Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Zero Access Infestation


  • Please log in to reply
18 replies to this topic

#1 comalco2000

comalco2000

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:06:13 AM

Posted 05 September 2012 - 04:09 AM

I am running a HP Elite 8440P with Win 7 Professional.

My PC seems to be very slow, so about a week ago I ran McAfees On Demand for a full scan, even though it is set up to run everyday at 5pm.
After the hour or so it took to run, I was surprised to see about 8 reported issues, half of which reported as "deleted", but there were the other half which were "zero access.em" trojans, with a "could not delete" message against them. The PC has been running VERY slow and there seems to be significant HDD activity going on in the background, but all apps seems to be running OK (albeit slow), except I cannot print to me network printers (they queue and never print), but local printing is fine. I also cannot change my IP addresses (I use Netset Man to switch IPs to interface to several non-network pieces of equipment). Netset Man just seems to hang, and my IP address never changes to any of the other profiles I have set up in NetSet Man.

Now every time I run McAfees, I get multiple zero access trojan reports. Some with ".eh" extensions, which seem to delete, but come back later, and the ".em" extensions which just say "could not delete".

This PC just seems to be getting slower and slower, and I am concerned about any security risk. Even though the PC is in a work environment and behind a tight firewall.

So, I am relatively green on all of this, but I am wondering if someone can help me get rid of these "zero access" trojans. Is the a malware/antivirus app that will wipe them effectively, or is there another process I can follow?
In the interim, I bought a new USB HDD and have copied all my working files etc to it for backup.......

Any and all help appreciated.

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:13 PM

Posted 05 September 2012 - 08:06 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 comalco2000

comalco2000
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:06:13 AM

Posted 25 September 2012 - 04:56 AM

I was travelling for a few days, sorry for the delay.................PC is getting worse. Very hard to work with now because very long delays between key clicks, and keyboard entry, etc. Seems to take forever to open windows in IE, action things, etc etc


