP\zlib.dll
MOD - [2010/10/20 14:45:26 | 008,801,120 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2009/07/30 17:15:32 | 000,503,202 | ---- | M] () -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\sqlite3.dll


========== Services (SafeList) ==========

SRV:64bit: - [2012/03/26 18:49:56 | 000,291,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2012/04/05 15:50:08 | 000,008,704 | ---- | M] (Hi-Rez Studios) [Auto | Running] -- C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe -- (HiPatchService)
SRV - [2012/02/29 19:02:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012/02/29 13:26:46 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011/12/11 14:57:47 | 000,419,624 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011/09/05 05:52:14 | 000,265,928 | ---- | M] (SpeedBit Ltd.) [Auto | Running] -- C:\Program Files (x86)\SpeedBit Video Accelerator\VideoAcceleratorService.exe -- (VideoAcceleratorService)
SRV - [2011/04/10 09:27:57 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2010/07/16 16:23:30 | 006,638,080 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe -- (AllShare)
SRV - [2010/03/29 07:51:54 | 000,068,000 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\NOS\bin\getPlus_Helper.dll -- (getPlusHelper)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\msco rsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/10/23 11:31:44 | 000,401,920 | ---- | M] (Amazon.com) [On_Demand | Stopped] -- C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe -- (Amazon Download Agent)
SRV - [2009/10/13 15:39:46 | 000,114,688 | ---- | M] (Gigabyte Technology CO., LTD.) [Auto | Running] -- C:\Program Files (x86)\GIGABYTE\smart6\timelock\TimeMgmtDaemon.exe -- (Smart TimeLock)
SRV - [2009/08/06 00:51:20 | 000,065,536 | R--- | M] () [Auto | Running] -- C:\Windows\SysWOW64\XSrvSetup.exe -- (JMB36X)
SRV - [2009/08/04 16:29:54 | 000,219,360 | ---- | M] (DeviceVM, Inc.) [Auto | Running] -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe -- (BCUService)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\msco rsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/03/20 20:44:12 | 000,098,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/01/17 07:45:56 | 000,188,224 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2011/05/10 07:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/04/08 22:00:20 | 000,047,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d)
DRV:64bit: - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/10 12:36:12 | 000,848,384 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtl8192cu.sys -- (RTL8192cu)
DRV:64bit: - [2010/11/20 08:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 06:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/07/21 16:59:28 | 000,045,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:64bit: - [2010/06/06 22:12:22 | 000,035,840 | R--- | M] (Avanquest Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BVRPMPR5a64.SYS -- (BVRPMPR5a64)
DRV:64bit: - [2010/03/01 09:35:20 | 000,020,520 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AppleCharger.sys -- (AppleCharger)
DRV:64bit: - [2009/11/20 06:16:02 | 000,177,152 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2009/11/20 06:15:58 | 000,075,776 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2009/10/29 03:14:38 | 000,115,824 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\jraid.sys -- (JRAID)
DRV:64bit: - [2009/08/20 11:05:06 | 000,239,616 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/08/10 13:07:40 | 000,119,680 | ---- | M] (Gemalto) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\GemCCID.sys -- (GemCCID)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 19:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009/07/13 19:35:37 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDScan.sys -- (WSDScan)
DRV:64bit: - [2009/07/13 19:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/07/13 19:06:43 | 000,060,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\61883.sys -- (61883)
DRV:64bit: - [2009/07/13 19:06:43 | 000,048,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\avc.sys -- (Avc)
DRV:64bit: - [2009/07/13 19:06:40 | 000,017,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\avcstrm.sys -- (AVCSTRM)
DRV:64bit: - [2009/07/13 19:06:39 | 000,056,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mstape.sys -- (MSTAPE)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 12:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2008/09/17 13:14:00 | 000,012,744 | R--- | M] (EnTech Taiwan) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Entech64.sys -- (ENTECH64)
DRV:64bit: - [2005/09/23 22:18:34 | 000,261,120 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MarvinBus64.sys -- (MarvinBus)
DRV - [2010/08/09 21:14:57 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {7846ae31-bea2-438a-8f5e-2d899361656c} - C:\Program Files (x86)\Game_Master_1.1\prxtbGame.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVer sion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Inter net Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-84035464-1872064489-2758392425-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKU\S-1-5-21-84035464-1872064489-2758392425-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\S-1-5-21-84035464-1872064489-2758392425-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-84035464-1872064489-2758392425-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKU\S-1-5-21-84035464-1872064489-2758392425-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-84035464-1872064489-2758392425-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = D1 E6 0F 6B 2D FB CA 01 [binary data]
IE - HKU\S-1-5-21-84035464-1872064489-2758392425-1001\..\URLSearchHook: {7846ae31-bea2-438a-8f5e-2d899361656c} - C:\Program Files (x86)\Game_Master_1.1\prxtbGame.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-84035464-1872064489-2758392425-1001\..\URLSearchHook: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-84035464-1872064489-2758392425-1001\..\URLSearchHook: {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll (DeviceVM, Inc.)
IE - HKU\S-1-5-21-84035464-1872064489-2758392425-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-84035464-1872064489-2758392425-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-84035464-1872064489-2758392425-1001\..\SearchScopes\{1A46A814-F477-47c1-8DBD-617DAEDDDC26}: "URL" = http://search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBD
IE - HKU\S-1-5-21-84035464-1872064489-2758392425-1001\..\SearchScopes\{9922FE00-33F5-496a-A162-0975BCFDE0A1}: "URL" = http://www.google.com/custom?client=pub-3794288947762788&forid=1&channel=1975384696&ie=UTF-8&oe=UTF-8&safe=active&cof=GALT%3A%23008000%3BGL%3A1%3BDIV% 3A%23336699%3BVLC%3A663399%3BAH%3Acenter%3BBGC%3AF FFFFF%3BLBGC%3A336699%3BALC%3A0000FF%3BLC%3A0000FF %3BT%3A000000%3BGFNT%3A0000FF%3BGIMP%3A0000FF%3BFO RID%3A1&hl=en&q={searchTerms}
IE - HKU\S-1-5-21-84035464-1872064489-2758392425-1001\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-84035464-1872064489-2758392425-1001\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings: "ProxyOverride" = *.local



========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@comrade.gamespy.com/comrade: C:\Program Files (x86)\GameSpy\Comrade\npcomrade.dll (IGN Entertainment)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.2.72: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.2.72: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.2.72: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin \MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.2.72: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin \MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.2.72: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extens ions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin \Firefox\Ext [2012/02/11 11:45:09 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensi ons\\{F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}: C:\Program Files (x86)\DAP\DAPFireFox [2010/10/22 16:25:44 | 000,000,000 | ---D | M]

[2011/12/22 17:44:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Vince\AppData\Roaming\mozilla\Firefox\ext ensions
[2011/12/22 17:44:30 | 000,000,000 | ---D | M] (BitTorrentBar Community Toolbar) -- C:\Users\Vince\AppData\Roaming\mozilla\Firefox\ext ensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}

O1 HOSTS File: ([2009/06/10 16:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssiea.dll File not found
O2:64bit: - BHO: (DAPIELoader Class) - {FF6C3CF0-4B15-11D1-ABED-709549C10000} - C:\Program Files (x86)\DAP\DAPIELoader64.dll (SpeedBit Ltd.)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (PE_IE_Helper Class) - {0941C58F-E461-4E03-BD7D-44C27392ADE1} - C:\Program Files (x86)\IBM\Lotus Forms\Viewer\3.5\PEhelper.dll (IBM Corporation)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin \IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssie.dll File not found
O2 - BHO: (Game Master 1.1 Toolbar) - {7846ae31-bea2-438a-8f5e-2d899361656c} - C:\Program Files (x86)\Game_Master_1.1\prxtbGame.dll (Conduit Ltd.)
O2 - BHO: (BitTorrentBar Toolbar) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll (Conduit Ltd.)
O2 - BHO: (SBCONVERT Class) - {92A9ACF4-9333-43AE-9698-DB283326F87F} - C:\Program Files (x86)\SpeedBit Video Downloader\TBU35\tbcore3.dll ()
O2 - BHO: (IeMonitorBho Class) - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files (x86)\Megaupload\Mega Manager\MegaIEMn.dll (Megaupload Limited)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll File not found
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInsta nce.dll (Yahoo! Inc)
O2 - BHO: (Download Accelerator Plus Integration) - {FF6C3CF0-4B15-11D1-ABED-709549C10000} - C:\Program Files (x86)\DAP\dapieloader.dll (SpeedBit Ltd.)
O2 - BHO: (GrabberObj Class) - {FF7C3CF0-4B15-11D1-ABED-709549C10000} - C:\Program Files (x86)\SpeedBit Video Downloader\TBU35\Grabber.dll (SpeedBit)
O3 - HKLM\..\Toolbar: (SpeedBit Video Downloader) - {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - C:\Program Files (x86)\SpeedBit Video Downloader\TBU35\tbcore3.dll ()
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Game Master 1.1 Toolbar) - {7846ae31-bea2-438a-8f5e-2d899361656c} - C:\Program Files (x86)\Game_Master_1.1\prxtbGame.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (BitTorrentBar Toolbar) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKU\S-1-5-21-84035464-1872064489-2758392425-1001\..\Toolbar\WebBrowser: (Game Master 1.1 Toolbar) - {7846AE31-BEA2-438A-8F5E-2D899361656C} - C:\Program Files (x86)\Game_Master_1.1\prxtbGame.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-84035464-1872064489-2758392425-1001\..\Toolbar\WebBrowser: (BitTorrentBar Toolbar) - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [IntelliPoint] c:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [SBRegRebootCleaner] "C:\Program Files (x86)\Ad-Aware Antivirus\SBRC.exe" File not found
O4 - HKLM..\Run: [Ad-Aware Browsing Protection] C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft)
O4 - HKLM..\Run: [BCU] C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe (DeviceVM, Inc.)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (NEC Electronics Corporation)
O4 - HKLM..\Run: [ROC_roc_ssl_v12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12 File not found
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-84035464-1872064489-2758392425-1001..\Run: [DownloadAccelerator] C:\Program Files (x86)\DAP\DAP.EXE (SpeedBit Ltd.)
O4 - HKU\S-1-5-21-84035464-1872064489-2758392425-1006..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-84035464-1872064489-2758392425-1006..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: &Clean Traces - C:\Program Files (x86)\DAP\Privacy Package\dapcleanerie.htm ()
O8:64bit: - Extra context menu item: &Download with &DAP - C:\Program Files (x86)\DAP\dapextie.htm ()
O8:64bit: - Extra context menu item: Download &all with DAP - C:\Program Files (x86)\DAP\dapextie2.htm ()
O8:64bit: - Extra context menu item: Download Link Using Mega Manager... - C:\Program Files (x86)\Megaupload\Mega Manager\mm_file.htm ()
O8 - Extra context menu item: &Clean Traces - C:\Program Files (x86)\DAP\Privacy Package\dapcleanerie.htm ()
O8 - Extra context menu item: &Download with &DAP - C:\Program Files (x86)\DAP\dapextie.htm ()
O8 - Extra context menu item: Download &all with DAP - C:\Program Files (x86)\DAP\dapextie2.htm ()
O8 - Extra context menu item: Download Link Using Mega Manager... - C:\Program Files (x86)\Megaupload\Mega Manager\mm_file.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - mmswsock.dll File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll (SpeedBit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll (SpeedBit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll (SpeedBit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll (SpeedBit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll (SpeedBit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll (SpeedBit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll (SpeedBit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll (SpeedBit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll (SpeedBit)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {74F4F118-91E6-4AFC-B8D2-04066781F239} https://online2.penfed.org/PenFedOnl...sitEnabler.cab (EZTwainX by Dosadi)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/ge...sh/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (get_atlcom Class)
O16 - DPF: Garmin Communicator Plug-In https://static.garmincdn.com/gcp/ie/...nAxControl.CAB (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfac es\{0CC7EE2C-9E72-4884-968D-69DEE33BE4FC}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (SBBD.exe /d \Device\HarddiskVolume2\Program Files (x86)\Ad-Aware Antivirus\Definitions)
O34 - HKLM BootExecute: (aswBoot.exe /A:"*" /L:"1033" /heur:80 /RA:ask /pup /archives /IA:0 /KBD:2 /wow /dir:"C:\Program Files\AVAST Software\Avast")
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/11/01 20:14:45 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Vince\Desktop\OTL.exe
[2012/10/31 11:27:19 | 000,285,328 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2012/10/31 11:26:49 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2012/10/31 11:26:49 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012/10/30 20:01:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2012/10/30 20:01:25 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012/10/30 13:05:52 | 000,000,000 | ---D | C] -- C:\Users\Vince\AppData\Roaming\TuneUp Software
[2012/10/30 13:03:45 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2013
[2012/10/30 13:01:06 | 000,000,000 | ---D | C] -- C:\Users\Vince\AppData\Local\MFAData
[2012/10/30 13:01:06 | 000,000,000 | ---D | C] -- C:\Users\Vince\AppData\Local\Avg2013
[2012/10/30 12:49:47 | 000,000,000 | ---D | C] -- C:\ProgramData\GFI Software
[2012/10/30 12:31:13 | 000,000,000 | ---D | C] -- C:\Users\Vince\AppData\Roaming\Malwarebytes
[2012/10/30 12:31:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/10/30 12:30:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/10/30 12:30:51 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/10/30 12:30:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/11/01 20:14:46 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Vince\Desktop\OTL.exe
[2012/11/01 20:09:00 | 000,015,024 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/11/01 20:09:00 | 000,015,024 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/11/01 20:00:49 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/11/01 20:00:45 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/11/01 20:00:26 | 535,683,071 | -HS- | M] () -- C:\hiberfil.sys
[2012/11/01 18:44:00 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/10/31 11:27:19 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2012/10/31 09:48:37 | 000,729,706 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/10/31 09:48:37 | 000,626,290 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/10/31 09:48:37 | 000,107,566 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/10/30 12:31:00 | 000,001,069 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/10/23 05:17:13 | 000,285,328 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/10/31 11:27:19 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2012/10/30 12:31:00 | 000,001,069 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/02/29 13:26:56 | 000,416,064 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2012/02/11 11:46:20 | 000,650,752 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2012/02/11 11:46:20 | 000,240,640 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011/12/24 09:11:19 | 000,000,190 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2011/12/22 17:55:11 | 000,743,538 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/12/22 17:22:56 | 000,451,072 | ---- | C] () -- C:\Windows\SysWow64\ISSRemoveSP.exe
[2011/09/28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011/01/17 12:17:11 | 000,005,120 | ---- | C] () -- C:\Users\Vince\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/01/09 08:59:05 | 000,000,073 | ---- | C] () -- C:\Windows\wininit.ini
[2011/01/09 08:56:03 | 000,000,457 | ---- | C] () -- C:\Windows\SIERRA.INI
[2010/05/24 23:00:00 | 000,007,607 | ---- | C] () -- C:\Users\Vince\AppData\Local\Resmon.ResmonCfg

