Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

i have LIVE SECURITY PLATINUM


  • Please log in to reply
14 replies to this topic

#1 sugardaddy5

sugardaddy5

  • Members
  • 59 posts
  • OFFLINE
  •  
  • Local time:05:57 AM

Posted 07 September 2012 - 05:58 AM

ran malware scan and it detected 9 issues

Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.07.27.01

Windows Vista Service Pack 2 x86 NTFS (Safe Mode/Networking)
Internet Explorer 9.0.8112.16421
sugar :: SUGAR-PC [administrator]

9/6/2012 6:05:52 PM
mbam-log-2012-09-06 (18-05-52).txt

Scan type: Full scan (C:\|D:\|E:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 512029
Time elapsed: 1 hour(s), 49 minute(s), 42 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 1
HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Live Security Platinum (Rogue.LiveSecurityPlatinum) -> Quarantined and deleted successfully.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 3
HKLM\SOFTWARE\Microsoft\Security Center|AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully.
HKLM\SOFTWARE\Microsoft\Security Center|FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully.
HKLM\SOFTWARE\Microsoft\Security Center|UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully.

Folders Detected: 1
C:\Users\sugar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Live Security Platinum (Rogue.LiveSecurityPlatinum) -> Quarantined and deleted successfully.

Files Detected: 4
C:\$RECYCLE.BIN\S-1-5-21-3005992783-1946599689-2613399311-1001\$58a6e2409199ffdcad1021869116bd6b\U\00000004.@ (Rootkit.Zaccess) -> Quarantined and deleted successfully.
C:\$RECYCLE.BIN\S-1-5-21-3005992783-1946599689-2613399311-1001\$58a6e2409199ffdcad1021869116bd6b\U\00000008.@ (Trojan.Dropper.BCMiner) -> Quarantined and deleted successfully.
C:\Users\sugar\Desktop\Live Security Platinum.lnk (Rogue.LiveSecurityPlatinum) -> Quarantined and deleted successfully.
C:\Users\sugar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Live Security Platinum\Live Security Platinum.lnk (Rogue.LiveSecurityPlatinum) -> Quarantined and deleted successfully.

(end)

rebooted and LSP was still on my computer
Thank you kindly

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:57 AM

Posted 07 September 2012 - 08:08 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 sugardaddy5