00:15:05.0323 1472 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
00:15:07.0325 1472 ============================================================
00:15:07.0325 1472 Current date / time: 2012/09/24 00:15:07.0325
00:15:07.0325 1472 SystemInfo:
00:15:07.0325 1472
00:15:07.0325 1472 OS Version: 6.1.7600 ServicePack: 0.0
00:15:07.0325 1472 Product type: Workstation
00:15:07.0325 1472 ComputerName: RFI-L-SX2N
00:15:07.0326 1472 UserName: Scott Alford
00:15:07.0326 1472 Windows directory: C:\windows
00:15:07.0326 1472 System windows directory: C:\windows
00:15:07.0326 1472 Processor architecture: Intel x86
00:15:07.0326 1472 Number of processors: 4
00:15:07.0326 1472 Page size: 0x1000
00:15:07.0326 1472 Boot type: Normal boot
00:15:07.0326 1472 ============================================================
00:15:09.0518 1472 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
00:15:09.0540 1472 ============================================================
00:15:09.0540 1472 \Device\Harddisk0\DR0:
00:15:09.0541 1472 MBR partitions:
00:15:09.0541 1472 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x96000
00:15:09.0541 1472 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x96800, BlocksNum 0x1AF2D800
00:15:09.0541 1472 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x1AFC4000, BlocksNum 0x1E00000
00:15:09.0541 1472 \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x1CDC4000, BlocksNum 0x3FD800
00:15:09.0541 1472 ============================================================
00:15:10.0571 1472 C: <-> \Device\Harddisk0\DR0\Partition2
00:15:11.0218 1472 F: <-> \Device\Harddisk0\DR0\Partition4
00:15:11.0263 1472 Q: <-> \Device\Harddisk0\DR0\Partition1
00:15:11.0264 1472 ============================================================
00:15:11.0264 1472 Initialize success
00:15:11.0264 1472 ============================================================
00:15:20.0076 2096 ============================================================
00:15:20.0076 2096 Scan started
00:15:20.0076 2096 Mode: Manual; TDLFS;
00:15:20.0076 2096 ============================================================
00:15:32.0199 2096 ================ Scan system memory ========================
00:15:32.0199 2096 System memory - ok
00:15:32.0199 2096 ================ Scan services =============================
00:15:37.0099 2096 [ 6D2ACA41739BFE8CB86EE8E85F29697D ] 1394ohci C:\windows\system32\DRIVERS\1394ohci.sys
00:15:37.0102 2096 1394ohci - ok
00:15:37.0332 2096 [ 465B6BAABA53A628F7252846D0E900EE ] Accelerometer C:\windows\system32\DRIVERS\Accelerometer.sys
00:15:37.0332 2096 Accelerometer - ok
00:15:37.0416 2096 [ F0E07D144C8685B8774BC32FC8DA4DF0 ] ACPI C:\windows\system32\DRIVERS\ACPI.sys
00:15:37.0421 2096 ACPI - ok
00:15:37.0532 2096 [ 98D81CA942D19F7D9153B095162AC013 ] AcpiPmi C:\windows\system32\DRIVERS\acpipmi.sys
00:15:37.0540 2096 AcpiPmi - ok
00:15:37.0643 2096 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\windows\system32\DRIVERS\adp94xx.sys
00:15:37.0678 2096 adp94xx - ok
00:15:37.0738 2096 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\windows\system32\DRIVERS\adpahci.sys
00:15:37.0741 2096 adpahci - ok
00:15:37.0772 2096 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\windows\system32\DRIVERS\adpu320.sys
00:15:37.0776 2096 adpu320 - ok
00:15:37.0875 2096 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
00:15:37.0881 2096 AeLookupSvc - ok
00:15:39.0342 2096 [ 827DBC22C96EECF6D36A13162FABAFD3 ] AESTFilters C:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_1fb74af29935fce6\aestsrv.exe
00:15:39.0348 2096 AESTFilters - ok
00:15:39.0435 2096 [ 0DB7A48388D54D154EBEC120461A0FCD ] AFD C:\windows\system32\drivers\afd.sys
00:15:39.0439 2096 AFD - ok
00:15:39.0665 2096 [ 6416F9B6B220F0A890525C38235AFAD7 ] AgereModemAudio C:\Program Files\LSI SoftModem\agrsmsvc.exe
00:15:39.0670 2096 AgereModemAudio - ok
00:15:39.0871 2096 [ 07758C2196A62F207F77556311E7459A ] AgereSoftModem C:\windows\system32\DRIVERS\AGRSM.sys
00:15:39.0911 2096 AgereSoftModem - ok
00:15:39.0992 2096 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\windows\system32\DRIVERS\agp440.sys
00:15:39.0995 2096 agp440 - ok
00:15:40.0128 2096 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\windows\system32\DRIVERS\djsvs.sys
00:15:40.0130 2096 aic78xx - ok
00:15:40.0196 2096 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\windows\System32\alg.exe
00:15:40.0199 2096 ALG - ok
00:15:40.0305 2096 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\windows\system32\DRIVERS\aliide.sys
00:15:40.0306 2096 aliide - ok
00:15:40.0423 2096 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\windows\system32\DRIVERS\amdagp.sys
00:15:40.0431 2096 amdagp - ok
00:15:40.0497 2096 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\windows\system32\DRIVERS\amdide.sys
00:15:40.0497 2096 amdide - ok
00:15:40.0545 2096 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\windows\system32\DRIVERS\amdk8.sys
00:15:40.0549 2096 AmdK8 - ok
00:15:40.0890 2096 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
00:15:40.0895 2096 AmdPPM - ok
00:15:40.0963 2096 [ 19CE906B4CDC11FC4FEF5745F33A63B6 ] amdsata C:\windows\system32\drivers\amdsata.sys
00:15:40.0968 2096 amdsata - ok
00:15:41.0154 2096 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\windows\system32\DRIVERS\amdsbs.sys
00:15:41.0158 2096 amdsbs - ok
00:15:41.0189 2096 [ 869E67D66BE326A5A9159FBA8746FA70 ] amdxata C:\windows\system32\drivers\amdxata.sys
00:15:41.0190 2096 amdxata - ok
00:15:41.0297 2096 [ FEB834C02CE1E84B6A38F953CA067706 ] AppID C:\windows\system32\drivers\appid.sys
00:15:41.0304 2096 AppID - ok
00:15:41.0344 2096 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\windows\System32\appidsvc.dll
00:15:41.0347 2096 AppIDSvc - ok
00:15:41.0436 2096 [ 7DEAD9E3F65DCB2794F2711003BBF650 ] Appinfo C:\windows\System32\appinfo.dll
00:15:41.0439 2096 Appinfo - ok
00:15:41.0557 2096 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\windows\System32\appmgmts.dll
00:15:41.0560 2096 AppMgmt - ok
00:15:41.0607 2096 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\windows\system32\DRIVERS\arc.sys
00:15:41.0610 2096 arc - ok
00:15:41.0615 2096 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\windows\system32\DRIVERS\arcsas.sys
00:15:41.0616 2096 arcsas - ok
00:15:42.0127 2096 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
00:15:42.0146 2096 aspnet_state - ok
00:15:42.0236 2096 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
00:15:42.0238 2096 AsyncMac - ok
00:15:42.0347 2096 [ 338C86357871C167A96AB976519BF59E ] atapi C:\windows\system32\DRIVERS\atapi.sys
00:15:42.0348 2096 atapi - ok
00:15:42.0586 2096 [ 3340340F31E3CA63F48079AD848DEA0E ] atashost C:\windows\system32\atashost.exe
00:15:42.0642 2096 atashost - ok
00:15:43.0659 2096 [ 510C873BFA135AA829F4180352772734 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
00:15:43.0700 2096 AudioEndpointBuilder - ok
00:15:43.0707 2096 [ 510C873BFA135AA829F4180352772734 ] Audiosrv C:\windows\System32\Audiosrv.dll
00:15:43.0710 2096 Audiosrv - ok
00:15:43.0775 2096 [ DD6A431B43E34B91A767D1CE33728175 ] AxInstSV C:\windows\System32\AxInstSV.dll
00:15:43.0783 2096 AxInstSV - ok
00:15:43.0895 2096 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\windows\system32\DRIVERS\bxvbdx.sys
00:15:43.0961 2096 b06bdrv - ok
00:15:44.0090 2096 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\windows\system32\DRIVERS\b57nd60x.sys
00:15:44.0096 2096 b57nd60x - ok
00:15:44.0135 2096 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\windows\System32\bdesvc.dll
00:15:44.0138 2096 BDESVC - ok
00:15:44.0162 2096 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\windows\system32\drivers\Beep.sys
00:15:44.0164 2096 Beep - ok
00:15:44.0241 2096 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
00:15:44.0245 2096 blbdrive - ok
00:15:44.0299 2096 [ 9A5C671B7FBAE4865149BB11F59B91B2 ] bowser C:\windows\system32\DRIVERS\bowser.sys
00:15:44.0303 2096 bowser - ok
00:15:44.0337 2096 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\windows\system32\DRIVERS\BrFiltLo.sys
00:15:44.0345 2096 BrFiltLo - ok
00:15:44.0424 2096 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\windows\system32\DRIVERS\BrFiltUp.sys
00:15:44.0427 2096 BrFiltUp - ok
00:15:44.0498 2096 [ 598E1280E7FF3744F4B8329366CC5635 ] Browser C:\windows\System32\browser.dll
00:15:44.0504 2096 Browser - ok
00:15:44.0983 2096 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\windows\System32\Drivers\Brserid.sys
00:15:45.0051 2096 Brserid - ok
00:15:45.0460 2096 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
00:15:45.0467 2096 BrSerWdm - ok
00:15:45.0510 2096 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
00:15:45.0513 2096 BrUsbMdm - ok
00:15:45.0545 2096 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
00:15:45.0549 2096 BrUsbSer - ok
00:15:45.0661 2096 [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum C:\windows\system32\drivers\BthEnum.sys
00:15:45.0668 2096 BthEnum - ok
00:15:45.0730 2096 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys
00:15:45.0733 2096 BTHMODEM - ok
00:15:45.0819 2096 [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan C:\windows\system32\DRIVERS\bthpan.sys
00:15:45.0824 2096 BthPan - ok
00:15:45.0952 2096 [ 88059FF1DED4472ACD17EEBABD393069 ] BTHPORT C:\windows\System32\Drivers\BTHport.sys
00:15:45.0968 2096 BTHPORT - ok
00:15:46.0103 2096 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\windows\system32\bthserv.dll
00:15:46.0107 2096 bthserv - ok
00:15:46.0157 2096 [ 80E6384BEEC03B8BD45EDEA29802D657 ] BTHUSB C:\windows\System32\Drivers\BTHUSB.sys
00:15:46.0165 2096 BTHUSB - ok
00:15:46.0236 2096 [ F549C3FB145A4928E40BB1518B2034DC ] btusbflt C:\windows\system32\drivers\btusbflt.sys
00:15:46.0237 2096 btusbflt - ok
00:15:46.0349 2096 [ CE5833C144CA6623BCBDE93B188AA850 ] btwaudio C:\windows\system32\drivers\btwaudio.sys
00:15:46.0350 2096 btwaudio - ok
00:15:46.0375 2096 [ AF9148C3E844131AC954CB53FF43D971 ] btwavdt C:\windows\system32\drivers\btwavdt.sys
00:15:46.0376 2096 btwavdt - ok
00:15:47.0320 2096 [ F55C99818FD1EACFC7784958A8592536 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
00:15:47.0359 2096 btwdins - ok
00:15:47.0459 2096 [ AAFD7CB76BA61FBB08E302DA208C974A ] btwl2cap C:\windows\system32\DRIVERS\btwl2cap.sys
00:15:47.0460 2096 btwl2cap - ok
00:15:47.0526 2096 [ 480B3D195854B2E55299CDDDDC50BCF9 ] btwrchid C:\windows\system32\DRIVERS\btwrchid.sys
00:15:47.0526 2096 btwrchid - ok
00:15:47.0606 2096 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
00:15:47.0610 2096 cdfs - ok
00:15:47.0741 2096 [ BA6E70AA0E6091BC39DE29477D866A77 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
00:15:47.0743 2096 cdrom - ok
00:15:47.0845 2096 [ 628A9E30EC5E18DD5DE6BE4DBDC12198 ] CertPropSvc C:\windows\System32\certprop.dll
00:15:47.0865 2096 CertPropSvc - ok
00:15:47.0908 2096 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\windows\system32\DRIVERS\circlass.sys
00:15:47.0929 2096 circlass - ok
00:15:47.0993 2096 [ 7DE42E6B078D092272D4107357E78D5B ] CLBStor C:\windows\system32\drivers\CLBStor.sys
00:15:47.0995 2096 CLBStor - ok
00:15:48.0135 2096 [ B501583BCE450C710E42A687D7DD0E7C ] CLBUDF C:\windows\system32\drivers\CLBUDF.sys
00:15:48.0136 2096 CLBUDF - ok
00:15:48.0203 2096 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\windows\system32\CLFS.sys
00:15:48.0206 2096 CLFS - ok
00:15:48.0937 2096 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
00:15:48.0945 2096 clr_optimization_v2.0.50727_32 - ok
00:15:49.0569 2096 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
00:15:49.0842 2096 clr_optimization_v4.0.30319_32 - ok
00:15:49.0884 2096 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
00:15:49.0889 2096 CmBatt - ok
00:15:49.0926 2096 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\windows\system32\DRIVERS\cmdide.sys
00:15:49.0927 2096 cmdide - ok
00:15:50.0048 2096 [ 36C252E474B2FFA0F0FBBFF20D92A640 ] CNG C:\windows\system32\Drivers\cng.sys
00:15:50.0052 2096 CNG - ok
00:15:50.0375 2096 [ F9A79C5B27037821112C50A9C8FB367A ] Com4QLBEx C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
00:15:50.0381 2096 Com4QLBEx - ok
00:15:50.0466 2096 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys
00:15:50.0466 2096 Compbatt - ok
00:15:50.0538 2096 [ F1724BA27E97D627F808FB0BA77A28A6 ] CompositeBus C:\windows\system32\DRIVERS\CompositeBus.sys
00:15:50.0540 2096 CompositeBus - ok
00:15:50.0572 2096 COMSysApp - ok
00:15:50.0595 2096 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\windows\system32\DRIVERS\crcdisk.sys
00:15:50.0608 2096 crcdisk - ok
00:15:51.0328 2096 [ 520A108A2657F4BCA7FCED9CA7D885DE ] CryptSvc C:\windows\system32\cryptsvc.dll
00:15:51.0330 2096 CryptSvc - ok
00:15:51.0443 2096 [ 27C9490BDD0AE48911AB8CF1932591ED ] CSC C:\windows\system32\drivers\csc.sys
00:15:51.0448 2096 CSC - ok
00:15:51.0542 2096 [ 56FB5F222EA30D3D3FC459879772CB73 ] CscService C:\windows\System32\cscsvc.dll
00:15:51.0549 2096 CscService - ok
00:15:51.0674 2096 [ CB6FF7012BB5D59D7C12350DB795CE1F ] ctxusbm C:\windows\system32\DRIVERS\ctxusbm.sys
00:15:51.0674 2096 ctxusbm - ok
00:15:51.0875 2096 [ B82CD39E336973359D7C9BF911E8E84F ] DcomLaunch C:\windows\system32\rpcss.dll
00:15:51.0923 2096 DcomLaunch - ok
00:15:52.0049 2096 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\windows\System32\defragsvc.dll
00:15:52.0058 2096 defragsvc - ok
00:15:52.0131 2096 [ 83D1ECEA8FAAE75604C0FA49AC7AD996 ] DfsC C:\windows\system32\Drivers\dfsc.sys
00:15:52.0134 2096 DfsC - ok
00:15:52.0205 2096 [ C56495FBD770712367CAD35E5DE72DA6 ] Dhcp C:\windows\system32\dhcpcore.dll
00:15:52.0211 2096 Dhcp - ok
00:15:52.0251 2096 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\windows\system32\drivers\discache.sys
00:15:52.0254 2096 discache - ok
00:15:52.0364 2096 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\windows\system32\DRIVERS\disk.sys
00:15:52.0364 2096 Disk - ok
00:15:52.0445 2096 [ B15BE77A2BACF9C3177D27518AFE26A9 ] Dnscache C:\windows\System32\dnsrslvr.dll
00:15:52.0449 2096 Dnscache - ok
00:15:52.0482 2096 [ 4408C85C21EEA48EB0CE486BAEEF0502 ] dot3svc C:\windows\System32\dot3svc.dll
00:15:52.0486 2096 dot3svc - ok
00:15:52.0524 2096 [ 7FA81C6E11CAA594ADB52084DA73A1E5 ] DPS C:\windows\system32\dps.dll
00:15:52.0530 2096 DPS - ok
00:15:53.0121 2096 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
00:15:53.0125 2096 drmkaud - ok
00:15:53.0406 2096 [ BD95B819D269E6CB20D25BB098131814 ] dvdfab C:\windows\system32\drivers\dvdfab.sys
00:15:53.0407 2096 dvdfab - ok
00:15:53.0693 2096 [ 1679A4669326CB1A67CC95658D273234 ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
00:15:53.0697 2096 DXGKrnl - ok
00:15:53.0805 2096 [ 034FA3A00FFF4F68DD9F6D3793392274 ] e1kexpress C:\windows\system32\DRIVERS\e1k6232.sys
00:15:53.0806 2096 e1kexpress - ok
00:15:53.0895 2096 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\windows\System32\eapsvc.dll
00:15:53.0899 2096 EapHost - ok
00:15:54.0468 2096 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\windows\system32\DRIVERS\evbdx.sys
00:15:54.0549 2096 ebdrv - ok
00:15:55.0311 2096 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] EFS C:\windows\System32\lsass.exe
00:15:55.0315 2096 EFS - ok
00:15:55.0644 2096 [ 1697C39978CD69F6FBC15302EDCECE1F ] ehRecvr C:\windows\ehome\ehRecvr.exe
00:15:55.0686 2096 ehRecvr - ok
00:15:55.0789 2096 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\windows\ehome\ehsched.exe
00:15:55.0799 2096 ehSched - ok
00:15:55.0862 2096 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\windows\system32\DRIVERS\elxstor.sys
00:15:55.0867 2096 elxstor - ok
00:15:55.0939 2096 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\windows\system32\DRIVERS\errdev.sys
00:15:55.0942 2096 ErrDev - ok
00:15:56.0272 2096 [ 2407B8164E966755BC6A4242FC9DE31E ] esgiguard C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys
00:15:56.0273 2096 esgiguard - ok
00:15:56.0346 2096 [ AC2B6C8B6470237C0B342FBAC8A18AC9 ] EST_BusEnum C:\windows\system32\DRIVERS\GenBus.sys
00:15:56.0352 2096 EST_BusEnum - ok
00:15:56.0415 2096 [ 484B0D9213B1BC61A2CB9F8D0F7FDFBE ] EST_Server C:\windows\system32\DRIVERS\GenHC.sys
00:15:56.0419 2096 EST_Server - ok
00:15:56.0572 2096 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\windows\system32\es.dll
00:15:56.0577 2096 EventSystem - ok
00:15:57.0587 2096 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\windows\system32\drivers\exfat.sys
00:15:57.0589 2096 exfat - ok
00:15:57.0634 2096 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\windows\system32\drivers\fastfat.sys
00:15:57.0639 2096 fastfat - ok
00:15:57.0865 2096 [ F7EA23CC5E6BF2181F3F399D54F6EFC1 ] Fax C:\windows\system32\fxssvc.exe
00:15:57.0913 2096 Fax - ok
00:15:58.0012 2096 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\windows\system32\DRIVERS\fdc.sys
00:15:58.0017 2096 fdc - ok
00:15:58.0083 2096 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\windows\system32\fdPHost.dll
00:15:58.0085 2096 fdPHost - ok
00:15:58.0130 2096 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\windows\system32\fdrespub.dll
00:15:58.0133 2096 FDResPub - ok
00:15:58.0172 2096 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
00:15:58.0173 2096 FileInfo - ok
00:15:58.0182 2096 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\windows\system32\drivers\filetrace.sys
00:15:58.0190 2096 Filetrace - ok
00:15:58.0221 2096 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\windows\system32\DRIVERS\flpydisk.sys
00:15:58.0225 2096 flpydisk - ok
00:15:58.0277 2096 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
00:15:58.0279 2096 FltMgr - ok
00:15:58.0633 2096 [ 7FE4995528A7529A761875151EE3D512 ] FontCache C:\windows\system32\FntCache.dll
00:15:58.0667 2096 FontCache - ok
00:15:58.0925 2096 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
00:15:58.0926 2096 FontCache3.0.0.0 - ok
00:15:58.0931 2096 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\windows\system32\drivers\FsDepends.sys
00:15:58.0932 2096 FsDepends - ok
00:15:59.0677 2096 [ 500A9814FD9446A8126858A5A7F7D273 ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
00:15:59.0677 2096 Fs_Rec - ok
00:15:59.0749 2096 [ B7AA8283EC551D3A3B924E520E0621A7 ] FTDIBUS C:\windows\system32\drivers\ftdibus.sys
00:15:59.0753 2096 FTDIBUS - ok
00:15:59.0817 2096 [ 596D31583CE332B5514520D74837F434 ] FTSER2K C:\windows\system32\drivers\ftser2k.sys
00:15:59.0821 2096 FTSER2K - ok
00:15:59.0893 2096 [ DAFBD9FE39197495AED6D51F3B85B5D2 ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
00:15:59.0897 2096 fvevol - ok
00:15:59.0961 2096 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\windows\system32\DRIVERS\gagp30kx.sys
00:15:59.0964 2096 gagp30kx - ok
00:16:00.0439 2096 [ AC3C0387243683CB462DF7961E1C248E ] GenWatchService C:\Program Files\Genesis\GenWatch3\GenWatch.exe
00:16:00.0570 2096 GenWatchService - ok
00:16:00.0959 2096 [ 8BA3C04702BF8F927AB36AE8313CA4EE ] gpsvc C:\windows\System32\gpsvc.dll
00:16:00.0967 2096 gpsvc - ok
00:16:01.0460 2096 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
00:16:01.0464 2096 gupdate - ok
00:16:01.0534 2096 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
00:16:01.0535 2096 gupdatem - ok
00:16:01.0574 2096 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
00:16:01.0581 2096 hcw85cir - ok
00:16:01.0703 2096 [ 3530CAD25DEBA7DC7DE8BB51632CBC5F ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
00:16:01.0707 2096 HdAudAddService - ok
00:16:01.0776 2096 [ 717A2207FD6F13AD3E664C7D5A43C7BF ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys
00:16:01.0783 2096 HDAudBus - ok
00:16:01.0934 2096 [ A88485DC6A7136C10D9A6C7E38FDFE3C ] HECI C:\windows\system32\DRIVERS\HECI.sys
00:16:01.0939 2096 HECI - ok
00:16:01.0973 2096 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\windows\system32\DRIVERS\HidBatt.sys
00:16:01.0979 2096 HidBatt - ok
00:16:02.0039 2096 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\windows\system32\DRIVERS\hidbth.sys
00:16:02.0047 2096 HidBth - ok
00:16:02.0148 2096 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\windows\system32\DRIVERS\hidir.sys
00:16:02.0153 2096 HidIr - ok
00:16:02.0207 2096 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\windows\system32\hidserv.dll
00:16:02.0210 2096 hidserv - ok
00:16:02.0317 2096 [ 25072FB35AC90B25F9E4E3BACF774102 ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
00:16:02.0321 2096 HidUsb - ok
00:16:02.0408 2096 [ 741C2A45CA8407E374AABA3E330B7872 ] hkmsvc C:\windows\system32\kmsvc.dll
00:16:02.0415 2096 hkmsvc - ok
00:16:02.0455 2096 [ A768CA158BB06782A2835B907F4873C3 ] HomeGroupListener C:\windows\system32\ListSvc.dll
00:16:02.0458 2096 HomeGroupListener - ok
00:16:02.0519 2096 [ FB08DEC5EF43D0C66D83B8E9694E7549 ] HomeGroupProvider C:\windows\system32\provsvc.dll
00:16:02.0523 2096 HomeGroupProvider - ok
00:16:03.0456 2096 [ C84BCC03858DAEAC4DB1E95EFCCE1934 ] HP Health Check Service C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
00:16:03.0459 2096 HP Health Check Service - ok
00:16:03.0603 2096 [ C4154FE402D09EF5964B5B8581514D11 ] HP LaserJet Service C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe
00:16:03.0605 2096 HP LaserJet Service - ok
00:16:03.0840 2096 [ 96D214228969DDB213EF81951E89F699 ] HP Power Assistant Service C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
00:16:03.0843 2096 HP Power Assistant Service - ok
00:16:04.0018 2096 [ 45C20CEAA37A497AE187D94AFE94DEB8 ] HP Wireless Assistant Service C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
00:16:04.0019 2096 HP Wireless Assistant Service - ok
00:16:04.0230 2096 [ A1731B1204CD7EB9C244B0A6F89264DF ] Hp.Skyroom.Windows.Service C:\Program Files\Hewlett-Packard\HP SkyRoom\Hp.Skyroom.Windows.Service.exe
00:16:04.0234 2096 Hp.Skyroom.Windows.Service - ok
00:16:05.0242 2096 [ CD6525B7E42188E6A7489829D11BB8B4 ] HPDrvMntSvc.exe c:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe
00:16:05.0291 2096 HPDrvMntSvc.exe - ok
00:16:05.0341 2096 [ D5C35E6416A379C445CDA826B9FE452F ] hpdskflt C:\windows\system32\DRIVERS\hpdskflt.sys
00:16:05.0341 2096 hpdskflt - ok
00:16:05.0414 2096 [ 1210960FF8928950D2A786895B0C424A ] HpqKbFiltr C:\windows\system32\DRIVERS\HpqKbFiltr.sys
00:16:05.0416 2096 HpqKbFiltr - ok
00:16:05.0526 2096 [ FDF273A845F1FFCCEADF363AAF47582F ] hpqwmiex C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
00:16:05.0533 2096 hpqwmiex - ok
00:16:05.0600 2096 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\windows\system32\DRIVERS\HpSAMD.sys
00:16:05.0603 2096 HpSAMD - ok
00:16:05.0692 2096 [ 00DC55481FAD2841284ED09E7D69CD11 ] hpsrv C:\windows\system32\Hpservice.exe
00:16:05.0694 2096 hpsrv - ok
00:16:05.0786 2096 [ C531C7FD9E8B62021112787C4E2C5A5A ] HTTP C:\windows\system32\drivers\HTTP.sys
00:16:05.0792 2096 HTTP - ok
00:16:05.0844 2096 [ 8305F33CDE89AD6C7A0763ED0B5A8D42 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
00:16:05.0844 2096 hwpolicy - ok
00:16:05.0948 2096 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys
00:16:05.0954 2096 i8042prt - ok
00:16:06.0234 2096 [ F54B3DB096ABD6E9BBBD052FD3878A48 ] IAANTMON C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
00:16:06.0275 2096 IAANTMON - ok
00:16:06.0410 2096 [ 01446278D4563B3013C92830AE6CBB26 ] iaStor C:\windows\system32\DRIVERS\iaStor.sys
00:16:06.0412 2096 iaStor - ok
00:16:06.0536 2096 [ 71F1A494FEDF4B33C02C4A6A28D6D9E9 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
00:16:06.0540 2096 iaStorV - ok
00:16:07.0176 2096 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
00:16:07.0180 2096 IDriverT - ok
00:16:07.0373 2096 [ 5AF815EB5BC9802E5A064E2BA62BFC0C ] idsvc C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
00:16:07.0412 2096 idsvc - ok
00:16:08.0550 2096 [ 4EE7874572A515D112D2F35112F5AD41 ] igfx C:\windows\system32\DRIVERS\igdkmd32.sys
00:16:08.0970 2096 igfx - ok
00:16:09.0152 2096 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\windows\system32\DRIVERS\iirsp.sys
00:16:09.0153 2096 iirsp - ok
00:16:09.0322 2096 [ FAC0EE6562B121B1399D6E855583F7A5 ] IKEEXT C:\windows\System32\ikeext.dll
00:16:09.0331 2096 IKEEXT - ok
00:16:09.0693 2096 [ 1E8154841A0A24D6B38778F07831A82B ] Impcd C:\windows\system32\DRIVERS\Impcd.sys
00:16:09.0700 2096 Impcd - ok
00:16:09.0784 2096 [ 4EA6B57A3B71FD1A208AF054E97FBA37 ] IntcDAud C:\windows\system32\DRIVERS\IntcDAud.sys
00:16:09.0788 2096 IntcDAud - ok
00:16:09.0835 2096 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\windows\system32\DRIVERS\intelide.sys
00:16:09.0836 2096 intelide - ok
00:16:09.0915 2096 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
00:16:09.0918 2096 intelppm - ok
00:16:09.0987 2096 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\windows\system32\ipbusenum.dll
00:16:09.0993 2096 IPBusEnum - ok
00:16:10.0082 2096 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
00:16:10.0089 2096 IpFilterDriver - ok
00:16:10.0136 2096 [ E4454B6C37D7FFD5649611F6496308A7 ] IPMIDRV C:\windows\system32\DRIVERS\IPMIDrv.sys
00:16:10.0141 2096 IPMIDRV - ok
00:16:10.0149 2096 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\windows\system32\drivers\ipnat.sys
00:16:10.0151 2096 IPNAT - ok
00:16:10.0236 2096 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\windows\system32\drivers\irenum.sys
00:16:10.0243 2096 IRENUM - ok
00:16:10.0289 2096 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\windows\system32\DRIVERS\isapnp.sys
00:16:10.0290 2096 isapnp - ok
00:16:10.0363 2096 [ ED46C223AE46C6866AB77CDC41C404B7 ] iScsiPrt C:\windows\system32\DRIVERS\msiscsi.sys
00:16:10.0368 2096 iScsiPrt - ok
00:16:10.0429 2096 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
00:16:10.0429 2096 kbdclass - ok
00:16:10.0533 2096 [ 3D9F0EBF350EDCFD6498057301455964 ] kbdhid C:\windows\system32\DRIVERS\kbdhid.sys
00:16:10.0536 2096 kbdhid - ok
00:16:10.0566 2096 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] KeyIso C:\windows\system32\lsass.exe
00:16:10.0568 2096 KeyIso - ok
00:16:11.0303 2096 [ 0263364ACB9C834ACE52FB85C2C064EC ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
00:16:11.0311 2096 KSecDD - ok
00:16:11.0356 2096 [ 27391DB553BE2A4E2B0ADEEA2873B2AF ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
00:16:11.0364 2096 KSecPkg - ok
00:16:11.0449 2096 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\windows\system32\msdtckrm.dll
00:16:11.0454 2096 KtmRm - ok
00:16:11.0527 2096 [ 8F6BF790D3168224C16F2AF68A84438C ] LanmanServer C:\windows\system32\srvsvc.dll
00:16:11.0531 2096 LanmanServer - ok
00:16:11.0638 2096 [ B9891F885DCF1F0513A51CB58493CB1F ] LanmanWorkstation C:\windows\System32\wkssvc.dll
00:16:11.0641 2096 LanmanWorkstation - ok
00:16:11.0789 2096 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
00:16:11.0793 2096 lltdio - ok
00:16:11.0861 2096 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\windows\System32\lltdsvc.dll
00:16:11.0867 2096 lltdsvc - ok
00:16:11.0977 2096 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\windows\System32\lmhsvc.dll
00:16:11.0980 2096 lmhosts - ok
00:16:12.0085 2096 [ 17A9C5FFA241AAAB275EE5CACEF77686 ] LMS C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe
00:16:12.0088 2096 LMS - ok
00:16:12.0182 2096 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\windows\system32\DRIVERS\lsi_fc.sys
00:16:12.0188 2096 LSI_FC - ok
00:16:12.0300 2096 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\windows\system32\DRIVERS\lsi_sas.sys
00:16:12.0304 2096 LSI_SAS - ok
00:16:12.0350 2096 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\windows\system32\DRIVERS\lsi_sas2.sys
00:16:12.0351 2096 LSI_SAS2 - ok
00:16:12.0410 2096 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\windows\system32\DRIVERS\lsi_scsi.sys
00:16:12.0414 2096 LSI_SCSI - ok
00:16:12.0516 2096 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\windows\system32\drivers\luafv.sys
00:16:12.0519 2096 luafv - ok
00:16:13.0596 2096 [ 39E75F7E4C913587C399016C2F29315E ] McAfeeFramework C:\Program Files\McAfee\Common Framework\FrameworkService.exe
00:16:13.0603 2096 McAfeeFramework - ok
00:16:13.0731 2096 [ 50182E471B44C7A0F63B46E2DEF08B0F ] McShield C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
00:16:13.0734 2096 McShield - ok
00:16:13.0862 2096 [ 113C20EB4982C5670F49718441BEE76D ] McTaskManager C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
00:16:13.0911 2096 McTaskManager - ok
00:16:13.0965 2096 [ E2B0887816ED336685954E3D8FDAA51D ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
00:16:13.0969 2096 Mcx2Svc - ok
00:16:14.0158 2096 [ 11F714F85530A2BD134074DC30E99FCA ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
00:16:14.0167 2096 MDM - ok
00:16:14.0220 2096 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\windows\system32\DRIVERS\megasas.sys
00:16:14.0221 2096 megasas - ok
00:16:14.0315 2096 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\windows\system32\DRIVERS\MegaSR.sys
00:16:14.0339 2096 MegaSR - ok
00:16:14.0547 2096 [ C0D975D64C1AF8057F2D75B1297A6979 ] mfeapfk C:\windows\system32\drivers\mfeapfk.sys
00:16:14.0549 2096 mfeapfk - ok
00:16:14.0853 2096 [ C169326049A8A03D5F905B34F5A65F8C ] mfeavfk C:\windows\system32\drivers\mfeavfk.sys
00:16:14.0854 2096 mfeavfk - ok
00:16:15.0092 2096 mfeavfk01 - ok
00:16:15.0544 2096 [ 50B0253B2484A306A20D8695C5AE5858 ] mfebopk C:\windows\system32\drivers\mfebopk.sys
00:16:15.0545 2096 mfebopk - ok
00:16:15.0681 2096 [ 188B40866DB2AB8EF262FEBC65291687 ] mfehidk C:\windows\system32\drivers\mfehidk.sys
00:16:15.0700 2096 mfehidk - ok
00:16:15.0781 2096 [ C1B30AF2E18E69BF8CEB39B33F32D3C1 ] mferkdet C:\windows\system32\drivers\mferkdet.sys
00:16:15.0785 2096 mferkdet - ok
00:16:15.0909 2096 [ 49C8E20D178BE981FF28523A942A570F ] mfevtp C:\windows\system32\mfevtps.exe
00:16:15.0914 2096 mfevtp - ok
00:16:15.0989 2096 [ 451B49F0E10D6058CED5B56852D82C8B ] mfewfpk C:\windows\system32\drivers\mfewfpk.sys
00:16:15.0993 2096 mfewfpk - ok
00:16:16.0034 2096 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\windows\system32\mmcss.dll
00:16:16.0038 2096 MMCSS - ok
00:16:16.0089 2096 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\windows\system32\drivers\modem.sys
00:16:16.0096 2096 Modem - ok
00:16:16.0401 2096 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\windows\system32\DRIVERS\monitor.sys
00:16:16.0404 2096 monitor - ok
00:16:17.0796 2096 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
00:16:17.0797 2096 mouclass - ok
00:16:17.0928 2096 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
00:16:17.0931 2096 mouhid - ok
00:16:18.0069 2096 [ 921C18727C5920D6C0300736646931C2 ] mountmgr C:\windows\system32\drivers\mountmgr.sys
00:16:18.0077 2096 mountmgr - ok
00:16:18.0109 2096 [ 2AF5997438C55FB79D33D015C30E1974 ] mpio C:\windows\system32\DRIVERS\mpio.sys
00:16:18.0115 2096 mpio - ok
00:16:18.0194 2096 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
00:16:18.0198 2096 mpsdrv - ok
00:16:18.0228 2096 [ B1BE47008D20E43DA3ADC37C24CDB89D ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
00:16:18.0231 2096 MRxDAV - ok
00:16:18.0339 2096 [ CA7570E42522E24324A12161DB14EC02 ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
00:16:18.0343 2096 mrxsmb - ok
00:16:18.0438 2096 [ F965C3AB2B2AE5C378F4562486E35051 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
00:16:18.0444 2096 mrxsmb10 - ok
00:16:18.0509 2096 [ 25C38264A3C72594DD21D355D70D7A5D ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
00:16:18.0514 2096 mrxsmb20 - ok
00:16:18.0550 2096 [ 4326D168944123F38DD3B2D9C37A0B12 ] msahci C:\windows\system32\DRIVERS\msahci.sys
00:16:18.0551 2096 msahci - ok
00:16:18.0560 2096 [ 455029C7174A2DBB03DBA8A0D8BDDD9A ] msdsm C:\windows\system32\DRIVERS\msdsm.sys
00:16:18.0561 2096 msdsm - ok
00:16:18.0833 2096 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\windows\System32\msdtc.exe
00:16:18.0881 2096 MSDTC - ok
00:16:19.0591 2096 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\windows\system32\drivers\Msfs.sys
00:16:19.0595 2096 Msfs - ok
00:16:19.0645 2096 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
00:16:19.0652 2096 mshidkmdf - ok
00:16:19.0752 2096 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\windows\system32\DRIVERS\msisadrv.sys
00:16:19.0753 2096 msisadrv - ok
00:16:19.0874 2096 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\windows\system32\iscsiexe.dll
00:16:19.0884 2096 MSiSCSI - ok
00:16:19.0887 2096 msiserver - ok
00:16:19.0948 2096 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
00:16:19.0970 2096 MSKSSRV - ok
00:16:20.0032 2096 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
00:16:20.0053 2096 MSPCLOCK - ok
00:16:20.0090 2096 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
00:16:20.0099 2096 MSPQM - ok
00:16:20.0161 2096 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\windows\system32\drivers\MsRPC.sys
00:16:20.0164 2096 MsRPC - ok
00:16:20.0201 2096 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\windows\system32\DRIVERS\mssmbios.sys
00:16:20.0202 2096 mssmbios - ok
00:16:20.0497 2096 MSSQL$SQLEXPRESS - ok
00:16:22.0236 2096 MSSQLSERVER - ok
00:16:22.0500 2096 [ 8E8E74C953EB0C4F8828D99D6F27FD6F ] MSSQLServerADHelper100 c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
00:16:22.0503 2096 MSSQLServerADHelper100 - ok
00:16:22.0886 2096 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
00:16:22.0900 2096 MSTEE - ok
00:16:22.0934 2096 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\windows\system32\DRIVERS\MTConfig.sys
00:16:22.0991 2096 MTConfig - ok
00:16:23.0035 2096 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\windows\system32\Drivers\mup.sys
00:16:23.0036 2096 Mup - ok
00:16:23.0161 2096 [ 80284F1985C70C86F0B5F86DA2DFE1DF ] napagent C:\windows\system32\qagentRT.dll
00:16:23.0601 2096 napagent - ok
00:16:23.0686 2096 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
00:16:23.0690 2096 NativeWifiP - ok
00:16:23.0772 2096 [ 23759D175A0A9BAAF04D05047BC135A8 ] NDIS C:\windows\system32\drivers\ndis.sys
00:16:23.0814 2096 NDIS - ok
00:16:23.0884 2096 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
00:16:23.0887 2096 NdisCap - ok
00:16:23.0919 2096 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
00:16:23.0926 2096 NdisTapi - ok
00:16:23.0961 2096 [ B30AE7F2B6D7E343B0DF32E6C08FCE75 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
00:16:23.0969 2096 Ndisuio - ok
00:16:24.0025 2096 [ 267C415EADCBE53C9CA873DEE39CF3A4 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
00:16:24.0031 2096 NdisWan - ok
00:16:24.0099 2096 [ AF7E7C63DCEF3F8772726F86039D6EB4 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
00:16:24.0103 2096 NDProxy - ok
00:16:24.0245 2096 [ A081CB6FB9A12668F233EB5414BE3A0E ] Net Driver HPZ12 C:\windows\system32\HPZinw12.dll
00:16:24.0251 2096 Net Driver HPZ12 - ok
00:16:24.0295 2096 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
00:16:24.0302 2096 NetBIOS - ok
00:16:24.0361 2096 [ DD52A733BF4CA5AF84562A5E2F963B91 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
00:16:24.0366 2096 NetBT - ok
00:16:24.0403 2096 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] Netlogon C:\windows\system32\lsass.exe
00:16:24.0404 2096 Netlogon - ok
00:16:24.0500 2096 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\windows\System32\netman.dll
00:16:24.0517 2096 Netman - ok
00:16:25.0555 2096 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
00:16:25.0580 2096 NetMsmqActivator - ok
00:16:25.0610 2096 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
00:16:25.0612 2096 NetPipeActivator - ok
00:16:25.0848 2096 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\windows\System32\netprofm.dll
00:16:25.0906 2096 netprofm - ok
00:16:25.0911 2096 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
00:16:25.0913 2096 NetTcpActivator - ok
00:16:25.0916 2096 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
00:16:25.0918 2096 NetTcpPortSharing - ok
00:16:27.0953 2096 [ 5B2DFA9C5C02DDF2A113CC0F551B59DF ] NETw5s32 C:\windows\system32\DRIVERS\NETw5s32.sys
00:16:28.0117 2096 NETw5s32 - ok
00:16:28.0173 2096 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\windows\system32\DRIVERS\nfrd960.sys
00:16:28.0174 2096 nfrd960 - ok
00:16:28.0345 2096 [ 2226496E34BD40734946A054B1CD657F ] NlaSvc C:\windows\System32\nlasvc.dll
00:16:28.0394 2096 NlaSvc - ok
00:16:28.0420 2096 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\windows\system32\drivers\Npfs.sys
00:16:28.0425 2096 Npfs - ok
00:16:28.0509 2096 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\windows\system32\nsisvc.dll
00:16:28.0516 2096 nsi - ok
00:16:28.0555 2096 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
00:16:28.0570 2096 nsiproxy - ok
00:16:29.0722 2096 [ 187002CE05693C306F43C873F821381F ] Ntfs C:\windows\system32\drivers\Ntfs.sys
00:16:29.0780 2096 Ntfs - ok
00:16:29.0875 2096 [ F9756A98D69098DCA8945D62858A812C ] Null C:\windows\system32\drivers\Null.sys
00:16:29.0877 2096 Null - ok
00:16:29.0973 2096 [ F1B0BED906F97E16F6D0C3629D2F21C6 ] nvraid C:\windows\system32\drivers\nvraid.sys
00:16:29.0976 2096 nvraid - ok
00:16:30.0037 2096 [ 4520B63899E867F354EE012D34E11536 ] nvstor C:\windows\system32\drivers\nvstor.sys
00:16:30.0044 2096 nvstor - ok
00:16:30.0133 2096 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\windows\system32\DRIVERS\nv_agp.sys
00:16:30.0142 2096 nv_agp - ok
00:16:30.0183 2096 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\windows\system32\DRIVERS\ohci1394.sys
00:16:30.0189 2096 ohci1394 - ok
00:16:30.0246 2096 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
00:16:30.0251 2096 ose - ok
00:16:30.0841 2096 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
00:16:31.0291 2096 osppsvc - ok
00:16:31.0839 2096 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\windows\system32\pnrpsvc.dll
00:16:31.0937 2096 p2pimsvc - ok
00:16:32.0162 2096 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\windows\system32\p2psvc.dll
00:16:32.0210 2096 p2psvc - ok
00:16:32.0284 2096 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\windows\system32\DRIVERS\parport.sys
00:16:32.0287 2096 Parport - ok
00:16:32.0370 2096 [ 66D3415C159741ADE7038A277EFFF99F ] partmgr C:\windows\system32\drivers\partmgr.sys
00:16:32.0371 2096 partmgr - ok
00:16:32.0381 2096 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\windows\system32\DRIVERS\parvdm.sys
00:16:32.0387 2096 Parvdm - ok
00:16:32.0436 2096 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\windows\System32\pcasvc.dll
00:16:32.0442 2096 PcaSvc - ok
00:16:32.0474 2096 [ C858CB77C577780ECC456A892E7E7D0F ] pci C:\windows\system32\DRIVERS\pci.sys
00:16:32.0479 2096 pci - ok
00:16:32.0521 2096 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\windows\system32\DRIVERS\pciide.sys
00:16:32.0522 2096 pciide - ok
00:16:32.0604 2096 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\windows\system32\DRIVERS\pcmcia.sys
00:16:32.0605 2096 pcmcia - ok
00:16:33.0385 2096 [ 5B6C11DE7E839C05248CED8825470FEF ] pcouffin C:\windows\system32\Drivers\pcouffin.sys
00:16:33.0387 2096 pcouffin - ok
00:16:33.0448 2096 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\windows\system32\drivers\pcw.sys
00:16:33.0448 2096 pcw - ok
00:16:33.0608 2096 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\windows\system32\drivers\peauth.sys
00:16:33.0679 2096 PEAUTH - ok
00:16:33.0855 2096 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\windows\system32\peerdistsvc.dll
00:16:33.0970 2096 PeerDistSvc - ok
00:16:34.0093 2096 [ DA86016F0672ADA925F589EDE715F185 ] pfc C:\windows\system32\drivers\pfc.sys
00:16:34.0097 2096 pfc - ok
00:16:34.0531 2096 [ 9C1BFF7910C89A1D12E57343475840CB ] pla C:\windows\system32\pla.dll
00:16:35.0369 2096 pla - ok
00:16:35.0455 2096 [ 71DEF5EC79774C798342D0EA16E41780 ] PlugPlay C:\windows\system32\umpnpmgr.dll
00:16:35.0461 2096 PlugPlay - ok
00:16:35.0581 2096 [ 65BC271F337637731D3C71455AE1F476 ] Pml Driver HPZ12 C:\windows\system32\HPZipm12.dll
00:16:35.0590 2096 Pml Driver HPZ12 - ok
00:16:35.0627 2096 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
00:16:35.0630 2096 PNRPAutoReg - ok
00:16:35.0711 2096 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\windows\system32\pnrpsvc.dll
00:16:35.0714 2096 PNRPsvc - ok
00:16:35.0820 2096 [ 48E1B75C6DC0232FD92BAAE4BD344721 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
00:16:35.0867 2096 PolicyAgent - ok
00:16:35.0920 2096 [ DBFF83F709A91049621C1D35DD45C92C ] Power C:\windows\system32\umpo.dll
00:16:35.0925 2096 Power - ok
00:16:36.0005 2096 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
00:16:36.0010 2096 PptpMiniport - ok
00:16:36.0094 2096 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\windows\system32\DRIVERS\processr.sys
00:16:36.0098 2096 Processor - ok
00:16:36.0158 2096 [ AEA3BDBDBA667AA6F678CB38907E4F5E ] ProfSvc C:\windows\system32\profsvc.dll
00:16:36.0165 2096 ProfSvc - ok
00:16:36.0193 2096 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] ProtectedStorage C:\windows\system32\lsass.exe
00:16:36.0194 2096 ProtectedStorage - ok
00:16:36.0265 2096 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\windows\system32\DRIVERS\pacer.sys
00:16:36.0270 2096 Psched - ok
00:16:36.0368 2096 [ 297E2746DF41528A0950F3AF80CEDB2D ] pwdrvio C:\windows\system32\pwdrvio.sys
00:16:36.0371 2096 pwdrvio - ok
00:16:36.0472 2096 [ BC7D54CDBE3BBFE52F09CB7B20C3D365 ] pwdspio C:\windows\system32\pwdspio.sys
00:16:36.0477 2096 pwdspio - ok
00:16:37.0246 2096 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\windows\system32\DRIVERS\ql2300.sys
00:16:37.0329 2096 ql2300 - ok
00:16:37.0375 2096 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\windows\system32\DRIVERS\ql40xx.sys
00:16:37.0377 2096 ql40xx - ok
00:16:37.0510 2096 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\windows\system32\qwave.dll
00:16:37.0584 2096 QWAVE - ok
00:16:37.0625 2096 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
00:16:37.0628 2096 QWAVEdrv - ok
00:16:37.0659 2096 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
00:16:37.0664 2096 RasAcd - ok
00:16:37.0709 2096 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
00:16:37.0712 2096 RasAgileVpn - ok
00:16:37.0745 2096 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\windows\System32\rasauto.dll
00:16:37.0754 2096 RasAuto - ok
00:16:37.0785 2096 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
00:16:37.0788 2096 Rasl2tp - ok
00:16:37.0842 2096 [ 0CE66EC736B7FC526D78F7624C7D2A94 ] RasMan C:\windows\System32\rasmans.dll
00:16:37.0847 2096 RasMan - ok
00:16:37.0877 2096 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
00:16:37.0879 2096 RasPppoe - ok
00:16:37.0932 2096 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
00:16:37.0935 2096 RasSstp - ok
00:16:38.0072 2096 [ 835D7E81BF517A3B72384BDCC85E1CE6 ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
00:16:38.0121 2096 rdbss - ok
00:16:38.0165 2096 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\windows\system32\DRIVERS\rdpbus.sys
00:16:38.0168 2096 rdpbus - ok
00:16:38.0235 2096 [ 1E016846895B15A99F9A176A05029075 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
00:16:38.0239 2096 RDPCDD - ok
00:16:38.0354 2096 [ C5FF95883FFEF704D50C40D21CFB3AB5 ] RDPDR C:\windows\system32\drivers\rdpdr.sys
00:16:38.0359 2096 RDPDR - ok
00:16:38.0423 2096 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
00:16:38.0426 2096 RDPENCDD - ok
00:16:38.0455 2096 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
00:16:38.0457 2096 RDPREFMP - ok
00:16:38.0503 2096 [ C5B8D47A4688DE9D335204EA757C2240 ] RDPWD C:\windows\system32\drivers\RDPWD.sys
00:16:38.0506 2096 RDPWD - ok
00:16:38.0554 2096 [ 4EA225BF1CF05E158853F30A99CA29A7 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
00:16:38.0561 2096 rdyboost - ok
00:16:39.0715 2096 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\windows\System32\mprdim.dll
00:16:39.0723 2096 RemoteAccess - ok
00:16:39.0775 2096 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\windows\system32\regsvc.dll
00:16:39.0778 2096 RemoteRegistry - ok
00:16:39.0910 2096 [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM C:\windows\system32\DRIVERS\rfcomm.sys
00:16:39.0919 2096 RFCOMM - ok
00:16:40.0077 2096 [ 559A9654F993B2FAFE900043242874C2 ] rgsender c:\Program Files\Hewlett-Packard\HP SkyRoom\remote graphics sender\rgsendersvc.exe
00:16:40.0082 2096 rgsender - ok
00:16:40.0432 2096 [ F12A68ED55053940CADD59CA5E3468DD ] RichVideo C:\Program Files\CyberLink\Shared files\RichVideo.exe
00:16:40.0472 2096 RichVideo - ok
00:16:41.0503 2096 [ DF672613FBBCD58C38BB0BC2694BCFB0 ] rimmptsk C:\windows\system32\DRIVERS\rimmptsk.sys
00:16:41.0523 2096 rimmptsk - ok
00:16:41.0745 2096 [ E891F07815AF88075705EF6A248711F6 ] rimspci C:\windows\system32\DRIVERS\rimspe86.sys
00:16:41.0752 2096 rimspci - ok
00:16:41.0989 2096 [ 9BFB54D3559F2FF7301271D29D383564 ] rimsptsk C:\windows\system32\DRIVERS\rimsptsk.sys
00:16:42.0009 2096 rimsptsk - ok
00:16:42.0087 2096 [ 0F6756EF8BDA6DFA7BE50465C83132BB ] RimUsb C:\windows\system32\Drivers\RimUsb.sys
00:16:42.0091 2096 RimUsb - ok
00:16:42.0174 2096 [ D9B34325EE5DF78B8F28A3DE9F577C7D ] RimVSerPort C:\windows\system32\DRIVERS\RimSerial.sys
00:16:42.0177 2096 RimVSerPort - ok
00:16:42.0218 2096 [ D853D35F792A3A44726A794BF9A0BBC3 ] risdpcie C:\windows\system32\DRIVERS\risdpe86.sys
00:16:42.0224 2096 risdpcie - ok
00:16:42.0276 2096 [ 470FC46E2989F6606043C1C5365B15FD ] rismc32 C:\windows\system32\DRIVERS\rismc32.sys
00:16:42.0282 2096 rismc32 - ok
00:16:42.0317 2096 [ DCB87DA83CC1010CBC9FC4DC9E395BBC ] rismxdp C:\windows\system32\DRIVERS\rixdptsk.sys
00:16:42.0322 2096 rismxdp - ok
00:16:42.0391 2096 [ 6A60626412129C713CC30C81870A8095 ] rixdpcie C:\windows\system32\DRIVERS\rixdpe86.sys
00:16:42.0398 2096 rixdpcie - ok
00:16:42.0469 2096 [ 564297827D213F52C7A3A2FF749568CA ] ROOTMODEM C:\windows\system32\Drivers\RootMdm.sys
00:16:42.0474 2096 ROOTMODEM - ok
00:16:42.0571 2096 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
00:16:42.0576 2096 RpcEptMapper - ok
00:16:43.0759 2096 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\windows\system32\locator.exe
00:16:43.0761 2096 RpcLocator - ok
00:16:43.0877 2096 [ B82CD39E336973359D7C9BF911E8E84F ] RpcSs C:\windows\system32\rpcss.dll
00:16:43.0880 2096 RpcSs - ok
00:16:43.0986 2096 [ A95840A95A9FF74B0009E5D848CDDB39 ] RsFx0150 C:\windows\system32\DRIVERS\RsFx0150.sys
00:16:43.0991 2096 RsFx0150 - ok
00:16:44.0138 2096 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
00:16:44.0141 2096 rspndr - ok
00:16:44.0169 2096 [ 5423D8437051E89DD34749F242C98648 ] s3cap C:\windows\system32\DRIVERS\vms3cap.sys
00:16:44.0173 2096 s3cap - ok
00:16:44.0203 2096 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] SamSs C:\windows\system32\lsass.exe
00:16:44.0205 2096 SamSs - ok
00:16:44.0276 2096 [ 34EE0C44B724E3E4CE2EFF29126DE5B5 ] sbp2port C:\windows\system32\DRIVERS\sbp2port.sys
00:16:44.0279 2096 sbp2port - ok
00:16:44.0331 2096 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\windows\System32\SCardSvr.dll
00:16:44.0334 2096 SCardSvr - ok
00:16:44.0362 2096 [ A95C54B2AC3CC9C73FCDF9E51A1D6B51 ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
00:16:44.0370 2096 scfilter - ok
00:16:44.0478 2096 [ DF1E5C82E4D09CF8105CC644980C4803 ] Schedule C:\windows\system32\schedsvc.dll
00:16:44.0518 2096 Schedule - ok
00:16:45.0358 2096 [ 628A9E30EC5E18DD5DE6BE4DBDC12198 ] SCPolicySvc C:\windows\System32\certprop.dll
00:16:45.0359 2096 SCPolicySvc - ok
00:16:45.0687 2096 [ AA826E35F6D28A8E5D1EFEB337F24BA2 ] sdbus C:\windows\system32\DRIVERS\sdbus.sys
00:16:45.0696 2096 sdbus - ok
00:16:45.0798 2096 [ 5FD90ABDBFAEE85986802622CBB03446 ] SDRSVC C:\windows\System32\SDRSVC.dll
00:16:45.0804 2096 SDRSVC - ok
00:16:45.0877 2096 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\windows\system32\drivers\secdrv.sys
00:16:45.0883 2096 secdrv - ok
00:16:45.0957 2096 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\windows\system32\seclogon.dll
00:16:45.0960 2096 seclogon - ok
00:16:45.0999 2096 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\windows\System32\sens.dll
00:16:46.0003 2096 SENS - ok
00:16:46.0169 2096 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\windows\system32\sensrsvc.dll
00:16:46.0174 2096 SensrSvc - ok
00:16:46.0357 2096 [ AC1F2A09B76B57356F906EEDA43CCC2A ] Ser2pl C:\windows\system32\DRIVERS\ser2pl.sys
00:16:46.0365 2096 Ser2pl - ok
00:16:46.0465 2096 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\windows\system32\DRIVERS\serenum.sys
00:16:46.0467 2096 Serenum - ok
00:16:46.0530 2096 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\windows\system32\DRIVERS\serial.sys
00:16:46.0533 2096 Serial - ok
00:16:46.0580 2096 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\windows\system32\DRIVERS\sermouse.sys
00:16:46.0584 2096 sermouse - ok
00:16:46.0681 2096 [ 8F55CE568C543D5ADF45C409D16718FC ] SessionEnv C:\windows\system32\sessenv.dll
00:16:47.0210 2096 SessionEnv - ok
00:16:47.0331 2096 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\windows\system32\DRIVERS\sffdisk.sys
00:16:47.0336 2096 sffdisk - ok
00:16:47.0521 2096 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\windows\system32\DRIVERS\sffp_mmc.sys
00:16:47.0539 2096 sffp_mmc - ok
00:16:47.0564 2096 [ A0708BBD07D245C06FF9DE549CA47185 ] sffp_sd C:\windows\system32\DRIVERS\sffp_sd.sys
00:16:47.0588 2096 sffp_sd - ok
00:16:47.0807 2096 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\windows\system32\DRIVERS\sfloppy.sys
00:16:47.0815 2096 sfloppy - ok
00:16:47.0873 2096 [ CD2E48FA5B29EE2B3B5858056D246EF2 ] ShellHWDetection C:\windows\System32\shsvcs.dll
00:16:47.0888 2096 ShellHWDetection - ok
00:16:48.0209 2096 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\windows\system32\DRIVERS\sisagp.sys
00:16:48.0213 2096 sisagp - ok
00:16:48.0259 2096 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\windows\system32\DRIVERS\SiSRaid2.sys
00:16:48.0260 2096 SiSRaid2 - ok
00:16:48.0309 2096 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\windows\system32\DRIVERS\sisraid4.sys
00:16:48.0311 2096 SiSRaid4 - ok
00:16:48.0430 2096 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\windows\system32\DRIVERS\smb.sys
00:16:48.0434 2096 Smb - ok
00:16:48.0553 2096 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\windows\System32\snmptrap.exe
00:16:48.0558 2096 SNMPTRAP - ok
00:16:49.0983 2096 [ 4D8A49526AA035B1A8FF3FE6807783F5 ] SNP2UVC C:\windows\system32\DRIVERS\snp2uvc.sys
00:16:49.0992 2096 SNP2UVC - ok
00:16:50.0027 2096 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\windows\system32\drivers\spldr.sys
00:16:50.0028 2096 spldr - ok
00:16:50.0125 2096 [ D1BB750EB51694DE183E08B9C33BE5B2 ] Spooler C:\windows\System32\spoolsv.exe
00:16:50.0141 2096 Spooler - ok
00:16:50.0706 2096 [ 4C287F9069FEDBD791178876EE9DE536 ] sppsvc C:\windows\system32\sppsvc.exe
00:16:50.0818 2096 sppsvc - ok
00:16:51.0578 2096 [ D8E3E19EEBDAB49DD4A8D3062EAD4EC7 ] sppuinotify C:\windows\system32\sppuinotify.dll
00:16:51.0581 2096 sppuinotify - ok
00:16:51.0785 2096 [ 71E276F6D189413266EA22171806597B ] sptd C:\windows\system32\Drivers\sptd.sys
00:16:51.0837 2096 sptd - ok
00:16:52.0110 2096 [ 2FE97C829ACCF0ACFC595CF33EA42247 ] SpyHunter 4 Service C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
00:16:52.0115 2096 SpyHunter 4 Service - ok
00:16:52.0265 2096 [ D39B8DEE1566C30858216521998F382F ] SQLAgent$SQLEXPRESS c:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
00:16:52.0288 2096 SQLAgent$SQLEXPRESS - ok
00:16:52.0471 2096 [ 7D67C07C63796775CC5492BCFEAFF125 ] SQLBrowser c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
00:16:52.0475 2096 SQLBrowser - ok
00:16:52.0658 2096 [ D39B8DEE1566C30858216521998F382F ] SQLSERVERAGENT c:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE
00:16:52.0703 2096 SQLSERVERAGENT - ok
00:16:53.0157 2096 [ 8E6E5CFA06769A417B03FD6FAA29E010 ] SQLWriter c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
00:16:53.0167 2096 SQLWriter - ok
00:16:53.0275 2096 [ C4A027B8C0BD3FC0699F41FA5E9E0C87 ] srv C:\windows\system32\DRIVERS\srv.sys
00:16:53.0290 2096 srv - ok
00:16:53.0716 2096 [ 414BB592CAD8A79649D01F9D94318FB3 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
00:16:53.0720 2096 srv2 - ok
00:16:53.0757 2096 [ FF207D67700AA18242AAF985D3E7D8F4 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
00:16:53.0760 2096 srvnet - ok
00:16:53.0845 2096 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
00:16:53.0894 2096 SSDPSRV - ok
00:16:53.0973 2096 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\windows\system32\sstpsvc.dll
00:16:53.0980 2096 SstpSvc - ok
00:16:55.0749 2096 [ 9AF3F5F93041DCEF4DC9E1B07F0CC609 ] STacSV C:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_1fb74af29935fce6\STacSV.exe
00:16:55.0756 2096 STacSV - ok
00:16:55.0800 2096 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\windows\system32\DRIVERS\stexstor.sys
00:16:55.0801 2096 stexstor - ok
00:16:55.0951 2096 [ B205DE6202B6A019403CF6395D047CA8 ] STHDA C:\windows\system32\DRIVERS\stwrt.sys
00:16:56.0006 2096 STHDA - ok
00:16:56.0105 2096 [ A22825E7BB7018E8AF3E229A5AF17221 ] StiSvc C:\windows\System32\wiaservc.dll
00:16:56.0112 2096 StiSvc - ok
00:16:56.0137 2096 [ 957E346CA948668F2496A6CCF6FF82CC ] storflt C:\windows\system32\DRIVERS\vmstorfl.sys
00:16:56.0138 2096 storflt - ok
00:16:56.0210 2096 [ 0BF669F0A910BEDA4A32258D363AF2A5 ] StorSvc C:\windows\system32\storsvc.dll
00:16:56.0218 2096 StorSvc - ok
00:16:56.0310 2096 [ D5751969DC3E4B88BF482AC8EC9FE019 ] storvsc C:\windows\system32\DRIVERS\storvsc.sys
00:16:56.0310 2096 storvsc - ok
00:16:56.0380 2096 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\windows\system32\DRIVERS\swenum.sys
00:16:56.0381 2096 swenum - ok
00:16:56.0520 2096 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\windows\System32\swprv.dll
00:16:56.0593 2096 swprv - ok
00:16:57.0734 2096 [ 0E8676FB3BB95AA40FDF7A4A31018C8B ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
00:16:57.0741 2096 SynTP - ok
00:16:57.0924 2096 [ 04105C8DA62353589C29BDAEB8D88BD8 ] SysMain C:\windows\system32\sysmain.dll
00:16:57.0981 2096 SysMain - ok
00:16:58.0019 2096 [ FCFB6C552FBC0DA299799CBD50AD9FD4 ] TabletInputService C:\windows\System32\TabSvc.dll
00:16:58.0022 2096 TabletInputService - ok
00:16:58.0059 2096 [ 2F46B0C70A4ADC8C90CF825DA3B4FEAF ] TapiSrv C:\windows\System32\tapisrv.dll
00:16:58.0063 2096 TapiSrv - ok
00:16:58.0117 2096 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\windows\System32\tbssvc.dll
00:16:58.0122 2096 TBS - ok
00:16:58.0350 2096 [ 55E9965552741F3850CB22CBBA9671ED ] Tcpip C:\windows\system32\drivers\tcpip.sys
00:16:58.0408 2096 Tcpip - ok
00:16:58.0480 2096 [ 55E9965552741F3850CB22CBBA9671ED ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
00:16:58.0486 2096 TCPIP6 - ok
00:16:59.0641 2096 [ E64444523ADD154F86567C469BC0B17F ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
00:16:59.0645 2096 tcpipreg - ok
00:16:59.0701 2096 [ 1875C1490D99E70E449E3AFAE9FCBADF ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
00:16:59.0719 2096 TDPIPE - ok
00:16:59.0818 2096 [ 7156308896D34EA75A582F9A09E50C17 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
00:16:59.0823 2096 TDTCP - ok
00:16:59.0907 2096 [ CB39E896A2A83702D1737BFD402B3542 ] tdx C:\windows\system32\DRIVERS\tdx.sys
00:16:59.0910 2096 tdx - ok
00:16:59.0945 2096 [ C36F41EE20E6999DBF4B0425963268A5 ] TermDD C:\windows\system32\DRIVERS\termdd.sys
00:16:59.0945 2096 TermDD - ok
00:17:00.0032 2096 [ A01E50A04D7B1960B33E92B9080E6A94 ] TermService C:\windows\System32\termsrv.dll
00:17:00.0040 2096 TermService - ok
00:17:00.0215 2096 [ 9D4BBD6E27B5562AEA8295DE7134E386 ] thdudf C:\windows\system32\DRIVERS\thdudf.sys
00:17:00.0222 2096 thdudf - ok
00:17:00.0282 2096 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\windows\system32\themeservice.dll
00:17:00.0288 2096 Themes - ok
00:17:00.0388 2096 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\windows\system32\mmcss.dll
00:17:00.0390 2096 THREADORDER - ok
00:17:00.0522 2096 [ CE92B84ED806F1C5C340A51DFD3E49BC ] TlntSvr C:\windows\System32\tlntsvr.exe
00:17:00.0529 2096 TlntSvr - ok
00:17:00.0911 2096 [ 5AD05191DC8B444A7BA4D79B76C42A30 ] TPM C:\windows\system32\drivers\tpm.sys
00:17:00.0928 2096 TPM - ok
00:17:01.0615 2096 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\windows\System32\trkwks.dll
00:17:01.0620 2096 TrkWks - ok
00:17:01.0773 2096 [ 41A4C781D2286208D397D72099304133 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
00:17:01.0775 2096 TrustedInstaller - ok
00:17:01.0818 2096 [ 98AE6FA07D12CB4EC5CF4A9BFA5F4242 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
00:17:01.0822 2096 tssecsrv - ok
00:17:01.0930 2096 [ 3E461D890A97F9D4C168F5FDA36E1D00 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
00:17:01.0933 2096 tunnel - ok
00:17:01.0968 2096 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\windows\system32\DRIVERS\uagp35.sys
00:17:01.0976 2096 uagp35 - ok
00:17:02.0148 2096 [ 2EFEE45A340E1590E37C2F2BAC16D051 ] udfs C:\windows\system32\DRIVERS\udfs.sys
00:17:02.0157 2096 udfs - ok
00:17:02.0219 2096 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\windows\system32\UI0Detect.exe
00:17:02.0221 2096 UI0Detect - ok
00:17:02.0258 2096 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\windows\system32\DRIVERS\uliagpkx.sys
00:17:02.0261 2096 uliagpkx - ok
00:17:02.0301 2096 [ 049B3A50B3D646BAEEEE9EEC9B0668DC ] umbus C:\windows\system32\DRIVERS\umbus.sys
00:17:02.0304 2096 umbus - ok
00:17:02.0368 2096 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\windows\system32\DRIVERS\umpass.sys
00:17:02.0375 2096 UmPass - ok
00:17:02.0447 2096 [ 8ECACA5454844F66386F7BE4AE0D7CD1 ] UmRdpService C:\windows\System32\umrdp.dll
00:17:02.0451 2096 UmRdpService - ok
00:17:03.0625 2096 [ 7953D636309B7F505C70667A7A2437CF ] UNS C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe
00:17:03.0684 2096 UNS - ok
00:17:03.0750 2096 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\windows\System32\upnphost.dll
00:17:03.0755 2096 upnphost - ok
00:17:03.0870 2096 [ 83CAFCB53201BBAC04D822F32438E244 ] USBAAPL C:\windows\system32\Drivers\usbaapl.sys
00:17:03.0873 2096 USBAAPL - ok
00:17:04.0044 2096 [ 2436A42AAB4AD48A9B714E5B0F344627 ] usbaudio C:\windows\system32\drivers\usbaudio.sys
00:17:04.0048 2096 usbaudio - ok
00:17:04.0106 2096 [ 5C233AEFB566EE78C1EFBC0493FB066A ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
00:17:04.0115 2096 usbccgp - ok
00:17:04.0153 2096 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\windows\system32\DRIVERS\usbcir.sys
00:17:04.0156 2096 usbcir - ok
00:17:04.0254 2096 [ 5B71019A6ACA0116FD21B368F19C0B91 ] usbehci C:\windows\system32\drivers\usbehci.sys
00:17:04.0259 2096 usbehci - ok
00:17:04.0357 2096 [ 5823D3965C2A4F6F785ED1A3B403F3B8 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
00:17:04.0366 2096 usbhub - ok
00:17:04.0413 2096 [ E753ED6C49DA13967EBABF9EA616454A ] usbohci C:\windows\system32\drivers\usbohci.sys
00:17:04.0416 2096 usbohci - ok
00:17:04.0480 2096 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
00:17:04.0483 2096 usbprint - ok
00:17:04.0555 2096 [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan C:\windows\system32\DRIVERS\usbscan.sys
00:17:04.0562 2096 usbscan - ok
00:17:04.0594 2096 [ 1C4287739A93594E57E2A9E6A3ED7353 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
00:17:04.0595 2096 USBSTOR - ok
00:17:05.0335 2096 [ 6A30928A469CE802600E1EA8C0F2F53F ] usbuhci C:\windows\system32\drivers\usbuhci.sys
00:17:05.0339 2096 usbuhci - ok
00:17:05.0447 2096 [ B5F6A992D996282B7FAE7048E50AF83A ] usbvideo C:\windows\System32\Drivers\usbvideo.sys
00:17:05.0456 2096 usbvideo - ok
00:17:05.0515 2096 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\windows\System32\uxsms.dll
00:17:05.0523 2096 UxSms - ok
00:17:05.0621 2096 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] VaultSvc C:\windows\system32\lsass.exe
00:17:05.0622 2096 VaultSvc - ok
00:17:05.0925 2096 [ D1EC95E67402EC65953937101338CBBF ] vcsFPService C:\windows\system32\vcsFPService.exe
00:17:06.0009 2096 vcsFPService - ok
00:17:06.0083 2096 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\windows\system32\DRIVERS\vdrvroot.sys
00:17:06.0085 2096 vdrvroot - ok
00:17:06.0240 2096 [ 8C4E7C49D3641BC9E299E466A7F8867D ] vds C:\windows\System32\vds.exe
00:17:06.0304 2096 vds - ok
00:17:06.0548 2096 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\windows\system32\DRIVERS\vgapnp.sys
00:17:06.0557 2096 vga - ok
00:17:07.0117 2096 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\windows\System32\drivers\vga.sys
00:17:07.0120 2096 VgaSave - ok
00:17:07.0163 2096 [ 3BE6E1F3A4F1AFEC8CEE0D7883F93583 ] vhdmp C:\windows\system32\DRIVERS\vhdmp.sys
00:17:07.0166 2096 vhdmp - ok
00:17:07.0221 2096 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\windows\system32\DRIVERS\viaagp.sys
00:17:07.0225 2096 viaagp - ok
00:17:07.0271 2096 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\windows\system32\DRIVERS\viac7.sys
00:17:07.0274 2096 ViaC7 - ok
00:17:07.0381 2096 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\windows\system32\DRIVERS\viaide.sys
00:17:07.0382 2096 viaide - ok
00:17:07.0407 2096 [ 379B349F65F453D2A6E75EA6B7448E49 ] vmbus C:\windows\system32\DRIVERS\vmbus.sys
00:17:07.0409 2096 vmbus - ok
00:17:07.0448 2096 [ EC2BBAB4B84D0738C6C83D2234DC36FE ] VMBusHID C:\windows\system32\DRIVERS\VMBusHID.sys
00:17:07.0451 2096 VMBusHID - ok
00:17:07.0505 2096 [ 384E5A2AA49934295171E499F86BA6F3 ] volmgr C:\windows\system32\DRIVERS\volmgr.sys
00:17:07.0506 2096 volmgr - ok
00:17:07.0557 2096 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\windows\system32\drivers\volmgrx.sys
00:17:07.0561 2096 volmgrx - ok
00:17:07.0591 2096 [ 58DF9D2481A56EDDE167E51B334D44FD ] volsnap C:\windows\system32\DRIVERS\volsnap.sys
00:17:07.0596 2096 volsnap - ok
00:17:07.0721 2096 [ 33E74DF34753FCAAB06F6F2BDC8CABF5 ] vpcbus C:\windows\system32\DRIVERS\vpchbus.sys
00:17:07.0730 2096 vpcbus - ok
00:17:07.0792 2096 [ 5F04362CEB5FB5901037E9D9EADD3760 ] vpcnfltr C:\windows\system32\DRIVERS\vpcnfltr.sys
00:17:07.0793 2096 vpcnfltr - ok
00:17:07.0842 2096 [ 625088D6EE9EDE977FD03CF18D1CD5C5 ] vpcusb C:\windows\system32\DRIVERS\vpcusb.sys
00:17:07.0847 2096 vpcusb - ok
00:17:07.0889 2096 [ B21E23C100D6D5162B95CF6F05B4E035 ] vpcvmm C:\windows\system32\drivers\vpcvmm.sys
00:17:07.0891 2096 vpcvmm - ok
00:17:07.0961 2096 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\windows\system32\DRIVERS\vsmraid.sys
00:17:07.0964 2096 vsmraid - ok
00:17:08.0172 2096 [ 7EA2BCD94D9CFAF4C556F5CC94532A6C ] VSS C:\windows\system32\vssvc.exe
00:17:08.0232 2096 VSS - ok
00:17:08.0275 2096 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
00:17:08.0280 2096 vwifibus - ok
00:17:08.0341 2096 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
00:17:08.0343 2096 vwififlt - ok
00:17:08.0422 2096 [ A3F04CBEA6C2A10E6CB01F8B47611882 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
00:17:08.0425 2096 vwifimp - ok
00:17:08.0466 2096 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\windows\system32\w32time.dll
00:17:08.0472 2096 W32Time - ok
00:17:08.0584 2096 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\windows\system32\DRIVERS\wacompen.sys
00:17:08.0674 2096 WacomPen - ok
00:17:08.0760 2096 [ 692A712062146E96D28BA0B7D75DE31B ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
00:17:08.0818 2096 WANARP - ok
00:17:08.0850 2096 [ 692A712062146E96D28BA0B7D75DE31B ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
00:17:08.0851 2096 Wanarpv6 - ok
00:17:09.0851 2096 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
00:17:09.0915 2096 WatAdminSvc - ok
00:17:10.0096 2096 [ 7790B77FE1E5EE47DCC66247095BB4C9 ] wbengine C:\windows\system32\wbengine.exe
00:17:10.0153 2096 wbengine - ok
00:17:10.0185 2096 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
00:17:10.0193 2096 WbioSrvc - ok
00:17:10.0251 2096 [ 6D9B75275C3E3A5F51AEF81AFFADB2B6 ] wcncsvc C:\windows\System32\wcncsvc.dll
00:17:10.0256 2096 wcncsvc - ok
00:17:10.0309 2096 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
00:17:10.0312 2096 WcsPlugInService - ok
00:17:10.0367 2096 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\windows\system32\DRIVERS\wd.sys
00:17:10.0368 2096 Wd - ok
00:17:10.0474 2096 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
00:17:10.0515 2096 Wdf01000 - ok
00:17:10.0580 2096 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\windows\system32\wdi.dll
00:17:10.0585 2096 WdiServiceHost - ok
00:17:10.0591 2096 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\windows\system32\wdi.dll
00:17:10.0593 2096 WdiSystemHost - ok
00:17:11.0604 2096 [ BB5EC38F8D4600119B4720BC5D4211F1 ] WebClient C:\windows\System32\webclnt.dll
00:17:11.0612 2096 WebClient - ok
00:17:11.0668 2096 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\windows\system32\wecsvc.dll
00:17:11.0672 2096 Wecsvc - ok
00:17:11.0706 2096 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\windows\System32\wercplsupport.dll
00:17:11.0708 2096 wercplsupport - ok
00:17:11.0785 2096 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\windows\System32\WerSvc.dll
00:17:11.0788 2096 WerSvc - ok
00:17:11.0873 2096 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
00:17:11.0879 2096 WfpLwf - ok
00:17:11.0909 2096 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\windows\system32\drivers\wimmount.sys
00:17:11.0916 2096 WIMMount - ok
00:17:11.0923 2096 WinHttpAutoProxySvc - ok
00:17:12.0308 2096 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
00:17:12.0311 2096 Winmgmt - ok
00:17:12.0552 2096 [ C4F5D3901D1B41D602DDC196E0B95B51 ] WinRM C:\windows\system32\WsmSvc.dll
00:17:12.0601 2096 WinRM - ok
00:17:13.0550 2096 [ 30FC6E5448D0CBAAA95280EEEF7FEDAE ] WinUSB C:\windows\system32\DRIVERS\WinUSB.sys
00:17:13.0556 2096 WinUSB - ok
00:17:13.0728 2096 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\windows\System32\wlansvc.dll
00:17:13.0776 2096 Wlansvc - ok
00:17:13.0842 2096 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\windows\system32\DRIVERS\wmiacpi.sys
00:17:13.0847 2096 WmiAcpi - ok
00:17:13.0979 2096 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
00:17:13.0986 2096 wmiApSrv - ok
00:17:14.0202 2096 [ 77FBD400984CF72BA0FC4B3489D65F74 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
00:17:14.0251 2096 WMPNetworkSvc - ok
00:17:14.0285 2096 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\windows\System32\wpcsvc.dll
00:17:14.0290 2096 WPCSvc - ok
00:17:14.0363 2096 [ B7F658A2EBC07129538AD9AB35212637 ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
00:17:14.0368 2096 WPDBusEnum - ok
00:17:14.0483 2096 [ 3631678EB1244DD9327480AB06D66C50 ] WRG305 C:\windows\system32\DRIVERS\WRG305_XP32.sys
00:17:14.0485 2096 WRG305 - ok
00:17:14.0536 2096 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
00:17:14.0543 2096 ws2ifsl - ok
00:17:14.0547 2096 WSearch - ok
00:17:14.0577 2096 [ 6F9B6C0C93232CFF47D0F72D6DB1D21E ] WudfPf C:\windows\system32\drivers\WudfPf.sys
00:17:14.0582 2096 WudfPf - ok
00:17:15.0501 2096 [ F91FF1E51FCA30B3C3981DB7D5924252 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
00:17:15.0505 2096 WUDFRd - ok
00:17:15.0623 2096 [ DDEE3682FE97037C45F4D7AB467CB8B6 ] wudfsvc C:\windows\System32\WUDFSvc.dll
00:17:15.0628 2096 wudfsvc - ok
00:17:15.0704 2096 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\windows\System32\wwansvc.dll
00:17:15.0708 2096 WwanSvc - ok
00:17:15.0984 2096 [ 74EC37B9EAF9FCA015B933A526825C7A ] {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054} C:\Program Files\CyberLink\PowerDVD8\000.fcl
00:17:15.0985 2096 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054} - ok
00:17:15.0985 2096 ================ Scan global ===============================
00:17:16.0053 2096 [ 9A595DF601070DA78C40481120DD2C06 ] C:\windows\system32\basesrv.dll
00:17:16.0173 2096 [ 008F51AE989C3DF1CBAF8B39DC423CCC ] C:\windows\system32\winsrv.dll
00:17:16.0182 2096 [ 008F51AE989C3DF1CBAF8B39DC423CCC ] C:\windows\system32\winsrv.dll
00:17:16.0217 2096 [ 364455805E64882844EE9ACB72522830 ] C:\windows\system32\sxssrv.dll
00:17:16.0267 2096 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\windows\system32\services.exe
00:17:16.0275 2096 [Global] - ok
00:17:16.0276 2096 ================ Scan MBR ==================================
00:17:16.0334 2096 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
00:17:27.0597 2096 \Device\Harddisk0\DR0 - ok
00:17:27.0597 2096 ================ Scan VBR ==================================
00:17:27.0614 2096 [ ABDC83DEA6DD0DEC878D578F32427DAF ] \Device\Harddisk0\DR0\Partition1
00:17:27.0618 2096 \Device\Harddisk0\DR0\Partition1 - ok
00:17:27.0676 2096 [ C4A48B3D65F03498BC556689345A7F30 ] \Device\Harddisk0\DR0\Partition2
00:17:27.0682 2096 \Device\Harddisk0\DR0\Partition2 - ok
00:17:27.0719 2096 [ FA7A2CD36B86729638DE80B61BF4F664 ] \Device\Harddisk0\DR0\Partition3
00:17:27.0727 2096 \Device\Harddisk0\DR0\Partition3 - ok
00:17:27.0762 2096 [ 9D68C2B8A15F397AD8584C1D3A5D7376 ] \Device\Harddisk0\DR0\Partition4
00:17:27.0764 2096 \Device\Harddisk0\DR0\Partition4 - ok
00:17:27.0765 2096 ============================================================
00:17:27.0765 2096 Scan finished
00:17:27.0765 2096 ============================================================
00:17:27.0773 3180 Detected object count: 0
00:17:27.0773 3180 Actual detected object count: 0
00:18:56.0105 5984 Deinitialize success