========== ZeroAccess Check ==========

[2011/11/17 01:41:18 | 000,002,048 | -HS- | M] () -- C:\Windows\Installer\{6c368edb-24c4-a9aa-8320-9f0e6459d15c}\@
[2012/07/08 08:37:02 | 000,000,000 | -HSD | M] -- C:\Windows\Installer\{6c368edb-24c4-a9aa-8320-9f0e6459d15c}\L
[2012/11/01 20:06:58 | 000,000,000 | -HSD | M] -- C:\Windows\Installer\{6c368edb-24c4-a9aa-8320-9f0e6459d15c}\U
[2012/11/01 20:06:58 | 000,000,804 | ---- | M] () -- C:\Windows\Installer\{6c368edb-24c4-a9aa-8320-9f0e6459d15c}\L\00000004.@
[2012/11/01 20:06:58 | 000,002,048 | ---- | M] () -- C:\Windows\Installer\{6c368edb-24c4-a9aa-8320-9f0e6459d15c}\U\00000004.@
[2012/11/01 17:43:30 | 000,232,960 | ---- | M] () -- C:\Windows\Installer\{6c368edb-24c4-a9aa-8320-9f0e6459d15c}\U\00000008.@
[2012/11/01 19:00:00 | 000,001,632 | ---- | M] () -- C:\Windows\Installer\{6c368edb-24c4-a9aa-8320-9f0e6459d15c}\U\000000cb.@
[2012/11/01 20:06:58 | 000,015,360 | ---- | M] () -- C:\Windows\Installer\{6c368edb-24c4-a9aa-8320-9f0e6459d15c}\U\80000000.@
[2012/11/01 20:03:38 | 000,091,136 | ---- | M] () -- C:\Windows\Installer\{6c368edb-24c4-a9aa-8320-9f0e6459d15c}\U\80000032.@
[2012/11/01 16:45:03 | 000,078,848 | ---- | M] () -- C:\Windows\Installer\{6c368edb-24c4-a9aa-8320-9f0e6459d15c}\U\80000064.@
[2012/07/19 03:37:38 | 000,002,048 | -HS- | M] () -- C:\Users\Vince\AppData\Local\{6c368edb-24c4-a9aa-8320-9f0e6459d15c}\@
[2011/11/17 01:41:18 | 000,000,000 | -HSD | M] -- C:\Users\Vince\AppData\Local\{6c368edb-24c4-a9aa-8320-9f0e6459d15c}\L
[2011/11/17 01:41:18 | 000,000,000 | -HSD | M] -- C:\Users\Vince\AppData\Local\{6c368edb-24c4-a9aa-8320-9f0e6459d15c}\U
[2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[2012/11/01 20:01:30 | 000,005,120 | -HS- | M] () -- C:\Windows\assembly\GAC_32\Desktop.ini
[2012/11/01 20:01:30 | 000,006,144 | -HS- | M] () -- C:\Windows\assembly\GAC_64\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"ThreadingModel" = Both
"" = C:\Users\Vince\AppData\Local\{6c368edb-24c4-a9aa-8320-9f0e6459d15c}\n.

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\cls id\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\cls id\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc8 7-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 00:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\cl sid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 23:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA 9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\cl sid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 07:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CD B-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\cl sid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== Alternate Data Streams ==========

@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:2B11E0DF

< End of report >
Reply With Quote
  #6  
Old November 2nd, 2012, 10:14 AM
fredcoppola fredcoppola is offline
Senior Member
 
Join Date: Jul 2006
Posts: 199
OTL Extras logfile created on: 11/1/2012 8:15:11 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Vince\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

6.00 Gb Total Physical Memory | 4.17 Gb Available Physical Memory | 69.59% Memory free
12.00 Gb Paging File | 10.09 Gb Available in Paging File | 84.11% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931.41 Gb Total Space | 594.25 Gb Free Space | 63.80% Space Free | Partition Type: NTFS

Computer Name: VINCE-PC | User Name: Vince | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Firewall Rules]

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Firewall Rules]

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall]
"{0E543634-7E25-4B8F-8D5B-97880E5E5088}" = Bonjour
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG6100_series" = Canon MG6100 series MP Drivers
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP620_series" = Canon MP620 series MP Drivers
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{21B133D6-5979-47F0-BE1C-F6A6B304693F}" = Visual Studio 2010 x64 Redistributables
"{28D73032-5DAA-4F83-B154-85105DBCCB92}" = iTunes
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{439760BC-7737-4386-9B1D-A90A3E8A22EA}" = Apple Mobile Device Support
"{563F041C-DFDB-437B-A1E8-E141E0906076}" = Microsoft IntelliPoint 8.0
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6DE721A5-5E89-4D74-994C-652BB3C0672E}" = Pinnacle Video Driver
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{9D046B26-7978-47CD-91E6-AC3C1DFBC3D0}" = Microsoft Security Client
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.12.0213
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.7.11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.3.12.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{E06AF9BE-E1D6-4867-8DBF-74E4BA32BBB3}" = DAP Plug-in for 64 Bit IE
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Security Client" = Microsoft Security Essentials
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall]
"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0CB3C535-1171-4A20-B549-E2CB5DEB9723}" = MySQL Connector/ODBC 3.51
"{1CF028E5-705D-4B62-AC1D-A59593B7C0BB}" = Sid Meier's Civilization 4
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812}_is1" = World of Tanks
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2A2E822B-3B0E-46C1-9E3B-ACD7D1E95139}" = SAMSUNG PC Share Manager
"{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}" = Visual C++ 8.0 Runtime Setup Package (x64)
"{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = Gigabyte Raid Cinfigurer
"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2
"{3B35725F-C623-4A1E-B5CC-99C0868679E3}" = Smart 6 B9.1105.1
"{3B6E3FC6-274C-4B6C-BC85-5C3B15DE18E2}" = Mega Manager
"{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF010}" = Tribes Ascend
"{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}" = Hi-Rez Studios Authenticate and Update Service
"{3DECD372-76A1-4483-BF10-B547790A3261}" = ON_OFF Charge B10.0301.1
"{40296377-CCB2-D0F9-6DCB-99713C846B4D}" = GameFly
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5B363E1D-8C36-4458-BAE4-D5081999E094}" = Browser Configuration Utility
"{65173BC2-60E7-4DE8-A61D-A81FCB96EE93}" = Pinnacle Studio Ultimate Plugins
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7F752BAB-4AFD-4138-983D-7E9E7CFE077D}" = GameSpy Comrade
"{81E2D8D7-F104-4EB9-97A7-98996A611FF6}" = Sid Meier's Civilization 4 - Beyond the Sword
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows Vista and Later
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUSR_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0116-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{910F4A29-1134-49E0-AD8B-56E4A3152BD1}" = The Sims™ 3 Ambitions
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{98613C99-1399-416C-A07C-1EE1C585D872}" = SeaTools for Windows
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D318C86-AF4C-409F-A6AC-7183FF4CF424}" = Internet TV for Windows Media Center
"{A0BBF7AB-2F47-47DC-BB02-4C826F2BC73C}" = IBM Lotus Forms Viewer 3.5.1
"{A885BB70-FE0B-499F-94DF-13965FA72A32}" = Caesar(TM) IV
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AADD1C8F-D59F-4D55-A726-768C71A205A8}" = Pinnacle Studio 14
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3
"{B20F9D1C-A0A5-4cd8-8306-DA03872311B1}" = Belkin N300 Micro USB Wireless Adapter
"{B3575D00-27EF-49C2-B9E0-14B3D954E992}" = Apple Application Support
"{B42F73D4-AFDA-4761-B3F4-23A872D11339}" = Morrowind
"{B9CA59A0-3B70-48F8-9054-67595DE6E72B}" = League of Legends
"{BA801B94-C28D-46EE-B806-E1E021A3D519}" = Company of Heroes
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C41DABFE-49B1-4B24-9DF0-6DF70B485737}" = Mega Manager
"{D7BF9739-8A68-4335-BBEE-37752AD9E86B}" = NEC Electronics USB 3.0 Host Controller Driver
"{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2E23139-3404-4E3C-9855-7724415D62A5}" = Dragon Age II
"{F8131A35-47FD-27AD-116D-0E79AF5DE5EE}" = Acrobat.com
"{FAA7F8FF-3C05-4A61-8F14-D8A6E9ED6623}" = ooVoo
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{FF70923C-8A51-47F4-A7E9-893C6D54EB68}" = TES Construction Set
"1B3D4AC6-BE9B-4d4a-87A7-51B0197C8DEB_is1" = Jagged Alliance 2 v1.13 (EN) [1.0.0.4452]
"Ad-Aware Browsing Protection" = Ad-Aware Browsing Protection
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Amazon Games & Software Downloader_is1" = Amazon Games & Software Downloader
"BitTorrent" = BitTorrent
"BitTorrentBar Toolbar" = BitTorrentBar Toolbar
"Caesar 3" = Caesar 3
"Canon MP620 series User Registration" = Canon MP620 series User Registration
"Canon_IJ_Network_Scan_UTILITY" = Canon IJ Network Scan Utility
"Canon_IJ_Network_UTILITY" = Canon IJ Network Tool
"CanonMyPrinter" = Canon Utilities My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B3204 85DF8CE.1" = Acrobat.com
"conduitEngine" = Conduit Engine
"CRON-O-METER" = CRON-O-METER 0.9.8
"Diablo III" = Diablo III
"Diablo III Beta" = Diablo III Beta
"Download Accelerator Plus (DAP)" = Download Accelerator Plus (DAP)
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"Game_Master_1.1 Toolbar" = Game Master 1.1 Toolbar
"GameFly" = GameFly
"InstallShield_{2A2E822B-3B0E-46C1-9E3B-ACD7D1E95139}" = SAMSUNG PC Share Manager
"InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}" = NEC Electronics USB 3.0 Host Controller Driver
"Jagged Alliance 2_is1" = Jagged Alliance 2
"Knoll Light Factory EZ Studio" = Knoll Light Factory EZ Studio
"LuaEdit_is1" = LuaEdit 3.0.3 RC
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.65.1.1000
"MP Navigator EX 2.0" = Canon MP Navigator EX 2.0
"Mplayer" = Mplayer 0.6.9
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"OpenAL" = OpenAL
"Origin" = Origin
"Precision" = EVGA Precision 1.9.2
"PricePeep" = PricePeep for Internet Explorer
"PunkBusterSvc" = PunkBuster Services
"RealPlayer 15.0" = RealPlayer
"Red Giant ToonIt Studio" = Red Giant ToonIt Studio
"Sierra Utilities" = Sierra Utilities
"SpeedBit Video Accelerator" = SpeedBit Video Accelerator
"SpeedBit Video Downloader" = SpeedBit Video Downloader
"StarCraft II" = StarCraft II
"Steam App 10" = Counter-Strike
"Steam App 15620" = Warhammer® 40,000™: Dawn of War® II
"Steam App 216690" = XCOM: Enemy Unknown Demo
"Steam App 219850" = Torchlight II Demo
"Steam App 22380" = Fallout: New Vegas
"Steam App 57740" = Jagged Alliance - Back in Action
"Steam App 730" = Counter-Strike: Global Offensive
"Steam App 745" = Counter-Strike: Global Offensive - SDK
"Steam App 8930" = Sid Meier's Civilization V
"Viewer_armyifx" = Viewer_armyifx
"Warcraft III" = Warcraft III
"World of Warcraft" = World of Warcraft
"X-Com UFO Defense" = X-Com UFO Defense
"Xvid Video Codec 1.3.1" = Xvid Video Codec
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Software Update" = Yahoo! Software Update

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-84035464-1872064489-2758392425-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall]

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 11/1/2012 11:26:08 PM | Computer Name = Vince-PC | Source = Application Error | ID = 1000
Description = Faulting application name: svchost.exe, version: 6.1.7600.16385, time
stamp: 0x4a5bc100 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x00090028 Faulting process id: 0x834 Faulting application
start time: 0x01cdb8a9ccbdaf19 Faulting application path: C:\Windows\SysWOW64\svchost.exe
Faulting
module path: unknown Report Id: 0a6c9b59-249d-11e2-bce9-6cf049e75431

Error - 11/1/2012 11:27:08 PM | Computer Name = Vince-PC | Source = Application Error | ID = 1000
Description = Faulting application name: svchost.exe, version: 6.1.7600.16385, time
stamp: 0x4a5bc100 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x000d0028 Faulting process id: 0x1728 Faulting application
start time: 0x01cdb8a9f08c8258 Faulting application path: C:\Windows\SysWOW64\svchost.exe
Faulting
module path: unknown Report Id: 2e390d38-249d-11e2-bce9-6cf049e75431

Error - 11/1/2012 11:28:08 PM | Computer Name = Vince-PC | Source = Application Error | ID = 1000
Description = Faulting application name: svchost.exe, version: 6.1.7600.16385, time
stamp: 0x4a5bc100 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x00090028 Faulting process id: 0x99c Faulting application
start time: 0x01cdb8aa146279b8 Faulting application path: C:\Windows\SysWOW64\svchost.exe
Faulting
module path: unknown Report Id: 520f0498-249d-11e2-bce9-6cf049e75431

