1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

I think my PC has a rootkit/malware/ect

Discussion in 'Virus & Other Malware Removal' started by imagineverything, Feb 18, 2013.

Thread Status:
Not open for further replies.
Advertisement
  1. imagineverything

    imagineverything Thread Starter

    Joined:
    Dec 8, 2010
    Messages:
    14
    Hi,

    My computer has been acting really slowly and becomes non responsive at times. There is some internet traffic redirecting. I have attached the logs that you can use to pinpoint the problem.


    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 11:45:46 PM, on 2/17/2013
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v9.00 (9.00.8112.16457)
    Boot mode: Safe mode with network support
    Running processes:
    C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
    c:\program files (x86)\teamviewer\version8\TeamViewer_Desktop.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Java\jre7\bin\jp2launcher.exe
    C:\Program Files (x86)\Java\jre7\bin\java.exe
    C:\Windows\SysWOW64\NOTEPAD.EXEa
    C:\Program Files (x86)\Secunia\PSI\PSI_TRAY.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Users\Desktop\Downloads\fsopqlbs.exe
    C:\Users\Desktop\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\00U8671C\HijackThis.exe
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.nytimes.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK/1
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files (x86)\Orbitdownloader\orbitcth.dll
    O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\McAfee\VirusScan Enterprise\scriptsn.dll
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
    O2 - BHO: Microsoft Live Search Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    O3 - Toolbar: Microsoft Live Search Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll
    O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll
    O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O4 - HKLM\..\Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
    O4 - HKLM\..\Run: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files (x86)\McAfee\Common Framework\udaterui.exe" /StartedFromRunKey
    O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files (x86)\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE
    O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
    O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
    O4 - HKLM\..\Run: [NBAgent] "C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart
    O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
    O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
    O4 - HKLM\..\Run: [FileZilla Server Interface] "C:\Program Files (x86)\FileZilla Server\FileZilla Server Interface.exe"
    O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [mcpltui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [Granola] "C:\Program Files (x86)\MiserWare\Granola Personal\granola.exe"
    O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe" -quiet
    O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_135_ActiveX.exe -update activex
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
    O4 - Startup: Canon IJ Status Monitor Canon MX410 series Printer.lnk = ?
    O4 - Startup: Dropbox.lnk = Desktop\AppData\Roaming\Dropbox\bin\Dropbox.exe
    O4 - Startup: Launch Utility Application.lnk = Desktop\AppData\Roaming\Verizon\UA_ar\UtilityApplication.exe
    O4 - Startup: PdaNet Desktop.lnk = C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe
    O4 - Global Startup: Secunia PSI Tray.lnk = C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
    O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/201
    O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/204
    O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/203
    O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/202
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.adobe.com/pub/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} (JuniperSetupClientControl Class) - https://ssl.binghamton.edu/dana-cached/sc/JuniperSetupClient.cab
    O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
    O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll
    O20 - AppInit_DLLs: acaptuser32.dll
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
    O23 - Service: AMD RAIDXpert (AMD_RAIDXpert) - AMD - C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: FileZilla Server FTP server (FileZilla Server) - FileZilla Project - C:\Program Files (x86)\FileZilla Server\FileZilla Server.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: Granola PM Manager - Unknown owner - C:\Program Files (x86)\MiserWare\Granola Personal\GranolaManager.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: McAfee Home Network (HomeNetSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
    O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
    O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe
    O23 - Service: McAfee Engine Service (McAfeeEngineService) - McAfee, Inc. - C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\engineserver.exe
    O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
    O23 - Service: McAfee Personal Firewall (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
    O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
    O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe
    O23 - Service: McAfee Platform Services (mcpltsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
    O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
    O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\mcshield.exe
    O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files (x86)\McAfee\VirusScan Enterprise\vstskmgr.exe
    O23 - Service: McAfee Anti-Malware Core (mfecore) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
    O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
    O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing)
    O23 - Service: McAfee Online Backup (MOBKbackup) - McAfee, Inc. - C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe
    O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
    O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\PSIA.exe
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
    O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
    --
    End of file - 19357 bytes
    DDS (Ver_2012-11-20.01) - NTFS_AMD64 NETWORK
    Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 10.10.2
    Run by Desktop at 23:35:29 on 2013-02-17
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.2808.1855 [GMT -5:00]
    .
    AV: McAfee VirusScan Enterprise *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\system32\mfevtps.exe
    C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
    C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\System32\dinotify.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\ctfmon.exe
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
    c:\program files (x86)\teamviewer\version8\TeamViewer_Desktop.exe
    C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe
    C:\Program Files\McAfee\MAT\McPvTray.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Java\jre7\bin\jp2launcher.exe
    C:\Program Files (x86)\Java\jre7\bin\java.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\System32\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.nytimes.com/
    BHO: Octh Class: {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files (x86)\Orbitdownloader\orbitcth.dll
    BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
    BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: Canon Easy-WebPrint EX BHO: {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
    BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\McAfee\VirusScan Enterprise\scriptsn.dll
    BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
    BHO: Microsoft Live Search Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    TB: Microsoft Live Search Toolbar: {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll
    TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
    TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
    TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
    TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    EB: Canon Easy-WebPrint EX: {21347690-EC41-4F9A-8887-1F4AEE672439} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
    uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    uRun: [AlcoholAutomount] "C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount
    uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    uRun: [Granola] "C:\Program Files (x86)\MiserWare\Granola Personal\granola.exe"
    uRun: [Messenger (Yahoo!)] "C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe" -quiet
    uRunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_135_ActiveX.exe -update activex
    mRun: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
    mRun: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    mRun: [McAfeeUpdaterUI] "C:\Program Files (x86)\McAfee\Common Framework\udaterui.exe" /StartedFromRunKey
    mRun: [ShStatEXE] "C:\Program Files (x86)\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE
    mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
    mRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
    mRun: [NBAgent] "C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart
    mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
    mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
    mRun: [FileZilla Server Interface] "C:\Program Files (x86)\FileZilla Server\FileZilla Server Interface.exe"
    mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    mRun: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
    mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    mRun: [mcpltui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
    mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    StartupFolder: C:\Users\Desktop\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\ACCESS~1\Startup\CANONI~1.LNK - C:\Windows\System32\rundll32.exe
    StartupFolder: C:\Users\Desktop\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\ACCESS~1\Startup\Dropbox.lnk - C:\Users\Desktop\AppData\Roaming\Dropbox\bin\Dropbox.exe
    StartupFolder: C:\Users\Desktop\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\ACCESS~1\Startup\LAUNCH~1.LNK - C:\Users\Desktop\AppData\Roaming\Verizon\UA_ar\UtilityApplication.exe
    StartupFolder: C:\Users\Desktop\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\ACCESS~1\Startup\PDANET~1.LNK - C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\ACCESS~1\Startup\MCAFEE~1.LNK - C:\Program Files (x86)\McAfee Online Backup\MOBKstat.exe
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\ACCESS~1\Startup\PICTUR~1.LNK - C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe
    uPolicies-Explorer: HideSCAHealth = dword:1
    mPolicies-Explorer: NoActiveDesktop = dword:1
    mPolicies-Explorer: NoActiveDesktopChanges = dword:1
    mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
    mPolicies-System: ConsentPromptBehaviorUser = dword:3
    mPolicies-System: EnableUIADesktopToggle = dword:0
    mPolicies-System: PromptOnSecureDesktop = dword:0
    IE: &Download by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/201
    IE: &Grab video by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/204
    IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
    IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
    IE: Do&wnload selected by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/203
    IE: Down&load all by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/202
    IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.adobe.com/pub/shockwave/cabs/flash/swflash.cab
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} - hxxps://ssl.binghamton.edu/dana-cached/sc/JuniperSetupClient.cab
    TCP: NameServer = 192.168.1.1
    TCP: Interfaces\{DDB9DB3C-7E9E-4B58-B090-27382F20444A} : DHCPNameServer = 192.168.1.1
    Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll
    Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
    Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
    Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    AppInit_DLLs= acaptuser32.dll
    SSODL: WebCheck - <orphaned>
    SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
    mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
    IFEO: taskmgr.exe - ""
    x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
    x64-BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\scriptsn.dll
    x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
    x64-BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
    x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    x64-TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
    x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
    x64-Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background
    x64-Run: [PC-Doctor for Windows localizer] C:\Program Files\PC-Doctor for Windows\localizer.exe
    x64-Run: [itype] "c:\Program Files\Microsoft IntelliType Pro\itype.exe"
    x64-Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
    x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
    x64-DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
    x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
    x64-Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll
    x64-Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
    x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
    x64-Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
    x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
    x64-SSODL: WebCheck - <orphaned>
    x64-STS: FencesShlExt Class - {1984DD45-52CF-49cd-AB77-18F378FEA264} - C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll
    x64-IFEO: taskmgr.exe - ""
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\Desktop\AppData\Roaming\Mozilla\Firefox\Profiles\ad8jcf8g.default\
    FF - plugin: c:\PROGRA~2\mcafee\msc\npMcSnFFPl.dll
    FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
    FF - plugin: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
    FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
    FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
    FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
    FF - plugin: C:\Program Files (x86)\McAfee\SiteAdvisor\NPMcFFPlg32.dll
    FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll
    FF - plugin: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
    FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
    FF - plugin: C:\Users\Desktop\AppData\Local\HuluDesktop\instances\0.9.14.1\nphdplg.dll
    FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll
    FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
    FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
    FF - ExtSQL: 2013-01-08 23:33; {4ED1F68A-5463-4931-9384-8FFF5ED91D92}; C:\Program Files (x86)\McAfee\SiteAdvisor
    .
    ---- FIREFOX POLICIES ----
    FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
    ============= SERVICES / DRIVERS ===============
    .
    R0 ahcix64s;ahcix64s;C:\Windows\System32\drivers\ahcix64s.sys [2010-1-28 230456]
    R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\System32\drivers\mfehidk.sys [2010-2-8 771096]
    R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\System32\drivers\mfewfpk.sys [2012-2-9 339776]
    R2 McMPFSvc;McAfee Personal Firewall;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-1-1 220856]
    R2 mcpltsvc;McAfee Platform Services;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-1-1 220856]
    R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2013-1-1 218320]
    R2 mfevtp;McAfee Validation Trust Protection Service;C:\Windows\System32\mfevtps.exe [2010-2-8 177680]
    R3 cfwids;McAfee Inc. cfwids;C:\Windows\System32\drivers\cfwids.sys [2012-11-9 69672]
    R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\System32\drivers\mfefirek.sys [2012-11-9 515528]
    R3 pneteth;PdaNet Broadband;C:\Windows\System32\drivers\pneteth.sys [2011-9-8 15360]
    R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2010-1-28 239616]
    R3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-7-9 52736]
    R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2010-1-28 34872]
    S1 MOBKFilter;MOBKFilter;C:\Windows\System32\drivers\MOBK.sys [2013-1-1 66040]
    S2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2010-1-28 203264]
    S2 AMD_RAIDXpert;AMD RAIDXpert;C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe [2009-9-19 122880]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S2 Granola PM Manager;Granola PM Manager;C:\Program Files (x86)\MiserWare\Granola Personal\GranolaManager.exe [2012-8-31 444656]
    S2 HomeNetSvc;McAfee Home Network;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-1-1 220856]
