Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Malware, MSI file missing [Closed]


  • This topic is locked This topic is locked

#1
irshrose

irshrose

    New Member

  • Member
  • Pip
  • 6 posts
I downloaded a file from Facebook and was infected with some malware. I ran a windows security scan and the malware was removed. But now my compter is missing an MSI file. I can't udate my virus (AVG) software or run any windows updates. For some reason i can't get access to my dvd to run my backup disks to reinstall. I am running windows 7 on an asus computer. 3 years old. I am not familiar with using system files, i also can't afford a ITT teck to repair. PLEASE help me if possible. Also my computer is running very very slow.

Thank you
  • 0

Advertisements


#2
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Hello irshrose and welcome to my office here at G2G! Posted Image

My nick is maliprog and I'll be your technical support on this issue. Before we start please read my notes carefully:

NOTES:
  • Malware removal is NOT instantaneous, most infections require several courses of action to completely eradicate.
  • Absence of symptoms does not always mean the computer is clean
  • Kindly follow my instructions in the order posted. Order is crucial in cleaning process.
  • Please DO NOT run any scans or fix on your own without my direction.
  • Please read all of my response through at least once before attempting to follow the procedures described.
  • If there's anything you don't understand or isn't totally clear, please come back to me for clarification.
  • Please do not attach any log files to your replies unless I specifically ask you. Instead please copy and paste it to include the log in your reply.
  • You must reply within 3 days or your topic will be closed
Step 1

Download the latest version of TDSSKiller from here and save it to your Desktop.

  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
  • Check the boxes beside:

    • Loaded modules

  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Make sure to check:

    • Services and drivers
    • Boot sectors
    • Loaded modules
    • Verify Driver Digital Signature
    • Detect TDLFS file system

  • then click OK.
  • Click the Start Scan button to start the scan.
  • If a suspicious object is detected, the default action will be Skip
  • If malicious objects are found, they will show in the Scan results and offer three (3) options.
  • Ensure Cure is selected for malicious objects

    Posted Image
  • Click Continue then Reboot now to finish the cleaning process.
  • Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.

Step 2

Download OTL to your Desktop

  • Double click on the icon to run it (If running Vista or Windows 7, right click on it and select "Run as an Administrator"). Make sure all other windows are closed and to let it run uninterrupted.
  • Under the Custom Scan/Fixes box paste this in
netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
services.exe
/md5stop
%systemroot%\*. /mp /s
CREATERESTOREPOINT

  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them if you need to start a new topic.

Step 3

Please don't forget to include these items in your reply:

  • TDSSKiller
  • OTL log
  • OTL Extras log
It would be helpful if you could post each log in separate post using "Add Reply" button
  • 0

#3
irshrose

irshrose

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
01:40:19.0449 1940 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
01:40:19.0815 1940 ============================================================
01:40:19.0815 1940 Current date / time: 2012/10/08 01:40:19.0815
01:40:19.0815 1940 SystemInfo:
01:40:19.0815 1940
01:40:19.0816 1940 OS Version: 6.1.7601 ServicePack: 1.0
01:40:19.0816 1940 Product type: Workstation
01:40:19.0816 1940 ComputerName: ROSE-PC
01:40:19.0816 1940 UserName: Rose
01:40:19.0816 1940 Windows directory: C:\Windows
01:40:19.0816 1940 System windows directory: C:\Windows
01:40:19.0816 1940 Running under WOW64
01:40:19.0816 1940 Processor architecture: Intel x64
01:40:19.0816 1940 Number of processors: 2
01:40:19.0816 1940 Page size: 0x1000
01:40:19.0816 1940 Boot type: Normal boot
01:40:19.0816 1940 ============================================================
01:40:21.0321 1940 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
01:40:21.0326 1940 ============================================================
01:40:21.0327 1940 \Device\Harddisk0\DR0:
01:40:21.0327 1940 MBR partitions:
01:40:21.0327 1940 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2711676, BlocksNum 0x22D1CC3A
01:40:21.0327 1940 ============================================================
01:40:21.0336 1940 C: <-> \Device\Harddisk0\DR0\Partition1
01:40:21.0336 1940 ============================================================
01:40:21.0337 1940 Initialize success
01:40:21.0337 1940 ============================================================
01:41:35.0180 4072 Deinitialize success
  • 0