Error - 11/1/2012 11:29:09 PM | Computer Name = Vince-PC | Source = Application Error | ID = 1000
Description = Faulting application name: svchost.exe, version: 6.1.7600.16385, time
stamp: 0x4a5bc100 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x00090028 Faulting process id: 0x35c Faulting application
start time: 0x01cdb8aa382eeb97 Faulting application path: C:\Windows\SysWOW64\svchost.exe
Faulting
module path: unknown Report Id: 75db7677-249d-11e2-bce9-6cf049e75431

Error - 11/1/2012 11:30:09 PM | Computer Name = Vince-PC | Source = Application Error | ID = 1000
Description = Faulting application name: svchost.exe, version: 6.1.7600.16385, time
stamp: 0x4a5bc100 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x00090028 Faulting process id: 0x1150 Faulting application
start time: 0x01cdb8aa5bfb5d76 Faulting application path: C:\Windows\SysWOW64\svchost.exe
Faulting
module path: unknown Report Id: 99a7e856-249d-11e2-bce9-6cf049e75431

Error - 11/1/2012 11:31:09 PM | Computer Name = Vince-PC | Source = Application Error | ID = 1000
Description = Faulting application name: svchost.exe, version: 6.1.7600.16385, time
stamp: 0x4a5bc100 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x000d0028 Faulting process id: 0xee8 Faulting application
start time: 0x01cdb8aa7fc7cf55 Faulting application path: C:\Windows\SysWOW64\svchost.exe
Faulting
module path: unknown Report Id: bd745a35-249d-11e2-bce9-6cf049e75431

Error - 11/1/2012 11:32:09 PM | Computer Name = Vince-PC | Source = Application Error | ID = 1000
Description = Faulting application name: svchost.exe, version: 6.1.7600.16385, time
stamp: 0x4a5bc100 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x00090028 Faulting process id: 0x1308 Faulting application
start time: 0x01cdb8aaa3bf19f8 Faulting application path: C:\Windows\SysWOW64\svchost.exe
Faulting
module path: unknown Report Id: e16ba4d9-249d-11e2-bce9-6cf049e75431

Error - 11/1/2012 11:33:09 PM | Computer Name = Vince-PC | Source = Application Error | ID = 1000
Description = Faulting application name: svchost.exe, version: 6.1.7600.16385, time
stamp: 0x4a5bc100 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x00090028 Faulting process id: 0x314 Faulting application
start time: 0x01cdb8aac78b8bd7 Faulting application path: C:\Windows\SysWOW64\svchost.exe
Faulting
module path: unknown Report Id: 053816b8-249e-11e2-bce9-6cf049e75431

Error - 11/1/2012 11:34:09 PM | Computer Name = Vince-PC | Source = Application Error | ID = 1000
Description = Faulting application name: svchost.exe, version: 6.1.7600.16385, time
stamp: 0x4a5bc100 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x000d0028 Faulting process id: 0x7fc Faulting application
start time: 0x01cdb8aaeb57fdb6 Faulting application path: C:\Windows\SysWOW64\svchost.exe
Faulting
module path: unknown Report Id: 29048896-249e-11e2-bce9-6cf049e75431

Error - 11/1/2012 11:35:09 PM | Computer Name = Vince-PC | Source = Application Error | ID = 1000
Description = Faulting application name: svchost.exe, version: 6.1.7600.16385, time
stamp: 0x4a5bc100 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x00090028 Faulting process id: 0x16dc Faulting application
start time: 0x01cdb8ab0f3e9eb8 Faulting application path: C:\Windows\SysWOW64\svchost.exe
Faulting
module path: unknown Report Id: 4ceb2998-249e-11e2-bce9-6cf049e75431

Error - 11/1/2012 11:36:09 PM | Computer Name = Vince-PC | Source = Application Error | ID = 1000
Description = Faulting application name: svchost.exe, version: 6.1.7600.16385, time
stamp: 0x4a5bc100 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x00090028 Faulting process id: 0x162c Faulting application
start time: 0x01cdb8ab330b1097 Faulting application path: C:\Windows\SysWOW64\svchost.exe
Faulting
module path: unknown Report Id: 70b79b77-249e-11e2-bce9-6cf049e75431

[ Media Center Events ]
Error - 11/28/2010 11:36:43 AM | Computer Name = Vince-PC | Source = MCUpdate | ID = 0
Description = 10:36:43 AM - Error connecting to the internet. 10:36:43 AM - Unable
to contact server..

Error - 11/28/2010 11:36:49 AM | Computer Name = Vince-PC | Source = MCUpdate | ID = 0
Description = 10:36:48 AM - Error connecting to the internet. 10:36:48 AM - Unable
to contact server..

Error - 11/28/2010 11:15:25 PM | Computer Name = Vince-PC | Source = MCUpdate | ID = 0
Description = 10:15:25 PM - Error connecting to the internet. 10:15:25 PM - Unable
to contact server..

Error - 11/28/2010 11:15:31 PM | Computer Name = Vince-PC | Source = MCUpdate | ID = 0
Description = 10:15:30 PM - Error connecting to the internet. 10:15:30 PM - Unable
to contact server..

Error - 11/29/2010 11:18:48 AM | Computer Name = Vince-PC | Source = MCUpdate | ID = 0
Description = 10:18:48 AM - Error connecting to the internet. 10:18:48 AM - Unable
to contact server..

Error - 11/29/2010 11:18:53 AM | Computer Name = Vince-PC | Source = MCUpdate | ID = 0
Description = 10:18:53 AM - Error connecting to the internet. 10:18:53 AM - Unable
to contact server..

Error - 11/29/2010 11:09:03 PM | Computer Name = Vince-PC | Source = MCUpdate | ID = 0
Description = 10:09:03 PM - Error connecting to the internet. 10:09:03 PM - Unable
to contact server..

Error - 11/29/2010 11:09:08 PM | Computer Name = Vince-PC | Source = MCUpdate | ID = 0
Description = 10:09:08 PM - Error connecting to the internet. 10:09:08 PM - Unable
to contact server..

Error - 11/30/2010 11:31:05 AM | Computer Name = Vince-PC | Source = MCUpdate | ID = 0
Description = 10:31:05 AM - Error connecting to the internet. 10:31:05 AM - Unable
to contact server..

Error - 11/30/2010 11:31:11 AM | Computer Name = Vince-PC | Source = MCUpdate | ID = 0
Description = 10:31:10 AM - Error connecting to the internet. 10:31:10 AM - Unable
to contact server..

[ System Events ]
Error - 11/1/2012 9:01:48 PM | Computer Name = Vince-PC | Source = DCOM | ID = 10016
Description =

Error - 11/1/2012 9:01:49 PM | Computer Name = Vince-PC | Source = Service Control Manager | ID = 7023
Description = The Function Discovery Resource Publication service terminated with
the following error: %%-2147024891

Error - 11/1/2012 9:01:49 PM | Computer Name = Vince-PC | Source = Service Control Manager | ID = 7001
Description = The HomeGroup Provider service depends on the Function Discovery Resource
Publication service which failed to start because of the following error: %%-2147024891

Error - 11/1/2012 9:01:51 PM | Computer Name = Vince-PC | Source = DCOM | ID = 10016
Description =

Error - 11/1/2012 10:39:19 PM | Computer Name = Vince-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume \Device\HarddiskVolume2.

Error - 11/1/2012 11:03:22 PM | Computer Name = Vince-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume \Device\HarddiskVolume2.

Error - 11/1/2012 11:10:37 PM | Computer Name = Vince-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume \Device\HarddiskVolume2.

Error - 11/1/2012 11:32:52 PM | Computer Name = Vince-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume \Device\HarddiskVolume2.

Error - 11/1/2012 11:32:53 PM | Computer Name = Vince-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume \Device\HarddiskVolume2.

Error - 11/1/2012 11:32:54 PM | Computer Name = Vince-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume \Device\HarddiskVolume2.


< End of report >
Reply With Quote
  #7  
Old November 2nd, 2012, 03:10 PM
fredcoppola fredcoppola is offline
Senior Member
 
Join Date: Jul 2006
Posts: 199
From my iPhone: these scans are taking hours and hours. Still scanning one folder of Internet files\content.ie5... Should it take over five hours?
Reply With Quote
  #8  
Old November 2nd, 2012, 05:07 PM
fredcoppola fredcoppola is offline
Senior Member
 
Join Date: Jul 2006
Posts: 199
Seven hours and still scanning. still in the same folder listed above.
Reply With Quote
  #9  
Old November 2nd, 2012, 05:57 PM
fredcoppola fredcoppola is offline
Senior Member
 
Join Date: Jul 2006
Posts: 199
GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-11-02 11:55:59
Windows 6.1.7601 Service Pack 1
Running: brne3mek.exe


---- Files - GMER 1.0.15 ----

File C:\ProgramData\Microsoft\Windows\WER\ReportArchive \AppCrash_svchost.exe_75d2af3d5cba55abd9e22e8bc562 b5c04e97e_1868a563 0 bytes

---- EOF - GMER 1.0.15 ----
Reply With Quote
  #10  
Old November 2nd, 2012, 06:45 PM
fredcoppola fredcoppola is offline
Senior Member
 
Join Date: Jul 2006
Posts: 199
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-11-02 11:58:57
-----------------------------
11:58:57.295 OS Version: Windows x64 6.1.7601 Service Pack 1
11:58:57.295 Number of processors: 8 586 0x1A05
11:58:57.295 ComputerName: VINCE-PC UserName: Vince
11:58:58.138 Initialize success
12:01:02.060 AVAST engine defs: 12110200
12:01:39.282 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Scsi\JRAID1Port0Path0Target0Lun0
12:01:39.282 Disk 0 Vendor: ________ CCE3 Size: 953869MB BusType: 8
12:01:39.297 Disk 0 MBR read successfully
12:01:39.297 Disk 0 MBR scan
12:01:39.297 Disk 0 Windows 7 default MBR code
12:01:39.313 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
12:01:39.329 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 953767 MB offset 206848
12:01:39.344 Disk 0 scanning C:\Windows\system32\drivers
12:01:55.334 Service scanning
12:02:14.163 Modules scanning
12:02:14.163 Disk 0 trace - called modules:
12:02:14.179 ntoskrnl.exe CLASSPNP.SYS disk.sys SCSIPORT.SYS hal.dll jraid.sys
12:02:14.195 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8005f95790]
12:02:14.195 3 CLASSPNP.SYS[fffff880019d143f] -> nt!IofCallDriver -> \Device\Scsi\JRAID1Port0Path0Target0Lun0[0xfffffa8005d4e050]
12:02:15.661 AVAST engine scan C:\Windows
12:02:18.188 AVAST engine scan C:\Windows\system32
12:03:47.639 File: C:\Windows\system32\services.exe **INFECTED** Win32:Patched-AKC [Trj]
12:04:23.191 File: C:\Windows\assembly\GAC_32\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
12:04:25.562 File: C:\Windows\assembly\GAC_64\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
12:05:41.940 AVAST engine scan C:\Windows\system32\drivers
12:05:56.245 AVAST engine scan C:\Users\Vince
12:13:16.899 AVAST engine scan C:\ProgramData
12:18:58.805 Scan finished successfully
12:43:45.379 Disk 0 MBR has been saved successfully to "C:\Users\Vince\Desktop\MBR.dat"
12:43:45.394 The log file has been saved successfully to "C:\Users\Vince\Desktop\aswMBR.txt"


Finally finished...
Reply With Quote
  #11  
Old November 2nd, 2012, 11:20 PM
fredcoppola fredcoppola is offline
Senior Member
 
Join Date: Jul 2006
Posts: 199
I should have said, my son is running Windows 7 Home Edition. Thanks for the help.
Reply With Quote
  #12  
Old November 3rd, 2012, 12:16 AM
Jintan's Avatar
Jintan Jintan is offline
Cyber Tech Help Moderator
 
Join Date: Dec 2004
Posts: 52,002
Good work getting that done. The malware of course is interfering there.


Be sure to continue to temporarily disable any protective software when running the scan tools we use here.

Click here and download Kaspersky's TDSSKiller to your desktop, but as you download it, rename it to larry.com then click that file to run TDSSKiller.

In the display that opens click Start scan. Once that completes, follow any prompts to act on anything it located, including as reboot (Reboot Now) if requested.
When the scan completes it will create a log file on your C drive.

Similar in name to this:

C:\TDSSKiller.2.2.0_20.12.2009_15.31.43_log.txt

Your copy will be different - some of those numbers will reflect the date/time it was just run by you there.

Copy/paste those contents back here please. If it does locate malware, but does not prompt for a reboot, go ahead and do reboot.
Reply With Quote
  #13  
Old November 3rd, 2012, 01:06 AM
fredcoppola fredcoppola is offline
Senior Member
 
Join Date: Jul 2006
Posts: 199
there were two files. Probably because I ran the scan a second time. I will post both files. Here is number one.

18:51:20.0912 1888 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
18:51:21.0411 1888 ================================================== ==========
18:51:21.0411 1888 Current date / time: 2012/11/02 18:51:21.0411
18:51:21.0411 1888 SystemInfo:
18:51:21.0411 1888
18:51:21.0411 1888 OS Version: 6.1.7601 ServicePack: 1.0
18:51:21.0411 1888 Product type: Workstation
18:51:21.0411 1888 ComputerName: VINCE-PC
18:51:21.0411 1888 UserName: Vince
18:51:21.0411 1888 Windows directory: C:\Windows
18:51:21.0411 1888 System windows directory: C:\Windows
18:51:21.0411 1888 Running under WOW64
18:51:21.0411 1888 Processor architecture: Intel x64
18:51:21.0411 1888 Number of processors: 8
18:51:21.0411 1888 Page size: 0x1000
18:51:21.0411 1888 Boot type: Normal boot
18:51:21.0411 1888 ================================================== ==========
18:51:21.0786 1888 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1F8B1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000048
18:51:21.0801 1888 ================================================== ==========
18:51:21.0801 1888 \Device\Harddisk0\DR0:
18:51:21.0801 1888 MBR partitions:
18:51:21.0801 1888 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
18:51:21.0801 1888 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746D3800
18:51:21.0801 1888 ================================================== ==========
18:51:21.0817 1888 C: <-> \Device\Harddisk0\DR0\Partition2
18:51:21.0817 1888 ================================================== ==========
18:51:21.0817 1888 Initialize success
18:51:21.0817 1888 ================================================== ==========
18:51:26.0513 5104 ================================================== ==========
18:51:26.0513 5104 Scan started
18:51:26.0513 5104 Mode: Manual;
18:51:26.0513 5104 ================================================== ==========
18:51:26.0871 5104 ================ Scan system memory ========================
18:51:26.0871 5104 System memory - ok
18:51:26.0871 5104 ================ Scan services =============================
18:51:26.0981 5104 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
18:51:26.0996 5104 1394ohci - ok
18:51:27.0027 5104 [ E0A8525A951ADDB4655BC2068566407D ] 61883 C:\Windows\system32\DRIVERS\61883.sys
18:51:27.0043 5104 61883 - ok
18:51:27.0059 5104 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
18:51:27.0074 5104 ACPI - ok
18:51:27.0105 5104 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
18:51:27.0105 5104 AcpiPmi - ok
18:51:27.0137 5104 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
18:51:27.0137 5104 adp94xx - ok
18:51:27.0152 5104 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
18:51:27.0168 5104 adpahci - ok
18:51:27.0183 5104 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
18:51:27.0183 5104 adpu320 - ok
18:51:27.0199 5104 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
18:51:27.0215 5104 AeLookupSvc - ok
18:51:27.0261 5104 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
18:51:27.0261 5104 AFD - ok
18:51:27.0293 5104 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
18:51:27.0293 5104 agp440 - ok
18:51:27.0308 5104 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
18:51:27.0308 5104 ALG - ok
18:51:27.0339 5104 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
18:51:27.0339 5104 aliide - ok
18:51:27.0527 5104 [ AAA1F9D4CF4C976C21BCA8AFA2BAE6A4 ] AllShare C:\Program Files (x86)\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe
18:51:27.0636 5104 AllShare - ok
18:51:27.0714 5104 [ FF6F0F6A2D72065AE4300426FA414693 ] Amazon Download Agent C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe
18:51:27.0729 5104 Amazon Download Agent - ok
18:51:27.0761 5104 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
18:51:27.0761 5104 amdide - ok
18:51:27.0776 5104 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
18:51:27.0776 5104 AmdK8 - ok
18:51:27.0776 5104 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
18:51:27.0776 5104 AmdPPM - ok
18:51:27.0807 5104 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
18:51:27.0807 5104 amdsata - ok
18:51:27.0823 5104 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
18:51:27.0839 5104 amdsbs - ok
18:51:27.0854 5104 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
18:51:27.0854 5104 amdxata - ok
18:51:27.0901 5104 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
18:51:27.0901 5104 AppID - ok
18:51:27.0917 5104 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
18:51:27.0917 5104 AppIDSvc - ok
18:51:27.0948 5104 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
18:51:27.0948 5104 Appinfo - ok
18:51:27.0995 5104 [ 20F6F19FE9E753F2780DC2FA083AD597 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:51:27.0995 5104 Apple Mobile Device - ok
18:51:28.0026 5104 [ EC36746E224A3431463EF8124EBF2FEC ] AppleCharger C:\Windows\system32\DRIVERS\AppleCharger.sys
18:51:28.0026 5104 AppleCharger - ok
18:51:28.0041 5104 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
18:51:28.0041 5104 arc - ok
18:51:28.0041 5104 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
18:51:28.0041 5104 arcsas - ok
18:51:28.0073 5104 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
18:51:28.0073 5104 AsyncMac - ok
18:51:28.0119 5104 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
18:51:28.0119 5104 atapi - ok
18:51:28.0166 5104 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:51:28.0166 5104 AudioEndpointBuilder - ok
18:51:28.0182 5104 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
18:51:28.0182 5104 AudioSrv - ok
18:51:28.0244 5104 [ 16FABE84916623D0607E4A975544032C ] Avc C:\Windows\system32\DRIVERS\avc.sys
18:51:28.0244 5104 Avc - ok
18:51:28.0260 5104 [ 155F536D6181508929F4FE177F4167CE ] AVCSTRM C:\Windows\system32\DRIVERS\avcstrm.sys
18:51:28.0275 5104 AVCSTRM - ok
18:51:28.0322 5104 AVGIDSDriver - ok
18:51:28.0322 5104 AVGIDSHA - ok
18:51:28.0338 5104 Avgrkx64 - ok
18:51:28.0353 5104 Avgtdia - ok
18:51:28.0369 5104 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
18:51:28.0369 5104 AxInstSV - ok
18:51:28.0385 5104 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
18:51:28.0385 5104 b06bdrv - ok
18:51:28.0416 5104 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
18:51:28.0416 5104 b57nd60a - ok
18:51:28.0447 5104 [ F29D375926E36E3A56AF4805C7749302 ] BCUService C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe
18:51:28.0447 5104 BCUService - ok
18:51:28.0463 5104 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
18:51:28.0478 5104 BDESVC - ok
18:51:28.0478 5104 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
18:51:28.0478 5104 Beep - ok
18:51:28.0509 5104 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
18:51:28.0509 5104 blbdrive - ok
18:51:28.0541 5104 [ F2060A34C8A75BC24A9222EB4F8C07BD ] Bonjour Service C:\Program Files (x86)\Bonjour\mDNSResponder.exe
18:51:28.0541 5104 Bonjour Service - ok
18:51:28.0587 5104 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
18:51:28.0587 5104 bowser - ok
18:51:28.0603 5104 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:51:28.0603 5104 BrFiltLo - ok
18:51:28.0603 5104 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:51:28.0603 5104 BrFiltUp - ok
18:51:28.0650 5104 [ 8EF0D5C41EC907751B8429162B1239ED ] Browser C:\Windows\System32\browser.dll
18:51:28.0650 5104 Browser - ok
18:51:28.0681 5104 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
18:51:28.0681 5104 Brserid - ok
18:51:28.0697 5104 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
18:51:28.0697 5104 BrSerWdm - ok
18:51:28.0712 5104 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
18:51:28.0712 5104 BrUsbMdm - ok
18:51:28.0728 5104 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
18:51:28.0728 5104 BrUsbSer - ok
18:51:28.0743 5104 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
18:51:28.0743 5104 BTHMODEM - ok
18:51:28.0759 5104 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
18:51:28.0759 5104 bthserv - ok
18:51:28.0806 5104 [ 9887CA12F407D7FBC7F48F3678F5F0B6 ] BVRPMPR5a64 C:\Windows\system32\drivers\BVRPMPR5a64.SYS
18:51:28.0806 5104 BVRPMPR5a64 - ok
18:51:28.0821 5104 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
18:51:28.0821 5104 cdfs - ok
18:51:28.0853 5104 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
18:51:28.0868 5104 cdrom - ok
18:51:28.0884 5104 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
18:51:28.0884 5104 CertPropSvc - ok
18:51:28.0899 5104 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
18:51:28.0899 5104 circlass - ok
18:51:28.0915 5104 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
18:51:28.0931 5104 CLFS - ok
18:51:28.0977 5104 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\msco rsvw.exe
18:51:28.0977 5104 clr_optimization_v2.0.50727_32 - ok
18:51:29.0040 5104 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ms corsvw.exe
18:51:29.0040 5104 clr_optimization_v2.0.50727_64 - ok
18:51:29.0102 5104 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\msco rsvw.exe
18:51:29.0102 5104 clr_optimization_v4.0.30319_32 - ok
18:51:29.0149 5104 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ms corsvw.exe
18:51:29.0149 5104 clr_optimization_v4.0.30319_64 - ok
18:51:29.0165 5104 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
18:51:29.0165 5104 CmBatt - ok
18:51:29.0165 5104 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
18:51:29.0165 5104 cmdide - ok
18:51:29.0211 5104 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
18:51:29.0211 5104 CNG - ok
18:51:29.0227 5104 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
18:51:29.0227 5104 Compbatt - ok
18:51:29.0258 5104 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
18:51:29.0274 5104 CompositeBus - ok
18:51:29.0274 5104 COMSysApp - ok
18:51:29.0321 5104 cpuz130 - ok
18:51:29.0336 5104 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
18:51:29.0336 5104 crcdisk - ok
18:51:29.0367 5104 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
18:51:29.0367 5104 CryptSvc - ok
18:51:29.0414 5104 [ 15C2AFD86D8A58354FC100434C78B621 ] dc3d C:\Windows\system32\DRIVERS\dc3d.sys
18:51:29.0414 5104 dc3d - ok
18:51:29.0445 5104 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
18:51:29.0461 5104 DcomLaunch - ok
18:51:29.0477 5104 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
18:51:29.0492 5104 defragsvc - ok
18:51:29.0523 5104 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
18:51:29.0523 5104 DfsC - ok
18:51:29.0555 5104 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
18:51:29.0570 5104 Dhcp - ok
18:51:29.0586 5104 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
18:51:29.0586 5104 discache - ok
18:51:29.0586 5104 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
18:51:29.0586 5104 Disk - ok
18:51:29.0633 5104 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
18:51:29.0633 5104 Dnscache - ok
18:51:29.0664 5104 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
18:51:29.0679 5104 dot3svc - ok
18:51:29.0711 5104 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
18:51:29.0711 5104 DPS - ok
18:51:29.0726 5104 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
18:51:29.0726 5104 drmkaud - ok
18:51:29.0757 5104 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
18:51:29.0789 5104 DXGKrnl - ok
18:51:29.0804 5104 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
18:51:29.0804 5104 EapHost - ok
18:51:29.0867 5104 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
18:51:29.0913 5104 ebdrv - ok
18:51:29.0945 5104 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
18:51:29.0945 5104 EFS - ok
18:51:29.0991 5104 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
18:51:30.0007 5104 ehRecvr - ok
18:51:30.0023 5104 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
18:51:30.0023 5104 ehSched - ok
18:51:30.0054 5104 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
18:51:30.0069 5104 elxstor - ok
18:51:30.0116 5104 [ 12C061D9F9621BE916D58191872EC281 ] ENTECH64 C:\Windows\system32\DRIVERS\ENTECH64.sys
18:51:30.0116 5104 ENTECH64 - ok
18:51:30.0147 5104 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
18:51:30.0147 5104 ErrDev - ok
18:51:30.0163 5104 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
18:51:30.0179 5104 EventSystem - ok
18:51:30.0194 5104 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
18:51:30.0194 5104 exfat - ok
18:51:30.0210 5104 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
18:51:30.0210 5104 fastfat - ok
18:51:30.0257 5104 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
18:51:30.0257 5104 Fax - ok
18:51:30.0272 5104 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
18:51:30.0272 5104 fdc - ok
18:51:30.0288 5104 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
18:51:30.0288 5104 fdPHost - ok
18:51:30.0288 5104 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
18:51:30.0303 5104 FDResPub - ok
18:51:30.0303 5104 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
18:51:30.0303 5104 FileInfo - ok
18:51:30.0319 5104 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
18:51:30.0319 5104 Filetrace - ok
18:51:30.0335 5104 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
18:51:30.0335 5104 flpydisk - ok
18:51:30.0350 5104 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
18:51:30.0350 5104 FltMgr - ok
18:51:30.0397 5104 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
18:51:30.0428 5104 FontCache - ok
18:51:30.0491 5104 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\Pres entationFontCache.exe
18:51:30.0491 5104 FontCache3.0.0.0 - ok
18:51:30.0506 5104 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
18:51:30.0506 5104 FsDepends - ok
18:51:30.0522 5104 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
18:51:30.0522 5104 Fs_Rec - ok
18:51:30.0537 5104 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
18:51:30.0553 5104 fvevol - ok
18:51:30.0569 5104 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
18:51:30.0569 5104 gagp30kx - ok
18:51:30.0569 5104 [ 7907E14F9BCF3A4689C9A74A1A873CB6 ] gdrv C:\Windows\gdrv.sys
18:51:30.0569 5104 gdrv - ok
18:51:30.0615 5104 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
18:51:30.0615 5104 GEARAspiWDM - ok
18:51:30.0662 5104 [ 6D1180296D2B3CBDC9D29B035479259C ] GemCCID C:\Windows\system32\Drivers\GemCCID.sys
18:51:30.0662 5104 GemCCID - ok
18:51:30.0709 5104 [ 0879DC7444A201DF84E69C5DD5083D61 ] getPlusHelper C:\Program Files (x86)\NOS\bin\getPlus_Helper.dll
18:51:30.0709 5104 getPlusHelper - ok
18:51:30.0740 5104 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
18:51:30.0756 5104 gpsvc - ok
18:51:30.0818 5104 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:51:30.0818 5104 gupdate - ok
18:51:30.0834 5104 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:51:30.0834 5104 gupdatem - ok
18:51:30.0834 5104 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
18:51:30.0834 5104 hcw85cir - ok
18:51:30.0881 5104 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:51:30.0896 5104 HdAudAddService - ok
18:51:30.0943 5104 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
18:51:30.0943 5104 HDAudBus - ok
18:51:30.0943 5104 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
18:51:30.0943 5104 HidBatt - ok
18:51:30.0959 5104 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
18:51:30.0959 5104 HidBth - ok
18:51:30.0974 5104 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
18:51:30.0974 5104 HidIr - ok
18:51:30.0990 5104 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
18:51:30.0990 5104 hidserv - ok
18:51:31.0037 5104 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
18:51:31.0037 5104 HidUsb - ok
18:51:31.0115 5104 [ 5A457C3D00C1C701230A12AA1580114D ] HiPatchService C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
18:51:31.0115 5104 HiPatchService - ok
18:51:31.0146 5104 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
18:51:31.0146 5104 hkmsvc - ok
18:51:31.0193 5104 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:51:31.0193 5104 HomeGroupListener - ok
18:51:31.0224 5104 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:51:31.0239 5104 HomeGroupProvider - ok
18:51:31.0271 5104 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
18:51:31.0271 5104 HpSAMD - ok
18:51:31.0317 5104 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
18:51:31.0333 5104 HTTP - ok
18:51:31.0333 5104 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
18:51:31.0333 5104 hwpolicy - ok
18:51:31.0364 5104 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
18:51:31.0380 5104 i8042prt - ok
18:51:31.0411 5104 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
18:51:31.0411 5104 iaStorV - ok
18:51:31.0442 5104 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:51:31.0458 5104 idsvc - ok
18:51:31.0473 5104 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp
Reply With Quote
  #14  
Old November 3rd, 2012, 01:06 AM
fredcoppola fredcoppola is offline
Senior Member
 
Join Date: Jul 2006
Posts: 199
Sorry had to break first file into two posts.

C:\Windows\system32\DRIVERS\iirsp.sys
18:51:31.0473 5104 iirsp - ok
18:51:31.0505 5104 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
18:51:31.0505 5104 IKEEXT - ok
18:51:31.0583 5104 [ 3EDD3CE185DA3E6AAEC22ADCFD7B1D54 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
18:51:31.0614 5104 IntcAzAudAddService - ok
18:51:31.0661 5104 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
18:51:31.0661 5104 intelide - ok
18:51:31.0676 5104 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
18:51:31.0676 5104 intelppm - ok
18:51:31.0707 5104 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
18:51:31.0707 5104 IPBusEnum - ok
18:51:31.0723 5104 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:51:31.0739 5104 IpFilterDriver - ok
18:51:31.0739 5104 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
18:51:31.0754 5104 IPMIDRV - ok
18:51:31.0754 5104 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
18:51:31.0754 5104 IPNAT - ok
18:51:31.0832 5104 [ D38469601B72D2DA4F847FC642174E21 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
18:51:31.0848 5104 iPod Service - ok
18:51:31.0879 5104 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
18:51:31.0879 5104 IRENUM - ok
18:51:31.0895 5104 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
18:51:31.0895 5104 isapnp - ok
18:51:31.0926 5104 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
18:51:31.0926 5104 iScsiPrt - ok
18:51:31.0973 5104 [ B4CDA1B4263B53D249AC27A4892DA634 ] JMB36X C:\Windows\SysWOW64\XSrvSetup.exe
18:51:31.0973 5104 JMB36X - ok
18:51:31.0988 5104 [ 75DDB94A2A24F9F7037D10A2DDA06D36 ] JRAID C:\Windows\system32\DRIVERS\jraid.sys
18:51:31.0988 5104 JRAID - ok
18:51:31.0988 5104 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
18:51:32.0004 5104 kbdclass - ok
18:51:32.0004 5104 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
18:51:32.0019 5104 kbdhid - ok
18:51:32.0019 5104 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
18:51:32.0019 5104 KeyIso - ok
18:51:32.0066 5104 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
18:51:32.0082 5104 KSecDD - ok
18:51:32.0113 5104 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
18:51:32.0113 5104 KSecPkg - ok
18:51:32.0113 5104 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
18:51:32.0129 5104 ksthunk - ok
18:51:32.0144 5104 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
18:51:32.0144 5104 KtmRm - ok
18:51:32.0191 5104 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
18:51:32.0207 5104 LanmanServer - ok
18:51:32.0238 5104 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:51:32.0238 5104 LanmanWorkstation - ok
18:51:32.0269 5104 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
18:51:32.0269 5104 lltdio - ok
18:51:32.0285 5104 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
18:51:32.0285 5104 lltdsvc - ok
18:51:32.0300 5104 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
18:51:32.0316 5104 lmhosts - ok
18:51:32.0347 5104 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
18:51:32.0347 5104 LSI_FC - ok
18:51:32.0347 5104 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
18:51:32.0363 5104 LSI_SAS - ok
18:51:32.0363 5104 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:51:32.0378 5104 LSI_SAS2 - ok
18:51:32.0378 5104 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:51:32.0394 5104 LSI_SCSI - ok
18:51:32.0409 5104 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
18:51:32.0409 5104 luafv - ok
18:51:32.0456 5104 [ 024DA28053D57E9E32BEE52600576BBB ] MarvinBus C:\Windows\system32\DRIVERS\MarvinBus64.sys
18:51:32.0456 5104 MarvinBus - ok
18:51:32.0487 5104 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
18:51:32.0487 5104 Mcx2Svc - ok
18:51:32.0503 5104 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
18:51:32.0503 5104 megasas - ok
18:51:32.0534 5104 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
18:51:32.0534 5104 MegaSR - ok
18:51:32.0597 5104 Microsoft SharePoint Workspace Audit Service - ok
18:51:32.0612 5104 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
18:51:32.0628 5104 MMCSS - ok
18:51:32.0628 5104 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
18:51:32.0628 5104 Modem - ok
18:51:32.0643 5104 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
18:51:32.0643 5104 monitor - ok
18:51:32.0659 5104 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
18:51:32.0675 5104 mouclass - ok
18:51:32.0675 5104 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
18:51:32.0675 5104 mouhid - ok
18:51:32.0706 5104 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
18:51:32.0706 5104 mountmgr - ok
18:51:32.0753 5104 [ 94C66EDEDCDB6A126880472F9A704D8E ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
18:51:32.0753 5104 MpFilter - ok
18:51:32.0799 5104 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
18:51:32.0799 5104 mpio - ok
18:51:32.0815 5104 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
18:51:32.0815 5104 mpsdrv - ok
18:51:32.0846 5104 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
18:51:32.0862 5104 MRxDAV - ok
18:51:32.0893 5104 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
18:51:32.0893 5104 mrxsmb - ok
18:51:32.0940 5104 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:51:32.0940 5104 mrxsmb10 - ok
18:51:32.0955 5104 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:51:32.0955 5104 mrxsmb20 - ok
18:51:32.0987 5104 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
18:51:32.0987 5104 msahci - ok
18:51:33.0002 5104 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
18:51:33.0002 5104 msdsm - ok
18:51:33.0018 5104 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
18:51:33.0033 5104 MSDTC - ok
18:51:33.0049 5104 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
18:51:33.0049 5104 Msfs - ok
18:51:33.0049 5104 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
18:51:33.0049 5104 mshidkmdf - ok
18:51:33.0065 5104 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
18:51:33.0065 5104 msisadrv - ok
18:51:33.0096 5104 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
18:51:33.0096 5104 MSiSCSI - ok
18:51:33.0111 5104 msiserver - ok
18:51:33.0111 5104 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
18:51:33.0111 5104 MSKSSRV - ok
18:51:33.0127 5104 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
18:51:33.0127 5104 MSPCLOCK - ok
18:51:33.0143 5104 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
18:51:33.0143 5104 MSPQM - ok
18:51:33.0174 5104 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
18:51:33.0174 5104 MsRPC - ok
18:51:33.0189 5104 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
18:51:33.0189 5104 mssmbios - ok
18:51:33.0205 5104 [ 966EC55988D580B9823C453781309450 ] MSTAPE C:\Windows\system32\DRIVERS\mstape.sys
18:51:33.0221 5104 MSTAPE - ok
18:51:33.0221 5104 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
18:51:33.0221 5104 MSTEE - ok
18:51:33.0221 5104 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
18:51:33.0221 5104 MTConfig - ok
18:51:33.0252 5104 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
18:51:33.0252 5104 Mup - ok
18:51:33.0267 5104 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
18:51:33.0283 5104 napagent - ok
18:51:33.0314 5104 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
18:51:33.0314 5104 NativeWifiP - ok
18:51:33.0345 5104 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
18:51:33.0377 5104 NDIS - ok
18:51:33.0377 5104 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
18:51:33.0377 5104 NdisCap - ok
18:51:33.0392 5104 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
18:51:33.0392 5104 NdisTapi - ok
18:51:33.0423 5104 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
18:51:33.0423 5104 Ndisuio - ok
18:51:33.0455 5104 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
18:51:33.0470 5104 NdisWan - ok
18:51:33.0501 5104 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
18:51:33.0501 5104 NDProxy - ok
18:51:33.0517 5104 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
18:51:33.0517 5104 NetBIOS - ok
18:51:33.0533 5104 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
18:51:33.0533 5104 NetBT - ok
18:51:33.0548 5104 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
18:51:33.0548 5104 Netlogon - ok
18:51:33.0595 5104 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
18:51:33.0595 5104 Netman - ok
18:51:33.0611 5104 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
18:51:33.0611 5104 netprofm - ok
18:51:33.0642 5104 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:51:33.0642 5104 NetTcpPortSharing - ok
18:51:33.0657 5104 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
18:51:33.0657 5104 nfrd960 - ok
18:51:33.0720 5104 [ 91B4E0273D2F6C24EF845F2B41311289 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
18:51:33.0720 5104 NisDrv - ok
18:51:33.0782 5104 [ 10A43829A9E606AF3EEF25A1C1665923 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
18:51:33.0782 5104 NisSrv - ok
18:51:33.0798 5104 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
18:51:33.0813 5104 NlaSvc - ok
18:51:33.0813 5104 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
18:51:33.0813 5104 Npfs - ok
18:51:33.0829 5104 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
18:51:33.0829 5104 nsi - ok
18:51:33.0845 5104 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
18:51:33.0845 5104 nsiproxy - ok
18:51:33.0907 5104 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
18:51:33.0923 5104 Ntfs - ok
18:51:33.0938 5104 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
18:51:33.0938 5104 Null - ok
18:51:33.0969 5104 [ 785298579B5F9B4032152DFBB992FDB6 ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
18:51:33.0969 5104 nusb3hub - ok
18:51:33.0985 5104 [ DF2750481B4964814467C974F2B0EEF1 ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
18:51:33.0985 5104 nusb3xhc - ok
18:51:34.0016 5104 [ 8D4AAC74B571FC356560E5B308955E93 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
18:51:34.0016 5104 NVHDA - ok
18:51:34.0250 5104 [ 0EB204639119370F5F8F2871FBF4E14B ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:51:34.0437 5104 nvlddmkm - ok
18:51:34.0469 5104 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
18:51:34.0469 5104 nvraid - ok
18:51:34.0500 5104 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
18:51:34.0515 5104 nvstor - ok
18:51:34.0547 5104 [ 32FF8EE6DCEE5C0CB91FF892FB1CA364 ] nvsvc C:\Windows\system32\nvvsvc.exe
18:51:34.0562 5104 nvsvc - ok
18:51:34.0640 5104 [ BD012DC22C78BE1071BC21EB125D782F ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
18:51:34.0687 5104 nvUpdatusService - ok
18:51:34.0718 5104 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
18:51:34.0718 5104 nv_agp - ok
18:51:34.0765 5104 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
18:51:34.0765 5104 ohci1394 - ok
18:51:34.0827 5104 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:51:34.0843 5104 ose - ok
18:51:34.0983 5104 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EX E
18:51:35.0077 5104 osppsvc - ok
18:51:35.0108 5104 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
18:51:35.0108 5104 p2pimsvc - ok
18:51:35.0124 5104 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
18:51:35.0124 5104 p2psvc - ok
18:51:35.0139 5104 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
18:51:35.0155 5104 Parport - ok
18:51:35.0186 5104 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
18:51:35.0186 5104 partmgr - ok
18:51:35.0202 5104 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
18:51:35.0202 5104 PcaSvc - ok
18:51:35.0217 5104 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
18:51:35.0233 5104 pci - ok
18:51:35.0249 5104 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
18:51:35.0264 5104 pciide - ok
18:51:35.0280 5104 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
18:51:35.0280 5104 pcmcia - ok
18:51:35.0295 5104 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
18:51:35.0295 5104 pcw - ok
18:51:35.0311 5104 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
18:51:35.0327 5104 PEAUTH - ok
18:51:35.0342 5104 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
18:51:35.0342 5104 PerfHost - ok
18:51:35.0405 5104 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
18:51:35.0436 5104 pla - ok
18:51:35.0483 5104 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
18:51:35.0498 5104 PlugPlay - ok
18:51:35.0514 5104 PnkBstrA - ok
18:51:35.0529 5104 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
18:51:35.0529 5104 PNRPAutoReg - ok
18:51:35.0529 5104 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
18:51:35.0545 5104 PNRPsvc - ok
18:51:35.0592 5104 [ B8D8EC78B0F9ED8E220506181274F3D3 ] Point64 C:\Windows\system32\DRIVERS\point64.sys
18:51:35.0607 5104 Point64 - ok
18:51:35.0623 5104 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
18:51:35.0623 5104 PolicyAgent - ok
18:51:35.0654 5104 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
18:51:35.0654 5104 Power - ok
18:51:35.0685 5104 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
18:51:35.0685 5104 PptpMiniport - ok
18:51:35.0701 5104 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
18:51:35.0701 5104 Processor - ok
18:51:35.0748 5104 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
18:51:35.0748 5104 ProfSvc - ok
18:51:35.0763 5104 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:51:35.0763 5104 ProtectedStorage - ok
18:51:35.0795 5104 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
18:51:35.0795 5104 Psched - ok
18:51:35.0841 5104 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
18:51:35.0873 5104 ql2300 - ok
18:51:35.0888 5104 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
18:51:35.0888 5104 ql40xx - ok
18:51:35.0904 5104 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
18:51:35.0919 5104 QWAVE - ok
18:51:35.0919 5104 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
18:51:35.0919 5104 QWAVEdrv - ok
18:51:35.0935 5104 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
18:51:35.0935 5104 RasAcd - ok
18:51:35.0951 5104 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
18:51:35.0951 5104 RasAgileVpn - ok
18:51:35.0951 5104 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
18:51:35.0966 5104 RasAuto - ok
18:51:35.0966 5104 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
18:51:35.0966 5104 Rasl2tp - ok
18:51:35.0982 5104 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
18:51:35.0997 5104 RasMan - ok
18:51:36.0013 5104 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
18:51:36.0013 5104 RasPppoe - ok
18:51:36.0013 5104 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
18:51:36.0029 5104 RasSstp - ok
18:51:36.0044 5104 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
18:51:36.0060 5104 rdbss - ok
18:51:36.0075 5104 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
18:51:36.0075 5104 rdpbus - ok
18:51:36.0075 5104 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
18:51:36.0075 5104 RDPCDD - ok
18:51:36.0091 5104 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
18:51:36.0107 5104 RDPENCDD - ok
18:51:36.0107 5104 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
18:51:36.0107 5104 RDPREFMP - ok
18:51:36.0138 5104 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
18:51:36.0138 5104 RDPWD - ok
18:51:36.0185 5104 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
18:51:36.0185 5104 rdyboost - ok
18:51:36.0216 5104 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
18:51:36.0231 5104 RemoteAccess - ok
18:51:36.0247 5104 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
18:51:36.0247 5104 RemoteRegistry - ok
18:51:36.0247 5104 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
18:51:36.0263 5104 RpcEptMapper - ok
18:51:36.0263 5104 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
18:51:36.0278 5104 RpcLocator - ok
18:51:36.0294 5104 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
18:51:36.0294 5104 RpcSs - ok
18:51:36.0294 5104 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
18:51:36.0309 5104 rspndr - ok
18:51:36.0341 5104 [ 3B01789EE4EAEE97F5EB46B711387D5E ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
18:51:36.0341 5104 RTL8167 - ok
18:51:36.0387 5104 [ 665BA29357882A8C5980B15B3A0123A4 ] RTL8192cu C:\Windows\system32\DRIVERS\RTL8192cu.sys
18:51:36.0387 5104 RTL8192cu - ok
18:51:36.0403 5104 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
18:51:36.0403 5104 SamSs - ok
18:51:36.0434 5104 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
18:51:36.0434 5104 sbp2port - ok
18:51:36.0450 5104 SBRE - ok
18:51:36.0465 5104 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
18:51:36.0465 5104 SCardSvr - ok
18:51:36.0497 5104 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
18:51:36.0512 5104 scfilter - ok
18:51:36.0559 5104 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
18:51:36.0590 5104 Schedule - ok
18:51:36.0621 5104 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
18:51:36.0621 5104 SCPolicySvc - ok
18:51:36.0637 5104 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
18:51:36.0637 5104 SDRSVC - ok
18:51:36.0668 5104 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
18:51:36.0668 5104 secdrv - ok
18:51:36.0699 5104 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
18:51:36.0699 5104 seclogon - ok
18:51:36.0715 5104 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
18:51:36.0715 5104 SENS - ok
18:51:36.0731 5104 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
18:51:36.0731 5104 SensrSvc - ok
18:51:36.0746 5104 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
18:51:36.0746 5104 Serenum - ok
18:51:36.0762 5104 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
18:51:36.0762 5104 Serial - ok
18:51:36.0793 5104 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
18:51:36.0793 5104 sermouse - ok
18:51:36.0840 5104 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
18:51:36.0840 5104 SessionEnv - ok
18:51:36.0871 5104 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
18:51:36.0871 5104 sffdisk - ok
18:51:36.0902 5104 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
18:51:36.0902 5104 sffp_mmc - ok
18:51:36.0918 5104 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
18:51:36.0918 5104 sffp_sd - ok
18:51:36.0933 5104 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
18:51:36.0933 5104 sfloppy - ok
18:51:36.0965 5104 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:51:36.0980 5104 ShellHWDetection - ok
18:51:36.0996 5104 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:51:36.0996 5104 SiSRaid2 - ok
18:51:37.0011 5104 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
18:51:37.0011 5104 SiSRaid4 - ok
18:51:37.0074 5104 [ 101556F6216E97F1258D87C38203695F ] Smart TimeLock C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe
18:51:37.0074 5104 Smart TimeLock - ok
18:51:37.0089 5104 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
18:51:37.0089 5104 Smb - ok
18:51:37.0105 5104 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
18:51:37.0105 5104 SNMPTRAP - ok
18:51:37.0121 5104 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
18:51:37.0121 5104 spldr - ok
18:51:37.0136 5104 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe
18:51:37.0152 5104 Spooler - ok
18:51:37.0230 5104 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
18:51:37.0292 5104 sppsvc - ok
18:51:37.0308 5104 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
18:51:37.0323 5104 sppuinotify - ok
18:51:37.0355 5104 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
18:51:37.0355 5104 srv - ok
18:51:37.0370 5104 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
18:51:37.0386 5104 srv2 - ok
18:51:37.0401 5104 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
18:51:37.0401 5104 srvnet - ok
18:51:37.0433 5104 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
18:51:37.0433 5104 SSDPSRV - ok
18:51:37.0448 5104 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
18:51:37.0448 5104 SstpSvc - ok
18:51:37.0479 5104 Steam Client Service - ok
18:51:37.0573 5104 [ FC0A58529A02B1EED55DDC58696B7908 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
18:51:37.0573 5104 Stereo Service - ok
18:51:37.0589 5104 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
18:51:37.0589 5104 stexstor - ok
18:51:37.0635 5104 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
18:51:37.0635 5104 StillCam - ok
18:51:37.0682 5104 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
18:51:37.0698 5104 stisvc - ok
18:51:37.0729 5104 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
18:51:37.0729 5104 swenum - ok
18:51:37.0745 5104 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
18:51:37.0760 5104 swprv - ok
18:51:37.0823 5104 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
18:51:37.0854 5104 SysMain - ok
18:51:37.0901 5104 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:51:37.0901 5104 TabletInputService - ok
18:51:37.0932 5104 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
18:51:37.0947 5104 TapiSrv - ok
18:51:37.0947 5104 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
18:51:37.0963 5104 TBS - ok
18:51:38.0010 5104 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
18:51:38.0057 5104 Tcpip - ok
18:51:38.0088 5104 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
18:51:38.0103 5104 TCPIP6 - ok
18:51:38.0135 5104 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
18:51:38.0150 5104 tcpipreg - ok
18:51:38.0150 5104 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
18:51:38.0166 5104 TDPIPE - ok
18:51:38.0181 5104 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
18:51:38.0181 5104 TDTCP - ok
18:51:38.0197 5104 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
18:51:38.0197 5104 tdx - ok
18:51:38.0213 5104 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
18:51:38.0213 5104 TermDD - ok
18:51:38.0244 5104 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
18:51:38.0244 5104 TermService - ok
18:51:38.0275 5104 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
18:51:38.0275 5104 Themes - ok
18:51:38.0291 5104 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
18:51:38.0291 5104 THREADORDER - ok
18:51:38.0306 5104 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
18:51:38.0306 5104 TrkWks - ok
18:51:38.0337 5104 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:51:38.0353 5104 TrustedInstaller - ok
18:51:38.0384 5104 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
18:51:38.0384 5104 tssecsrv - ok
18:51:38.0400 5104 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
18:51:38.0400 5104 TsUsbFlt - ok
18:51:38.0447 5104 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
18:51:38.0447 5104 tunnel - ok
18:51:38.0462 5104 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
18:51:38.0462 5104 uagp35 - ok
18:51:38.0493 5104 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
18:51:38.0493 5104 udfs - ok
18:51:38.0509 5104 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
18:51:38.0525 5104 UI0Detect - ok
18:51:38.0525 5104 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
18:51:38.0525 5104 uliagpkx - ok
18:51:38.0571 5104 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
18:51:38.0571 5104 umbus - ok
18:51:38.0587 5104 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
18:51:38.0587 5104 UmPass - ok
18:51:38.0603 5104 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
18:51:38.0618 5104 upnphost - ok
18:51:38.0665 5104 [ AA33FC47ED58C34E6E9261E4F850B7EB ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
18:51:38.0665 5104 USBAAPL64 - ok
18:51:38.0696 5104 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
18:51:38.0712 5104 usbaudio - ok
18:51:38.0743 5104 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
18:51:38.0743 5104 usbccgp - ok
18:51:38.0759 5104 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
18:51:38.0759 5104 usbcir - ok
18:51:38.0774 5104 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
18:51:38.0774 5104 usbehci - ok
18:51:38.0790 5104 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
18:51:38.0805 5104 usbhub - ok
18:51:38.0805 5104 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
18:51:38.0805 5104 usbohci - ok
18:51:38.0837 5104 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
18:51:38.0837 5104 usbprint - ok
18:51:38.0868 5104 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
18:51:38.0868 5104 usbscan - ok
18:51:38.0899 5104 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:51:38.0899 5104 USBSTOR - ok
18:51:38.0915 5104 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
18:51:38.0915 5104 usbuhci - ok
18:51:38.0946 5104 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
18:51:38.0946 5104 usbvideo - ok
18:51:38.0961 5104 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
18:51:38.0961 5104 UxSms - ok
18:51:38.0977 5104 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
18:51:38.0977 5104 VaultSvc - ok
18:51:38.0993 5104 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
18:51:38.0993 5104 vdrvroot - ok
18:51:39.0039 5104 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
18:51:39.0055 5104 vds - ok
18:51:39.0071 5104 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
18:51:39.0071 5104 vga - ok
18:51:39.0086 5104 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
18:51:39.0086 5104 VgaSave - ok
18:51:39.0117 5104 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
18:51:39.0133 5104 vhdmp - ok
18:51:39.0164 5104 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
18:51:39.0164 5104 viaide - ok
18:51:39.0195 5104 VideoAcceleratorService - ok
18:51:39.0195 5104 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
18:51:39.0211 5104 volmgr - ok
18:51:39.0242 5104 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
18:51:39.0258 5104 volmgrx - ok
18:51:39.0289 5104 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
18:51:39.0305 5104 volsnap - ok
18:51:39.0320 5104 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
18:51:39.0320 5104 vsmraid - ok
18:51:39.0367 5104 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
18:51:39.0398 5104 VSS - ok
18:51:39.0414 5104 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
18:51:39.0414 5104 vwifibus - ok
18:51:39.0429 5104 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
18:51:39.0429 5104 vwififlt - ok
18:51:39.0461 5104 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
18:51:39.0461 5104 vwifimp - ok
18:51:39.0492 5104 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
18:51:39.0507 5104 W32Time - ok
18:51:39.0523 5104 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
18:51:39.0523 5104 WacomPen - ok
18:51:39.0539 5104 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
18:51:39.0539 5104 WANARP - ok
18:51:39.0539 5104 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
18:51:39.0539 5104 Wanarpv6 - ok
18:51:39.0585 5104 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
18:51:39.0617 5104 WatAdminSvc - ok
18:51:39.0679 5104 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
18:51:39.0710 5104 wbengine - ok
18:51:39.0726 5104 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
18:51:39.0726 5104 WbioSrvc - ok
18:51:39.0741 5104 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
18:51:39.0757 5104 wcncsvc - ok
18:51:39.0757 5104 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:51:39.0757 5104 WcsPlugInService - ok
18:51:39.0773 5104 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
18:51:39.0773 5104 Wd - ok
18:51:39.0804 5104 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
18:51:39.0804 5104 Wdf01000 - ok
18:51:39.0819 5104 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
18:51:39.0819 5104 WdiServiceHost - ok
18:51:39.0835 5104 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
18:51:39.0835 5104 WdiSystemHost - ok
18:51:39.0866 5104 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
18:51:39.0882 5104 WebClient - ok
18:51:39.0897 5104 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
18:51:39.0913 5104 Wecsvc - ok
18:51:39.0913 5104 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
18:51:39.0913 5104 wercplsupport - ok
18:51:39.0929 5104 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
18:51:39.0929 5104 WerSvc - ok
18:51:39.0960 5104 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
18:51:39.0960 5104 WfpLwf - ok
18:51:39.0975 5104 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
18:51:39.0975 5104 WIMMount - ok
18:51:39.0975 5104 WinHttpAutoProxySvc - ok
18:51:40.0022 5104 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
18:51:40.0022 5104 Winmgmt - ok
18:51:40.0100 5104 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
18:51:40.0131 5104 WinRM - ok
18:51:40.0194 5104 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
18:51:40.0209 5104 WinUsb - ok
18:51:40.0225 5104 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
18:51:40.0241 5104 Wlansvc - ok
18:51:40.0381 5104 [ 98F138897EF4246381D197CB81846D62 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:51:40.0412 5104 wlidsvc - ok
18:51:40.0459 5104 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
18:51:40.0459 5104 WmiAcpi - ok
18:51:40.0475 5104 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
18:51:40.0490 5104 wmiApSrv - ok
18:51:40.0506 5104 WMPNetworkSvc - ok
18:51:40.0506 5104 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
18:51:40.0521 5104 WPCSvc - ok
18:51:40.0553 5104 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
18:51:40.0553 5104 WPDBusEnum - ok
18:51:40.0568 5104 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
18:51:40.0568 5104 ws2ifsl - ok
18:51:40.0615 5104 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
18:51:40.0615 5104 WSDPrintDevice - ok
18:51:40.0646 5104 [ 4A2A5C50DD1A63577D3ACA94269FBC7F ] WSDScan C:\Windows\system32\DRIVERS\WSDScan.sys
18:51:40.0646 5104 WSDScan - ok
18:51:40.0646 5104 WSearch - ok
18:51:40.0693 5104 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
18:51:40.0693 5104 WudfPf - ok
18:51:40.0724 5104 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
18:51:40.0724 5104 WUDFRd - ok
18:51:40.0740 5104 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
18:51:40.0740 5104 wudfsvc - ok
18:51:40.0755 5104 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
18:51:40.0755 5104 WwanSvc - ok
18:51:40.0833 5104 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
18:51:40.0833 5104 YahooAUService - ok
18:51:40.0865 5104 ================ Scan global ===============================
18:51:40.0880 5104 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
18:51:40.0911 5104 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
18:51:40.0911 5104 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
18:51:40.0943 5104 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
18:51:40.0974 5104 [ 014A9CB92514E27C0107614DF764BC06 ] C:\Windows\system32\services.exe
18:51:40.0974 5104 C:\Windows\system32\services.exe ( Virus.Win64.ZAccess.b ) - infected
18:51:40.0974 5104 C:\Windows\system32\services.exe - detected Virus.Win64.ZAccess.b (0)
18:51:40.0974 5104 ================ Scan MBR ==================================
18:51:40.0989 5104 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
18:51:41.0130 5104 \Device\Harddisk0\DR0 - ok
18:51:41.0130 5104 ================ Scan VBR ==================================
18:51:41.0130 5104 [ 38454A27D2A8A185E77F6C1527B3E2EE ] \Device\Harddisk0\DR0\Partition1
18:51:41.0145 5104 \Device\Harddisk0\DR0\Partition1 - ok
18:51:41.0161 5104 [ 3893FA2CA2FE9367737B22A78E935E5E ] \Device\Harddisk0\DR0\Partition2
18:51:41.0177 5104 \Device\Harddisk0\DR0\Partition2 - ok
18:51:41.0177 5104 ================================================== ==========
18:51:41.0177 5104 Scan finished
18:51:41.0177 5104 ================================================== ==========
18:51:41.0177 5584 Detected object count: 1
18:51:41.0177 5584 Actual detected object count: 1
18:51:51.0598 5584 C:\Windows\system32\services.exe - copied to quarantine
18:51:52.0409 5584 C:\Windows\assembly\GAC_32\desktop.ini - copied to quarantine
18:51:52.0409 5584 C:\Windows\assembly\GAC_64\desktop.ini - copied to quarantine
18:51:52.0424 5584 C:\Windows\installer\{6c368edb-24c4-a9aa-8320-9f0e6459d15c}\@ - copied to quarantine
18:51:52.0424 5584 C:\Windows\installer\{6c368edb-24c4-a9aa-8320-9f0e6459d15c}\L\00000004.@ - copied to quarantine
18:51:52.0424 5584 C:\Windows\installer\{6c368edb-24c4-a9aa-8320-9f0e6459d15c}\L\1afb2d56 - copied to quarantine
18:51:52.0424 5584 C:\Windows\installer\{6c368edb-24c4-a9aa-8320-9f0e6459d15c}\L\201d3dde - copied to quarantine
18:51:52.0440 5584 C:\Windows\installer\{6c368edb-24c4-a9aa-8320-9f0e6459d15c}\U\00000004.@ - copied to quarantine
18:51:52.0440 5584 C:\Windows\installer\{6c368edb-24c4-a9aa-8320-9f0e6459d15c}\U\00000008.@ - copied to quarantine
18:51:52.0440 5584 C:\Windows\installer\{6c368edb-24c4-a9aa-8320-9f0e6459d15c}\U\000000cb.@ - copied to quarantine
18:51:52.0440 5584 C:\Windows\installer\{6c368edb-24c4-a9aa-8320-9f0e6459d15c}\U\80000000.@ - copied to quarantine
18:51:52.0440 5584 C:\Windows\installer\{6c368edb-24c4-a9aa-8320-9f0e6459d15c}\U\80000032.@ - copied to quarantine
18:51:52.0440 5584 C:\Windows\installer\{6c368edb-24c4-a9aa-8320-9f0e6459d15c}\U\80000064.@ - copied to quarantine
18:51:52.0471 5584 C:\Users\Vince\AppData\Local\{6c368edb-24c4-a9aa-8320-9f0e6459d15c}\@ - copied to quarantine
18:51:53.0158 5584 Backup copy found, using it..
18:51:53.0189 5584 C:\Windows\assembly\GAC_32\desktop.ini - will be deleted on reboot
18:51:53.0189 5584 C:\Windows\assembly\GAC_64\desktop.ini - will be deleted on reboot
18:51:53.0189 5584 C:\Windows\installer\{6c368edb-24c4-a9aa-8320-9f0e6459d15c}\@ - will be deleted on reboot
18:51:53.0189 5584 C:\Windows\installer\{6c368edb-24c4-a9aa-8320-9f0e6459d15c}\U\00000004.@ - will be deleted on reboot
18:51:53.0189 5584 C:\Windows\installer\{6c368edb-24c4-a9aa-8320-9f0e6459d15c}\U\00000008.@ - will be deleted on reboot
18:51:53.0189 5584 C:\Windows\installer\{6c368edb-24c4-a9aa-8320-9f0e6459d15c}\U\000000cb.@ - will be deleted on reboot
18:51:53.0189 5584 C:\Windows\installer\{6c368edb-24c4-a9aa-8320-9f0e6459d15c}\U\80000000.@ - will be deleted on reboot
18:51:53.0189 5584 C:\Windows\installer\{6c368edb-24c4-a9aa-8320-9f0e6459d15c}\U\80000032.@ - will be deleted on reboot
18:51:53.0189 5584 C:\Windows\installer\{6c368edb-24c4-a9aa-8320-9f0e6459d15c}\U\80000064.@ - will be deleted on reboot
18:51:53.0189 5584 C:\Users\Vince\AppData\Local\{6c368edb-24c4-a9aa-8320-9f0e6459d15c}\@ - will be deleted on reboot
18:51:53.0189 5584 C:\Windows\system32\services.exe - will be cured on reboot
18:51:53.0189 5584 C:\Windows\system32\services.exe ( Virus.Win64.ZAccess.b ) - User select action: Cure
18:51:57.0120 3512 Deinitialize success
Reply With Quote
  #15  
Old November 3rd, 2012, 01:10 AM
fredcoppola fredcoppola is offline
Senior Member
 