sugardaddy5
  • Topic Starter

  • Members
  • 59 posts
  • OFFLINE
  •  
  • Local time:05:57 AM

Posted 09 September 2012 - 10:03 AM

tds log.nothing detected
09:12:00.0293 0576 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
09:12:00.0574 0576 ============================================================
09:12:00.0574 0576 Current date / time: 2012/09/09 09:12:00.0574
09:12:00.0574 0576 SystemInfo:
09:12:00.0574 0576
09:12:00.0574 0576 OS Version: 6.0.6002 ServicePack: 2.0
09:12:00.0574 0576 Product type: Workstation
09:12:00.0574 0576 ComputerName: SUGAR-PC
09:12:00.0574 0576 UserName: sugar
09:12:00.0574 0576 Windows directory: C:\Windows
09:12:00.0574 0576 System windows directory: C:\Windows
09:12:00.0574 0576 Processor architecture: Intel x86
09:12:00.0574 0576 Number of processors: 4
09:12:00.0574 0576 Page size: 0x1000
09:12:00.0574 0576 Boot type: Safe boot with network
09:12:00.0574 0576 ============================================================
09:12:02.0103 0576 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
09:12:02.0118 0576 Drive \Device\Harddisk1\DR1 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
09:12:02.0134 0576 ============================================================
09:12:02.0134 0576 \Device\Harddisk0\DR0:
09:12:02.0134 0576 MBR partitions:
09:12:02.0134 0576 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x24215625
09:12:02.0134 0576 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x24215664, BlocksNum 0x121805D
09:12:02.0134 0576 \Device\Harddisk1\DR1:
09:12:02.0134 0576 MBR partitions:
09:12:02.0134 0576 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x2542D682
09:12:02.0134 0576 ============================================================
09:12:02.0134 0576 C: <-> \Device\Harddisk0\DR0\Partition1
09:12:02.0181 0576 D: <-> \Device\Harddisk0\DR0\Partition2
09:12:02.0212 0576 E: <-> \Device\Harddisk1\DR1\Partition1
09:12:02.0212 0576 ============================================================
09:12:02.0212 0576 Initialize success
09:12:02.0212 0576 ============================================================
09:12:19.0668 1376 ============================================================
09:12:19.0668 1376 Scan started
09:12:19.0668 1376 Mode: Manual; TDLFS;
09:12:19.0668 1376 ============================================================
09:12:20.0323 1376 ================ Scan system memory ========================
09:12:20.0323 1376 System memory - ok
09:12:20.0323 1376 ================ Scan services =============================
09:12:20.0511 1376 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
09:12:20.0511 1376 ACPI - ok
09:12:20.0604 1376 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
09:12:20.0604 1376 AdobeARMservice - ok
09:12:20.0698 1376 [ B2B64AF436FACCFA854DD397027C5360 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
09:12:20.0698 1376 AdobeFlashPlayerUpdateSvc - ok
09:12:20.0745 1376 [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
09:12:20.0745 1376 adp94xx - ok
09:12:20.0776 1376 [ B84088CA3CDCA97DA44A984C6CE1CCAD ] adpahci C:\Windows\system32\drivers\adpahci.sys
09:12:20.0776 1376 adpahci - ok
09:12:20.0807 1376 [ 7880C67BCCC27C86FD05AA2AFB5EA469 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
09:12:20.0807 1376 adpu160m - ok
09:12:20.0838 1376 [ 9AE713F8E30EFC2ABCCD84904333DF4D ] adpu320 C:\Windows\system32\drivers\adpu320.sys
09:12:20.0838 1376 adpu320 - ok
09:12:20.0869 1376 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
09:12:20.0869 1376 AeLookupSvc - ok
09:12:20.0916 1376 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
09:12:20.0916 1376 AFD - ok
09:12:20.0947 1376 [ EF23439CDD587F64C2C1B8825CEAD7D8 ] agp440 C:\Windows\system32\drivers\agp440.sys
09:12:20.0947 1376 agp440 - ok
09:12:20.0979 1376 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
09:12:20.0979 1376 aic78xx - ok
09:12:21.0041 1376 [ C86D177967D27C80E466D4ED95C26DB9 ] AlertService C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
09:12:21.0057 1376 AlertService - ok
09:12:21.0088 1376 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
09:12:21.0088 1376 ALG - ok
09:12:21.0103 1376 [ 90395B64600EBB4552E26E178C94B2E4 ] aliide C:\Windows\system32\drivers\aliide.sys
09:12:21.0103 1376 aliide - ok
09:12:21.0135 1376 [ 2B13E304C9DFDFA5EB582F6A149FA2C7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
09:12:21.0135 1376 amdagp - ok
09:12:21.0150 1376 [ 0577DF1D323FE75A739C787893D300EA ] amdide C:\Windows\system32\drivers\amdide.sys
09:12:21.0150 1376 amdide - ok
09:12:21.0181 1376 [ DC487885BCEF9F28EECE6FAC0E5DDFC5 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
09:12:21.0181 1376 AmdK7 - ok
09:12:21.0197 1376 [ 0CA0071DA4315B00FC1328CA86B425DA ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
09:12:21.0197 1376 AmdK8 - ok
09:12:21.0228 1376 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
09:12:21.0228 1376 Appinfo - ok
09:12:21.0275 1376 [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
09:12:21.0275 1376 Apple Mobile Device - ok
09:12:21.0306 1376 [ 5F673180268BB1FDB69C99B6619FE379 ] arc C:\Windows\system32\drivers\arc.sys
09:12:21.0306 1376 arc - ok
09:12:21.0337 1376 [ 957F7540B5E7F602E44648C7DE5A1C05 ] arcsas C:\Windows\system32\drivers\arcsas.sys
09:12:21.0353 1376 arcsas - ok
09:12:21.0431 1376 [ 40C145F12FF461A0220303BDA134F598 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
09:12:21.0462 1376 aspnet_state - ok
09:12:21.0493 1376 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
09:12:21.0493 1376 AsyncMac - ok
09:12:21.0525 1376 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys
09:12:21.0525 1376 atapi - ok
09:12:21.0603 1376 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
09:12:21.0603 1376 AudioEndpointBuilder - ok
09:12:21.0618 1376 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
09:12:21.0618 1376 Audiosrv - ok
09:12:21.0649 1376 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
09:12:21.0649 1376 Beep - ok
09:12:21.0696 1376 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
09:12:21.0696 1376 BFE - ok
09:12:21.0712 1376 blbdrive - ok
09:12:21.0727 1376 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
09:12:21.0727 1376 bowser - ok
09:12:21.0774 1376 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
09:12:21.0774 1376 BrFiltLo - ok
09:12:21.0790 1376 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
09:12:21.0790 1376 BrFiltUp - ok
09:12:21.0805 1376 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
09:12:21.0821 1376 Browser - ok
09:12:21.0837 1376 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
09:12:21.0852 1376 Brserid - ok
09:12:21.0868 1376 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
09:12:21.0868 1376 BrSerWdm - ok
09:12:21.0868 1376 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
09:12:21.0868 1376 BrUsbMdm - ok
09:12:21.0883 1376 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
09:12:21.0883 1376 BrUsbSer - ok
09:12:21.0915 1376 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
09:12:21.0915 1376 BTHMODEM - ok
09:12:21.0961 1376 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
09:12:21.0961 1376 cdfs - ok
09:12:21.0993 1376 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
09:12:21.0993 1376 cdrom - ok
09:12:22.0055 1376 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
09:12:22.0055 1376 CertPropSvc - ok
09:12:22.0055 1376 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\DRIVERS\circlass.sys
09:12:22.0071 1376 circlass - ok
09:12:22.0117 1376 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
09:12:22.0117 1376 CLFS - ok
09:12:22.0149 1376 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:12:22.0227 1376 clr_optimization_v2.0.50727_32 - ok
09:12:22.0351 1376 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:12:22.0414 1376 clr_optimization_v4.0.30319_32 - ok
09:12:22.0461 1376 [ 45201046C776FFDAF3FC8A0029C581C8 ] cmdide C:\Windows\system32\drivers\cmdide.sys
09:12:22.0461 1376 cmdide - ok
09:12:22.0476 1376 [ 82B8C91D327CFECF76CB58716F7D4997 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
09:12:22.0476 1376 Compbatt - ok
09:12:22.0492 1376 COMSysApp - ok
09:12:22.0507 1376 [ 2A213AE086BBEC5E937553C7D9A2B22C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
09:12:22.0507 1376 crcdisk - ok
09:12:22.0523 1376 [ 22A7F883508176489F559EE745B5BF5D ] Crusoe C:\Windows\system32\drivers\crusoe.sys
09:12:22.0539 1376 Crusoe - ok
09:12:22.0570 1376 [ 75C6A297E364014840B48ECCD7525E30 ] CryptSvc C:\Windows\system32\cryptsvc.dll
09:12:22.0570 1376 CryptSvc - ok
09:12:22.0617 1376 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
09:12:22.0632 1376 DcomLaunch - ok
09:12:22.0679 1376 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
09:12:22.0679 1376 DfsC - ok
09:12:22.0773 1376 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
09:12:22.0804 1376 DFSR - ok
09:12:22.0835 1376 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
09:12:22.0851 1376 Dhcp - ok
09:12:22.0913 1376 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
09:12:22.0913 1376 disk - ok
09:12:22.0929 1376 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
09:12:22.0929 1376 Dnscache - ok
09:12:22.0991 1376 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
09:12:22.0991 1376 dot3svc - ok
09:12:23.0007 1376 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
09:12:23.0022 1376 DPS - ok
09:12:23.0053 1376 [ A0B584C33F55545D56F9E71FB4E203AC ] DQLWinService C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
09:12:23.0053 1376 DQLWinService - ok
09:12:23.0069 1376 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
09:12:23.0069 1376 drmkaud - ok
09:12:23.0116 1376 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
09:12:23.0131 1376 DXGKrnl - ok
09:12:23.0163 1376 [ 04944F4FC4F0477185F5D26AE0DDB90E ] e1express C:\Windows\system32\DRIVERS\e1e6032.sys
09:12:23.0163 1376 e1express - ok
09:12:23.0209 1376 [ F88FB26547FD2CE6D0A5AF2985892C48 ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
09:12:23.0209 1376 E1G60 - ok
09:12:23.0241 1376 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
09:12:23.0241 1376 EapHost - ok
09:12:23.0303 1376 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
09:12:23.0303 1376 Ecache - ok
09:12:23.0334 1376 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
09:12:23.0334 1376 ehRecvr - ok
09:12:23.0365 1376 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
09:12:23.0365 1376 ehSched - ok
09:12:23.0365 1376 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
09:12:23.0365 1376 ehstart - ok
09:12:23.0397 1376 [ E8F3F21A71720C84BCF423B80028359F ] elxstor C:\Windows\system32\drivers\elxstor.sys
09:12:23.0412 1376 elxstor - ok
09:12:23.0459 1376 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
09:12:23.0475 1376 EMDMgmt - ok
09:12:23.0521 1376 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
09:12:23.0521 1376 EventSystem - ok
09:12:23.0568 1376 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
09:12:23.0568 1376 exfat - ok
09:12:23.0599 1376 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
09:12:23.0599 1376 fastfat - ok
09:12:23.0615 1376 [ 63BDADA84951B9C03E641800E176898A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
09:12:23.0615 1376 fdc - ok
09:12:23.0646 1376 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
09:12:23.0646 1376 fdPHost - ok
09:12:23.0662 1376 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
09:12:23.0662 1376 FDResPub - ok
09:12:23.0693 1376 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
09:12:23.0693 1376 FileInfo - ok
09:12:23.0724 1376 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
09:12:23.0724 1376 Filetrace - ok
09:12:23.0740 1376 [ 6603957EFF5EC62D25075EA8AC27DE68 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
09:12:23.0740 1376 flpydisk - ok
09:12:23.0802 1376 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
09:12:23.0802 1376 FltMgr - ok
09:12:24.0083 1376 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
09:12:24.0333 1376 FontCache - ok
09:12:24.0504 1376 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
09:12:24.0535 1376 FontCache3.0.0.0 - ok
09:12:24.0613 1376 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
09:12:24.0629 1376 Fs_Rec - ok
09:12:24.0660 1376 [ 4E1CD0A45C50A8882616CAE5BF82F3C5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
09:12:24.0676 1376 gagp30kx - ok
09:12:24.0754 1376 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
09:12:24.0754 1376 GEARAspiWDM - ok
09:12:24.0972 1376 [ 9F5F2F0FB0A7F5AA9F16B9A7B6DAD89F ] GoogleDesktopManager-051210-111108 C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
09:12:24.0988 1376 GoogleDesktopManager-051210-111108 - ok
09:12:25.0175 1376 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
09:12:25.0315 1376 gpsvc - ok
09:12:25.0518 1376 [ 626A24ED1228580B9518C01930936DF9 ] gupdate1ca423b50b1320 C:\Program Files\Google\Update\GoogleUpdate.exe
09:12:25.0581 1376 gupdate1ca423b50b1320 - ok
09:12:25.0643 1376 [ 626A24ED1228580B9518C01930936DF9 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
09:12:25.0643 1376 gupdatem - ok
09:12:25.0799 1376 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
09:12:25.0830 1376 gusvc - ok
09:12:26.0127 1376 [ E73B3865F5BCE5B445D18EF39380844A ] HCW85BDA C:\Windows\system32\drivers\HCW85BDA.sys
09:12:26.0345 1376 HCW85BDA - ok
09:12:26.0470 1376 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
09:12:26.0548 1376 HdAudAddService - ok
09:12:26.0673 1376 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
09:12:26.0782 1376 HDAudBus - ok
09:12:26.0829 1376 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
09:12:26.0844 1376 HidBth - ok
09:12:26.0891 1376 [ D8DF3722D5E961BAA1292AA2F12827E2 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
09:12:26.0891 1376 HidIr - ok
09:12:26.0969 1376 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\System32\hidserv.dll
09:12:26.0985 1376 hidserv - ok
09:12:27.0078 1376 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
09:12:27.0094 1376 HidUsb - ok
09:12:27.0156 1376 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
09:12:27.0203 1376 hkmsvc - ok
09:12:27.0421 1376 [ 89F9E1984C1CD9E5F4FE39642D886E11 ] HP Health Check Service c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
09:12:27.0484 1376 HP Health Check Service - ok
09:12:27.0671 1376 [ DEB82AF183F1CD06813D91ED104C645C ] HPBtnSrv c:\hp\HPEZBTN\HPBtnSrv.exe
09:12:27.0765 1376 HPBtnSrv - ok
09:12:27.0827 1376 [ DF353B401001246853763C4B7AAA6F50 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
09:12:27.0843 1376 HpCISSs - ok
09:12:27.0905 1376 [ 88749FBF8BEB18C90E7D6626C8C1910B ] HSF_DP C:\Windows\system32\DRIVERS\HSX_DP.sys
09:12:27.0936 1376 HSF_DP - ok
09:12:27.0983 1376 [ FE440536BD98AF772130DC3A6FE1915F ] HSXHWBS2 C:\Windows\system32\DRIVERS\HSXHWBS2.sys
09:12:27.0983 1376 HSXHWBS2 - ok
09:12:28.0014 1376 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys
09:12:28.0030 1376 HTTP - ok
09:12:28.0045 1376 [ 324C2152FF2C61ABAE92D09F3CCA4D63 ] i2omp C:\Windows\system32\drivers\i2omp.sys
09:12:28.0045 1376 i2omp - ok
09:12:28.0077 1376 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
09:12:28.0092 1376 i8042prt - ok
09:12:28.0108 1376 [ C957BF4B5D80B46C5017BF0101E6C906 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
09:12:28.0108 1376 iaStorV - ok
09:12:28.0170 1376 [ 6F95324909B502E2651442C1548AB12F ] IDriverT c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
09:12:28.0186 1376 IDriverT - ok
09:12:28.0264 1376 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
09:12:28.0295 1376 idsvc - ok
09:12:28.0326 1376 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
09:12:28.0326 1376 iirsp - ok
09:12:28.0389 1376 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
09:12:28.0389 1376 IKEEXT - ok
09:12:28.0451 1376 [ EDC37B918E583A5A813C53D4F5588255 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
09:12:28.0498 1376 IntcAzAudAddService - ok
09:12:28.0545 1376 [ CE5AF42679DD85947D2D287594F22CE0 ] IntelDHSvcConf C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe
09:12:28.0545 1376 IntelDHSvcConf - ok
09:12:28.0591 1376 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\DRIVERS\intelide.sys
09:12:28.0591 1376 intelide - ok
09:12:28.0623 1376 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
09:12:28.0623 1376 intelppm - ok
09:12:28.0654 1376 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
09:12:28.0701 1376 IPBusEnum - ok
09:12:28.0747 1376 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:12:28.0747 1376 IpFilterDriver - ok
09:12:28.0825 1376 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
09:12:28.0825 1376 iphlpsvc - ok
09:12:28.0841 1376 IpInIp - ok
09:12:28.0857 1376 [ 40F34F8ABA2A015D780E4B09138B6C17 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
09:12:28.0857 1376 IPMIDRV - ok
09:12:28.0919 1376 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
09:12:28.0919 1376 IPNAT - ok
09:12:28.0997 1376 [ 57EDB35EA2FECA88F8B17C0C095C9A56 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
09:12:29.0028 1376 iPod Service - ok
09:12:29.0044 1376 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
09:12:29.0044 1376 IRENUM - ok
09:12:29.0075 1376 [ 350FCA7E73CF65BCEF43FAE1E4E91293 ] isapnp C:\Windows\system32\drivers\isapnp.sys
09:12:29.0075 1376 isapnp - ok
09:12:29.0106 1376 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
09:12:29.0106 1376 iScsiPrt - ok
09:12:29.0169 1376 [ E29BA28F76C5A703E7F30F74CF36DF22 ] ISSM C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
09:12:29.0169 1376 ISSM - ok
09:12:29.0184 1376 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
09:12:29.0184 1376 iteatapi - ok
09:12:29.0215 1376 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
09:12:29.0215 1376 iteraid - ok
09:12:29.0231 1376 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
09:12:29.0231 1376 kbdclass - ok
09:12:29.0278 1376 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
09:12:29.0278 1376 kbdhid - ok
09:12:29.0293 1376 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
09:12:29.0293 1376 KeyIso - ok
09:12:29.0325 1376 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
09:12:29.0325 1376 KSecDD - ok
09:12:29.0371 1376 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
09:12:29.0387 1376 KtmRm - ok
09:12:29.0403 1376 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\System32\srvsvc.dll
09:12:29.0403 1376 LanmanServer - ok
09:12:29.0465 1376 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:12:29.0465 1376 LanmanWorkstation - ok
09:12:29.0496 1376 [ 683A07B982832426128B684B7366710F ] LightScribeService c:\Program Files\Common Files\LightScribe\LSSrvc.exe
09:12:29.0496 1376 LightScribeService - ok
09:12:29.0512 1376 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
09:12:29.0512 1376 lltdio - ok
09:12:29.0543 1376 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
09:12:29.0543 1376 lltdsvc - ok
09:12:29.0559 1376 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
09:12:29.0574 1376 lmhosts - ok
09:12:29.0590 1376 [ A2262FB9F28935E862B4DB46438C80D2 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
09:12:29.0590 1376 LSI_FC - ok
09:12:29.0605 1376 [ 30D73327D390F72A62F32C103DAF1D6D ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
09:12:29.0605 1376 LSI_SAS - ok
09:12:29.0621 1376 [ E1E36FEFD45849A95F1AB81DE0159FE3 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
09:12:29.0621 1376 LSI_SCSI - ok
09:12:29.0637 1376 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
09:12:29.0652 1376 luafv - ok
09:12:29.0683 1376 [ 38440FE1A65B1FE3D246C5C4CAD22F53 ] LVCOMSer C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
09:12:29.0683 1376 LVCOMSer - ok
09:12:29.0715 1376 [ A6919138F29AE45E90E99FA94737E04C ] LVPr2Mon C:\Windows\system32\DRIVERS\LVPr2Mon.sys
09:12:29.0715 1376 LVPr2Mon - ok
09:12:29.0746 1376 [ 28BD0E4B6C050B591B8CB35B9AD284E6 ] LVPrcSrv C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
09:12:29.0746 1376 LVPrcSrv - ok
09:12:29.0793 1376 [ B895839B8743E400D7C7DAE156F74E7E ] LVRS C:\Windows\system32\DRIVERS\lvrs.sys
09:12:29.0808 1376 LVRS - ok
09:12:29.0855 1376 [ 23F8EF78BB9553E465A476F3CEE5CA18 ] LVUSBSta C:\Windows\system32\drivers\LVUSBSta.sys
09:12:29.0855 1376 LVUSBSta - ok
09:12:29.0980 1376 [ 8BC0D5F6E3898F465A94C6D03AFB5A20 ] LVUVC C:\Windows\system32\DRIVERS\lvuvc.sys
09:12:30.0089 1376 LVUVC - ok
09:12:30.0136 1376 [ 7B073FD0133346D0E555353F164057D7 ] M1 Server C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
09:12:30.0136 1376 M1 Server - ok
09:12:30.0229 1376 [ E6CB119EF2E148EAA1A247343550756E ] McciCMService C:\Program Files\Common Files\Motive\McciCMService.exe
09:12:30.0229 1376 McciCMService - ok
09:12:30.0292 1376 [ 7BBA15CA5A2AA4E50C7CBFB78D11DB25 ] MCLServiceATL C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
09:12:30.0292 1376 MCLServiceATL - ok
09:12:30.0323 1376 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
09:12:30.0323 1376 Mcx2Svc - ok
09:12:30.0354 1376 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys
09:12:30.0370 1376 mdmxsdk - ok
09:12:30.0401 1376 [ D153B14FC6598EAE8422A2037553ADCE ] megasas C:\Windows\system32\drivers\megasas.sys
09:12:30.0417 1376 megasas - ok
09:12:30.0448 1376 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
09:12:30.0448 1376 MMCSS - ok
09:12:30.0479 1376 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
09:12:30.0479 1376 Modem - ok
09:12:30.0479 1376 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
09:12:30.0479 1376 monitor - ok
09:12:30.0510 1376 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
09:12:30.0510 1376 mouclass - ok
09:12:30.0510 1376 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
09:12:30.0510 1376 mouhid - ok
09:12:30.0510 1376 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
09:12:30.0526 1376 MountMgr - ok
09:12:30.0573 1376 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
09:12:30.0573 1376 MozillaMaintenance - ok
09:12:30.0651 1376 [ D993BEA500E7382DC4E760BF4F35EFCB ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
09:12:30.0651 1376 MpFilter - ok
09:12:30.0682 1376 [ 583A41F26278D9E0EA548163D6139397 ] mpio C:\Windows\system32\drivers\mpio.sys
09:12:30.0682 1376 mpio - ok
09:12:30.0713 1376 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
09:12:30.0713 1376 mpsdrv - ok
09:12:30.0760 1376 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
09:12:30.0775 1376 MpsSvc - ok
09:12:30.0791 1376 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
09:12:30.0791 1376 Mraid35x - ok
09:12:30.0822 1376 [ 9BD4DCB5412921864A7AACDEDFBD1923 ] MREMP50 C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
09:12:30.0822 1376 MREMP50 - ok
09:12:30.0822 1376 MREMP50a64 - ok
09:12:30.0838 1376 MREMPR5 - ok
09:12:30.0838 1376 MRENDIS5 - ok
09:12:30.0853 1376 [ 07C02C892E8E1A72D6BF35004F0E9C5E ] MRESP50 C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
09:12:30.0853 1376 MRESP50 - ok
09:12:30.0853 1376 MRESP50a64 - ok
09:12:30.0916 1376 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
09:12:30.0916 1376 MRxDAV - ok
09:12:30.0947 1376 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
09:12:30.0947 1376 mrxsmb - ok
09:12:31.0009 1376 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:12:31.0025 1376 mrxsmb10 - ok
09:12:31.0025 1376 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:12:31.0025 1376 mrxsmb20 - ok
09:12:31.0041 1376 [ 742AED7939E734C36B7E8D6228CE26B7 ] msahci C:\Windows\system32\drivers\msahci.sys
09:12:31.0041 1376 msahci - ok
09:12:31.0056 1376 [ 3FC82A2AE4CC149165A94699183D3028 ] msdsm C:\Windows\system32\drivers\msdsm.sys
09:12:31.0072 1376 msdsm - ok
09:12:31.0103 1376 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
09:12:31.0103 1376 MSDTC - ok
09:12:31.0165 1376 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
09:12:31.0165 1376 Msfs - ok
09:12:31.0181 1376 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
09:12:31.0181 1376 msisadrv - ok
09:12:31.0212 1376 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
09:12:31.0212 1376 MSiSCSI - ok
09:12:31.0212 1376 msiserver - ok
09:12:31.0228 1376 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
09:12:31.0243 1376 MSKSSRV - ok
09:12:31.0321 1376 [ 24516BF4E12A46CB67302E2CDCB8CDDF ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe
09:12:31.0321 1376 MsMpSvc - ok
09:12:31.0353 1376 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
09:12:31.0353 1376 MSPCLOCK - ok
09:12:31.0353 1376 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
09:12:31.0353 1376 MSPQM - ok
09:12:31.0415 1376 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
09:12:31.0415 1376 MsRPC - ok
09:12:31.0431 1376 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
09:12:31.0431 1376 mssmbios - ok
09:12:31.0462 1376 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
09:12:31.0462 1376 MSTEE - ok
09:12:31.0509 1376 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
09:12:31.0509 1376 Mup - ok
09:12:31.0571 1376 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
09:12:31.0571 1376 napagent - ok
09:12:31.0633 1376 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
09:12:31.0633 1376 NativeWifiP - ok
09:12:31.0680 1376 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
09:12:31.0696 1376 NDIS - ok
09:12:31.0711 1376 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
09:12:31.0711 1376 NdisTapi - ok
09:12:31.0727 1376 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
09:12:31.0727 1376 Ndisuio - ok
09:12:31.0758 1376 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
09:12:31.0774 1376 NdisWan - ok
09:12:31.0774 1376 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
09:12:31.0774 1376 NDProxy - ok
09:12:31.0789 1376 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
09:12:31.0789 1376 NetBIOS - ok
09:12:31.0821 1376 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
09:12:31.0821 1376 netbt - ok
09:12:31.0836 1376 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
09:12:31.0836 1376 Netlogon - ok
09:12:31.0852 1376 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
09:12:31.0852 1376 Netman - ok
09:12:31.0867 1376 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
09:12:31.0883 1376 netprofm - ok
09:12:31.0914 1376 [ 987549E56F122AE7A70A4717C1572B5B ] netr73 C:\Windows\system32\DRIVERS\netr73.sys
09:12:31.0914 1376 netr73 - ok
09:12:31.0977 1376 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
09:12:31.0977 1376 NetTcpPortSharing - ok
09:12:32.0008 1376 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
09:12:32.0008 1376 nfrd960 - ok
09:12:32.0023 1376 [ B52F26BADE7D7E4A79706E3FD91834CD ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
09:12:32.0023 1376 NisDrv - ok
09:12:32.0101 1376 [ 290C0D4C4889398797F8DF3BE00B9698 ] NisSrv C:\Program Files\Microsoft Security Client\NisSrv.exe
09:12:32.0101 1376 NisSrv - ok
09:12:32.0117 1376 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
09:12:32.0117 1376 NlaSvc - ok
09:12:32.0164 1376 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
09:12:32.0164 1376 Npfs - ok
09:12:32.0179 1376 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
09:12:32.0179 1376 nsi - ok
09:12:32.0195 1376 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
09:12:32.0195 1376 nsiproxy - ok
09:12:32.0257 1376 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
09:12:32.0273 1376 Ntfs - ok
09:12:32.0304 1376 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
09:12:32.0304 1376 ntrigdigi - ok
09:12:32.0335 1376 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
09:12:32.0335 1376 Null - ok
09:12:32.0507 1376 [ 351265910A8EF5FC6CC4535A00054049 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
09:12:32.0647 1376 nvlddmkm - ok
09:12:32.0679 1376 [ E69E946F80C1C31C53003BFBF50CBB7C ] nvraid C:\Windows\system32\drivers\nvraid.sys
09:12:32.0679 1376 nvraid - ok
09:12:32.0710 1376 [ 9E0BA19A28C498A6D323D065DB76DFFC ] nvstor C:\Windows\system32\drivers\nvstor.sys
09:12:32.0710 1376 nvstor - ok
09:12:32.0725 1376 [ 07C186427EB8FCC3D8D7927187F260F7 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
09:12:32.0725 1376 nv_agp - ok
09:12:32.0725 1376 NwlnkFlt - ok
09:12:32.0725 1376 NwlnkFwd - ok
09:12:32.0803 1376 [ 6F310E890D46E246E0E261A63D9B36B4 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
09:12:32.0803 1376 ohci1394 - ok
09:12:32.0835 1376 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
09:12:32.0850 1376 p2pimsvc - ok
09:12:32.0866 1376 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
09:12:32.0866 1376 p2psvc - ok
09:12:32.0881 1376 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
09:12:32.0881 1376 Parport - ok
09:12:32.0944 1376 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
09:12:32.0944 1376 partmgr - ok
09:12:32.0975 1376 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
09:12:32.0975 1376 Parvdm - ok
09:12:32.0991 1376 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
09:12:32.0991 1376 PcaSvc - ok
09:12:33.0053 1376 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
09:12:33.0053 1376 pci - ok
09:12:33.0069 1376 [ 3B1901E401473E03EB8C874271E50C26 ] pciide C:\Windows\system32\drivers\pciide.sys
09:12:33.0069 1376 pciide - ok
09:12:33.0100 1376 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
09:12:33.0100 1376 pcmcia - ok
09:12:33.0131 1376 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
09:12:33.0147 1376 PEAUTH - ok
09:12:33.0225 1376 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
09:12:33.0256 1376 pla - ok
09:12:33.0287 1376 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
09:12:33.0303 1376 PlugPlay - ok
09:12:33.0318 1376 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
09:12:33.0318 1376 PNRPAutoReg - ok
09:12:33.0349 1376 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
09:12:33.0349 1376 PNRPsvc - ok
09:12:33.0396 1376 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
09:12:33.0412 1376 PolicyAgent - ok
09:12:33.0427 1376 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
09:12:33.0427 1376 PptpMiniport - ok
09:12:33.0459 1376 [ 0E3CEF5D28B40CF273281D620C50700A ] Processor C:\Windows\system32\drivers\processr.sys
09:12:33.0459 1376 Processor - ok
09:12:33.0505 1376 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
09:12:33.0505 1376 ProfSvc - ok
09:12:33.0521 1376 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
09:12:33.0521 1376 ProtectedStorage - ok
09:12:33.0552 1376 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
09:12:33.0552 1376 PSched - ok
09:12:33.0583 1376 [ D86B4A68565E444D76457F14172C875A ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
09:12:33.0583 1376 PxHelp20 - ok
09:12:33.0646 1376 [ CCDAC889326317792480C0A67156A1EC ] ql2300 C:\Windows\system32\drivers\ql2300.sys
09:12:33.0661 1376 ql2300 - ok
09:12:33.0708 1376 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
09:12:33.0708 1376 ql40xx - ok
09:12:33.0739 1376 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
09:12:33.0755 1376 QWAVE - ok
09:12:33.0771 1376 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
09:12:33.0771 1376 QWAVEdrv - ok
09:12:33.0771 1376 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
09:12:33.0771 1376 RasAcd - ok
09:12:33.0786 1376 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
09:12:33.0786 1376 RasAuto - ok
09:12:33.0802 1376 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
09:12:33.0802 1376 Rasl2tp - ok
09:12:33.0849 1376 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
09:12:33.0849 1376 RasMan - ok
09:12:33.0880 1376 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
09:12:33.0880 1376 RasPppoe - ok
09:12:33.0927 1376 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
09:12:33.0927 1376 RasSstp - ok
09:12:33.0973 1376 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
09:12:33.0973 1376 rdbss - ok
09:12:33.0973 1376 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
09:12:33.0989 1376 RDPCDD - ok
09:12:34.0036 1376 [ E8BD98D46F2ED77132BA927FCCB47D8B ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
09:12:34.0036 1376 rdpdr - ok
09:12:34.0051 1376 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
09:12:34.0051 1376 RDPENCDD - ok
09:12:34.0114 1376 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
09:12:34.0114 1376 RDPWD - ok
09:12:34.0161 1376 [ 752402F6BD5FA012805813C329F88DD3 ] Remote UI Service C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
09:12:34.0161 1376 Remote UI Service - ok
09:12:34.0192 1376 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
09:12:34.0207 1376 RemoteAccess - ok
09:12:34.0239 1376 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
09:12:34.0239 1376 RemoteRegistry - ok
09:12:34.0332 1376 [ 2DAC86F10C42B55F2511F14CBCEE7284 ] RoxMediaDB9 c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
09:12:34.0348 1376 RoxMediaDB9 - ok
09:12:34.0379 1376 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
09:12:34.0379 1376 RpcLocator - ok
09:12:34.0395 1376 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\System32\rpcss.dll
09:12:34.0410 1376 RpcSs - ok
09:12:34.0410 1376 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
09:12:34.0410 1376 rspndr - ok
09:12:34.0426 1376 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
09:12:34.0426 1376 SamSs - ok
09:12:34.0457 1376 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
09:12:34.0457 1376 sbp2port - ok
09:12:34.0488 1376 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
09:12:34.0488 1376 SCardSvr - ok
09:12:34.0519 1376 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
09:12:34.0535 1376 Schedule - ok
09:12:34.0582 1376 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
09:12:34.0582 1376 SCPolicySvc - ok
09:12:34.0613 1376 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
09:12:34.0613 1376 SDRSVC - ok
09:12:34.0629 1376 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
09:12:34.0629 1376 secdrv - ok
09:12:34.0629 1376 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
09:12:34.0629 1376 seclogon - ok
09:12:34.0644 1376 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\system32\sens.dll
09:12:34.0644 1376 SENS - ok
09:12:34.0660 1376 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
09:12:34.0660 1376 Serenum - ok
09:12:34.0691 1376 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
09:12:34.0691 1376 Serial - ok
09:12:34.0738 1376 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
09:12:34.0738 1376 sermouse - ok
09:12:34.0785 1376 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
09:12:34.0785 1376 SessionEnv - ok
09:12:34.0816 1376 [ 51CF56AA8BCC241F134B420B8F850406 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
09:12:34.0816 1376 sffdisk - ok
09:12:34.0831 1376 [ 96DED8B20C734AC41641CE275250E55D ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
09:12:34.0847 1376 sffp_mmc - ok
09:12:34.0847 1376 [ 8B08CAB1267B2C377883FC9E56981F90 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
09:12:34.0863 1376 sffp_sd - ok
09:12:34.0878 1376 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
09:12:34.0878 1376 sfloppy - ok
09:12:34.0925 1376 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
09:12:34.0941 1376 SharedAccess - ok
09:12:34.0972 1376 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:12:34.0972 1376 ShellHWDetection - ok
09:12:35.0003 1376 [ D2A595D6EEBEEAF4334F8E50EFBC9931 ] sisagp C:\Windows\system32\drivers\sisagp.sys
09:12:35.0003 1376 sisagp - ok
09:12:35.0019 1376 [ CEDD6F4E7D84E9F98B34B3FE988373AA ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
09:12:35.0019 1376 SiSRaid2 - ok
09:12:35.0034 1376 [ DF843C528C4F69D12CE41CE462E973A7 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
09:12:35.0034 1376 SiSRaid4 - ok
09:12:35.0097 1376 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
09:12:35.0097 1376 SkypeUpdate - ok
09:12:35.0175 1376 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
09:12:35.0237 1376 slsvc - ok
09:12:35.0284 1376 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
09:12:35.0284 1376 SLUINotify - ok
09:12:35.0331 1376 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
09:12:35.0331 1376 Smb - ok
09:12:35.0362 1376 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
09:12:35.0362 1376 SNMPTRAP - ok
09:12:35.0393 1376 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
09:12:35.0393 1376 spldr - ok
09:12:35.0409 1376 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
09:12:35.0409 1376 Spooler - ok
09:12:35.0455 1376 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
09:12:35.0455 1376 srv - ok
09:12:35.0471 1376 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
09:12:35.0487 1376 srv2 - ok
09:12:35.0502 1376 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
09:12:35.0502 1376 srvnet - ok
09:12:35.0533 1376 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
09:12:35.0533 1376 SSDPSRV - ok
09:12:35.0549 1376 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
09:12:35.0549 1376 SstpSvc - ok
09:12:35.0611 1376 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
09:12:35.0627 1376 stisvc - ok
09:12:35.0643 1376 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
09:12:35.0643 1376 swenum - ok
09:12:35.0721 1376 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
09:12:35.0721 1376 swprv - ok
09:12:35.0752 1376 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
09:12:35.0752 1376 Symc8xx - ok
09:12:35.0767 1376 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
09:12:35.0767 1376 Sym_hi - ok
09:12:35.0783 1376 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
09:12:35.0783 1376 Sym_u3 - ok
09:12:35.0814 1376 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
09:12:35.0830 1376 SysMain - ok
09:12:35.0877 1376 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
09:12:35.0877 1376 TabletInputService - ok
09:12:35.0908 1376 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
09:12:35.0923 1376 TapiSrv - ok
09:12:35.0955 1376 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
09:12:35.0955 1376 TBS - ok
09:12:36.0033 1376 [ EE7E10BED85C312C1D5D30C435BDDA9F ] Tcpip C:\Windows\system32\drivers\tcpip.sys
09:12:36.0064 1376 Tcpip - ok
09:12:36.0079 1376 [ EE7E10BED85C312C1D5D30C435BDDA9F ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
09:12:36.0079 1376 Tcpip6 - ok
09:12:36.0157 1376 [ 2C2D4CFF5E09C73908F9B5AF49A51365 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
09:12:36.0157 1376 tcpipreg - ok
09:12:36.0173 1376 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
09:12:36.0173 1376 TDPIPE - ok
09:12:36.0189 1376 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
09:12:36.0189 1376 TDTCP - ok
09:12:36.0204 1376 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
09:12:36.0204 1376 tdx - ok
09:12:36.0235 1376 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
09:12:36.0235 1376 TermDD - ok
09:12:36.0267 1376 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
09:12:36.0282 1376 TermService - ok
09:12:36.0298 1376 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
09:12:36.0298 1376 Themes - ok
09:12:36.0313 1376 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
09:12:36.0313 1376 THREADORDER - ok
09:12:36.0329 1376 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
09:12:36.0345 1376 TrkWks - ok
09:12:36.0391 1376 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
09:12:36.0391 1376 TrustedInstaller - ok
09:12:36.0407 1376 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
09:12:36.0407 1376 tssecsrv - ok
09:12:36.0438 1376 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
09:12:36.0438 1376 tunmp - ok
09:12:36.0501 1376 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
09:12:36.0501 1376 tunnel - ok
09:12:36.0516 1376 [ C3ADE15414120033A36C0F293D4A4121 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
09:12:36.0516 1376 uagp35 - ok
09:12:36.0563 1376 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
09:12:36.0563 1376 udfs - ok
09:12:36.0579 1376 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
09:12:36.0579 1376 UI0Detect - ok
09:12:36.0610 1376 [ 75E6890EBFCE0841D3291B02E7A8BDB0 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
09:12:36.0610 1376 uliagpkx - ok
09:12:36.0657 1376 [ 3CD4EA35A6221B85DCC25DAA46313F8D ] uliahci C:\Windows\system32\drivers\uliahci.sys
09:12:36.0657 1376 uliahci - ok
09:12:36.0688 1376 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
09:12:36.0703 1376 UlSata - ok
09:12:36.0719 1376 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
09:12:36.0719 1376 ulsata2 - ok
09:12:36.0750 1376 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
09:12:36.0750 1376 umbus - ok
09:12:36.0766 1376 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
09:12:36.0781 1376 upnphost - ok
09:12:36.0828 1376 [ EAFE1E00739AFE6C51487A050E772E17 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
09:12:36.0828 1376 USBAAPL - ok
09:12:36.0859 1376 [ 32DB9517628FF0D070682AAB61E688F0 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
09:12:36.0859 1376 usbaudio - ok
09:12:36.0875 1376 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
09:12:36.0875 1376 usbccgp - ok
09:12:36.0875 1376 [ 47B9770EA21436DE4AD5AEA7926E0900 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
09:12:36.0875 1376 usbcir - ok
09:12:36.0922 1376 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
09:12:36.0937 1376 usbehci - ok
09:12:36.0969 1376 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
09:12:36.0984 1376 usbhub - ok
09:12:37.0015 1376 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
09:12:37.0031 1376 usbohci - ok
09:12:37.0047 1376 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
09:12:37.0047 1376 usbprint - ok
09:12:37.0062 1376 [ A508C9BD8724980512136B039BBA65E9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
09:12:37.0062 1376 usbscan - ok
09:12:37.0125 1376 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:12:37.0125 1376 USBSTOR - ok
09:12:37.0140 1376 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
09:12:37.0140 1376 usbuhci - ok
09:12:37.0187 1376 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
09:12:37.0187 1376 UxSms - ok
09:12:37.0218 1376 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
09:12:37.0234 1376 vds - ok
09:12:37.0249 1376 [ 7D92BE0028ECDEDEC74617009084B5EF ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
09:12:37.0249 1376 vga - ok
09:12:37.0281 1376 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
09:12:37.0281 1376 VgaSave - ok
09:12:37.0296 1376 [ 045D9961E591CF0674A920B6BA3BA5CB ] viaagp C:\Windows\system32\drivers\viaagp.sys
09:12:37.0296 1376 viaagp - ok
09:12:37.0327 1376 [ 56A4DE5F02F2E88182B0981119B4DD98 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
09:12:37.0327 1376 ViaC7 - ok
09:12:37.0343 1376 [ FD2E3175FCADA350C7AB4521DCA187EC ] viaide C:\Windows\system32\drivers\viaide.sys
09:12:37.0343 1376 viaide - ok
09:12:37.0437 1376 [ 5F974FDE801C73952770736BECDE11E7 ] Viewpoint Manager Service C:\Program Files\Viewpoint\Common\ViewpointService.exe
09:12:37.0452 1376 Viewpoint Manager Service - ok
09:12:37.0452 1376 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
09:12:37.0452 1376 volmgr - ok
09:12:37.0530 1376 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
09:12:37.0530 1376 volmgrx - ok
09:12:37.0608 1376 [ 147281C01FCB1DF9252DE2A10D5E7093 ] volsnap C:\Windows\system32\drivers\volsnap.sys
09:12:37.0608 1376 volsnap - ok
09:12:37.0624 1376 [ D984439746D42B30FC65A4C3546C6829 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
09:12:37.0639 1376 vsmraid - ok
09:12:37.0702 1376 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
09:12:37.0733 1376 VSS - ok
09:12:37.0780 1376 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
09:12:37.0795 1376 W32Time - ok
09:12:37.0811 1376 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
09:12:37.0811 1376 WacomPen - ok
09:12:37.0842 1376 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
09:12:37.0842 1376 Wanarp - ok
09:12:37.0842 1376 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
09:12:37.0842 1376 Wanarpv6 - ok
09:12:37.0889 1376 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
09:12:37.0889 1376 wcncsvc - ok
09:12:37.0920 1376 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
09:12:37.0920 1376 WcsPlugInService - ok
09:12:37.0936 1376 [ AFC5AD65B991C1E205CF25CFDBF7A6F4 ] Wd C:\Windows\system32\drivers\wd.sys
09:12:37.0936 1376 Wd - ok
09:12:37.0967 1376 [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
09:12:37.0967 1376 Wdf01000 - ok
09:12:38.0045 1376 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
09:12:38.0045 1376 WdiServiceHost - ok
09:12:38.0045 1376 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
09:12:38.0045 1376 WdiSystemHost - ok
09:12:38.0092 1376 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
09:12:38.0092 1376 WebClient - ok
09:12:38.0123 1376 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
09:12:38.0123 1376 Wecsvc - ok
09:12:38.0139 1376 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
09:12:38.0139 1376 wercplsupport - ok
09:12:38.0170 1376 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
09:12:38.0170 1376 WerSvc - ok
09:12:38.0217 1376 [ 72CC6A8CA7891031D6380DB5025C773C ] winachsf C:\Windows\system32\DRIVERS\HSX_CNXT.sys
09:12:38.0232 1376 winachsf - ok
09:12:38.0279 1376 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
09:12:38.0279 1376 WinDefend - ok
09:12:38.0279 1376 WinHttpAutoProxySvc - ok
09:12:38.0341 1376 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
09:12:38.0341 1376 Winmgmt - ok
09:12:38.0419 1376 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
09:12:38.0451 1376 WinRM - ok
09:12:38.0513 1376 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
09:12:38.0529 1376 Wlansvc - ok
09:12:38.0560 1376 [ 701A9F884A294327E9141D73746EE279 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
09:12:38.0560 1376 WmiAcpi - ok
09:12:38.0591 1376 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
09:12:38.0591 1376 wmiApSrv - ok
09:12:38.0653 1376 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
09:12:38.0685 1376 WMPNetworkSvc - ok
09:12:38.0716 1376 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
09:12:38.0716 1376 WPCSvc - ok
09:12:38.0778 1376 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
09:12:38.0778 1376 WPDBusEnum - ok
09:12:38.0841 1376 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
09:12:38.0841 1376 WpdUsb - ok
09:12:39.0059 1376 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
09:12:39.0075 1376 WPFFontCache_v0400 - ok
09:12:39.0106 1376 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
09:12:39.0106 1376 ws2ifsl - ok
09:12:39.0137 1376 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\system32\wscsvc.dll
09:12:39.0137 1376 wscsvc - ok
09:12:39.0137 1376 WSearch - ok
09:12:39.0153 1376 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
09:12:39.0168 1376 WUDFRd - ok
09:12:39.0184 1376 [ 575A4190D989F64732119E4114045A4F ] wudfsvc C:\Windows\System32\WUDFSvc.dll
09:12:39.0184 1376 wudfsvc - ok
09:12:39.0215 1376 [ DAB33CFA9DD24251AAA389FF36B64D4B ] XAudio C:\Windows\system32\DRIVERS\xaudio.sys
09:12:39.0215 1376 XAudio - ok
09:12:39.0262 1376 [ CD5F291A1161F15896D1A4D63DAFF5DF ] XAudioService C:\Windows\system32\DRIVERS\xaudio.exe
09:12:39.0262 1376 XAudioService - ok
09:12:39.0277 1376 ================ Scan global ===============================
09:12:39.0309 1376 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
09:12:39.0324 1376 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
09:12:39.0355 1376 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
09:12:39.0371 1376 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
09:12:39.0387 1376 [Global] - ok
09:12:39.0387 1376 ================ Scan MBR ==================================
09:12:39.0387 1376 [ 8913823FF508CCF109DB74B636C301DA ] \Device\Harddisk0\DR0
09:12:39.0855 1376 \Device\Harddisk0\DR0 - ok
09:12:39.0870 1376 [ 1DB61955601576B622C64349B22C390B ] \Device\Harddisk1\DR1
09:12:40.0089 1376 \Device\Harddisk1\DR1 - ok
09:12:40.0089 1376 ================ Scan VBR ==================================
09:12:40.0089 1376 [ 50F82A17913FAC2BF680718749D83187 ] \Device\Harddisk0\DR0\Partition1
09:12:40.0089 1376 \Device\Harddisk0\DR0\Partition1 - ok
09:12:40.0089 1376 [ FB381A7A81B9CC105CFCD5D9CC0463A5 ] \Device\Harddisk0\DR0\Partition2
09:12:40.0104 1376 \Device\Harddisk0\DR0\Partition2 - ok
09:12:40.0104 1376 [ 59BE471828956ADE096BBC2CB1938F69 ] \Device\Harddisk1\DR1\Partition1
09:12:40.0104 1376 \Device\Harddisk1\DR1\Partition1 - ok
09:12:40.0104 1376 ============================================================
09:12:40.0104 1376 Scan finished
09:12:40.0104 1376 ============================================================
09:12:40.0120 1704 Detected object count: 0
09:12:40.0120 1704 Actual detected object count: 0