#4
irshrose

irshrose

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
53:11.0821 3100 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
01:53:12.0554 3100 ============================================================
01:53:12.0554 3100 Current date / time: 2012/10/08 01:53:12.0554
01:53:12.0554 3100 SystemInfo:
01:53:12.0554 3100
01:53:12.0554 3100 OS Version: 6.1.7601 ServicePack: 1.0
01:53:12.0554 3100 Product type: Workstation
01:53:12.0554 3100 ComputerName: ROSE-PC
01:53:12.0554 3100 UserName: Rose
01:53:12.0554 3100 Windows directory: C:\Windows
01:53:12.0554 3100 System windows directory: C:\Windows
01:53:12.0554 3100 Running under WOW64
01:53:12.0554 3100 Processor architecture: Intel x64
01:53:12.0554 3100 Number of processors: 2
01:53:12.0554 3100 Page size: 0x1000
01:53:12.0554 3100 Boot type: Normal boot
01:53:12.0554 3100 ============================================================
01:53:43.0598 3100 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
01:53:43.0661 3100 ============================================================
01:53:43.0661 3100 \Device\Harddisk0\DR0:
01:53:43.0676 3100 MBR partitions:
01:53:43.0676 3100 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2711676, BlocksNum 0x22D1CC3A
01:53:43.0676 3100 ============================================================
01:53:43.0754 3100 C: <-> \Device\Harddisk0\DR0\Partition1
01:53:43.0754 3100 ============================================================
01:53:43.0754 3100 Initialize success
01:53:43.0754 3100 ============================================================
01:59:29.0945 4920 ============================================================
01:59:29.0945 4920 Scan started
01:59:29.0945 4920 Mode: Manual; SigCheck; TDLFS;
01:59:29.0945 4920 ============================================================
01:59:30.0335 4920 ================ Scan system memory ========================
01:59:30.0335 4920 System memory - ok
01:59:30.0335 4920 ================ Scan services =============================
01:59:30.0600 4920 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
01:59:30.0756 4920 1394ohci - ok
01:59:30.0818 4920 72305091 - ok
01:59:30.0849 4920 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
01:59:30.0896 4920 ACPI - ok
01:59:30.0927 4920 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
01:59:31.0037 4920 AcpiPmi - ok
01:59:31.0161 4920 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
01:59:31.0193 4920 AdobeARMservice - ok
01:59:31.0317 4920 [ E12CFCF1DDBFC50948A75E6E38793225 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
01:59:31.0333 4920 AdobeFlashPlayerUpdateSvc - ok
01:59:31.0411 4920 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
01:59:31.0458 4920 adp94xx - ok
01:59:31.0489 4920 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
01:59:31.0520 4920 adpahci - ok
01:59:31.0567 4920 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
01:59:31.0583 4920 adpu320 - ok
01:59:31.0676 4920 [ C0BF554D2277F7A4C735D475ADE2E3B2 ] ADSMService C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
01:59:31.0723 4920 ADSMService ( UnsignedFile.Multi.Generic ) - warning
01:59:31.0723 4920 ADSMService - detected UnsignedFile.Multi.Generic (1)
01:59:31.0754 4920 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
01:59:31.0801 4920 AeLookupSvc - ok
01:59:31.0879 4920 [ 2D00D3DADC1D3326BA788EB071F2726E ] AFBAgent C:\Windows\system32\FBAgent.exe
01:59:31.0910 4920 AFBAgent - ok
01:59:32.0004 4920 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
01:59:32.0113 4920 AFD - ok
01:59:32.0160 4920 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
01:59:32.0175 4920 agp440 - ok
01:59:32.0222 4920 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
01:59:32.0300 4920 ALG - ok
01:59:32.0363 4920 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
01:59:32.0378 4920 aliide - ok
01:59:32.0409 4920 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
01:59:32.0425 4920 amdide - ok
01:59:32.0487 4920 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
01:59:32.0550 4920 AmdK8 - ok
01:59:32.0581 4920 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
01:59:32.0643 4920 AmdPPM - ok
01:59:32.0706 4920 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
01:59:32.0737 4920 amdsata - ok
01:59:32.0784 4920 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
01:59:32.0815 4920 amdsbs - ok
01:59:32.0846 4920 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
01:59:32.0862 4920 amdxata - ok
01:59:32.0924 4920 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
01:59:33.0002 4920 AppID - ok
01:59:33.0033 4920 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
01:59:33.0127 4920 AppIDSvc - ok
01:59:33.0158 4920 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
01:59:33.0189 4920 Appinfo - ok
01:59:33.0267 4920 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
01:59:33.0283 4920 arc - ok
01:59:33.0283 4920 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
01:59:33.0299 4920 arcsas - ok
01:59:33.0330 4920 [ 88FBC8BEBFD38566235EAA5E4DBC4E05 ] AsDsm C:\Windows\system32\drivers\AsDsm.sys
01:59:33.0345 4920 AsDsm - ok
01:59:33.0408 4920 [ 18E5C2F937F9DEB8C282DF66A3761925 ] ASLDRService C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
01:59:33.0423 4920 ASLDRService - ok
01:59:33.0470 4920 [ 2DB34EDD17D3A8DA7105A19C95A3DD68 ] ASMMAP64 C:\Program Files\ATKGFNEX\ASMMAP64.sys
01:59:33.0486 4920 ASMMAP64 - ok
01:59:33.0533 4920 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
01:59:33.0611 4920 AsyncMac - ok
01:59:33.0689 4920 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
01:59:33.0720 4920 atapi - ok
01:59:33.0829 4920 [ A5E770426D18F8EF332A593F3289DA91 ] athr C:\Windows\system32\DRIVERS\athrx.sys
01:59:34.0032 4920 athr - ok
01:59:34.0063 4920 [ 7C157574A181B19B9DCF5F339E25337E ] ATKGFNEXSrv C:\Program Files\ATKGFNEX\GFNEXSrv.exe
01:59:34.0094 4920 ATKGFNEXSrv ( UnsignedFile.Multi.Generic ) - warning
01:59:34.0094 4920 ATKGFNEXSrv - detected UnsignedFile.Multi.Generic (1)
01:59:34.0157 4920 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
01:59:34.0219 4920 AudioEndpointBuilder - ok
01:59:34.0250 4920 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
01:59:34.0297 4920 AudioSrv - ok
01:59:34.0375 4920 [ 96B4456F1DCA4EDA506ED31C7D2D6B05 ] Avgfwfd C:\Windows\system32\DRIVERS\avgfwd6a.sys
01:59:34.0391 4920 Avgfwfd - ok
01:59:34.0406 4920 AVGIDSDriver - ok
01:59:34.0453 4920 AVGIDSFilter - ok
01:59:34.0500 4920 [ CFFC3A4A638F462E0561CB368B9A7A3A ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys
01:59:34.0515 4920 AVGIDSHA - ok
01:59:34.0547 4920 [ 221FEBAB02D6C97C95558348CC354A85 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys
01:59:34.0562 4920 Avgldx64 - ok
01:59:34.0593 4920 [ A6AEC362AAE5E2DDA7445E7690CB0F33 ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys
01:59:34.0609 4920 Avgmfx64 - ok
01:59:34.0640 4920 Avgrkx64 - ok
01:59:34.0703 4920 [ F8C3C7ED612A41B05C66358FC9786BFD ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys
01:59:34.0734 4920 Avgtdia - ok
01:59:34.0796 4920 [ DE24B2CA078FC6A7EAA53B1DFD3F61CF ] avgtp C:\Windows\system32\drivers\avgtpx64.sys
01:59:34.0812 4920 avgtp - ok
01:59:34.0874 4920 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
01:59:35.0015 4920 AxInstSV - ok
01:59:35.0093 4920 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
01:59:35.0171 4920 b06bdrv - ok
01:59:35.0233 4920 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
01:59:35.0295 4920 b57nd60a - ok
01:59:35.0420 4920 [ F48FEB7DA35821DA15E0B006DCB9A169 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe
01:59:35.0483 4920 BBSvc - ok
01:59:35.0483 4920 [ 8E16F7A85441986FD2B9CE6C879524E4 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe
01:59:35.0498 4920 BBUpdate - ok
01:59:35.0545 4920 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
01:59:35.0623 4920 BDESVC - ok
01:59:35.0670 4920 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
01:59:35.0763 4920 Beep - ok
01:59:35.0841 4920 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
01:59:35.0935 4920 BFE - ok
01:59:35.0982 4920 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
01:59:36.0060 4920 BITS - ok
01:59:36.0107 4920 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
01:59:36.0153 4920 blbdrive - ok
01:59:36.0247 4920 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
01:59:36.0278 4920 Bonjour Service - ok
01:59:36.0325 4920 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
01:59:36.0387 4920 bowser - ok
01:59:36.0419 4920 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
01:59:36.0497 4920 BrFiltLo - ok
01:59:36.0528 4920 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
01:59:36.0559 4920 BrFiltUp - ok
01:59:36.0606 4920 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
01:59:36.0699 4920 Browser - ok
01:59:36.0762 4920 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
01:59:36.0855 4920 Brserid - ok
01:59:36.0871 4920 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
01:59:36.0918 4920 BrSerWdm - ok
01:59:36.0949 4920 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
01:59:36.0980 4920 BrUsbMdm - ok
01:59:36.0980 4920 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
01:59:37.0027 4920 BrUsbSer - ok
01:59:37.0058 4920 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
01:59:37.0105 4920 BTHMODEM - ok
01:59:37.0152 4920 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
01:59:37.0214 4920 bthserv - ok
01:59:37.0245 4920 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
01:59:37.0308 4920 cdfs - ok
01:59:37.0355 4920 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
01:59:37.0401 4920 cdrom - ok
01:59:37.0448 4920 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
01:59:37.0526 4920 CertPropSvc - ok
01:59:37.0589 4920 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
01:59:37.0620 4920 circlass - ok
01:59:37.0682 4920 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
01:59:37.0713 4920 CLFS - ok
01:59:37.0791 4920 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
01:59:37.0854 4920 clr_optimization_v2.0.50727_32 - ok
01:59:37.0963 4920 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
01:59:37.0979 4920 clr_optimization_v2.0.50727_64 - ok
01:59:38.0088 4920 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
01:59:38.0150 4920 clr_optimization_v4.0.30319_32 - ok
01:59:38.0228 4920 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
01:59:38.0291 4920 clr_optimization_v4.0.30319_64 - ok
01:59:38.0353 4920 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
01:59:38.0415 4920 CmBatt - ok
01:59:38.0462 4920 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
01:59:38.0478 4920 cmdide - ok
01:59:38.0540 4920 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
01:59:38.0571 4920 CNG - ok
01:59:38.0634 4920 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
01:59:38.0649 4920 Compbatt - ok
01:59:38.0727 4920 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
01:59:38.0774 4920 CompositeBus - ok
01:59:38.0790 4920 COMSysApp - ok
01:59:38.0821 4920 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
01:59:38.0821 4920 crcdisk - ok
01:59:38.0883 4920 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
01:59:38.0977 4920 CryptSvc - ok
01:59:39.0211 4920 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
01:59:39.0227 4920 cvhsvc - ok
01:59:39.0289 4920 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
01:59:39.0351 4920 DcomLaunch - ok
01:59:39.0414 4920 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
01:59:39.0492 4920 defragsvc - ok
01:59:39.0539 4920 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
01:59:39.0632 4920 DfsC - ok
01:59:39.0679 4920 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
01:59:39.0757 4920 Dhcp - ok
01:59:39.0788 4920 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
01:59:39.0835 4920 discache - ok
01:59:39.0882 4920 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
01:59:39.0897 4920 Disk - ok
01:59:40.0007 4920 [ 6CF2EBB115DE91515D620244CC90F847 ] dldoCATSCustConnectService C:\Windows\system32\spool\DRIVERS\x64\3\\dldoserv.exe
01:59:40.0053 4920 dldoCATSCustConnectService - ok
01:59:40.0053 4920 dldo_device - ok
01:59:40.0100 4920 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
01:59:40.0194 4920 Dnscache - ok
01:59:40.0256 4920 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
01:59:40.0334 4920 dot3svc - ok
01:59:40.0381 4920 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
01:59:40.0443 4920 DPS - ok
01:59:40.0475 4920 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
01:59:40.0537 4920 drmkaud - ok
01:59:40.0599 4920 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
01:59:40.0631 4920 DXGKrnl - ok
01:59:40.0693 4920 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
01:59:40.0802 4920 EapHost - ok
01:59:40.0896 4920 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
01:59:41.0067 4920 ebdrv - ok
01:59:41.0114 4920 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
01:59:41.0161 4920 EFS - ok
01:59:41.0255 4920 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
01:59:41.0333 4920 ehRecvr - ok
01:59:41.0364 4920 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
01:59:41.0411 4920 ehSched - ok
01:59:41.0489 4920 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
01:59:41.0520 4920 elxstor - ok
01:59:41.0567 4920 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
01:59:41.0598 4920 ErrDev - ok
01:59:41.0629 4920 [ 3C38648375B7F3988691F53A7AAE10A9 ] ETD C:\Windows\system32\DRIVERS\ETD.sys
01:59:41.0676 4920 ETD - ok
01:59:41.0723 4920 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
01:59:41.0769 4920 EventSystem - ok
01:59:41.0832 4920 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
01:59:41.0879 4920 exfat - ok
01:59:41.0910 4920 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
01:59:41.0957 4920 fastfat - ok
01:59:42.0019 4920 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
01:59:42.0128 4920 Fax - ok
01:59:42.0144 4920 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
01:59:42.0191 4920 fdc - ok
01:59:42.0222 4920 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
01:59:42.0269 4920 fdPHost - ok
01:59:42.0284 4920 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
01:59:42.0347 4920 FDResPub - ok
01:59:42.0393 4920 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
01:59:42.0409 4920 FileInfo - ok
01:59:42.0425 4920 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
01:59:42.0503 4920 Filetrace - ok
01:59:42.0518 4920 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
01:59:42.0549 4920 flpydisk - ok
01:59:42.0581 4920 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
01:59:42.0596 4920 FltMgr - ok
01:59:42.0643 4920 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
01:59:42.0737 4920 FontCache - ok
01:59:42.0799 4920 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
01:59:42.0830 4920 FontCache3.0.0.0 - ok
01:59:42.0846 4920 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
01:59:42.0877 4920 FsDepends - ok
01:59:42.0939 4920 [ 07DA62C960DDCCC2D35836AEAB4FC578 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
01:59:42.0955 4920 fssfltr - ok
01:59:43.0064 4920 [ 28DDEEEC44E988657B732CF404D504CB ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
01:59:43.0142 4920 fsssvc - ok
01:59:43.0189 4920 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
01:59:43.0205 4920 Fs_Rec - ok
01:59:43.0267 4920 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
01:59:43.0283 4920 fvevol - ok
01:59:43.0329 4920 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
01:59:43.0345 4920 gagp30kx - ok
01:59:43.0392 4920 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
01:59:43.0454 4920 gpsvc - ok
01:59:43.0485 4920 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
01:59:43.0532 4920 hcw85cir - ok
01:59:43.0595 4920 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
01:59:43.0673 4920 HdAudAddService - ok
01:59:43.0704 4920 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
01:59:43.0735 4920 HDAudBus - ok
01:59:43.0766 4920 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
01:59:43.0797 4920 HidBatt - ok
01:59:43.0813 4920 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
01:59:43.0860 4920 HidBth - ok
01:59:43.0875 4920 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
01:59:43.0922 4920 HidIr - ok
01:59:43.0953 4920 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
01:59:44.0031 4920 hidserv - ok
01:59:44.0094 4920 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
01:59:44.0125 4920 HidUsb - ok
01:59:44.0172 4920 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
01:59:44.0250 4920 hkmsvc - ok