    S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [2013-1-3 103472]
    S2 McAfeeEngineService;McAfee Engine Service;C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\engineserver.exe [2011-8-31 20792]
    S2 McAfeeFramework;McAfee Framework Service;C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe [2009-9-22 103744]
    S2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-1-1 220856]
    S2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-1-1 220856]
    S2 McPvDrv;McPvDrv Driver;C:\Windows\System32\drivers\McPvDrv.sys [2013-1-1 74120]
    S2 McShield;McAfee McShield;C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\mcshield.exe [2011-8-31 181480]
    S2 McTaskManager;McAfee Task Manager;C:\Program Files (x86)\McAfee\VirusScan Enterprise\vstskmgr.exe [2011-8-31 66880]
    S2 mfecore;McAfee Anti-Malware Core;C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [2013-1-1 1007288]
    S2 MOBKbackup;McAfee Online Backup;C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe [2010-4-13 231224]
    S2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2010-3-25 490280]
    S2 StarWindServiceAE;StarWind AE Service;C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
    S3 DKRtWrt;DKRtWrt;C:\Windows\System32\drivers\DKRtWrt.sys [2011-1-12 51120]
    S3 HipShieldK;McAfee Inc. HipShieldK;C:\Windows\System32\drivers\HipShieldK.sys [2013-1-1 197264]
    S3 HTCAND64;HTC Device Driver;C:\Windows\System32\drivers\androidusb.sys [2010-4-29 32768]
    S3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\System32\drivers\mfeavfk.sys [2010-2-8 309400]
    S3 mfencbdc;McAfee Inc. mfencbdc;C:\Windows\System32\drivers\mfencbdc.sys [2012-11-2 328976]
    S3 mfencrk;McAfee Inc. mfencrk;C:\Windows\System32\drivers\mfencrk.sys [2012-11-2 97208]
    S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\System32\drivers\mferkdet.sys [2010-2-8 100904]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-6-29 59392]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-4-8 1255736]
    S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
    .
    =============== Created Last 30 ================
    .
    2013-02-18 03:48:13 15739760 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
    2013-02-08 20:15:13 388608 ----a-w- C:\Users\Desktop\HijackThis.exe
    2013-02-08 20:14:52 -------- d-----w- C:\Users\Desktop\AppData\Local\Macromedia
    .
    ==================== Find3M ====================
    .
    2013-01-10 00:59:39 20293080 ----a-w- C:\Users\Desktop\Firefox Setup 18.0.exe
    2013-01-04 11:43:56 95184 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
    2013-01-04 11:43:47 859072 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
    2013-01-04 11:43:47 779704 ----a-w- C:\Windows\SysWow64\deployJava1.dll
    2012-12-16 17:11:22 46080 ----a-w- C:\Windows\System32\atmlib.dll
    2012-12-16 14:45:03 367616 ----a-w- C:\Windows\System32\atmfd.dll
    2012-12-16 14:13:28 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll
    2012-12-16 14:13:20 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
    2012-12-12 18:48:12 697272 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
    2012-12-12 18:48:11 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2012-12-09 09:51:20 126944 ----a-w- C:\Windows\System32\drivers\scdemu.sys
    2012-11-22 03:26:40 3149824 ----a-w- C:\Windows\System32\win32k.sys
    .
    ============= FINISH: 23:36:43.09 ===============
    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2012-11-20.01)
    .
    Microsoft Windows 7 Home Premium
    Boot Device: \Device\HarddiskVolume1
    Install Date: 2/6/2010 6:41:24 PM
    System Uptime: 2/17/2013 10:50:02 PM (1 hours ago)
    .
    Motherboard: FOXCONN | | ALOE
    Processor: AMD Athlon(tm) II X4 620 Processor | CPU 1 | 2600/200mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 454 GiB total, 222.221 GiB free.
    D: is FIXED (NTFS) - 11 GiB total, 1.67 GiB free.
    E: is CDROM ()
    G: is Removable
    H: is Removable
    I: is Removable
    J: is Removable
    .
    ==== Disabled Device Manager Items =============
    .
    Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Description: Security Processor Loader Driver
    Device ID: ROOT\LEGACY_SPLDR\0000
    Manufacturer:
    Name: Security Processor Loader Driver
    PNP Device ID: ROOT\LEGACY_SPLDR\0000
    Service: spldr
    .
    Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Description: sptd
    Device ID: ROOT\LEGACY_SPTD\0000
    Manufacturer:
    Name: sptd
    PNP Device ID: ROOT\LEGACY_SPTD\0000
    Service: sptd
    .
    ==== System Restore Points ===================
    .
    No restore point in system.
    .
    ==== Installed Programs ======================
    .
    Update for Microsoft Office 2007 (KB2508958)
    µTorrent
    7-Zip 4.65
    7-zip v9.20
    ABC Amber BlackBerry Converter
    Acrobat.com
    ActiveCheck component for HP Active Support Library
    Adobe Acrobat 9 Pro Extended - English, Français, Deutsch
    Adobe Acrobat 9 Pro Extended 64-bit Add-On
    Adobe AIR
    Adobe Audition 3.0
    Adobe Audition 3.0 Vista Compatibility
    Adobe Flash Player 11 ActiveX
    Adobe Flash Player 11 Plugin
    Adobe Presenter 7
    Adobe Reader XI
    Amazon MP3 Downloader 1.0.10
    AMD USB Filter Driver
    Android SDK Tools
    Apple Application Support
    Apple Mobile Device Support
    Apple Software Update
    ATI Catalyst Install Manager
    Audacity 1.3.12 (Unicode)
    Bonjour
    Boris Graffiti
    Canon Easy-PhotoPrint EX
    Canon Easy-WebPrint EX
    Canon MP Navigator EX 4.1
    Canon MX410 series MP Drivers
    Canon MX410 series User Registration
    Canon My Printer
    Canon Solution Menu EX
    Canon Speed Dial Utility
    Catalyst Control Center - Branding
    Catalyst Control Center Core Implementation
    Catalyst Control Center Graphics Full Existing
    Catalyst Control Center Graphics Full New
    Catalyst Control Center Graphics Light
    Catalyst Control Center Graphics Previews Vista
    Catalyst Control Center InstallProxy
    Catalyst Control Center Localization All
    ccc-core-static
    ccc-utility64
    CCC Help Chinese Standard
    CCC Help Chinese Traditional
    CCC Help Czech
    CCC Help Danish
    CCC Help Dutch
    CCC Help English
    CCC Help Finnish
    CCC Help French
    CCC Help German
    CCC Help Greek
    CCC Help Hungarian
    CCC Help Italian
    CCC Help Japanese
    CCC Help Korean
    CCC Help Norwegian
    CCC Help Polish
    CCC Help Portuguese
    CCC Help Russian
    CCC Help Spanish
    CCC Help Swedish
    CCC Help Thai
    CCC Help Turkish
    CCleaner
    Compatibility Pack for the 2007 Office system
    ConvertXtoDVD 3.3.4.106e
    Cygnus Hex Editor FREE EDITION 1.00
    D3DX10
    dBpoweramp [Arrange Audio] Codec
    dBpoweramp [Audio Info] Codec
    dBpoweramp [Channel Split] Codec
    dBpoweramp [ID Tag Update] Codec
    dBpoweramp [Length Split] Codec
    dBpoweramp [Multi Encoder] Codec
    dBpoweramp [ReplayGain] Codec
    dBpoweramp [Tag From Filename] Codec
    dBpoweramp DSP Effects
    dBpoweramp Music Converter
    DirectX for Managed Code Update (Summer 2004)
    Diskeeper 2010
    Dropbox
    Fences
    FileZilla Client 3.3.5.1
    FileZilla Server (remove only)
    Garena 2010
    Google Book Downloader
    Google Chrome
    Google Earth
    Google Toolbar for Internet Explorer
    Google Update Helper
    Granola
    Handbrake 0.9.4
    Hardware Diagnostic Tools
    High-Definition Video Playback 10
    HP Customer Experience Enhancements
    HP MediaSmart DVD
    HP MediaSmart Music/Photo/Video
    HP MediaSmart SmartMenu
    HP MediaSmart/TouchSmart Netflix
    HP Odometer
    HP Remote Solution
    HP Setup
    HP Support Assistant
    HP Support Information
    HP Update
    HPAsset component for HP Active Support Library
    HTC Driver Installer
    Hulu Desktop
    Internet TV for Windows Media Center
    iTunes
    Java 7 Update 10
    Java Auto Updater
    Java SE Development Kit 7 Update 10
    Java(TM) 6 Update 30 (64-bit)
    Java(TM) 6 Update 31
    Java(TM) SE Development Kit 6 Update 22
    Junk Mail filter update
    LabelPrint
    LAME v3.98.3 for Audacity
    LightScribe System Software
    Magic Bullet Looks Studio
    Magic ISO Maker v5.4 (build 0239)
    McAfee Agent
    McAfee Online Backup
    McAfee Total Protection
    McAfee VirusScan Enterprise
    MCEBrowser
    Mesh Runtime
    Microsoft .NET Framework 4 Client Profile
    Microsoft .NET Framework 4 Extended
    Microsoft Application Error Reporting
    Microsoft Expression Encoder 4
    Microsoft Expression Encoder 4 Screen Capture Codec
    Microsoft IntelliType Pro 8.0
    Microsoft Live Search Toolbar
    Microsoft Office 2007 Service Pack 3 (SP3)
    Microsoft Office Access MUI (English) 2007
    Microsoft Office Access Setup Metadata MUI (English) 2007
    Microsoft Office Enterprise 2007
    Microsoft Office Excel MUI (English) 2007
    Microsoft Office File Validation Add-In
    Microsoft Office Groove MUI (English) 2007
    Microsoft Office Groove Setup Metadata MUI (English) 2007
    Microsoft Office InfoPath MUI (English) 2007
    Microsoft Office Live Add-in 1.5
    Microsoft Office Office 64-bit Components 2007
    Microsoft Office OneNote MUI (English) 2007
    Microsoft Office Outlook 2007
    Microsoft Office Outlook MUI (English) 2007
    Microsoft Office PowerPoint MUI (English) 2007
    Microsoft Office PowerPoint Viewer 2007 (English)
    Microsoft Office Proof (English) 2007
    Microsoft Office Proof (French) 2007
    Microsoft Office Proof (Spanish) 2007
    Microsoft Office Proofing (English) 2007
    Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    Microsoft Office Publisher MUI (English) 2007
    Microsoft Office Shared 64-bit MUI (English) 2007
    Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
    Microsoft Office Shared MUI (English) 2007
    Microsoft Office Shared Setup Metadata MUI (English) 2007
    Microsoft Office Word MUI (English) 2007
    Microsoft Primary Interoperability Assemblies 2005
    Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
    Microsoft Silverlight
    Microsoft Software Update for Web Folders (English) 12
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2005 Redistributable (x64)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Microsoft Works
    MobileMe Control Panel
    Morgan Stream Switcher
    Movie Theme Pack for HP MediaSmart Video
    Mozilla Firefox 17.0.1 (x86 en-US)
    Mozilla Maintenance Service
    MSVCRT
    MSVCRT_amd64
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    MusicOasis
    Nero 10 Menu TemplatePack Basic
    Nero 10 Movie ThemePack Basic
    Nero BackItUp 10
    Nero BackItUp 10 Help (CHM)
    Nero Burning ROM 10
    Nero BurningROM 10 Help (CHM)
    Nero BurnRights 10
    Nero BurnRights 10 Help (CHM)
    Nero Control Center 10
    Nero ControlCenter 10 Help (CHM)
    Nero Core Components 10
    Nero CoverDesigner 10
    Nero CoverDesigner 10 Help (CHM)
    Nero DiscSpeed 10
    Nero DiscSpeed 10 Help (CHM)
    Nero Dolby Files 10
    Nero Express 10
    Nero Express 10 Help (CHM)
    Nero InfoTool 10
    Nero InfoTool 10 Help (CHM)
    Nero MediaHub 10
    Nero MediaHub 10 Help (CHM)
    Nero Multimedia Suite 10
    Nero Recode 10
    Nero Recode 10 Help (CHM)
    Nero RescueAgent 10
    Nero RescueAgent 10 Help (CHM)
    Nero SoundTrax 10
    Nero SoundTrax 10 Help (CHM)
    Nero StartSmart 10
    Nero StartSmart 10 Help (CHM)
    Nero Update
    Nero Vision 10
    Nero Vision 10 Help (CHM)
    Nero WaveEditor 10
    Nero WaveEditor 10 Help (CHM)
    Netflix in Windows Media Center
    Network Addon Mod Version 29
    Octoshape add-in for Adobe Flash Player
    Orbit Downloader
    PdaNet for Android 3.00
    PeerBlock 1.1 (r518)
    PictureMover
    Pinnacle Studio 12
    Pinnacle Studio 12 Ultimate Plugins
    Pinnacle Video Driver
    PlayReady PC Runtime amd64
    Power2Go
    PowerDirector
    PowerISO
    proDAD Vitascene 1.0
    QPST
    QuickTime
    RAIDXpert
    Realtek High Definition Audio Driver
    Recovery Manager
    Safari
    SAMSUNG USB Driver for Mobile Phones
    Security Update for CAPICOM (KB931906)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
    Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
    Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
    Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
    Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition
    Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition
    Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
    Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
    Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
    Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
    Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition
    Shared C Run-time for x64
    Sid Meier's Civilization 4
    SimCity 4 Deluxe
    TeamViewer 8
    Traffic Simulator Configuration Tool
    Update for 2007 Microsoft Office System (KB967642)
    Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
    Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
    Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
    Update for Microsoft .NET Framework 4 Extended (KB2468871)
    Update for Microsoft .NET Framework 4 Extended (KB2533523)
    Update for Microsoft .NET Framework 4 Extended (KB2600217)
    Update for Microsoft Office 2007 Help for Common Features (KB963673)
    Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
    Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
    Update for Microsoft Office Access 2007 Help (KB963663)
    Update for Microsoft Office Excel 2007 Help (KB963678)
    Update for Microsoft Office Infopath 2007 Help (KB963662)
    Update for Microsoft Office OneNote 2007 Help (KB963670)
    Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
    Update for Microsoft Office Outlook 2007 Help (KB963677)
    Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2760573) 32-Bit Edition
    Update for Microsoft Office Powerpoint 2007 Help (KB963669)
    Update for Microsoft Office Publisher 2007 Help (KB963667)
    Update for Microsoft Office Script Editor Help (KB963671)
    Update for Microsoft Office Word 2007 Help (KB963665)
    Verizon Wireless Software Upgrade Assistant - Samsung(ar)
    Verizon Wireless Software Utility Application for Android - Samsung
    VLC media player 2.0.5
    Winamp
    Winamp Remote
    Windows 7 USB/DVD Download Tool
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live ID Sign-in Assistant
    Windows Live Installer
    Windows Live Language Selector
    Windows Live Mail
    Windows Live Mesh
    Windows Live Mesh ActiveX Control for Remote Connections
    Windows Live Messenger
    Windows Live MIME IFilter
    Windows Live Movie Maker
    Windows Live Photo Common
    Windows Live Photo Gallery
    Windows Live PIMT Platform
    Windows Live Remote Client
    Windows Live Remote Client Resources
    Windows Live Remote Service
    Windows Live Remote Service Resources
    Windows Live SOXE
    Windows Live SOXE Definitions
    Windows Live Sync
    Windows Live UX Platform
    Windows Live UX Platform Language Pack
    Windows Live Writer
    Windows Live Writer Resources
    Wondershare Video Converter Platinum(Build 5.0.3.0)
    Write-N-Cite
    Yahoo! Messenger
    Yahoo! Software Update
    Yahoo! Toolbar
    .
    ==== Event Viewer Messages From Past Week ========
    .
    2/17/2013 11:32:10 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {D3DCB472-7261-43CE-924B-0704BD730D5F}
    2/17/2013 11:32:09 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF}
    2/17/2013 10:52:40 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service McNaiAnn with arguments "" in order to run the server: {DC7EF8E1-824F-4110-AB43-1604DA9B4F40}
    2/17/2013 10:52:40 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service McNaiAnn with arguments "" in order to run the server: {C90134D2-4AE9-407A-919A-4A2EF09C6C51}
    2/17/2013 10:52:39 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.
    2/17/2013 10:52:39 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
    2/17/2013 10:52:39 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
    2/17/2013 10:52:29 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
    2/17/2013 10:51:57 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
    2/17/2013 10:51:25 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
    2/17/2013 10:50:32 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: discache MOBKFilter SCDEmu spldr sptd Wanarpv6
    2/17/2013 10:50:06 PM, Error: sptd [4] - Driver detected an internal error in its data structures for .
    .
    ==== End Of File ===========================
    GMER 2.1.18952 - http://www.gmer.net
    Rootkit scan 2013-02-18 00:38:38
    Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\00000068 Hitachi_ rev.ST3O 465.66GB
    Running: fsopqlbs.exe; Driver: C:\Users\Desktop\AppData\Local\Temp\pxldapod.sys