Join Date: Jul 2006
Posts: 199
This is the second file created Part 1:

19:01:16.0240 1400 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
19:01:16.0895 1400 ================================================== ==========
19:01:16.0895 1400 Current date / time: 2012/11/02 19:01:16.0895
19:01:16.0895 1400 SystemInfo:
19:01:16.0895 1400
19:01:16.0895 1400 OS Version: 6.1.7601 ServicePack: 1.0
19:01:16.0895 1400 Product type: Workstation
19:01:16.0895 1400 ComputerName: VINCE-PC
19:01:16.0895 1400 UserName: Vince
19:01:16.0895 1400 Windows directory: C:\Windows
19:01:16.0895 1400 System windows directory: C:\Windows
19:01:16.0895 1400 Running under WOW64
19:01:16.0895 1400 Processor architecture: Intel x64
19:01:16.0895 1400 Number of processors: 8
19:01:16.0895 1400 Page size: 0x1000
19:01:16.0895 1400 Boot type: Normal boot
19:01:16.0895 1400 ================================================== ==========
19:01:32.0530 1400 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1F8B1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000048
19:01:32.0826 1400 ================================================== ==========
19:01:32.0826 1400 \Device\Harddisk0\DR0:
19:01:32.0842 1400 MBR partitions:
19:01:32.0842 1400 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
19:01:32.0842 1400 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746D3800
19:01:32.0842 1400 ================================================== ==========
19:01:33.0372 1400 C: <-> \Device\Harddisk0\DR0\Partition2
19:01:33.0372 1400 ================================================== ==========
19:01:33.0372 1400 Initialize success
19:01:33.0372 1400 ================================================== ==========
19:01:37.0272 3604 ================================================== ==========
19:01:37.0272 3604 Scan started
19:01:37.0272 3604 Mode: Manual;
19:01:37.0272 3604 ================================================== ==========
19:01:39.0378 3604 ================ Scan system memory ========================
19:01:39.0378 3604 System memory - ok
19:01:39.0378 3604 ================ Scan services =============================
19:01:39.0503 3604 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
19:01:39.0503 3604 1394ohci - ok
19:01:39.0534 3604 [ E0A8525A951ADDB4655BC2068566407D ] 61883 C:\Windows\system32\DRIVERS\61883.sys
19:01:39.0550 3604 61883 - ok
19:01:39.0565 3604 99103412 - ok
19:01:39.0596 3604 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
19:01:39.0596 3604 ACPI - ok
19:01:39.0628 3604 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
19:01:39.0643 3604 AcpiPmi - ok
19:01:39.0674 3604 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
19:01:39.0674 3604 adp94xx - ok
19:01:39.0690 3604 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
19:01:39.0706 3604 adpahci - ok
19:01:39.0737 3604 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
19:01:39.0737 3604 adpu320 - ok
19:01:39.0768 3604 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:01:39.0768 3604 AeLookupSvc - ok
19:01:39.0815 3604 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
19:01:39.0815 3604 AFD - ok
19:01:39.0830 3604 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
19:01:39.0830 3604 agp440 - ok
19:01:39.0846 3604 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
19:01:39.0846 3604 ALG - ok
19:01:39.0877 3604 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
19:01:39.0877 3604 aliide - ok
19:01:40.0033 3604 [ AAA1F9D4CF4C976C21BCA8AFA2BAE6A4 ] AllShare C:\Program Files (x86)\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe
19:01:40.0142 3604 AllShare - ok
19:01:40.0330 3604 [ FF6F0F6A2D72065AE4300426FA414693 ] Amazon Download Agent C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe
19:01:40.0330 3604 Amazon Download Agent - ok
19:01:40.0361 3604 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
19:01:40.0361 3604 amdide - ok
19:01:40.0376 3604 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
19:01:40.0376 3604 AmdK8 - ok
19:01:40.0392 3604 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
19:01:40.0392 3604 AmdPPM - ok
19:01:40.0423 3604 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
19:01:40.0423 3604 amdsata - ok
19:01:40.0439 3604 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
19:01:40.0439 3604 amdsbs - ok
19:01:40.0454 3604 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
19:01:40.0454 3604 amdxata - ok
19:01:40.0501 3604 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
19:01:40.0501 3604 AppID - ok
19:01:40.0517 3604 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
19:01:40.0517 3604 AppIDSvc - ok
19:01:40.0548 3604 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
19:01:40.0548 3604 Appinfo - ok
19:01:40.0626 3604 [ 20F6F19FE9E753F2780DC2FA083AD597 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:01:40.0626 3604 Apple Mobile Device - ok
19:01:40.0642 3604 [ EC36746E224A3431463EF8124EBF2FEC ] AppleCharger C:\Windows\system32\DRIVERS\AppleCharger.sys
19:01:40.0642 3604 AppleCharger - ok
19:01:40.0657 3604 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
19:01:40.0657 3604 arc - ok
19:01:40.0673 3604 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
19:01:40.0673 3604 arcsas - ok
19:01:40.0688 3604 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:01:40.0688 3604 AsyncMac - ok
19:01:40.0720 3604 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
19:01:40.0720 3604 atapi - ok
19:01:40.0766 3604 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:01:40.0766 3604 AudioEndpointBuilder - ok
19:01:40.0782 3604 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
19:01:40.0782 3604 AudioSrv - ok
19:01:40.0829 3604 [ 16FABE84916623D0607E4A975544032C ] Avc C:\Windows\system32\DRIVERS\avc.sys
19:01:40.0829 3604 Avc - ok
19:01:40.0844 3604 [ 155F536D6181508929F4FE177F4167CE ] AVCSTRM C:\Windows\system32\DRIVERS\avcstrm.sys
19:01:40.0844 3604 AVCSTRM - ok
19:01:40.0860 3604 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
19:01:40.0876 3604 AxInstSV - ok
19:01:40.0891 3604 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
19:01:40.0891 3604 b06bdrv - ok
19:01:40.0907 3604 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
19:01:40.0907 3604 b57nd60a - ok
19:01:40.0954 3604 [ F29D375926E36E3A56AF4805C7749302 ] BCUService C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe
19:01:40.0954 3604 BCUService - ok
19:01:40.0969 3604 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
19:01:40.0969 3604 BDESVC - ok
19:01:40.0985 3604 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
19:01:40.0985 3604 Beep - ok
19:01:41.0016 3604 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
19:01:41.0016 3604 blbdrive - ok
19:01:41.0078 3604 [ F2060A34C8A75BC24A9222EB4F8C07BD ] Bonjour Service C:\Program Files (x86)\Bonjour\mDNSResponder.exe
19:01:41.0078 3604 Bonjour Service - ok
19:01:41.0125 3604 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:01:41.0125 3604 bowser - ok
19:01:41.0141 3604 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:01:41.0156 3604 BrFiltLo - ok
19:01:41.0172 3604 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:01:41.0172 3604 BrFiltUp - ok
19:01:41.0203 3604 [ 8EF0D5C41EC907751B8429162B1239ED ] Browser C:\Windows\System32\browser.dll
19:01:41.0203 3604 Browser - ok
19:01:41.0234 3604 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
19:01:41.0234 3604 Brserid - ok
19:01:41.0250 3604 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
19:01:41.0250 3604 BrSerWdm - ok
19:01:41.0266 3604 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
19:01:41.0266 3604 BrUsbMdm - ok
19:01:41.0281 3604 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
19:01:41.0281 3604 BrUsbSer - ok
19:01:41.0297 3604 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
19:01:41.0312 3604 BTHMODEM - ok
19:01:41.0312 3604 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
19:01:41.0328 3604 bthserv - ok
19:01:41.0359 3604 [ 9887CA12F407D7FBC7F48F3678F5F0B6 ] BVRPMPR5a64 C:\Windows\system32\drivers\BVRPMPR5a64.SYS
19:01:41.0359 3604 BVRPMPR5a64 - ok
19:01:41.0375 3604 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:01:41.0375 3604 cdfs - ok
19:01:41.0422 3604 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
19:01:41.0422 3604 cdrom - ok
19:01:41.0468 3604 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
19:01:41.0468 3604 CertPropSvc - ok
19:01:41.0484 3604 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
19:01:41.0484 3604 circlass - ok
19:01:41.0500 3604 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
19:01:41.0500 3604 CLFS - ok
19:01:41.0562 3604 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\msco rsvw.exe
19:01:41.0562 3604 clr_optimization_v2.0.50727_32 - ok
19:01:41.0593 3604 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ms corsvw.exe
19:01:41.0593 3604 clr_optimization_v2.0.50727_64 - ok
19:01:41.0656 3604 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\msco rsvw.exe
19:01:41.0687 3604 clr_optimization_v4.0.30319_32 - ok
19:01:41.0734 3604 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ms corsvw.exe
19:01:41.0749 3604 clr_optimization_v4.0.30319_64 - ok
19:01:41.0765 3604 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
19:01:41.0765 3604 CmBatt - ok
19:01:41.0765 3604 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
19:01:41.0765 3604 cmdide - ok
19:01:41.0812 3604 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
19:01:41.0812 3604 CNG - ok
19:01:41.0827 3604 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
19:01:41.0827 3604 Compbatt - ok
19:01:41.0858 3604 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
19:01:41.0874 3604 CompositeBus - ok
19:01:41.0874 3604 COMSysApp - ok
19:01:41.0936 3604 cpuz130 - ok
19:01:41.0952 3604 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
19:01:41.0952 3604 crcdisk - ok
19:01:41.0999 3604 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:01:41.0999 3604 CryptSvc - ok
19:01:42.0030 3604 [ 15C2AFD86D8A58354FC100434C78B621 ] dc3d C:\Windows\system32\DRIVERS\dc3d.sys
19:01:42.0030 3604 dc3d - ok
19:01:42.0124 3604 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
19:01:42.0139 3604 DcomLaunch - ok
19:01:42.0155 3604 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
19:01:42.0155 3604 defragsvc - ok
19:01:42.0202 3604 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:01:42.0202 3604 DfsC - ok
19:01:42.0233 3604 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
19:01:42.0233 3604 Dhcp - ok
19:01:42.0248 3604 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
19:01:42.0248 3604 discache - ok
19:01:42.0248 3604 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
19:01:42.0248 3604 Disk - ok
19:01:42.0295 3604 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:01:42.0295 3604 Dnscache - ok
19:01:42.0342 3604 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
19:01:42.0342 3604 dot3svc - ok
19:01:42.0373 3604 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
19:01:42.0373 3604 DPS - ok
19:01:42.0389 3604 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:01:42.0404 3604 drmkaud - ok
19:01:42.0420 3604 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:01:42.0420 3604 DXGKrnl - ok
19:01:42.0451 3604 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
19:01:42.0451 3604 EapHost - ok
19:01:42.0498 3604 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
19:01:45.0446 3604 ebdrv - ok
19:01:45.0524 3604 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
19:01:45.0540 3604 EFS - ok
19:01:45.0649 3604 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
19:01:45.0680 3604 ehRecvr - ok
19:01:45.0696 3604 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
19:01:45.0696 3604 ehSched - ok
19:01:45.0727 3604 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
19:01:45.0727 3604 elxstor - ok
19:01:45.0774 3604 [ 12C061D9F9621BE916D58191872EC281 ] ENTECH64 C:\Windows\system32\DRIVERS\ENTECH64.sys
19:01:45.0774 3604 ENTECH64 - ok
19:01:45.0805 3604 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
19:01:45.0821 3604 ErrDev - ok
19:01:45.0836 3604 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
19:01:45.0852 3604 EventSystem - ok
19:01:45.0868 3604 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
19:01:45.0868 3604 exfat - ok
19:01:45.0883 3604 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:01:45.0883 3604 fastfat - ok
19:01:45.0930 3604 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
19:01:45.0946 3604 Fax - ok
19:01:45.0946 3604 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
19:01:45.0946 3604 fdc - ok
19:01:45.0961 3604 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
19:01:45.0961 3604 fdPHost - ok
19:01:45.0961 3604 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
19:01:45.0961 3604 FDResPub - ok
19:01:45.0977 3604 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:01:45.0977 3604 FileInfo - ok
19:01:45.0992 3604 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:01:45.0992 3604 Filetrace - ok
19:01:45.0992 3604 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
19:01:45.0992 3604 flpydisk - ok
19:01:46.0055 3604 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:01:46.0055 3604 FltMgr - ok
19:01:46.0117 3604 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
19:01:46.0133 3604 FontCache - ok
19:01:46.0180 3604 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\Pres entationFontCache.exe
19:01:46.0195 3604 FontCache3.0.0.0 - ok
19:01:46.0211 3604 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
19:01:46.0211 3604 FsDepends - ok
19:01:46.0242 3604 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:01:46.0242 3604 Fs_Rec - ok
19:01:46.0242 3604 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
19:01:46.0258 3604 fvevol - ok
19:01:46.0258 3604 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
19:01:46.0258 3604 gagp30kx - ok
19:01:46.0273 3604 [ 7907E14F9BCF3A4689C9A74A1A873CB6 ] gdrv C:\Windows\gdrv.sys
19:01:46.0273 3604 gdrv - ok
19:01:46.0304 3604 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:01:46.0304 3604 GEARAspiWDM - ok
19:01:46.0351 3604 [ 6D1180296D2B3CBDC9D29B035479259C ] GemCCID C:\Windows\system32\Drivers\GemCCID.sys
19:01:46.0351 3604 GemCCID - ok
19:01:46.0398 3604 [ 0879DC7444A201DF84E69C5DD5083D61 ] getPlusHelper C:\Program Files (x86)\NOS\bin\getPlus_Helper.dll
19:01:46.0398 3604 getPlusHelper - ok
19:01:46.0460 3604 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
19:01:46.0476 3604 gpsvc - ok
19:01:46.0538 3604 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:01:46.0538 3604 gupdate - ok
19:01:46.0554 3604 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:01:46.0554 3604 gupdatem - ok
19:01:46.0570 3604 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
19:01:46.0585 3604 hcw85cir - ok
19:01:46.0616 3604 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:01:46.0632 3604 HdAudAddService - ok
19:01:46.0663 3604 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
19:01:46.0663 3604 HDAudBus - ok
19:01:46.0679 3604 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
19:01:46.0679 3604 HidBatt - ok
19:01:46.0694 3604 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
19:01:46.0694 3604 HidBth - ok
19:01:46.0694 3604 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
19:01:46.0694 3604 HidIr - ok
19:01:46.0710 3604 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
19:01:46.0710 3604 hidserv - ok
19:01:46.0757 3604 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
19:01:46.0757 3604 HidUsb - ok
19:01:46.0788 3604 [ 5A457C3D00C1C701230A12AA1580114D ] HiPatchService C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
19:01:46.0788 3604 HiPatchService - ok
19:01:46.0819 3604 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
19:01:46.0835 3604 hkmsvc - ok
19:01:46.0866 3604 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:01:46.0866 3604 HomeGroupListener - ok
19:01:46.0897 3604 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:01:46.0897 3604 HomeGroupProvider - ok
19:01:46.0944 3604 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
19:01:46.0944 3604 HpSAMD - ok
19:01:47.0006 3604 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:01:47.0022 3604 HTTP - ok
19:01:47.0038 3604 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
19:01:47.0038 3604 hwpolicy - ok
19:01:47.0084 3604 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
19:01:47.0084 3604 i8042prt - ok
19:01:47.0116 3604 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
19:01:47.0116 3604 iaStorV - ok
19:01:47.0178 3604 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:01:47.0303 3604 idsvc - ok
19:01:47.0318 3604 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
19:01:47.0318 3604 iirsp - ok
19:01:47.0365 3604 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
19:01:47.0381 3604 IKEEXT - ok
19:01:47.0490 3604 [ 3EDD3CE185DA3E6AAEC22ADCFD7B1D54 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
19:01:47.0490 3604 IntcAzAudAddService - ok
19:01:47.0537 3604 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
19:01:47.0552 3604 intelide - ok
19:01:47.0584 3604 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
19:01:47.0584 3604 intelppm - ok
19:01:47.0599 3604 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:01:47.0599 3604 IPBusEnum - ok
19:01:47.0630 3604 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:01:47.0630 3604 IpFilterDriver - ok
19:01:47.0662 3604 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
19:01:47.0662 3604 IPMIDRV - ok
19:01:47.0677 3604 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
19:01:47.0677 3604 IPNAT - ok
19:01:47.0755 3604 [ D38469601B72D2DA4F847FC642174E21 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
19:01:47.0771 3604 iPod Service - ok
19:01:47.0786 3604 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:01:47.0786 3604 IRENUM - ok
19:01:47.0802 3604 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:01:47.0802 3604 isapnp - ok
19:01:47.0818 3604 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
19:01:47.0818 3604 iScsiPrt - ok
19:01:47.0896 3604 [ B4CDA1B4263B53D249AC27A4892DA634 ] JMB36X C:\Windows\SysWOW64\XSrvSetup.exe
19:01:47.0911 3604 JMB36X - ok
19:01:47.0927 3604 [ 75DDB94A2A24F9F7037D10A2DDA06D36 ] JRAID C:\Windows\system32\DRIVERS\jraid.sys
19:01:47.0927 3604 JRAID - ok
19:01:47.0942 3604 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
19:01:47.0942 3604 kbdclass - ok
19:01:47.0942 3604 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
19:01:47.0958 3604 kbdhid - ok
19:01:47.0958 3604 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
19:01:47.0958 3604 KeyIso - ok
19:01:47.0989 3604 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:01:48.0005 3604 KSecDD - ok
19:01:48.0036 3604 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
19:01:48.0036 3604 KSecPkg - ok
19:01:48.0036 3604 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
19:01:48.0036 3604 ksthunk - ok
19:01:48.0067 3604 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
19:01:48.0083 3604 KtmRm - ok
19:01:48.0130 3604 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
19:01:48.0130 3604 LanmanServer - ok
19:01:48.0176 3604 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:01:48.0176 3604 LanmanWorkstation - ok
19:01:48.0239 3604 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:01:48.0239 3604 lltdio - ok
19:01:48.0566 3604 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:01:48.0582 3604 lltdsvc - ok
19:01:48.0629 3604 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
19:01:48.0644 3604 lmhosts - ok
19:01:48.0676 3604 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
19:01:48.0691 3604 LSI_FC - ok
19:01:48.0785 3604 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
19:01:48.0800 3604 LSI_SAS - ok
19:01:48.0847 3604 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:01:48.0847 3604 LSI_SAS2 - ok
19:01:48.0878 3604 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:01:48.0894 3604 LSI_SCSI - ok
19:01:48.0941 3604 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
19:01:48.0941 3604 luafv - ok
19:01:49.0222 3604 [ 024DA28053D57E9E32BEE52600576BBB ] MarvinBus C:\Windows\system32\DRIVERS\MarvinBus64.sys
19:01:49.0253 3604 MarvinBus - ok
19:01:49.0346 3604 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
19:01:49.0362 3604 Mcx2Svc - ok
19:01:49.0440 3604 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
19:01:49.0440 3604 megasas - ok
19:01:49.0502 3604 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
19:01:49.0502 3604 MegaSR - ok
19:01:49.0690 3604 Microsoft SharePoint Workspace Audit Service - ok
19:01:49.0721 3604 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
19:01:49.0721 3604 MMCSS - ok
19:01:49.0736 3604 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
19:01:49.0736 3604 Modem - ok
19:01:49.0783 3604 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:01:49.0783 3604 monitor - ok
19:01:49.0799 3604 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
19:01:49.0799 3604 mouclass - ok
19:01:49.0830 3604 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:01:49.0846 3604 mouhid - ok
19:01:49.0877 3604 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
19:01:49.0877 3604 mountmgr - ok
19:01:49.0939 3604 [ 94C66EDEDCDB6A126880472F9A704D8E ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
19:01:49.0939 3604 MpFilter - ok
19:01:49.0986 3604 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
19:01:49.0986 3604 mpio - ok
19:01:50.0002 3604 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:01:50.0002 3604 mpsdrv - ok
19:01:50.0033 3604 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:01:50.0033 3604 MRxDAV - ok
19:01:50.0080 3604 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:01:50.0080 3604 mrxsmb - ok
19:01:50.0111 3604 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:01:50.0126 3604 mrxsmb10 - ok
19:01:50.0126 3604 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:01:50.0126 3604 mrxsmb20 - ok
19:01:50.0142 3604 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
19:01:50.0142 3604 msahci - ok
19:01:50.0142 3604 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
19:01:50.0158 3604 msdsm - ok
19:01:50.0158 3604 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
19:01:50.0158 3604 MSDTC - ok
19:01:50.0173 3604 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:01:50.0173 3604 Msfs - ok
19:01:50.0189 3604 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
19:01:50.0189 3604 mshidkmdf - ok
19:01:50.0189 3604 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:01:50.0189 3604 msisadrv - ok
19:01:50.0220 3604 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:01:50.0220 3604 MSiSCSI - ok
19:01:50.0220 3604 msiserver - ok
19:01:50.0236 3604 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:01:50.0236 3604 MSKSSRV - ok
19:01:50.0251 3604 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:01:50.0251 3604 MSPCLOCK - ok
19:01:50.0267 3604 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:01:50.0267 3604 MSPQM - ok
19:01:50.0298 3604 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:01:50.0298 3604 MsRPC - ok
19:01:50.0298 3604 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
19:01:50.0298 3604 mssmbios - ok
19:01:50.0329 3604 [ 966EC55988D580B9823C453781309450 ] MSTAPE C:\Windows\system32\DRIVERS\mstape.sys
19:01:50.0329 3604 MSTAPE - ok
19:01:50.0329 3604 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:01:50.0329 3604 MSTEE - ok
19:01:50.0345 3604 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
19:01:50.0345 3604 MTConfig - ok
19:01:50.0360 3604 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
19:01:50.0360 3604 Mup - ok
19:01:50.0376 3604 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
19:01:50.0376 3604 napagent - ok
19:01:50.0407 3604 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:01:50.0407 3604 NativeWifiP - ok
19:01:50.0423 3604 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
19:01:50.0438 3604 NDIS - ok
19:01:50.0454 3604 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
19:01:50.0454 3604 NdisCap - ok
19:01:50.0470 3604 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:01:50.0470 3604 NdisTapi - ok
19:01:50.0501 3604 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:01:50.0501 3604 Ndisuio - ok
19:01:50.0532 3604 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:01:50.0563 3604 NdisWan - ok
19:01:50.0579 3604 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:01:50.0579 3604 NDProxy - ok
19:01:50.0594 3604 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:01:50.0594 3604 NetBIOS - ok
19:01:50.0610 3604 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
19:01:50.0626 3604 NetBT - ok
19:01:50.0626 3604 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
19:01:50.0626 3604 Netlogon - ok
19:01:50.0672 3604 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
19:01:50.0672 3604 Netman - ok
19:01:50.0688 3604 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
19:01:50.0688 3604 netprofm - ok
19:01:50.0704 3604 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
Reply With Quote
Reply

Bookmarks

Topic Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump




All times are GMT +1. The time now is 04:34 PM.