01:59:44.0297 4920 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
01:59:44.0359 4920 HomeGroupListener - ok
01:59:44.0390 4920 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
01:59:44.0437 4920 HomeGroupProvider - ok
01:59:44.0484 4920 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
01:59:44.0499 4920 HpSAMD - ok
01:59:44.0546 4920 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
01:59:44.0624 4920 HTTP - ok
01:59:44.0655 4920 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
01:59:44.0687 4920 hwpolicy - ok
01:59:44.0733 4920 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
01:59:44.0765 4920 i8042prt - ok
01:59:44.0811 4920 [ BBB3B6DF1ABB0FE35802EDE85CC1C011 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
01:59:44.0827 4920 iaStor - ok
01:59:44.0874 4920 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
01:59:44.0905 4920 iaStorV - ok
01:59:44.0952 4920 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
01:59:44.0999 4920 idsvc - ok
01:59:45.0279 4920 [ C6238C6ABD6AC99F5D152DA4E9439A3D ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
01:59:45.0732 4920 igfx - ok
01:59:45.0794 4920 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
01:59:45.0810 4920 iirsp - ok
01:59:45.0857 4920 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
01:59:45.0966 4920 IKEEXT - ok
01:59:45.0997 4920 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
01:59:46.0013 4920 intelide - ok
01:59:46.0044 4920 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
01:59:46.0075 4920 intelppm - ok
01:59:46.0106 4920 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
01:59:46.0184 4920 IPBusEnum - ok
01:59:46.0215 4920 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
01:59:46.0278 4920 IpFilterDriver - ok
01:59:46.0309 4920 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
01:59:46.0418 4920 iphlpsvc - ok
01:59:46.0465 4920 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
01:59:46.0543 4920 IPMIDRV - ok
01:59:46.0574 4920 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
01:59:46.0683 4920 IPNAT - ok
01:59:46.0761 4920 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
01:59:46.0839 4920 IRENUM - ok
01:59:46.0871 4920 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
01:59:46.0902 4920 isapnp - ok
01:59:46.0949 4920 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
01:59:46.0980 4920 iScsiPrt - ok
01:59:46.0995 4920 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
01:59:47.0011 4920 kbdclass - ok
01:59:47.0042 4920 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
01:59:47.0073 4920 kbdhid - ok
01:59:47.0120 4920 [ E63EF8C3271D014F14E2469CE75FECB4 ] kbfiltr C:\Windows\system32\DRIVERS\kbfiltr.sys
01:59:47.0136 4920 kbfiltr - ok
01:59:47.0167 4920 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
01:59:47.0198 4920 KeyIso - ok
01:59:47.0229 4920 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
01:59:47.0261 4920 KSecDD - ok
01:59:47.0307 4920 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
01:59:47.0339 4920 KSecPkg - ok
01:59:47.0385 4920 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
01:59:47.0448 4920 ksthunk - ok
01:59:47.0479 4920 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
01:59:47.0573 4920 KtmRm - ok
01:59:47.0604 4920 [ B8E670D7EF61615FA03104552854FAC9 ] L1E C:\Windows\system32\DRIVERS\L1E62x64.sys
01:59:47.0666 4920 L1E - ok
01:59:47.0713 4920 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
01:59:47.0807 4920 LanmanServer - ok
01:59:47.0853 4920 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
01:59:47.0963 4920 LanmanWorkstation - ok
01:59:48.0025 4920 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
01:59:48.0103 4920 lltdio - ok
01:59:48.0134 4920 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
01:59:48.0228 4920 lltdsvc - ok
01:59:48.0259 4920 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
01:59:48.0321 4920 lmhosts - ok
01:59:48.0368 4920 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
01:59:48.0399 4920 LSI_FC - ok
01:59:48.0431 4920 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
01:59:48.0446 4920 LSI_SAS - ok
01:59:48.0462 4920 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
01:59:48.0477 4920 LSI_SAS2 - ok
01:59:48.0493 4920 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
01:59:48.0509 4920 LSI_SCSI - ok
01:59:48.0555 4920 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
01:59:48.0602 4920 luafv - ok
01:59:48.0633 4920 [ 085435AE1A124361304044029B5CC644 ] lullaby C:\Windows\system32\DRIVERS\lullaby.sys
01:59:48.0649 4920 lullaby - ok
01:59:48.0680 4920 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
01:59:48.0711 4920 Mcx2Svc - ok
01:59:48.0727 4920 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
01:59:48.0743 4920 megasas - ok
01:59:48.0774 4920 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
01:59:48.0789 4920 MegaSR - ok
01:59:48.0836 4920 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
01:59:48.0914 4920 MMCSS - ok
01:59:48.0930 4920 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
01:59:48.0992 4920 Modem - ok
01:59:49.0008 4920 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
01:59:49.0055 4920 monitor - ok
01:59:49.0101 4920 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
01:59:49.0133 4920 mouclass - ok
01:59:49.0195 4920 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
01:59:49.0257 4920 mouhid - ok
01:59:49.0304 4920 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
01:59:49.0320 4920 mountmgr - ok
01:59:49.0398 4920 [ 05BF204EC0E82CC4A054DB189C8A3D84 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
01:59:49.0429 4920 MpFilter - ok
01:59:49.0460 4920 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
01:59:49.0476 4920 mpio - ok
01:59:49.0491 4920 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
01:59:49.0538 4920 mpsdrv - ok
01:59:49.0585 4920 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
01:59:49.0679 4920 MpsSvc - ok
01:59:49.0710 4920 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
01:59:49.0803 4920 MRxDAV - ok
01:59:49.0835 4920 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
01:59:49.0897 4920 mrxsmb - ok
01:59:49.0975 4920 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
01:59:50.0037 4920 mrxsmb10 - ok
01:59:50.0084 4920 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
01:59:50.0115 4920 mrxsmb20 - ok
01:59:50.0131 4920 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
01:59:50.0147 4920 msahci - ok
01:59:50.0162 4920 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
01:59:50.0178 4920 msdsm - ok
01:59:50.0209 4920 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
01:59:50.0256 4920 MSDTC - ok
01:59:50.0287 4920 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
01:59:50.0334 4920 Msfs - ok
01:59:50.0349 4920 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
01:59:50.0396 4920 mshidkmdf - ok
01:59:50.0427 4920 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
01:59:50.0443 4920 msisadrv - ok
01:59:50.0490 4920 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
01:59:50.0583 4920 MSiSCSI - ok
01:59:50.0583 4920 msiserver - ok
01:59:50.0630 4920 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
01:59:50.0693 4920 MSKSSRV - ok
01:59:50.0786 4920 [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
01:59:50.0802 4920 MsMpSvc - ok
01:59:50.0833 4920 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
01:59:50.0864 4920 MSPCLOCK - ok
01:59:50.0880 4920 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
01:59:50.0927 4920 MSPQM - ok
01:59:50.0973 4920 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
01:59:50.0989 4920 MsRPC - ok
01:59:51.0036 4920 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
01:59:51.0051 4920 mssmbios - ok
01:59:51.0083 4920 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
01:59:51.0129 4920 MSTEE - ok
01:59:51.0145 4920 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
01:59:51.0192 4920 MTConfig - ok
01:59:51.0239 4920 [ 032D35C996F21D19A205A7C8F0B76F3C ] MTsensor C:\Windows\system32\DRIVERS\ATK64AMD.sys
01:59:51.0254 4920 MTsensor - ok
01:59:51.0270 4920 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
01:59:51.0285 4920 Mup - ok
01:59:51.0332 4920 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
01:59:51.0410 4920 napagent - ok
01:59:51.0473 4920 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
01:59:51.0519 4920 NativeWifiP - ok
01:59:51.0566 4920 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
01:59:51.0613 4920 NDIS - ok
01:59:51.0644 4920 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
01:59:51.0707 4920 NdisCap - ok
01:59:51.0738 4920 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
01:59:51.0800 4920 NdisTapi - ok
01:59:51.0847 4920 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
01:59:51.0894 4920 Ndisuio - ok
01:59:51.0925 4920 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
01:59:52.0019 4920 NdisWan - ok
01:59:52.0065 4920 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
01:59:52.0112 4920 NDProxy - ok
01:59:52.0159 4920 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
01:59:52.0237 4920 NetBIOS - ok
01:59:52.0268 4920 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
01:59:52.0346 4920 NetBT - ok
01:59:52.0393 4920 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
01:59:52.0409 4920 Netlogon - ok
01:59:52.0455 4920 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
01:59:52.0518 4920 Netman - ok
01:59:52.0533 4920 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
01:59:52.0596 4920 netprofm - ok
01:59:52.0627 4920 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
01:59:52.0643 4920 NetTcpPortSharing - ok
01:59:52.0689 4920 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
01:59:52.0705 4920 nfrd960 - ok
01:59:52.0767 4920 [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
01:59:52.0799 4920 NisDrv - ok
01:59:52.0845 4920 [ 79E80B10FE8F6662E0C9162A68C43444 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
01:59:52.0861 4920 NisSrv - ok
01:59:52.0908 4920 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
01:59:52.0986 4920 NlaSvc - ok
01:59:53.0001 4920 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
01:59:53.0064 4920 Npfs - ok
01:59:53.0079 4920 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
01:59:53.0157 4920 nsi - ok
01:59:53.0189 4920 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
01:59:53.0251 4920 nsiproxy - ok
01:59:53.0313 4920 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
01:59:53.0391 4920 Ntfs - ok
01:59:53.0407 4920 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
01:59:53.0469 4920 Null - ok
01:59:53.0516 4920 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
01:59:53.0532 4920 nvraid - ok
01:59:53.0547 4920 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
01:59:53.0563 4920 nvstor - ok
01:59:53.0610 4920 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
01:59:53.0625 4920 nv_agp - ok
01:59:53.0657 4920 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
01:59:53.0688 4920 ohci1394 - ok
01:59:53.0735 4920 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
01:59:53.0766 4920 ose - ok
01:59:53.0937 4920 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
01:59:54.0109 4920 osppsvc - ok
01:59:54.0156 4920 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
01:59:54.0218 4920 p2pimsvc - ok
01:59:54.0249 4920 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
01:59:54.0281 4920 p2psvc - ok
01:59:54.0296 4920 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
01:59:54.0327 4920 Parport - ok
01:59:54.0359 4920 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
01:59:54.0374 4920 partmgr - ok
01:59:54.0390 4920 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
01:59:54.0452 4920 PcaSvc - ok
01:59:54.0499 4920 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
01:59:54.0515 4920 pci - ok
01:59:54.0530 4920 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
01:59:54.0546 4920 pciide - ok
01:59:54.0561 4920 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
01:59:54.0593 4920 pcmcia - ok
01:59:54.0608 4920 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
01:59:54.0624 4920 pcw - ok
01:59:54.0655 4920 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
01:59:54.0702 4920 PEAUTH - ok
01:59:54.0780 4920 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
01:59:54.0842 4920 PerfHost - ok
01:59:54.0920 4920 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
01:59:55.0014 4920 pla - ok
01:59:55.0061 4920 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
01:59:55.0139 4920 PlugPlay - ok
01:59:55.0154 4920 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
01:59:55.0217 4920 PNRPAutoReg - ok
01:59:55.0232 4920 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
01:59:55.0263 4920 PNRPsvc - ok
01:59:55.0310 4920 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
01:59:55.0419 4920 PolicyAgent - ok
01:59:55.0451 4920 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
01:59:55.0544 4920 Power - ok
01:59:55.0591 4920 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
01:59:55.0653 4920 PptpMiniport - ok
01:59:55.0700 4920 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
01:59:55.0747 4920 Processor - ok
01:59:55.0778 4920 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
01:59:55.0872 4920 ProfSvc - ok
01:59:55.0887 4920 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
01:59:55.0919 4920 ProtectedStorage - ok
01:59:55.0981 4920 [ 64E413BA0C529AA40C3924BBCC4153DB ] ProtexisLicensing C:\Windows\SysWOW64\PSIService.exe
01:59:56.0012 4920 ProtexisLicensing ( UnsignedFile.Multi.Generic ) - warning
01:59:56.0012 4920 ProtexisLicensing - detected UnsignedFile.Multi.Generic (1)
01:59:56.0059 4920 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
01:59:56.0137 4920 Psched - ok
01:59:56.0199 4920 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
01:59:56.0277 4920 ql2300 - ok
01:59:56.0309 4920 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
01:59:56.0340 4920 ql40xx - ok
01:59:56.0371 4920 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
01:59:56.0418 4920 QWAVE - ok
01:59:56.0449 4920 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
01:59:56.0496 4920 QWAVEdrv - ok
01:59:56.0511 4920 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
01:59:56.0574 4920 RasAcd - ok
01:59:56.0636 4920 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
01:59:56.0699 4920 RasAgileVpn - ok
01:59:56.0730 4920 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
01:59:56.0855 4920 RasAuto - ok
01:59:56.0901 4920 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
01:59:56.0964 4920 Rasl2tp - ok
01:59:57.0026 4920 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
01:59:57.0089 4920 RasMan - ok
01:59:57.0104 4920 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
01:59:57.0167 4920 RasPppoe - ok
01:59:57.0213 4920 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
01:59:57.0276 4920 RasSstp - ok
01:59:57.0323 4920 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
01:59:57.0401 4920 rdbss - ok
01:59:57.0416 4920 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
01:59:57.0463 4920 rdpbus - ok
01:59:57.0479 4920 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
01:59:57.0541 4920 RDPCDD - ok
01:59:57.0588 4920 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
01:59:57.0666 4920 RDPENCDD - ok
01:59:57.0681 4920 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
01:59:57.0728 4920 RDPREFMP - ok
01:59:57.0775 4920 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
01:59:57.0853 4920 RDPWD - ok
01:59:57.0900 4920 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
01:59:57.0915 4920 rdyboost - ok
01:59:57.0947 4920 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
01:59:58.0025 4920 RemoteAccess - ok
01:59:58.0056 4920 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
01:59:58.0149 4920 RemoteRegistry - ok
01:59:58.0212 4920 [ 9C3AC71A9934B884FAC567A8807E9C4D ] Revoflt C:\Windows\system32\DRIVERS\revoflt.sys
01:59:58.0259 4920 Revoflt - ok
01:59:58.0274 4920 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
01:59:58.0352 4920 RpcEptMapper - ok
01:59:58.0383 4920 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
01:59:58.0415 4920 RpcLocator - ok
01:59:58.0461 4920 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
01:59:58.0524 4920 RpcSs - ok
01:59:58.0571 4920 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
01:59:58.0617 4920 rspndr - ok
01:59:58.0633 4920 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
01:59:58.0649 4920 SamSs - ok
01:59:58.0695 4920 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
01:59:58.0727 4920 sbp2port - ok
01:59:58.0758 4920 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
01:59:58.0836 4920 SCardSvr - ok
01:59:58.0867 4920 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
01:59:58.0914 4920 scfilter - ok
01:59:58.0961 4920 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
01:59:59.0085 4920 Schedule - ok
01:59:59.0148 4920 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
01:59:59.0179 4920 SCPolicySvc - ok
01:59:59.0241 4920 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
01:59:59.0335 4920 SDRSVC - ok
01:59:59.0366 4920 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
01:59:59.0429 4920 secdrv - ok
01:59:59.0475 4920 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
01:59:59.0538 4920 seclogon - ok
01:59:59.0569 4920 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
01:59:59.0631 4920 SENS - ok
01:59:59.0647 4920 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
01:59:59.0725 4920 SensrSvc - ok
01:59:59.0772 4920 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
01:59:59.0803 4920 Serenum - ok
01:59:59.0850 4920 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
01:59:59.0881 4920 Serial - ok
01:59:59.0897 4920 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
01:59:59.0943 4920 sermouse - ok
01:59:59.0975 4920 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
02:00:00.0068 4920 SessionEnv - ok
02:00:00.0099 4920 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
02:00:00.0162 4920 sffdisk - ok
02:00:00.0193 4920 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
02:00:00.0287 4920 sffp_mmc - ok
02:00:00.0318 4920 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
02:00:00.0349 4920 sffp_sd - ok
02:00:00.0380 4920 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
02:00:00.0411 4920 sfloppy - ok
02:00:00.0474 4920 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
02:00:00.0505 4920 Sftfs - ok
02:00:00.0599 4920 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
02:00:00.0645 4920 sftlist - ok
02:00:00.0723 4920 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
02:00:00.0739 4920 Sftplay - ok
02:00:00.0786 4920 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
02:00:00.0786 4920 Sftredir - ok
02:00:00.0833 4920 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
02:00:00.0848 4920 Sftvol - ok
02:00:00.0895 4920 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
02:00:00.0911 4920 sftvsa - ok
02:00:00.0942 4920 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
02:00:01.0035 4920 SharedAccess - ok
02:00:01.0082 4920 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
02:00:01.0160 4920 ShellHWDetection - ok
02:00:01.0191 4920 [ 1BC348CF6BAA90EC8E533EF6E6A69933 ] SiSGbeLH C:\Windows\system32\DRIVERS\SiSG664.sys
02:00:01.0238 4920 SiSGbeLH - ok
02:00:01.0301 4920 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
02:00:01.0332 4920 SiSRaid2 - ok
02:00:01.0347 4920 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
02:00:01.0379 4920 SiSRaid4 - ok
02:00:01.0394 4920 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
02:00:01.0472 4920 Smb - ok
02:00:01.0535 4920 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
02:00:01.0566 4920 SNMPTRAP - ok
02:00:01.0659 4920 [ F06A6DE8438F7446BFF9E61F31356521 ] SNP2UVC C:\Windows\system32\DRIVERS\snp2uvc.sys
02:00:01.0769 4920 SNP2UVC - ok
02:00:01.0815 4920 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
02:00:01.0831 4920 spldr - ok
02:00:01.0862 4920 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
02:00:01.0956 4920 Spooler - ok
02:00:02.0065 4920 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
02:00:02.0159 4920 sppsvc - ok
02:00:02.0190 4920 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
02:00:02.0268 4920 sppuinotify - ok
02:00:02.0315 4920 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
02:00:02.0346 4920 srv - ok
02:00:02.0377 4920 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
02:00:02.0408 4920 srv2 - ok
02:00:02.0424 4920 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
02:00:02.0471 4920 srvnet - ok
02:00:02.0517 4920 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
02:00:02.0595 4920 SSDPSRV - ok
02:00:02.0611 4920 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
02:00:02.0673 4920 SstpSvc - ok
02:00:02.0705 4920 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
02:00:02.0720 4920 stexstor - ok
02:00:02.0783 4920 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
02:00:02.0861 4920 stisvc - ok
02:00:02.0923 4920 [ E350135736D696BF279705E139376E1E ] SWDUMon C:\Windows\system32\DRIVERS\SWDUMon.sys
02:00:02.0970 4920 SWDUMon - ok
02:00:02.0985 4920 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
02:00:03.0001 4920 swenum - ok
02:00:03.0032 4920 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
02:00:03.0126 4920 swprv - ok
02:00:03.0204 4920 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
02:00:03.0282 4920 SysMain - ok
02:00:03.0313 4920 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
02:00:03.0375 4920 TabletInputService - ok
02:00:03.0422 4920 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
02:00:03.0547 4920 TapiSrv - ok
02:00:03.0578 4920 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
02:00:03.0672 4920 TBS - ok
02:00:03.0797 4920 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
02:00:03.0875 4920 Tcpip - ok
02:00:03.0921 4920 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
02:00:03.0953 4920 TCPIP6 - ok
02:00:03.0999 4920 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
02:00:04.0046 4920 tcpipreg - ok
02:00:04.0093 4920 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
02:00:04.0140 4920 TDPIPE - ok
02:00:04.0187 4920 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
02:00:04.0233 4920 TDTCP - ok
02:00:04.0265 4920 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
02:00:04.0343 4920 tdx - ok
02:00:04.0374 4920 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
02:00:04.0389 4920 TermDD - ok
02:00:04.0436 4920 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
02:00:04.0530 4920 TermService - ok
02:00:04.0561 4920 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
02:00:04.0623 4920 Themes - ok
02:00:04.0655 4920 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
02:00:04.0701 4920 THREADORDER - ok
02:00:04.0748 4920 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
02:00:04.0842 4920 TrkWks - ok
02:00:04.0904 4920 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
02:00:04.0967 4920 TrustedInstaller - ok
02:00:04.0998 4920 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
02:00:05.0060 4920 tssecsrv - ok
02:00:05.0123 4920 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
02:00:05.0169 4920 TsUsbFlt - ok
02:00:05.0232 4920 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
02:00:05.0325 4920 tunnel - ok
02:00:05.0357 4920 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
02:00:05.0372 4920 uagp35 - ok
02:00:05.0403 4920 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
02:00:05.0466 4920 udfs - ok
02:00:05.0513 4920 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
02:00:05.0544 4920 UI0Detect - ok
02:00:05.0591 4920 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
02:00:05.0606 4920 uliagpkx - ok
02:00:05.0653 4920 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
02:00:05.0684 4920 umbus - ok
02:00:05.0715 4920 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
02:00:05.0762 4920 UmPass - ok
02:00:05.0840 4920 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
02:00:05.0934 4920 upnphost - ok
02:00:05.0965 4920 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
02:00:06.0012 4920 usbccgp - ok
02:00:06.0059 4920 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
02:00:06.0105 4920 usbcir - ok
02:00:06.0121 4920 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
02:00:06.0168 4920 usbehci - ok
02:00:06.0230 4920 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
02:00:06.0308 4920 usbhub - ok
02:00:06.0339 4920 [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
02:00:06.0355 4920 usbohci - ok
02:00:06.0371 4920 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
02:00:06.0402 4920 usbprint - ok
02:00:06.0480 4920 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
02:00:06.0542 4920 usbscan - ok
02:00:06.0573 4920 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
02:00:06.0636 4920 USBSTOR - ok
02:00:06.0667 4920 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
02:00:06.0729 4920 usbuhci - ok
02:00:06.0776 4920 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
02:00:06.0823 4920 usbvideo - ok
02:00:06.0854 4920 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
02:00:06.0963 4920 UxSms - ok
02:00:06.0979 4920 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
02:00:07.0010 4920 VaultSvc - ok
02:00:07.0088 4920 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
02:00:07.0104 4920 vdrvroot - ok
02:00:07.0182 4920 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
02:00:07.0244 4920 vds - ok
02:00:07.0291 4920 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
02:00:07.0322 4920 vga - ok
02:00:07.0353 4920 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
02:00:07.0416 4920 VgaSave - ok
02:00:07.0447 4920 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
02:00:07.0478 4920 vhdmp - ok
02:00:07.0587 4920 [ FE595D1A1B781190BB483444B62CC607 ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
02:00:07.0665 4920 VIAHdAudAddService - ok
02:00:07.0697 4920 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
02:00:07.0728 4920 viaide - ok
02:00:07.0743 4920 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
02:00:07.0759 4920 volmgr - ok
02:00:07.0806 4920 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
02:00:07.0821 4920 volmgrx - ok
02:00:07.0853 4920 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
02:00:07.0868 4920 volsnap - ok
02:00:07.0931 4920 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
02:00:07.0946 4920 vsmraid - ok
02:00:08.0196 4920 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
02:00:08.0289 4920 VSS - ok
02:00:08.0399 4920 [ 40DBA03782BCC10685A8C200C5EBDCD0 ] vToolbarUpdater12.2.6 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe
02:00:08.0430 4920 vToolbarUpdater12.2.6 - ok
02:00:08.0445 4920 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
02:00:08.0523 4920 vwifibus - ok
02:00:08.0555 4920 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
02:00:08.0601 4920 vwififlt - ok
02:00:08.0664 4920 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
02:00:08.0757 4920 W32Time - ok
02:00:08.0789 4920 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
02:00:08.0804 4920 WacomPen - ok
02:00:08.0867 4920 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
02:00:08.0945 4920 WANARP - ok
02:00:08.0960 4920 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
02:00:09.0007 4920 Wanarpv6 - ok
02:00:09.0132 4920 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
02:00:09.0210 4920 WatAdminSvc - ok
02:00:09.0303 4920 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
02:00:09.0397 4920 wbengine - ok
02:00:09.0444 4920 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
02:00:09.0491 4920 WbioSrvc - ok
02:00:09.0537 4920 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
02:00:09.0615 4920 wcncsvc - ok
02:00:09.0615 4920 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
02:00:09.0678 4920 WcsPlugInService - ok
02:00:09.0709 4920 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
02:00:09.0725 4920 Wd - ok
02:00:09.0756 4920 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
02:00:09.0787 4920 Wdf01000 - ok
02:00:09.0787 4920 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
02:00:09.0896 4920 WdiServiceHost - ok
02:00:09.0912 4920 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
02:00:09.0943 4920 WdiSystemHost - ok
02:00:09.0990 4920 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
02:00:10.0068 4920 WebClient - ok
02:00:10.0099 4920 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
02:00:10.0193 4920 Wecsvc - ok
02:00:10.0208 4920 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
02:00:10.0271 4920 wercplsupport - ok
02:00:10.0302 4920 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
02:00:10.0395 4920 WerSvc - ok
02:00:10.0442 4920 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
02:00:10.0489 4920 WfpLwf - ok
02:00:10.0520 4920 [ 52DED146E4797E6CCF94799E8E22BB2A ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
02:00:10.0536 4920 WimFltr - ok
02:00:10.0551 4920 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
02:00:10.0567 4920 WIMMount - ok
02:00:10.0598 4920 WinDefend - ok
02:00:10.0598 4920 WinHttpAutoProxySvc - ok
02:00:10.0661 4920 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
02:00:10.0785 4920 Winmgmt - ok
02:00:10.0848 4920 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
02:00:10.0973 4920 WinRM - ok
02:00:11.0035 4920 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
02:00:11.0082 4920 WinUsb - ok
02:00:11.0144 4920 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
02:00:11.0222 4920 Wlansvc - ok
02:00:11.0347 4920 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
02:00:11.0425 4920 wlidsvc - ok
02:00:11.0456 4920 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
02:00:11.0503 4920 WmiAcpi - ok
02:00:11.0534 4920 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
02:00:11.0565 4920 wmiApSrv - ok
02:00:11.0612 4920 WMPNetworkSvc - ok
02:00:11.0706 4920 [ 83B6CA03C846FCD47F9883D77D1EB27B ] WMZuneComm C:\Program Files\Zune\WMZuneComm.exe
02:00:11.0971 4920 WMZuneComm - ok
02:00:11.0987 4920 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
02:00:12.0049 4920 WPCSvc - ok
02:00:12.0096 4920 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
02:00:12.0158 4920 WPDBusEnum - ok
02:00:12.0189 4920 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
02:00:12.0267 4920 ws2ifsl - ok
02:00:12.0314 4920 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
02:00:12.0392 4920 wscsvc - ok
02:00:12.0392 4920 WSearch - ok
02:00:12.0501 4920 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
02:00:12.0673 4920 wuauserv - ok
02:00:12.0689 4920 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
02:00:12.0751 4920 WudfPf - ok
02:00:12.0813 4920 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
02:00:12.0923 4920 WUDFRd - ok
02:00:12.0954 4920 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
02:00:13.0032 4920 wudfsvc - ok
02:00:13.0063 4920 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
02:00:13.0125 4920 WwanSvc - ok
02:00:13.0375 4920 [ 67B787C34FB2888D01B130AE007042D8 ] ZuneNetworkSvc C:\Program Files\Zune\ZuneNss.exe
02:00:13.0671 4920 ZuneNetworkSvc - ok
02:00:13.0718 4920 [ 4D89FC1C20CF655739EFAC5DA81A67BC ] ZuneWlanCfgSvc C:\Program Files\Zune\ZuneWlanCfgSvc.exe
02:00:13.0765 4920 ZuneWlanCfgSvc - ok
02:00:13.0796 4920 ================ Scan global ===============================
02:00:13.0827 4920 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
02:00:13.0905 4920 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
02:00:13.0999 4920 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
02:00:14.0061 4920 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
02:00:14.0155 4920 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
02:00:14.0202 4920 [Global] - ok
02:00:14.0202 4920 ================ Scan MBR ==================================
02:00:14.0233 4920 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
02:00:14.0639 4920 \Device\Harddisk0\DR0 - ok
02:00:14.0639 4920 ================ Scan VBR ==================================
02:00:14.0639 4920 [ 04E7C9DD1349CAC8666B07A951B37BF7 ] \Device\Harddisk0\DR0\Partition1
02:00:14.0639 4920 \Device\Harddisk0\DR0\Partition1 - ok
02:00:14.0639 4920 ================ Scan active images ========================
02:00:14.0639 4920 ============================================================
02:00:14.0639 4920 Scan finished
02:00:14.0639 4920 ============================================================
02:00:14.0670 5216 Detected object count: 3
02:00:14.0670 5216 Actual detected object count: 3
02:01:25.0962 5216 ADSMService ( UnsignedFile.Multi.Generic ) - skipped by user
02:01:25.0962 5216 ADSMService ( UnsignedFile.Multi.Generic ) - User select action: Skip
02:01:25.0962 5216 ATKGFNEXSrv ( UnsignedFile.Multi.Generic ) - skipped by user
02:01:25.0962 5216 ATKGFNEXSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
02:01:25.0978 5216 ProtexisLicensing ( UnsignedFile.Multi.Generic ) - skipped by user
02:01:25.0978 5216 ProtexisLicensing ( UnsignedFile.Multi.Generic ) - User select action: Skip
  • 0

#5
irshrose

irshrose

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
OTL logfile created on: 10/8/2012 2:18:47 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Rose\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.97 Gb Total Physical Memory | 2.48 Gb Available Physical Memory | 62.56% Memory free
7.93 Gb Paging File | 6.16 Gb Available in Paging File | 77.65% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 278.56 Gb Total Space | 233.70 Gb Free Space | 83.90% Space Free | Partition Type: NTFS

Computer Name: ROSE-PC | User Name: Rose | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/10/08 02:16:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Rose\Downloads\OTL (2).exe
PRC - [2012/10/08 01:40:07 | 002,212,440 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Rose\AppData\Local\Temp\4B2E9D7D-E49B-4955-9D30-F3233CA56B25.exe
PRC - [2012/09/29 14:08:41 | 000,722,528 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe
PRC - [2012/09/29 14:08:39 | 000,947,808 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
PRC - [2012/09/23 13:25:29 | 000,690,096 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_4_402_278_ActiveX.exe
PRC - [2012/07/27 15:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/06/11 16:22:16 | 000,240,208 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.EXE
PRC - [2012/03/14 19:00:26 | 000,216,208 | ---- | M] (Speeding Software Inc) -- C:\Program Files (x86)\Speeding Software\SpeedyComputer\SPPCReminder.exe
PRC - [2012/03/14 19:00:26 | 000,195,216 | ---- | M] (Speeding Software Inc) -- C:\Program Files (x86)\Speeding Software\SpeedyComputer\SPPCSmartScan.exe
PRC - [2012/02/23 12:30:40 | 000,059,240 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
PRC - [2011/10/01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011/10/01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011/05/27 16:58:48 | 000,793,416 | ---- | M] (AVG) -- C:\Program Files (x86)\AVG\AVG PC Tuneup 2011\BoostSpeed.exe
PRC - [2010/06/15 18:31:07 | 003,058,304 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe
PRC - [2010/01/04 19:43:36 | 001,597,440 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
PRC - [2009/11/24 15:45:36 | 000,053,888 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
PRC - [2009/11/02 16:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2009/08/19 22:31:48 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
PRC - [2009/08/17 11:58:46 | 006,859,392 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
PRC - [2009/08/12 16:20:46 | 000,178,816 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
PRC - [2009/07/31 12:38:24 | 000,305,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
PRC - [2009/06/19 12:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
PRC - [2009/06/19 12:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
PRC - [2009/06/15 19:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe
PRC - [2008/12/22 19:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
PRC - [2008/08/13 23:00:08 | 000,113,208 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
PRC - [2008/08/13 22:59:56 | 000,301,624 | ---- | M] () -- C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe
PRC - [2008/03/31 04:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
PRC - [2007/11/30 13:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
PRC - [2007/10/05 08:30:26 | 000,410,864 | ---- | M] () -- C:\Program Files (x86)\Dell 968 AIO Printer\memcard.exe
PRC - [2007/10/05 08:30:18 | 000,455,920 | ---- | M] () -- C:\Program Files (x86)\Dell 968 AIO Printer\dldomon.exe
PRC - [2007/08/08 02:08:40 | 000,094,208 | ---- | M] () -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe
PRC - [2006/11/02 20:40:12 | 000,174,656 | ---- | M] () -- C:\Windows\SysWOW64\PSIService.exe


========== Modules (No Company Name) ==========

MOD - [2012/09/29 14:08:41 | 000,564,832 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\DNTInstaller\12.2.6\avgdttbx.dll
MOD - [2012/09/29 14:08:41 | 000,132,704 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\12.2.6\SiteSafety.dll
MOD - [2012/09/29 14:08:39 | 000,947,808 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
MOD - [2011/09/27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/05/25 11:53:14 | 000,350,024 | ---- | M] () -- C:\Program Files (x86)\AVG\AVG PC Tuneup 2011\madExcept_.bpl
MOD - [2011/05/25 11:53:12 | 000,184,136 | ---- | M] () -- C:\Program Files (x86)\AVG\AVG PC Tuneup 2011\madBasic_.bpl
MOD - [2011/05/25 11:53:12 | 000,050,504 | ---- | M] () -- C:\Program Files (x86)\AVG\AVG PC Tuneup 2011\madDisAsm_.bpl
MOD - [2010/01/04 19:43:36 | 001,597,440 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
MOD - [2009/11/24 15:45:36 | 000,053,888 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
MOD - [2009/11/02 16:23:36 | 000,013,096 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
MOD - [2009/11/02 16:20:10 | 000,619,816 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
MOD - [2007/11/30 13:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
MOD - [2007/10/05 08:30:26 | 000,410,864 | ---- | M] () -- C:\Program Files (x86)\Dell 968 AIO Printer\memcard.exe
MOD - [2007/10/05 08:30:18 | 000,455,920 | ---- | M] () -- C:\Program Files (x86)\Dell 968 AIO Printer\dldomon.exe
MOD - [2007/09/06 15:38:30 | 000,278,528 | ---- | M] () -- C:\Program Files (x86)\Dell 968 AIO Printer\dldoscw.dll
MOD - [2007/08/01 03:15:51 | 000,077,906 | ---- | M] () -- C:\Program Files (x86)\Dell 968 AIO Printer\dldocfg.dll
MOD - [2007/06/15 12:28:36 | 000,147,456 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll
MOD - [2007/06/01 19:08:18 | 000,143,360 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
MOD - [2007/05/03 10:39:31 | 000,589,824 | ---- | M] () -- C:\Program Files (x86)\Dell 968 AIO Printer\dldodatr.dll
MOD - [2007/04/09 08:16:00 | 000,147,456 | ---- | M] () -- C:\Program Files (x86)\Dell 968 AIO Printer\DLDOptp.dll
MOD - [2006/12/28 10:47:42 | 000,073,728 | ---- | M] () -- C:\Program Files (x86)\Dell 968 AIO Printer\dldocats.dll


========== Services (SafeList) ==========

SRV:64bit: - [2012/09/12 21:21:48 | 000,368,896 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2012/09/12 21:21:48 | 000,022,072 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2011/08/05 12:53:12 | 000,467,680 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\ZuneWlanCfgSvc.exe -- (ZuneWlanCfgSvc)
SRV:64bit: - [2011/08/05 12:53:12 | 000,306,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\WMZuneComm.exe -- (WMZuneComm)
SRV:64bit: - [2011/08/05 12:53:06 | 008,277,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\ZuneNss.exe -- (ZuneNetworkSvc)
SRV:64bit: - [2009/12/07 18:16:34 | 000,379,520 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2007/10/05 08:31:20 | 000,034,032 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysNative\spool\DRIVERS\x64\3\\dldoserv.exe -- (dldoCATSCustConnectService)
SRV:64bit: - [2007/10/05 08:31:08 | 001,044,720 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\dldocoms.exe -- (dldo_device)
SRV:64bit: - [2007/08/08 02:08:40 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2012/09/29 14:08:41 | 000,722,528 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe -- (vToolbarUpdater12.2.6)
SRV - [2012/09/23 14:25:20 | 000,250,288 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/27 15:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/06/11 16:22:16 | 000,240,208 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.EXE -- (BBUpdate)
SRV - [2012/06/11 16:22:16 | 000,193,616 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.EXE -- (BBSvc)
SRV - [2011/10/01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011/10/01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2010/03/18 16:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/15 19:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/03/31 04:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) [On_Demand | Running] -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe -- (ADSMService)
SRV - [2007/10/05 08:31:20 | 000,034,032 | ---- | M] () [Auto | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\\dldoserv.exe -- (dldoCATSCustConnectService)
SRV - [2007/10/05 08:30:34 | 000,595,184 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysWOW64\dldocoms.exe -- (dldo_device)
SRV - [2006/11/02 20:40:12 | 000,174,656 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PSIService.exe -- (ProtexisLicensing)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/10/07 19:56:27 | 000,015,672 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SWDUMon.sys -- (SWDUMon)
DRV:64bit: - [2012/09/29 14:08:41 | 000,031,080 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:64bit: - [2012/08/30 22:03:48 | 000,128,456 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012/08/24 15:43:16 | 000,384,352 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2012/07/26 03:21:28 | 000,291,680 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2012/04/19 04:50:26 | 000,028,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)
DRV:64bit: - [2012/03/08 18:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/12/23 13:32:14 | 000,047,696 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2011/10/01 09:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2011/10/01 09:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2011/10/01 09:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2011/10/01 09:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2011/06/27 01:37:00 | 002,753,536 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2011/05/23 01:03:28 | 000,048,992 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgfwd6a.sys -- (Avgfwfd)
DRV:64bit: - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/11 19:16:38 | 010,628,640 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010/11/20 08:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 06:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/06/15 18:28:05 | 000,035,384 | ---- | M] (ASUSTek Computer Inc) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\AsDsm.sys -- (AsDsm)
DRV:64bit: - [2009/12/30 11:21:26 | 000,031,800 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\revoflt.sys -- (Revoflt)
DRV:64bit: - [2009/10/15 04:23:19 | 000,117,760 | ---- | M] (ELAN Microelectronic Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2009/08/23 00:08:07 | 000,056,320 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1E62x64.sys -- (L1E)
DRV:64bit: - [2009/08/11 22:38:01 | 001,799,680 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC)
DRV:64bit: - [2009/08/06 16:24:13 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/07/20 04:29:39 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/09 03:11:31 | 001,222,144 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:64bit: - [2009/06/18 14:18:10 | 000,015,928 | ---- | M] (Windows ® Win 7 DDK provider) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\lullaby.sys -- (lullaby)
DRV:64bit: - [2009/06/10 15:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/12 20:07:19 | 000,015,928 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATK64AMD.sys -- (MTsensor)
DRV:64bit: - [2008/05/23 19:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV:64bit: - [2007/07/24 13:11:32 | 000,014,904 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Users\Rose\Downloads
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.pageset.com/slp?sid=0d9 [Binary data over 200 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
IE - HKCU\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKCU\..\SearchScopes\{686C96DA-287D-44BF-BE0B-62DD8D64593B}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = https://isearch.avg....pr&d=2012-09-29 14:08:41&v=12.2.5.34&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}: "URL" = http://toolbar.inbox...id=80051&lng=en
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_278.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@bestbuy.com/npBestBuyPcAppDetector,version=1.0: C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll (Best Buy)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_278.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\12.2.6\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@bestbuy.com/npBestBuyPcAppDetector,version=1.0: C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll (Best Buy)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_35: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\npEpicPlayDisplayHost: C:\Program Files (x86)\EpicPlay\npEpicHost.dll ( )
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Rose\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Rose\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG2012\Firefox4\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\ProgramData\AVG Secure Search\11.1.0.12\ [2012/07/10 13:49:10 | 000,000,000 | ---D | M]

[2010/09/15 21:35:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rose\AppData\Roaming\Mozilla\Extensions
[2012/10/07 15:21:59 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/09/19 16:14:24 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/11/06 23:30:53 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/03/04 00:37:55 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011/06/23 07:06:28 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2012/07/02 18:49:06 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2012/09/06 11:31:37 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2011/03/18 14:32:12 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npCouponPrinter.dll
[2011/03/18 14:32:14 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npMozCouponPrinter.dll
[2012/09/29 14:08:38 | 000,003,769 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml

========== Chrome ==========

CHR - homepage: http://asus.msn.com/
CHR - default_search_provider: AVG Secure Search (Enabled)
CHR - default_search_provider: search_url = http://isearch.avg.c...pr&d=2011-11-02 10:28:56&v=11.1.0.12&sap=dsp&q={searchTerms}
CHR - default_search_provider: suggest_url = http://clients5.goog...outputEncoding}
CHR - homepage: http://asus.msn.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Rose\AppData\Local\Google\Chrome\Application\22.0.1229.79\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Disabled) = C:\Users\Rose\AppData\Local\Google\Chrome\Application\22.0.1229.79\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Rose\AppData\Local\Google\Chrome\Application\22.0.1229.79\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Rose\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: AVG Internet Security (Enabled) = C:\Users\Rose\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\plugins/avgnpss.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll
CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll
CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: EpicPlay NPAPI Display Host (Enabled) = C:\Program Files (x86)\EpicPlay\npEpicHost.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Best Buy pc app Detector (Enabled) = C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Rose\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: Fancy Gaming Simplifier = C:\Users\Rose\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahcaniaehcjkignnobkmdgacafghkplh\2.0.0.1_0\
CHR - Extension: Bejeweled 2 = C:\Users\Rose\AppData\Local\Google\Chrome\User Data\Default\Extensions\akphcmbagmeiogjbadpijeijneplndlm\0.1.0.6_0\
CHR - Extension: Cloud Reader = C:\Users\Rose\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjnkloegafmkhgpjglcbldhaokjpandj\1.0.0.0_0\
CHR - Extension: YouTube = C:\Users\Rose\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Add to Amazon Wish List = C:\Users\Rose\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.9_0\
CHR - Extension: Google Search = C:\Users\Rose\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Photo Zoom for Facebook = C:\Users\Rose\AppData\Local\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi\1.1208.30.1_0\
CHR - Extension: Facebook for Chrome = C:\Users\Rose\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdalhedleemkkdjddjgfjmcnbpejpapp\5.0.3_0\
CHR - Extension: AdBlock = C:\Users\Rose\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.45_0\
CHR - Extension: Zynga = C:\Users\Rose\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcgmidjhhnnjikpigolabhacfngibde\2.3.17.1_0\
CHR - Extension: AVG Secure Search = C:\Users\Rose\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.2.5.34_0\
CHR - Extension: TimelineRemove = C:\Users\Rose\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfhopoibjodcfbppkiginpbcpekbdgln\0.8.1_0\
CHR - Extension: Gmail = C:\Users\Rose\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009/06/10 16:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (no name) - {56E4076B-A42B-4745-BA35-34DA8AC4C2F2} - No CLSID value found.
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\12.2.5.34\AVG Secure Search_toolbar.dll ()
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\12.2.5.34\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (AlcorMicro Co., Ltd.)
O4:64bit: - HKLM..\Run: [dldomon.exe] C:\Program Files (x86)\Dell 968 AIO Printer\dldomon.exe ()
O4:64bit: - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [MemoryCardManager] C:\Program Files (x86)\Dell 968 AIO Printer\memcard.exe ()
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" File not found
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [HF_G_Jul] "C:\Program Files (x86)\AVG Secure Search\HF_G_Jul.exe" /DoAction File not found
O4 - HKLM..\Run: [ROC_roc_dec12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12 File not found
O4 - HKLM..\Run: [ROC_ROC_NT] C:\Program Files (x86)\AVG Secure Search\ROC_ROC_NT.exe ()
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
O4 - HKCU..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.)
O4 - HKCU..\Run: [SpeedyComputer] C:\Program Files (x86)\Speeding Software\SpeedyComputer\SPPCLauncher.exe (Speeding Software Inc)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} http://support.asus....k_sys_ctrl3.cab (asusTek_sysctrl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_35)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AA2B13B8-4CF1-4FFE-BAA4-13D73679BC17}: DhcpNameServer = 192.168.1.254
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\12.2.6\ViProtocol.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{06c9eaa6-be85-11df-b8f2-485b398c39fc}\Shell - "" = AutoRun
O33 - MountPoints2\{06c9eaa6-be85-11df-b8f2-485b398c39fc}\Shell\AutoRun\command - "" = D:\LiteAuto.exe
O33 - MountPoints2\D\Shell - "" = AutoRun
O33 - MountPoints2\D\Shell\AutoRun\command - "" = D:\LiteAuto.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)


CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012/10/07 19:36:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
[2012/10/07 19:36:45 | 000,000,000 | ---D | C] -- C:\Users\Rose\AppData\Local\WinZip
[2012/10/07 19:36:38 | 000,000,000 | ---D | C] -- C:\ProgramData\WinZip
[2012/10/07 19:36:35 | 000,000,000 | ---D | C] -- C:\Program Files\WinZip
[2012/10/07 16:08:19 | 000,000,000 | ---D | C] -- C:\Users\Rose\AppData\Roaming\SpeedyComputer
[2012/10/07 16:08:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speeding Software
[2012/10/07 16:08:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Speeding Software
[2012/10/07 15:34:01 | 000,000,000 | ---D | C] -- C:\Users\Rose\AppData\Local\{3A22CDAA-CBB4-41A5-BEE1-56143D86082A}
[2012/10/06 22:12:17 | 000,000,000 | ---D | C] -- C:\Users\Rose\AppData\Local\{E5144087-656E-4348-B086-4C853A394C66}
[2012/10/06 21:29:41 | 000,000,000 | ---D | C] -- C:\Users\Rose\AppData\Local\{EEA2A478-B91B-4254-9A20-9870BD90AF3F}
[2012/10/06 21:19:19 | 000,000,000 | ---D | C] -- C:\Users\Rose\AppData\Local\{0E6CE802-92AC-4288-8FE0-3F081414F8A2}
[2012/10/06 20:42:04 | 000,000,000 | ---D | C] -- C:\Users\Rose\AppData\Roaming\FixCleaner
[2012/10/06 20:41:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FixCleaner
[2012/10/06 19:51:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSECACHE
[2012/10/05 17:42:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client
[2012/10/05 17:41:58 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2012/10/05 04:22:06 | 000,000,000 | ---D | C] -- C:\Users\Rose\AppData\Local\{D2FDAD6B-B6EA-471D-AF90-252BF974E185}
[2012/10/04 15:24:21 | 000,000,000 | ---D | C] -- C:\Users\Rose\AppData\Local\{C1DAE43A-3E6E-4185-ADDF-86C1789FEAA9}
[2012/09/30 11:05:52 | 000,000,000 | ---D | C] -- C:\Users\Rose\AppData\Local\{17BA8F5A-D9F8-408B-9EFF-A491748A748D}
[2012/09/29 16:51:35 | 000,000,000 | ---D | C] -- C:\Users\Rose\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012/09/29 15:48:02 | 000,000,000 | ---D | C] -- C:\AVGTemp
[2012/09/29 15:33:33 | 001,681,792 | ---- | C] (AVG) -- C:\Users\Rose\Desktop\AVG_ClickNFix_178122_en_US (msi action failed).exe
[2012/09/29 15:14:23 | 000,000,000 | ---D | C] -- C:\Users\Rose\AppData\Local\VS Revo Group
[2012/09/29 15:14:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
[2012/09/29 15:14:19 | 000,031,800 | ---- | C] (VS Revo Group) -- C:\Windows\SysNative\drivers\revoflt.sys
[2012/09/29 15:14:18 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2012/09/29 14:43:35 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2013
[2012/09/29 14:40:35 | 000,000,000 | ---D | C] -- C:\Users\Rose\AppData\Local\MFAData
[2012/09/29 14:40:35 | 000,000,000 | ---D | C] -- C:\Users\Rose\AppData\Local\Avg2013
[2012/09/29 14:37:22 | 004,411,400 | ---- | C] (AVG Technologies) -- C:\Users\Rose\Desktop\avg_isc_stb_all_2013_2667.exe
[2012/09/29 14:32:06 | 000,000,000 | ---D | C] -- C:\Users\Rose\AppData\Local\LogMeIn Rescue Applet
[2012/09/29 14:08:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2012/09/29 14:08:41 | 000,031,080 | ---- | C] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
[2012/09/29 14:08:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG Secure Search
[2012/09/29 13:45:22 | 000,000,000 | ---D | C] -- C:\Users\Rose\AppData\Local\{CEE5EFE1-2AA1-4127-9DCC-3995ACA5BA92}
[2012/09/29 11:18:33 | 000,000,000 | ---D | C] -- C:\Users\Rose\AppData\Local\{E3CB6831-0697-46C7-A4CA-E6D3AA27E0CB}
[2012/09/28 10:53:30 | 000,000,000 | ---D | C] -- C:\Users\Rose\AppData\Local\{3C73C211-3FE2-4F50-8F09-491C2B4D83E7}
[2012/09/26 09:47:38 | 000,000,000 | ---D | C] -- C:\Users\Rose\AppData\Local\{A9B0FC70-08B7-4FF3-95A8-686620867CF3}
[2012/09/25 12:42:24 | 000,000,000 | ---D | C] -- C:\Users\Rose\AppData\Local\{297B103E-C905-4238-80F6-545788F228E4}
[2008/08/11 23:45:20 | 000,155,648 | ---- | C] (ASUS) -- C:\Program Files (x86)\Common Files\MSIactionall.dll
[21 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/10/08 02:25:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/10/08 02:00:00 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3736665533-2318909009-3329022319-1000UA.job
[2012/10/08 01:57:48 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/10/08 01:57:48 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/10/08 01:50:21 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/10/08 01:50:18 | 3193,765,888 | -HS- | M] () -- C:\hiberfil.sys
[2012/10/07 19:56:27 | 000,015,672 | ---- | M] () -- C:\Windows\SysNative\drivers\SWDUMon.sys
[2012/10/07 19:54:42 | 000,006,768 | ---- | M] () -- C:\bootsqm.dat
[2012/10/07 19:36:50 | 000,002,283 | ---- | M] () -- C:\Users\Public\Desktop\WinZip.lnk
[2012/10/07 19:29:12 | 000,000,017 | ---- | M] () -- C:\Users\Rose\AppData\Local\resmon.resmoncfg
[2012/10/07 17:00:27 | 000,002,254 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini
[2012/10/07 17:00:00 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3736665533-2318909009-3329022319-1000Core.job
[2012/10/07 16:08:13 | 000,001,279 | ---- | M] () -- C:\Users\Rose\Desktop\SpeedyComputer.lnk
[2012/10/05 17:50:56 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
[2012/09/29 16:51:40 | 000,002,366 | ---- | M] () -- C:\Users\Rose\Desktop\Google Chrome.lnk
[2012/09/29 15:26:44 | 000,045,056 | ---- | M] () -- C:\Windows\SysNative\acovcnt.exe
[2012/09/29 15:14:21 | 000,001,103 | ---- | M] () -- C:\Users\Rose\Application Data\Microsoft\Internet Explorer\Quick Launch\Revo Uninstaller Pro.lnk
[2012/09/29 15:14:21 | 000,001,079 | ---- | M] () -- C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
[2012/09/29 15:03:59 | 000,001,375 | ---- | M] () -- C:\Windows\SysNative\ServiceFilter.ini
[2012/09/29 14:08:41 | 000,031,080 | ---- | M] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
[2012/09/29 12:00:10 | 001,681,792 | ---- | M] (AVG) -- C:\Users\Rose\Desktop\AVG_ClickNFix_178122_en_US (msi action failed).exe
[2012/09/29 11:20:01 | 096,052,554 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2012/09/27 12:36:03 | 000,627,985 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\iavifw.avm
[2012/09/26 11:52:39 | 000,529,908 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\iavichjg.avm
[2012/09/18 11:00:08 | 004,411,400 | ---- | M] (AVG Technologies) -- C:\Users\Rose\Desktop\avg_isc_stb_all_2013_2667.exe
[2012/09/13 12:19:39 | 000,733,528 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/09/13 12:19:39 | 000,629,006 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/09/13 12:19:39 | 000,108,894 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[21 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/10/07 19:54:42 | 000,006,768 | ---- | C] () -- C:\bootsqm.dat
[2012/10/07 19:36:50 | 000,002,283 | ---- | C] () -- C:\Users\Public\Desktop\WinZip.lnk
[2012/10/07 19:29:12 | 000,000,017 | ---- | C] () -- C:\Users\Rose\AppData\Local\resmon.resmoncfg
[2012/10/07 16:08:13 | 000,001,279 | ---- | C] () -- C:\Users\Rose\Desktop\SpeedyComputer.lnk
[2012/10/05 17:50:56 | 000,001,945 | ---- | C] () -- C:\Windows\epplauncher.mif
[2012/10/05 17:42:20 | 000,002,119 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2012/09/29 16:51:40 | 000,002,366 | ---- | C] () -- C:\Users\Rose\Desktop\Google Chrome.lnk
[2012/09/29 16:50:45 | 000,000,904 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3736665533-2318909009-3329022319-1000UA.job
[2012/09/29 16:50:45 | 000,000,852 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3736665533-2318909009-3329022319-1000Core.job
[2012/09/29 15:37:44 | 001,565,744 | ---- | C] () -- C:\Users\Rose\Desktop\AVG_Remover_en(New).exe
[2012/09/29 15:14:21 | 000,001,103 | ---- | C] () -- C:\Users\Rose\Application Data\Microsoft\Internet Explorer\Quick Launch\Revo Uninstaller Pro.lnk
[2012/09/29 15:14:21 | 000,001,079 | ---- | C] () -- C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
[2011/12/27 15:50:18 | 000,749,804 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/08/09 14:45:39 | 000,385,024 | ---- | C] () -- C:\Windows\SysWow64\dldocomx.dll
[2011/08/09 14:45:39 | 000,348,160 | ---- | C] () -- C:\Windows\SysWow64\dldoinst.dll
[2011/08/09 14:45:38 | 000,643,072 | ---- | C] ( ) -- C:\Windows\SysWow64\dldopmui.dll
[2011/08/09 14:45:38 | 000,503,808 | ---- | C] () -- C:\Windows\SysWow64\dldoutil.dll
[2011/08/09 14:45:38 | 000,360,448 | ---- | C] ( ) -- C:\Windows\SysWow64\dldoinpa.dll
[2011/08/09 14:45:38 | 000,339,968 | ---- | C] ( ) -- C:\Windows\SysWow64\dldoiesc.dll
[2011/08/09 14:45:38 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\dldojswr.dll
[2011/08/09 14:45:38 | 000,106,496 | ---- | C] () -- C:\Windows\SysWow64\dldoinsr.dll
[2011/08/09 14:45:38 | 000,036,864 | ---- | C] () -- C:\Windows\SysWow64\dldocur.dll
[2011/08/09 14:45:37 | 000,954,368 | ---- | C] ( ) -- C:\Windows\SysWow64\dldousb1.dll
[2011/08/09 14:45:37 | 000,176,128 | ---- | C] () -- C:\Windows\SysWow64\dldoinsb.dll
[2011/08/09 14:45:37 | 000,176,128 | ---- | C] () -- C:\Windows\SysWow64\dldoins.dll
[2011/08/09 14:45:37 | 000,086,016 | ---- | C] () -- C:\Windows\SysWow64\dldocub.dll
[2011/08/09 14:45:37 | 000,077,824 | ---- | C] () -- C:\Windows\SysWow64\dldocu.dll
[2011/08/09 14:45:36 | 001,069,056 | ---- | C] ( ) -- C:\Windows\SysWow64\dldoserv.dll
[2011/08/09 14:45:36 | 000,569,344 | ---- | C] ( ) -- C:\Windows\SysWow64\dldolmpm.dll
[2011/08/09 14:45:36 | 000,320,752 | ---- | C] ( ) -- C:\Windows\SysWow64\dldoih.exe
[2011/08/09 14:45:36 | 000,053,248 | ---- | C] ( ) -- C:\Windows\SysWow64\dldoprox.dll
[2011/08/09 14:45:35 | 000,851,968 | ---- | C] ( ) -- C:\Windows\SysWow64\dldocomc.dll
[2011/08/09 14:45:35 | 000,663,552 | ---- | C] ( ) -- C:\Windows\SysWow64\dldohbn3.dll
[2011/08/09 14:45:35 | 000,595,184 | ---- | C] ( ) -- C:\Windows\SysWow64\dldocoms.exe
[2011/08/09 14:45:35 | 000,365,808 | ---- | C] ( ) -- C:\Windows\SysWow64\dldocfg.exe
[2011/08/09 14:45:35 | 000,364,544 | ---- | C] ( ) -- C:\Windows\SysWow64\dldocomm.dll
[2011/08/09 14:45:34 | 000,077,906 | ---- | C] () -- C:\Windows\SysWow64\dldocfg.dll
[2009/04/08 12:31:56 | 000,106,496 | ---- | C] () -- C:\Program Files (x86)\Common Files\CPInstallAction.dll
[2008/05/22 10:35:54 | 000,051,962 | ---- | C] () -- C:\Program Files (x86)\Common Files\banner.jpg

========== ZeroAccess Check ==========

[2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 00:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 23:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 07:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2011/08/10 10:56:10 | 000,000,000 | ---D | M] -- C:\Users\Rose\AppData\Roaming\968 Series
[2012/10/07 20:04:31 | 000,000,000 | ---D | M] -- C:\Users\Rose\AppData\Roaming\AVG
[2012/09/29 15:20:51 | 000,000,000 | ---D | M] -- C:\Users\Rose\AppData\Roaming\AVG2012
[2011/12/24 18:11:38 | 000,000,000 | ---D | M] -- C:\Users\Rose\AppData\Roaming\com.moasis
[2012/01/06 21:41:16 | 000,000,000 | ---D | M] -- C:\Users\Rose\AppData\Roaming\com.w3i.FlipToast
[2012/03/17 16:59:34 | 000,000,000 | ---D | M] -- C:\Users\Rose\AppData\Roaming\DriverCure
[2012/01/02 14:28:44 | 000,000,000 | ---D | M] -- C:\Users\Rose\AppData\Roaming\E-centives
[2012/10/06 21:19:22 | 000,000,000 | ---D | M] -- C:\Users\Rose\AppData\Roaming\FixCleaner
[2012/10/07 15:22:27 | 000,000,000 | ---D | M] -- C:\Users\Rose\AppData\Roaming\SoftGrid Client
[2012/10/07 16:08:19 | 000,000,000 | ---D | M] -- C:\Users\Rose\AppData\Roaming\SpeedyComputer
[2012/03/17 16:59:33 | 000,000,000 | ---D | M] -- C:\Users\Rose\AppData\Roaming\SpeedyPC Software
[2011/12/27 15:51:17 | 000,000,000 | ---D | M] -- C:\Users\Rose\AppData\Roaming\TP
[2012/06/04 17:19:58 | 000,000,000 | ---D | M] -- C:\Users\Rose\AppData\Roaming\Windows Live Writer

========== Purity Check ==========



========== Custom Scans ==========

< >
[2009/07/14 00:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009/07/14 00:08:49 | 000,032,556 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012/04/12 05:56:52 | 000,000,830 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2012/09/29 16:50:45 | 000,000,852 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3736665533-2318909009-3329022319-1000Core.job
[2012/09/29 16:50:45 | 000,000,904 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3736665533-2318909009-3329022319-1000UA.job

< %SYSTEMDRIVE%\*.exe >

< MD5 for: EXPLORER.EXE >
[2011/02/26 01:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011/02/26 00:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009/07/13 20:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011/02/26 00:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2010/06/15 18:46:12 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011/02/26 00:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011/02/25 01:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/25 01:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 01:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/20 07:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2010/06/15 18:42:49 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011/02/25 00:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/25 00:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/06/15 18:46:12 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2010/06/15 18:42:49 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010/11/20 08:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2010/06/15 18:46:12 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2010/06/15 18:42:49 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009/07/13 20:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2010/06/15 18:46:12 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011/02/26 01:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2010/06/15 18:42:49 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: SERVICES.EXE >
[2009/07/13 20:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009/07/13 20:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

< MD5 for: SVCHOST.EXE >
[2009/07/13 20:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/13 20:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009/07/13 20:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/13 20:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: USERINIT.EXE >
[2010/11/20 07:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/20 07:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/13 20:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/13 20:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010/11/20 08:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/20 08:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010/11/20 08:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/20 08:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009/07/13 20:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2010/06/15 18:46:12 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2010/06/15 18:46:12 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< %systemroot%\*. /mp /s >

========== Files - Unicode (All) ==========
[2011/02/10 22:39:35 | 000,000,036 | ---- | M] ()(C:\Windows\SysWow64\??) -- C:\Windows\SysWow64\蜸Λ
[2011/02/10 22:39:35 | 000,000,036 | ---- | C] ()(C:\Windows\SysWow64\??) -- C:\Windows\SysWow64\蜸Λ

========== Alternate Data Streams ==========

@Alternate Data Stream - 187 bytes -> C:\ProgramData\Temp:0B4227B4
@Alternate Data Stream - 120 bytes -> C:\ProgramData\Temp:F71C42D3
@Alternate Data Stream - 112 bytes -> C:\ProgramData\Temp:E0718E77

< End of report >
  • 0

#6
irshrose

irshrose

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
I couldn't find any OTL extra log.
  • 0

#7
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Hi irshrose,

But now my compter is missing an MSI file


Do you get any error messages? If you do, when do you get this message and what does it say.

Step 1

Download and Install Combofix

Download ComboFix from one of the following locations:

Link 1
Link 2

VERY IMPORTANT !!! Save ComboFix.exe to your Desktop *

IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here

  • Double click on ComboFix.exe & follow the prompts.
  • Accept the disclaimer and allow to update if it asks

    Posted Image

    Posted Image
  • When finished, it shall produce a log for you.
  • Please include the C:\ComboFix.txt in your next reply.

Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.


Please make sure you include the combo fix log in your next reply

Step 2

Please download Farbar Service Scanner and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center
    • Windows Update
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


Step 3


Please don't forget to include these items in your reply:


  • Combofix log
  • FSS log
It would be helpful if you could post each log in separate post using "Add Reply" button
  • 0

#8
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Hi irshrose,

Are you still with me?
  • 0

#9
irshrose

irshrose

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
Yes still with you, i just got your message this morning. Its 5 am. here. I will follow these latest instructions and get back with you this afternoon.
thanks so much for your time and attention.
  • 0

#10
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP