Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Browser redirect problem


  • Please log in to reply
17 replies to this topic

#1 Andrus

Andrus

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:02:00 PM

Posted 01 August 2012 - 08:35 PM

When I search for something I click and it will take to some random pages.

I tried malware and avasti and vipre and nothing...

First malware cleaned up something but then it started again.

Any help is appreciated.

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:00 PM

Posted 01 August 2012 - 08:54 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 Andrus

Andrus
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:02:00 PM

Posted 01 August 2012 - 11:53 PM

Here you go.

22:54:04.0416 1444 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
22:54:04.0931 1444 ============================================================
22:54:04.0931 1444 Current date / time: 2012/08/01 22:54:04.0931
22:54:04.0931 1444 SystemInfo:
22:54:04.0931 1444
22:54:04.0931 1444 OS Version: 6.1.7601 ServicePack: 1.0
22:54:04.0931 1444 Product type: Workstation
22:54:04.0931 1444 ComputerName: ANTTI-PC
22:54:04.0931 1444 UserName: Antti
22:54:04.0931 1444 Windows directory: C:\windows
22:54:04.0931 1444 System windows directory: C:\windows
22:54:04.0931 1444 Running under WOW64
22:54:04.0931 1444 Processor architecture: Intel x64
22:54:04.0931 1444 Number of processors: 2
22:54:04.0931 1444 Page size: 0x1000
22:54:04.0931 1444 Boot type: Normal boot
22:54:04.0931 1444 ============================================================
22:54:06.0226 1444 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:54:06.0257 1444 ============================================================
22:54:06.0257 1444 \Device\Harddisk0\DR0:
22:54:06.0257 1444 MBR partitions:
22:54:06.0257 1444 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
22:54:06.0257 1444 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3712E000
22:54:06.0257 1444 ============================================================
22:54:06.0288 1444 C: <-> \Device\Harddisk0\DR0\Partition1
22:54:06.0288 1444 ============================================================
22:54:06.0288 1444 Initialize success
22:54:06.0288 1444 ============================================================
22:54:08.0300 1508 ============================================================
22:54:08.0300 1508 Scan started
22:54:08.0300 1508 Mode: Manual;
22:54:08.0300 1508 ============================================================
22:54:09.0970 1508 1394ohci (a87d604aea360176311474c87a63bb88) C:\windows\system32\drivers\1394ohci.sys
22:54:09.0985 1508 1394ohci - ok
22:54:10.0079 1508 ACDaemon (35f57598f0589feb3c3abc1621bf329f) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
22:54:10.0094 1508 ACDaemon - ok
22:54:10.0126 1508 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\windows\system32\drivers\ACPI.sys
22:54:10.0157 1508 ACPI - ok
22:54:10.0204 1508 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\windows\system32\drivers\acpipmi.sys
22:54:10.0219 1508 AcpiPmi - ok
22:54:10.0313 1508 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
22:54:10.0344 1508 AdobeARMservice - ok
22:54:10.0406 1508 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\windows\system32\DRIVERS\adp94xx.sys
22:54:10.0438 1508 adp94xx - ok
22:54:10.0469 1508 adpahci (597f78224ee9224ea1a13d6350ced962) C:\windows\system32\DRIVERS\adpahci.sys
22:54:10.0500 1508 adpahci - ok
22:54:10.0531 1508 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\windows\system32\DRIVERS\adpu320.sys
22:54:10.0547 1508 adpu320 - ok
22:54:10.0578 1508 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\windows\System32\aelupsvc.dll
22:54:10.0609 1508 AeLookupSvc - ok
22:54:10.0672 1508 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\windows\system32\drivers\afd.sys
22:54:10.0703 1508 AFD - ok
22:54:10.0750 1508 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\windows\system32\drivers\agp440.sys
22:54:10.0765 1508 agp440 - ok
22:54:10.0781 1508 ALG (3290d6946b5e30e70414990574883ddb) C:\windows\System32\alg.exe
22:54:10.0796 1508 ALG - ok
22:54:10.0828 1508 aliide (5812713a477a3ad7363c7438ca2ee038) C:\windows\system32\drivers\aliide.sys
22:54:10.0843 1508 aliide - ok
22:54:10.0890 1508 AMD External Events Utility (b4143cb1dd16ae73c6177c72f33450a6) C:\windows\system32\atiesrxx.exe
22:54:10.0890 1508 AMD External Events Utility - ok
22:54:10.0906 1508 amdide (1ff8b4431c353ce385c875f194924c0c) C:\windows\system32\drivers\amdide.sys
22:54:10.0937 1508 amdide - ok
22:54:10.0968 1508 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\windows\system32\DRIVERS\amdk8.sys
22:54:10.0984 1508 AmdK8 - ok
22:54:11.0311 1508 amdkmdag (d1d06810bf7e21f5763eb06cb7e7262b) C:\windows\system32\DRIVERS\atipmdag.sys
22:54:11.0420 1508 amdkmdag - ok
22:54:11.0514 1508 amdkmdap (6ba71d6616b56816e57394d77dd1bb6f) C:\windows\system32\DRIVERS\atikmpag.sys
22:54:11.0530 1508 amdkmdap - ok
22:54:11.0561 1508 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\windows\system32\DRIVERS\amdppm.sys
22:54:11.0592 1508 AmdPPM - ok
22:54:11.0639 1508 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\windows\system32\drivers\amdsata.sys
22:54:11.0670 1508 amdsata - ok
22:54:11.0686 1508 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\windows\system32\DRIVERS\amdsbs.sys
22:54:11.0701 1508 amdsbs - ok
22:54:11.0717 1508 amdxata (540daf1cea6094886d72126fd7c33048) C:\windows\system32\drivers\amdxata.sys
22:54:11.0732 1508 amdxata - ok
22:54:11.0795 1508 AppID (89a69c3f2f319b43379399547526d952) C:\windows\system32\drivers\appid.sys
22:54:11.0810 1508 AppID - ok
22:54:11.0842 1508 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\windows\System32\appidsvc.dll
22:54:11.0857 1508 AppIDSvc - ok
22:54:11.0888 1508 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\windows\System32\appinfo.dll
22:54:11.0904 1508 Appinfo - ok
22:54:12.0029 1508 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
22:54:12.0060 1508 Apple Mobile Device - ok
22:54:12.0107 1508 arc (c484f8ceb1717c540242531db7845c4e) C:\windows\system32\DRIVERS\arc.sys
22:54:12.0122 1508 arc - ok
22:54:12.0154 1508 arcsas (019af6924aefe7839f61c830227fe79c) C:\windows\system32\DRIVERS\arcsas.sys
22:54:12.0154 1508 arcsas - ok
22:54:12.0263 1508 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
22:54:12.0310 1508 aspnet_state - ok
22:54:12.0341 1508 aswFsBlk (df59b8e8df0bd2e0e303778a3806a17d) C:\windows\system32\drivers\aswFsBlk.sys
22:54:12.0388 1508 aswFsBlk - ok
22:54:12.0450 1508 aswMonFlt (f8e6ab4f876feff69250f2e0c29ef004) C:\windows\system32\drivers\aswMonFlt.sys
22:54:12.0466 1508 aswMonFlt - ok
22:54:12.0512 1508 aswRdr (aa92bc4bcba40ca3aa3ffd1be24f0c09) C:\windows\System32\Drivers\aswrdr2.sys
22:54:12.0544 1508 aswRdr - ok
22:54:12.0606 1508 aswSnx (f06e230e1e8ca9437a6474b7b551cd37) C:\windows\system32\drivers\aswSnx.sys
22:54:12.0653 1508 aswSnx - ok
22:54:12.0700 1508 aswSP (3610ca74a69e380424f0452dec5c1317) C:\windows\system32\drivers\aswSP.sys
22:54:12.0762 1508 aswSP - ok
22:54:12.0793 1508 aswTdi (87de3e31cb0091d22351349869324065) C:\windows\system32\drivers\aswTdi.sys
22:54:12.0824 1508 aswTdi - ok
22:54:12.0871 1508 AsyncMac (769765ce2cc62867468cea93969b2242) C:\windows\system32\DRIVERS\asyncmac.sys
22:54:12.0887 1508 AsyncMac - ok
22:54:12.0918 1508 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\windows\system32\drivers\atapi.sys
22:54:12.0918 1508 atapi - ok
22:54:12.0980 1508 AtiHdmiService (7e2f5a758f63f80f8b03f889b4e6b19f) C:\windows\system32\drivers\AtiHdmi.sys
22:54:12.0980 1508 AtiHdmiService - ok
22:54:13.0261 1508 atikmdag (d1d06810bf7e21f5763eb06cb7e7262b) C:\windows\system32\DRIVERS\atikmdag.sys
22:54:13.0355 1508 atikmdag - ok
22:54:13.0464 1508 AtiPcie (7c5d273e29dcc5505469b299c6f29163) C:\windows\system32\DRIVERS\AtiPcie.sys
22:54:13.0480 1508 AtiPcie - ok
22:54:13.0558 1508 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll
22:54:13.0558 1508 AudioEndpointBuilder - ok
22:54:13.0573 1508 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll
22:54:13.0573 1508 AudioSrv - ok
22:54:13.0714 1508 avast! Antivirus (2f7c0f3e39c45e0127fb78b2f18a41f3) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
22:54:13.0714 1508 avast! Antivirus - ok
22:54:13.0776 1508 AVGIDSDriver (1b2e9fcdc26dc7c81d4131430e2dc936) C:\windows\system32\DRIVERS\avgidsdrivera.sys
22:54:13.0792 1508 AVGIDSDriver - ok
22:54:13.0823 1508 AVGIDSFilter (0f293406f64b48d5d2f0d3a1117f3a83) C:\windows\system32\DRIVERS\avgidsfiltera.sys
22:54:13.0838 1508 AVGIDSFilter - ok
22:54:13.0854 1508 AVGIDSHA (cffc3a4a638f462e0561cb368b9a7a3a) C:\windows\system32\DRIVERS\avgidsha.sys
22:54:13.0885 1508 AVGIDSHA - ok
22:54:13.0916 1508 Avgldx64 (59955b4c288dd2a8b9fd2cd5158355c5) C:\windows\system32\DRIVERS\avgldx64.sys
22:54:13.0948 1508 Avgldx64 - ok
22:54:13.0963 1508 Avgmfx64 (a6aec362aae5e2dda7445e7690cb0f33) C:\windows\system32\DRIVERS\avgmfx64.sys
22:54:13.0979 1508 Avgmfx64 - ok
22:54:14.0026 1508 Avgrkx64 (645c7f0a0e39758a0024a9b1748273c0) C:\windows\system32\DRIVERS\avgrkx64.sys
22:54:14.0041 1508 Avgrkx64 - ok
22:54:14.0088 1508 Avgtdia (1bee674ad792b1c63bb0dac5fa724b23) C:\windows\system32\DRIVERS\avgtdia.sys
22:54:14.0104 1508 Avgtdia - ok
22:54:14.0150 1508 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\windows\System32\AxInstSV.dll
22:54:14.0166 1508 AxInstSV - ok
22:54:14.0244 1508 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\windows\system32\DRIVERS\bxvbda.sys
22:54:14.0275 1508 b06bdrv - ok
22:54:14.0322 1508 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\windows\system32\DRIVERS\b57nd60a.sys
22:54:14.0353 1508 b57nd60a - ok
22:54:14.0384 1508 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\windows\System32\bdesvc.dll
22:54:14.0416 1508 BDESVC - ok
22:54:14.0447 1508 Beep (16a47ce2decc9b099349a5f840654746) C:\windows\system32\drivers\Beep.sys
22:54:14.0462 1508 Beep - ok
22:54:14.0556 1508 BFE (82974d6a2fd19445cc5171fc378668a4) C:\windows\System32\bfe.dll
22:54:14.0572 1508 BFE - ok
22:54:14.0634 1508 BITS (1ea7969e3271cbc59e1730697dc74682) C:\windows\System32\qmgr.dll
22:54:14.0634 1508 BITS - ok
22:54:14.0712 1508 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\windows\system32\DRIVERS\blbdrive.sys
22:54:14.0728 1508 blbdrive - ok
22:54:14.0821 1508 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
22:54:14.0852 1508 Bonjour Service - ok
22:54:14.0884 1508 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\windows\system32\DRIVERS\bowser.sys
22:54:14.0915 1508 bowser - ok
22:54:14.0962 1508 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\windows\system32\DRIVERS\BrFiltLo.sys
22:54:14.0993 1508 BrFiltLo - ok
22:54:15.0008 1508 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\windows\system32\DRIVERS\BrFiltUp.sys
22:54:15.0024 1508 BrFiltUp - ok
22:54:15.0055 1508 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\windows\System32\browser.dll
22:54:15.0071 1508 Browser - ok
22:54:15.0102 1508 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\windows\System32\Drivers\Brserid.sys
22:54:15.0118 1508 Brserid - ok
22:54:15.0118 1508 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\windows\System32\Drivers\BrSerWdm.sys
22:54:15.0149 1508 BrSerWdm - ok
22:54:15.0164 1508 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\windows\System32\Drivers\BrUsbMdm.sys
22:54:15.0180 1508 BrUsbMdm - ok
22:54:15.0196 1508 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\windows\System32\Drivers\BrUsbSer.sys
22:54:15.0211 1508 BrUsbSer - ok
22:54:15.0227 1508 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\windows\system32\DRIVERS\bthmodem.sys
22:54:15.0227 1508 BTHMODEM - ok
22:54:15.0274 1508 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\windows\system32\bthserv.dll
22:54:15.0305 1508 bthserv - ok
22:54:15.0320 1508 cdfs (b8bd2bb284668c84865658c77574381a) C:\windows\system32\DRIVERS\cdfs.sys
22:54:15.0336 1508 cdfs - ok
22:54:15.0383 1508 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\windows\system32\drivers\cdrom.sys
22:54:15.0398 1508 cdrom - ok
22:54:15.0445 1508 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll
22:54:15.0461 1508 CertPropSvc - ok
22:54:15.0492 1508 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\windows\system32\DRIVERS\circlass.sys
22:54:15.0523 1508 circlass - ok
22:54:15.0554 1508 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\windows\system32\CLFS.sys
22:54:15.0554 1508 CLFS - ok
22:54:15.0601 1508 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:54:15.0617 1508 clr_optimization_v2.0.50727_32 - ok
22:54:15.0695 1508 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
22:54:15.0710 1508 clr_optimization_v2.0.50727_64 - ok
22:54:15.0788 1508 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:54:15.0866 1508 clr_optimization_v4.0.30319_32 - ok
22:54:15.0898 1508 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
22:54:15.0898 1508 clr_optimization_v4.0.30319_64 - ok
22:54:15.0929 1508 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\windows\system32\DRIVERS\CmBatt.sys
22:54:15.0944 1508 CmBatt - ok
22:54:15.0976 1508 cmdide (e19d3f095812725d88f9001985b94edd) C:\windows\system32\drivers\cmdide.sys
22:54:15.0991 1508 cmdide - ok
22:54:16.0054 1508 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\windows\system32\Drivers\cng.sys
22:54:16.0085 1508 CNG - ok
22:54:16.0100 1508 Compbatt (102de219c3f61415f964c88e9085ad14) C:\windows\system32\DRIVERS\compbatt.sys
22:54:16.0100 1508 Compbatt - ok
22:54:16.0132 1508 CompositeBus (03edb043586cceba243d689bdda370a8) C:\windows\system32\drivers\CompositeBus.sys
22:54:16.0132 1508 CompositeBus - ok
22:54:16.0147 1508 COMSysApp - ok
22:54:16.0147 1508 crcdisk (1c827878a998c18847245fe1f34ee597) C:\windows\system32\DRIVERS\crcdisk.sys
22:54:16.0163 1508 crcdisk - ok
22:54:16.0194 1508 CryptSvc (4f5414602e2544a4554d95517948b705) C:\windows\system32\cryptsvc.dll
22:54:16.0210 1508 CryptSvc - ok
22:54:16.0319 1508 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
22:54:16.0350 1508 cvhsvc - ok
22:54:16.0397 1508 dc3d (69d0a8f65f639d752e018f256bcd3de3) C:\windows\system32\DRIVERS\dc3d.sys
22:54:16.0444 1508 dc3d - ok
22:54:16.0537 1508 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll
22:54:16.0553 1508 DcomLaunch - ok
22:54:16.0584 1508 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\windows\System32\defragsvc.dll
22:54:16.0615 1508 defragsvc - ok
22:54:16.0646 1508 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\windows\system32\Drivers\dfsc.sys
22:54:16.0678 1508 DfsC - ok
22:54:16.0740 1508 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\windows\system32\dhcpcore.dll
22:54:16.0756 1508 Dhcp - ok
22:54:16.0771 1508 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\windows\system32\drivers\discache.sys
22:54:16.0787 1508 discache - ok
22:54:16.0818 1508 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\windows\system32\DRIVERS\disk.sys
22:54:16.0849 1508 Disk - ok
22:54:16.0896 1508 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\windows\System32\dnsrslvr.dll
22:54:16.0912 1508 Dnscache - ok
22:54:16.0958 1508 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\windows\System32\dot3svc.dll
22:54:16.0990 1508 dot3svc - ok
22:54:17.0021 1508 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\windows\system32\dps.dll
22:54:17.0036 1508 DPS - ok
22:54:17.0068 1508 drmkaud (9b19f34400d24df84c858a421c205754) C:\windows\system32\drivers\drmkaud.sys
22:54:17.0083 1508 drmkaud - ok
22:54:17.0146 1508 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\windows\System32\drivers\dxgkrnl.sys
22:54:17.0161 1508 DXGKrnl - ok
22:54:17.0192 1508 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\windows\System32\eapsvc.dll
22:54:17.0208 1508 EapHost - ok
22:54:17.0348 1508 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\windows\system32\DRIVERS\evbda.sys
22:54:17.0426 1508 ebdrv - ok
22:54:17.0536 1508 EFS (c118a82cd78818c29ab228366ebf81c3) C:\windows\System32\lsass.exe
22:54:17.0551 1508 EFS - ok
22:54:17.0614 1508 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\windows\ehome\ehRecvr.exe
22:54:17.0645 1508 ehRecvr - ok
22:54:17.0660 1508 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\windows\ehome\ehsched.exe
22:54:17.0692 1508 ehSched - ok
22:54:17.0770 1508 elxstor (0e5da5369a0fcaea12456dd852545184) C:\windows\system32\DRIVERS\elxstor.sys
22:54:17.0816 1508 elxstor - ok
22:54:17.0863 1508 ErrDev (34a3c54752046e79a126e15c51db409b) C:\windows\system32\drivers\errdev.sys
22:54:17.0879 1508 ErrDev - ok
22:54:17.0957 1508 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\windows\system32\es.dll
22:54:17.0957 1508 EventSystem - ok
22:54:18.0004 1508 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\windows\system32\drivers\exfat.sys
22:54:18.0050 1508 exfat - ok
22:54:18.0066 1508 fastfat (0adc83218b66a6db380c330836f3e36d) C:\windows\system32\drivers\fastfat.sys
22:54:18.0097 1508 fastfat - ok
22:54:18.0300 1508 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\windows\system32\fxssvc.exe
22:54:18.0316 1508 Fax - ok
22:54:18.0347 1508 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\windows\system32\DRIVERS\fdc.sys
22:54:18.0362 1508 fdc - ok
22:54:18.0409 1508 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\windows\system32\fdPHost.dll
22:54:18.0425 1508 fdPHost - ok
22:54:18.0456 1508 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\windows\system32\fdrespub.dll
22:54:18.0472 1508 FDResPub - ok
22:54:18.0487 1508 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\windows\system32\drivers\fileinfo.sys
22:54:18.0503 1508 FileInfo - ok
22:54:18.0534 1508 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\windows\system32\drivers\filetrace.sys
22:54:18.0550 1508 Filetrace - ok
22:54:18.0706 1508 FLEXnet Licensing Service (bb0667b0171b632b97ea759515476f07) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
22:54:18.0768 1508 FLEXnet Licensing Service - ok
22:54:18.0799 1508 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\windows\system32\DRIVERS\flpydisk.sys
22:54:18.0815 1508 flpydisk - ok
22:54:18.0862 1508 FltMgr (da6b67270fd9db3697b20fce94950741) C:\windows\system32\drivers\fltmgr.sys
22:54:18.0862 1508 FltMgr - ok
22:54:18.0940 1508 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\windows\system32\FntCache.dll
22:54:18.0955 1508 FontCache - ok
22:54:19.0033 1508 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:54:19.0064 1508 FontCache3.0.0.0 - ok
22:54:19.0096 1508 FsDepends (d43703496149971890703b4b1b723eac) C:\windows\system32\drivers\FsDepends.sys
22:54:19.0111 1508 FsDepends - ok
22:54:19.0174 1508 fssfltr (07da62c960ddccc2d35836aeab4fc578) C:\windows\system32\DRIVERS\fssfltr.sys
22:54:19.0205 1508 fssfltr - ok
22:54:19.0361 1508 fsssvc (28ddeeec44e988657b732cf404d504cb) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
22:54:19.0486 1508 fsssvc - ok
22:54:19.0579 1508 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\windows\system32\drivers\Fs_Rec.sys
22:54:19.0595 1508 Fs_Rec - ok
22:54:19.0642 1508 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\windows\system32\DRIVERS\fvevol.sys
22:54:19.0673 1508 fvevol - ok
22:54:19.0720 1508 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\windows\system32\DRIVERS\gagp30kx.sys
22:54:19.0751 1508 gagp30kx - ok
22:54:19.0798 1508 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\windows\system32\DRIVERS\GEARAspiWDM.sys
22:54:19.0813 1508 GEARAspiWDM - ok
22:54:19.0891 1508 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\windows\System32\gpsvc.dll
22:54:19.0922 1508 gpsvc - ok
22:54:20.0032 1508 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:54:20.0032 1508 gupdate - ok
22:54:20.0047 1508 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:54:20.0047 1508 gupdatem - ok
22:54:20.0110 1508 gusvc (c1b577b2169900f4cf7190c39f085794) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
22:54:20.0125 1508 gusvc - ok
22:54:20.0156 1508 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\windows\system32\drivers\hcw85cir.sys
22:54:20.0188 1508 hcw85cir - ok
22:54:20.0250 1508 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\windows\system32\drivers\HdAudio.sys
22:54:20.0281 1508 HdAudAddService - ok
22:54:20.0297 1508 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\windows\system32\drivers\HDAudBus.sys
22:54:20.0297 1508 HDAudBus - ok
22:54:20.0312 1508 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\windows\system32\DRIVERS\HidBatt.sys
22:54:20.0328 1508 HidBatt - ok
22:54:20.0344 1508 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\windows\system32\DRIVERS\hidbth.sys
22:54:20.0359 1508 HidBth - ok
22:54:20.0390 1508 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\windows\system32\DRIVERS\hidir.sys
22:54:20.0406 1508 HidIr - ok
22:54:20.0437 1508 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\windows\system32\hidserv.dll
22:54:20.0453 1508 hidserv - ok
22:54:20.0500 1508 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\windows\system32\DRIVERS\hidusb.sys
22:54:20.0531 1508 HidUsb - ok
22:54:20.0562 1508 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\windows\system32\kmsvc.dll
22:54:20.0562 1508 hkmsvc - ok
22:54:20.0609 1508 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\windows\system32\ListSvc.dll
22:54:20.0640 1508 HomeGroupListener - ok
22:54:20.0671 1508 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\windows\system32\provsvc.dll
22:54:20.0671 1508 HomeGroupProvider - ok
22:54:20.0718 1508 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\windows\system32\drivers\HpSAMD.sys
22:54:20.0734 1508 HpSAMD - ok
22:54:20.0796 1508 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\windows\system32\drivers\HTTP.sys
22:54:20.0843 1508 HTTP - ok
22:54:20.0874 1508 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\windows\system32\drivers\hwpolicy.sys
22:54:20.0890 1508 hwpolicy - ok
22:54:20.0952 1508 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\windows\system32\drivers\i8042prt.sys
22:54:20.0968 1508 i8042prt - ok
22:54:21.0014 1508 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\windows\system32\drivers\iaStorV.sys
22:54:21.0030 1508 iaStorV - ok
22:54:21.0170 1508 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
22:54:21.0202 1508 idsvc - ok
22:54:21.0498 1508 igfx (a87261ef1546325b559374f5689cf5bc) C:\windows\system32\DRIVERS\igdkmd64.sys
22:54:21.0623 1508 igfx - ok
22:54:21.0716 1508 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\windows\system32\DRIVERS\iirsp.sys
22:54:21.0732 1508 iirsp - ok
22:54:21.0794 1508 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\windows\System32\ikeext.dll
22:54:21.0826 1508 IKEEXT - ok
22:54:21.0950 1508 IntcAzAudAddService (e9befd8c6a1db3b544b61647dda35f62) C:\windows\system32\drivers\RTKVHD64.sys
22:54:21.0982 1508 IntcAzAudAddService - ok
22:54:22.0091 1508 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\windows\system32\drivers\intelide.sys
22:54:22.0106 1508 intelide - ok
22:54:22.0153 1508 intelppm (ada036632c664caa754079041cf1f8c1) C:\windows\system32\DRIVERS\intelppm.sys
22:54:22.0184 1508 intelppm - ok
22:54:22.0231 1508 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\windows\system32\ipbusenum.dll
22:54:22.0247 1508 IPBusEnum - ok
22:54:22.0294 1508 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\windows\system32\DRIVERS\ipfltdrv.sys
22:54:22.0309 1508 IpFilterDriver - ok
22:54:22.0356 1508 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\windows\System32\iphlpsvc.dll
22:54:22.0372 1508 iphlpsvc - ok
22:54:22.0403 1508 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\windows\system32\drivers\IPMIDrv.sys
22:54:22.0418 1508 IPMIDRV - ok
22:54:22.0450 1508 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\windows\system32\drivers\ipnat.sys
22:54:22.0465 1508 IPNAT - ok
22:54:22.0574 1508 iPod Service (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe
22:54:22.0621 1508 iPod Service - ok
22:54:22.0652 1508 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\windows\system32\drivers\irenum.sys
22:54:22.0668 1508 IRENUM - ok
22:54:22.0699 1508 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\windows\system32\drivers\isapnp.sys
22:54:22.0730 1508 isapnp - ok
22:54:22.0777 1508 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\windows\system32\drivers\msiscsi.sys
22:54:22.0793 1508 iScsiPrt - ok
22:54:22.0824 1508 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\windows\system32\DRIVERS\kbdclass.sys
22:54:22.0824 1508 kbdclass - ok
22:54:22.0855 1508 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\windows\system32\DRIVERS\kbdhid.sys
22:54:22.0871 1508 kbdhid - ok
22:54:22.0886 1508 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
22:54:22.0886 1508 KeyIso - ok
22:54:22.0918 1508 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\windows\system32\Drivers\ksecdd.sys
22:54:22.0949 1508 KSecDD - ok
22:54:23.0027 1508 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\windows\system32\Drivers\ksecpkg.sys
22:54:23.0042 1508 KSecPkg - ok
22:54:23.0105 1508 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\windows\system32\drivers\ksthunk.sys
22:54:23.0120 1508 ksthunk - ok
22:54:23.0167 1508 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\windows\system32\msdtckrm.dll
22:54:23.0183 1508 KtmRm - ok
22:54:23.0245 1508 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\windows\system32\srvsvc.dll
22:54:23.0261 1508 LanmanServer - ok
22:54:23.0308 1508 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\windows\System32\wkssvc.dll
22:54:23.0323 1508 LanmanWorkstation - ok
22:54:23.0339 1508 lltdio (1538831cf8ad2979a04c423779465827) C:\windows\system32\DRIVERS\lltdio.sys
22:54:23.0354 1508 lltdio - ok
22:54:23.0386 1508 lltdsvc (c1185803384ab3feed115f79f109427f) C:\windows\System32\lltdsvc.dll
22:54:23.0401 1508 lltdsvc - ok
22:54:23.0417 1508 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\windows\System32\lmhsvc.dll
22:54:23.0432 1508 lmhosts - ok
22:54:23.0464 1508 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\windows\system32\DRIVERS\lsi_fc.sys
22:54:23.0495 1508 LSI_FC - ok
22:54:23.0526 1508 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\windows\system32\DRIVERS\lsi_sas.sys
22:54:23.0542 1508 LSI_SAS - ok
22:54:23.0557 1508 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\windows\system32\DRIVERS\lsi_sas2.sys
22:54:23.0557 1508 LSI_SAS2 - ok
22:54:23.0573 1508 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\windows\system32\DRIVERS\lsi_scsi.sys
22:54:23.0604 1508 LSI_SCSI - ok
22:54:23.0635 1508 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\windows\system32\drivers\luafv.sys
22:54:23.0666 1508 luafv - ok
22:54:23.0729 1508 lxdxCATSCustConnectService (4208b958e35f0e596aa241efb664636b) C:\windows\system32\spool\DRIVERS\x64\3\\lxdxserv.exe
22:54:24.0041 1508 lxdxCATSCustConnectService - ok
22:54:24.0072 1508 lxdx_device - ok
22:54:24.0103 1508 MBAMProtector (dc8490812a3b72811ae534f423b4c206) C:\windows\system32\drivers\mbam.sys
22:54:24.0556 1508 MBAMProtector - ok
22:54:24.0649 1508 MBAMService (43683e970f008c93c9429ef428147a54) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
22:54:24.0665 1508 MBAMService - ok
22:54:24.0727 1508 McComponentHostService (f453d1e6d881e8f8717e20ccd4199e85) C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe
22:54:24.0758 1508 McComponentHostService - ok
22:54:24.0790 1508 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\windows\system32\Mcx2Svc.dll
22:54:24.0821 1508 Mcx2Svc - ok
22:54:24.0852 1508 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\windows\system32\DRIVERS\megasas.sys
22:54:24.0868 1508 megasas - ok
22:54:24.0899 1508 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\windows\system32\DRIVERS\MegaSR.sys
22:54:24.0914 1508 MegaSR - ok
22:54:24.0946 1508 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
22:54:24.0946 1508 MMCSS - ok
22:54:24.0977 1508 Modem (800ba92f7010378b09f9ed9270f07137) C:\windows\system32\drivers\modem.sys
22:54:24.0977 1508 Modem - ok
22:54:24.0992 1508 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\windows\system32\DRIVERS\monitor.sys
22:54:25.0008 1508 monitor - ok
22:54:25.0039 1508 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\windows\system32\DRIVERS\mouclass.sys
22:54:25.0055 1508 mouclass - ok
22:54:25.0086 1508 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\windows\system32\DRIVERS\mouhid.sys
22:54:25.0117 1508 mouhid - ok
22:54:25.0164 1508 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\windows\system32\drivers\mountmgr.sys
22:54:25.0195 1508 mountmgr - ok
22:54:25.0258 1508 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
22:54:25.0273 1508 MozillaMaintenance - ok
22:54:25.0320 1508 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\windows\system32\drivers\mpio.sys
22:54:25.0351 1508 mpio - ok
22:54:25.0367 1508 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\windows\system32\drivers\mpsdrv.sys
22:54:25.0398 1508 mpsdrv - ok
22:54:25.0476 1508 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\windows\system32\mpssvc.dll
22:54:25.0507 1508 MpsSvc - ok
22:54:25.0538 1508 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\windows\system32\drivers\mrxdav.sys
22:54:25.0554 1508 MRxDAV - ok
22:54:25.0585 1508 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\windows\system32\DRIVERS\mrxsmb.sys
22:54:25.0616 1508 mrxsmb - ok
22:54:25.0663 1508 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\windows\system32\DRIVERS\mrxsmb10.sys
22:54:25.0694 1508 mrxsmb10 - ok
22:54:25.0726 1508 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\windows\system32\DRIVERS\mrxsmb20.sys
22:54:25.0757 1508 mrxsmb20 - ok
22:54:25.0788 1508 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\windows\system32\drivers\msahci.sys
22:54:25.0804 1508 msahci - ok
22:54:25.0835 1508 msdsm (db801a638d011b9633829eb6f663c900) C:\windows\system32\drivers\msdsm.sys
22:54:25.0850 1508 msdsm - ok
22:54:25.0882 1508 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\windows\System32\msdtc.exe
22:54:25.0882 1508 MSDTC - ok
22:54:25.0913 1508 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\windows\system32\drivers\Msfs.sys
22:54:25.0928 1508 Msfs - ok
22:54:25.0944 1508 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\windows\System32\drivers\mshidkmdf.sys
22:54:25.0960 1508 mshidkmdf - ok
22:54:25.0991 1508 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\windows\system32\drivers\msisadrv.sys
22:54:25.0991 1508 msisadrv - ok
22:54:26.0006 1508 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\windows\system32\iscsiexe.dll
22:54:26.0022 1508 MSiSCSI - ok
22:54:26.0022 1508 msiserver - ok
22:54:26.0038 1508 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\windows\system32\drivers\MSKSSRV.sys
22:54:26.0053 1508 MSKSSRV - ok
22:54:26.0069 1508 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\windows\system32\drivers\MSPCLOCK.sys
22:54:26.0084 1508 MSPCLOCK - ok
22:54:26.0100 1508 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\windows\system32\drivers\MSPQM.sys
22:54:26.0116 1508 MSPQM - ok
22:54:26.0147 1508 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\windows\system32\drivers\MsRPC.sys
22:54:26.0178 1508 MsRPC - ok
22:54:26.0209 1508 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\windows\system32\drivers\mssmbios.sys
22:54:26.0225 1508 mssmbios - ok
22:54:26.0240 1508 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\windows\system32\drivers\MSTEE.sys
22:54:26.0240 1508 MSTEE - ok
22:54:26.0256 1508 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\windows\system32\DRIVERS\MTConfig.sys
22:54:26.0272 1508 MTConfig - ok
22:54:26.0287 1508 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\windows\system32\Drivers\mup.sys
22:54:26.0303 1508 Mup - ok
22:54:26.0365 1508 napagent (582ac6d9873e31dfa28a4547270862dd) C:\windows\system32\qagentRT.dll
22:54:26.0396 1508 napagent - ok
22:54:26.0428 1508 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\windows\system32\DRIVERS\nwifi.sys
22:54:26.0443 1508 NativeWifiP - ok
22:54:26.0506 1508 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\windows\system32\drivers\ndis.sys
22:54:26.0521 1508 NDIS - ok
22:54:26.0552 1508 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\windows\system32\DRIVERS\ndiscap.sys
22:54:26.0552 1508 NdisCap - ok
22:54:26.0584 1508 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\windows\system32\DRIVERS\ndistapi.sys
22:54:26.0584 1508 NdisTapi - ok
22:54:26.0615 1508 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\windows\system32\DRIVERS\ndisuio.sys
22:54:26.0615 1508 Ndisuio - ok
22:54:26.0646 1508 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\windows\system32\DRIVERS\ndiswan.sys
22:54:26.0677 1508 NdisWan - ok
22:54:26.0708 1508 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\windows\system32\drivers\NDProxy.sys
22:54:26.0724 1508 NDProxy - ok
22:54:26.0755 1508 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\windows\system32\DRIVERS\netbios.sys
22:54:26.0771 1508 NetBIOS - ok
22:54:26.0818 1508 NetBT (09594d1089c523423b32a4229263f068) C:\windows\system32\DRIVERS\netbt.sys
22:54:26.0849 1508 NetBT - ok
22:54:26.0896 1508 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
22:54:26.0896 1508 Netlogon - ok
22:54:26.0942 1508 Netman (847d3ae376c0817161a14a82c8922a9e) C:\windows\System32\netman.dll
22:54:26.0974 1508 Netman - ok
22:54:27.0098 1508 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:54:27.0130 1508 NetMsmqActivator - ok
22:54:27.0161 1508 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:54:27.0161 1508 NetPipeActivator - ok
22:54:27.0208 1508 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\windows\System32\netprofm.dll
22:54:27.0208 1508 netprofm - ok
22:54:27.0239 1508 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:54:27.0239 1508 NetTcpActivator - ok
22:54:27.0239 1508 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:54:27.0239 1508 NetTcpPortSharing - ok
22:54:27.0286 1508 nfrd960 (77889813be4d166cdab78ddba990da92) C:\windows\system32\DRIVERS\nfrd960.sys
22:54:27.0301 1508 nfrd960 - ok
22:54:27.0364 1508 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\windows\System32\nlasvc.dll
22:54:27.0379 1508 NlaSvc - ok
22:54:27.0395 1508 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\windows\system32\drivers\Npfs.sys
22:54:27.0410 1508 Npfs - ok
22:54:27.0442 1508 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\windows\system32\nsisvc.dll
22:54:27.0457 1508 nsi - ok
22:54:27.0488 1508 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\windows\system32\drivers\nsiproxy.sys
22:54:27.0504 1508 nsiproxy - ok
22:54:27.0613 1508 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\windows\system32\drivers\Ntfs.sys
22:54:27.0676 1508 Ntfs - ok
22:54:27.0800 1508 NuidFltr (d4012918d3a3847b44b888d56bc095d6) C:\windows\system32\DRIVERS\NuidFltr.sys
22:54:27.0816 1508 NuidFltr - ok
22:54:27.0863 1508 Null (9899284589f75fa8724ff3d16aed75c1) C:\windows\system32\drivers\Null.sys
22:54:27.0878 1508 Null - ok
22:54:27.0941 1508 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\windows\system32\drivers\nvraid.sys
22:54:27.0956 1508 nvraid - ok
22:54:28.0050 1508 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\windows\system32\drivers\nvstor.sys
22:54:28.0066 1508 nvstor - ok
22:54:28.0128 1508 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\windows\system32\drivers\nv_agp.sys
22:54:28.0144 1508 nv_agp - ok
22:54:28.0175 1508 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\windows\system32\drivers\ohci1394.sys
22:54:28.0190 1508 ohci1394 - ok
22:54:28.0268 1508 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:54:28.0300 1508 ose - ok
22:54:28.0549 1508 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
22:54:28.0643 1508 osppsvc - ok
22:54:28.0768 1508 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
22:54:28.0783 1508 p2pimsvc - ok
22:54:28.0814 1508 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\windows\system32\p2psvc.dll
22:54:28.0846 1508 p2psvc - ok
22:54:28.0892 1508 Parport (0086431c29c35be1dbc43f52cc273887) C:\windows\system32\DRIVERS\parport.sys
22:54:28.0908 1508 Parport - ok
22:54:28.0939 1508 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\windows\system32\drivers\partmgr.sys
22:54:28.0955 1508 partmgr - ok
22:54:28.0986 1508 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\windows\System32\pcasvc.dll
22:54:29.0002 1508 PcaSvc - ok
22:54:29.0033 1508 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\windows\system32\drivers\pci.sys
22:54:29.0064 1508 pci - ok
22:54:29.0080 1508 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\windows\system32\drivers\pciide.sys
22:54:29.0095 1508 pciide - ok
22:54:29.0126 1508 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\windows\system32\DRIVERS\pcmcia.sys
22:54:29.0142 1508 pcmcia - ok
22:54:29.0158 1508 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\windows\system32\drivers\pcw.sys
22:54:29.0173 1508 pcw - ok
22:54:29.0220 1508 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\windows\system32\drivers\peauth.sys
22:54:29.0251 1508 PEAUTH - ok
22:54:29.0314 1508 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\windows\SysWow64\perfhost.exe
22:54:29.0329 1508 PerfHost - ok
22:54:29.0423 1508 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\windows\system32\pla.dll
22:54:29.0470 1508 pla - ok
22:54:29.0516 1508 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\windows\system32\umpnpmgr.dll
22:54:29.0548 1508 PlugPlay - ok
22:54:29.0579 1508 PnkBstrA - ok
22:54:29.0594 1508 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\windows\system32\pnrpauto.dll
22:54:29.0626 1508 PNRPAutoReg - ok
22:54:29.0657 1508 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
22:54:29.0672 1508 PNRPsvc - ok
22:54:29.0719 1508 Point64 (9abff71ff6f3b9492686d3403fa5dcdb) C:\windows\system32\DRIVERS\point64k.sys
22:54:29.0750 1508 Point64 - ok
22:54:29.0797 1508 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\windows\System32\ipsecsvc.dll
22:54:29.0828 1508 PolicyAgent - ok
22:54:29.0860 1508 Power (6ba9d927dded70bd1a9caded45f8b184) C:\windows\system32\umpo.dll
22:54:29.0875 1508 Power - ok
22:54:29.0922 1508 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\windows\system32\DRIVERS\raspptp.sys
22:54:29.0922 1508 PptpMiniport - ok
22:54:29.0953 1508 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\windows\system32\DRIVERS\processr.sys
22:54:29.0969 1508 Processor - ok
22:54:30.0000 1508 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\windows\system32\profsvc.dll
22:54:30.0031 1508 ProfSvc - ok
22:54:30.0062 1508 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
22:54:30.0062 1508 ProtectedStorage - ok
22:54:30.0109 1508 Psched (0557cf5a2556bd58e26384169d72438d) C:\windows\system32\DRIVERS\pacer.sys
22:54:30.0125 1508 Psched - ok
22:54:30.0250 1508 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\windows\system32\DRIVERS\ql2300.sys
22:54:30.0312 1508 ql2300 - ok
22:54:30.0515 1508 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\windows\system32\DRIVERS\ql40xx.sys
22:54:30.0530 1508 ql40xx - ok
22:54:30.0562 1508 QWAVE (906191634e99aea92c4816150bda3732) C:\windows\system32\qwave.dll
22:54:30.0593 1508 QWAVE - ok
22:54:30.0608 1508 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\windows\system32\drivers\qwavedrv.sys
22:54:30.0624 1508 QWAVEdrv - ok
22:54:30.0671 1508 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\windows\system32\DRIVERS\rasacd.sys
22:54:30.0686 1508 RasAcd - ok
22:54:30.0733 1508 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\windows\system32\DRIVERS\AgileVpn.sys
22:54:30.0749 1508 RasAgileVpn - ok
22:54:30.0780 1508 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\windows\System32\rasauto.dll
22:54:30.0796 1508 RasAuto - ok
22:54:30.0842 1508 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\windows\system32\DRIVERS\rasl2tp.sys
22:54:30.0858 1508 Rasl2tp - ok
22:54:30.0889 1508 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\windows\System32\rasmans.dll
22:54:30.0920 1508 RasMan - ok
22:54:30.0936 1508 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\windows\system32\DRIVERS\raspppoe.sys
22:54:30.0952 1508 RasPppoe - ok
22:54:30.0983 1508 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\windows\system32\DRIVERS\rassstp.sys
22:54:30.0983 1508 RasSstp - ok
22:54:31.0076 1508 rdbss (77f665941019a1594d887a74f301fa2f) C:\windows\system32\DRIVERS\rdbss.sys
22:54:31.0108 1508 rdbss - ok
22:54:31.0139 1508 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\windows\system32\DRIVERS\rdpbus.sys
22:54:31.0154 1508 rdpbus - ok
22:54:31.0170 1508 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\windows\system32\DRIVERS\RDPCDD.sys
22:54:31.0170 1508 RDPCDD - ok
22:54:31.0186 1508 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\windows\system32\drivers\rdpencdd.sys
22:54:31.0201 1508 RDPENCDD - ok
22:54:31.0217 1508 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\windows\system32\drivers\rdprefmp.sys
22:54:31.0217 1508 RDPREFMP - ok
22:54:31.0264 1508 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\windows\system32\drivers\RDPWD.sys
22:54:31.0279 1508 RDPWD - ok
22:54:31.0342 1508 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\windows\system32\drivers\rdyboost.sys
22:54:31.0357 1508 rdyboost - ok
22:54:31.0404 1508 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\windows\System32\mprdim.dll
22:54:31.0435 1508 RemoteAccess - ok
22:54:31.0482 1508 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\windows\system32\regsvc.dll
22:54:31.0498 1508 RemoteRegistry - ok
22:54:31.0529 1508 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\windows\System32\RpcEpMap.dll
22:54:31.0544 1508 RpcEptMapper - ok
22:54:31.0560 1508 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\windows\system32\locator.exe
22:54:31.0591 1508 RpcLocator - ok
22:54:31.0622 1508 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll
22:54:31.0638 1508 RpcSs - ok
22:54:31.0685 1508 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\windows\system32\DRIVERS\rspndr.sys
22:54:31.0700 1508 rspndr - ok
22:54:31.0747 1508 RSUSBSTOR (5aab4808e8ccae8c2ecda5b791260616) C:\windows\system32\Drivers\RtsUStor.sys
22:54:31.0778 1508 RSUSBSTOR - ok
22:54:31.0810 1508 RTL8023x64 (68dd0457d18fccef7384ae84022f0c86) C:\windows\system32\DRIVERS\Rtnic64.sys
22:54:31.0841 1508 RTL8023x64 - ok
22:54:31.0888 1508 RTL8167 (3b01789ee4eaee97f5eb46b711387d5e) C:\windows\system32\DRIVERS\Rt64win7.sys
22:54:31.0903 1508 RTL8167 - ok
22:54:31.0934 1508 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
22:54:31.0934 1508 SamSs - ok
22:54:32.0168 1508 SBAMSvc (18530d2f605f1ec48ca20a7b184ccbcc) C:\Program Files (x86)\GFI Software\VIPRE\SBAMSvc.exe
22:54:32.0231 1508 SBAMSvc - ok
22:54:32.0324 1508 sbapifs (6e342316e72f4b6fa39c99e06373a1a3) C:\windows\system32\DRIVERS\sbapifs.sys
22:54:32.0340 1508 sbapifs - ok
22:54:32.0387 1508 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\windows\system32\drivers\sbp2port.sys
22:54:32.0402 1508 sbp2port - ok
22:54:32.0465 1508 SBPIMSvc (2815772894855506e94008cc0e602738) C:\Program Files (x86)\GFI Software\VIPRE\SBPIMSvc.exe
22:54:32.0512 1508 SBPIMSvc - ok
22:54:32.0558 1508 SBRE (aae41efbad69b78513875c2eb3de7008) C:\windows\system32\drivers\SBREdrv.sys
22:54:32.0574 1508 SBRE - ok
22:54:32.0683 1508 SBSDWSCService (794d4b48dfb6e999537c7c3947863463) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
22:54:32.0699 1508 SBSDWSCService - ok
22:54:32.0730 1508 sbwtis (f9aa83a88eabe22b29d8f293c21aaa4d) C:\windows\system32\DRIVERS\sbwtis.sys
22:54:32.0761 1508 sbwtis - ok
22:54:32.0808 1508 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\windows\System32\SCardSvr.dll
22:54:32.0839 1508 SCardSvr - ok
22:54:32.0886 1508 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\windows\system32\DRIVERS\scfilter.sys
22:54:32.0917 1508 scfilter - ok
22:54:32.0995 1508 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\windows\system32\schedsvc.dll
22:54:33.0042 1508 Schedule - ok
22:54:33.0073 1508 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll
22:54:33.0073 1508 SCPolicySvc - ok
22:54:33.0104 1508 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\windows\System32\SDRSVC.dll
22:54:33.0136 1508 SDRSVC - ok
22:54:33.0214 1508 SeaPort (16a252022535b680046f6e34e136d378) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
22:54:33.0229 1508 SeaPort - ok
22:54:33.0276 1508 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\windows\system32\drivers\secdrv.sys
22:54:33.0292 1508 secdrv - ok
22:54:33.0323 1508 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\windows\system32\seclogon.dll
22:54:33.0338 1508 seclogon - ok
22:54:33.0370 1508 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\windows\System32\sens.dll
22:54:33.0385 1508 SENS - ok
22:54:33.0416 1508 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\windows\system32\sensrsvc.dll
22:54:33.0432 1508 SensrSvc - ok
22:54:33.0463 1508 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\windows\system32\DRIVERS\serenum.sys
22:54:33.0479 1508 Serenum - ok
22:54:33.0510 1508 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\windows\system32\DRIVERS\serial.sys
22:54:33.0526 1508 Serial - ok
22:54:33.0572 1508 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\windows\system32\DRIVERS\sermouse.sys
22:54:33.0604 1508 sermouse - ok
22:54:33.0650 1508 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\windows\system32\sessenv.dll
22:54:33.0666 1508 SessionEnv - ok
22:54:33.0682 1508 sffdisk (a554811bcd09279536440c964ae35bbf) C:\windows\system32\drivers\sffdisk.sys
22:54:33.0713 1508 sffdisk - ok
22:54:33.0744 1508 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\windows\system32\drivers\sffp_mmc.sys
22:54:33.0760 1508 sffp_mmc - ok
22:54:33.0775 1508 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\windows\system32\drivers\sffp_sd.sys
22:54:33.0806 1508 sffp_sd - ok
22:54:33.0822 1508 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\windows\system32\DRIVERS\sfloppy.sys
22:54:33.0853 1508 sfloppy - ok
22:54:33.0916 1508 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\windows\system32\DRIVERS\Sftfslh.sys
22:54:33.0962 1508 Sftfs - ok
22:54:34.0056 1508 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
22:54:34.0087 1508 sftlist - ok
22:54:34.0118 1508 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\windows\system32\DRIVERS\Sftplaylh.sys
22:54:34.0134 1508 Sftplay - ok
22:54:34.0150 1508 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\windows\system32\DRIVERS\Sftredirlh.sys
22:54:34.0150 1508 Sftredir - ok
22:54:34.0165 1508 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\windows\system32\DRIVERS\Sftvollh.sys
22:54:34.0181 1508 Sftvol - ok
22:54:34.0212 1508 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
22:54:34.0228 1508 sftvsa - ok
22:54:34.0274 1508 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\windows\System32\ipnathlp.dll
22:54:34.0306 1508 SharedAccess - ok
22:54:34.0352 1508 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\windows\System32\shsvcs.dll
22:54:34.0368 1508 ShellHWDetection - ok
22:54:34.0399 1508 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\windows\system32\DRIVERS\SiSRaid2.sys
22:54:34.0415 1508 SiSRaid2 - ok
22:54:34.0446 1508 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\windows\system32\DRIVERS\sisraid4.sys
22:54:34.0462 1508 SiSRaid4 - ok
22:54:34.0555 1508 SkypeUpdate (ddaa5f4a6b958fc313ebd02dd925752f) C:\Program Files (x86)\Skype\Updater\Updater.exe
22:54:34.0571 1508 SkypeUpdate - ok
22:54:34.0602 1508 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\windows\system32\DRIVERS\smb.sys
22:54:34.0602 1508 Smb - ok
22:54:34.0649 1508 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\windows\System32\snmptrap.exe
22:54:34.0664 1508 SNMPTRAP - ok
22:54:34.0680 1508 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\windows\system32\drivers\spldr.sys
22:54:34.0680 1508 spldr - ok
22:54:34.0727 1508 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\windows\System32\spoolsv.exe
22:54:34.0727 1508 Spooler - ok
22:54:34.0898 1508 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\windows\system32\sppsvc.exe
22:54:34.0930 1508 sppsvc - ok
22:54:35.0008 1508 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\windows\system32\sppuinotify.dll
22:54:35.0023 1508 sppuinotify - ok
22:54:35.0086 1508 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\windows\system32\DRIVERS\srv.sys
22:54:35.0101 1508 srv - ok
22:54:35.0148 1508 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\windows\system32\DRIVERS\srv2.sys
22:54:35.0164 1508 srv2 - ok
22:54:35.0179 1508 srvnet (27e461f0be5bff5fc737328f749538c3) C:\windows\system32\DRIVERS\srvnet.sys
22:54:35.0210 1508 srvnet - ok
22:54:35.0242 1508 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\windows\System32\ssdpsrv.dll
22:54:35.0242 1508 SSDPSRV - ok
22:54:35.0257 1508 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\windows\system32\sstpsvc.dll
22:54:35.0273 1508 SstpSvc - ok
22:54:35.0304 1508 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\windows\system32\DRIVERS\stexstor.sys
22:54:35.0320 1508 stexstor - ok
22:54:35.0413 1508 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\windows\System32\wiaservc.dll
22:54:35.0444 1508 stisvc - ok
22:54:35.0476 1508 SuperIO (d310da4bb3d61a52f8c50ddb1a62ff5e) C:\windows\system32\DRIVERS\spio.sys
22:54:35.0491 1508 SuperIO - ok
22:54:35.0522 1508 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\windows\system32\drivers\swenum.sys
22:54:35.0554 1508 swenum - ok
22:54:35.0585 1508 swprv (e08e46fdd841b7184194011ca1955a0b) C:\windows\System32\swprv.dll
22:54:35.0616 1508 swprv - ok
22:54:35.0772 1508 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\windows\system32\sysmain.dll
22:54:35.0803 1508 SysMain - ok
22:54:35.0912 1508 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\windows\System32\TabSvc.dll
22:54:35.0944 1508 TabletInputService - ok
22:54:35.0975 1508 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\windows\System32\tapisrv.dll
22:54:36.0006 1508 TapiSrv - ok
22:54:36.0053 1508 TBS (1be03ac720f4d302ea01d40f588162f6) C:\windows\System32\tbssvc.dll
22:54:36.0068 1508 TBS - ok
22:54:36.0209 1508 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\windows\system32\drivers\tcpip.sys
22:54:36.0256 1508 Tcpip - ok
22:54:36.0427 1508 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\windows\system32\DRIVERS\tcpip.sys
22:54:36.0443 1508 TCPIP6 - ok
22:54:36.0521 1508 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\windows\system32\drivers\tcpipreg.sys
22:54:36.0552 1508 tcpipreg - ok
22:54:36.0599 1508 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\windows\system32\drivers\tdpipe.sys
22:54:36.0630 1508 TDPIPE - ok
22:54:36.0661 1508 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\windows\system32\drivers\tdtcp.sys
22:54:36.0677 1508 TDTCP - ok
22:54:36.0708 1508 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\windows\system32\DRIVERS\tdx.sys
22:54:36.0724 1508 tdx - ok
22:54:36.0770 1508 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\windows\system32\drivers\termdd.sys
22:54:36.0786 1508 TermDD - ok
22:54:36.0833 1508 TermService (2e648163254233755035b46dd7b89123) C:\windows\System32\termsrv.dll
22:54:36.0864 1508 TermService - ok
22:54:36.0895 1508 Themes (f0344071948d1a1fa732231785a0664c) C:\windows\system32\themeservice.dll
22:54:36.0911 1508 Themes - ok
22:54:36.0942 1508 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
22:54:36.0958 1508 THREADORDER - ok
22:54:36.0973 1508 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\windows\System32\trkwks.dll
22:54:36.0989 1508 TrkWks - ok
22:54:37.0051 1508 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\windows\servicing\TrustedInstaller.exe
22:54:37.0082 1508 TrustedInstaller - ok
22:54:37.0114 1508 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\windows\system32\DRIVERS\tssecsrv.sys
22:54:37.0129 1508 tssecsrv - ok
22:54:37.0192 1508 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\windows\system32\drivers\tsusbflt.sys
22:54:37.0207 1508 TsUsbFlt - ok
22:54:37.0270 1508 tunnel (3566a8daafa27af944f5d705eaa64894) C:\windows\system32\DRIVERS\tunnel.sys
22:54:37.0285 1508 tunnel - ok
22:54:37.0301 1508 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\windows\system32\DRIVERS\uagp35.sys
22:54:37.0316 1508 uagp35 - ok
22:54:37.0348 1508 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\windows\system32\DRIVERS\udfs.sys
22:54:37.0379 1508 udfs - ok
22:54:37.0410 1508 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\windows\system32\UI0Detect.exe
22:54:37.0426 1508 UI0Detect - ok
22:54:37.0472 1508 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\windows\system32\drivers\uliagpkx.sys
22:54:37.0472 1508 uliagpkx - ok
22:54:37.0504 1508 umbus (dc54a574663a895c8763af0fa1ff7561) C:\windows\system32\drivers\umbus.sys
22:54:37.0519 1508 umbus - ok
22:54:37.0550 1508 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\windows\system32\DRIVERS\umpass.sys
22:54:37.0566 1508 UmPass - ok
22:54:37.0613 1508 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\windows\System32\upnphost.dll
22:54:37.0628 1508 upnphost - ok
22:54:37.0660 1508 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\windows\system32\DRIVERS\usbccgp.sys
22:54:37.0675 1508 usbccgp - ok
22:54:37.0706 1508 usbcir (af0892a803fdda7492f595368e3b68e7) C:\windows\system32\drivers\usbcir.sys
22:54:37.0722 1508 usbcir - ok
22:54:37.0753 1508 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\windows\system32\DRIVERS\usbehci.sys
22:54:37.0769 1508 usbehci - ok
22:54:37.0800 1508 usbfilter (2c780746dc44a28fe67004dc58173f05) C:\windows\system32\DRIVERS\usbfilter.sys
22:54:37.0816 1508 usbfilter - ok
22:54:37.0847 1508 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\windows\system32\DRIVERS\usbhub.sys
22:54:37.0862 1508 usbhub - ok
22:54:37.0878 1508 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\windows\system32\DRIVERS\usbohci.sys
22:54:37.0894 1508 usbohci - ok
22:54:37.0925 1508 usbprint (73188f58fb384e75c4063d29413cee3d) C:\windows\system32\DRIVERS\usbprint.sys
22:54:37.0956 1508 usbprint - ok
22:54:38.0018 1508 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\windows\system32\DRIVERS\usbscan.sys
22:54:38.0034 1508 usbscan - ok
22:54:38.0065 1508 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\windows\system32\DRIVERS\USBSTOR.SYS
22:54:38.0081 1508 USBSTOR - ok
22:54:38.0112 1508 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\windows\system32\drivers\usbuhci.sys
22:54:38.0143 1508 usbuhci - ok
22:54:38.0159 1508 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\windows\System32\uxsms.dll
22:54:38.0190 1508 UxSms - ok
22:54:38.0252 1508 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
22:54:38.0252 1508 VaultSvc - ok
22:54:38.0284 1508 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\windows\system32\drivers\vdrvroot.sys
22:54:38.0299 1508 vdrvroot - ok
22:54:38.0346 1508 vds (8d6b481601d01a456e75c3210f1830be) C:\windows\System32\vds.exe
22:54:38.0377 1508 vds - ok
22:54:38.0393 1508 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\windows\system32\DRIVERS\vgapnp.sys
22:54:38.0424 1508 vga - ok
22:54:38.0440 1508 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\windows\System32\drivers\vga.sys
22:54:38.0455 1508 VgaSave - ok
22:54:38.0486 1508 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\windows\system32\drivers\vhdmp.sys
22:54:38.0502 1508 vhdmp - ok
22:54:38.0502 1508 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\windows\system32\drivers\viaide.sys
22:54:38.0518 1508 viaide - ok
22:54:38.0549 1508 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\windows\system32\drivers\volmgr.sys
22:54:38.0549 1508 volmgr - ok
22:54:38.0596 1508 volmgrx (a255814907c89be58b79ef2f189b843b) C:\windows\system32\drivers\volmgrx.sys
22:54:38.0611 1508 volmgrx - ok
22:54:38.0642 1508 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\windows\system32\drivers\volsnap.sys
22:54:38.0658 1508 volsnap - ok
22:54:38.0689 1508 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\windows\system32\DRIVERS\vsmraid.sys
22:54:38.0705 1508 vsmraid - ok
22:54:38.0798 1508 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\windows\system32\vssvc.exe
22:54:38.0830 1508 VSS - ok
22:54:38.0923 1508 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\windows\System32\drivers\vwifibus.sys
22:54:38.0954 1508 vwifibus - ok
22:54:39.0017 1508 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\windows\system32\w32time.dll
22:54:39.0048 1508 W32Time - ok
22:54:39.0110 1508 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\windows\system32\DRIVERS\wacompen.sys
22:54:39.0126 1508 WacomPen - ok
22:54:39.0188 1508 WANARP (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
22:54:39.0204 1508 WANARP - ok
22:54:39.0235 1508 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
22:54:39.0235 1508 Wanarpv6 - ok
22:54:39.0329 1508 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\windows\system32\Wat\WatAdminSvc.exe
22:54:39.0376 1508 WatAdminSvc - ok
22:54:39.0469 1508 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\windows\system32\wbengine.exe
22:54:39.0516 1508 wbengine - ok
22:54:39.0610 1508 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\windows\System32\wbiosrvc.dll
22:54:39.0641 1508 WbioSrvc - ok
22:54:39.0703 1508 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\windows\System32\wcncsvc.dll
22:54:39.0719 1508 wcncsvc - ok
22:54:39.0734 1508 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\windows\System32\WcsPlugInService.dll
22:54:39.0766 1508 WcsPlugInService - ok
22:54:39.0812 1508 Wd (72889e16ff12ba0f235467d6091b17dc) C:\windows\system32\DRIVERS\wd.sys
22:54:39.0828 1508 Wd - ok
22:54:39.0875 1508 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\windows\system32\drivers\Wdf01000.sys
22:54:39.0906 1508 Wdf01000 - ok
22:54:39.0953 1508 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
22:54:39.0968 1508 WdiServiceHost - ok
22:54:39.0968 1508 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
22:54:39.0968 1508 WdiSystemHost - ok
22:54:40.0015 1508 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\windows\System32\webclnt.dll
22:54:40.0031 1508 WebClient - ok
22:54:40.0062 1508 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\windows\system32\wecsvc.dll
22:54:40.0078 1508 Wecsvc - ok
22:54:40.0109 1508 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\windows\System32\wercplsupport.dll
22:54:40.0124 1508 wercplsupport - ok
22:54:40.0140 1508 WerSvc (6d137963730144698cbd10f202e9f251) C:\windows\System32\WerSvc.dll
22:54:40.0156 1508 WerSvc - ok
22:54:40.0202 1508 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\windows\system32\DRIVERS\wfplwf.sys
22:54:40.0234 1508 WfpLwf - ok
22:54:40.0249 1508 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\windows\system32\drivers\wimmount.sys
22:54:40.0265 1508 WIMMount - ok
22:54:40.0312 1508 WinDefend - ok
22:54:40.0327 1508 WinHttpAutoProxySvc - ok
22:54:40.0358 1508 WinI2C-DDC (66c365b542195c1f6e2ff4a7d8f3827c) C:\windows\system32\drivers\DDCDrv.sys
22:54:40.0390 1508 WinI2C-DDC - ok
22:54:40.0436 1508 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\windows\system32\wbem\WMIsvc.dll
22:54:40.0468 1508 Winmgmt - ok
22:54:40.0577 1508 WinRM (bcb1310604aa415c4508708975b3931e) C:\windows\system32\WsmSvc.dll
22:54:40.0639 1508 WinRM - ok
22:54:40.0780 1508 WinUsb (fe88b288356e7b47b74b13372add906d) C:\windows\system32\DRIVERS\WinUsb.sys
22:54:40.0795 1508 WinUsb - ok
22:54:40.0873 1508 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\windows\System32\wlansvc.dll
22:54:40.0904 1508 Wlansvc - ok
22:54:40.0967 1508 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
22:54:40.0998 1508 wlcrasvc - ok
22:54:41.0154 1508 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
22:54:41.0216 1508 wlidsvc - ok
22:54:41.0341 1508 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\windows\system32\drivers\wmiacpi.sys
22:54:41.0357 1508 WmiAcpi - ok
22:54:41.0435 1508 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\windows\system32\wbem\WmiApSrv.exe
22:54:41.0450 1508 wmiApSrv - ok
22:54:41.0482 1508 WMPNetworkSvc - ok
22:54:41.0497 1508 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\windows\System32\wpcsvc.dll
22:54:41.0528 1508 WPCSvc - ok
22:54:41.0560 1508 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\windows\system32\wpdbusenum.dll
22:54:41.0575 1508 WPDBusEnum - ok
22:54:41.0606 1508 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\windows\system32\drivers\ws2ifsl.sys
22:54:41.0622 1508 ws2ifsl - ok
22:54:41.0684 1508 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\windows\System32\wscsvc.dll
22:54:41.0700 1508 wscsvc - ok
22:54:41.0700 1508 WSearch - ok
22:54:41.0731 1508 wsvd (83575c43b2bfe9ab0661a7f957e843c0) C:\windows\system32\DRIVERS\wsvd.sys
22:54:41.0762 1508 wsvd - ok
22:54:41.0872 1508 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\windows\system32\wuaueng.dll
22:54:41.0887 1508 wuauserv - ok
22:54:41.0996 1508 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\windows\system32\drivers\WudfPf.sys
22:54:42.0012 1508 WudfPf - ok
22:54:42.0074 1508 WUDFRd (cf8d590be3373029d57af80914190682) C:\windows\system32\DRIVERS\WUDFRd.sys
22:54:42.0090 1508 WUDFRd - ok
22:54:42.0121 1508 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\windows\System32\WUDFSvc.dll
22:54:42.0137 1508 wudfsvc - ok
22:54:42.0168 1508 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\windows\System32\wwansvc.dll
22:54:42.0184 1508 WwanSvc - ok
22:54:42.0246 1508 yukonw7 (b3eeacf62445e24fbb2cd4b0fb4db026) C:\windows\system32\DRIVERS\yk62x64.sys
22:54:42.0277 1508 yukonw7 - ok
22:54:42.0308 1508 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
22:54:42.0589 1508 \Device\Harddisk0\DR0 - ok
22:54:42.0589 1508 Boot (0x1200) (aca09ea273fa482c965112b561f4b599) \Device\Harddisk0\DR0\Partition0
22:54:42.0589 1508 \Device\Harddisk0\DR0\Partition0 - ok
22:54:42.0605 1508 Boot (0x1200) (ae594621e1329527385c1f29ea748c00) \Device\Harddisk0\DR0\Partition1
22:54:42.0605 1508 \Device\Harddisk0\DR0\Partition1 - ok
22:54:42.0605 1508 ============================================================
22:54:42.0605 1508 Scan finished
22:54:42.0605 1508 ============================================================
22:54:42.0620 2180 Detected object count: 0
22:54:42.0620 2180 Actual detected object count: 0
22:54:47.0082 3712 Deinitialize success

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-01 21:19:13
-----------------------------
21:19:13.953 OS Version: Windows x64 6.1.7601 Service Pack 1
21:19:13.953 Number of processors: 2 586 0x603
21:19:13.953 ComputerName: ANTTI-PC UserName: Antti
21:19:44.966 Initialize success
21:19:50.036 AVAST engine defs: 12080101
21:21:16.339 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
21:21:16.339 Disk 0 Vendor: ST3500418AS CC67 Size: 476940MB BusType: 3
21:21:16.370 Disk 0 MBR read successfully
21:21:16.370 Disk 0 MBR scan
21:21:16.370 Disk 0 Windows 7 default MBR code
21:21:16.386 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
21:21:16.386 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 451164 MB offset 206848
21:21:16.417 Disk 0 Partition 3 00 12 Compaq diag NTFS 25675 MB offset 924190720
21:21:16.464 Disk 0 scanning C:\windows\system32\drivers
21:21:27.649 Service scanning
21:21:46.605 Modules scanning
21:21:46.620 Disk 0 trace - called modules:
21:21:46.636 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
21:21:47.151 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80024c3060]
21:21:47.151 3 CLASSPNP.SYS[fffff8800195143f] -> nt!IofCallDriver -> [0xfffffa800245e4b0]
21:21:47.151 5 ACPI.sys[fffff88000f9b7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8002464060]
21:21:49.553 AVAST engine scan C:\windows
21:21:52.908 AVAST engine scan C:\windows\system32
21:27:41.102 AVAST engine scan C:\windows\system32\drivers
21:27:52.186 AVAST engine scan C:\Users\Antti
21:41:16.316 AVAST engine scan C:\ProgramData
21:44:19.024 Scan finished successfully
22:42:51.178 Disk 0 MBR has been saved successfully to "C:\Users\Antti\Desktop\virus removal\MBR.dat"
22:42:51.225 The log file has been saved successfully to "C:\Users\Antti\Desktop\virus removal\aswMBR.txt"


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-01 22:54:53
-----------------------------
22:54:53.917 OS Version: Windows x64 6.1.7601 Service Pack 1
22:54:53.917 Number of processors: 2 586 0x603
22:54:53.917 ComputerName: ANTTI-PC UserName: Antti
22:55:06.086 Initialize success
22:55:08.067 AVAST engine defs: 12080101
22:55:25.322 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
22:55:25.337 Disk 0 Vendor: ST3500418AS CC67 Size: 476940MB BusType: 3
22:55:25.353 Disk 0 MBR read successfully
22:55:25.369 Disk 0 MBR scan
22:55:25.369 Disk 0 Windows 7 default MBR code
22:55:25.369 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
22:55:25.384 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 451164 MB offset 206848
22:55:25.415 Disk 0 Partition 3 00 12 Compaq diag NTFS 25675 MB offset 924190720
22:55:25.493 Disk 0 scanning C:\windows\system32\drivers
22:55:39.736 Service scanning
22:55:59.924 Modules scanning
22:55:59.939 Disk 0 trace - called modules:
22:55:59.955 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
22:55:59.955 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8002444560]
22:55:59.970 3 CLASSPNP.SYS[fffff880019d143f] -> nt!IofCallDriver -> [0xfffffa800244d520]
22:55:59.970 5 ACPI.sys[fffff88000f297a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8002439060]
22:56:00.766 AVAST engine scan C:\windows
22:56:04.136 AVAST engine scan C:\windows\system32
23:02:00.902 AVAST engine scan C:\windows\system32\drivers
23:02:18.577 AVAST engine scan C:\Users\Antti
23:12:23.111 AVAST engine scan C:\ProgramData
23:13:52.875 Scan finished successfully
23:37:12.090 Disk 0 MBR has been saved successfully to "C:\Users\Antti\Desktop\virus removal\MBR.dat"
23:37:12.106 The log file has been saved successfully to "C:\Users\Antti\Desktop\virus removal\aswMBR.txt"

I think it's click get answers browser jacking
eset is running right now.
Thanks

Edited by Andrus, 02 August 2012 - 12:01 AM.


#4 Andrus

Andrus
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:02:00 PM

Posted 02 August 2012 - 09:25 AM

eset list
C:\Users\Antti\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\14\402358e-12a8b6e4 Java/Agent.EA trojan
C:\Users\Antti\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37\264888a5-5e5a3898 multiple threats
C:\Users\Antti\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\60\707aa3bc-4699db1e Java/Exploit.CVE-2011-3544.T trojan
C:\Users\Antti\AppData\Roaming\Mozilla\Firefox\Profiles\krpu8upc.default\extensions\aaebcbfkre@aaebcbfkre.org.xpi JS/Redirector.NCA trojan
C:\Users\Antti\Documents\oldbuter\Downloads\setup.zip a variant of Win32/Kryptik.AGTO trojan

#5 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:00 PM

Posted 02 August 2012 - 09:31 AM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log

#6 Andrus

Andrus
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:02:00 PM

Posted 02 August 2012 - 11:16 AM

Malwarebytes Anti-Malware (Trial) 1.62.0.1300
www.malwarebytes.org

Database version: v2012.08.02.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Antti :: ANTTI-PC [administrator]

Protection: Enabled

8/2/2012 11:27:51 AM
mbam-log-2012-08-02 (11-27-51).txt

Scan type: Full scan (C:\|Q:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 359995
Time elapsed: 45 minute(s), 22 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
MiniToolBox by Farbar Version: 23-07-2012
Ran by Antti (administrator) on 02-08-2012 at 12:17:59
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.type", 0

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Realtek PCIe FE Family Controller = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Antti-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : Belkin

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : Belkin
Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
Physical Address. . . . . . . . . : 10-78-D2-94-46-48
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::5810:c1cf:626f:e3d%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.2.2(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Thursday, August 02, 2012 11:20:43 AM
Lease Expires . . . . . . . . . . : Sunday, September 08, 2148 6:46:25 PM
Default Gateway . . . . . . . . . : 192.168.2.1
DHCP Server . . . . . . . . . . . : 192.168.2.1
DHCPv6 IAID . . . . . . . . . . . : 235960530
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-77-FE-FA-10-78-D2-94-46-48
DNS Servers . . . . . . . . . . . : 192.168.2.1
75.75.75.75
75.75.76.76
8.8.8.8
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.Belkin:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : Belkin
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:953c:1cd0:f4c:cd75:ca68(Preferred)
Link-local IPv6 Address . . . . . : fe80::1cd0:f4c:cd75:ca68%12(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.2.1

DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.

Pinging google.com [74.125.137.100] with 32 bytes of data:
Reply from 74.125.137.100: bytes=32 time=30ms TTL=47
Reply from 74.125.137.100: bytes=32 time=30ms TTL=47

Ping statistics for 74.125.137.100:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 30ms, Maximum = 30ms, Average = 30ms
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.2.1

DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.

Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=93ms TTL=50
Reply from 98.139.183.24: bytes=32 time=93ms TTL=49

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 93ms, Maximum = 93ms, Average = 93ms
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.2.1

DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.

Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Request timed out.
Request timed out.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
10...10 78 d2 94 46 48 ......Realtek PCIe FE Family Controller
1...........................Software Loopback Interface 1
14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.2.1 192.168.2.2 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.2.0 255.255.255.0 On-link 192.168.2.2 276
192.168.2.2 255.255.255.255 On-link 192.168.2.2 276
192.168.2.255 255.255.255.255 On-link 192.168.2.2 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.2.2 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.2.2 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
12 58 ::/0 On-link
1 306 ::1/128 On-link
12 58 2001::/32 On-link
12 306 2001:0:9d38:953c:1cd0:f4c:cd75:ca68/128
On-link
10 276 fe80::/64 On-link
12 306 fe80::/64 On-link
12 306 fe80::1cd0:f4c:cd75:ca68/128
On-link
10 276 fe80::5810:c1cf:626f:e3d/128
On-link
1 306 ff00::/8 On-link
12 306 ff00::/8 On-link
10 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/02/2012 10:34:35 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/02/2012 03:16:23 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

Error: (08/02/2012 03:13:46 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/02/2012 00:52:28 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/01/2012 11:37:23 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/01/2012 10:43:21 PM) (Source: Application Error) (User: )
Description: Faulting application name: atieclxx.exe, version: 6.14.11.1051, time stamp: 0x4b8de1c4
Faulting module name: atieclxx.exe, version: 6.14.11.1051, time stamp: 0x4b8de1c4
Exception code: 0xc0000005
Fault offset: 0x000000000001f155
Faulting process id: 0x4f4
Faulting application start time: 0xatieclxx.exe0
Faulting application path: atieclxx.exe1
Faulting module path: atieclxx.exe2
Report Id: atieclxx.exe3

Error: (08/01/2012 09:29:08 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/01/2012 09:29:05 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/01/2012 09:19:40 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/01/2012 05:24:20 PM) (Source: Windows Search Service) (User: )
Description: The index cannot be initialized.

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)


System errors:
=============
Error: (08/02/2012 11:20:47 AM) (Source: Service Control Manager) (User: )
Description: The lxdxCATSCustConnectService service failed to start due to the following error:
%%1053

Error: (08/02/2012 11:20:47 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the lxdxCATSCustConnectService service to connect.

Error: (08/01/2012 10:51:31 PM) (Source: Service Control Manager) (User: )
Description: The lxdxCATSCustConnectService service failed to start due to the following error:
%%1053

Error: (08/01/2012 10:51:31 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the lxdxCATSCustConnectService service to connect.

Error: (08/01/2012 10:46:30 PM) (Source: Service Control Manager) (User: )
Description: The SBSD Security Center Service service failed to start due to the following error:
%%1053

Error: (08/01/2012 10:46:30 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the SBSD Security Center Service service to connect.

Error: (08/01/2012 10:45:11 PM) (Source: Service Control Manager) (User: )
Description: The lxdxCATSCustConnectService service failed to start due to the following error:
%%1053

Error: (08/01/2012 10:45:11 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the lxdxCATSCustConnectService service to connect.

Error: (08/01/2012 09:43:34 PM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (08/01/2012 09:15:15 PM) (Source: Service Control Manager) (User: )
Description: The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error:
%%1053


Microsoft Office Sessions:
=========================
Error: (08/02/2012 10:34:35 AM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Antti\Desktop\virus removal\esetsmartinstaller_enu.exe

Error: (08/02/2012 03:16:23 AM) (Source: SideBySide)(User: )
Description: assemblyIdentitylanguage*c:\program files (x86)\spybot - search & destroy\DelZip179.dllc:\program files (x86)\spybot - search & destroy\DelZip179.dll8

Error: (08/02/2012 03:13:46 AM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (08/02/2012 00:52:28 AM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Antti\Desktop\virus removal\esetsmartinstaller_enu.exe

Error: (08/01/2012 11:37:23 PM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Antti\Desktop\virus removal\esetsmartinstaller_enu.exe

Error: (08/01/2012 10:43:21 PM) (Source: Application Error)(User: )
Description: atieclxx.exe6.14.11.10514b8de1c4atieclxx.exe6.14.11.10514b8de1c4c0000005000000000001f1554f401cd704b93ace621C:\windows\system32\atieclxx.exeC:\windows\system32\atieclxx.exed1f587ca-dc4b-11e1-9493-1078d2944648

Error: (08/01/2012 09:29:08 PM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Antti\Desktop\virus removal\esetsmartinstaller_enu.exe

Error: (08/01/2012 09:29:05 PM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Antti\Desktop\virus removal\esetsmartinstaller_enu.exe

Error: (08/01/2012 09:19:40 PM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Antti\Desktop\virus removal\esetsmartinstaller_enu.exe

Error: (08/01/2012 05:24:20 PM) (Source: Windows Search Service)(User: )
Description: Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)


=========================== Installed Programs ============================



Adobe AIR (Version: 2.6.0.19140)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.268)
Adobe Flash Player 11 Plugin (Version: 11.3.300.268)
Adobe Reader X (10.1.3) (Version: 10.1.3)
Adobe Shockwave Player 11.6 (Version: 11.6.0.626)
AMD USB Filter Driver (Version: 1.0.15.94)
Any Video Converter 3.3.5
Apple Application Support (Version: 2.1.7)
Apple Mobile Device Support (Version: 5.1.1.4)
Apple Software Update (Version: 2.1.3.127)
ArcSoft Scan-n-Stitch Deluxe (Version: 1.1.0.17)
ATI Catalyst Install Manager (Version: 3.0.765.0)
avast! Free Antivirus (Version: 7.0.1456.0)
AVG 2011 (Version: 10.0.1390)
AVG 2011 (Version: 10.0.1391)
AVG 2011 (Version: 10.0.1392)
AVG 2011 (Version: 10.0.1410)
AVG 2012 (Version: 12.0.2437)
AVG 2012 (Version: 2012.0.1873)
Bonjour (Version: 3.0.0.10)
Call of Duty
Call of Duty® 2 (Version: 1.00.0000)
CamStudio OSS Desktop Recorder (Version: 2.6 Beta r294)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Core Implementation (Version: 2010.0302.2233.40412)
Catalyst Control Center Graphics Full Existing (Version: 2010.0302.2233.40412)
Catalyst Control Center Graphics Full New (Version: 2010.0302.2233.40412)
Catalyst Control Center Graphics Light (Version: 2010.0302.2233.40412)
Catalyst Control Center Graphics Previews Common (Version: 2010.0302.2233.40412)
Catalyst Control Center Graphics Previews Vista (Version: 2010.0302.2233.40412)
Catalyst Control Center InstallProxy (Version: 2010.0302.2233.40412)
Catalyst Control Center Localization All (Version: 2010.0302.2233.40412)
ccc-core-static (Version: 2010.0302.2233.40412)
ccc-utility64 (Version: 2010.0302.2233.40412)
CCC Help Chinese Standard (Version: 2010.0302.2232.40412)
CCC Help Chinese Traditional (Version: 2010.0302.2232.40412)
CCC Help Czech (Version: 2010.0302.2232.40412)
CCC Help Danish (Version: 2010.0302.2232.40412)
CCC Help Dutch (Version: 2010.0302.2232.40412)
CCC Help English (Version: 2010.0302.2232.40412)
CCC Help Finnish (Version: 2010.0302.2232.40412)
CCC Help French (Version: 2010.0302.2232.40412)
CCC Help German (Version: 2010.0302.2232.40412)
CCC Help Greek (Version: 2010.0302.2232.40412)
CCC Help Hungarian (Version: 2010.0302.2232.40412)
CCC Help Italian (Version: 2010.0302.2232.40412)
CCC Help Japanese (Version: 2010.0302.2232.40412)
CCC Help Korean (Version: 2010.0302.2232.40412)
CCC Help Norwegian (Version: 2010.0302.2232.40412)
CCC Help Polish (Version: 2010.0302.2232.40412)
CCC Help Portuguese (Version: 2010.0302.2232.40412)
CCC Help Russian (Version: 2010.0302.2232.40412)
CCC Help Spanish (Version: 2010.0302.2232.40412)
CCC Help Swedish (Version: 2010.0302.2232.40412)
CCC Help Thai (Version: 2010.0302.2232.40412)
CCC Help Turkish (Version: 2010.0302.2232.40412)
CCleaner (Version: 3.21)
Colin McRae Rally 2005
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
DivX Setup (Version: 2.6.1.9)
DVAPTray (Version: 1.0.0.6)
ESET Online Scanner v3
FanSpeedControl (Version: 1.00.00.13)
ffdshow [rev 3026] [2009-07-05] (Version: 1.0)
Google Chrome (Version: 21.0.1180.60)
Google Talk Plugin (Version: 3.3.2.8436)
Google Update Helper (Version: 1.3.21.115)
HandBrake 0.9.6 (Version: 0.9.6)
HiJackThis (Version: 1.0.0)
ImgBurn (Version: 2.5.6.0)
Increase Chatter - Elite Edition version 2.0 (Version: 2.0)
IRA version 1.0 (Version: 1.0)
iTunes (Version: 10.6.1.7)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 32 (Version: 6.0.320)
Jigs@w Puzzle Promo Creator 2.1
Jing (Version: 2.6.12032.1)
Junk Mail filter update (Version: 15.4.3502.0922)
Lenovo Driver and Application Installation (Version: 5.10.1809)
Lenovo Dynamic Brightness System (Version: 4.0.00.19161)
Lenovo Eye Distance System (Version: 4.0.00.19080)
Lenovo Power2Go (Version: 6.0.3720)
Lenovo Rescue System (Version: 3.0.1409)
Lenovo USB2.0 UVC Camera (Version: 1.00.0000)
Lexmark 3600-4600 Series
Lexmark Fax Solutions
Lexmark Toolbar (Version: 4.0.53.0)
LVT (Version: 4.1.2.0727)
LXH-JME2207FN Hotkey Driver (Version: 5.1.0804)
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
McAfee Security Scan Plus (Version: 2.0.181.2)
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft IntelliPoint 7.1 (Version: 7.10.344.0)
Microsoft IntelliType Pro 7.1 (Version: 7.10.344.0)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Starter 2010 - English (Version: 14.0.4763.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Search Enhancement Pack (Version: 3.0.133.0)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Mozilla Firefox 14.0.1 (x86 en-US) (Version: 14.0.1)
Mozilla Maintenance Service (Version: 14.0.1)
Mozilla Thunderbird 14.0 (x86 en-US) (Version: 14.0)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
OnlyWire (Version: 1.0.31)
PAD SubmitWorker 1.2 (Version: 1.2.5.9)
Picasa 3 (Version: 3.8)
PunkBuster Services (Version: 0.990)
Quantum QR Generator (Version: 1.5.0)
QuickTime (Version: 7.71.80.42)
Realtek Ethernet Controller All-In-One Windows Driver (Version: 1.12.0007)
Realtek High Definition Audio Driver (Version: 6.0.1.6043)
Realtek USB 2.0 Card Reader (Version: 6.1.7600.30116)
Recuva (Version: 1.43)
Rosetta Stone Version 3 (Version: 3.3.5.2)
SEO Link Robot - Fast Indexer 2.0.1.0 (Version: 2.0.1.0)
Skype™ 5.10 (Version: 5.10.116)
Spybot - Search & Destroy (Version: 1.6.2)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
Video Hitman version 1.0 (Version: 1.0)
Video Rank Checker (Version: 1.6)
VIPRE Antivirus (Version: 5.2.5162)
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
VLC media player 1.1.11 (Version: 1.1.11)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live Family Safety (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
WinRAR archiver
WinZip 15.0 (Version: 15.0.9334)
WordFlood 1.2 (remove only)
Yahoo! Detect
YT-IncreaseChatter version 4.0 (Version: 4.0)

========================= Memory info: ===================================

Percentage of memory in use: 66%
Total physical RAM: 1790.05 MB
Available physical RAM: 601.83 MB
Total Pagefile: 3580.1 MB
Available Pagefile: 1736.6 MB
Total Virtual: 4095.88 MB
Available Virtual: 3962.85 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:440.59 GB) (Free:219.07 GB) NTFS
2 Drive d: (COD2DVD) (CDROM) (Total:3.53 GB) (Free:0 GB) UDF

========================= Users: ========================================

User accounts for \\ANTTI-PC

Administrator Antti Astrid
Guest


**** End of log ****

Farbar Service Scanner Version: 26-07-2012
Ran by Antti (administrator) on 02-08-2012 at 12:21:45
Running from "C:\Users\Antti\Desktop\virus removal"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============

sharedaccess Service is not running. Checking service configuration:
The start type of sharedaccess service is set to Disabled
The ImagePath of sharedaccess service is OK.
The ServiceDll of sharedaccess service is OK.


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

# AdwCleaner v1.800 - Logfile created 08/02/2012 at 12:26:17
# Updated 01/08/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Antti - ANTTI-PC
# Running from : C:\Users\Antti\Desktop\virus removal\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Users\Antti\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\Antti\AppData\Local\Ilivid Player
Folder Deleted : C:\Users\Antti\AppData\Local\TempDir
Folder Deleted : C:\Users\Antti\AppData\LocalLow\AVG Secure Search
Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\ProgramData\InstallMate
Folder Deleted : C:\Program Files (x86)\AVG Secure Search
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml

***** [Registry] *****

Key Deleted : HKCU\Software\IGearSettings
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\Zugo
Key Deleted : HKLM\SOFTWARE\AVG Secure Search

***** [Registre - GUID] *****

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5911488E-9D1E-40EC-8CBB-06B231CC153F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E13D095-45C3-4271-9475-F3B48227DD9F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5911488E-9D1E-40EC-8CBB-06B231CC153F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E13D095-45C3-4271-9475-F3B48227DD9F}

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.7601.17514

[OK] Registry is clean.

-\\ Mozilla Firefox v14.0.1 (en-US)

Profile name : default
File : C:\Users\Antti\AppData\Roaming\Mozilla\Firefox\Profiles\krpu8upc.default\prefs.js

C:\Users\Antti\AppData\Roaming\Mozilla\Firefox\Profiles\krpu8upc.default\user.js ... Deleted !

[OK] File is clean.

Profile name : default
File : C:\Users\Astrid\AppData\Roaming\Mozilla\Firefox\Profiles\6wcng6z4.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v21.0.1180.60

File : C:\Users\Antti\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted : "icon_url": "hxxps://isearch.avg.com/favicon.ico",
Deleted : "keyword": "isearch.avg.com",
Deleted : "name": "AVG Secure Search",
Deleted : "search_url": "hxxps://isearch.avg.com/search?cid={1076FFB9-D68B-4F86-9CD0-CC5E5858BA4F}&mid=2[...]
Deleted : "description": "The fastest way to search the web.",

*************************

AdwCleaner[S1].txt - [2616 octets] - [02/08/2012 12:26:17]

########## EOF - C:\AdwCleaner[S1].txt - [2744 octets] ##########

Edited by Andrus, 02 August 2012 - 11:29 AM.


#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:00 PM

Posted 02 August 2012 - 01:09 PM

Any current issues?

#8 Andrus

Andrus
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:02:00 PM

Posted 02 August 2012 - 01:46 PM

I think it's this one
http://www.bleepingcomputer.com/forums/topic454528.html
click.get-answers-fast.com redirect...
everytime I start the browser first link I click will go someplace else...and I see this
click.get-answers-fast.com redicrectr

#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:00 PM

Posted 02 August 2012 - 01:48 PM

Actually i asked you if you're still getting redirects?

Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the text contents here

#10 Andrus

Andrus
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:02:00 PM

Posted 02 August 2012 - 01:53 PM

yes I am still getting them...
"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" ""
+ "rdpclip" "" "" "File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "IntelliPoint" "IPoint.exe" "Microsoft Corporation" "c:\program files\microsoft intellipoint\ipoint.exe"
+ "itype" "IType.exe" "Microsoft Corporation" "c:\program files\microsoft intellitype pro\itype.exe"
+ "lxdxamon" "" "" "c:\program files (x86)\lexmark 3600-4600 series\lxdxamon.exe"
+ "lxdxmon.exe" "Printer Device Monitor" "" "c:\program files (x86)\lexmark 3600-4600 series\lxdxmon.exe"
+ "RtHDVCpl" "Realtek HD Audio Manager" "Realtek Semiconductor" "c:\program files\realtek\audio\hda\ravcpl64.exe"
+ "Unattend0000000001{BFA3D12B-66DD-4617-923A-E864BC7D20B5}" "" "" "File not found: C:\Windows\test.bat"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe"
+ "APSDaemon" "Apple Push" "Apple Inc." "c:\program files (x86)\common files\apple\apple application support\apsdaemon.exe"
+ "ArcSoft Connection Service" "ArcSoft Connect Daemon" "ArcSoft Inc." "c:\program files (x86)\common files\arcsoft\connection service\bin\acdaemon.exe"
+ "avast" "avast! Antivirus" "AVAST Software" "c:\program files\avast software\avast\avastui.exe"
+ "AVG_TRAY" "" "" "File not found: C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
+ "CLMLServer" "CyberLink MediaLibray Service" "CyberLink" "c:\program files (x86)\lenovo\power2go\clmlsvc.exe"
+ "DivXUpdate" "DivX Update" "" "c:\program files (x86)\divx\divx update\divxupdate.exe"
+ "DVAPTray" "DVAPbg MFC Application" "Chicony Electronics Co., Ltd." "c:\windows\syswow64\dvaptray.exe"
+ "FaxCenterServer" "Fax Man Server" "" "c:\program files (x86)\lexmark fax solutions\fm3032.exe"
+ "iTunesHelper" "iTunesHelper" "Apple Inc." "c:\program files (x86)\itunes\ituneshelper.exe"
+ "jmekey" "Hotkey" "JME" "c:\program files (x86)\jmesoft\hotkey.exe"
+ "Lenovo Dynamic Brightness System" "BrightController" "Lenovo" "c:\program files\lenovo\lenovo brightness system\lenovo dynamic brightness system.exe"
+ "Lenovo Eye Distance System" "SightProtector" "Lenovo" "c:\program files\lenovo\lenovo eye distance system\lenovo eye distance system.exe"
+ "LenovoFSC" "Lenovo Fan Speed Control" "Lenovo (Shenzhen) Electronic Co., Ltd." "c:\program files (x86)\lenovo\fanspeedcontrol\lenovofsc.exe"
+ "Malwarebytes' Anti-Malware" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamgui.exe"
+ "QuickTime Task" "QuickTime Task" "Apple Inc." "c:\program files (x86)\quicktime\qttask.exe"
+ "SBAMTray" "SBAMTray Application" "GFI Software" "c:\program files (x86)\gfi software\vipre\sbamtray.exe"
+ "StartCCC" "Catalyst® Control Center Launcher" "Advanced Micro Devices, Inc." "c:\program files (x86)\ati technologies\ati.ace\core-static\clistart.exe"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files (x86)\common files\java\java update\jusched.exe"
+ "UpdateP2GoShortCut" "MUI StartMenu Application" "CyberLink Corp." "c:\program files (x86)\lenovo\power2go\muitransfer\muistartmenu.exe"
+ "UpdatePRCShortCut" "MUI StartMenu Application" "CyberLink Corp." "c:\program files\lenovo\onekey app\lenovo rescue system\muitransfer\muistartmenu.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "uTorrent" "µTorrent" "BitTorrent, Inc." "c:\program files (x86)\utorrent\utorrent.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office14\msoxmlmf.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "avast" "avast! Shell Extension" "AVAST Software" "c:\program files\avast software\avast\ashsha64.dll"
+ "AVG Shell Extension" "" "" "File not found: C:\Program Files (x86)\AVG\AVG2012\avgsea.dll"
+ "FileEraserShellExt" "Secure File Eraser Shell Extension" "GFI Software" "c:\program files (x86)\gfi software\vipre\x64\sbfe.dll"
+ "SBAMScanShellExt" "SBAM Scan Shell Extension" "GFI Software" "c:\program files (x86)\gfi software\vipre\x64\sbamscanshellext.dll"
+ "WinRAR" "" "" "c:\program files (x86)\winrar\rarext64.dll"
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing, S.L." "c:\program files (x86)\winzip\wzshls64.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "avast" "avast! Shell Extension" "AVAST Software" "c:\program files\avast software\avast\ashshell.dll"
+ "AVG Shell Extension" "" "" "File not found: C:\Program Files (x86)\AVG\AVG2012\avgse.dll"
+ "FileEraserShellExt" "Secure File Eraser Shell Extension" "GFI Software" "c:\program files (x86)\gfi software\vipre\sbfe.dll"
+ "SBAMScanShellExt" "SBAM Scan Shell Extension" "GFI Software" "c:\program files (x86)\gfi software\vipre\sbamscanshellext.dll"
+ "WinRAR32" "" "" "c:\program files (x86)\winrar\rarext.dll"
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing, S.L." "c:\program files (x86)\winzip\wzshlstb.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "00avast" "avast! Shell Extension" "AVAST Software" "c:\program files\avast software\avast\ashsha64.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Wow6432Node\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "00avast" "avast! Shell Extension" "AVAST Software" "c:\program files\avast software\avast\ashshell.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "FileEraserShellExt" "Secure File Eraser Shell Extension" "GFI Software" "c:\program files (x86)\gfi software\vipre\x64\sbfe.dll"
+ "SBAMScanShellExt" "SBAM Scan Shell Extension" "GFI Software" "c:\program files (x86)\gfi software\vipre\x64\sbamscanshellext.dll"
+ "WinRAR" "" "" "c:\program files (x86)\winrar\rarext64.dll"
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing, S.L." "c:\program files (x86)\winzip\wzshls64.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "FileEraserShellExt" "Secure File Eraser Shell Extension" "GFI Software" "c:\program files (x86)\gfi software\vipre\sbfe.dll"
+ "SBAMScanShellExt" "SBAM Scan Shell Extension" "GFI Software" "c:\program files (x86)\gfi software\vipre\sbamscanshellext.dll"
+ "WinRAR32" "" "" "c:\program files (x86)\winrar\rarext.dll"
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing, S.L." "c:\program files (x86)\winzip\wzshlstb.dll"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "WinRAR" "" "" "c:\program files (x86)\winrar\rarext64.dll"
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing, S.L." "c:\program files (x86)\winzip\wzshls64.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "WinRAR32" "" "" "c:\program files (x86)\winrar\rarext.dll"
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing, S.L." "c:\program files (x86)\winzip\wzshlstb.dll"
"HKLM\Software\Classes\Directory\Shellex\CopyHookHandlers" "" "" ""
+ "FileZilla3CopyHook" "fzshellext Dynamic Link Library" "" "c:\program files (x86)\filezilla ftp client\fzshellext_64.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Shellex\CopyHookHandlers" "" "" ""
+ "FileZilla3CopyHook" "fzshellext Dynamic Link Library" "" "c:\program files (x86)\filezilla ftp client\fzshellext.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "ACE" "AMD Desktop Control Panel" "Advanced Micro Devices, Inc." "c:\program files (x86)\ati technologies\ati.ace\core-static\atiacm64.dll"
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "avast" "avast! Shell Extension" "AVAST Software" "c:\program files\avast software\avast\ashsha64.dll"
+ "AVG Shell Extension" "" "" "File not found: C:\Program Files (x86)\AVG\AVG2012\avgsea.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "WinRAR" "" "" "c:\program files (x86)\winrar\rarext64.dll"
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing, S.L." "c:\program files (x86)\winzip\wzshls64.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "avast" "avast! Shell Extension" "AVAST Software" "c:\program files\avast software\avast\ashshell.dll"
+ "AVG Shell Extension" "" "" "File not found: C:\Program Files (x86)\AVG\AVG2012\avgse.dll"
+ "WinRAR32" "" "" "c:\program files (x86)\winrar\rarext.dll"
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing, S.L." "c:\program files (x86)\winzip\wzshlstb.dll"
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "WinRAR" "" "" "c:\program files (x86)\winrar\rarext64.dll"
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing, S.L." "c:\program files (x86)\winzip\wzshls64.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "WinRAR32" "" "" "c:\program files (x86)\winrar\rarext.dll"
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing, S.L." "c:\program files (x86)\winzip\wzshlstb.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "00avast" "avast! Shell Extension" "AVAST Software" "c:\program files\avast software\avast\ashsha64.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "avast! WebRep" "avast! WebRep Plugin" "AVAST Software" "c:\program files\avast software\avast\aswwebrepie64.dll"
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files\microsoft office\office14\urlredir.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "avast! WebRep" "avast! WebRep Plugin" "AVAST Software" "c:\program files\avast software\avast\aswwebrepie.dll"
+ "DivX Plus Web Player HTML5 <video>" "DivX Plus Web Player HTML5 <video> version 2.1.2.145" "DivX, LLC" "c:\program files (x86)\divx\divx plus web player\ie\divxhtml5\divxhtml5.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files (x86)\java\jre6\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files (x86)\java\jre6\bin\ssv.dll"
+ "Lexmark Toolbar" "" "" "c:\program files\lexmark toolbar\toolband.dll"
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\urlredir.dll"
+ "Search Helper" "Search Helper for Internet Explorer" "Microsoft Corporation" "c:\program files (x86)\microsoft\search enhancement pack\search helper\sepsearchhelperie.dll"
+ "Spybot-S&D IE Protection" "SBSD IE Protection" "Safer Networking Limited" "c:\program files (x86)\spybot - search & destroy\sdhelper.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll"
+ "Windows Live Messenger Companion Helper" "Windows Live Messenger Companion Core" "Microsoft Corporation" "c:\program files (x86)\windows live\companion\companioncore.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "avast! WebRep" "avast! WebRep Plugin" "AVAST Software" "c:\program files\avast software\avast\aswwebrepie64.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "avast! WebRep" "avast! WebRep Plugin" "AVAST Software" "c:\program files\avast software\avast\aswwebrepie.dll"
+ "Lexmark Toolbar" "" "" "c:\program files\lexmark toolbar\toolband.dll"
"Task Scheduler" "" "" ""
+ "\Apple\AppleSoftwareUpdate" "Apple Software Update" "Apple Inc." "c:\program files (x86)\apple software update\softwareupdate.exe"
+ "\CCleanerSkipUAC" "CCleaner" "Piriform Ltd" "c:\program files\ccleaner\ccleaner.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-3042568801-1031621623-754509806-1001Core" "Google Installer" "Google Inc." "c:\users\antti\appdata\local\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-3042568801-1031621623-754509806-1001UA" "Google Installer" "Google Inc." "c:\users\antti\appdata\local\google\update\googleupdate.exe"
+ "\Installation App Launcher" "" "" "c:\program files (x86)\lexmark 3600-4600 series\lxdxamon.exe"
+ "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task" "Windows Live Social Object Extractor Engine" "Microsoft Corporation" "c:\program files (x86)\windows live\soxe\wlsoxe.dll"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
+ "\Microsoft_Hardware_Launch_IPoint_exe" "IPoint.exe" "Microsoft Corporation" "c:\program files\microsoft intellipoint\ipoint.exe"
+ "\Microsoft_Hardware_Launch_IType_exe" "IType.exe" "Microsoft Corporation" "c:\program files\microsoft intellitype pro\itype.exe"
+ "\SidebarExecute" "Windows Desktop Gadgets" "Microsoft Corporation" "c:\program files\windows sidebar\sidebar.exe"
+ "\{4BED9EA0-5934-4252-BCFB-11573CAF1480}" "Skype " "Skype Technologies S.A." "c:\program files (x86)\skype\phone\skype.exe"
+ "\{91565BD5-38A5-416A-9671-E3FB45D15B5B}" "Firefox" "Mozilla Corporation" "c:\program files (x86)\mozilla firefox\firefox.exe"
+ "\{CA2529E1-726F-4B9F-98E2-9CCE7927F77E}" "Skype " "Skype Technologies S.A." "c:\program files (x86)\skype\phone\skype.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "ACDaemon" "ArcSoft Connect Service" "ArcSoft Inc." "c:\program files (x86)\common files\arcsoft\connection service\bin\acservice.exe"
+ "AdobeARMservice" "Adobe Acrobat Updater keeps your Adobe software up to date." "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe"
+ "AMD External Events Utility" "AMD External Events Service Module" "AMD" "c:\windows\system32\atiesrxx.exe"
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files (x86)\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "avast! Antivirus" "Manages and implements avast! antivirus services for this computer. This includes the resident protection, the virus chest and the scheduler." "AVAST Software" "c:\program files\avast software\avast\avastsvc.exe"
+ "Bonjour Service" "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence." "Apple Inc." "c:\program files\bonjour\mdnsresponder.exe"
+ "cvhsvc" "Client Virtualization Handler Service (unlocalized description)" "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\virtualization handler\cvhsvc.exe"
+ "FLEXnet Licensing Service" "This service performs licensing functions on behalf of FLEXnet enabled products." "Acresso Software Inc." "c:\program files (x86)\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe"
+ "fsssvc" "This service enables Family Safety on the computer. If this service is not running, Family Safety will not work." "Microsoft Corporation" "c:\program files (x86)\windows live\family safety\fsssvc.exe"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "gusvc" "gusvc" "Google" "c:\program files (x86)\google\common\google updater\googleupdaterservice.exe"
+ "iPod Service" "iPod hardware management services" "Apple Inc." "c:\program files\ipod\bin\ipodservice.exe"
+ "lxdx_device" "Printer Communication System" " " "c:\windows\system32\lxdxcoms.exe"
+ "lxdxCATSCustConnectService" "Lexmark Connect Service Executable" "Lexmark International, Inc." "c:\windows\system32\spool\drivers\x64\3\lxdxserv.exe"
+ "MBAMService" "Malwarebytes Anti-Malware service" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamservice.exe"
+ "McComponentHostService" "McAfee Security Scan Component Host Service" "McAfee, Inc." "c:\program files (x86)\mcafee security scan\2.0.181\mcchsvc.exe"
+ "MozillaMaintenance" "The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled." "Mozilla Foundation" "c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"
+ "osppsvc" "Office Software Protection Platform Service (unlocalized description)" "Microsoft Corporation" "c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe"
+ "PnkBstrA" "PunkBuster Service Component [v1033] http://www.evenbalance.com" "" "c:\windows\syswow64\pnkbstra.exe"
+ "SBAMSvc" "Manages your antispyware and antivirus application" "GFI Software" "c:\program files (x86)\gfi software\vipre\sbamsvc.exe"
+ "SBPIMSvc" "SB Recovery Service" "GFI Software" "c:\program files (x86)\gfi software\vipre\sbpimsvc.exe"
+ "SBSDWSCService" "Spybot-S&D Security Center integration" "Safer Networking Ltd." "c:\program files (x86)\spybot - search & destroy\sdwinsec.exe"
+ "SeaPort" "Enables the detection, download and installation of up-to-date configuration files for Microsoft Search Enhancement applications. Also provides server communication for the customer experience improvement program. If this service is disabled, search enhancement features such as search history may not work correctly." "Microsoft Corporation" "c:\program files (x86)\microsoft\search enhancement pack\seaport\seaport.exe"
+ "sftlist" "Streams and manages applications." "Microsoft Corporation" "c:\program files (x86)\microsoft application virtualization client\sftlist.exe"
+ "sftvsa" "Monitors global service events and launches virtual services." "Microsoft Corporation" "c:\program files (x86)\microsoft application virtualization client\sftvsa.exe"
+ "SkypeUpdate" "Enables the detection, download and installation of updates for Skype." "Skype Technologies" "c:\program files (x86)\skype\updater\updater.exe"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "wlidsvc" "Enables Windows Live ID authentication." "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdkmdag" "ATI Radeon Kernel Mode Driver" "ATI Technologies Inc." "c:\windows\system32\drivers\atipmdag.sys"
+ "amdkmdap" "AMD multi-vendor Miniport Driver" "Advanced Micro Devices, Inc." "c:\windows\system32\drivers\atikmpag.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "aswFsBlk" "avast! mini-filter driver (aswFsBlk)" "AVAST Software" "c:\windows\system32\drivers\aswfsblk.sys"
+ "aswMonFlt" "avast! mini-filter driver (aswMonFlt)" "AVAST Software" "c:\windows\system32\drivers\aswmonflt.sys"
+ "aswRdr" "avast! WFP Redirect driver" "AVAST Software" "c:\windows\system32\drivers\aswrdr2.sys"
+ "aswSnx" "avast! virtualization driver (aswSnx)" "AVAST Software" "c:\windows\system32\drivers\aswsnx.sys"
+ "aswSP" "avast! Self Protection" "AVAST Software" "c:\windows\system32\drivers\aswsp.sys"
+ "aswTdi" "avast! Network Shield TDI driver" "AVAST Software" "c:\windows\system32\drivers\aswtdi.sys"
+ "AtiHdmiService" "ATI High Definition Audio Function Driver" "ATI Technologies, Inc." "c:\windows\system32\drivers\atihdmi.sys"
+ "atikmdag" "ATI Radeon Kernel Mode Driver" "ATI Technologies Inc." "c:\windows\system32\drivers\atikmdag.sys"
+ "AtiPcie" "AMD PCIE Filter Driver for ATI PCIE chipset" "Advanced Micro Devices Inc." "c:\windows\system32\drivers\atipcie.sys"
+ "AVGIDSDriver" "AVG Technologies IDS Application Activity Monitor Driver" "AVG Technologies CZ, s.r.o. " "c:\windows\system32\drivers\avgidsdrivera.sys"
+ "AVGIDSFilter" "AVG Technologies IDS Application Activity Monitor Filter Driver" "AVG Technologies CZ, s.r.o. " "c:\windows\system32\drivers\avgidsfiltera.sys"
+ "AVGIDSHA" "AVG Technologies IDS Application Activity Monitor Helper Driver" "AVG Technologies CZ, s.r.o. " "c:\windows\system32\drivers\avgidsha.sys"
+ "Avgldx64" "AVG AVI Loader Driver" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgldx64.sys"
+ "Avgmfx64" "AVG Resident Shield Minifilter Driver" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgmfx64.sys"
+ "Avgrkx64" "AVG Anti-Rootkit Driver" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgrkx64.sys"
+ "Avgtdia" "AVG Network connection watcher" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgtdia.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "igfx" "Intel Graphics Kernel Mode Driver" "Intel Corporation" "c:\windows\system32\drivers\igdkmd64.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "IntcAzAudAddService" "Realtek® High Definition Audio Function Driver" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtkvhd64.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "MBAMProtector" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\windows\system32\drivers\mbam.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "RSUSBSTOR" "Realtek USB Mass Storage Driver for 2K/XP/Vista/Win7" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtsustor.sys"
+ "RTL8023x64" "Realtek 10/100 X64 Driver " "Realtek Semiconductor Corporation " "c:\windows\system32\drivers\rtnic64.sys"
+ "RTL8167" "Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver " "Realtek " "c:\windows\system32\drivers\rt64win7.sys"
+ "sbapifs" "GFI Active Protection Filter Driver" "GFI Software" "c:\windows\system32\drivers\sbapifs.sys"
+ "SBRE" "GFI Anti-Rootkit Driver" "GFI Software" "c:\windows\system32\drivers\sbredrv.sys"
+ "sbwtis" "GFI Software Transport Inspection WFP Driver" "GFI Software" "c:\windows\system32\drivers\sbwtis.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "SuperIO" "" "" "c:\windows\system32\drivers\spio.sys"
+ "usbfilter" "AMD USB Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\usbfilter.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
+ "WinI2C-DDC" "WINI2C-DDC Kernel Mode Driver" "Nicomsoft Ltd." "c:\windows\system32\drivers\ddcdrv.sys"
+ "wsvd" "CyberLink Virtual Disk Driver" "CyberLink" "c:\windows\system32\drivers\wsvd.sys"
+ "yukonw7" "Miniport Driver for Marvell Yukon Ethernet Controller." "Marvell" "c:\windows\system32\drivers\yk62x64.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
+ "vidc.tscc" "TechSmith Screen Capture Codec" "TechSmith Corporation" "c:\windows\syswow64\tsccvid64.dll"
+ "VIDC.XFR1" "Xfire Video Codec" "" "c:\windows\system32\xfcodec64.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
+ "vidc.DIVX" "DivX" "DivX, Inc." "c:\windows\syswow64\divx.dll"
+ "VIDC.FFDS" "" "" "c:\windows\syswow64\ff_vfw.dll"
+ "vidc.tscc" "TechSmith Screen Capture Codec" "TechSmith Corporation" "c:\windows\syswow64\tsccvid.dll"
+ "vidc.yv12" "DivX" "DivX, Inc." "c:\windows\syswow64\divx.dll"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "DivX Decoder Filter" "DivX Decoder Filter" "DivX, Inc." "c:\program files\divx\divx codec\divxdec.ax"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "ATI Ticker" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\ticker.ax"
+ "Capture File Writer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "CyberLink Audio Noise Reduction" "CLAuNR" "CyberLink Corp." "c:\program files (x86)\lenovo\power2go\p2gaunrwrapper.ax"
+ "CyberLink Audio Resampler" "CLAuRsmpl.ax" "CyberLink Corp." "c:\program files (x86)\lenovo\power2go\p2gaursmpl.ax"
+ "CyberLink Audio VolumeBooster" "CyberLink Audio Volume Booster Filter" "CyberLink Corp." "c:\program files (x86)\lenovo\power2go\p2gvb.ax"
+ "CyberLink AudioCD Filter" "CyberLink AudioCD Filter" "CyberLink Corp." "c:\program files (x86)\lenovo\power2go\p2gaudiocd.ax"
+ "Cyberlink Dump Dispatch Filter" "Cyberlink File Dump Dispatch Filter" "CyberLink Corp." "c:\program files (x86)\lenovo\power2go\p2gdumpdispatch.ax"
+ "Cyberlink Dump Filter" "Cyberlink File Dump Filter" "CyberLink Corp." "c:\program files (x86)\lenovo\power2go\p2gdump.ax"
+ "CyberLink Editing Service 3.0 (Source)" "CES Kernel" "CyberLink Corp." "c:\program files (x86)\lenovo\power2go\p2gedtkrn.dll"
+ "Cyberlink File Reader (Async.)" "Cyberlink MPEG File Reader" "CyberLink Corp." "c:\program files (x86)\lenovo\power2go\p2greader.ax"
+ "CyberLink Load Image Filter" "CLImage" "CyberLink" "c:\program files (x86)\cyberlink\shared files\climage.ax"
+ "CyberLink M2V Writer" "CLM2VWriter" "CyberLink" "c:\program files (x86)\lenovo\power2go\p2gm2vwriter.ax"
+ "CyberLink MP3/WAV Wrapper" "CyberLink MP3 Wrapper" "CyberLink Corp." "c:\program files (x86)\lenovo\power2go\p2gmp3wrap.ax"
+ "CyberLink MPEG Decoder" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files (x86)\lenovo\power2go\p2gmvd.ax"
+ "CyberLink MPEG Muxer" "MpgMux" "CyberLink" "c:\program files (x86)\lenovo\power2go\p2gmpgmux.ax"
+ "CyberLink MPEG Video Encoder" "CyberLink MPEG Video Encoder " "CyberLink Corp. " "c:\program files (x86)\lenovo\power2go\p2gvidenc.ax"
+ "CyberLink MPEG-1 Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files (x86)\lenovo\power2go\p2gm1spliter.ax"
+ "CyberLink MPEG-2 Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files (x86)\lenovo\power2go\p2gm2spliter.ax"
+ "CyberLink PCM Wrapper" "CyberLink PCM Wrapper" "CyberLink Corp." "c:\program files (x86)\lenovo\power2go\p2gpcmenc.ax"
+ "CyberLink TimeStretch Filter (CES)" "CLAuTS.ax" "CyberLink Corp." "c:\program files (x86)\lenovo\power2go\p2gauts.ax"
+ "CyberLink TL MPEG Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files (x86)\lenovo\power2go\p2gtlmsplter.ax"
+ "CyberLink Video Effect" "CLVidFx" "CyberLink" "c:\program files (x86)\lenovo\power2go\p2gvidfx.ax"
+ "CyberLink Video Regulator" "CLRGL" "Cyberlink" "c:\program files (x86)\lenovo\power2go\p2grgl.ax"
+ "CyberLink Video Stabilizer" "CLVideoDeShaking" "CyberLink" "c:\program files (x86)\lenovo\power2go\p2gvideostabilizer.ax"
+ "DivX AAC Decoder" "AAC audio decoder filter" "DivX, Inc." "c:\program files (x86)\divx\divx plus directshow filters\daac.ax"
+ "DivX Decoder Filter" "DivX Decoder Filter" "DivX, Inc." "c:\program files (x86)\divx\divx codec\divxdec.ax"
+ "DivX Demux Filter" "DivX Plus DMF Navigator Filter" "DivX, Inc." "c:\program files (x86)\divx\divx plus directshow filters\directshowdemuxfilter.dll"
+ "DivX Demux Filter (Unrestricted Edition)" "DivX Plus DMF Navigator Filter" "DivX, Inc." "c:\program files (x86)\divx\divx plus directshow filters\directshowdemuxfilter.dll"
+ "DivX H.264 Decoder" "DivX H.264 Decoder Filter" "DivX, Inc." "c:\program files (x86)\divx\divx plus directshow filters\divxdech264.ax"
+ "ffdshow Audio Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\ffdshow\ffdshow.ax"
+ "ffdshow Audio Processor" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\ffdshow\ffdshow.ax"
+ "ffdshow raw video filter" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\ffdshow\ffdshow.ax"
+ "ffdshow subtitles filter" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\ffdshow\ffdshow.ax"
+ "ffdshow Video Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\ffdshow\ffdshow.ax"
+ "MMACE Deinterlace" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "MMACE ProcAmp" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "MMACE SoftEmu" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "P2G Audio Decoder" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files (x86)\lenovo\power2go\p2gaud.ax"
+ "P2G Audio Encoder" "CyberLink Audio Encoder Filter" "Cyberlink Corp." "c:\program files (x86)\lenovo\power2go\p2gaudenc.ax"
+ "P2G Video Decoder" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files (x86)\lenovo\power2go\p2gvsd.ax"
+ "P2G Video Regulator" "CyberLink Video Regulator" "CyberLink" "c:\program files (x86)\lenovo\power2go\p2gresample.ax"
+ "Record Queue" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WM VIH2 Fix" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT DV Extract Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "Xvid MPEG-4 Video Decoder" "xvid" "http://www.xvid.org" "c:\windows\syswow64\xvid.ax"
"HKLM\System\CurrentControlSet\Control\Session Manager\BootExecute" "" "" ""
+ "C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart" "" "" "File not found: C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" "" "" ""
+ "WLIDCredentialProvider" "Microsoft® Windows Live ID Credential Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files (x86)\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "3600-4600 Series Port" "Printer Communication System" " " "c:\windows\system32\lxdxlmpm.dll"
+ "Lexmark Print-2-Fax Port" "" "" "c:\windows\system32\lxf3pmon.dll"
"C:\Users\Antti\AppData\Local\Microsoft\Windows Sidebar\Settings.ini" "" "" ""
+ "Avast! antivirus monitor" "Avast! antivirus sidebar gadget." "AVAST Software" "C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\Gadget.xml"

#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:00 PM

Posted 02 August 2012 - 03:40 PM

On which browser?

#12 Andrus

Andrus
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:02:00 PM

Posted 02 August 2012 - 03:59 PM

mozilla

#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:00 PM

Posted 02 August 2012 - 04:04 PM

Uninstall firefox

Checkmark Remove my personal data option

Reinstall it

Let me know if you still have redirects

#14 Andrus

Andrus
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:02:00 PM

Posted 02 August 2012 - 04:23 PM

how do I keep my passwords and bookmarks?

#15 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:00 PM

Posted 02 August 2012 - 04:27 PM

This should work

http://support.mozilla.com/en-US/kb/Backing+up+your+information




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users