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-09-24 00:19:43
-----------------------------
00:19:43.816 OS Version: Windows 6.1.7600
00:19:43.816 Number of processors: 4 586 0x2502
00:19:43.817 ComputerName: RFI-L-SX2N UserName:
00:20:15.422 Initialize success
00:34:51.389 AVAST engine defs: 12092300
00:35:03.361 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
00:35:03.363 Disk 0 Vendor: ST925041 0006 Size: 238475MB BusType: 3
00:35:03.407 Disk 0 MBR read successfully
00:35:03.409 Disk 0 MBR scan
00:35:03.416 Disk 0 Windows 7 default MBR code
00:35:04.948 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 300 MB offset 2048
00:35:04.977 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 220763 MB offset 616448
00:35:05.856 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 15360 MB offset 452739072
00:35:05.948 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 2043 MB offset 484196352
00:35:06.259 Disk 0 scanning sectors +488380416
00:35:08.332 Disk 0 scanning C:\windows\system32\drivers
00:37:47.259 Service scanning
00:42:41.022 Modules scanning
00:44:37.254 Disk 0 trace - called modules:
00:44:37.283 ntkrnlpa.exe CLASSPNP.SYS disk.sys hpdskflt.sys halmacpi.dll ACPI.sys iaStor.sys
00:44:37.287 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x885ef6c8]
00:44:37.291 3 CLASSPNP.SYS[8cafa59e] -> nt!IofCallDriver -> [0x885ef020]
00:44:37.296 5 hpdskflt.sys[8d9f70be] -> nt!IofCallDriver -> [0x87ad78b8]
00:44:37.300 7 ACPI.sys[8c7c13b2] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x87a7a028]
00:44:53.460 AVAST engine scan C:\windows
00:45:38.530 AVAST engine scan C:\windows\system32
01:09:26.976 AVAST engine scan C:\windows\system32\drivers
01:10:47.524 AVAST engine scan C:\Users\Scott Alford
01:44:04.083 AVAST engine scan C:\ProgramData
06:41:00.757 Disk 0 MBR has been saved successfully to "C:\MBR.dat"
06:41:00.916 The log file has been saved successfully to "C:\aswMBR.txt"