#4 sugardaddy5

sugardaddy5
  • Topic Starter

  • Members
  • 59 posts
  • OFFLINE
  •  
  • Local time:05:57 AM

Posted 09 September 2012 - 11:23 AM

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-09-09 09:16:54
-----------------------------
09:16:54.858 OS Version: Windows 6.0.6002 Service Pack 2
09:16:54.858 Number of processors: 4 586 0xF0B
09:16:54.858 ComputerName: SUGAR-PC UserName: sugar
09:19:00.459 Initialize success
09:21:19.194 AVAST engine defs: 12090900
09:21:45.814 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
09:21:45.816 Disk 0 Vendor: WDC_WD3200AAJS-65RYA0 12.01B01 Size: 305245MB BusType: 3
09:21:45.819 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP0T1L0-1
09:21:45.822 Disk 1 Vendor: WDC_WD3200AAJS-65RYA0 12.01B01 Size: 305245MB BusType: 3
09:21:45.971 Disk 0 MBR read successfully
09:21:45.974 Disk 0 MBR scan
09:21:45.979 Disk 0 unknown MBR code
09:21:45.999 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 295978 MB offset 63
09:21:46.043 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 9264 MB offset 606164580
09:21:46.083 Disk 0 scanning sectors +625137345
09:21:46.181 Disk 0 scanning C:\Windows\system32\drivers
09:22:07.123 Service scanning
09:23:27.929 Modules scanning
09:24:12.551 Disk 0 trace - called modules:
09:24:12.630 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS pciide.sys
09:24:12.637 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85fafac8]
09:24:12.642 3 CLASSPNP.SYS[82fa18b3] -> nt!IofCallDriver -> [0x85361898]
09:24:12.657 5 acpi.sys[806956bc] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x84fc1b98]
09:24:15.334 AVAST engine scan C:\Windows
09:24:20.134 AVAST engine scan C:\Windows\system32
09:27:33.104 File: C:\Windows\assembly\GAC\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
09:28:47.337 AVAST engine scan C:\Windows\system32\drivers
09:29:03.714 AVAST engine scan C:\Users\sugar
10:22:26.831 File: C:\Users\sugar\AppData\Local\temp\msimg32.dll **INFECTED** Win32:Sirefef-AKO [Trj]
10:22:29.928 File: C:\Users\sugar\AppData\Local\temp\owexsmnarc.exe **INFECTED** Win32:Sirefef-AKO [Trj]
10:23:50.330 File: C:\Users\sugar\AppData\Roaming\macbv.dll **INFECTED** Win32:Agent-APTF [Trj]
10:50:41.736 AVAST engine scan C:\ProgramData
10:50:41.930 File: C:\ProgramData\6C82D12400749C821AA244D22F3B707C\6C82D12400749C821AA244D22F3B707C.exe **INFECTED** Win32:MalOb-KP [Trj]
10:57:12.864 Scan finished successfully
11:21:54.387 Disk 0 MBR has been saved successfully to "C:\Users\sugar\Documents\MBR.dat"
11:21:54.393 The log file has been saved successfully to "C:\Users\sugar\Documents\aswMBR.txt"

#5 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:57 AM

Posted 09 September 2012 - 12:09 PM

After posting ESET scan results follow these instructions

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

post the generated log

#6 sugardaddy5

sugardaddy5
  • Topic Starter

  • Members
  • 59 posts
  • OFFLINE
  •  
  • Local time:05:57 AM

Posted 09 September 2012 - 08:08 PM

eset

C:\ProgramData\6C82D12400749C821AA244D22F3B707C\6C82D12400749C821AA244D22F3B707C.exe a variant of Win32/Kryptik.ALKY trojan cleaned by deleting - quarantined
C:\Users\sugar\AppData\Local\temp\msimg32.dll a variant of Win32/Kryptik.ALLC trojan cleaned by deleting - quarantined
C:\Users\sugar\AppData\Local\temp\owexsmnarc.exe a variant of Win32/Kryptik.ALLC trojan cleaned by deleting - quarantined
C:\Users\sugar\AppData\Local\{F10FA56C-F6F1-11E1-8270-B8AC6F996F26}\chrome\content\browser.xul JS/Redirector.NIQ trojan cleaned by deleting - quarantined
C:\Users\sugar\AppData\Roaming\wkrfg.dll a variant of Win32/Medfos.DE trojan cleaned by deleting - quarantined
Operating memory multiple threats

#7 sugardaddy5

sugardaddy5
  • Topic Starter

  • Members
  • 59 posts
  • OFFLINE
  •  
  • Local time:05:57 AM

Posted 10 September 2012 - 11:19 PM

MiniToolBox by Farbar Version: 23-07-2012
Ran by sugar (administrator) on 10-09-2012 at 23:16:16
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

Intel® 82566DC-2 Gigabit Network Connection = Local Area Connection (Connected)
USB Wireless 802.11 b/g Adaptor = Wireless Network Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
set interface interface="Loopback Pseudo-Interface 1" forwarding=disabled advertise=disabled mtu=1400 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection" forwarding=disabled advertise=disabled mtu=1400 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled
set interface interface="Wireless Network Connection" forwarding=disabled advertise=disabled mtu=1400 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : sugar-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : USB Wireless 802.11 b/g Adaptor
Physical Address. . . . . . . . . : 00-C0-A8-F8-B0-24
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® 82566DC-2 Gigabit Network Connection
Physical Address. . . . . . . . . : 00-1D-60-53-C6-50
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::fc76:b947:a4a9:8f04%8(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.2(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Monday, September 10, 2012 7:56:57 PM
Lease Expires . . . . . . . . . . : Tuesday, September 11, 2012 12:08:24 AM
Default Gateway . . . . . . . . . : 192.168.1.254
DHCP Server . . . . . . . . . . . : 192.168.1.254
DHCPv6 IAID . . . . . . . . . . . : 201334112
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-0E-70-83-96-00-1D-60-53-C6-50
DNS Servers . . . . . . . . . . . : 192.168.1.254
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Local Area Connection* 6:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{62CE607A-1353-4A2D-B5D5-4E4AE3B77005}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 10:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : 6TO4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 12:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 13:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:953c:18bc:2706:3f57:fefd(Preferred)
Link-local IPv6 Address . . . . . : fe80::18bc:2706:3f57:fefd%19(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Local Area Connection* 14:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #5
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 15:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #6
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 17:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #8
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 18:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #9
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 21:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{28FEDA5C-1BDF-412A-BBD2-0DF6BD1A3B06}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.1.254

Name: google.com
Addresses: 2001:4860:800a::64
74.125.137.139
74.125.137.100
74.125.137.101
74.125.137.102
74.125.137.113
74.125.137.138



Pinging google.com [74.125.134.139] with 32 bytes of data:

Reply from 74.125.134.139: bytes=32 time=30ms TTL=43

Reply from 74.125.134.139: bytes=32 time=30ms TTL=43



Ping statistics for 74.125.134.139:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 30ms, Maximum = 30ms, Average = 30ms

DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.1.254

Name: yahoo.com
Addresses: 98.138.253.109
98.139.183.24
72.30.38.140



Pinging yahoo.com [98.138.253.109] with 32 bytes of data:

Reply from 98.138.253.109: bytes=32 time=109ms TTL=44

Reply from 98.138.253.109: bytes=32 time=88ms TTL=43



Ping statistics for 98.138.253.109:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 88ms, Maximum = 109ms, Average = 98ms

DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.1.254

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:

Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),



Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
9 ...00 c0 a8 f8 b0 24 ...... USB Wireless 802.11 b/g Adaptor
8 ...00 1d 60 53 c6 50 ...... Intel® 82566DC-2 Gigabit Network Connection
1 ........................... Software Loopback Interface 1
22 ...00 00 00 00 00 00 00 e0 isatap.{62CE607A-1353-4A2D-B5D5-4E4AE3B77005}
10 ...00 00 00 00 00 00 00 e0 6TO4 Adapter
11 ...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #3
12 ...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #4
19 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
14 ...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #5
15 ...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #6
17 ...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #8
18 ...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #9
24 ...00 00 00 00 00 00 00 e0 isatap.{28FEDA5C-1BDF-412A-BBD2-0DF6BD1A3B06}
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.254 192.168.1.2 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.2 276
192.168.1.2 255.255.255.255 On-link 192.168.1.2 276
192.168.1.255 255.255.255.255 On-link 192.168.1.2 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.2 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.2 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
19 18 ::/0 On-link
1 306 ::1/128 On-link
19 18 2001::/32 On-link
19 266 2001:0:9d38:953c:18bc:2706:3f57:fefd/128
On-link
8 276 fe80::/64 On-link
19 266 fe80::/64 On-link
19 266 fe80::18bc:2706:3f57:fefd/128
On-link
8 276 fe80::fc76:b947:a4a9:8f04/128
On-link
1 306 ff00::/8 On-link
19 266 ff00::/8 On-link
8 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

Catalog5 06 C:\Windows\System32\winrnr.dll [19968] (Microsoft Corporation)
Catalog9 01 mswsock.dll [File Not found] ()
Catalog9 02 mswsock.dll [File Not found] ()
Catalog9 03 mswsock.dll [File Not found] ()
Catalog9 04 mswsock.dll [File Not found] ()
Catalog9 05 mswsock.dll [File Not found] ()
Catalog9 06 mswsock.dll [File Not found] ()
Catalog9 07 mswsock.dll [File Not found] ()
Catalog9 08 mswsock.dll [File Not found] ()
Catalog9 09 mswsock.dll [File Not found] ()
Catalog9 10 mswsock.dll [File Not found] ()
Catalog9 11 mswsock.dll [File Not found] ()
Catalog9 12 mswsock.dll [File Not found] ()
Catalog9 13 mswsock.dll [File Not found] ()
Catalog9 14 mswsock.dll [File Not found] ()
Catalog9 15 mswsock.dll [File Not found] ()
Catalog9 16 mswsock.dll [File Not found] ()
Catalog9 17 mswsock.dll [File Not found] ()
Catalog9 18 mswsock.dll [File Not found] ()
Catalog9 19 mswsock.dll [File Not found] ()
Catalog9 20 mswsock.dll [File Not found] ()
Catalog9 21 mswsock.dll [File Not found] ()
Catalog9 22 mswsock.dll [File Not found] ()
Catalog9 23 mswsock.dll [File Not found] ()
Catalog9 24 mswsock.dll [File Not found] ()

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/10/2012 09:44:46 AM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\SUGAR\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\MACROMEDIA.COM\SUPPORT\FLASHPLAYER\SYS\SETTINGS.SOL> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (09/10/2012 09:44:46 AM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\SUGAR\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\MACROMEDIA.COM\SUPPORT\FLASHPLAYER\SYS\#MEDIA.SCANSCOUT.COM> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (09/10/2012 09:44:46 AM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\SUGAR\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\MACROMEDIA.COM\SUPPORT\FLASHPLAYER\SYS\#MEDIA.SCANSCOUT.COM> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (09/10/2012 09:37:26 AM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\SUGAR\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\MACROMEDIA.COM\SUPPORT\FLASHPLAYER\SYS\#MEDIA.SCANSCOUT.COM> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (09/10/2012 09:37:26 AM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\SUGAR\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\MACROMEDIA.COM\SUPPORT\FLASHPLAYER\SYS\#MEDIA.SCANSCOUT.COM> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (09/10/2012 09:36:45 AM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\SUGAR\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\MACROMEDIA.COM\SUPPORT\FLASHPLAYER\SYS\#MEDIA.SCANSCOUT.COM> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (09/10/2012 09:36:45 AM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\SUGAR\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\MACROMEDIA.COM\SUPPORT\FLASHPLAYER\SYS\#MEDIA.SCANSCOUT.COM> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (09/10/2012 07:33:52 AM) (Source: Application Hang) (User: )
Description: The program HPAdvisor.exe version 1.2.13.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel.
Process ID: ddc
Start Time: 01cd8f4ff0497141
Termination Time: 67

Error: (09/09/2012 10:53:03 PM) (Source: EventSystem) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (09/09/2012 09:09:33 AM) (Source: EventSystem) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c


System errors:
=============

Microsoft Office Sessions:
=========================
Error: (09/10/2012 09:44:46 AM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)
C:\USERS\SUGAR\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\MACROMEDIA.COM\SUPPORT\FLASHPLAYER\SYS\SETTINGS.SOL

Error: (09/10/2012 09:44:46 AM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)
C:\USERS\SUGAR\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\MACROMEDIA.COM\SUPPORT\FLASHPLAYER\SYS\#MEDIA.SCANSCOUT.COM

Error: (09/10/2012 09:44:46 AM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)
C:\USERS\SUGAR\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\MACROMEDIA.COM\SUPPORT\FLASHPLAYER\SYS\#MEDIA.SCANSCOUT.COM

Error: (09/10/2012 09:37:26 AM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)
C:\USERS\SUGAR\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\MACROMEDIA.COM\SUPPORT\FLASHPLAYER\SYS\#MEDIA.SCANSCOUT.COM

Error: (09/10/2012 09:37:26 AM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)
C:\USERS\SUGAR\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\MACROMEDIA.COM\SUPPORT\FLASHPLAYER\SYS\#MEDIA.SCANSCOUT.COM

Error: (09/10/2012 09:36:45 AM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)
C:\USERS\SUGAR\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\MACROMEDIA.COM\SUPPORT\FLASHPLAYER\SYS\#MEDIA.SCANSCOUT.COM

Error: (09/10/2012 09:36:45 AM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)
C:\USERS\SUGAR\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\MACROMEDIA.COM\SUPPORT\FLASHPLAYER\SYS\#MEDIA.SCANSCOUT.COM

Error: (09/10/2012 07:33:52 AM) (Source: Application Hang)(User: )
Description: HPAdvisor.exe1.2.13.0ddc01cd8f4ff049714167

Error: (09/09/2012 10:53:03 PM) (Source: EventSystem)(User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (09/09/2012 09:09:33 AM) (Source: EventSystem)(User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c


=========================== Installed Programs ============================

AAC Decoder (Version: 7.1.0)
ActiveCheck component for HP Active Support Library (Version: 3.0.0.2)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.271)
Adobe Flash Player 11 Plugin (Version: 11.4.402.265)
Adobe Reader X (10.1.4) (Version: 10.1.4)
Amazon MP3 Downloader 1.0.10
Apple Application Support (Version: 2.1.7)
Apple Mobile Device Support (Version: 5.1.1.4)
Apple Software Update (Version: 2.1.3.127)
AT&T Internet Security Wizard 1.5.11 (Version: 1.5.11)
AT&T Service & Support Tool
AT&T Toolbar
AutoUpdate (Version: 1.1)
Canon G.726 WMP-Decoder (Version: 1.1.0.4)
Canon MovieEdit Task for ZoomBrowser EX (Version: 2.6.0.4)
Canon RAW Image Task for ZoomBrowser EX (Version: 0.9.3.9)
Canon Utilities CameraWindow (Version: 7.1.0.2)
Canon Utilities CameraWindow DC (Version: 7.1.0.7)
Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX (Version: 6.4.2.16)
Canon Utilities MyCamera (Version: 6.4.0.5)
Canon Utilities MyCamera DC (Version: 7.0.1.8)
Canon Utilities PhotoStitch (Version: 3.1.21.45)
Canon Utilities RemoteCapture Task for ZoomBrowser EX (Version: 1.7.1.9)
Canon Utilities ZoomBrowser EX (Version: 6.1.0.20)
Canon ZoomBrowser EX Memory Card Utility (Version: 1.1.0.8)
DivX Codec (Version: 6.8.5)
DivX Converter (Version: 7.0.0)
DivX Player (Version: 7.0.0)
DivX Plus DirectShow Filters
DivX Version Checker (Version: 7.0.0.19)
DivX Web Player (Version: 1.4.2)
Enhanced Multimedia Keyboard Solution
ESET Online Scanner v3
Google Chrome (Version: 21.0.1180.89)
Google Desktop (Version: 5.9.1005.12335)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.4.3203.136)
Google Update Helper (Version: 1.3.21.115)
H.264 Decoder (Version: 1.0.0)
Hardware Diagnostic Tools (Version: 5.00.4558.05)
HP Active Support Library (Version: 3.1.6.1)
HP Active Support Library 32 bit components (Version: 2.1.0)
HP Customer Experience Enhancements (Version: 5.2.0.2296)
HP Customer Feedback (Version: 1.0.0)
HP Easy Setup - Frontend (Version: 5.2.0.2304)
HP LaserJet P1500 series
HP On-Screen Cap/Num/Scroll Lock Indicator
HP Photosmart Essential 2.01 (Version: 2.01)
HP Photosmart Essential2.01 (Version: 1.01.0000)
HP Picasso Media Center Add-In (Version: 1.0.0)
HP Total Care Advisor (Version: 1.2.13)
HP Update (Version: 5.003.001.001)
HPAsset component for HP Active Support Library (Version: 3.0.0.7)
HPCarePackCore (Version: 10.0.0.1)
HPCarePackProducts (Version: 1.0.0.1)
HPSSupply (Version: 2.1.1.0000)
iCloud (Version: 1.1.0.40)
Intel® PRO Network Connections Drivers
Intel® Viiv™ Software (Version: 1.6.361.6)
iTunes (Version: 10.6.1.7)
Java Auto Updater (Version: 2.1.6.0)
Java™ 7 Update 5 (Version: 7.0.50)
JavaFX 2.1.1 (Version: 2.1.1)
LightScribe 1.6.45.1 (Version: 1.6.45.1)
Logitech Desktop Messenger (Version: 2.54.11)
Logitech QuickCam (Version: 11.80.1065)
Logitech QuickCam Driver Package
magicJack (Version: 2.0.6073.4413)
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB2656370)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Security Client (Version: 4.0.1526.0)
Microsoft Security Essentials (Version: 4.0.1526.0)
Microsoft VC9 runtime libraries (Version: 1.0.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Windows Media Video 9 VCM
Microsoft Works (Version: 08.05.0818)
MKV Splitter (Version: 1.0.0)
MobileMe Control Panel (Version: 3.1.8.0)
Mozilla Firefox 15.0.1 (x86 en-US) (Version: 15.0.1)
Mozilla Maintenance Service (Version: 15.0.1)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB941833) (Version: 4.20.9849.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
My HP Games (Version: HPCMPQ1804)
NVIDIA Drivers
Philips SPC315NC Webcam
PSSWCORE (Version: 2.01.0000)
Python 2.5 (Version: 2.5.150)
QuickTime (Version: 7.71.80.42)
Realtek High Definition Audio Driver (Version: 6.0.1.5548)
Rhapsody
Rhapsody Player Engine (Version: 1.0.604)
Rhapsody Player Engine (Version: 1.1.0)
Roxio Activation Module (Version: 1.0)
Roxio MyDVD Basic v9 (Version: 9.0.572)
Skype Click to Call (Version: 5.9.9216)
Skype™ 5.10 (Version: 5.10.116)
Snapfish Picture Mover (Version: 1.9.0.16)
Soft Data Fax Modem with SmartCP (Version: 7.74.00)
Spelling Dictionaries Support For Adobe Reader 8 (Version: 8.0.0)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
VC80CRTRedist - 8.0.50727.762 (Version: 1.0.0)
VideoToolkit01 (Version: 90.0.146.000)
Viewpoint Media Player
WeatherBug Gadget (Version: 1.0.0.6)
Yahoo! Browser Services
Yahoo! Install Manager
Yahoo! Internet Mail
Yahoo! Messenger
Yahoo! Search Protection
Yahoo! Toolbar

========================= Memory info: ===================================

Percentage of memory in use: 31%
Total physical RAM: 3070.57 MB
Available physical RAM: 2103.75 MB
Total Pagefile: 6376.16 MB
Available Pagefile: 4759.75 MB
Total Virtual: 2047.88 MB
Available Virtual: 1949.68 MB

========================= Partitions: =====================================

1 Drive c: (HP) (Fixed) (Total:289.04 GB) (Free:5.66 GB) NTFS
2 Drive d: (FACTORY_IMAGE) (Fixed) (Total:9.05 GB) (Free:1.23 GB) NTFS
3 Drive e: (HP_Pavilion) (Fixed) (Total:298.09 GB) (Free:297.99 GB) NTFS

========================= Users: ========================================

User accounts for \\SUGAR-PC

Administrator ASPNET Guest
IUSR_NMPR sugar


**** End of log ****

#8 sugardaddy5

sugardaddy5
  • Topic Starter

  • Members
  • 59 posts
  • OFFLINE
  •  
  • Local time:05:57 AM

Posted 10 September 2012 - 11:20 PM

Farbar Service Scanner Version: 06-08-2012
Ran by sugar (administrator) on 10-09-2012 at 23:19:58
Running from "C:\Users\sugar\Downloads"
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is set to Disabled. The default start type is Auto.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.

BITS Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to retrieve start type of BITS. The value does not exist.
The ImagePath of BITS service is OK.
The ServiceDll of BITS service is OK.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Disabled. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcsvc.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\ipnathlp.dll
[2008-05-25 02:10] - [2008-01-19 02:34] - 0288256 ____A (Microsoft Corporation) E1499BD0FF76B1B2FBBF1AF339D91165

C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****

#9 sugardaddy5

sugardaddy5
  • Topic Starter

  • Members
  • 59 posts
  • OFFLINE
  •  
  • Local time:05:57 AM

Posted 10 September 2012 - 11:26 PM

# AdwCleaner v2.001 - Logfile created 09/10/2012 at 23:21:34
# Updated 09/09/2012 by Xplode
# Operating system : Windows Vista ™ Home Premium Service Pack 2 (32 bits)
# User : sugar - SUGAR-PC
# Boot Mode : Normal
# Running from : C:\Users\sugar\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****

Stopped & Deleted : Viewpoint Manager Service

***** [Files / Folders] *****

File Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
Folder Deleted : C:\Program Files\Viewpoint
Folder Deleted : C:\ProgramData\Viewpoint
Folder Deleted : C:\Users\sugar\AppData\LocalLow\Viewpoint

***** [Registry] *****

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ViewpointMediaPlayer
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\Software\MetaStream
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
Key Deleted : HKLM\SOFTWARE\Software
Key Deleted : HKLM\Software\Viewpoint

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

Restored : [HKCU\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]

-\\ Mozilla Firefox v15.0.1 (en-US)

Profile name : default
File : C:\Users\sugar\AppData\Roaming\Mozilla\Firefox\Profiles\hydzzmzw.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v [Unable to get version]

File : C:\Users\sugar\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [3177 octets] - [10/09/2012 23:21:34]

########## EOF - C:\AdwCleaner[S1].txt - [3237 octets] ##########


looking good

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:57 AM

Posted 10 September 2012 - 11:42 PM

Run the services repair tool

http://kb.eset.com/library/ESET/KB%20Team%20Only/Malware/ServicesRepair.exe

Post the new FSS log

download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the text contents here

#11 sugardaddy5

sugardaddy5
  • Topic Starter

  • Members
  • 59 posts
  • OFFLINE
  •  
  • Local time:05:57 AM

Posted 11 September 2012 - 08:28 AM

services repair tool
Log Opened: 2012-09-11 @ 08:21:13
08:21:13 - -----------------
08:21:13 - | Begin Logging |
08:21:13 - -----------------
08:21:13 - Fix started on a WIN_VISTA X86 computer
08:21:13 - Prep in progress. Please Wait.
08:21:14 - Prep complete
08:21:14 - Repairing Services Now. Please wait...
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Vista\BFE.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\Persistent\SubLayer>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\Persistent\Provider>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\Persistent\Filter>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\Persistent>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\BootTime\Filter>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\BootTime>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE>

SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Vista\BITS.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BITS\Security>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BITS\Performance>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BITS\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BITS>

SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Vista\iphlpsvc.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Teredo>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Interfaces>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\config>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc>

SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Vista\MpsSvc.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Security>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\Teredo>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\RPC-EPMap>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc>

SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Vista\SharedAccess.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\Logging>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Static\System>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Static>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Configurable>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile\Logging>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile\GloballyOpenPorts>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile\AuthorizedApplications>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\Logging>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Epoch>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\StandardProfile\Logging>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\StandardProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\PublicProfile\Logging>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\PublicProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\FirewallRules>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\DomainProfile\Logging>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\DomainProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess>

SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Vista\WinDefend.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\WinDefend\Security>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\WinDefend\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\WinDefend>

SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Vista\wscsvc.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wscsvc\Security>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wscsvc\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wscsvc>

SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Vista\wuauserv.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wuauserv\Security>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wuauserv\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wuauserv>

SetACL finished successfully.
08:21:16 - Services Repair Complete.
08:21:47 - Reboot Initiated

#12 sugardaddy5

sugardaddy5
  • Topic Starter

  • Members
  • 59 posts
  • OFFLINE
  •  
  • Local time:05:57 AM

Posted 11 September 2012 - 08:30 AM

Rkill 2.3.11 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 09/11/2012 08:29:33 AM in x86 mode.
Windows Version: Windows Vista ™ Home Premium Service Pack 2

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
* HKCU\SOFTWARE\Classes\.bat "@" exists and is set to batfile!
* HKCU\SOFTWARE\Classes\.bat has been deleted!
* HKCU\SOFTWARE\Classes\.com "@" exists and is set to comfile!
* HKCU\SOFTWARE\Classes\.com has been deleted!

Performing miscellaneous checks:

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity:

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Automatic

* msiserver => %systemroot%\system32\msiexec.exe /V [Incorrect ImagePath]

Searching for Missing Digital Signatures:

* No issues found.

Program finished at: 09/11/2012 08:29:37 AM
Execution time: 0 hours(s), 0 minute(s), and 4 seconds(s)

#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:57 AM

Posted 11 September 2012 - 08:47 AM

.

Edited by narenxp, 11 September 2012 - 09:36 AM.


#14 sugardaddy5

sugardaddy5
  • Topic Starter

  • Members
  • 59 posts
  • OFFLINE
  •  
  • Local time:05:57 AM

Posted 11 September 2012 - 09:00 AM

"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" ""
+ "rdpclip" "" "" "File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files\common files\adobe\arm\1.0\adobearm.exe"
+ "AppleSyncNotifier" "AppleSyncNotifier" "Apple Inc." "c:\program files\common files\apple\mobile device support\applesyncnotifier.exe"
+ "APSDaemon" "Apple Push" "Apple Inc." "c:\program files\common files\apple\apple application support\apsdaemon.exe"
+ "ATT-SST_McciTrayApp" "mcci+McciTrayApp" "Alcatel-Lucent" "c:\program files\att-sst\mccitrayapp.exe"
+ "CCUTRAYICON" "" "" "File not found: FactoryMode"
+ "Google Desktop Search" "Google Desktop" "Google" "c:\program files\google\google desktop search\googledesktop.exe"
+ "HP Health Check Scheduler" "HP Health Check Scheduler" "Hewlett-Packard" "c:\program files\hewlett-packard\hp health check\hphc_scheduler.exe"
+ "HP Software Update" "hpwuSchd Application" "Hewlett-Packard" "c:\program files\hp\hp software update\hpwuschd2.exe"
+ "hpbdfawep" "WEP MFC Application" "" "c:\program files\hp\dfawep\bin\hpbdfawep.exe"
+ "hpsysdrv" "hpsysdrv" "Hewlett-Packard Company" "c:\hp\support\hpsysdrv.exe"
+ "ISW.exe" "AT&T Internet Security Wizard" "AT&T" "c:\program files\at&t\internet security wizard\isw.exe"
+ "iTunesHelper" "iTunesHelper" "Apple Inc." "c:\program files\itunes\ituneshelper.exe"
+ "KBD" "" "" "c:\hp\kbd\kbdstub.exe"
+ "LogitechCommunicationsManager" "Communications Manager" "Logitech Inc." "c:\program files\common files\logishrd\lcommgr\communications_helper.exe"
+ "LogitechQuickCamRibbon" "Camera Software" "Logitech Inc." "c:\program files\logitech\quickcam\quickcam.exe"
+ "MSC" "Microsoft Security Client User Interface" "Microsoft Corporation" "c:\program files\microsoft security client\msseces.exe"
+ "NvCplDaemon" "NVIDIA Display Properties Extension" "NVIDIA Corporation" "c:\windows\system32\nvcpl.dll"
+ "NvMediaCenter" "NVIDIA Media Center Library" "NVIDIA Corporation" "c:\windows\system32\nvmctray.dll"
+ "NvSvc" "NVIDIA Driver Helper Service, Version 169.60" "NVIDIA Corporation" "c:\windows\system32\nvsvc.dll"
+ "OsdMaestro" "OsdMaestro main program" "OsdMaestro" "c:\program files\hewlett-packard\on-screen osd indicator\osd.exe"
+ "QuickTime Task" "QuickTime Task" "Apple Inc." "c:\program files\quicktime\qttask.exe"
+ "RtHDVCpl" "HD Audio Control Panel" "Realtek Semiconductor" "c:\windows\rthdvcpl.exe"
+ "SunJavaUpdateReg" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\windows\system32\jureg.exe"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files\common files\java\java update\jusched.exe"
+ "TkBellExe" "RealNetworks Scheduler" "RealNetworks, Inc." "c:\program files\common files\real\update_ob\realsched.exe"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce" "" "" ""
+ "Launcher" "Launcher" "soft thinks" "c:\windows\sminst\launcher.exe"
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "Logitech Desktop Messenger.lnk" "Logitech Desktop Messenger" "Logitech Inc." "c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe"
+ "Snapfish Media Detector.lnk" "Snapfish Media Detector" "" "c:\program files\snapfish picture mover\snapfishmediadetector.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows Mail 7" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "cdloader" "magicJack (cdloader2)" "magicJack L.P." "c:\users\sugar\appdata\roaming\mjusbsp\cdloader2.exe"
+ "HPAdvisor" "HP Advisor" "Hewlett-Packard" "c:\program files\hewlett-packard\hp advisor\hpadvisor.exe"
+ "Messenger (Yahoo!)" "Yahoo! Messenger" "Yahoo! Inc." "c:\program files\yahoo!\messenger\yahoomessenger.exe"
+ "MobileDocuments" "ubd.exe" "Apple Inc." "c:\program files\common files\apple\internet services\ubd.exe"
+ "Sidebar" "Windows Sidebar" "Microsoft Corporation" "c:\program files\windows sidebar\sidebar.exe"
+ "Skype" "Skype " "Skype Technologies S.A." "c:\program files\skype\phone\skype.exe"
+ "swg" "GoogleToolbarNotifier" "Google Inc." "c:\program files\google\googletoolbarnotifier\googletoolbarnotifier.exe"
"HKLM\SOFTWARE\Classes\Protocols\Handler" "" "" ""
+ "bwfile-8876480" "Logitech Desktop Messenger" "Logitech Inc." "c:\program files\logitech\desktop messenger\8876480\program\gaplugprotocol-8876480.dll"
+ "ms-itss" "Microsoft® InfoTech Storage System Library" "Microsoft Corporation" "c:\program files\common files\microsoft shared\information retrieval\msitss.dll"
+ "skype-ie-addon-data" "Skype Click to Call for Internet Explorer" "Skype Technologies S.A." "c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll"
+ "skype4com" "Skype for COM API" "Skype Technologies" "c:\program files\common files\skype\skype4com.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll"
+ "Yahoo! Mail" "Yahoo! Mail" "Yahoo! Inc." "c:\program files\yahoo!\common\ymmapi.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "NvCplDesktopContext" "NVIDIA Display Properties Extension" "NVIDIA Corporation" "c:\windows\system32\nvcpl.dll"
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "&Yahoo! Toolbar Helper" "Yahoo! Toolbar" "Yahoo! Inc." "c:\program files\yahoo!\companion\installs\cpn1\yt.dll"
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "Google Toolbar Helper" "Google Toolbar" "Google Inc." "c:\program files\google\google toolbar\googletoolbar_32.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files\oracle\javafx 2.1 runtime\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files\oracle\javafx 2.1 runtime\bin\ssv.dll"
+ "SingleInstance Class" "Yahoo! Single Instance for Mail" "Yahoo! Inc" "c:\program files\yahoo!\companion\installs\cpn1\ytsingleinstance.dll"
+ "Skype Browser Helper" "Skype Click to Call for Internet Explorer" "Skype Technologies S.A." "c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll"
+ "Yahoo! IE Services Button" "Yahoo! IE Services" "Yahoo! Inc." "c:\program files\yahoo!\common\yiesrvc.dll"
"HKCU\Software\Microsoft\Internet Explorer\UrlSearchHooks" "" "" ""
+ "Yahoo! Toolbar" "Yahoo! Toolbar" "Yahoo! Inc." "c:\program files\yahoo!\companion\installs\cpn1\yt.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "Google Toolbar" "Google Toolbar" "Google Inc." "c:\program files\google\google toolbar\googletoolbar_32.dll"
+ "Yahoo! Toolbar" "Yahoo! Toolbar" "Yahoo! Inc." "c:\program files\yahoo!\companion\installs\cpn1\yt.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "Skype Click to Call" "Skype Click to Call for Internet Explorer" "Skype Technologies S.A." "c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll"
+ "Yahoo! Services" "Yahoo! IE Services" "Yahoo! Inc." "c:\program files\yahoo!\common\yiesrvc.dll"
"Task Scheduler" "" "" ""
+ "\Adobe Flash Player Updater" "Adobe® Flash® Player Update Service 11.4 r402" "Adobe Systems Incorporated" "c:\windows\system32\macromed\flash\flashplayerupdateservice.exe"
+ "\Apple\AppleSoftwareUpdate" "Apple Software Update" "Apple Inc." "c:\program files\apple software update\softwareupdate.exe"
+ "\GoogleUpdateTaskMachineCore" "Google Installer" "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskMachineUA" "Google Installer" "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "\HP Health Check" "HP Health Check Scheduler" "Hewlett-Packard" "c:\program files\hewlett-packard\hp health check\hphc_scheduler.exe"
+ "\JavaUpdateAdministrator" "" "" "File not found: C:\Windows\system32\jusched.exe"
+ "\JavaUpdatesugar" "" "" "File not found: C:\Windows\system32\jusched.exe"
+ "\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\microsoft security client\mpcmdrun.exe"
+ "\Microsoft\Windows\Wired\GatherWiredInfo" "" "" "c:\windows\system32\gatherwiredinfo.vbs"
+ "\Microsoft\Windows\Wireless\GatherWirelessInfo" "" "" "c:\windows\system32\gatherwirelessinfo.vbs"
+ "\Norton Internet Security - Run Full System Scan - sugar" "" "" "File not found: C:\Program Files\Norton Internet Security\Norton AntiVirus\Navw32.exe"
+ "\RecoveryCD" "ESAdvRemIntegrator" "" "c:\program files\hewlett-packard\sdp\remengine.exe"
+ "\{EECD1598-18BF-4D3D-A757-08FE4BAD85B1}" "Skype " "Skype Technologies S.A." "c:\program files\skype\phone\skype.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AdobeARMservice" "Adobe Acrobat Updater keeps your Adobe software up to date." "Adobe Systems Incorporated" "c:\program files\common files\adobe\arm\1.0\armsvc.exe"
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\system32\macromed\flash\flashplayerupdateservice.exe"
+ "AlertService" "This service reports the notices from Intel® Viiv™ software. If this service is stopped or disabled, components of Intel Viiv software that depend on the notices will not receive them." "Intel® Corporation" "c:\program files\intel\inteldh\ccu\alertservice.exe"
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "DQLWinService" "DQLWinSe Application" "" "c:\program files\common files\intel\inteldh\nms\adpplugins\dqlwinservice.exe"
+ "GoogleDesktopManager-051210-111108" "Updates Google Desktop with the latest security fixes, enhancements and features. This service only runs occasionally and thus does not affect your computer's performance. If this service is stopped or disabled, Google Desktop may not function correctly." "Google" "c:\program files\google\google desktop search\googledesktop.exe"
+ "gupdate1ca423b50b1320" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "gusvc" "Google Updater keeps your Google software up to date. If Google Updater Service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work." "Google" "c:\program files\google\common\google updater\googleupdaterservice.exe"
+ "HP Health Check Service" "HP Health Check Service" "Hewlett-Packard" "c:\program files\hewlett-packard\hp health check\hphc_service.exe"
+ "HPBtnSrv" "This service provides support for HP Chasis Button." "" "c:\hp\hpezbtn\hpbtnsrv.exe"
+ "IDriverT" "Provides support for the Running Object Table for InstallShield Drivers" "Macrovision Corporation" "c:\program files\common files\installshield\driver\1050\intel 32\idrivert.exe"
+ "IntelDHSvcConf" "Intel® Factory Mode Service" "Intel® Corporation" "c:\program files\intel\inteldh\intel media server\tools\inteldhsvcconf.exe"
+ "iPod Service" "iPod hardware management services" "Apple Inc." "c:\program files\ipod\bin\ipodservice.exe"
+ "ISSM" "Intel® Software services manager" "Intel® Corporation" "c:\program files\intel\inteldh\intel media server\media server\bin\issm.exe"
+ "LightScribeService" "Used by the LightScribe software components to support 3rd party disc labeling applications using the LightScribe COM Application Programming Interface (LSCAPI). This service needs to run for LightScribe direct disc labeling to work." "Hewlett-Packard Company" "c:\program files\common files\lightscribe\lssrvc.exe"
+ "LVCOMSer" "Logitech Video COM Service" "Logitech Inc." "c:\program files\common files\logishrd\lvcomser\lvcomser.exe"
+ "LVPrcSrv" "Injector service" "Logitech Inc." "c:\program files\common files\logishrd\lvmvfm\lvprcsrv.exe"
+ "M1 Server" "" "" "c:\program files\intel\inteldh\intel media server\media server\bin\mediaserver.exe"
+ "McciCMService" "mcci+McciCMService" "Alcatel-Lucent" "c:\program files\common files\motive\mccicmservice.exe"
+ "MCLServiceATL" "Intel® Application Tracker" "Intel® Corporation" "c:\program files\intel\inteldh\intel media server\shells\mclserviceatl.exe"
+ "MozillaMaintenance" "The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled." "Mozilla Foundation" "c:\program files\mozilla maintenance service\maintenanceservice.exe"
+ "NisSrv" "Helps guard against intrusion attempts targeting known and newly discovered vulnerabilities in network protocols" "Microsoft Corporation" "c:\program files\microsoft security client\nissrv.exe"
+ "Remote UI Service" "Intel® Remoting Service" "Intel® Corporation" "c:\program files\intel\inteldh\intel media server\shells\remote ui service.exe"
+ "RoxMediaDB9" "Roxio RoxMediaDB9 Service" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\sharedcom\roxmediadb9.exe"
+ "SkypeUpdate" "Enables the detection, download and installation of updates for Skype." "Skype Technologies" "c:\program files\skype\updater\updater.exe"
+ "WinDefend" "Scan your computer for unwanted software, schedule scans, and get the latest unwanted software definitions." "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
+ "XAudioService" "User-mode gate for Modem Speakerphone" "Conexant Systems, Inc." "c:\windows\system32\drivers\xaudio.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "e1express" "Intel® PRO/1000 Adapter NDIS 6 deserialized driver" "Intel Corporation" "c:\windows\system32\drivers\e1e6032.sys"
+ "E1G60" "Intel® PRO/1000 Adapter NDIS 6 deserialized driver" "Intel Corporation" "c:\windows\system32\drivers\e1g60i32.sys"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "HCW85BDA" "CX23885 BDA driver" "Hauppauge Computer Works" "c:\windows\system32\drivers\hcw85bda.sys"
+ "HSF_DP" "HSF_DP driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\hsx_dp.sys"
+ "HSXHWBS2" "HSF_HWB2 WDM driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\hsxhwbs2.sys"
+ "IntcAzAudAddService" "Realtek® High Definition Audio Function Driver" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtkvhda.sys"
+ "IpInIp" "IP in IP Tunnel Driver" "" "File not found: system32\DRIVERS\ipinip.sys"
+ "LVPr2Mon" "Logitech ProcMon Driver" "Logitech Inc." "c:\windows\system32\drivers\lvpr2mon.sys"
+ "LVRS" "Logitech Kernel Audio Improvement Filter Driver" "Logitech Inc." "c:\windows\system32\drivers\lvrs.sys"
+ "LVUSBSta" "USB Statistic Driver" "Logitech Inc." "c:\windows\system32\drivers\lvusbsta.sys"
+ "LVUVC" "Logitech USB Video Class Driver" "Logitech Inc." "c:\windows\system32\drivers\lvuvc.sys"
+ "mdmxsdk" "Diagnostic Interface x86 Driver" "Conexant" "c:\windows\system32\drivers\mdmxsdk.sys"
+ "MREMP50" "PCAUSA NDIS 5.0 MPR Protocol Driver" "Printing Communications Assoc., Inc. (PCAUSA)" "c:\program files\common files\motive\mremp50.sys"
+ "MREMP50a64" "" "" "File not found: C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS"
+ "MREMPR5" "" "" "File not found: C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS"
+ "MRENDIS5" "" "" "File not found: C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS"
+ "MRESP50" "PCAUSA NDIS 5.0 SPR Protocol Driver" "Printing Communications Assoc., Inc. (PCAUSA)" "c:\program files\common files\motive\mresp50.sys"
+ "MRESP50a64" "" "" "File not found: C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS"
+ "netr73" "Ralink 802.11 Wireless Adapter Driver" "Ralink Technology Corp." "c:\windows\system32\drivers\netr73.sys"
+ "nvlddmkm" "NVIDIA Compatible Windows Vista Kernel Mode Driver, Version 169.60 " "NVIDIA Corporation" "c:\windows\system32\drivers\nvlddmkm.sys"
+ "NwlnkFlt" "IPX Traffic Filter Driver" "" "File not found: system32\DRIVERS\nwlnkflt.sys"
+ "NwlnkFwd" "IPX Traffic Forwarder Driver" "" "File not found: system32\DRIVERS\nwlnkfwd.sys"
+ "PxHelp20" "Px Engine Device Driver for Windows 2000/XP" "Sonic Solutions" "c:\windows\system32\drivers\pxhelp20.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "USBAAPL" "Apple Mobile Device USB Driver" "Apple, Inc." "c:\windows\system32\drivers\usbaapl.sys"
+ "winachsf" "HSF_CNXT driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\hsx_cnxt.sys"
+ "XAudio" "Modem Audio Device Driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\xaudio.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\system32\iccvid.dll"
+ "vidc.DIVX" "DivX" "DivX, Inc." "c:\windows\system32\divx.dll"
+ "vidc.i420" "Video Codec" "Logitech Inc." "c:\windows\system32\lvcodec2.dll"
+ "vidc.yv12" "DivX" "DivX, Inc." "c:\windows\system32\divx.dll"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "9x8Resize" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Allocator Fix" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Bitmap" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Canon DES Resizer SaveMode" "CanonDESResizer" "Canon Inc." "c:\program files\canon\zoombrowser ex\program\canondesresizer.ax"
+ "Canon G.726 Decoder" "Canon G.726 Decoder" "Canon Inc." "c:\program files\canon\g726decoder\canong726decoder.ax"
+ "Canon Image Rotation Filter 1.1" "Canon Image Rotation Filter " "Canon Inc." "c:\program files\canon\mdp\canonrotatefilter.dll"
+ "Canon MDP Motion-JPEG Decoder" "Canon MDP Motion-JPEG Decoder Filter" "Canon Inc." "c:\program files\canon\mdp\canonmdpmjpegdecoder.ax"
+ "Canon Motion-JPEG Decoder" "Canon Motion-JPEG Decoder Filter" "Canon Inc." "c:\program files\canon\zoombrowser ex\program\canonmjpegdecoder.ax"
+ "Canon Motion-JPEG Encoder" "Motion-JPEG Encoder Filter" "Canon Inc." "c:\program files\canon\zoombrowser ex\program\canonmjpegencoder.ax"
+ "Canon Resizer" "CanonResizer" "Canon Inc." "c:\program files\canon\zoombrowser ex\program\canonresizer.ax"
+ "Canon Text Source Filter" "Canon Text Source Filter" "Canon Inc." "c:\program files\canon\zoombrowser ex\program\canontextsourcefilter.ax"
+ "Canon WAV Dest" "CanonWavDest" "Canon Inc." "c:\program files\canon\zoombrowser ex\program\canonwavdest.ax"
+ "Canon-Actual-Data-Length-Setter" "CanonActualDataLengthSetter" "Canon Inc." "c:\program files\canon\zoombrowser ex\program\canonactualdatalengthsetter.ax"
+ "Capture ASF Writer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "DivX AAC Decoder" "AAC Audio Decoder Filter" "DivX, Inc." "c:\program files\divx\divx plus directshow filters\daac.ax"
+ "DivX Decoder Filter" "DivX® Decoder Filter" "DivX, Inc." "c:\windows\system32\divxdec.ax"
+ "DivX H.264 Decoder" "DivX H.264 Decoder Filter" "DivX, Inc." "c:\program files\divx\divx plus directshow filters\divxdech264.ax"
+ "DivX MKV Demux" "DivX MKV Splitter" "" "c:\program files\divx\divx plus directshow filters\dmfsource.ax"
+ "Frame Eater" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "HP VTK Frame Grabber Filter" "HP Video Toolkit" "Hewlett-Packard Co." "c:\program files\common files\hp\digital imaging\bin\hpqvtk01.dll"
+ "HP VTK MPEG-1 Encoder" "HP Video Toolkit" "Hewlett-Packard Co." "c:\program files\common files\hp\digital imaging\bin\hpqvtk01.dll"
+ "HP VTK Resize Filter" "HP Video Toolkit" "Hewlett-Packard Co." "c:\program files\common files\hp\digital imaging\bin\hpqvtk01.dll"
+ "HP VTK Rotate Filter" "HP Video Toolkit" "Hewlett-Packard Co." "c:\program files\common files\hp\digital imaging\bin\hpqvtk01.dll"
+ "Intel DVRMS TrickMode Filter" "Intel ® TSDVRMSTrickMode Filter" "Intel® Corporation" "c:\program files\intel\inteldh\intel media server\media server\bin\tsdvrmstrickmode.ax"
+ "Intel Metadata Skipper" "Intel Metadata Skipper" "Intel® Corporation" "c:\program files\intel\inteldh\intel media server\media server\bin\metaskipper.ax"
+ "Intel Pull Mode MPEG2 Transcoder" "Intel ® WLTranscoder Filter" "Intel® Corporation" "c:\program files\intel\inteldh\intel media server\media server\bin\wltranscoder.ax"
+ "Intel Transport Sink Filter" "Intel ® Transport Sink Filter" "Intel® Corporation" "c:\program files\intel\inteldh\intel media server\media server\bin\tstransportsink.ax"
+ "Intel Video Transcoder" "Intel ® Video Transcode Filter" "Intel® Corporation" "c:\program files\intel\inteldh\intel media server\media server\bin\tstranscoder.ax"
+ "Intel WMV Source Filter" "Intel ® WMV Source Filter" "Intel® Corporation" "c:\program files\intel\inteldh\intel media server\media server\bin\tswmvreader.ax"
+ "Intel® IPP AAC Decoder" "" "" "c:\program files\intel\inteldh\intel media server\media server\bin\umc_aac_dec_filter.ax"
+ "Intel® IPP AAC Parser" "" "" "c:\program files\intel\inteldh\intel media server\media server\bin\umc_aac_spl_filter.ax"
+ "Intel® IPP Audio Resampling" "audio_resampling_filter" "" "c:\program files\intel\inteldh\intel media server\media server\bin\umc_audio_resampl_filter.ax"
+ "Intel® IPP AVI Splitter" "" "" "c:\program files\intel\inteldh\intel media server\media server\bin\umc_avi_spl_filter.ax"
+ "Intel® IPP MP3 Decoder" "Intel® IPP MP3 Decoder" "Intel® Corporation" "c:\program files\intel\inteldh\intel media server\media server\bin\umc_mp3_dec_filter.ax"
+ "Intel® IPP MP4 Splitter" "" "" "c:\program files\intel\inteldh\intel media server\media server\bin\umc_mpeg4_spl_filter.ax"
+ "Intel® IPP MPEG-4 Decoder" "Intel® IPP H.264 Decoder" "Intel® Corporation" "c:\program files\intel\inteldh\intel media server\media server\bin\umc_mpeg4_dec_filter.ax"
+ "Intel® IPP VOB Source Filter" "" "" "c:\program files\intel\inteldh\intel media server\media server\bin\umc_vob_source_filter.ax"
+ "LVMWriter" "LVMWriter" "Sonic Solutions" "c:\program files\roxio\videocore 9\lvmwriter.ax"
+ "MainConcept (Sonic) DV Video Decoder" "DirectShow DV Video Encoder and Decoder" "MainConcept AG (Sonic)" "c:\program files\roxio\videocore 9\sonicmcdsdv.ax"
+ "MainConcept (Sonic) DV Video Encoder" "DirectShow DV Video Encoder and Decoder" "MainConcept AG (Sonic)" "c:\program files\roxio\videocore 9\sonicmcdsdv.ax"
+ "Media Analyser" "analyse Filter (Sample)" "Sonic Solutions" "c:\program files\roxio\videocore 9\mediaanalyser.ax"
+ "Multiple File Output" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Proxy Sink" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Proxy Source" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "PSI Parser" "" "" "c:\program files\roxio\videocore 9\psiparser.ax"
+ "psWav Dest" "Canon Utilities Support Library" "Canon Inc." "c:\program files\canon\camerawindow\mycamera\pswavdes.ax"
+ "RealPlayer Audio Filter" "Audio Filter Plugin" "RealNetworks, Inc." "c:\program files\real\realplayer\rdsf3260.dll"
+ "Record Queue" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Roxio Audio Decoder (DVD)" "ROXIO Audio Decoder" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\roxiodvdaudio.dll"
+ "ROXIO Audio Source 3.0" "VW Audio Source" "Sonic Solutions" "c:\program files\roxio\videocore 9\audiosrc.ax"
+ "ROXIO Audio VCFChunker 3.0" "Chunker Filter (Sample)" "Sonic Solutions" "c:\program files\roxio\videocore 9\chunker.ax"
+ "ROXIO Audio VCFLooper 3.0" "Looper Filter (Sample)" "Sonic Solutions" "c:\program files\roxio\videocore 9\looper.ax"
+ "ROXIO AudioConvert 3.0" "AudioConvert Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\audconv.ax"
+ "ROXIO AudioGrabber 3.0" "VideoWave Frame Grabber" "Sonic Solutions" "c:\program files\roxio\videocore 9\thumbnailgraber.ax"
+ "ROXIO ColorSpace Converter 3.0" "ROXIO Color Space Converter" "Sonic Solutions" "c:\program files\roxio\videocore 9\colorspconv.dll"
+ "ROXIO CrossGraphEx Renderer 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\videocore 9\crossgraphex.ax"
+ "ROXIO CrossGraphEx Source 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\videocore 9\crossgraphex.ax"
+ "roxio DCFilters Audio Sync Filter 2" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\dllshared\dcfilters9.dll"
+ "roxio DCFilters Dragons Lair" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\dllshared\dcfilters9.dll"
+ "roxio DCFilters DVD Muxer" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\dllshared\dcfilters9.dll"
+ "roxio DCFilters DVDStream Reader" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\dllshared\dcfilters9.dll"
+ "roxio DCFilters DVDStream Splitter" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\dllshared\dcfilters9.dll"
+ "roxio DCFilters Mpeg I/II Decoder" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\dllshared\dcfilters9.dll"
+ "roxio DCFilters Smart Resizer" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\dllshared\dcfilters9.dll"
+ "roxio DCFilters Subpicture Mixer" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\dllshared\dcfilters9.dll"
+ "ROXIO Deinterlace 3.0" "Video Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\deinter.ax"
+ "ROXIO DVDCrossGraphEx Renderer 3.0" "DVDCrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\videocore 9\dvdcrossgraphex.ax"
+ "ROXIO DVDCrossGraphEx Source 3.0" "DVDCrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\videocore 9\dvdcrossgraphex.ax"
+ "ROXIO Image/Colour Source 3.0" "Colour Frame Source" "Sonic Solutions" "c:\program files\roxio\videocore 9\imagesource.ax"
+ "ROXIO ListImage Source 3.0" "ListFrameSource" "Sonic Solutions" "c:\program files\roxio\videocore 9\listimagesource.ax"
+ "ROXIO LPCMSyncFilter" "LPCMSync Filter" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\lpcmsyncfilter.dll"
+ "Roxio LVM File Source (Async.)" "LVMAsync" "Sonic Solutions" "c:\program files\roxio\videocore 9\lvmasync.ax"
+ "Roxio MPEG Analyzer Filter" "MPEG File Analyzer Dynamic Link Library" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\roxiompegprop.dll"
+ "Roxio MPEG Stream Analyzer" "Roxio MPEG Stream Splitter" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\mpegstreamanalyzer.dll"
+ "Roxio MPEG1 Audio Encoder" "ROXIO MPEG Audio Encoder" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\roxioaudioenc.dll"
+ "Roxio MPEG1 Encoder" "ROXIO MPEG1 Codec" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\mpeg1vidcodec.dll"
+ "Roxio MPEG1 Muxer" "ROXIO MPEG MUXER" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\mpeg1muxer.dll"
+ "Roxio MPEG2 Demuxer" "ROXIO MPEG Demuxer" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\roxiompegdemuxer.dll"
+ "Roxio MPEG2 Encoder" "ROXIO MPEG2 Codec" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\mpeg2vidcodec.dll"
+ "Roxio MPEG2 Muxer" "ROXIO MPEG MUXER" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\mpeg2muxer.dll"
+ "Roxio MPEG2 Video Decoder" "ROXIO MPEG2 Codec" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\mpeg2vidcodec.dll"
+ "ROXIO Pan Zoom 3.0" "Video Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\panzoom.ax"
+ "ROXIO Pin Tee" "" "" "c:\program files\roxio\videocore 9\roxioinftee.ax"
+ "Roxio Plasma CrossGraph Renderer" "MGICGFilter.ax" "Sonic Solutions" "c:\program files\roxio\videocore 9\plasmacgfilter.ax"
+ "Roxio Plasma CrossGraph Source" "MGICGFilter.ax" "Sonic Solutions" "c:\program files\roxio\videocore 9\plasmacgfilter.ax"
+ "ROXIO QT Source" "QuickTime Loader" "Sonic Solutions" "c:\program files\roxio\videocore 9\qtsource.ax"
+ "ROXIO QuickGrabber 3.0" "VideoWave Frame Grabber" "Sonic Solutions" "c:\program files\roxio\videocore 9\thumbnailgraber.ax"
+ "ROXIO Raw Writer" "ROXIO Raw Writer" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\mgirawwriter.dll"
+ "Roxio Repack Filter" "Repack Filter" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\repackfilter.dll"
+ "ROXIO Scene Detector 3.0" "Video Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\scenedetector.ax"
+ "ROXIO SceneRecorder 1.0" "DVR support filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\scenerecorderfilt.ax"
+ "ROXIO Simple Dump 3.0" "Simple Dump Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\rxsimpledump.ax"
+ "Roxio Smart Decoder" "ROXIO MPEG2 Codec" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\mpeg2vidcodec.dll"
+ "Roxio Smart Encoder" "ROXIO MPEG2 Codec" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\mpeg2vidcodec.dll"
+ "ROXIO SpyPos 3.0" "Null-In-Place (Sample)" "Sonic Solutions" "c:\program files\roxio\videocore 9\mginullip.ax"
+ "ROXIO ThumbnailGrabber 3.0" "VideoWave Frame Grabber" "Sonic Solutions" "c:\program files\roxio\videocore 9\thumbnailgraber.ax"
+ "Roxio Transport Stream Source" "ListFrameSource" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\tsmpegsource.dll"
+ "ROXIO VCFAudioMixer 3.0" "AudioFlt Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\audmf.ax"
+ "ROXIO VCFDvrSupport 3.0" "DVR support filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\dvrsupportfilt.ax"
+ "ROXIO VCFDVSceneDetect 1.0" "DVR support filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\dvscenedetectfilt.ax"
+ "ROXIO VCFLatency 3.0" "Latency Filter (Sample)" "Sonic Solutions" "c:\program files\roxio\videocore 9\latency.ax"
+ "ROXIO VCFpeakmeter 3.0" "Peakmeter Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\peakmeter.ax"
+ "ROXIO VCFVideoCutList 3.0" "Video CutList Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\vcutlist.ax"
+ "ROXIO VCFWaveform 1.0" "Waveform Filter (Sample)" "Sonic Solutions" "c:\program files\roxio\videocore 9\waveform.ax"
+ "ROXIO Video Resampler 3.0" "Video Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\vresamfilt.ax"
+ "ROXIO Video VCFLooper 3.0" "Video Looper Filter (Sample)" "Sonic Solutions" "c:\program files\roxio\videocore 9\vlooper.ax"
+ "ROXIO VideoCombine 3.0" "Video Effect Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\videocombine.ax"
+ "Roxio VOB Formatter" "VOBFormatter" "Sonic Solutions" "c:\program files\roxio\videocore 9\vobformatter.ax"
+ "Roxio Vob Loader" "VOBLoader" "Sonic Solutions" "c:\program files\roxio\videocore 9\vobloader.ax"
+ "ROXIO WAV Dest 3.0" "MGI Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\wavhead.ax"
+ "Sewer" "MVWcDSutil" "Sonic Solutions" "c:\program files\roxio\videocore 9\mvwcdsutil.dll"
+ "ShotDetect" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Sonic MPEG Audio Decoder" "MPEG Video and Audio Decoder" "Sonic Solutions Inc." "c:\program files\common files\sonic shared\sonicmc01\sonicdsmpeg.ax"
+ "Sonic MPEG Video Decoder" "MPEG Video and Audio Decoder" "Sonic Solutions Inc." "c:\program files\common files\sonic shared\sonicmc01\sonicdsmpeg.ax"
+ "Sonic MPEG-2 Video Decoder" "MPEG-2 Video Decoder" "Sonic Solutions Inc" "c:\program files\common files\sonic shared\sonicmc01\sonicm2vd.ax"
+ "Stetch" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "SubPicture Encoder" "ROXIO SubPicture Encoder" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\subpictenc.dll"
+ "VCG Null Renderer 3.0" "" "" "c:\program files\roxio\videocore 9\videocompositing.ax"
+ "VCG Video Mixer 3.0" "" "" "c:\program files\roxio\videocore 9\videocompositing.ax"
+ "VCGImageSource" "" "" "c:\program files\roxio\videocore 9\videocompositing.ax"
+ "VMR9 Wrapper 3.0" "" "" "c:\program files\roxio\videocore 9\videocompositing.ax"
+ "VW Input Selector" "Video Effect Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\inputselector.ax"
+ "VW Input Selector 2" "Video Effect Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\inputselector.ax"
+ "WM VIH2 Fix" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Audio Analyzer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Black Frame Generator" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT DV Extract Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT FormatConversion" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Import Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Interlacer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Log Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT MuxDeMux Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Sample Info Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Switch Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Renderer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Source" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Volume" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "{1AD512C6-24AF-4395-82B4-2D3CF21F44A2}" "Roxio MP3 Encoder Dynamic Link Library" "Roxio" "c:\program files\common files\roxio shared\sharedcom\rxdsaudiostreamwriter.ax"
+ "{472C92F0-5438-423D-9B30-FD2932EA44EE}" "Roxio Audio Source Filter" "Microsoft Corporation" "c:\program files\common files\roxio shared\sharedcom\rxdsaudiosource.ax"
+ "{58FF69ED-8388-483B-B9AC-3EB04BBEB913}" "Roxio Audio Stream Reader Filter" "Microsoft Corporation" "c:\program files\common files\roxio shared\sharedcom\rxdsaudiostreamreader.ax"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Appinit_Dlls" "" "" ""
+ "C:\PROGRA~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll" "Google Desktop" "Google" "c:\program files\google\google desktop search\googledesktopnetwork3.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "HP LaserJet P1006 Language Monitor" "HP LaserJet P1006 Language Monitor" "Software 2000 Limited" "c:\windows\system32\hp1006lm.dll"
"C:\Users\sugar\AppData\Local\Microsoft\Windows Sidebar\Settings.ini" "" "" ""
+ "" "" "" "C:\Program Files\windows sidebar\gadgets\Norton.Gadget"

#15 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:57 AM

Posted 11 September 2012 - 09:37 AM

That looks good

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows-vista/Turn-System-Restore-on-or-off

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp

Update your flash player

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users