    ---- User code sections - GMER 2.1 ----
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[1968] C:\Windows\syswow64\USER32.dll!EnableWindow 0000000074f02da4 5 bytes JMP 0000000170139eb4
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[1968] C:\Windows\syswow64\USER32.dll!DialogBoxIndirectParamW 0000000074f1cbf3 5 bytes JMP 0000000170288fb6
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[1968] C:\Windows\syswow64\USER32.dll!DialogBoxParamW 0000000074f1cfca 5 bytes JMP 0000000170091893
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[1968] C:\Windows\syswow64\USER32.dll!DialogBoxParamA 0000000074f3cb0c 5 bytes JMP 0000000170288f51
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[1968] C:\Windows\syswow64\USER32.dll!DialogBoxIndirectParamA 0000000074f3ce64 5 bytes JMP 000000017028901b
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[1968] C:\Windows\syswow64\USER32.dll!MessageBoxIndirectA 0000000074f4fbd1 5 bytes JMP 0000000170288ed8
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[1968] C:\Windows\syswow64\USER32.dll!MessageBoxIndirectW 0000000074f4fc9d 5 bytes JMP 0000000170288e5f
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[1968] C:\Windows\syswow64\USER32.dll!MessageBoxExA 0000000074f4fcd6 5 bytes JMP 0000000170288dfb
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[1968] C:\Windows\syswow64\USER32.dll!MessageBoxExW 0000000074f4fcfa 5 bytes JMP 0000000170288d97
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[1968] C:\Windows\syswow64\OLEAUT32.dll!OleCreatePropertyFrameIndirect 0000000075a293ec 5 bytes JMP 00000001702891d0
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[1968] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000074a81465 2 bytes [A8, 74]
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[1968] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000074a814bb 2 bytes [A8, 74]
    .text ... * 2
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[1968] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll!PropertySheetW 0000000073c1388e 5 bytes JMP 0000000170289080
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[1968] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll!PropertySheet 0000000073cb7922 5 bytes JMP 0000000170289128
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[1968] C:\Windows\syswow64\comdlg32.dll!PageSetupDlgW 0000000076892694 5 bytes JMP 00000001702893c8
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[1460] C:\Windows\SysWOW64\ntdll.dll!NtdllDefWindowProc_W 00000000772125fd 6 bytes JMP 0000000170158042
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[1460] C:\Windows\SysWOW64\ntdll.dll!NtdllDefWindowProc_A 0000000077222a63 6 bytes JMP 00000001700f9805
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[1460] C:\Windows\syswow64\kernel32.dll!CreateThread 00000000753834b5 5 bytes JMP 00000001700f75db
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[1460] C:\Windows\syswow64\USER32.dll!CreateWindowExW 0000000074ef8a29 5 bytes JMP 00000001701603cf
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[1460] C:\Windows\syswow64\USER32.dll!CreateWindowExA 0000000074efd22e 5 bytes JMP 000000017010363b
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[1460] C:\Windows\syswow64\USER32.dll!EnableWindow 0000000074f02da4 5 bytes JMP 0000000170139eb4
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[1460] C:\Windows\syswow64\USER32.dll!CallNextHookEx 0000000074f06285 5 bytes JMP 0000000170157fdf
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[1460] C:\Windows\syswow64\USER32.dll!SetWindowsHookExW 0000000074f07603 5 bytes JMP 00000001701325ac
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[1460] C:\Windows\syswow64\USER32.dll!DialogBoxIndirectParamW 0000000074f1cbf3 5 bytes JMP 0000000170288fb6
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[1460] C:\Windows\syswow64\USER32.dll!DialogBoxParamW 0000000074f1cfca 5 bytes JMP 0000000170091893
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[1460] C:\Windows\syswow64\USER32.dll!UnhookWindowsHookEx 0000000074f1f52b 5 bytes JMP 000000017017ed00
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[1460] C:\Windows\syswow64\USER32.dll!DialogBoxParamA 0000000074f3cb0c 5 bytes JMP 0000000170288f51
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[1460] C:\Windows\syswow64\USER32.dll!DialogBoxIndirectParamA 0000000074f3ce64 5 bytes JMP 000000017028901b
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[1460] C:\Windows\syswow64\USER32.dll!MessageBoxIndirectA 0000000074f4fbd1 5 bytes JMP 0000000170288ed8
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[1460] C:\Windows\syswow64\USER32.dll!MessageBoxIndirectW 0000000074f4fc9d 5 bytes JMP 0000000170288e5f
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[1460] C:\Windows\syswow64\USER32.dll!MessageBoxExA 0000000074f4fcd6 5 bytes JMP 0000000170288dfb
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[1460] C:\Windows\syswow64\USER32.dll!MessageBoxExW 0000000074f4fcfa 5 bytes JMP 0000000170288d97
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[1460] C:\Windows\syswow64\ole32.dll!OleLoadFromStream 0000000074926143 5 bytes JMP 0000000170289784
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[1460] C:\Windows\syswow64\OLEAUT32.dll!SysFreeString 00000000759c3e59 5 bytes JMP 000000017028987c
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[1460] C:\Windows\syswow64\OLEAUT32.dll!VariantClear 00000000759c3eae 5 bytes JMP 00000001702898fa
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[1460] C:\Windows\syswow64\OLEAUT32.dll!SysAllocStringByteLen 00000000759c4731 5 bytes JMP 00000001702897ee
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[1460] C:\Windows\syswow64\OLEAUT32.dll!VariantChangeType 00000000759c5dee 5 bytes JMP 000000017028989a
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[1460] C:\Windows\syswow64\OLEAUT32.dll!OleCreatePropertyFrameIndirect 0000000075a293ec 5 bytes JMP 00000001702891d0
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[1460] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000074a81465 2 bytes [A8, 74]
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[1460] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000074a814bb 2 bytes [A8, 74]
    .text ... * 2
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[1460] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll!PropertySheetW 0000000073c1388e 5 bytes JMP 0000000170289080
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[1460] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll!PropertySheet 0000000073cb7922 5 bytes JMP 0000000170289128
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[1460] C:\Windows\syswow64\comdlg32.dll!PageSetupDlgW 0000000076892694 5 bytes JMP 00000001702893c8
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2392] C:\Windows\SysWOW64\ntdll.dll!NtdllDefWindowProc_W 00000000772125fd 6 bytes JMP 0000000170158042
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2392] C:\Windows\SysWOW64\ntdll.dll!NtdllDefWindowProc_A 0000000077222a63 6 bytes JMP 00000001700f9805
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2392] C:\Windows\syswow64\kernel32.dll!CreateThread 00000000753834b5 5 bytes JMP 00000001700f75db
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2392] C:\Windows\syswow64\USER32.dll!CreateWindowExW 0000000074ef8a29 5 bytes JMP 00000001701603cf
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2392] C:\Windows\syswow64\USER32.dll!CreateWindowExA 0000000074efd22e 5 bytes JMP 000000017010363b
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2392] C:\Windows\syswow64\USER32.dll!EnableWindow 0000000074f02da4 5 bytes JMP 0000000170139eb4
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2392] C:\Windows\syswow64\USER32.dll!CallNextHookEx 0000000074f06285 5 bytes JMP 0000000170157fdf
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2392] C:\Windows\syswow64\USER32.dll!SetWindowsHookExW 0000000074f07603 5 bytes JMP 00000001701325ac
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2392] C:\Windows\syswow64\USER32.dll!DialogBoxIndirectParamW 0000000074f1cbf3 5 bytes JMP 0000000170288fb6
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2392] C:\Windows\syswow64\USER32.dll!DialogBoxParamW 0000000074f1cfca 5 bytes JMP 0000000170091893
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2392] C:\Windows\syswow64\USER32.dll!UnhookWindowsHookEx 0000000074f1f52b 5 bytes JMP 000000017017ed00
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2392] C:\Windows\syswow64\USER32.dll!DialogBoxParamA 0000000074f3cb0c 5 bytes JMP 0000000170288f51
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2392] C:\Windows\syswow64\USER32.dll!DialogBoxIndirectParamA 0000000074f3ce64 5 bytes JMP 000000017028901b
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2392] C:\Windows\syswow64\USER32.dll!MessageBoxIndirectA 0000000074f4fbd1 5 bytes JMP 0000000170288ed8
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2392] C:\Windows\syswow64\USER32.dll!MessageBoxIndirectW 0000000074f4fc9d 5 bytes JMP 0000000170288e5f
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2392] C:\Windows\syswow64\USER32.dll!MessageBoxExA 0000000074f4fcd6 5 bytes JMP 0000000170288dfb
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2392] C:\Windows\syswow64\USER32.dll!MessageBoxExW 0000000074f4fcfa 5 bytes JMP 0000000170288d97
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2392] C:\Windows\syswow64\ole32.dll!OleLoadFromStream 0000000074926143 5 bytes JMP 0000000170289784
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2392] C:\Windows\syswow64\OLEAUT32.dll!SysFreeString 00000000759c3e59 5 bytes JMP 000000017028987c
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2392] C:\Windows\syswow64\OLEAUT32.dll!VariantClear 00000000759c3eae 5 bytes JMP 00000001702898fa
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2392] C:\Windows\syswow64\OLEAUT32.dll!SysAllocStringByteLen 00000000759c4731 5 bytes JMP 00000001702897ee
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2392] C:\Windows\syswow64\OLEAUT32.dll!VariantChangeType 00000000759c5dee 5 bytes JMP 000000017028989a
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2392] C:\Windows\syswow64\OLEAUT32.dll!OleCreatePropertyFrameIndirect 0000000075a293ec 5 bytes JMP 00000001702891d0
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2392] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000074a81465 2 bytes [A8, 74]
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2392] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000074a814bb 2 bytes [A8, 74]
    .text ... * 2
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2392] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll!PropertySheetW 0000000073c1388e 5 bytes JMP 0000000170289080
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2392] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll!PropertySheet 0000000073cb7922 5 bytes JMP 0000000170289128
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2392] C:\Windows\syswow64\comdlg32.dll!PageSetupDlgW 0000000076892694 5 bytes JMP 00000001702893c8
    .text C:\Program Files (x86)\Java\jre7\bin\java.exe[3004] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000074a81465 2 bytes [A8, 74]
    .text C:\Program Files (x86)\Java\jre7\bin\java.exe[3004] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000074a814bb 2 bytes [A8, 74]
    .text ... * 2
    .text C:\Program Files (x86)\Secunia\PSI\PSI_TRAY.exe[1228] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000074a81465 2 bytes [A8, 74]
    .text C:\Program Files (x86)\Secunia\PSI\PSI_TRAY.exe[1228] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000074a814bb 2 bytes [A8, 74]
    .text ... * 2
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2376] C:\Windows\SysWOW64\ntdll.dll!NtdllDefWindowProc_W 00000000772125fd 6 bytes JMP 0000000170158042
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2376] C:\Windows\SysWOW64\ntdll.dll!NtdllDefWindowProc_A 0000000077222a63 6 bytes JMP 00000001700f9805
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2376] C:\Windows\syswow64\kernel32.dll!CreateThread 00000000753834b5 5 bytes JMP 00000001700f75db
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2376] C:\Windows\syswow64\USER32.dll!CreateWindowExW 0000000074ef8a29 5 bytes JMP 00000001701603cf
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2376] C:\Windows\syswow64\USER32.dll!CreateWindowExA 0000000074efd22e 5 bytes JMP 000000017010363b
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2376] C:\Windows\syswow64\USER32.dll!EnableWindow 0000000074f02da4 5 bytes JMP 0000000170139eb4
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2376] C:\Windows\syswow64\USER32.dll!CallNextHookEx 0000000074f06285 5 bytes JMP 0000000170157fdf
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2376] C:\Windows\syswow64\USER32.dll!SetWindowsHookExW 0000000074f07603 5 bytes JMP 00000001701325ac
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2376] C:\Windows\syswow64\USER32.dll!DialogBoxIndirectParamW 0000000074f1cbf3 5 bytes JMP 0000000170288fb6
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2376] C:\Windows\syswow64\USER32.dll!DialogBoxParamW 0000000074f1cfca 5 bytes JMP 0000000170091893
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2376] C:\Windows\syswow64\USER32.dll!UnhookWindowsHookEx 0000000074f1f52b 5 bytes JMP 000000017017ed00
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2376] C:\Windows\syswow64\USER32.dll!DialogBoxParamA 0000000074f3cb0c 5 bytes JMP 0000000170288f51
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2376] C:\Windows\syswow64\USER32.dll!DialogBoxIndirectParamA 0000000074f3ce64 5 bytes JMP 000000017028901b
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2376] C:\Windows\syswow64\USER32.dll!MessageBoxIndirectA 0000000074f4fbd1 5 bytes JMP 0000000170288ed8
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2376] C:\Windows\syswow64\USER32.dll!MessageBoxIndirectW 0000000074f4fc9d 5 bytes JMP 0000000170288e5f
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2376] C:\Windows\syswow64\USER32.dll!MessageBoxExA 0000000074f4fcd6 5 bytes JMP 0000000170288dfb
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2376] C:\Windows\syswow64\USER32.dll!MessageBoxExW 0000000074f4fcfa 5 bytes JMP 0000000170288d97
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2376] C:\Windows\syswow64\ole32.dll!OleLoadFromStream 0000000074926143 5 bytes JMP 0000000170289784
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2376] C:\Windows\syswow64\OLEAUT32.dll!SysFreeString 00000000759c3e59 5 bytes JMP 000000017028987c
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2376] C:\Windows\syswow64\OLEAUT32.dll!VariantClear 00000000759c3eae 5 bytes JMP 00000001702898fa
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2376] C:\Windows\syswow64\OLEAUT32.dll!SysAllocStringByteLen 00000000759c4731 5 bytes JMP 00000001702897ee
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2376] C:\Windows\syswow64\OLEAUT32.dll!VariantChangeType 00000000759c5dee 5 bytes JMP 000000017028989a
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2376] C:\Windows\syswow64\OLEAUT32.dll!OleCreatePropertyFrameIndirect 0000000075a293ec 5 bytes JMP 00000001702891d0
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2376] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000074a81465 2 bytes [A8, 74]
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2376] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000074a814bb 2 bytes [A8, 74]
    .text ... * 2
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2376] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll!PropertySheetW 0000000073c1388e 5 bytes JMP 0000000170289080
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2376] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll!PropertySheet 0000000073cb7922 5 bytes JMP 0000000170289128
    .text C:\Program Files (x86)\Internet Explorer\iexplore.exe[2376] C:\Windows\syswow64\comdlg32.dll!PageSetupDlgW 0000000076892694 5 bytes JMP 00000001702893c8
    ---- Registry - GMER 2.1 ----
    Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04
    Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\[email protected] (null)
    Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\[email protected] 0
    Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\[email protected] 0x14 0x60 0x80 0x76 ...
    Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001
    Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\[email protected] 0x20 0x01 0x00 0x00 ...
    Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\[email protected] 0x47 0x7E 0xBC 0xC3 ...
    Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40
    Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\[email protected] 0x9F 0x7B 0xB3 0x89 ...
    Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg41
    Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\[email protected] 0x67 0xA9 0x71 0x86 ...
    Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
    Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\[email protected] (null)
    Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\[email protected] 0
    Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\[email protected] 0x14 0x60 0x80 0x76 ...
    Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001 (not active ControlSet)
    Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\[email protected] 0x20 0x01 0x00 0x00 ...
    Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\[email protected] 0x47 0x7E 0xBC 0xC3 ...
    Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40 (not active ControlSet)
    Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\[email protected] 0x9F 0x7B 0xB3 0x89 ...
    Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg41 (not active ControlSet)
    Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\[email protected] 0x67 0xA9 0x71 0x86 ...
    ---- Disk sectors - GMER 2.1 ----
    Disk \Device\Harddisk0\DR0 unknown MBR code
    ---- EOF - GMER 2.1 ----
     