Eset wont complete a scan. I have tried it a couple of times. First time it froze at around 26% (120,000 approx files), and the second time at 507,000 approx files.
First time it found 4 files. Adware and Malware files which it deleted. Second time it found no files up to the point it froze at 507,000 files scanned.

I found this log file in the Eset directory in the Programs directory............I dont know if its valid, complete, or the latest scan's log??


ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=b022eaae793dad4ebde93ea3ae541967
# end=stopped
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-09-23 09:07:32
# local_time=2012-09-24 07:07:32 (+1000, AUS Eastern Standard Time)
# country="Australia"
# lang=1033
# osver=6.1.7600 NT
# compatibility_mode=crash
# scanned=20292
# found=4
# cleaned=4
# scan_time=1124
C:\$Recycle.Bin\S-1-5-21-1960408961-1844823847-682003330-3132\$RWVLHXM.exe multiple threats (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\$Recycle.Bin\S-1-5-21-1960408961-1844823847-682003330-3132\$RXRR2IX.exe multiple threats (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Downloads\setup.exe Win32/Adware.ErrorClean application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Downloads\WinZipRegistryOptimizer.exe a variant of Win32/OpenInstall application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
ESETSmartInstaller@High as downloader log:
all ok
Update failed (41217). Trying proxy 10.3.100.518080
finished. ret_update=-1 e_gle=40962
esets_scanner_update returned -1 esets_gle=1
Update failed (41217). Trying proxy 10.3.100.518080
finished. ret_update=-1 e_gle=40962
esets_scanner_update returned -1 esets_gle=1
Update failed (41217). Trying proxy 10.3.100.518080
finished. ret_update=-1 e_gle=40962
esets_scanner_update returned -1 esets_gle=1
Update failed (41217). Trying proxy 10.3.100.518080
finished. ret_update=-1 e_gle=40962
esets_scanner_update returned -1 esets_gle=1
esets_scanner_update returned -1 esets_gle=53251
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=b022eaae793dad4ebde93ea3ae541967
# end=stopped
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-09-24 09:04:06
# local_time=2012-09-25 07:04:06 (+1000, AUS Eastern Standard Time)
# country="Australia"
# lang=1033
# osver=6.1.7600 NT
# compatibility_mode=crash
# scanned=552007
# found=0
# cleaned=0
# scan_time=32179

PC is getting VERY slow, and now switched from maximised and minimised window sizes at random and intermittently................

#4 comalco2000

comalco2000
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:06:13 AM

Posted 25 September 2012 - 04:57 AM

I also forgot to add..............PC wont shutdown anymore.............just hangs "frozen"

#5 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:13 PM

Posted 25 September 2012 - 07:02 AM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

Launch it and scan should start running.After scan gets completed,post the generated log here.

#6 comalco2000

comalco2000
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:06:13 AM

Posted 26 September 2012 - 06:33 PM

Malwarebytes took two days to run and locked up at around 267000 files.
reported 2 adware trojans.
Because it locked up it never created a report to send to you.
I am running it again to see what happens, but expect it to take several days because the PC is sooooooooo slow.

others requested:

MiniToolBox by Farbar Version: 23-07-2012
Ran by SA (administrator) on 27-09-2012 at 09:25:29
Windows 7 Professional (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================


0.0.0.0 localhost
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com


127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com

========================= IP Configuration: ================================



# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
add route prefix=0.0.0.0/0 interface="Local Area Connection" nexthop=192.168.1.1 publish=Yes
add address name="Local Area Connection" address=192.168.1.199


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : RFI-L-SX2N
Primary Dns Suffix . . . . . . . : inside.rfi.com.au
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : inside.rfi.com.au

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 00-24-D7-26-F8-CD
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® 82577LM Gigabit Network Connection
Physical Address. . . . . . . . . : 70-5A-B6-B4-A3-F1
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Bluetooth Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
Physical Address. . . . . . . . . : 70-F3-95-79-B2-44
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : inside.rfi.com.au
Description . . . . . . . . . . . : Intel® Centrino® Ultimate-N 6300 AGN
Physical Address. . . . . . . . . : 00-24-D7-26-F8-CC
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::e0d3:2b13:67e6:4877%11(Preferred)
IPv4 Address. . . . . . . . . . . : 10.3.3.164(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Thursday, 27 September 2012 8:22:49 AM
Lease Expires . . . . . . . . . . : Friday, 5 October 2012 8:22:49 AM
Default Gateway . . . . . . . . . : 10.3.3.1
DHCP Server . . . . . . . . . . . : 10.3.100.125
DHCPv6 IAID . . . . . . . . . . . : 184558807
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-DB-37-F1-70-5A-B6-B4-A3-F1
DNS Servers . . . . . . . . . . . : 10.3.100.11
10.3.100.12
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.inside.rfi.com.au:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 12:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{AD10AA2A-CECD-4AE3-8823-67161CFDD274}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #5
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{1C34CE53-AA52-4776-8BA8-B275429F11ED}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #6
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{6EC72641-02F4-4F00-A2DE-4B67C52DB8F3}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #7
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: rfi-dcu-dc01.inside.rfi.com.au
Address: 10.3.100.11

Name: google.com.com.au
Address: 174.122.148.154


Pinging google.com [74.125.237.70] with 32 bytes of data:
Request timed out.
Request timed out.

Ping statistics for 74.125.237.70:
Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),
Server: rfi-dcu-dc01.inside.rfi.com.au
Address: 10.3.100.11

Name: yahoo.com.com.au
Address: 174.122.148.154


Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Request timed out.
Request timed out.

Ping statistics for 98.138.253.109:
Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),
Server: rfi-dcu-dc01.inside.rfi.com.au
Address: 10.3.100.11

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Request timed out.
Request timed out.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
18...00 24 d7 26 f8 cd ......Microsoft Virtual WiFi Miniport Adapter
14...70 5a b6 b4 a3 f1 ......Intel® 82577LM Gigabit Network Connection
13...70 f3 95 79 b2 44 ......Bluetooth Device (Personal Area Network)
11...00 24 d7 26 f8 cc ......Intel® Centrino® Ultimate-N 6300 AGN
1...........................Software Loopback Interface 1
23...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
19...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
24...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #5
25...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #6
26...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #7
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 10.3.3.1 10.3.3.164 25
10.3.3.0 255.255.255.0 On-link 10.3.3.164 281
10.3.3.164 255.255.255.255 On-link 10.3.3.164 281
10.3.3.255 255.255.255.255 On-link 10.3.3.164 281
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 10.3.3.164 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 10.3.3.164 281
===========================================================================
Persistent Routes:
Network Address Netmask Gateway Address Metric
0.0.0.0 0.0.0.0 192.168.1.1 Default
===========================================================================

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
11 281 fe80::/64 On-link
11 281 fe80::e0d3:2b13:67e6:4877/128
On-link
1 306 ff00::/8 On-link
11 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [51712] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 06 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 07 C:\Windows\system32\wshbth.dll [35840] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 29 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 30 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 31 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 32 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 33 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 34 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 35 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 36 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 37 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 38 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 39 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/27/2012 08:18:13 AM) (Source: WinMgmt) (User: )
Description: 0x8007007e

Error: (09/27/2012 08:17:18 AM) (Source: MSSQLSERVER) (User: )
Description: Server-level event notifications can not be delivered. Either Service Broker is disabled in msdb, or msdsb failed to start. Event notifications in other databases could be affected as well. Bring msdb online, or enable Service Broker.

Error: (09/27/2012 08:17:16 AM) (Source: MSSQLSERVER) (User: )
Description: An error occurred during recovery, preventing the database 'msdb' (database ID 4) from restarting. Diagnose the recovery errors and fix them, or restore from a known good backup. If errors are not corrected or expected, contact Technical Support.

Error: (09/27/2012 08:17:15 AM) (Source: MSSQLSERVER) (User: )
Description: The log scan number (259:216:1) passed to log scan in database 'msdb' is not valid. This error may indicate data corruption or that the log file (.ldf) does not match the data file (.mdf). If this error occurred during replication, re-create the publication. Otherwise, restore from backup if the problem results in a failure during startup.

Error: (09/27/2012 04:04:52 AM) (Source: McLogEvent) (User: NT AUTHORITY)NT AUTHORITY
Description: A thread in process C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe took longer than 90000 ms to complete a request.

The process will be terminated.
Thread id : 2072 (0x818)

Thread address : 0x77916194

Thread message :

Build VSCORE.14.3.0.464 / 5400.1158
Object being scanned = \Device\HarddiskVolume2\Users\Scott Alford\AppData\Roaming\NetSpeedMonitor\data.db-journal
by C:\windows\Explorer.EXE
17018(0)(0)
17017(0)(2)
7007(0)(0)
5006(0)(0)
5004(0)(0)
5003(0)(0)
5002(0)(1)
15002(0)(0)

Error: (09/26/2012 06:49:17 PM) (Source: Windows Search Service) (User: )
Description: The index cannot be initialized.

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (09/26/2012 06:49:17 PM) (Source: Windows Search Service) (User: )
Description: The application cannot be initialized.

Context: Windows Application

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (09/26/2012 06:49:17 PM) (Source: Windows Search Service) (User: )
Description: The gatherer object cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (09/26/2012 06:49:17 PM) (Source: Windows Search Service) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
Element not found. (HRESULT : 0x80070490) (0x80070490)

Error: (09/26/2012 06:49:13 PM) (Source: Windows Search Service) (User: )
Description: The plug-in in <Search.JetPropStore> cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)


System errors:
=============
Error: (09/27/2012 08:59:01 AM) (Source: NETLOGON) (User: )
Description: This computer could not authenticate with \\rfi-dcu-dc02.inside.rfi.com.au, a Windows domain controller
for domain RFILOCAL, and therefore this computer might deny logon requests.
This inability to authenticate might be caused by another computer on the
same network using the same name or the password for this computer account
is not recognized. If this message appears again, contact your system
administrator.

Error: (09/27/2012 08:22:50 AM) (Source: NETLOGON) (User: )
Description: This computer could not authenticate with \\rfi-dcu-dc01.inside.rfi.com.au, a Windows domain controller
for domain RFILOCAL, and therefore this computer might deny logon requests.
This inability to authenticate might be caused by another computer on the
same network using the same name or the password for this computer account
is not recognized. If this message appears again, contact your system
administrator.

Error: (09/27/2012 08:20:08 AM) (Source: Service Control Manager) (User: )
Description: The HP Wireless Assistant Service service terminated unexpectedly. It has done this 1 time(s).

Error: (09/27/2012 08:20:04 AM) (Source: Service Control Manager) (User: )
Description: The HP Power Assistant Service service terminated unexpectedly. It has done this 1 time(s).

Error: (09/27/2012 08:20:02 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
sptd

Error: (09/27/2012 08:20:02 AM) (Source: Service Control Manager) (User: )
Description: The McAfee Framework Service service hung on starting.

Error: (09/27/2012 08:17:17 AM) (Source: Service Control Manager) (User: )
Description: The Remote Graphics Sender Service service terminated with service-specific error %%1.

Error: (09/27/2012 08:16:58 AM) (Source: Service Control Manager) (User: )
Description: The rixdpcie service failed to start due to the following error:
%%1058

Error: (09/27/2012 08:16:58 AM) (Source: Service Control Manager) (User: )
Description: The Ricoh xD-Picture Card Driver service failed to start due to the following error:
%%1058

Error: (09/27/2012 08:16:58 AM) (Source: Service Control Manager) (User: )
Description: The risdpcie service failed to start due to the following error:
%%1058


Microsoft Office Sessions:
=========================
Error: (09/27/2012 08:18:13 AM) (Source: WinMgmt)(User: )
Description: 0x8007007e

Error: (09/27/2012 08:17:18 AM) (Source: MSSQLSERVER)(User: )
Description:

Error: (09/27/2012 08:17:16 AM) (Source: MSSQLSERVER)(User: )
Description: msdb4

Error: (09/27/2012 08:17:15 AM) (Source: MSSQLSERVER)(User: )
Description: (259:216:1)msdb

Error: (09/27/2012 04:04:52 AM) (Source: McLogEvent)(User: NT AUTHORITY)NT AUTHORITY
Description: C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe900002072 (0x818)0x77916194
Build VSCORE.14.3.0.464 / 5400.1158
Object being scanned = \Device\HarddiskVolume2\Users\Scott Alford\AppData\Roaming\NetSpeedMonitor\data.db-journal
by C:\windows\Explorer.EXE
17018(0)(0)
17017(0)(2)
7007(0)(0)
5006(0)(0)
5004(0)(0)
5003(0)(0)
5002(0)(1)
15002(0)(0)

Error: (09/26/2012 06:49:17 PM) (Source: Windows Search Service)(User: )
Description: Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (09/26/2012 06:49:17 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (09/26/2012 06:49:17 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (09/26/2012 06:49:17 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
Element not found. (HRESULT : 0x80070490) (0x80070490)
Search.TripoliIndexer

Error: (09/26/2012 06:49:13 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
Search.JetPropStore


=========================== Installed Programs ============================

32 Bit HP CIO Components Installer (Version: 8.1.1)
ActiveCheck component for HP Active Support Library (Version: 3.0.0.2)
Adobe Acrobat 5.0 (Version: 5.0)
Adobe AIR (Version: 2.0.4.13090)
Adobe Community Help (Version: 3.0.0)
Adobe Community Help (Version: 3.0.0.400)
Adobe Flash Player 10 Plugin (Version: 10.1.52.14)
Adobe Flash Player 11 ActiveX (Version: 11.1.102.62)
Adobe Media Player (Version: 1.8)
Adobe Reader 9.5.1 (Version: 9.5.1)
Advanced PDF Printer (Version: 3.1.0)
ArcSoft PhotoBase 3
ArcSoft PhotoStudio 5.5
AutocompletePro
AV Grabber (Version: 1.00.0000)
Canon D460-490
Canon MOV Decoder (Version: 1.7.0.6)
Canon MOV Encoder (Version: 1.5.0.3)
Canon MovieEdit Task for ZoomBrowser EX (Version: 3.6.0.5)
Canon Utilities Digital Photo Professional 3.9 (Version: 3.9.1.0)
Canon Utilities EOS Utility (Version: 2.9.0.0)
Canon Utilities Original Data Security Tools (Version: 1.9.0.1)
Canon Utilities PhotoStitch (Version: 3.1.22.46)
Canon Utilities Picture Style Editor (Version: 1.8.0.0)
Canon Utilities WFT Utility (Version: 3.5.1.1)
Canon Utilities ZoomBrowser EX (Version: 6.6.0.23)
Canon ZoomBrowser EX Memory Card Utility (Version: 1.4.0.4)
Cisco WebEx Meetings
Citrix online plug-in (DV) (Version: 12.1.0.30)
Citrix online plug-in (HDX) (Version: 12.1.0.30)
Citrix online plug-in (PNA) (Version: 12.1.0.30)
Citrix online plug-in (SSON) (Version: 12.1.0.30)
Citrix online plug-in (USB) (Version: 12.1.0.30)
Citrix online plug-in (Version: 12.1.0.30)
Citrix online plug-in (Web) (Version: 12.1.0.30)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Conduit Engine (Version: )
CyberLink InstantBurn (Version: 5.0.4617)
CyberLink MediaShow (Version: 4.1.3117)
CyberLink Power2Go (Version: 6.1.2918)
CyberLink PowerDVD 8 (Version: 8.0.3228)
CyberLink PowerProducer (Version: 5.0.1.1111)
DAPlayer 1.0.1.9
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
DirectSOFT 5 - Programming (Version: 5.30.194)
Drv (Version: 1.00.0000)
DVD Region+CSS Free 5.9.8.5
DVDFab 8.1.0.0 (16/06/2011) Qt
DVDFab Passkey 8.0.0.1 (12/11/2010)
DVDFab Platinum 3.1.3.5 Beta
Easy-WebPrint
Easy Icon Maker (Version: 5.0)
EasyTerm 4.3
eDocPrinter PDF Pro 6.56 (Version: 6.56.5568)
eDocPrinter PDF Pro Ver 6.02
ESET Online Scanner v3
Excel OCX
EZ Grabber (Version: 1.00.0000)
FastForm 3.7.38 (Version: 3.7.38)
FoxTab FLV Player
FREE Hi-Q Recorder 1.92
GDR 1617 for SQL Server 2008 R2 (KB2494088) (Version: 10.50.1617.0)
GenWatch3 (Version: 2.5.1)
Golden Records Vinyl to CD Converter
Google Earth (Version: 6.1.0.5001)
Google Update Helper (Version: 1.3.21.123)
GoToMeeting 5.1.0.880 (Version: 5.1.0.880)
HP 3D DriveGuard (Version: 4.0.4.1)
HP Business Card Reader (Version: 0.6.3.0)
HP Color LaserJet CP5220 Series 1.0 (Version: 1.0)
HP Common Access Service Library (Version: 3.0.37.1)
HP Customer Experience Enhancements (Version: 6.0.1.3)
HP Customer Participation Program 12.0 (Version: 12.0)
HP ESU for Microsoft Windows 7 (Version: 1.0.5.1)
HP Integrated Module with Bluetooth wireless technology (Version: 6.2.1.500)
HP Power Assistant (Version: 1.0.2.4)
HP Power Data (Version: 1.0.5.74)
HP Quick Launch Buttons (Version: 6.50.12.1)
HP QuickLook (Version: 3.1.0.4)
HP QuickWeb (Version: 1.0.1.48)
HP Setup (Version: 1.2.3557.3169)
HP SkyRoom (Version: 1.1.4.4794.)
HP SoftPaq Download Manager (Version: 3.0.5.0)
HP Software Setup (Version: 7.0.1.5)
HP Support Assistant (Version: 4.3.1.2)
HP User Guides 0160 (Version: 1.01.0000)
HP Wallpaper (Version: 1.0.1.3)
HP Web Camera (Version: 1.0.0)
HP Webcam (Version: 1.0)
HP Webcam Driver (Version: 5.8.50009.1)
HP Wireless Assistant (Version: 4.0.2.4)
HPAsset component for HP Active Support Library (Version: 3.0.0.7)
hppCP5220LaserJetService (Version: 001.000.0.0)
hppFonts (Version: 001.001.00061)
hppHelpNavCP5220 (Version: 001.000.00096)
hppLaserJetService (Version: 001.001.0.0)
hppQFolderCP5220 (Version: 1.00.0000)
hppusgCP5220 (Version: 1.0.0.1)
HyperTerminal Private Edition v7.0
IDT Audio (Version: 1.0.6257.0)
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.2057)
Intel® Management Engine Components (Version: 6.0.0.1179)
Intel® Network Connections Drivers (Version: 14.8)
Intel® Matrix Storage Manager
Java Auto Updater (Version: 2.0.2.4)
Java™ 6 Update 21 (Version: 6.0.210)
Juniper Networks Setup Client (Version: 2.2.5.10685)
Juniper Networks Setup Client Activex Control (Version: 2.1.1.1)
K-Lite Codec Pack 4.0.0 (Full) (Version: 4.0.0)
Leawo Blu-ray Copy Version: 2.0.1.0
Malwarebytes Anti-Malware version 1.65.0.1400 (Version: 1.65.0.1400)
MarketResearch (Version: 120.0.226.000)
McAfee Agent (Version: 4.5.0.1270)
McAfee VirusScan Enterprise (Version: 8.8.00000)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Standard 2010 (Version: 14.0.6029.1000)
Microsoft Office Visio Professional 2003 (Version: 11.0.8173.0)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Report Viewer Redistributable 2008 (KB971119) (Version: 9.0.30731)
Microsoft Report Viewer Redistributable 2008 SP1
Microsoft SQL Server 2008 R2
Microsoft SQL Server 2008 R2 Native Client (Version: 10.50.1617.0)
Microsoft SQL Server 2008 R2 Policies (Version: 10.50.1600.1)
Microsoft SQL Server 2008 R2 RsFx Driver (Version: 10.50.1600.1)
Microsoft SQL Server 2008 R2 Setup (English) (Version: 10.50.1617.0)
Microsoft SQL Server 2008 Setup Support Files (Version: 10.1.2731.0)
Microsoft SQL Server Browser (Version: 10.50.1600.1)
Microsoft SQL Server Compact 3.5 SP2 ENU (Version: 3.5.8080.0)
Microsoft SQL Server Compact 3.5 SP2 Query Tools ENU (Version: 3.5.8080.0)
Microsoft SQL Server VSS Writer (Version: 10.50.1600.1)
Microsoft Sync Framework Runtime Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Sync Framework Services Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Visual Basic 6.0 Professional Edition
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ Run Time Lib Setup (Version: 1.0.0)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (Version: 9.0.35191)
Microsoft Web Publishing Wizard 1.53
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
MiniTool Drive Copy 5.0
MSDN Library - October 2001
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
NCH EN Toolbar (Version: 6.2.6.0)
neroxml (Version: 1.0.0)
NetSetMan version 3.1.1 (Version: 3.1.1)
NetSpeedMonitor 2.5.4.0 x86 (Version: 2.5.4.0)
Network Print Monitor for Windows 2000/XP/2003/Vista
Networking USB Server (Version: 09.0106.1124)
Passware Kit Standard 9.1 (Version: 9.1.698)
Pathloss 4.0
Pathloss 5 (Version: 5.00.0000)
PDF OCX
PGM 1.03
PL-2303 USB-to-Serial (Version: 1.3.0)
Print Preview 5.28 (Version: 5.28)
PxMergeModule (Version: 1.00.0000)
QLBCASL (Version: 6.40.17.2)
Radio Service Software (Version: 1.00.0000)
RegistryFix v8.0
Remote Graphics Receiver (Version: 5.3.2)
Remote Graphics Sender (Version: 5.3.2)
RFI CLI Terminal
Signal-IQ Demo (Version: 2.0.5)
SignalPro® Evaluation (Version: 7.4.2)
SnagIt 7 (Version: 7.2)
SQL Server 2008 R2 Common Files (Version: 10.50.1600.1)
SQL Server 2008 R2 Database Engine Services (Version: 10.50.1600.1)
SQL Server 2008 R2 Database Engine Shared (Version: 10.50.1600.1)
SQL Server 2008 R2 Management Studio (Version: 10.50.1600.1)
Sql Server Customer Experience Improvement Program (Version: 10.50.1600.1)
Storage Server (Version: 1.00.0000)
Symantec Enterprise Vault HTTP-only Outlook Add-In (Version: 9.0.9253)
Synaptics Pointing Device Driver (Version: 15.0.24.0)
ubGridx v4.3.2 (Version: 4.3.2)
UltraVNC 1.0.8.2 (Version: 1.0.8.2)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Validity Fingerprint Driver (Version: 4.0.8.0)
VB-PowerWrap 4.5
VBA Password Recovery Master 2.0
VBGold Smart Print Control V.4.2
VBto Converter 2.52
VCRedistSetup (Version: 1.0.0)
Windows 7 Default Setting (Version: 1.0.1.4)
Windows Driver Package - Broadcom Bluetooth (06/15/2009 6.2.0.9000) (Version: 06/15/2009 6.2.0.9000)
Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405) (Version: 07/30/2009 6.2.0.9405)
Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (Version: 07/28/2009 6.2.0.9800)
Windows Live Essentials (Version: 14.0.8089.0726)
Windows Live Essentials (Version: 14.0.8089.726)
Windows Live Sign-in Assistant (Version: 5.000.818.5)
Windows Live Upload Tool (Version: 14.0.8014.1029)
WiNRADiO G305 Standard (Version: 2.14)
WinRAR archiver (Version: 4.00.2)
Xvid Video Codec (Version: 1.3.1)
ZTreeWin (remove only)

========================= Memory info: ===================================

Percentage of memory in use: 62%
Total physical RAM: 2997.78 MB
Available physical RAM: 1109.29 MB
Total Pagefile: 5993.83 MB
Available Pagefile: 4060.43 MB
Total Virtual: 2047.88 MB
Available Virtual: 1947.54 MB

========================= Partitions: =====================================

1 Drive c: (Local Disk) (Fixed) (Total:215.59 GB) (Free:32.18 GB) NTFS
2 Drive f: (HP_TOOLS) (Fixed) (Total:1.99 GB) (Free:1.48 GB) FAT32
3 Drive g: (DATA1) (Network) (Total:950 GB) (Free:40.1 GB) NTFS
4 Drive q: (SYSTEM) (Fixed) (Total:0.29 GB) (Free:0.25 GB) NTFS

========================= Users: ========================================

User accounts for \\RFI-L-SX2N

Administrator Guest RFI
steve

========================= Restore Points ==================================

Could not list Restore Points.

**** End of log ****


will post others here as I collect them...................

#7 comalco2000

comalco2000
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:06:13 AM

Posted 26 September 2012 - 07:05 PM

# AdwCleaner v2.003 - Logfile created 09/27/2012 at 09:43:37
# Updated 23/09/2012 by Xplode
# Operating system : Windows 7 Professional (32 bits)
# User : Scott Alford - RFI-L-SX2N
# Boot Mode : Normal
# Running from : C:\Users\Scott Alford\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\THUW1RXW\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\user.js
File Deleted : C:\windows\system32\conduitEngine.tmp
Folder Deleted : C:\Program Files\AutocompletePro
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Program Files\ConduitEngine
Folder Deleted : C:\Program Files\NCH_EN
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\Users\Scott Alford\AppData\Local\Babylon
Folder Deleted : C:\Users\Scott Alford\AppData\LocalLow\BabylonToolbar
Folder Deleted : C:\Users\Scott Alford\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Scott Alford\AppData\LocalLow\ConduitEngine
Folder Deleted : C:\Users\Scott Alford\AppData\LocalLow\NCH_EN
Folder Deleted : C:\Users\Scott Alford\AppData\Roaming\Babylon
Folder Deleted : C:\Users\scott.alford\AppData\Local\Conduit
Folder Deleted : C:\Users\scott.alford\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\scott.alford\AppData\LocalLow\ConduitEngine
Folder Deleted : C:\Users\scott.alford\AppData\LocalLow\NCH_EN
Folder Deleted : C:\Users\SCOTTA~1\AppData\Local\Temp\BabylonToolbar

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\conduitEngine
Key Deleted : HKCU\Software\AppDataLow\Software\NCH_EN
Key Deleted : HKCU\Software\AutocompletePro
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{37483B40-C254-4A72-BDA4-22EE90182C1E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{37483B40-C254-4A72-BDA4-22EE90182C1E}
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{442F13BC-2031-42D5-9520-437F65271153}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\AutocompletePro.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\BHO.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{37483B40-C254-4A72-BDA4-22EE90182C1E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5CBF337E-21A1-4D49-84E4-E343B195AD22}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}
Key Deleted : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO
Key Deleted : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO.1
Key Deleted : HKLM\SOFTWARE\Classes\toolband.eb_explorerbar
Key Deleted : HKLM\SOFTWARE\Classes\toolband.eb_explorerbar.1
Key Deleted : HKLM\SOFTWARE\Classes\toolband.ipm_printlistitem
Key Deleted : HKLM\SOFTWARE\Classes\toolband.ipm_printlistitem.1
Key Deleted : HKLM\SOFTWARE\Classes\toolband.pm_launcher
Key Deleted : HKLM\SOFTWARE\Classes\toolband.pm_launcher.1
Key Deleted : HKLM\SOFTWARE\Classes\toolband.pm_printmanager
Key Deleted : HKLM\SOFTWARE\Classes\toolband.pm_printmanager.1
Key Deleted : HKLM\SOFTWARE\Classes\toolband.pr_bindstatuscallback
Key Deleted : HKLM\SOFTWARE\Classes\toolband.pr_bindstatuscallback.1
Key Deleted : HKLM\SOFTWARE\Classes\toolband.pr_cancelbuttoneventhandler
Key Deleted : HKLM\SOFTWARE\Classes\toolband.pr_cancelbuttoneventhandler.1
Key Deleted : HKLM\SOFTWARE\Classes\toolband.tbtoolband
Key Deleted : HKLM\SOFTWARE\Classes\toolband.tbtoolband.1
Key Deleted : HKLM\SOFTWARE\Classes\toolband.useroptions
Key Deleted : HKLM\SOFTWARE\Classes\toolband.useroptions.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2801948
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{01BCB858-2F62-4F06-A8F4-48F927C15333}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\conduitEngine
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\defdhglnppeioeflggkmglipcecffkhk
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{30AAD35A-1635-489C-8504-F6CD0234148D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{82A0C7B9-8497-4B7F-868D-CA2096454850}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EA4254C2-8651-4C22-B815-B7C8965B2732}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{37483B40-C254-4A72-BDA4-22EE90182C1E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5CBF337E-21A1-4D49-84E4-E343B195AD22}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AutocompletePro3_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Conduit Engine
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\NCH_EN Toolbar
Key Deleted : HKLM\Software\NCH_EN
Key Deleted : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{33524C00-63FB-43DB-A6BF-0A4E14B24649}
Value Deleted : HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel [Homepage]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{37483B40-C254-4A72-BDA4-22EE90182C1E}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{37483B40-C254-4A72-BDA4-22EE90182C1E}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

Restored : [HKCU\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]

*************************

AdwCleaner[S1].txt - [7600 octets] - [27/09/2012 09:43:37]

########## EOF - C:\AdwCleaner[S1].txt - [7660 octets] ##########

#8 comalco2000

comalco2000
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:06:13 AM

Posted 26 September 2012 - 07:09 PM

Junkware Removal Tool (JRT) by Thisisu
Version: 1.1.0 (09.26.2012)
OS: Windows 7 Professional x86
Ran by Scott Alford on Thu 27/09/2012 at 10:08:54.58
Blog: http://thisisudax.blogspot.com
**************************************************************




*** Registry Values: 0 Detections



*** Registry Keys:

Successfully deleted: [KEY] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}
Successfully deleted: [KEY] hkey_classes_root\clsid\{3c471948-f874-49f5-b338-4f214a2ee0b1}



*** Files:

Successfully deleted: [FILE] C:\eula.1028.txt
Successfully deleted: [FILE] C:\eula.1031.txt
Successfully deleted: [FILE] C:\eula.1033.txt
Successfully deleted: [FILE] C:\eula.1036.txt
Successfully deleted: [FILE] C:\eula.1040.txt
Successfully deleted: [FILE] C:\eula.1041.txt
Successfully deleted: [FILE] C:\eula.1042.txt
Successfully deleted: [FILE] C:\eula.2052.txt
Successfully deleted: [FILE] C:\install.res.1028.dll
Successfully deleted: [FILE] C:\install.res.1031.dll
Successfully deleted: [FILE] C:\install.res.1033.dll
Successfully deleted: [FILE] C:\install.res.1036.dll
Successfully deleted: [FILE] C:\install.res.1040.dll
Successfully deleted: [FILE] C:\install.res.1041.dll
Successfully deleted: [FILE] C:\install.res.1042.dll
Successfully deleted: [FILE] C:\install.res.2052.dll
Successfully deleted: [FILE] C:\install.res.3082.dll



*** Folders: 0 Detections



*** Ask Toolbar: - Remnants removed







*** Event Viewer Logs - Cleared





**************************************************************
Scan was completed on Thu 27/09/2012 at 10:09:05.89
End of Report

#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:13 PM

Posted 26 September 2012 - 07:22 PM

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


?

#10 comalco2000

comalco2000
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:06:13 AM

Posted 27 September 2012 - 01:34 AM

Malwarebytes went a way through and then locked up again. No threats found up until the point it locked up (about 127000 files checked)



Farbar Service Scanner Version: 19-09-2012
Ran by SA (administrator) on 27-09-2012 at 16:31:31
Running from "C:\Users\SA\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HA5NI267"
Windows 7 Professional (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error: Google IP is offline
Attempt to access Google.com returned error: Google.com is offline
Attempt to access Yahoo IP returned error: Yahoo IP is offline
Attempt to access Yahoo.com returned error: Yahoo.com is offline


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.

bfe Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.

BITS Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============
Checking Start type of SharedAccess: ATTENTION!=====> Unable to retrieve start type of SharedAccess. The value does not exist.
Checking ImagePath of SharedAccess: ATTENTION!=====> Unable to retrieve ImagePath of SharedAccess. The value does not exist.
Checking ServiceDll of SharedAccess: ATTENTION!=====> Unable to retrieve ServiceDll of SharedAccess. The value does not exist.


File Check:
========
C:\windows\system32\nsisvc.dll => MD5 is legit
C:\windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\windows\system32\dhcpcore.dll => MD5 is legit
C:\windows\system32\Drivers\afd.sys => MD5 is legit
C:\windows\system32\Drivers\tdx.sys => MD5 is legit
C:\windows\system32\Drivers\tcpip.sys
[2012-05-11 15:42] - [2012-03-30 20:29] - 1287024 ____A (Microsoft Corporation) 55E9965552741F3850CB22CBBA9671ED

C:\windows\system32\dnsrslvr.dll
[2011-04-15 11:08] - [2011-03-03 15:29] - 0132608 ____A (Microsoft Corporation) B15BE77A2BACF9C3177D27518AFE26A9

C:\windows\system32\mpssvc.dll
[2009-07-14 09:53] - [2009-07-14 11:15] - 0565760 ____A (Microsoft Corporation) 5CD996CECF45CBC3E8D109C86B82D69E

C:\windows\system32\bfe.dll
[2009-07-14 09:54] - [2009-07-14 11:14] - 0493568 ____A (Microsoft Corporation) 85AC71C045CEB054ED48A7841AAE0C11

C:\windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\windows\system32\SDRSVC.dll
[2009-07-14 09:23] - [2009-07-14 11:16] - 0125952 ____A (Microsoft Corporation) 5FD90ABDBFAEE85986802622CBB03446

C:\windows\system32\vssvc.exe
[2009-07-14 09:24] - [2009-07-14 11:14] - 1025536 ____A (Microsoft Corporation) 7EA2BCD94D9CFAF4C556F5CC94532A6C

C:\windows\system32\wscsvc.dll
[2011-02-10 20:52] - [2010-12-21 15:38] - 0073728 ____A (Microsoft Corporation) A661A76333057B383A06E65F0073222F

C:\windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\windows\system32\wuaueng.dll
[2009-07-14 10:15] - [2009-07-14 11:16] - 1912832 ____A (Microsoft Corporation) A33408CC036F9C08142B11BE5E93F0A1

C:\windows\system32\qmgr.dllFarbar Service Scanner Version: 19-09-2012
Ran by Scott Alford (administrator) on 27-09-2012 at 16:31:31
Running from "C:\Users\Scott Alford\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HA5NI267"
Windows 7 Professional (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error: Google IP is offline
Attempt to access Google.com returned error: Google.com is offline
Attempt to access Yahoo IP returned error: Yahoo IP is offline
Attempt to access Yahoo.com returned error: Yahoo.com is offline


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.

bfe Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.

BITS Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============
Checking Start type of SharedAccess: ATTENTION!=====> Unable to retrieve start type of SharedAccess. The value does not exist.
Checking ImagePath of SharedAccess: ATTENTION!=====> Unable to retrieve ImagePath of SharedAccess. The value does not exist.
Checking ServiceDll of SharedAccess: ATTENTION!=====> Unable to retrieve ServiceDll of SharedAccess. The value does not exist.


File Check:
========
C:\windows\system32\nsisvc.dll => MD5 is legit
C:\windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\windows\system32\dhcpcore.dll => MD5 is legit
C:\windows\system32\Drivers\afd.sys => MD5 is legit
C:\windows\system32\Drivers\tdx.sys => MD5 is legit
C:\windows\system32\Drivers\tcpip.sys
[2012-05-11 15:42] - [2012-03-30 20:29] - 1287024 ____A (Microsoft Corporation) 55E9965552741F3850CB22CBBA9671ED

C:\windows\system32\dnsrslvr.dll
[2011-04-15 11:08] - [2011-03-03 15:29] - 0132608 ____A (Microsoft Corporation) B15BE77A2BACF9C3177D27518AFE26A9

C:\windows\system32\mpssvc.dll
[2009-07-14 09:53] - [2009-07-14 11:15] - 0565760 ____A (Microsoft Corporation) 5CD996CECF45CBC3E8D109C86B82D69E

C:\windows\system32\bfe.dll
[2009-07-14 09:54] - [2009-07-14 11:14] - 0493568 ____A (Microsoft Corporation) 85AC71C045CEB054ED48A7841AAE0C11

C:\windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\windows\system32\SDRSVC.dll
[2009-07-14 09:23] - [2009-07-14 11:16] - 0125952 ____A (Microsoft Corporation) 5FD90ABDBFAEE85986802622CBB03446

C:\windows\system32\vssvc.exe
[2009-07-14 09:24] - [2009-07-14 11:14] - 1025536 ____A (Microsoft Corporation) 7EA2BCD94D9CFAF4C556F5CC94532A6C

C:\windows\system32\wscsvc.dll
[2011-02-10 20:52] - [2010-12-21 15:38] - 0073728 ____A (Microsoft Corporation) A661A76333057B383A06E65F0073222F

C:\windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\windows\system32\wuaueng.dll
[2009-07-14 10:15] - [2009-07-14 11:16] - 1912832 ____A (Microsoft Corporation) A33408CC036F9C08142B11BE5E93F0A1

C:\windows\system32\qmgr.dll
[2009-07-14 09:30] - [2009-07-14 11:16] - 0589312 ____A (Microsoft Corporation) 53F476476F55A27F580661BDE09C4EC4

C:\windows\system32\es.dll => MD5 is legit
C:\windows\system32\cryptsvc.dll
[2012-06-16 13:46] - [2012-04-24 14:47] - 0139264 ____A (Microsoft Corporation) 520A108A2657F4BCA7FCED9CA7D885DE

C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\windows\system32\ipnathlp.dll => MD5 is legit
C:\windows\system32\svchost.exe => MD5 is legit
C:\windows\system32\rpcss.dll => MD5 is legit



[2009-07-14 09:30] - [2009-07-14 11:16] - 0589312 ____A (Microsoft Corporation) 53F476476F55A27F580661BDE09C4EC4

C:\windows\system32\es.dll => MD5 is legit
C:\windows\system32\cryptsvc.dll
[2012-06-16 13:46] - [2012-04-24 14:47] - 0139264 ____A (Microsoft Corporation) 520A108A2657F4BCA7FCED9CA7D885DE

C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\windows\system32\ipnathlp.dll => MD5 is legit
C:\windows\system32\svchost.exe => MD5 is legit
C:\windows\system32\rpcss.dll => MD5 is legit

#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:13 PM

Posted 27 September 2012 - 01:37 AM

Run the services repair tool

http://kb.eset.com/library/ESET/KB%20Team%20Only/Malware/ServicesRepair.exe

Run Farbar service scanner again and post the new log


Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#12 comalco2000

comalco2000
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:06:13 AM

Posted 30 September 2012 - 05:30 PM

Farbar Service Scanner Version: 19-09-2012
Ran by Scott Alford (administrator) on 01-10-2012 at 08:06:23
Running from "C:\Users\Scott Alford\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\F4K0FOXG"
Windows 7 Professional (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error: Google IP is offline
Attempt to access Google.com returned error: Google.com is offline
Attempt to access Yahoo IP returned error: Yahoo IP is offline
Attempt to access Yahoo.com returned error: Yahoo.com is offline


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is OK.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is OK.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\windows\system32\nsisvc.dll => MD5 is legit
C:\windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\windows\system32\dhcpcore.dll => MD5 is legit
C:\windows\system32\Drivers\afd.sys => MD5 is legit
C:\windows\system32\Drivers\tdx.sys => MD5 is legit
C:\windows\system32\Drivers\tcpip.sys
[2012-05-11 15:42] - [2012-03-30 20:29] - 1287024 ____A (Microsoft Corporation) 55E9965552741F3850CB22CBBA9671ED

C:\windows\system32\dnsrslvr.dll
[2011-04-15 11:08] - [2011-03-03 15:29] - 0132608 ____A (Microsoft Corporation) B15BE77A2BACF9C3177D27518AFE26A9

C:\windows\system32\mpssvc.dll
[2009-07-14 09:53] - [2009-07-14 11:15] - 0565760 ____A (Microsoft Corporation) 5CD996CECF45CBC3E8D109C86B82D69E

C:\windows\system32\bfe.dll
[2009-07-14 09:54] - [2009-07-14 11:14] - 0493568 ____A (Microsoft Corporation) 85AC71C045CEB054ED48A7841AAE0C11

C:\windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\windows\system32\SDRSVC.dll
[2009-07-14 09:23] - [2009-07-14 11:16] - 0125952 ____A (Microsoft Corporation) 5FD90ABDBFAEE85986802622CBB03446

C:\windows\system32\vssvc.exe
[2009-07-14 09:24] - [2009-07-14 11:14] - 1025536 ____A (Microsoft Corporation) 7EA2BCD94D9CFAF4C556F5CC94532A6C

C:\windows\system32\wscsvc.dll
[2011-02-10 20:52] - [2010-12-21 15:38] - 0073728 ____A (Microsoft Corporation) A661A76333057B383A06E65F0073222F

C:\windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\windows\system32\wuaueng.dll
[2009-07-14 10:15] - [2009-07-14 11:16] - 1912832 ____A (Microsoft Corporation) A33408CC036F9C08142B11BE5E93F0A1

C:\windows\system32\qmgr.dll
[2009-07-14 09:30] - [2009-07-14 11:16] - 0589312 ____A (Microsoft Corporation) 53F476476F55A27F580661BDE09C4EC4

C:\windows\system32\es.dll => MD5 is legit
C:\windows\system32\cryptsvc.dll
[2012-06-16 13:46] - [2012-04-24 14:47] - 0139264 ____A (Microsoft Corporation) 520A108A2657F4BCA7FCED9CA7D885DE

C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\windows\system32\ipnathlp.dll => MD5 is legit
C:\windows\system32\svchost.exe => MD5 is legit
C:\windows\system32\rpcss.dll => MD5 is legit




Rkill 2.4.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 10/01/2012 08:20:23 AM in x86 mode.
Windows Version: Windows 7 Professional

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe (PID: 4568) [FI]
* C:\Users\Scott Alford\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\F4K0FOXG\FSS.exe (PID: 6012) [UP-HEUR]

2 proccesses terminated!

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

* ALERT: ZEROACCESS rootkit symptoms found!

* HKEY_CLASSES_ROOT\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InprocServer32 [ZA Reg Hijack]
* C:\Users\Scott Alford\AppData\Local\{6600a832-7d2e-4ee3-bdfe-264a02e9caba}\ [ZA Dir]
* C:\Users\Scott Alford\AppData\Local\{6600a832-7d2e-4ee3-bdfe-264a02e9caba}\L\ [ZA Dir]
* C:\Users\Scott Alford\AppData\Local\{6600a832-7d2e-4ee3-bdfe-264a02e9caba}\U\ [ZA Dir]
* C:\Users\Scott Alford\AppData\Local\{6600a832-7d2e-4ee3-bdfe-264a02e9caba}\U\00000001.@ [ZA File]
* C:\windows\installer\{6600a832-7d2e-4ee3-bdfe-264a02e9caba}\ [ZA Dir]
* C:\windows\installer\{6600a832-7d2e-4ee3-bdfe-264a02e9caba}\L\ [ZA Dir]
* C:\windows\installer\{6600a832-7d2e-4ee3-bdfe-264a02e9caba}\U\ [ZA Dir]

Checking Windows Service Integrity:

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Manual

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

0.0.0.0 localhost
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com

Program finished at: 10/01/2012 08:21:27 AM
Execution time: 0 hours(s), 1 minute(s), and 3 seconds(s)


"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files\common files\adobe\arm\1.0\adobearm.exe"
+ "Adobe Reader Speed Launcher" "Adobe Acrobat SpeedLauncher" "Adobe Systems Incorporated" "c:\program files\adobe\reader 9.0\reader\reader_sl.exe"
+ "BDRegion" "brs" "cyberlink" "c:\program files\cyberlink\shared files\brs.exe"
+ "CLMLServer" "CyberLink MediaLibray Service" "CyberLink" "c:\program files\cyberlink\power2go\clmlsvc.exe"
+ "ConnectionCenter" "Citrix online plug-in Connection Center" "Citrix Systems, Inc." "c:\program files\citrix\ica client\concentr.exe"
+ "HotKeysCmds" "hkcmd Module" "Intel Corporation" "c:\windows\system32\hkcmd.exe"
+ "HPPowerAssistant" "HP Power Assistant" "Hewlett-Packard" "c:\program files\hewlett-packard\hp power assistant\hppa_main.exe"
+ "HPUsageTrackingLEDM" "HP UT LEDM Driver" "Hewlett-Packard Company" "c:\program files\hp\hp ut ledm\bin\hppusg.exe"
+ "HPWirelessAssistant" "HP Wireless Assistant" "Hewlett-Packard" "c:\program files\hewlett-packard\hp wireless assistant\hpwa_main.exe"
+ "IAAnotif" "Event Monitor User Notification Tool" "Intel Corporation" "c:\program files\intel\intel matrix storage manager\iaanotif.exe"
+ "IgfxTray" "igfxTray Module" "Intel Corporation" "c:\windows\system32\igfxtray.exe"
+ "IMSS" "PIconStartup application" "" "c:\program files\intel\intel® management engine components\imss\piconstartup.exe"
+ "InstantBurn" "InstantBurn UDF Tool" "CyberLink Corporation." "c:\program files\cyberlink\instantburn\win2k\iburn.exe"
+ "McAfeeUpdaterUI" "Common User Interface" "McAfee, Inc." "c:\program files\mcafee\common framework\udaterui.exe"
+ "MDS_Menu" "MUI StartMenu Application" "CyberLink Corp." "c:\program files\cyberlink\mediashow4\muitransfer\muistartmenu.exe"
+ "NeroCheck" "NeroCheck" "Ahead Software Gmbh" "c:\windows\system32\nerocheck.exe"
+ "PDVD8LanguageShortcut" "PowerDVD Language Application" "CyberLink Corp." "c:\program files\cyberlink\powerdvd8\language\language.exe"
+ "Persistence" "persistence Module" "Intel Corporation" "c:\windows\system32\igfxpers.exe"
+ "QlbCtrl.exe" "Quick Launch Buttons" " Hewlett-Packard Development Company, L.P." "c:\program files\hewlett-packard\hp quick launch buttons\qlbctrl.exe"
+ "RemoteControl8" "PowerDVD RC Service" "CyberLink Corp." "c:\program files\cyberlink\powerdvd8\pdvd8serv.exe"
+ "ShStatEXE" "VirusScan tray icon" "McAfee, Inc." "c:\program files\mcafee\virusscan enterprise\shstat.exe"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files\common files\java\java update\jusched.exe"
+ "SynTPEnh" "Synaptics TouchPad Enhancements" "Synaptics Incorporated" "c:\program files\synaptics\syntp\syntpenh.exe"
+ "SysTrayApp" "IDT PC Audio" "IDT, Inc." "c:\program files\idt\wdm\sttray.exe"
+ "UpdateP2GoShortCut" "MUI StartMenu Application" "CyberLink Corp." "c:\program files\cyberlink\power2go\muitransfer\muistartmenu.exe"
+ "UpdatePPShortCut" "MUI StartMenu Application" "CyberLink Corp." "c:\program files\cyberlink\powerproducer\muitransfer\muistartmenu.exe"
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "Acrobat Assistant.lnk" "AcroTray" "Adobe Systems Inc." "c:\program files\adobe\acrobat 5.0\distillr\acrotray.exe"
+ "Bluetooth.lnk" "Bluetooth Tray Application" "Broadcom Corporation." "c:\program files\widcomm\bluetooth software\bttray.exe"
+ "LaunchPad.lnk" "GW_Alert" "Burks GenCore International Co., Inc." "c:\program files\genesis\genwatch3\gw_alert.exe"
+ "Online plug-in.lnk" "" "" "c:\windows\installer\{0f1f7a90-e71b-4e45-a066-2891619f22e1}\pnaico.exe.20fbbf0a_a7e5_4bde_9798_9811c3d135ac.exe"
+ "SnagIt 7.lnk" "SnagIt 7" "TechSmith Corporation" "c:\program files\techsmith\snagit 7\snagit32.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "DVDFab Passkey" "DVDFab Passkey is a Windows-based driver that works on-the-fly to unprotect encrypted movie DVDs and Blu-ray discs. - x86" "Fengtao Software Inc." "c:\program files\dvdfab passkey\dvdfabpasskey.exe"
+ "ISUSPM" "Macrovision Software Manager" "Macrovision Corporation" "c:\program files\common files\installshield\updateservice\isuspm.exe"
+ "NetSetMan" "Network Settings Manager" "Ilja Herlein" "c:\program files\netsetman\netsetman.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "application/x-ica" "Citrix online plug-in ICAMimeFilter DLL" "Citrix Systems, Inc." "c:\program files\citrix\ica client\icamimefilter.dll"
+ "application/x-ica; charset=euc-jp" "Citrix online plug-in ICAMimeFilter DLL" "Citrix Systems, Inc." "c:\program files\citrix\ica client\icamimefilter.dll"
+ "application/x-ica; charset=ISO-8859-1" "Citrix online plug-in ICAMimeFilter DLL" "Citrix Systems, Inc." "c:\program files\citrix\ica client\icamimefilter.dll"
+ "application/x-ica; charset=MS936" "Citrix online plug-in ICAMimeFilter DLL" "Citrix Systems, Inc." "c:\program files\citrix\ica client\icamimefilter.dll"
+ "application/x-ica; charset=MS949" "Citrix online plug-in ICAMimeFilter DLL" "Citrix Systems, Inc." "c:\program files\citrix\ica client\icamimefilter.dll"
+ "application/x-ica; charset=MS950" "Citrix online plug-in ICAMimeFilter DLL" "Citrix Systems, Inc." "c:\program files\citrix\ica client\icamimefilter.dll"
+ "application/x-ica; charset=UTF-8" "Citrix online plug-in ICAMimeFilter DLL" "Citrix Systems, Inc." "c:\program files\citrix\ica client\icamimefilter.dll"
+ "application/x-ica; charset=UTF8" "Citrix online plug-in ICAMimeFilter DLL" "Citrix Systems, Inc." "c:\program files\citrix\ica client\icamimefilter.dll"
+ "application/x-ica;charset=euc-jp" "Citrix online plug-in ICAMimeFilter DLL" "Citrix Systems, Inc." "c:\program files\citrix\ica client\icamimefilter.dll"
+ "application/x-ica;charset=ISO-8859-1" "Citrix online plug-in ICAMimeFilter DLL" "Citrix Systems, Inc." "c:\program files\citrix\ica client\icamimefilter.dll"
+ "application/x-ica;charset=MS936" "Citrix online plug-in ICAMimeFilter DLL" "Citrix Systems, Inc." "c:\program files\citrix\ica client\icamimefilter.dll"
+ "application/x-ica;charset=MS949" "Citrix online plug-in ICAMimeFilter DLL" "Citrix Systems, Inc." "c:\program files\citrix\ica client\icamimefilter.dll"
+ "application/x-ica;charset=MS950" "Citrix online plug-in ICAMimeFilter DLL" "Citrix Systems, Inc." "c:\program files\citrix\ica client\icamimefilter.dll"
+ "application/x-ica;charset=UTF-8" "Citrix online plug-in ICAMimeFilter DLL" "Citrix Systems, Inc." "c:\program files\citrix\ica client\icamimefilter.dll"
+ "application/x-ica;charset=UTF8" "Citrix online plug-in ICAMimeFilter DLL" "Citrix Systems, Inc." "c:\program files\citrix\ica client\icamimefilter.dll"
+ "ica" "Citrix online plug-in ICAMimeFilter DLL" "Citrix Systems, Inc." "c:\program files\citrix\ica client\icamimefilter.dll"
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office11\msoxmlmf.dll"
"HKLM\SOFTWARE\Classes\Protocols\Handler" "" "" ""
+ "ms-help" "Microsoft® Help Data Services Module" "Microsoft Corporation" "c:\program files\common files\microsoft shared\help\hxds.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks" "" "" ""
+ "DVDIdleShell Class" "DVD Region-Free Shell Module" "Fengtao Software Inc." "c:\program files\dvd region+css free\dvdshell.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "DVDFAB32" "DVDFab Shell Extension - x86" "Fengtao Software Inc." "c:\program files\dvdfab 8 qt\dvdfabshellex.dll"
+ "SnagItMainShellExt" "SnagIt Shell Extension DLL" "TechSmith Corporation" "c:\program files\techsmith\snagit 7\snagitshellext.dll"
+ "VirusScan" "Shell Extension" "McAfee, Inc." "c:\program files\mcafee\virusscan enterprise\shext.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "SnagItMainShellExt" "SnagIt Shell Extension DLL" "TechSmith Corporation" "c:\program files\techsmith\snagit 7\snagitshellext.dll"
+ "VirusScan" "Shell Extension" "McAfee, Inc." "c:\program files\mcafee\virusscan enterprise\shext.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Classes\Directory\Shellex\CopyHookHandlers" "" "" ""
+ "Monitor" "BTNCopy Module" "Broadcom Corporation." "c:\program files\widcomm\bluetooth software\btncopy.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
+ "igfxcui" "igfxpph Module" "Intel Corporation" "c:\windows\system32\igfxpph.dll"
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
+ "VirusScan" "Shell Extension" "McAfee, Inc." "c:\program files\mcafee\virusscan enterprise\shext.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "Adobe PDF Reader Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files\common files\adobe\acrobat\activex\acroiehelper.dll"
+ "HelperObject Class" "SnagIt Browser Helper Object for Internet Explorer" "TechSmith Corporation" "c:\program files\techsmith\snagit 7\snagitbho.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files\java\jre6\bin\jp2ssv.dll"
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files\microsoft office\office14\urlredir.dll"
+ "scriptproxy" "VSCore Script Scanner" "McAfee, Inc." "c:\program files\common files\mcafee\systemcore\scriptsn.20110607180201.dll"
+ "Windows Live Sign-in Helper" "WindowsLiveLogin.dll" "Microsoft Corporation" "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "Easy-WebPrint" "Easy-WebPrint" "" "c:\program files\canon\easy-webprint\toolband.dll"
+ "SnagIt" "SnagIt Add-in for Internet Explorer" "TechSmith Corporation" "c:\program files\techsmith\snagit 7\snagitieaddin.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "OneNote Lin&ked Notes" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office14\onbttnielinkednotes.dll"
+ "Se&nd to OneNote" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office14\onbttnie.dll"
+ "Send to &Bluetooth Device..." "" "" "c:\program files\widcomm\bluetooth software\btsendto_ie.htm"
"Task Scheduler" "" "" ""
+ "\GoogleUpdateTaskMachineCore" "Google Installer" "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskMachineUA" "Google Installer" "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "\Hewlett-Packard\HP Assistant\HP Total Care Tune-Up" "HPTuneUp" "Hewlett-Packard Company" "c:\program files\hewlett-packard\hp support framework\hptuneup.exe"
+ "\Hewlett-Packard\HP Assistant\PC Health Analysis" "HP Support Assistant" "Hewlett-Packard" "c:\program files\hewlett-packard\hp support framework\hpsf.exe"
+ "\Hewlett-Packard\HP Assistant\PC Tuneup" "HP Support Assistant" "Hewlett-Packard" "c:\program files\hewlett-packard\hp support framework\hpsf.exe"
+ "\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask" "UtilTask" "Microsoft" "c:\program files\hewlett-packard\hp health check\activecheck\product_line\utiltask.exe"
+ "\HPCeeScheduleForScott Alford" "HP Ceement" "Hewlett-Packard" "c:\program files\hewlett-packard\hp ceement\hpcee.exe"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
+ "\RunAsStdUser Task" "" "" "c:\users\scott"
+ "\{08397001-0412-457E-9AD1-01A3B2EB2B1A}" "" "" "File not found: Z:\Setup.exe"
X "\{349244BA-01D9-4D13-ADD4-2280794E01C9}" "" "" "File not found: C:\Program Files\Motorola\Radio Service Software\jre\bin\javaw.exe"
+ "\{3735626C-16C3-4FD2-B449-C959F864CF7B}" "" "" "File not found: Z:\Drv98Setup.exe"
+ "\{633F7DF8-08C2-4F89-9D74-90BDF506FD5A}" "One Touch Video Capture" "" "c:\program files\ez grabber\ez grabber.exe"
X "\{761D0789-A562-48F2-A5F4-01F04A7AA9F6}" "" "" "File not found: C:\Program Files\Motorola\Radio Service Software\jre\bin\javaw.exe"
X "\{774406CE-5AA3-4D27-BB59-8741D9025009}" "" "" "File not found: C:\Program Files\Motorola\Radio Service Software\jre\bin\javaw.exe"
X "\{7A33ADD9-DDDB-4CEA-9389-A568B8FB11A6}" "" "" "File not found: C:\Program Files\Motorola\Radio Service Software\jre\bin\javaw.exe"
X "\{8341FA0C-E2CA-49B0-88AB-B649282D72BF}" "" "" "File not found: C:\Program Files\Motorola\Radio Service Software\jre\bin\javaw.exe"
+ "\{89C9FDA1-E84B-4C5F-9B00-9D2A8B310F4C}" "" "" "File not found: Z:\Setup.exe"
X "\{92A3FA24-C369-4D8F-B538-6CAB9210E780}" "" "" "File not found: C:\Program Files\Motorola\Radio Service Software\jre\bin\javaw.exe"
X "\{A173A77C-E1F6-4AA0-A99F-A5E297FFF6FF}" "" "" "File not found: C:\Program Files\Motorola\Radio Service Software\jre\bin\javaw.exe"
X "\{A64FA8D5-888C-4524-BD9E-B568A2AA6000}" "" "" "File not found: C:\Program Files\Motorola\Radio Service Software\jre\bin\javaw.exe"
+ "\{B22D7B9C-C1BB-4231-A060-E22664575A9C}" "" "" "File not found: Z:\Drv98Setup.exe"
X "\{B9178198-6291-437E-A07F-431889F3D5E0}" "" "" "File not found: C:\Program Files\Motorola\Radio Service Software\jre\bin\javaw.exe"
X "\{BD20EF92-260D-49D9-BCBB-03AD6139CF77}" "" "" "File not found: C:\Program Files\Motorola\Radio Service Software\jre\bin\javaw.exe"
X "\{C08F30AE-E764-4593-B8F4-A25F64B00423}" "" "" "File not found: C:\Program Files\Motorola\Radio Service Software\jre\bin\javaw.exe"
X "\{C5C46EC0-9A6D-4639-ABBA-896C658915EF}" "" "" "File not found: C:\Program Files\Motorola\Radio Service Software\jre\bin\javaw.exe"
X "\{C8BEF914-B3EC-4720-83A2-3D0DFC9A39ED}" "" "" "File not found: C:\Program Files\Motorola\Radio Service Software\jre\bin\javaw.exe"
+ "\{DC0D43E4-79D8-4820-8183-ABC31AD3D17E}" "" "" "File not found: Z:\Setup.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AESTFilters" "Andrea filters APO access service (32-bit)" "Andrea Electronics Corporation" "c:\windows\system32\driverstore\filerepository\stwrt.inf_x86_neutral_1fb74af29935fce6\aestsrv.exe"
+ "AgereModemAudio" "LSI Soft Modem Call Progress Service" "LSI Corporation" "c:\program files\lsi softmodem\agrsmsvc.exe"
+ "atashost" "WebEx Support Center." "Cisco WebEx LLC" "c:\windows\system32\atashost.exe"
+ "btwdins" "Handles installation and removal of Bluetooth devices." "Broadcom Corporation." "c:\program files\widcomm\bluetooth software\btwdins.exe"
+ "Com4QLBEx" "Com for QLB application" "Hewlett-Packard Development Company, L.P." "c:\program files\hewlett-packard\hp quick launch buttons\com4qlbex.exe"
+ "GenWatchService" "GenWatch" "Burks GenCore International Co., Inc." "c:\program files\genesis\genwatch3\genwatch.exe"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "HP Health Check Service" "HP Health Check Service" "Hewlett-Packard" "c:\program files\hewlett-packard\hp health check\hphc_service.exe"
+ "HP LaserJet Service" "A system service that allows HP Software to easily connect to your LaserJet for everyday tasks." "HP" "c:\program files\hp\hplaserjetservice\hplaserjetservice.exe"
+ "HP Power Assistant Service" "This service monitors the power usage of this computer and allows the HP Power Assistant application to turn devices on and off." "Hewlett-Packard" "c:\program files\hewlett-packard\hp power assistant\hppa_service.exe"
+ "HP Wireless Assistant Service" "This service monitors the wireless devices in this computer and allows the HP Wireless Assistant application to turn devices on and off." "Hewlett-Packard" "c:\program files\hewlett-packard\hp wireless assistant\hpwa_service.exe"
+ "Hp.Skyroom.Windows.Service" "Provides supporting functionality for HP SkyRoom clients" "Hewlett-Packard" "c:\program files\hewlett-packard\hp skyroom\hp.skyroom.windows.service.exe"
+ "HPDrvMntSvc.exe" "This service manages the HP_TOOLS partition, which is used by both Windows applications and HP Pre-Boot applications, to ensure seamless operation and syncrhonization of data between the two environments." "Hewlett-Packard Company" "c:\program files\hewlett-packard\shared\hpdrvmntsvc.exe"
+ "hpqwmiex" "hpqwmiex Module" "Hewlett-Packard Development Company, L.P." "c:\program files\hewlett-packard\shared\hpqwmiex.exe"
+ "hpsrv" "HpService" "Hewlett-Packard Company" "c:\windows\system32\hpservice.exe"
+ "IAANTMON" "RAID Monitor" "Intel Corporation" "c:\program files\intel\intel matrix storage manager\iaantmon.exe"
+ "IDriverT" "Provides support for the Running Object Table for InstallShield Drivers" "Macrovision Corporation" "c:\program files\common files\installshield\driver\1050\intel 32\idrivert.exe"
+ "LMS" "Allows applications to access the local Intel® Management and Security Application using its locally-available selected network interfaces." "Intel Corporation" "c:\program files\intel\intel® management engine components\lms\lms.exe"
+ "MBAMScheduler" "Malwarebytes Anti-Malware scheduler" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamscheduler.exe"
+ "MBAMService" "Malwarebytes Anti-Malware service" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamservice.exe"
+ "McAfeeFramework" "Shared component framework for McAfee products" "McAfee, Inc." "c:\program files\mcafee\common framework\frameworkservice.exe"
+ "McShield" "McAfee OnAccess Scanner" "McAfee, Inc." "c:\program files\common files\mcafee\systemcore\mcshield.exe"
+ "McTaskManager" "Allows scheduling of McAfee scanning and updating activities." "McAfee, Inc." "c:\program files\mcafee\virusscan enterprise\vstskmgr.exe"
+ "MDM" "Supports local and remote debugging for Visual Studio and script debuggers. If this service is stopped, the debuggers will not function properly." "Microsoft Corporation" "c:\program files\common files\microsoft shared\vs7debug\mdm.exe"
+ "mfevtp" "Provides validation trust protection services" "McAfee, Inc." "c:\windows\system32\mfevtps.exe"
+ "MSSQL$SQLEXPRESS" "Provides storage, processing and controlled access of data, and rapid transaction processing." "Microsoft Corporation" "c:\program files\microsoft sql server\mssql10_50.sqlexpress\mssql\binn\sqlservr.exe"
+ "MSSQLSERVER" "Provides storage, processing and controlled access of data, and rapid transaction processing." "Microsoft Corporation" "c:\program files\microsoft sql server\mssql10_50.mssqlserver\mssql\binn\sqlservr.exe"
+ "Net Driver HPZ12" "Dot4Net Module" "Hewlett-Packard" "c:\windows\system32\hpzinw12.dll"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files\common files\microsoft shared\source engine\ose.exe"
+ "osppsvc" "Office Software Protection Platform Service (unlocalized description)" "Microsoft Corporation" "c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe"
+ "Pml Driver HPZ12" "PmlDrv Module" "Hewlett-Packard" "c:\windows\system32\hpzipm12.dll"
+ "rgsender" "The Remote Graphics Sender transmits graphics updates, audio, and USB data to an RGS Receiver. It receives and processes keyboard events, mouse events, and USB data from the Receiver." "Hewlett-Packard, Inc." "c:\program files\hewlett-packard\hp skyroom\remote graphics sender\rgsendersvc.exe"
+ "RichVideo" "RichVideo Module" "" "c:\program files\cyberlink\shared files\richvideo.exe"
+ "SQLWriter" "Provides the interface to backup/restore Microsoft SQL server through the Windows VSS infrastructure." "Microsoft Corporation" "c:\program files\microsoft sql server\90\shared\sqlwriter.exe"
+ "STacSV" "Manages audio jack configurations." "IDT, Inc." "c:\windows\system32\driverstore\filerepository\stwrt.inf_x86_neutral_1fb74af29935fce6\stacsv.exe"
+ "UNS" "Intel® Management and Security Application User Notification Service - Updates the Windows Event Log with notifications of pre defined events received from the local Intel® Management and Security Application Device." "Intel Corporation" "c:\program files\intel\intel® management engine components\uns\uns.exe"
+ "vcsFPService" "Validity Fingerprint Service" "Validity Sensors, Inc." "c:\windows\system32\vcsfpservice.exe"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "Accelerometer" "HP Accelerometer" "Hewlett-Packard Company" "c:\windows\system32\drivers\accelerometer.sys"
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "AgereSoftModem" "SoftModem Device Driver" "LSI Corporation" "c:\windows\system32\drivers\agrsm.sys"
+ "aic78xx" "Adaptec Ultra SCSI miniport" "Adaptec, Inc." "c:\windows\system32\drivers\djsvs.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows family" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbdx.sys"
+ "b57nd60x" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60x.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "btusbflt" "Widcomm Bluetooth USB Filter for Windows XP" "Broadcom Corporation." "c:\windows\system32\drivers\btusbflt.sys"
+ "btwaudio" "Bluetooth Audio Device" "Broadcom Corporation." "c:\windows\system32\drivers\btwaudio.sys"
+ "btwavdt" "Broadcom Bluetooth AVDT Service" "Broadcom Corporation." "c:\windows\system32\drivers\btwavdt.sys"
+ "btwl2cap" "Broadcom Bluetooth L2CAP Service" "Broadcom Corporation." "c:\windows\system32\drivers\btwl2cap.sys"
+ "btwrchid" "Bluetooth Remote Control HID Minidriver" "Broadcom Corporation." "c:\windows\system32\drivers\btwrchid.sys"
+ "CLBStor" "Cyberlink Storage Helper Driver (WindowsNT5.x)" "Cyberlink Co.,Ltd." "c:\windows\system32\drivers\clbstor.sys"
+ "CLBUDF" "UDF File System Driver " "CyberLink Corporation." "c:\windows\system32\drivers\clbudf.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "ctxusbm" "Citrix USB Filter Driver" "Citrix Systems, Inc." "c:\windows\system32\drivers\ctxusbm.sys"
+ "dvdfab" "DVDFab Passkey Driver - x86" "Fengtao Software Inc." "c:\windows\system32\drivers\dvdfab.sys"
+ "e1kexpress" "Intel® Gigabit Adapter NDIS 6.x driver" "Intel Corporation" "c:\windows\system32\drivers\e1k6232.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbdx.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "esgiguard" "" "" "c:\program files\enigma software group\spyhunter\esgiguard.sys"
+ "EST_BusEnum" "USB Server Bus Enumerator 32 bit Driver" " " "c:\windows\system32\drivers\genbus.sys"
+ "EST_Server" "USB Server Device 32 bit Driver" " " "c:\windows\system32\drivers\genhc.sys"
+ "FTDIBUS" "FTDIBUS USB Driver" "FTDI Ltd." "c:\windows\system32\drivers\ftdibus.sys"
+ "FTSER2K" "FTDIBUS Serial Device Driver" "FTDI Ltd." "c:\windows\system32\drivers\ftser2k.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HECI" "Intel® Management Engine Interface" "Intel Corporation" "c:\windows\system32\drivers\heci.sys"
+ "hpdskflt" "HP Disk Filter - SATA/RAID" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpdskflt.sys"
+ "HpqKbFiltr" "HpqKbFiltr Keyboard Filter Driver" "Hewlett-Packard Development Company, L.P." "c:\windows\system32\drivers\hpqkbfiltr.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStor" "Intel Matrix Storage Manager driver - ia32" "Intel Corporation" "c:\windows\system32\drivers\iastor.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - ia32" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "igfx" "Intel Graphics Kernel Mode Driver" "Intel Corporation" "c:\windows\system32\drivers\igdkmd32.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "Impcd" "Intel® Turbo Boost Technology Driver" "Intel Corporation" "c:\windows\system32\drivers\impcd.sys"
+ "IntcDAud" "Intel® Display Audio Driver" "Intel® Corporation" "c:\windows\system32\drivers\intcdaud.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "MBAMProtector" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\windows\system32\drivers\mbam.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7 for x86" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "mfeapfk" "Access Protection Filter Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfeapfk.sys"
+ "mfeavfk" "Anti-Virus File System Filter Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfeavfk.sys"
+ "mfeavfk01" "" "" "File not found: C:\windows\System32\Drivers\mfeavfk01.sys"
+ "mfebopk" "Buffer Overflow Protection Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfebopk.sys"
+ "mfehidk" "McAfee Link Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfehidk.sys"
+ "mferkdet" "McAfee Code Analysis Driver" "McAfee, Inc." "c:\windows\system32\drivers\mferkdet.sys"
+ "mfewfpk" "Anti-Virus Mini-Firewall Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfewfpk.sys"
+ "NETw5s32" "Intel® Wireless WiFi Link Driver" "Intel Corporation" "c:\windows\system32\drivers\netw5s32.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "pcouffin" "low level access layer for CD/DVD/BD devices" "VSO Software" "c:\windows\system32\drivers\pcouffin.sys"
+ "pfc" "Padus® ASPI Shell" "Padus, Inc." "c:\windows\system32\drivers\pfc.sys"
+ "pwdrvio" "" "" "c:\windows\system32\pwdrvio.sys"
+ "pwdspio" "" "" "c:\windows\system32\pwdspio.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "rimmptsk" "RICOH SD/MMC Driver" "REDC" "c:\windows\system32\drivers\rimmptsk.sys"
+ "rimspci" "RICOH MS Driver" "REDC" "c:\windows\system32\drivers\rimspe86.sys"
+ "rimsptsk" "RICOH MS Driver" "REDC" "c:\windows\system32\drivers\rimsptsk.sys"
+ "RimUsb" "BlackBerry Device Driver" "Research In Motion Limited" "c:\windows\system32\drivers\rimusb.sys"
+ "RimVSerPort" "RIM Virtual Serial Driver" "Research in Motion Ltd" "c:\windows\system32\drivers\rimserial.sys"
+ "risdpcie" "RICOH SD/MMC Driver" "REDC" "c:\windows\system32\drivers\risdpe86.sys"
+ "rismc32" "PC-SC Driver for RICOH SmartCard Reader" "RICOH Company, Ltd." "c:\windows\system32\drivers\rismc32.sys"
+ "rismxdp" "RICOH XD SM Driver" "REDC" "c:\windows\system32\drivers\rixdptsk.sys"
+ "rixdpcie" "RICOH PCIe XD Driver" "REDC" "c:\windows\system32\drivers\rixdpe86.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "Ser2pl" "USB-to-Serial Cable Driver" "Prolific Technology Inc." "c:\windows\system32\drivers\ser2pl.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "SNP2UVC" "UVC Camera Streaming Driver" "" "c:\windows\system32\drivers\snp2uvc.sys"
+ "sptd" "SCSI Pass Through Direct Host" "Duplex Secure Ltd." "c:\windows\system32\drivers\sptd.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "STHDA" "IDT PC Audio" "IDT, Inc." "c:\windows\system32\drivers\stwrt.sys"
+ "SynTP" "Synaptics Touchpad Driver" "Synaptics Incorporated" "c:\windows\system32\drivers\syntp.sys"
+ "thdudf" "TOSHIBA UDF2.5 Reader File System Driver" "TOSHIBA Corporation" "c:\windows\system32\drivers\thdudf.sys"
+ "USBAAPL" "Apple Mobile Device USB Driver" "Apple, Inc." "c:\windows\system32\drivers\usbaapl.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
+ "WRG305" "G305 device driver" "WiNRADiO Communications" "c:\windows\system32\drivers\wrg305_xp32.sys"
+ "{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}" "" "CyberLink Corp." "c:\program files\cyberlink\powerdvd8\000.fcl"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.ac3acm" "AC-3 ACM Codec" "fccHandler" "c:\windows\system32\ac3acm.acm"
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
+ "msacm.lameacm" "Lame MP3 codec engine" "http://www.mp3dev.org/" "c:\windows\system32\lameacm.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\system32\iccvid.dll"
+ "VIDC.DIVX" "DivX" "DivX, Inc." "c:\windows\system32\divx.dll"
+ "VIDC.FFDS" "" "" "c:\windows\system32\ff_vfw.dll"
+ "VIDC.XVID" "" "" "c:\windows\system32\xvidvfw.dll"
+ "VIDC.YV12" "Helix YV12 YUV Codec" "www.helixcommunity.org" "c:\windows\system32\yv12vfw.dll"
"HKLM\Software\Classes\Filter" "" "" ""
+ "LAME Audio Encoder" "LAME Audio Encoder" "" "c:\windows\system32\lame.ax"
+ "LAME Audio Encoder" "LAME Audio Encoder" "" "c:\windows\system32\lame.ax"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "AC3File" "" "" "c:\program files\k-lite codec pack\filters\ac3file.ax"
+ "AC3Filter" "ac3filter" "" "c:\program files\k-lite codec pack\filters\ac3filter.ax"
+ "Audio Destination" "WAVDest Filter (Sample)" "Microsoft Corporation" "c:\program files\google\google earth\client\wavdest.ax"
+ "Avi Source" "Avi Splitter" "Gabest" "c:\program files\k-lite codec pack\filters\avisplitter.ax"
+ "Avi Splitter" "Avi Splitter" "Gabest" "c:\program files\k-lite codec pack\filters\avisplitter.ax"
+ "Canon DES Resizer SaveMode" "CanonDESResizer" "Canon Inc." "c:\program files\canon\mdl30\canondesresizer.ax"
+ "Canon H.264 Decode Filter" "Canon H.264 Mov Filter" "Canon Inc." "c:\program files\canon\canon mov decoder170\canonh264filter.ax"
+ "Canon H.264 Encoder 1.5.0" "Canon H264 Encoder Filter" "CANON INC." "c:\program files\canon\canon mov encoder\canonh264encoder.ax"
+ "Canon Image Rotation Filter" "Canon Image Rotation Filter " "Canon Inc." "c:\program files\canon\mdp\canonrotatefilter.dll"
+ "Canon MDP Motion-JPEG Decoder" "Canon MDP Motion-JPEG Decoder Filter" "Canon Inc." "c:\program files\canon\mdp\canonmdpmjpegdecoder.ax"
+ "Canon Motion-JPEG Decoder" "Canon Motion-JPEG Decoder Filter" "Canon Inc." "c:\program files\canon\mdl30\canonmjpegdecoder.ax"
+ "Canon Motion-JPEG Encoder" "Motion-JPEG Encoder Filter" "Canon Inc." "c:\program files\canon\mdl30\canonmjpegencoder.ax"
+ "Canon Mov File Parser Filter" "Canon H.264 Mov Filter" "Canon Inc." "c:\program files\canon\canon mov decoder170\canonh264filter.ax"
+ "Canon Mov File Parser Filter2" "Canon H.264 Mov Filter" "Canon Inc." "c:\program files\canon\canon mov decoder170\canonh264filter.ax"
+ "Canon Resizer" "CanonResizer" "Canon Inc." "c:\program files\canon\mdl30\canonresizer.ax"
+ "Canon Text Source Filter" "Canon Text Source Filter" "Canon Inc." "c:\program files\canon\mdl30\canontextsourcefilter.ax"
+ "Canon WAV Dest" "CanonWavDest" "Canon Inc." "c:\program files\canon\mdl30\canonwavdest.ax"
+ "Canon-Actual-Data-Length-Setter" "CanonActualDataLengthSetter" "Canon Inc." "c:\program files\canon\mdl30\canonactualdatalengthsetter.ax"
+ "Conexant UYVY Color Format Converter" "Conexant UYVY Color Converter" "Conexant" "c:\windows\system32\uyvycnvt.ax"
+ "CoreVorbis Audio Decoder" "CoreVorbis" "-" "c:\program files\k-lite codec pack\filters\corevorbis.ax"
+ "CyberLink Audio Commercial Cut Analyzer" "CLAudCM" "Cyberlink Corp." "c:\program files\cyberlink\powerproducer\claudcm.ax"
+ "CyberLink Audio Decoder" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files\cyberlink\powerproducer\se_claud.ax"
+ "CyberLink Audio Decoder (PDVD8)" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd8\audiofilter\claud.ax"
+ "CyberLink Audio Decoder(PDVD8 UPnP)" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd8\upnp\claud.ax"
+ "CyberLink Audio Effect (PDVD8)" "CyberLink Audio Effect Filter" "CyberLink Corporation" "c:\program files\cyberlink\powerdvd8\audiofilter\claudfx.ax"
+ "CyberLink Audio Noise Reduction" "CLAuNR" "CyberLink Corp." "c:\program files\cyberlink\power2go\p2gaunrwrapper.ax"
+ "CyberLink Audio Resampler" "CLAuRsmpl.ax" "CyberLink Corp." "c:\program files\cyberlink\power2go\p2gaursmpl.ax"
+ "CyberLink Audio Spectrum Analyzer (PDVD8)" "CLAudSpa.ax" "CyberLink Corp." "c:\program files\cyberlink\powerdvd8\audiofilter\claudspa.ax"
+ "CyberLink Audio Spectrum Analyzer(HomeNetwork)" "CLAudSpa.ax" "CyberLink Corp." "c:\program files\cyberlink\powerdvd8\upnp\claudspa.ax"
+ "CyberLink Audio VolumeBooster" "CyberLink Audio Volume Booster Filter" "CyberLink Corp." "c:\program files\cyberlink\power2go\p2gvb.ax"
+ "CyberLink Audio Wizard" "CyberLink Audio Wizard Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd8\audiofilter\claudwizard.ax"
+ "CyberLink AudioCD Filter" "CyberLink AudioCD Filter" "CyberLink Corp." "c:\program files\cyberlink\power2go\p2gaudiocd.ax"
+ "CyberLink AudioCD Filter (PDVD8)" "CyberLink AudioCD Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd8\audiofilter\claudiocd.ax"
+ "CyberLink AVCHD Navigator" "CLBDROMNav" "cyberlink" "c:\program files\cyberlink\powerdvd8\navfilter\clavchdnav.ax"
+ "CyberLink Demultiplexer" "MPEG-2 Dempltiplexer" "CyberLink Corp." "c:\program files\cyberlink\powerproducer\cldemuxer.ax"
+ "CyberLink Demultiplexer(HomeNetwork)" "MPEG-2 Dempltiplexer" "CyberLink Corp." "c:\program files\cyberlink\powerdvd8\upnp\cldemuxer.ax"
+ "CyberLink Demux (PDVD8)" "MPEG-2 Dempltiplexer" "CyberLink Corp." "c:\program files\cyberlink\powerdvd8\navfilter\cldemuxer.ax"
+ "CyberLink Digest Filter (PDVD8)" "DigestFilter Dynamic Link Library" "" "c:\program files\cyberlink\powerdvd8\digestfilter.dll"
+ "Cyberlink Dump Dispatch Filter" "Cyberlink File Dump Dispatch Filter" "CyberLink Corp." "c:\program files\cyberlink\power2go\p2gdumpdispatch.ax"
+ "Cyberlink Dump Dispatch Filter" "Cyberlink File Dump Dispatch Filter" "CyberLink Corp." "c:\program files\cyberlink\powerproducer\se_cldumpdispatch.ax"
+ "Cyberlink Dump Filter" "Cyberlink File Dump Filter" "CyberLink Corp." "c:\program files\cyberlink\power2go\p2gdump.ax"
+ "CyberLink DV Buffer" "DV dump Filter" "CyberLink Corporation" "c:\program files\cyberlink\powerproducer\ppdvdump.ax"
+ "CyberLink DVD Navigator (PDVD8)" "CyberLink DVD Navigation Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd8\navfilter\clnavx.ax"
+ "CyberLink Editing Service 3.0 (Source)" "CES Kernel" "CyberLink Corp." "c:\program files\cyberlink\power2go\p2gedtkrn.dll"
+ "CyberLink Editing Service 4.5 (Source)" "CES Kernel (LT15)" "CyberLink Corp." "c:\program files\cyberlink\powerproducer\cledtkrn.dll"
+ "Cyberlink File Reader (Async.)" "Cyberlink MPEG File Reader" "CyberLink Corp." "c:\program files\cyberlink\power2go\p2greader.ax"
+ "CyberLink Frame Parser" "CLFParser" "CyberLink" "c:\program files\cyberlink\powerproducer\clfparser.ax"
+ "CyberLink H.264/AVC Decoder" "CyberLink 264 Decoder Filter" "CyberLink Corp." "c:\program files\cyberlink\powerproducer\cl264dec.ax"
+ "CyberLink HD/BD Mixer (PDVD8.0)" "CLHBMixer" " " "c:\program files\cyberlink\powerdvd8\audiofilter\clhbmixer.ax"
+ "CyberLink Line21 Decoder (PDVD8)" "CyberLink Line21 Decoder Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd8\videofilter\clline21.ax"
+ "CyberLink Load Image Filter" "CLImage (LT15)" "CyberLink" "c:\program files\cyberlink\shared files\climage.ax"
+ "CyberLink M2V Writer" "CLM2VWriter" "CyberLink" "c:\program files\cyberlink\power2go\p2gm2vwriter.ax"
+ "CyberLink MP3/WAV Wrapper" "CyberLink MP3 Wrapper" "CyberLink Corp." "c:\program files\cyberlink\power2go\p2gmp3wrap.ax"
+ "CyberLink MPEG Decoder" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files\cyberlink\power2go\p2gmvd.ax"
+ "CyberLink MPEG Muxer" "MpgMux" "CyberLink" "c:\program files\cyberlink\power2go\p2gmpgmux.ax"
+ "CyberLink MPEG Muxer" "MpgMux" "CyberLink" "c:\program files\cyberlink\powerproducer\se_mpgmux.ax"
+ "CyberLink MPEG Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd8\upnp\clsplter.ax"
+ "CyberLink MPEG Video Encoder" "CyberLink MPEG Video Encoder " "CyberLink Corp. " "c:\program files\cyberlink\power2go\p2gvidenc.ax"
+ "CyberLink MPEG-1 Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files\cyberlink\power2go\p2gm1spliter.ax"
+ "CyberLink MPEG-2 Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files\cyberlink\power2go\p2gm2spliter.ax"
+ "CyberLink MPEG-4 Muxer" "CyberLink MPEG-4 Muxer" "CyberLink Corp." "c:\program files\cyberlink\powerproducer\se_clm4muxer.ax"
+ "CyberLink MPEG-4 Muxer" "CyberLink MPEG-4 Muxer" "CyberLink Corp." "c:\program files\cyberlink\powerproducer\clm4muxer.ax"
+ "CyberLink MPEG-4 Splitter" "CyberLink MPEG-4 Splitter" "CyberLink Corp." "c:\program files\cyberlink\powerproducer\se_clm4splt.ax"
+ "CyberLink MPEG-4 Splitter" "CyberLink MPEG-4 Splitter" "CyberLink Corp." "c:\program files\cyberlink\powerproducer\clm4splt.ax"
+ "CyberLink MPEG-4 Splitter (PDVD8)" "CyberLink MPEG-4 Splitter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd8\navfilter\clm4splt.ax"
+ "CyberLink MPEGV Analyzer" "CLMPEGAnalysis" "CyberLink" "c:\program files\cyberlink\powerproducer\se_clmpegvanalyzer.ax"
+ "CyberLink MPEGV Analyzer" "CLMPEGAnalysis" "CyberLink" "c:\program files\cyberlink\powerproducer\clmpegvanalyzer.ax"
+ "CyberLink Mux Push Source" "Cyberlink push-mode file source" "Cyberlink" "c:\program files\cyberlink\powerproducer\se_clmuxpushsrc.ax"
+ "CyberLink PCM Wrapper" "CyberLink PCM Wrapper" "CyberLink Corp." "c:\program files\cyberlink\power2go\p2gpcmenc.ax"
+ "CyberLink Push-Mode CLStream" "CLStream" "CyberLink" "c:\program files\cyberlink\powerdvd8\upnp\clstream(pushmode).ax"
+ "CyberLink SBE Filter" "CLSBE" "CyberLink" "c:\program files\cyberlink\powerproducer\clsbe.ax"
+ "CyberLink SBE Source Filter" "CLSBESrc" "CyberLink" "c:\program files\cyberlink\powerproducer\clsbesrc.ax"
+ "Cyberlink Scene Detect Filter" "CLScnDt" "CyberLink" "c:\program files\cyberlink\powerproducer\ppscndt.ax"
+ "CyberLink Stamp Effect" "" "CyberLink corporate" "c:\program files\cyberlink\powerproducer\ppstampeffect.ax"
+ "Cyberlink Streamming Filter" "Cyberlink Streaming Source Filter(Scramble)" "CyberLink Corp." "c:\program files\cyberlink\powerdvd8\upnp\clstream.ax"
+ "Cyberlink Sub-Picture Filter" "Cyberlink Sub-Picture Filter" "Cyberlink" "c:\program files\cyberlink\powerproducer\clsubpic.ax"
+ "Cyberlink SubTitle Importor (PDVD8)" "CLSubTitle.ax" "CyberLink Corp." "c:\program files\cyberlink\powerdvd8\videofilter\clsubtitle.ax"
+ "CyberLink TimeStretch Filter (CES)" "CLAuTS.ax" "CyberLink Corp." "c:\program files\cyberlink\power2go\p2gauts.ax"
+ "CyberLink TimeStretch Filter (PDVD8)" "CLAuTS.ax" "CyberLink Corp." "c:\program files\cyberlink\powerdvd8\audiofilter\clauts.ax"
+ "CyberLink TL MPEG Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files\cyberlink\powerproducer\se_cltlmsplter.ax"
+ "CyberLink TL MPEG Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files\cyberlink\power2go\p2gtlmsplter.ax"
+ "Cyberlink TS Information" "CLTSInfo" "Cyberlink" "c:\program files\cyberlink\powerproducer\pptsinfo.ax"
+ "CyberLink Tzan Filter" "Cyberlink Tzan Filter" "CyberLink Corp." "c:\program files\cyberlink\powerproducer\cltzan.ax"
+ "CyberLink Tzan Filter (PDVD8)" "Cyberlink Tzan Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd8\videofilter\cltzan.ax"
+ "CyberLink UltraSpeed/SVRT Demultiplexer" "MPEG-2 Dempltiplexer" "CyberLink Corp." "c:\program files\cyberlink\powerproducer\se_cledtdemuxer.ax"
+ "CyberLink UltraSpeed/SVRT Demultiplexer" "MPEG-2 Dempltiplexer" "CyberLink Corp." "c:\program files\cyberlink\powerproducer\cledtdemuxer.ax"
+ "CyberLink Video Effect" "CLVidFx" "CyberLink" "c:\program files\cyberlink\power2go\p2gvidfx.ax"
+ "CyberLink Video Regulator" "CLRGL" "Cyberlink" "c:\program files\cyberlink\power2go\p2grgl.ax"
+ "CyberLink Video Stabilizer" "CLVideoDeShaking" "CyberLink" "c:\program files\cyberlink\power2go\p2gvideostabilizer.ax"
+ "CyberLink Video/SP Decoder (PDVD8)" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd8\videofilter\clvsd.ax"
+ "CyberLink Video/SP Decoder(HomeNetwork)" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd8\upnp\clvsd.ax"
+ "DC-Bass Source" "DirectShow™ Audio Decoder" "http://www.dsp-worx.de" "c:\program files\k-lite codec pack\filters\dcbasssource.ax"
+ "DirectVobSub" "VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth" "Gabest" "c:\program files\k-lite codec pack\filters\vsfilter.dll"
+ "DirectVobSub (auto-loading version)" "VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth" "Gabest" "c:\program files\k-lite codec pack\filters\vsfilter.dll"
+ "DispOptim Filter" "DispOptim" "Geniatech" "c:\windows\system32\dispoptim.ax"
+ "DownSize Filter" "Downsize" "Geniatech" "c:\windows\system32\downsize.ax"
+ "DSNizza" "" "" "c:\program files\hewlett-packard\hp skyroom\dsnizza.ax"
+ "ffdshow Audio Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\k-lite codec pack\ffdshow\ffdshow.ax"
+ "ffdshow Audio Processor" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\k-lite codec pack\ffdshow\ffdshow.ax"
+ "ffdshow raw video filter" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\k-lite codec pack\ffdshow\ffdshow.ax"
+ "ffdshow subtitles filter" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\k-lite codec pack\ffdshow\ffdshow.ax"
+ "ffdshow Video Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\k-lite codec pack\ffdshow\ffdshow.ax"
+ "File Source (Monkey Audio)" "" "" "c:\program files\k-lite codec pack\filters\monkeysource.ax"
+ "FLV Source" "FLV Splitter" "Gabest" "c:\program files\k-lite codec pack\filters\flvsplitter.ax"
+ "FLV Splitter" "FLV Splitter" "Gabest" "c:\program files\k-lite codec pack\filters\flvsplitter.ax"
+ "FLV4 Video Decoder" "FLV Splitter" "Gabest" "c:\program files\k-lite codec pack\filters\flvsplitter.ax"
+ "Haali Matroska Muxer" "Haali Media Splitter" "" "c:\program files\k-lite codec pack\filters\haali\splitter.ax"
+ "Haali Media Splitter" "Haali Media Splitter" "" "c:\program files\k-lite codec pack\filters\haali\splitter.ax"
+ "Haali Media Splitter (AR)" "Haali Media Splitter" "" "c:\program files\k-lite codec pack\filters\haali\splitter.ax"
+ "Haali Simple Media Splitter" "Haali Media Splitter" "" "c:\program files\k-lite codec pack\filters\haali\splitter.ax"
+ "Haali Video Renderer" "" "" "c:\program files\k-lite codec pack\filters\haali\dxr.dll"
+ "Haali Video Sink" "Haali Media Splitter" "" "c:\program files\k-lite codec pack\filters\haali\splitter.ax"
+ "honestech Deinterlacer" "deinterlace filter" "honest Technology" "c:\windows\system32\htdeinterlacer.ax"
+ "honestech Mpeg1/2 Recorder Filter" "htmpeg2enc.ax" "Honest Technology" "c:\windows\system32\htmpeg2enc.ax"
+ "Honestech Video Invert Filter" "ht_invert.ax" "honest technology" "c:\windows\system32\ht_invert.ax"
+ "HT File Source (Async)" "Honestech Async Filter" "Honest Technology" "c:\windows\system32\htfileasync.ax"
+ "HT MPEG Audio Decoder" "HT MPEG Audio Decoder" "Honest Technology " "c:\windows\system32\htmpegad.ax"
+ "HT MPEG TimeShift" "HT MPEG TimeShift Filter" "Honest Technology" "c:\windows\system32\htmpegtimeshift.ax"
+ "HT MPEG Video Decoder" "HT MPEG Video Decoder " "Honest Technology" "c:\windows\system32\htmpegvd.ax"
+ "LAME Audio Encoder" "LAME Audio Encoder" "" "c:\windows\system32\lame.ax"
+ "Ligos Audio Decoder Filter" "Ligos MPEG Audio Decoder" "Ligos Corporation" "c:\program files\sonic\mydvd\lmpgad.ax"
+ "Ligos MPEG Splitter" "Ligos MPEG Splitter" "Ligos Corporation" "c:\program files\sonic\mydvd\lmpgspl.ax"
+ "Ligos MPEG Video Decoder" "Ligos MPEG Video Decoder" "Ligos Corporation" "c:\program files\sonic\mydvd\lmpgvd.ax"
+ "madFlac Decoder" "DirectShow FLAC Decoder" "www.madshi.net" "c:\program files\k-lite codec pack\filters\madflac.ax"
+ "madFlac Source" "DirectShow FLAC Decoder" "www.madshi.net" "c:\program files\k-lite codec pack\filters\madflac.ax"
+ "Microcrap MPEG-4 Video Decompressor" "Microcrap MPEG-4 Video Decompressor" "Microcrap Corporation" "c:\windows\system32\mpg4ds32.ax"
+ "MONOGRAM AMR Decoder" "AMR Filter Pack" "MONOGRAM Multimedia, s.r.o." "c:\program files\k-lite codec pack\filters\mmamr.ax"
+ "MONOGRAM AMR Encoder" "AMR Filter Pack" "MONOGRAM Multimedia, s.r.o." "c:\program files\k-lite codec pack\filters\mmamr.ax"
+ "MONOGRAM AMR Mux" "AMR Filter Pack" "MONOGRAM Multimedia, s.r.o." "c:\program files\k-lite codec pack\filters\mmamr.ax"
+ "MONOGRAM AMR Splitter" "AMR Filter Pack" "MONOGRAM Multimedia, s.r.o." "c:\program files\k-lite codec pack\filters\mmamr.ax"
+ "MONOGRAM Musepack Decoder" "mmmpcdec" "" "c:\program files\k-lite codec pack\filters\mmmpcdec.ax"
+ "MONOGRAM Musepack Splitter" "mmmpcdmx" "" "c:\program files\k-lite codec pack\filters\mmmpcdmx.ax"
+ "MP4 Source" "MP4 Splitter" "Gabest" "c:\program files\k-lite codec pack\filters\mp4splitter.ax"
+ "MP4 Splitter" "MP4 Splitter" "Gabest" "c:\program files\k-lite codec pack\filters\mp4splitter.ax"
+ "MPEG4 Video Source" "MP4 Splitter" "Gabest" "c:\program files\k-lite codec pack\filters\mp4splitter.ax"
+ "MPEG4 Video Splitter" "MP4 Splitter" "Gabest" "c:\program files\k-lite codec pack\filters\mp4splitter.ax"
+ "MyGetImage Filter" "Minimal Null Filter (Sample)" "MyCompanyName" "c:\windows\system32\snap.ax"
+ "Nero Audio Source" "Nero Library" "Nero AG" "c:\program files\common files\ahead\dsfilter\nerender.ax"
+ "Nero Audio Stream Renderer" "Nero Library" "Nero AG" "c:\program files\common files\ahead\dsfilter\nerender.ax"
+ "Nero Audio Stream Renderer" "Nero Library" "Nero AG" "c:\program files\common files\ahead\dsfilter\nerender.ax"
+ "Nero Digital Audio Decoder" "Nero Digital Audio Decoding Filter" "Ahead Software AG and its licensors" "c:\program files\common files\ahead\dsfilter\neaudio.ax"
+ "Nero File Source" "Nero SVCD source filter" "Nero AG " "c:\program files\common files\ahead\dsfilter\nefilesrc.ax"
+ "Nero Video Decoder" "" "Ahead Software AG
Karlsbad
Germany
Phone: ++49-7248-911-800
Fax: ++49-7248-911-888
E-Mail: info@nero.com" "c:\program files\common files\ahead\dsfilter\nevideo.ax"
+ "Nero Video Source" "Nero Library" "Nero AG" "c:\program files\common files\ahead\dsfilter\nerender.ax"
+ "P2G Audio Decoder" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files\cyberlink\power2go\p2gaud.ax"
+ "P2G Audio Encoder" "CyberLink Audio Encoder Filter" "Cyberlink Corp." "c:\program files\cyberlink\power2go\p2gaudenc.ax"
+ "P2G Video Decoder" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files\cyberlink\power2go\p2gvsd.ax"
+ "P2G Video Regulator" "CyberLink Video Regulator" "CyberLink" "c:\program files\cyberlink\power2go\p2gresample.ax"
+ "PowerProducer Double Tee" "Cyberlink Double Tee Filter" "CtberLink Corporation" "c:\program files\cyberlink\powerproducer\ppdoubletee.ax"
+ "PP Audio Decoder" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files\cyberlink\powerproducer\claud.ax"
+ "PP Audio Effect" "CyberLink Audio Effect Filter" "CyberLink Corporation" "c:\program files\cyberlink\powerproducer\claudfx.ax"
+ "PP Audio Encoder" "CyberLink Audio Encoder Filter" "Cyberlink Corp." "c:\program files\cyberlink\powerproducer\claudenc.ax"
+ "PP Audio Noise Reduction (CES)" "CLAuNR" "CyberLink Corp." "c:\program files\cyberlink\powerproducer\claunrwrapper.ax"
+ "PP Audio Resampler" "CLAuRsmpl.ax" "CyberLink Corp." "c:\program files\cyberlink\powerproducer\ppaursmpl.ax"
+ "PP Byte Counter" "PP Byte Counter" "CyberLink Corporation" "c:\program files\cyberlink\powerproducer\ppbytecounter.ax"
+ "PP DDR" "PP DDR" "CyberLink Corp." "c:\program files\cyberlink\powerproducer\pprender.ax"
+ "PP Dump Dispatch Filter" "Cyberlink File Dump Dispatch Filter" "CyberLink Corp." "c:\program files\cyberlink\powerproducer\cldumpdispatch.ax"
+ "PP Dump Filter" "Cyberlink File Dump Filter" "CyberLink Corp." "c:\program files\cyberlink\powerproducer\cldump.ax"
+ "PP DV Buffer" "CLDVBuffer Filter" "CyberLink" "c:\program files\cyberlink\powerproducer\ppdvbuffer.ax"
+ "PP DV Dump Filter" "DV dump Filter" "CyberLink Corporation" "c:\program files\cyberlink\powerproducer\ppdvdump.ax"
+ "PP DV TCR" "DVTCR" "CyberLink" "c:\program files\cyberlink\powerproducer\ppdvtcr.ax"
+ "PP File Reader (Async.)" "Cyberlink MPEG File Reader" "CyberLink Corp." "c:\program files\cyberlink\powerproducer\ppreader.ax"
+ "PP Gate Filter" "CLGate" "CyberLink" "c:\program files\cyberlink\powerproducer\ppgate.ax"
+ "PP IDM" "idmf" "Cyberlink" "c:\program files\cyberlink\powerproducer\ppidmf.ax"
+ "PP M2V Writer" "CLM2VWriter" "CyberLink" "c:\program files\cyberlink\powerproducer\ppm2vwriter.ax"
+ "PP MPEG Muxer" "MpgMux" "CyberLink" "c:\program files\cyberlink\powerproducer\mpgmux.ax"
+ "PP MPEG Splitter" "PP MPEG Splitter" "CyberLink Corp." "c:\program files\cyberlink\powerproducer\ppsplter.ax"
+ "PP MPEG Video Encoder" "CyberLink MPEG Video Encoder " "CyberLink Corp. " "c:\program files\cyberlink\powerproducer\clvidenc.ax"
+ "PP PCM Wrapper" "PP PCM Wrapper" "CyberLink Corp." "c:\program files\cyberlink\powerproducer\pppcmenc.ax"
+ "PP Snapshot Filter" "CLSnapShot Filter" "CyberLink" "c:\program files\cyberlink\powerproducer\ppsnapshot.ax"
+ "PP SnapShotTIP Filter" "CLSShot" "CyberLink" "c:\program files\cyberlink\powerproducer\ppsshot.ax"
+ "PP TimeStretch Filter (CES)" "CLAuTS.ax" "CyberLink Corp." "c:\program files\cyberlink\powerproducer\clauts.ax"
+ "PP TL MPEG Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files\cyberlink\powerproducer\cltlmsplter.ax"
+ "PP TV Audio Decoder" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files\cyberlink\powerproducer\claudtv.ax"
+ "PP Video Decoder" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files\cyberlink\powerproducer\ppgenericvsd.ax"
+ "PP Video Effect" "CLVidFx" "CyberLink" "c:\program files\cyberlink\powerproducer\ppvidfx.ax"
+ "PP Video Regulator" "CyberLink Video Regulator" "CyberLink" "c:\program files\cyberlink\powerproducer\ppresample.ax"
+ "PP Video Regulator" "Video Regulator" "Cyberlink" "c:\program files\cyberlink\powerproducer\clrgl.ax"
+ "PP WAV Dest" "CLWavDest" "CyberLink" "c:\program files\cyberlink\powerproducer\ppwavdest.ax"
+ "PP YUY2 Deinterlace" "DitlYuY2" "CyberLink" "c:\program files\cyberlink\powerproducer\ppditlyuy2.ax"
+ "PP YUY2 Sub-Sampling" "SubYUY2 Filter" "CyberLink Corp." "c:\program files\cyberlink\powerproducer\ppsubyuy2.ax"
+ "psWav Dest" "Canon Utilities Support Library" "Canon Inc." "c:\program files\canon\zoombrowser ex mcu\pswavdes.ax"
+ "T" "VP6 Decompression Filter" "On2.com Inc." "c:\program files\k-lite codec pack\filters\vp6dec.ax"
+ "T" "VP7 Decompression Filter" "On2.com Inc." "c:\program files\k-lite codec pack\filters\vp7dec.ax"
+ "Text Mixer Filter" "Text Mixer Filter" "Sonic Solutions" "c:\program files\hewlett-packard\hp webcam app\textmixer.ax"
+ "Time Regulator" "TimeRegulator" "cyberlink" "c:\program files\cyberlink\powerproducer\avi_audtr.ax"
+ "TOP10Disp Filter" "Minimal Null Filter (Sample)" "MyCompanyName" "c:\windows\system32\top10disp.ax"
+ "WAV Dest" "SONICWavDest" "Sonic Solutions" "c:\program files\hewlett-packard\hp webcam app\sonicwavdest.ax"
+ "WavPack Audio Decoder" "WavPack Audio DirectShow Decoder" "-" "c:\program files\k-lite codec pack\filters\wavpackdsdecoder.ax"
+ "WavPack Audio Splitter" "WavPack Audio DirectShow Splitter" "-" "c:\program files\k-lite codec pack\filters\wavpackdssplitter.ax"
+ "Xvid MPEG-4 Video Decoder" "" "" "c:\windows\system32\xvid.ax"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" "" "" ""
+ "BtwCredentialProvider" "BtwCP DLL" "Broadcom Corporation." "c:\program files\widcomm\bluetooth software\btwcp.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "igfxcui" "igfxdev Module" "Intel Corporation" "c:\windows\system32\igfxdev.dll"
+ "ScCertProp" "" "" "File not found: wlnotify.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "CPCA Language Monitor3" "Canon CP Language Monitor 3" "Canon Inc." "c:\windows\system32\cnas0mmk.dll"
+ "eDocPDF" "eDocPDF Port Monitor" "ITEKSOFT Corporation" "c:\windows\system32\epdfmon.dll"
+ "HP LaserJet P1006 Language Monitor" "HP LaserJet P1006 Language Monitor" "Software 2000 Limited" "c:\windows\system32\hp1006lm.dll"
+ "HP Standard TCP/IP Port" "Standard TCP/IP Port Monitor DLL" "Hewlett Packard" "c:\windows\system32\hptcpmon.dll"
+ "HPPMOPJL" "Language Monitor for USB composite devices" "Hewlett-Packard Company" "c:\windows\system32\hppmopjl.dll"
+ "Network Print Port" "Driver DLL" "" "c:\program files\network print monitor\driver.dll"
+ "PDF Port" "Acrobat ® PDF Port" "Adobe Systems Incorporated." "c:\windows\system32\pdfports.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order" "" "" ""
+ "PnSson" "Citrix Single Sign-on" "Citrix Systems, Inc." "c:\program files\citrix\ica client\pnsson.dll"

#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:13 PM

Posted 30 September 2012 - 09:51 PM

Now run RKILL given in previous instructions and post the new log

Please run ESET scanner and malwarebytes in NORMAL MODE and post the log

Edited by narenxp, 02 October 2012 - 02:02 AM.


#14 comalco2000

comalco2000
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:06:13 AM

Posted 01 October 2012 - 06:08 PM

Rogue Killer loads, starts to run, and gets to "loading.....drivers" then pauses there for some time.
Finally it becomes BSOD. It never finishes initialising to get to the point where the SCAN button can be selected......

I have tried three times, same result at same point each time..............

#15 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:13 PM

Posted 01 October 2012 - 09:56 PM

Can you try it in safemode ?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users