  2. Mark1956

    Mark1956

    Joined:
    May 7, 2011
    Messages:
    14,142
    Please run these three scans:


    SCAN 1
    Click on this link to download : ADWCleaner and save it to your desktop.

    NOTE: If using Internet Explorer and you get an alert that stops the program downloading click on Tools > Smartscreen Filter > Turn off Smartscreen Filter then click on OK in the box that opens. Then click on the link again.

    Close your browser and click on this icon on your desktop: [​IMG]

    You will then see the screen below, click on the Delete button (as indicated), accept any prompts that appear and allow it to reboot the PC. When the PC has rebooted you will be presented with the report, copy & paste it into your next post.

    [​IMG]



    SCAN 2
    Download RogueKiller (by tigzy) and save direct to your Desktop.
    On the web page select the 32bit or 64bit button to match the bit rate of your version of Windows.

    • Quit all running programs.
    • Start RogueKiller.exe by double clicking on the icon.
    • Wait until Prescan has finished.
    • Ensure all boxes are ticked under "Report" tab.
    • Click on Scan.
    • Click on Report when complete. Copy/paste the contents of the report and paste into your next reply.
    • NOTE: DO NOT attempt to remove anything that the scan detects.

    [​IMG]



    SCAN 3
    Please follow the instructions exactly as written, deviating from the instructions and trying to fix anything before I have seen the logs may make your PC unbootable. If TDSSKiller does not offer the Cure option DO NOT select delete as you may remove files needed for the system to operate.

    Please download Kaspersky's TDSSKiller and save it to your Desktop. <-Important!
    -- The tool is frequently updated...if you used TDSSKiller before, delete that version and download the most current one before using again.

    Be sure to print out and follow the instructions for performing a scan.

    • Extract (unzip) the file to your desktop and make sure TDSSKiller.exe (the contents of the zipped file) is on the Desktop itself, not within a folder on the Desktop.
    • Alternatively, you can download TDSSKiller.exe and use that instead.
    • Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
      Vista/Windows 7 users right-click and select Run As Administrator.
    • If an update is available, TDSSKiller will prompt you to update and download the most current version. Click Load Update. Close TDSSKiller and start again.


    • When the program opens, click the Change parameters.

      [​IMG]

    • Under "Additional options", check the boxes next to Verify file digital signatures and Detect TDLFS file system, then click OK.

      [​IMG]

    • Click the Start Scan button.

      [​IMG]

    • Do not use the computer during the scan
    • If the scan completes with nothing found, click Close to exit.
    • If 'Suspicious objects' are detected, the default action will be Skip. Leave the default set to Skip and click on Continue.
    • If Malicious objects are detected, they will show in the Scan results - Select action for found objects: and offer three options.

      [​IMG]

    • Ensure Cure is selected...then click Continue -> Reboot computer for cure completion.

      [​IMG]

    • Important! -> If Cure is not available, please choose Skip instead. Do not choose Delete unless instructed. If you choose Delete you may remove critical system files and make your PC unstable or possibly unbootable.
    • A log file named TDSSKiller_version_date_time_log.txt will be created and saved to the root directory (usually Local Disk C: ).
    • Copy and paste the contents of that file in your next reply.

    -- If TDSSKiller does not run, try renaming it. To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to these instructions. In some cases it may be necessary to redownload TDSSKiller and randomly rename it to something else before beginning the download and saving to the computer or to perform the scan in "safe mode".
     
  3. imagineverything

    imagineverything Thread Starter

    Joined:
    Dec 8, 2010
    Messages:
    14
    After running all three scans in safe mode, I got this result:

    # AdwCleaner v2.115 - Logfile created 03/19/2013 at 14:18:56
    # Updated 17/03/2013 by Xplode
    # Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
    # User : Desktop - OFFICE
    # Boot Mode : Safe mode with networking
    # Running from : C:\Users\Desktop\Desktop\adwcleaner.exe
    # Option [Delete]


    ***** [Services] *****


    ***** [Files / Folders] *****

    Folder Deleted : C:\ProgramData\Trymedia
    Folder Deleted : C:\Users\Desktop\AppData\Local\PackageAware

    ***** [Registry] *****

    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
    Key Deleted : HKLM\Software\Freeze.com
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Deleted : HKLM\SOFTWARE\Software
    Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]

    ***** [Internet Browsers] *****

    -\\ Internet Explorer v9.0.8112.16457

    [OK] Registry is clean.

    -\\ Mozilla Firefox v18.0.2 (en-US)

    File : C:\Users\Desktop\AppData\Roaming\Mozilla\Firefox\Profiles\ad8jcf8g.default\prefs.js

    C:\Users\Desktop\AppData\Roaming\Mozilla\Firefox\Profiles\ad8jcf8g.default\user.js ... Deleted !

    [OK] File is clean.

    -\\ Google Chrome v25.0.1364.172

    File : C:\Users\Desktop\AppData\Local\Google\Chrome\User Data\Default\Preferences

    [OK] File is clean.

    File : C:\Users\Office\AppData\Local\Google\Chrome\User Data\Default\Preferences

    [OK] File is clean.

    *************************

    AdwCleaner[S1].txt - [2364 octets] - [19/03/2013 14:18:56]

    ########## EOF - C:\AdwCleaner[S1].txt - [2424 octets] ##########


    RogueKiller V8.5.4 _x64_ [Mar 18 2013] by Tigzy
    mail : tigzyRK<at>gmail<dot>com
    Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/
    Website : http://tigzy.geekstogo.com/roguekiller.php
    Blog : http://tigzyrk.blogspot.com/

    Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
    Started in : Safe mode with network support
    User : Desktop [Admin rights]
    Mode : Scan -- Date : 03/19/2013 14:35:51
    | ARK || FAK || MBR |

    ¤¤¤ Bad processes : 0 ¤¤¤

    ¤¤¤ Registry Entries : 11 ¤¤¤
    [STARTUP][SUSP PATH] Canon IJ Status Monitor Canon MX410 series Printer.lnk @Desktop : C:\Windows\system32\rundll32.exe|C:\Users\Desktop\CNMSSC~1.DLL,SMStarterEntryPoint USB001;Canon MX410 series Printer;cnmss Canon MX410 series Printer (Local).dll;Canon IJ Status Monitor Canon MX410 series Printer.lnk [7] -> FOUND
    [STARTUP][SUSP PATH] Launch Utility Application.lnk @Desktop : C:\Users\Desktop\AppData\Roaming\Verizon\UA_ar\UtilityApplication.exe [7] -> FOUND
    [IFEO] HKLM\[...]\taskmgr.exe : Debugger ("") -> FOUND
    [HJPOL] HKLM\[...]\System : DisableTaskMgr (0) -> FOUND
    [HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND
    [HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND
    [HJPOL] HKLM\[...]\Wow6432Node\System : DisableTaskMgr (0) -> FOUND
    [HJPOL] HKLM\[...]\Wow6432Node\System : DisableRegistryTools (0) -> FOUND
    [HJ] HKLM\[...]\Wow6432Node\System : ConsentPromptBehaviorAdmin (0) -> FOUND
    [HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
    [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

    ¤¤¤ Particular Files / Folders: ¤¤¤

    ¤¤¤ Driver : [NOT LOADED] ¤¤¤

    ¤¤¤ HOSTS File: ¤¤¤
    --> C:\Windows\system32\drivers\etc\hosts

    127.0.0.1 serial.alcohol-soft.com
    127.0.0.1 www.alcohol-soft.com
    127.0.0.1 images.alcohol-soft.com
    127.0.0.1 trial.alcohol-soft.com
    127.0.0.1 alcohol-soft.com
    127.0.0.1 activate.adobe.com
    127.0.0.1 practivate.adobe.com
    127.0.0.1 ereg.adobe.com
    127.0.0.1 activate.wip3.adobe.com
    127.0.0.1 wip3.adobe.com
    127.0.0.1 3dns-3.adobe.com
    127.0.0.1 3dns-2.adobe.com
    127.0.0.1 adobe-dns.adobe.com
    127.0.0.1 adobe-dns-2.adobe.com
    127.0.0.1 adobe-dns-3.adobe.com
    127.0.0.1 ereg.wip3.adobe.com
    127.0.0.1 activate-sea.adobe.com
    127.0.0.1 wwis-dubc1-vip60.adobe.com
    127.0.0.1 activate-sjc0.adobe.com
    127.0.0.1 hl2rcv.adobe.com
    [...]


    ¤¤¤ MBR Check: ¤¤¤

    +++++ PhysicalDrive0: Hitachi HDT721050SLA360 SCSI Disk Device +++++
    --- User ---
    [MBR] f143e931025436636fa0620b300d26f8
    [BSP] 560ffb1e745be1fda275dd108cb0dd48 : Windows Vista/7/8 MBR Code
    Partition table:
    0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
    1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 465232 Mo
    2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 953001984 | Size: 11503 Mo
    User = LL1 ... OK!
    Error reading LL2 MBR!

    Finished : << RKreport[1]_S_03192013_02d1435.txt >>
    RKreport[1]_S_03192013_02d1435.txt




    14:37:47.0422 2304 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
    14:37:47.0780 2304 ============================================================
    14:37:47.0780 2304 Current date / time: 2013/03/19 14:37:47.0780
    14:37:47.0780 2304 SystemInfo:
    14:37:47.0780 2304
    14:37:47.0780 2304 OS Version: 6.1.7601 ServicePack: 1.0
    14:37:47.0780 2304 Product type: Workstation
    14:37:47.0780 2304 ComputerName: OFFICE
    14:37:47.0780 2304 UserName: Desktop
    14:37:47.0780 2304 Windows directory: C:\Windows
    14:37:47.0780 2304 System windows directory: C:\Windows
    14:37:47.0780 2304 Running under WOW64
    14:37:47.0780 2304 Processor architecture: Intel x64
    14:37:47.0780 2304 Number of processors: 4
    14:37:47.0780 2304 Page size: 0x1000
    14:37:47.0780 2304 Boot type: Safe boot with network
    14:37:47.0780 2304 ============================================================
    14:37:48.0139 2304 Drive \Device\Harddisk0\DR0 - Size: 0x746A520000 (465.66 Gb), SectorSize: 0x200, Cylinders: 0xED74, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
    14:37:48.0155 2304 ============================================================
    14:37:48.0155 2304 \Device\Harddisk0\DR0:
    14:37:48.0155 2304 MBR partitions:
    14:37:48.0155 2304 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
    14:37:48.0155 2304 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x38CA8000
    14:37:48.0155 2304 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x38CDA800, BlocksNum 0x1677800
    14:37:48.0155 2304 ============================================================
    14:37:48.0186 2304 C: <-> \Device\Harddisk0\DR0\Partition2
    14:37:48.0233 2304 D: <-> \Device\Harddisk0\DR0\Partition3
    14:37:48.0233 2304 ============================================================
    14:37:48.0233 2304 Initialize success
    14:37:48.0233 2304 ============================================================
    14:38:08.0060 2376 ============================================================
    14:38:08.0060 2376 Scan started
    14:38:08.0060 2376 Mode: Manual; SigCheck; TDLFS;
    14:38:08.0060 2376 ============================================================
    14:38:08.0450 2376 ================ Scan system memory ========================
    14:38:08.0450 2376 System memory - ok
    14:38:08.0450 2376 ================ Scan services =============================
    14:38:08.0575 2376 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
    14:38:08.0669 2376 1394ohci - ok
    14:38:08.0716 2376 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
    14:38:08.0731 2376 ACPI - ok
    14:38:08.0778 2376 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
    14:38:08.0856 2376 AcpiPmi - ok
    14:38:08.0934 2376 [ 4AE327C9C375D985FF2A2AAB92765218 ] Adobe LM Service C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    14:38:08.0965 2376 Adobe LM Service ( UnsignedFile.Multi.Generic ) - warning
    14:38:08.0965 2376 Adobe LM Service - detected UnsignedFile.Multi.Generic (1)
    14:38:09.0028 2376 [ B1EA9681502EE57F87DB71D726288A5B ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    14:38:09.0028 2376 AdobeARMservice - ok
    14:38:09.0184 2376 [ 9942DC4CC265CDA00486504444EF521D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    14:38:09.0199 2376 AdobeFlashPlayerUpdateSvc - ok
    14:38:09.0262 2376 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
    14:38:09.0277 2376 adp94xx - ok
    14:38:09.0340 2376 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
    14:38:09.0355 2376 adpahci - ok
    14:38:09.0386 2376 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
    14:38:09.0402 2376 adpu320 - ok
    14:38:09.0449 2376 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
    14:38:09.0527 2376 AeLookupSvc - ok
    14:38:09.0574 2376 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
    14:38:09.0620 2376 AFD - ok
    14:38:09.0730 2376 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
    14:38:09.0745 2376 agp440 - ok
    14:38:09.0776 2376 [ AA3F73CCBF498BD56800F840D75E40E4 ] ahcix64s C:\Windows\system32\DRIVERS\ahcix64s.sys
    14:38:09.0823 2376 ahcix64s - ok
    14:38:09.0854 2376 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
    14:38:09.0886 2376 ALG - ok
    14:38:09.0948 2376 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
    14:38:09.0948 2376 aliide - ok
    14:38:09.0995 2376 [ CA0D6C1390F4B3BAF2A0A69D1A7F8332 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
    14:38:10.0057 2376 AMD External Events Utility - ok
    14:38:10.0073 2376 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
    14:38:10.0073 2376 amdide - ok
    14:38:10.0151 2376 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
    14:38:10.0213 2376 AmdK8 - ok
    14:38:10.0354 2376 [ 75E4BACA583AE02C11E9AC8747E2ABE0 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
    14:38:10.0494 2376 amdkmdag - ok
    14:38:10.0588 2376 [ B765CF4B32F347BE747B21AE22641025 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
    14:38:10.0603 2376 amdkmdap - ok
    14:38:10.0666 2376 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
    14:38:10.0697 2376 AmdPPM - ok
    14:38:10.0775 2376 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
    14:38:10.0790 2376 amdsata - ok
    14:38:10.0853 2376 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
    14:38:10.0868 2376 amdsbs - ok
    14:38:10.0884 2376 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
    14:38:10.0900 2376 amdxata - ok
    14:38:10.0946 2376 [ 2B8D1C23D204C0E70EFF48A3FFA1C67B ] AMD_RAIDXpert C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe
    14:38:10.0962 2376 AMD_RAIDXpert ( UnsignedFile.Multi.Generic ) - warning
    14:38:10.0962 2376 AMD_RAIDXpert - detected UnsignedFile.Multi.Generic (1)
    14:38:11.0009 2376 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
    14:38:11.0118 2376 AppID - ok
    14:38:11.0149 2376 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
    14:38:11.0196 2376 AppIDSvc - ok
    14:38:11.0212 2376 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
    14:38:11.0274 2376 Appinfo - ok
    14:38:11.0336 2376 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    14:38:11.0336 2376 Apple Mobile Device - ok
    14:38:11.0383 2376 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
    14:38:11.0399 2376 arc - ok
    14:38:11.0414 2376 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
    14:38:11.0430 2376 arcsas - ok
    14:38:11.0524 2376 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
    14:38:11.0602 2376 aspnet_state - ok
    14:38:11.0633 2376 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
    14:38:11.0695 2376 AsyncMac - ok
    14:38:11.0758 2376 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
    14:38:11.0758 2376 atapi - ok
    14:38:11.0898 2376 [ 75E4BACA583AE02C11E9AC8747E2ABE0 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
    14:38:11.0960 2376 atikmdag - ok
    14:38:12.0007 2376 [ 7C5D273E29DCC5505469B299C6F29163 ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys
    14:38:12.0007 2376 AtiPcie - ok
    14:38:12.0054 2376 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
    14:38:12.0101 2376 AudioEndpointBuilder - ok
    14:38:12.0116 2376 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
    14:38:12.0148 2376 AudioSrv - ok
    14:38:12.0179 2376 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
    14:38:12.0226 2376 AxInstSV - ok
    14:38:12.0272 2376 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
    14:38:12.0319 2376 b06bdrv - ok
    14:38:12.0366 2376 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
    14:38:12.0413 2376 b57nd60a - ok
    14:38:12.0460 2376 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
    14:38:12.0491 2376 BDESVC - ok
    14:38:12.0506 2376 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
    14:38:12.0553 2376 Beep - ok
    14:38:12.0584 2376 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
    14:38:12.0631 2376 BFE - ok
    14:38:12.0647 2376 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
    14:38:12.0725 2376 BITS - ok
    14:38:12.0740 2376 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
    14:38:12.0772 2376 blbdrive - ok
    14:38:12.0834 2376 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
    14:38:12.0850 2376 Bonjour Service - ok
    14:38:12.0881 2376 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
    14:38:12.0928 2376 bowser - ok
    14:38:12.0974 2376 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
    14:38:13.0037 2376 BrFiltLo - ok
    14:38:13.0099 2376 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
    14:38:13.0115 2376 BrFiltUp - ok
    14:38:13.0146 2376 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
    14:38:13.0177 2376 Browser - ok
    14:38:13.0208 2376 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
    14:38:13.0255 2376 Brserid - ok
    14:38:13.0286 2376 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
    14:38:13.0318 2376 BrSerWdm - ok
    14:38:13.0364 2376 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
    14:38:13.0411 2376 BrUsbMdm - ok
    14:38:13.0411 2376 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
    14:38:13.0427 2376 BrUsbSer - ok
    14:38:13.0442 2376 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
    14:38:13.0489 2376 BTHMODEM - ok
    14:38:13.0520 2376 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
    14:38:13.0552 2376 bthserv - ok
    14:38:13.0567 2376 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
    14:38:13.0598 2376 cdfs - ok
    14:38:13.0630 2376 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
    14:38:13.0645 2376 cdrom - ok
    14:38:13.0676 2376 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
    14:38:13.0708 2376 CertPropSvc - ok
    14:38:13.0770 2376 [ DF8D07059E7237E0BE9C1421EF5F9482 ] cfwids C:\Windows\system32\drivers\cfwids.sys
    14:38:13.0786 2376 cfwids - ok
    14:38:13.0832 2376 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
    14:38:13.0879 2376 circlass - ok
    14:38:13.0910 2376 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
    14:38:13.0926 2376 CLFS - ok
    14:38:13.0973 2376 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
    14:38:14.0035 2376 clr_optimization_v2.0.50727_32 - ok
    14:38:14.0082 2376 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
    14:38:14.0098 2376 clr_optimization_v2.0.50727_64 - ok
    14:38:14.0176 2376 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
    14:38:14.0363 2376 clr_optimization_v4.0.30319_32 - ok
    14:38:14.0394 2376 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
    14:38:14.0503 2376 clr_optimization_v4.0.30319_64 - ok
    14:38:14.0566 2376 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
    14:38:14.0597 2376 CmBatt - ok
    14:38:14.0597 2376 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
    14:38:14.0612 2376 cmdide - ok
    14:38:14.0644 2376 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
    14:38:14.0675 2376 CNG - ok
    14:38:14.0722 2376 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
    14:38:14.0722 2376 Compbatt - ok
    14:38:14.0768 2376 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
    14:38:14.0800 2376 CompositeBus - ok
    14:38:14.0815 2376 COMSysApp - ok
    14:38:14.0815 2376 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
    14:38:14.0831 2376 crcdisk - ok
    14:38:14.0862 2376 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
    14:38:14.0893 2376 CryptSvc - ok
    14:38:14.0924 2376 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
    14:38:14.0971 2376 DcomLaunch - ok
    14:38:14.0987 2376 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
    14:38:15.0018 2376 defragsvc - ok
    14:38:15.0049 2376 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
    14:38:15.0080 2376 DfsC - ok
    14:38:15.0112 2376 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
    14:38:15.0143 2376 Dhcp - ok
    14:38:15.0158 2376 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
    14:38:15.0190 2376 discache - ok
    14:38:15.0221 2376 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
    14:38:15.0236 2376 Disk - ok
    14:38:15.0314 2376 [ 65D923E7F2776C88DA570381862489D8 ] Diskeeper C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
    14:38:15.0346 2376 Diskeeper - ok
    14:38:15.0377 2376 [ 63A8F569D6F5EB06DB135491972EDB67 ] DKRtWrt C:\Windows\system32\DRIVERS\DKRtWrt.sys
    14:38:15.0377 2376 DKRtWrt - ok
    14:38:15.0408 2376 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
    14:38:15.0424 2376 Dnscache - ok
    14:38:15.0455 2376 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
    14:38:15.0486 2376 dot3svc - ok
    14:38:15.0517 2376 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
    14:38:15.0548 2376 DPS - ok
    14:38:15.0595 2376 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
    14:38:15.0626 2376 drmkaud - ok
    14:38:15.0689 2376 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
    14:38:15.0704 2376 DXGKrnl - ok
    14:38:15.0736 2376 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
    14:38:15.0767 2376 EapHost - ok
    14:38:15.0860 2376 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
    14:38:15.0907 2376 ebdrv - ok
    14:38:15.0938 2376 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
    14:38:15.0954 2376 EFS - ok
    14:38:16.0001 2376 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
    14:38:16.0032 2376 ehRecvr - ok
    14:38:16.0063 2376 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
    14:38:16.0094 2376 ehSched - ok
    14:38:16.0141 2376 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
    14:38:16.0157 2376 elxstor - ok
    14:38:16.0204 2376 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
    14:38:16.0250 2376 ErrDev - ok
    14:38:16.0297 2376 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
    14:38:16.0328 2376 EventSystem - ok
    14:38:16.0360 2376 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
    14:38:16.0391 2376 exfat - ok
    14:38:16.0438 2376 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
    14:38:16.0484 2376 fastfat - ok
    14:38:16.0516 2376 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
    14:38:16.0562 2376 Fax - ok
    14:38:16.0609 2376 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
    14:38:16.0656 2376 fdc - ok
    14:38:16.0672 2376 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
    14:38:16.0703 2376 fdPHost - ok
    14:38:16.0718 2376 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
    14:38:16.0750 2376 FDResPub - ok
    14:38:16.0765 2376 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
    14:38:16.0781 2376 FileInfo - ok
    14:38:16.0796 2376 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
    14:38:16.0828 2376 Filetrace - ok
    14:38:16.0890 2376 [ E3A0CC636F313CB34867123539691DD5 ] FileZilla Server C:\Program Files (x86)\FileZilla Server\FileZilla Server.exe
    14:38:16.0906 2376 FileZilla Server ( UnsignedFile.Multi.Generic ) - warning
    14:38:16.0906 2376 FileZilla Server - detected UnsignedFile.Multi.Generic (1)
    14:38:16.0937 2376 [ F76D04F7413B07DAA029F6520B64B4E8 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    14:38:16.0968 2376 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning
    14:38:16.0968 2376 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1)
    14:38:16.0999 2376 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
    14:38:17.0015 2376 flpydisk - ok
    14:38:17.0077 2376 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
    14:38:17.0093 2376 FltMgr - ok
    14:38:17.0124 2376 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
    14:38:17.0171 2376 FontCache - ok
    14:38:17.0218 2376 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
    14:38:17.0233 2376 FontCache3.0.0.0 - ok
    14:38:17.0264 2376 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
    14:38:17.0280 2376 FsDepends - ok
    14:38:17.0327 2376 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
    14:38:17.0327 2376 Fs_Rec - ok
    14:38:17.0374 2376 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
    14:38:17.0389 2376 fvevol - ok
    14:38:17.0420 2376 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
    14:38:17.0436 2376 gagp30kx - ok
    14:38:17.0483 2376 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
    14:38:17.0483 2376 GEARAspiWDM - ok
    14:38:17.0498 2376 GGSAFERDriver - ok
    14:38:17.0530 2376 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
    14:38:17.0576 2376 gpsvc - ok
    14:38:17.0670 2376 [ CC3E4BB8E99B8358FE7A48531ECB7397 ] Granola PM Manager C:\Program Files (x86)\MiserWare\Granola Personal\GranolaManager.exe
    14:38:17.0686 2376 Granola PM Manager - ok
    14:38:17.0732 2376 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    14:38:17.0748 2376 gupdate - ok
    14:38:17.0764 2376 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    14:38:17.0779 2376 gupdatem - ok
    14:38:17.0795 2376 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
    14:38:17.0810 2376 gusvc - ok
    14:38:17.0842 2376 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
    14:38:17.0888 2376 hcw85cir - ok
    14:38:17.0920 2376 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
    14:38:17.0935 2376 HDAudBus - ok
    14:38:17.0966 2376 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
    14:38:17.0998 2376 HidBatt - ok
    14:38:18.0029 2376 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
    14:38:18.0044 2376 HidBth - ok
    14:38:18.0044 2376 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
    14:38:18.0060 2376 HidIr - ok
    14:38:18.0091 2376 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
    14:38:18.0138 2376 hidserv - ok
    14:38:18.0169 2376 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
    14:38:18.0169 2376 HidUsb - ok
    14:38:18.0232 2376 [ 852681A14AFEE00C0C3179429A08C868 ] HipShieldK C:\Windows\system32\drivers\HipShieldK.sys
    14:38:18.0232 2376 HipShieldK - ok
    14:38:18.0247 2376 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
    14:38:18.0278 2376 hkmsvc - ok
    14:38:18.0310 2376 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
    14:38:18.0325 2376 HomeGroupListener - ok
    14:38:18.0356 2376 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
    14:38:18.0372 2376 HomeGroupProvider - ok
    14:38:18.0450 2376 [ 389BC447DF363450A78845D35DBA0047 ] HomeNetSvc C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
    14:38:18.0466 2376 HomeNetSvc - ok
    14:38:18.0528 2376 [ C84BCC03858DAEAC4DB1E95EFCCE1934 ] HP Health Check Service C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
    14:38:18.0559 2376 HP Health Check Service ( UnsignedFile.Multi.Generic ) - warning
    14:38:18.0559 2376 HP Health Check Service - detected UnsignedFile.Multi.Generic (1)
    14:38:18.0622 2376 [ FDF273A845F1FFCCEADF363AAF47582F ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
    14:38:18.0622 2376 hpqwmiex - ok
    14:38:18.0700 2376 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
    14:38:18.0715 2376 HpSAMD - ok
    14:38:18.0762 2376 [ 363571BC0C79E394E69300D1F2E3DDAE ] HTCAND64 C:\Windows\system32\Drivers\ANDROIDUSB.sys
    14:38:18.0809 2376 HTCAND64 - ok
    14:38:18.0840 2376 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
    14:38:18.0887 2376 HTTP - ok
    14:38:18.0918 2376 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
    14:38:18.0918 2376 hwpolicy - ok
    14:38:18.0980 2376 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
    14:38:18.0980 2376 i8042prt - ok
    14:38:19.0012 2376 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
    14:38:19.0027 2376 iaStorV - ok
    14:38:19.0105 2376 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
    14:38:19.0136 2376 idsvc - ok
    14:38:19.0183 2376 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
    14:38:19.0199 2376 iirsp - ok
    14:38:19.0246 2376 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
    14:38:19.0308 2376 IKEEXT - ok
    14:38:19.0370 2376 [ 3C4B4EE54FEBB09F7E9F58776DE96DCA ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
    14:38:19.0402 2376 IntcAzAudAddService - ok
    14:38:19.0433 2376 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
    14:38:19.0448 2376 intelide - ok
    14:38:19.0511 2376 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
    14:38:19.0542 2376 intelppm - ok
    14:38:19.0558 2376 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
    14:38:19.0604 2376 IPBusEnum - ok
    14:38:19.0636 2376 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
    14:38:19.0682 2376 IpFilterDriver - ok
    14:38:19.0714 2376 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
    14:38:19.0745 2376 iphlpsvc - ok
    14:38:19.0776 2376 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
    14:38:19.0823 2376 IPMIDRV - ok
    14:38:19.0854 2376 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
    14:38:19.0916 2376 IPNAT - ok
    14:38:19.0963 2376 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
    14:38:19.0994 2376 iPod Service - ok
    14:38:19.0994 2376 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
    14:38:20.0041 2376 IRENUM - ok
    14:38:20.0072 2376 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
    14:38:20.0088 2376 isapnp - ok
    14:38:20.0104 2376 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
    14:38:20.0119 2376 iScsiPrt - ok
    14:38:20.0166 2376 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
    14:38:20.0182 2376 kbdclass - ok
    14:38:20.0197 2376 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
    14:38:20.0213 2376 kbdhid - ok
    14:38:20.0213 2376 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
    14:38:20.0228 2376 KeyIso - ok
    14:38:20.0275 2376 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
    14:38:20.0275 2376 KSecDD - ok
    14:38:20.0306 2376 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
    14:38:20.0306 2376 KSecPkg - ok
    14:38:20.0353 2376 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
    14:38:20.0384 2376 ksthunk - ok
    14:38:20.0431 2376 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
    14:38:20.0494 2376 KtmRm - ok
    14:38:20.0509 2376 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
    14:38:20.0556 2376 LanmanServer - ok
    14:38:20.0572 2376 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
    14:38:20.0634 2376 LanmanWorkstation - ok
    14:38:20.0665 2376 [ 0EE66BDF485C6828AA65C0EF5D591133 ] LightScribeService c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
    14:38:20.0681 2376 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
    14:38:20.0681 2376 LightScribeService - detected UnsignedFile.Multi.Generic (1)
    14:38:20.0712 2376 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
    14:38:20.0743 2376 lltdio - ok
    14:38:20.0790 2376 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
    14:38:20.0821 2376 lltdsvc - ok
    14:38:20.0852 2376 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
    14:38:20.0884 2376 lmhosts - ok
    14:38:20.0946 2376 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
    14:38:20.0962 2376 LSI_FC - ok
    14:38:20.0977 2376 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
    14:38:20.0977 2376 LSI_SAS - ok
    14:38:21.0008 2376 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
    14:38:21.0008 2376 LSI_SAS2 - ok
    14:38:21.0024 2376 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
    14:38:21.0024 2376 LSI_SCSI - ok
    14:38:21.0055 2376 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
    14:38:21.0086 2376 luafv - ok
    14:38:21.0118 2376 [ 024DA28053D57E9E32BEE52600576BBB ] MarvinBus C:\Windows\system32\DRIVERS\MarvinBus64.sys
    14:38:21.0164 2376 MarvinBus - ok
    14:38:21.0258 2376 [ 1104A3A552D1D249A6AB5ACCBDEFB5EF ] McAfee SiteAdvisor Service c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe
    14:38:21.0274 2376 McAfee SiteAdvisor Service - ok
    14:38:21.0320 2376 [ 74CAB26399A9084373F16E496BB494AB ] McAfeeEngineService C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\engineserver.exe
    14:38:21.0336 2376 McAfeeEngineService - ok
    14:38:21.0367 2376 [ E4A5AFC29D1CE0C1C6769B19839CE3A3 ] McAfeeFramework C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
    14:38:21.0367 2376 McAfeeFramework - ok
    14:38:21.0398 2376 [ 389BC447DF363450A78845D35DBA0047 ] McMPFSvc C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
    14:38:21.0414 2376 McMPFSvc - ok
    14:38:21.0414 2376 [ 389BC447DF363450A78845D35DBA0047 ] McNaiAnn C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
    14:38:21.0430 2376 McNaiAnn - ok
    14:38:21.0476 2376 [ 93432FAEA699F7A2B4F4AC5949D0B6AB ] McODS C:\Program Files\McAfee\VirusScan\mcods.exe
    14:38:21.0492 2376 McODS - ok
    14:38:21.0523 2376 [ 389BC447DF363450A78845D35DBA0047 ] mcpltsvc C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
    14:38:21.0523 2376 mcpltsvc - ok
    14:38:21.0539 2376 [ 389BC447DF363450A78845D35DBA0047 ] McProxy C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
    14:38:21.0554 2376 McProxy - ok
    14:38:21.0601 2376 [ D0885CA52ACD97E0C93A565BDD2270D9 ] McPvDrv C:\Windows\system32\drivers\McPvDrv.sys
    14:38:21.0601 2376 McPvDrv - ok
    14:38:21.0632 2376 [ 6346EF11804B8F15154245184F8E1BDC ] McShield C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\mcshield.exe
    14:38:21.0632 2376 McShield - ok
    14:38:21.0648 2376 [ 8F8A3C08AE97C2942C58E3C0976E7E92 ] McTaskManager C:\Program Files (x86)\McAfee\VirusScan Enterprise\vstskmgr.exe
    14:38:21.0664 2376 McTaskManager - ok
    14:38:21.0710 2376 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
    14:38:21.0757 2376 Mcx2Svc - ok
    14:38:21.0820 2376 [ 7CF1B716372B89568AE4C0FE769F5869 ] MDM C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
    14:38:21.0820 2376 MDM ( UnsignedFile.Multi.Generic ) - warning
    14:38:21.0820 2376 MDM - detected UnsignedFile.Multi.Generic (1)
    14:38:21.0851 2376 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
    14:38:21.0866 2376 megasas - ok
    14:38:21.0913 2376 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
    14:38:21.0929 2376 MegaSR - ok
    14:38:21.0976 2376 [ 2D53234C24B0103FDE0BE06782AA6F80 ] mfeapfk C:\Windows\system32\drivers\mfeapfk.sys
    14:38:21.0976 2376 mfeapfk - ok
    14:38:22.0007 2376 [ C0EAF4F2367C44157E1DE4817238FEC2 ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys
    14:38:22.0022 2376 mfeavfk - ok
    14:38:22.0069 2376 [ 38D1F23EE031B615A8CA51DD1E523579 ] mfecore C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
    14:38:22.0085 2376 mfecore - ok
    14:38:22.0132 2376 [ 05248F2E6E1AFA6972D058C36199DEB7 ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
    14:38:22.0147 2376 mfefire - ok
    14:38:22.0178 2376 [ 6856931F9F5B757E9D09369CC35096B9 ] mfefirek C:\Windows\system32\drivers\mfefirek.sys
    14:38:22.0194 2376 mfefirek - ok
    14:38:22.0241 2376 [ 62E4C929A4DB48616B1B90143B48C948 ] mfehidk C:\Windows\system32\drivers\mfehidk.sys
    14:38:22.0256 2376 mfehidk - ok
    14:38:22.0288 2376 mfehidk01 - ok
    14:38:22.0319 2376 [ 9C9FC3770BD600B2D761D666234C244D ] mfencbdc C:\Windows\system32\DRIVERS\mfencbdc.sys
    14:38:22.0319 2376 mfencbdc - ok
    14:38:22.0381 2376 [ 93241CC8509B622B47EEA1B8505CF511 ] mfencrk C:\Windows\system32\DRIVERS\mfencrk.sys
    14:38:22.0397 2376 mfencrk - ok
    14:38:22.0444 2376 [ B000720E19EF733F938A6269D630F5DD ] mferkdet C:\Windows\system32\drivers\mferkdet.sys
    14:38:22.0459 2376 mferkdet - ok
    14:38:22.0475 2376 [ 8CDCC0CABD7329284C1B8A139A5C52FD ] mfetdik C:\Windows\system32\drivers\mfetdik.sys
    14:38:22.0475 2376 mfetdik - ok
    14:38:22.0522 2376 [ DC5483CAD90D95D65B618E35C66E28DF ] mfevtp C:\Windows\system32\mfevtps.exe
    14:38:22.0537 2376 mfevtp - ok
    14:38:22.0553 2376 [ E18162EA85F1531964F8222CC9E25E26 ] mfewfpk C:\Windows\system32\drivers\mfewfpk.sys
    14:38:22.0553 2376 mfewfpk - ok
    14:38:22.0631 2376 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
    14:38:22.0631 2376 Microsoft Office Groove Audit Service - ok
    14:38:22.0678 2376 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
    14:38:22.0709 2376 MMCSS - ok
    14:38:22.0756 2376 [ 8CC001C65C31633171991FA72A551D43 ] MOBKbackup C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe
    14:38:22.0756 2376 MOBKbackup - ok
    14:38:22.0787 2376 [ 3800C23D0D90C59AAFCDEFDC82B5C4AF ] MOBKFilter C:\Windows\system32\DRIVERS\MOBK.sys
    14:38:22.0802 2376 MOBKFilter - ok
    14:38:22.0834 2376 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
    14:38:22.0880 2376 Modem - ok
    14:38:22.0896 2376 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
    14:38:22.0927 2376 monitor - ok
    14:38:22.0943 2376 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
    14:38:22.0943 2376 mouclass - ok
    14:38:22.0974 2376 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
    14:38:22.0990 2376 mouhid - ok
    14:38:23.0021 2376 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
    14:38:23.0021 2376 mountmgr - ok
    14:38:23.0068 2376 [ 51A84B690DF519DCF656F780243D953E ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
    14:38:23.0083 2376 MozillaMaintenance - ok
    14:38:23.0146 2376 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
    14:38:23.0146 2376 mpio - ok
    14:38:23.0177 2376 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
    14:38:23.0208 2376 mpsdrv - ok
    14:38:23.0239 2376 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
    14:38:23.0286 2376 MpsSvc - ok
    14:38:23.0302 2376 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
    14:38:23.0333 2376 MRxDAV - ok
    14:38:23.0348 2376 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
    14:38:23.0395 2376 mrxsmb - ok
    14:38:23.0426 2376 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
    14:38:23.0442 2376 mrxsmb10 - ok
    14:38:23.0458 2376 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
    14:38:23.0473 2376 mrxsmb20 - ok
    14:38:23.0520 2376 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
    14:38:23.0520 2376 msahci - ok
    14:38:23.0582 2376 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
    14:38:23.0598 2376 msdsm - ok
    14:38:23.0660 2376 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
    14:38:23.0692 2376 MSDTC - ok
    14:38:23.0723 2376 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
    14:38:23.0754 2376 Msfs - ok
    14:38:23.0770 2376 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
    14:38:23.0801 2376 mshidkmdf - ok
    14:38:23.0816 2376 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
    14:38:23.0816 2376 msisadrv - ok
    14:38:23.0879 2376 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
    14:38:23.0941 2376 MSiSCSI - ok
    14:38:23.0941 2376 msiserver - ok
    14:38:23.0957 2376 [ 389BC447DF363450A78845D35DBA0047 ] MSK80Service C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
    14:38:23.0957 2376 MSK80Service - ok
    14:38:24.0004 2376 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
    14:38:24.0066 2376 MSKSSRV - ok
    14:38:24.0082 2376 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
    14:38:24.0144 2376 MSPCLOCK - ok
    14:38:24.0144 2376 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
    14:38:24.0191 2376 MSPQM - ok
    14:38:24.0222 2376 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
    14:38:24.0238 2376 MsRPC - ok
    14:38:24.0253 2376 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
    14:38:24.0269 2376 mssmbios - ok
    14:38:24.0269 2376 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
    14:38:24.0300 2376 MSTEE - ok
    14:38:24.0331 2376 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
    14:38:24.0378 2376 MTConfig - ok
    14:38:24.0409 2376 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
    14:38:24.0425 2376 Mup - ok
    14:38:24.0440 2376 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
    14:38:24.0487 2376 napagent - ok
    14:38:24.0534 2376 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
    14:38:24.0565 2376 NativeWifiP - ok
    14:38:24.0628 2376 [ E4534BCCDD1EA7A7A256BB9D6688A5FC ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe
    14:38:24.0643 2376 NAUpdate - ok
    14:38:24.0690 2376 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
    14:38:24.0706 2376 NDIS - ok
    14:38:24.0737 2376 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
    14:38:24.0799 2376 NdisCap - ok
    14:38:24.0830 2376 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
    14:38:24.0862 2376 NdisTapi - ok
    14:38:24.0893 2376 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
    14:38:24.0940 2376 Ndisuio - ok
    14:38:24.0971 2376 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
    14:38:25.0002 2376 NdisWan - ok
    14:38:25.0033 2376 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
    14:38:25.0049 2376 NDProxy - ok
    14:38:25.0080 2376 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
    14:38:25.0111 2376 NetBIOS - ok
    14:38:25.0127 2376 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
    14:38:25.0158 2376 NetBT - ok
    14:38:25.0174 2376 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
    14:38:25.0189 2376 Netlogon - ok
    14:38:25.0220 2376 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
    14:38:25.0267 2376 Netman - ok
    14:38:25.0314 2376 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    14:38:25.0376 2376 NetMsmqActivator - ok
    14:38:25.0423 2376 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    14:38:25.0423 2376 NetPipeActivator - ok
    14:38:25.0439 2376 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
    14:38:25.0486 2376 netprofm - ok
    14:38:25.0501 2376 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    14:38:25.0501 2376 NetTcpActivator - ok
    14:38:25.0517 2376 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    14:38:25.0517 2376 NetTcpPortSharing - ok
    14:38:25.0564 2376 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
    14:38:25.0564 2376 nfrd960 - ok
    14:38:25.0610 2376 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
    14:38:25.0626 2376 NlaSvc - ok
    14:38:25.0642 2376 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
    14:38:25.0673 2376 Npfs - ok
    14:38:25.0704 2376 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
    14:38:25.0735 2376 nsi - ok
    14:38:25.0751 2376 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
    14:38:25.0782 2376 nsiproxy - ok
    14:38:25.0829 2376 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
    14:38:25.0860 2376 Ntfs - ok
    14:38:25.0876 2376 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
    14:38:25.0922 2376 Null - ok
    14:38:25.0954 2376 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
    14:38:25.0969 2376 nvraid - ok
    14:38:25.0969 2376 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
    14:38:25.0985 2376 nvstor - ok
    14:38:26.0047 2376 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
    14:38:26.0063 2376 nv_agp - ok
    14:38:26.0156 2376 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
    14:38:26.0172 2376 odserv - ok
    14:38:26.0188 2376 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
    14:38:26.0203 2376 ohci1394 - ok
    14:38:26.0266 2376 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
    14:38:26.0281 2376 ose - ok
    14:38:26.0328 2376 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
    14:38:26.0359 2376 p2pimsvc - ok
    14:38:26.0375 2376 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
    14:38:26.0390 2376 p2psvc - ok
    14:38:26.0437 2376 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
    14:38:26.0437 2376 Parport - ok
    14:38:26.0484 2376 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
    14:38:26.0484 2376 partmgr - ok
    14:38:26.0500 2376 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
    14:38:26.0515 2376 PcaSvc - ok
    14:38:26.0546 2376 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
    14:38:26.0562 2376 pci - ok
    14:38:26.0593 2376 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
    14:38:26.0609 2376 pciide - ok
    14:38:26.0624 2376 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
    14:38:26.0640 2376 pcmcia - ok
    14:38:26.0687 2376 [ AF7CE12C4F3DC8CB2B07685C916BBCFE ] pcouffin C:\Windows\system32\Drivers\pcouffin.sys
    14:38:26.0734 2376 pcouffin - ok
    14:38:26.0765 2376 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
    14:38:26.0780 2376 pcw - ok
    14:38:26.0812 2376 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
    14:38:26.0843 2376 PEAUTH - ok
    14:38:26.0890 2376 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
    14:38:26.0921 2376 PerfHost - ok
    14:38:26.0983 2376 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
    14:38:27.0030 2376 pla - ok
    14:38:27.0061 2376 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
    14:38:27.0092 2376 PlugPlay - ok
    14:38:27.0124 2376 [ FE74BA87CDAA80AC9261F49167F0608A ] pneteth C:\Windows\system32\DRIVERS\pneteth.sys
    14:38:27.0155 2376 pneteth - ok
    14:38:27.0202 2376 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
    14:38:27.0217 2376 PNRPAutoReg - ok
    14:38:27.0280 2376 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
    14:38:27.0280 2376 PNRPsvc - ok
    14:38:27.0311 2376 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
    14:38:27.0358 2376 PolicyAgent - ok
    14:38:27.0373 2376 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
    14:38:27.0420 2376 Power - ok
    14:38:27.0451 2376 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
    14:38:27.0482 2376 PptpMiniport - ok
    14:38:27.0514 2376 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
    14:38:27.0545 2376 Processor - ok
    14:38:27.0592 2376 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
    14:38:27.0607 2376 ProfSvc - ok
    14:38:27.0623 2376 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
    14:38:27.0623 2376 ProtectedStorage - ok
    14:38:27.0654 2376 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
    14:38:27.0685 2376 Psched - ok
    14:38:27.0732 2376 [ FB46E9A827A8799EBD7BFA9128C91F37 ] PSI C:\Windows\system32\DRIVERS\psi_mf.sys
    14:38:27.0748 2376 PSI - ok
    14:38:27.0810 2376 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
    14:38:27.0841 2376 ql2300 - ok
    14:38:27.0857 2376 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
    14:38:27.0872 2376 ql40xx - ok
    14:38:27.0919 2376 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
    14:38:27.0935 2376 QWAVE - ok
    14:38:27.0950 2376 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
    14:38:27.0982 2376 QWAVEdrv - ok
    14:38:28.0013 2376 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
    14:38:28.0060 2376 RasAcd - ok
    14:38:28.0091 2376 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
    14:38:28.0122 2376 RasAgileVpn - ok
    14:38:28.0138 2376 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
    14:38:28.0169 2376 RasAuto - ok
    14:38:28.0184 2376 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
    14:38:28.0231 2376 Rasl2tp - ok
    14:38:28.0247 2376 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
    14:38:28.0278 2376 RasMan - ok
    14:38:28.0294 2376 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
    14:38:28.0340 2376 RasPppoe - ok
    14:38:28.0356 2376 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
    14:38:28.0387 2376 RasSstp - ok
    14:38:28.0418 2376 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
    14:38:28.0450 2376 rdbss - ok
    14:38:28.0465 2376 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
    14:38:28.0512 2376 rdpbus - ok
    14:38:28.0528 2376 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
    14:38:28.0559 2376 RDPCDD - ok
    14:38:28.0590 2376 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
    14:38:28.0621 2376 RDPENCDD - ok
    14:38:28.0637 2376 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
    14:38:28.0668 2376 RDPREFMP - ok
    14:38:28.0715 2376 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
    14:38:28.0762 2376 RDPWD - ok
    14:38:28.0777 2376 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
    14:38:28.0793 2376 rdyboost - ok
    14:38:28.0808 2376 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
    14:38:28.0855 2376 RemoteAccess - ok
    14:38:28.0871 2376 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
    14:38:28.0902 2376 RemoteRegistry - ok
    14:38:28.0918 2376 RimUsb - ok
    14:38:28.0964 2376 [ C903D49655B4AAE46673F0AAA6BE0F58 ] RimVSerPort C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
    14:38:28.0996 2376 RimVSerPort - ok
    14:38:29.0027 2376 [ 388D3DD1A6457280F3BADBA9F3ACD6B1 ] ROOTMODEM C:\Windows\system32\Drivers\RootMdm.sys
    14:38:29.0089 2376 ROOTMODEM - ok
    14:38:29.0105 2376 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
    14:38:29.0136 2376 RpcEptMapper - ok
    14:38:29.0183 2376 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
    14:38:29.0198 2376 RpcLocator - ok
    14:38:29.0230 2376 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
    14:38:29.0261 2376 RpcSs - ok
    14:38:29.0276 2376 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
    14:38:29.0308 2376 rspndr - ok
    14:38:29.0354 2376 [ 3B01789EE4EAEE97F5EB46B711387D5E ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
    14:38:29.0401 2376 RTL8167 - ok
    14:38:29.0432 2376 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
    14:38:29.0432 2376 SamSs - ok
    14:38:29.0464 2376 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
    14:38:29.0479 2376 sbp2port - ok
    14:38:29.0510 2376 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
    14:38:29.0542 2376 SCardSvr - ok
    14:38:29.0620 2376 [ E25632DF954CE70928946BB36F829CF4 ] SCDEmu C:\Windows\system32\drivers\SCDEmu.sys
    14:38:29.0620 2376 SCDEmu - ok
    14:38:29.0682 2376 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
    14:38:29.0713 2376 scfilter - ok
    14:38:29.0744 2376 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
    14:38:29.0791 2376 Schedule - ok
    14:38:29.0807 2376 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
    14:38:29.0838 2376 SCPolicySvc - ok
    14:38:29.0854 2376 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
    14:38:29.0885 2376 SDRSVC - ok
    14:38:29.0916 2376 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
    14:38:29.0947 2376 secdrv - ok
    14:38:29.0978 2376 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
    14:38:30.0010 2376 seclogon - ok
    14:38:30.0197 2376 [ 306F9390976E41063D21AB9AB6D48122 ] Secunia PSI Agent C:\Program Files (x86)\Secunia\PSI\PSIA.exe
    14:38:30.0212 2376 Secunia PSI Agent - ok
    14:38:30.0322 2376 [ 29C852880E9634F8C6BD77A4E68B5B34 ] Secunia Update Agent C:\Program Files (x86)\Secunia\PSI\sua.exe
    14:38:30.0337 2376 Secunia Update Agent - ok
    14:38:30.0353 2376 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
    14:38:30.0384 2376 SENS - ok
    14:38:30.0415 2376 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
    14:38:30.0431 2376 SensrSvc - ok
    14:38:30.0493 2376 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
    14:38:30.0524 2376 Serenum - ok
    14:38:30.0556 2376 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
    14:38:30.0587 2376 Serial - ok
    14:38:30.0618 2376 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
    14:38:30.0649 2376 sermouse - ok
    14:38:30.0680 2376 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
    14:38:30.0712 2376 SessionEnv - ok
    14:38:30.0743 2376 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
    14:38:30.0790 2376 sffdisk - ok
    14:38:30.0790 2376 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
    14:38:30.0821 2376 sffp_mmc - ok
    14:38:30.0836 2376 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
    14:38:30.0852 2376 sffp_sd - ok
    14:38:30.0883 2376 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
    14:38:30.0899 2376 sfloppy - ok
    14:38:30.0930 2376 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
    14:38:30.0977 2376 SharedAccess - ok
    14:38:30.0992 2376 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
    14:38:31.0039 2376 ShellHWDetection - ok
    14:38:31.0055 2376 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
    14:38:31.0070 2376 SiSRaid2 - ok
    14:38:31.0102 2376 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
    14:38:31.0117 2376 SiSRaid4 - ok
    14:38:31.0164 2376 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
    14:38:31.0195 2376 Smb - ok
    14:38:31.0258 2376 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
    14:38:31.0273 2376 SNMPTRAP - ok
    14:38:31.0289 2376 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
    14:38:31.0304 2376 spldr - ok
    14:38:31.0351 2376 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
    14:38:31.0367 2376 Spooler - ok
    14:38:31.0429 2376 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
    14:38:31.0523 2376 sppsvc - ok
    14:38:31.0538 2376 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
    14:38:31.0585 2376 sppuinotify - ok
    14:38:31.0616 2376 [ 602884696850C86434530790B110E8EB ] sptd C:\Windows\system32\Drivers\sptd.sys
    14:38:31.0632 2376 sptd - ok
    14:38:31.0663 2376 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
    14:38:31.0710 2376 srv - ok
    14:38:31.0741 2376 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
    14:38:31.0757 2376 srv2 - ok
    14:38:31.0772 2376 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
    14:38:31.0788 2376 srvnet - ok
    14:38:31.0819 2376 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
    14:38:31.0866 2376 SSDPSRV - ok
    14:38:31.0866 2376 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
    14:38:31.0897 2376 SstpSvc - ok
    14:38:31.0960 2376 [ E5C796B621F6FBA8616511063D7F0FFE ] StarWindServiceAE C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
    14:38:31.0975 2376 StarWindServiceAE ( UnsignedFile.Multi.Generic ) - warning
    14:38:31.0975 2376 StarWindServiceAE - detected UnsignedFile.Multi.Generic (1)
    14:38:32.0006 2376 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
    14:38:32.0022 2376 stexstor - ok
    14:38:32.0069 2376 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
    14:38:32.0100 2376 stisvc - ok
    14:38:32.0116 2376 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
    14:38:32.0131 2376 swenum - ok
    14:38:32.0162 2376 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
    14:38:32.0194 2376 swprv - ok
    14:38:32.0240 2376 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
    14:38:32.0287 2376 SysMain - ok
    14:38:32.0303 2376 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
    14:38:32.0318 2376 TabletInputService - ok
    14:38:32.0350 2376 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
    14:38:32.0381 2376 TapiSrv - ok
    14:38:32.0396 2376 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
    14:38:32.0428 2376 TBS - ok
    14:38:32.0490 2376 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
    14:38:32.0537 2376 Tcpip - ok
    14:38:32.0552 2376 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
    14:38:32.0584 2376 TCPIP6 - ok
    14:38:32.0615 2376 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
    14:38:32.0615 2376 tcpipreg - ok
    14:38:32.0677 2376 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
    14:38:32.0724 2376 TDPIPE - ok
    14:38:32.0755 2376 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
    14:38:32.0786 2376 TDTCP - ok
    14:38:32.0818 2376 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
    14:38:32.0849 2376 tdx - ok
    14:38:32.0864 2376 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
    14:38:32.0880 2376 TermDD - ok
    14:38:32.0911 2376 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
    14:38:32.0942 2376 TermService - ok
    14:38:32.0958 2376 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
    14:38:32.0989 2376 Themes - ok
    14:38:33.0005 2376 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
    14:38:33.0036 2376 THREADORDER - ok
    14:38:33.0052 2376 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
    14:38:33.0098 2376 TrkWks - ok
    14:38:33.0130 2376 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
    14:38:33.0161 2376 TrustedInstaller - ok
    14:38:33.0192 2376 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
    14:38:33.0223 2376 tssecsrv - ok
    14:38:33.0254 2376 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
    14:38:33.0317 2376 TsUsbFlt - ok
    14:38:33.0348 2376 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
    14:38:33.0379 2376 tunnel - ok
    14:38:33.0426 2376 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
    14:38:33.0426 2376 uagp35 - ok
    14:38:33.0488 2376 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
    14:38:33.0520 2376 udfs - ok
    14:38:33.0551 2376 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
    14:38:33.0566 2376 UI0Detect - ok
    14:38:33.0613 2376 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
    14:38:33.0613 2376 uliagpkx - ok
    14:38:33.0660 2376 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
    14:38:33.0691 2376 umbus - ok
    14:38:33.0738 2376 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
    14:38:33.0769 2376 UmPass - ok
    14:38:33.0785 2376 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
    14:38:33.0816 2376 upnphost - ok
    14:38:33.0847 2376 [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
    14:38:33.0863 2376 USBAAPL64 - ok
    14:38:33.0894 2376 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
    14:38:33.0910 2376 usbccgp - ok
    14:38:33.0956 2376 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
    14:38:33.0956 2376 usbcir - ok
    14:38:33.0988 2376 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
    14:38:34.0003 2376 usbehci - ok
    14:38:34.0034 2376 [ 6648C6D7323A2CE0C4776C36CEFBCB14 ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys
    14:38:34.0034 2376 usbfilter - ok
    14:38:34.0066 2376 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
    14:38:34.0097 2376 usbhub - ok
    14:38:34.0112 2376 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
    14:38:34.0128 2376 usbohci - ok
    14:38:34.0175 2376 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
    14:38:34.0190 2376 usbprint - ok
    14:38:34.0222 2376 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
    14:38:34.0253 2376 usbscan - ok
    14:38:34.0268 2376 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
    14:38:34.0300 2376 USBSTOR - ok
    14:38:34.0346 2376 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
    14:38:34.0378 2376 usbuhci - ok
    14:38:34.0440 2376 [ 70D05EE263568A742D14E1876DF80532 ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
    14:38:34.0471 2376 usb_rndisx - ok
    14:38:34.0487 2376 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
    14:38:34.0534 2376 UxSms - ok
    14:38:34.0534 2376 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
    14:38:34.0549 2376 VaultSvc - ok
    14:38:34.0596 2376 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
    14:38:34.0596 2376 vdrvroot - ok
    14:38:34.0627 2376 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
    14:38:34.0658 2376 vds - ok
    14:38:34.0705 2376 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
    14:38:34.0721 2376 vga - ok
    14:38:34.0752 2376 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
    14:38:34.0783 2376 VgaSave - ok
    14:38:34.0814 2376 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
    14:38:34.0830 2376 vhdmp - ok
    14:38:34.0846 2376 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
    14:38:34.0861 2376 viaide - ok
    14:38:34.0892 2376 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
    14:38:34.0908 2376 volmgr - ok
    14:38:34.0924 2376 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
    14:38:34.0939 2376 volmgrx - ok
    14:38:34.0955 2376 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
    14:38:34.0970 2376 volsnap - ok
    14:38:35.0017 2376 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
    14:38:35.0033 2376 vsmraid - ok
    14:38:35.0095 2376 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
    14:38:35.0142 2376 VSS - ok
    14:38:35.0158 2376 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
    14:38:35.0173 2376 vwifibus - ok
    14:38:35.0204 2376 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
    14:38:35.0236 2376 W32Time - ok
    14:38:35.0298 2376 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
    14:38:35.0329 2376 WacomPen - ok
    14:38:35.0360 2376 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
    14:38:35.0392 2376 WANARP - ok
    14:38:35.0392 2376 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
    14:38:35.0423 2376 Wanarpv6 - ok
    14:38:35.0501 2376 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
    14:38:35.0532 2376 WatAdminSvc - ok
    14:38:35.0594 2376 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
    14:38:35.0626 2376 wbengine - ok
    14:38:35.0657 2376 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
    14:38:35.0672 2376 WbioSrvc - ok
    14:38:35.0704 2376 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
    14:38:35.0735 2376 wcncsvc - ok
    14:38:35.0750 2376 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
    14:38:35.0766 2376 WcsPlugInService - ok
    14:38:35.0828 2376 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
    14:38:35.0844 2376 Wd - ok
    14:38:35.0891 2376 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
    14:38:35.0906 2376 Wdf01000 - ok
    14:38:35.0938 2376 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
    14:38:36.0000 2376 WdiServiceHost - ok
    14:38:36.0000 2376 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
    14:38:36.0016 2376 WdiSystemHost - ok
    14:38:36.0031 2376 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
    14:38:36.0062 2376 WebClient - ok
    14:38:36.0078 2376 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
    14:38:36.0140 2376 Wecsvc - ok
    14:38:36.0172 2376 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
    14:38:36.0234 2376 wercplsupport - ok
    14:38:36.0265 2376 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
    14:38:36.0312 2376 WerSvc - ok
    14:38:36.0359 2376 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
    14:38:36.0374 2376 WfpLwf - ok
    14:38:36.0421 2376 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
    14:38:36.0437 2376 WIMMount - ok
    14:38:36.0437 2376 WinHttpAutoProxySvc - ok
    14:38:36.0562 2376 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
    14:38:36.0640 2376 Winmgmt - ok
    14:38:37.0123 2376 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
    14:38:37.0217 2376 WinRM - ok
    14:38:37.0373 2376 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
    14:38:37.0373 2376 WinUsb - ok
    14:38:37.0482 2376 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
    14:38:37.0544 2376 Wlansvc - ok
    14:38:37.0841 2376 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
    14:38:37.0856 2376 wlcrasvc - ok
    14:38:38.0512 2376 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    14:38:38.0543 2376 wlidsvc - ok
    14:38:38.0605 2376 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
    14:38:38.0652 2376 WmiAcpi - ok
    14:38:38.0714 2376 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
    14:38:38.0777 2376 wmiApSrv - ok
    14:38:38.0917 2376 WMPNetworkSvc - ok
    14:38:38.0948 2376 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
    14:38:38.0995 2376 WPCSvc - ok
    14:38:39.0089 2376 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
    14:38:39.0182 2376 WPDBusEnum - ok
    14:38:39.0245 2376 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
    14:38:39.0323 2376 ws2ifsl - ok
    14:38:39.0323 2376 WSearch - ok
    14:38:39.0494 2376 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
    14:38:39.0541 2376 wuauserv - ok
    14:38:39.0572 2376 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
    14:38:39.0635 2376 WudfPf - ok
    14:38:39.0682 2376 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
    14:38:39.0728 2376 WUDFRd - ok
    14:38:39.0822 2376 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
    14:38:40.0009 2376 wudfsvc - ok
    14:38:40.0134 2376 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
    14:38:40.0165 2376 WwanSvc - ok
    14:38:40.0571 2376 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
    14:38:40.0618 2376 YahooAUService - ok
    14:38:40.0649 2376 ================ Scan global ===============================
    14:38:40.0742 2376 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
    14:38:40.0836 2376 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
    14:38:40.0852 2376 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
    14:38:40.0867 2376 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
    14:38:41.0101 2376 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
    14:38:41.0101 2376 [Global] - ok
    14:38:41.0101 2376 ================ Scan MBR ==================================
    14:38:41.0148 2376 [ A8BF494386AD07CECBD7AF0225758F29 ] \Device\Harddisk0\DR0
    14:38:41.0990 2376 \Device\Harddisk0\DR0 - ok
    14:38:41.0990 2376 ================ Scan VBR ==================================
    14:38:42.0053 2376 [ 7FEB90399ECC372213CF3D1C672CEC57 ] \Device\Harddisk0\DR0\Partition1
    14:38:42.0084 2376 \Device\Harddisk0\DR0\Partition1 - ok
    14:38:42.0115 2376 [ 74679F30263186C42577027105206F9F ] \Device\Harddisk0\DR0\Partition2
    14:38:42.0146 2376 \Device\Harddisk0\DR0\Partition2 - ok
    14:38:42.0178 2376 [ 552470CADCA583BE2760C0B2FA60F0A4 ] \Device\Harddisk0\DR0\Partition3
    14:38:42.0193 2376 \Device\Harddisk0\DR0\Partition3 - ok
    14:38:42.0193 2376 ============================================================
    14:38:42.0209 2376 Scan finished
    14:38:42.0209 2376 ============================================================
    14:38:42.0209 2368 Detected object count: 8
    14:38:42.0209 2368 Actual detected object count: 8
    14:39:04.0252 2368 Adobe LM Service ( UnsignedFile.Multi.Generic ) - skipped by user
    14:39:04.0252 2368 Adobe LM Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
    14:39:04.0252 2368 AMD_RAIDXpert ( UnsignedFile.Multi.Generic ) - skipped by user
    14:39:04.0252 2368 AMD_RAIDXpert ( UnsignedFile.Multi.Generic ) - User select action: Skip
    14:39:04.0267 2368 FileZilla Server ( UnsignedFile.Multi.Generic ) - skipped by user
    14:39:04.0267 2368 FileZilla Server ( UnsignedFile.Multi.Generic ) - User select action: Skip
    14:39:04.0283 2368 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
    14:39:04.0283 2368 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
    14:39:04.0298 2368 HP Health Check Service ( UnsignedFile.Multi.Generic ) - skipped by user
    14:39:04.0298 2368 HP Health Check Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
    14:39:04.0314 2368 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
    14:39:04.0314 2368 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
    14:39:04.0330 2368 MDM ( UnsignedFile.Multi.Generic ) - skipped by user
    14:39:04.0330 2368 MDM ( UnsignedFile.Multi.Generic ) - User select action: Skip
    14:39:04.0345 2368 StarWindServiceAE ( UnsignedFile.Multi.Generic ) - skipped by user
    14:39:04.0345 2368 StarWindServiceAE ( UnsignedFile.Multi.Generic ) - User select action: Skip
     
  4. Mark1956

    Mark1956

    Joined:
    May 7, 2011
    Messages:
    14,142
    There is an indication in the logs that you have pirated software installed, please uninstall any software that is not legitimate. Please also uninstall uTorrent.

    Why did you run all the scans in Safe Mode?

    Please run the scans again in Normal Mode.

    As it has been a month since the DDS logs were produced please run DDS again and post the up to date logs.
     
  5. imagineverything

    imagineverything Thread Starter

    Joined:
    Dec 8, 2010
    Messages:
    14
    1 - with regard to Adobe / Alcoholsoft, do you think that is the cause? I don't see why I should uninstall uTorrent, as it is a legitimate piece of software. (please advise further)
    2 - The scans will not run in normal startup
    3 - The computer has been off since I first posted my DDS, so I am not sure it is necessary to re-post.
     
  6. Mark1956

    Mark1956

    Joined:
    May 7, 2011
    Messages:
    14,142
    Some helpers and some forums will not give any assistance for PC's that have illegal software installed or include a P2P client. Illegal software can include Malware so should be avoided at all cost and although uTorrent is harmless by itself using it to download files from unknown sources is a good way to get the PC infected. If you insist on keeping it DO NOT use it while we try to clean up the PC, that also applies to FileZilla. Please remove the illegal software so we can be sure they are not contributing to the problem. Cracks and Keygens used will most likely be removed with the scans we are going to run and the blocks in the Hosts file will be cleared, so the illegal software will most likely be disabled.

    As the scans do not run in Normal mode that is an indication the PC is infected and it is quite likely that your use of uTorrent and downloading illegal software has contributed.

    As the PC has not been used for the last month there is no need to do another run with DDS.

    Please uninstall all of the versions of Java you have installed, they are all out of date, which is a security threat, and the 64bit version is only required if you use the 64bit version of Internet Explorer. We will install the latest version after the clean up.

    Please follow this, you must try to run both scans in Normal Mode.

    Please download RKill
    There are three buttons to choose from with different names on, select the first one and save it to your desktop.


    • Double-click on the Rkill desktop icon to run the tool.
    • If using Vista or Windows 7, right-click on it and Run As Administrator.
    • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
    • A log pops up at the end of the run. This log file is located at C:\rkill.log. Please post this in your next reply.
    • If you do not see the black box flash on the screen delete the icon from the desktop and go back to the link for the download, select the next button and try to run the tool again, continue to repeat this process using the remaining buttons until the tool runs. You will find further links if you scroll down the page with other names, try them one at a time.
    • If the tool does not run from any of the links provided, please let me know.

    DO NOT reboot, run Malwarebytes, let it update and run a full scan. If it finds anything, fix it and post the resulting log. If it finds nothing, post that log instead. Malwarebytes instructions below.

    Please download Malwarebytes [​IMG] and save it to your desktop.

    • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.
    • Double-click on the renamed file to install, then follow these instructions for doing a Full Scan in normal mode.
    • Malwarebytes will automatically check for updates as soon as it is launched.
    • If you cannot update Malwarebytes or use the Internet to download any files to the infected computer, manually update the database by following the instructions in FAQ Section A: 4. Issues.


    Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

    • Double click on the Malwarebytes icon on your desktop to launch the program
    • Under the Scanner tab, make sure the Perform Full Scan option is selected.
    • Click on the Scan button.
    • When finished, a message box will say "The scan completed successfully. Click Show Results to display all objects found".
    • NOTE: If no detections are found a log will automatically open in Notepad, please copy and paste the log back here and close all windows, in this case you do not need to continue.
    • Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
    • Make sure that everything is checked and then click Remove Selected.
    • When removal is completed, a log report will open in Notepad.
    • The log is automatically saved and can be viewed by clicking the Logs tab.
    • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
    • Exit Malwarebytes when done.


    If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.


    Note: A 14-day trial of Malwarebytes Anti-Malware PRO is available as an option when first installing the free version so all users can test the real-time protection component for a period of two weeks. When the limited time period expires those features will be deactivated and locked. Enabling the Protection Module feature again requires registration and purchase of a license key that includes free lifetime upgrades and support. If you continue to use the free version, there is no requirement to buy a license...you can just use it as a stand-alone scanner.


    NOTE: Some types of malware will target Malwarebytes and other security tools to keep them from running properly. If that's the case, use Malwarebytes Chameleon and follow the onscreen instructions. The Chameleon folder can be accessed by opening the program folder for Malwarebytes Anti-Malware (normally C:\Program Files\Malwarebytes' Anti-Malware or C:\Program Files (x86)\Malwarebytes' Anti-Malware).
     
  7. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1089970

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice