Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

ZeroAccess Trojan


  • Please log in to reply
13 replies to this topic

#1 GKRmaximumattack

GKRmaximumattack

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:02 PM

Posted 10 September 2012 - 10:21 AM

Hello,
I’m new to this Forum. I got a Trojan on my system from what looked like a genuine Adobe Flash Player Update. I’ve got an HP Laptop PC with a Seagate External Backup Hardrive system and am running Windows 7 and use Mozilla Firefox as my browser for most things. I have McAfee virus protection and firewall running at all times and with automatic updating. I’ve got this message popping up constantly. Here are the details:
McAfee detected and automatically removed a Trojan from your PC. No further action is required.
About This Trojan
Detected: ZeroAccess.qd (Trojan)
Quarantined From: C:\$RECYCLE.BIN\S-1-5-18\$ff24043d55f85ce9a20a8337d9b4b888\U\80000000.$
McAfee Firewall protection keeps getting shut off as well now. Any help would be greatly appreciated!

Looking on your Forum Site, I found someone with a similar problem. http://www.bleepingcomputer.com/forums/topic468039.html/page__p__2834723#entry2834723 .

Mod Edit: Replaced content with link to relevant topic - Hamluis.

Edited by hamluis, 10 September 2012 - 11:10 AM.
Edit, moved from Win 7 to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:02 PM

Posted 10 September 2012 - 12:07 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 GKRmaximumattack

GKRmaximumattack
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:02 PM

Posted 14 September 2012 - 01:56 PM

http://www.bleepingcomputer.com/forums/topic468086.html
narenxp

• Forum Addict



• Group: BC Advisor
• Posts: 8,405
• Joined: 24-October 11
• Gender:Male
• Location:India
Posted Yesterday, 12:07 PM
Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

08:00:15.0431 6180 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
08:00:16.0091 6180 ============================================================
08:00:16.0091 6180 Current date / time: 2012/09/13 08:00:16.0091
08:00:16.0091 6180 SystemInfo:
08:00:16.0091 6180
08:00:16.0091 6180 OS Version: 6.1.7601 ServicePack: 1.0
08:00:16.0091 6180 Product type: Workstation
08:00:16.0091 6180 ComputerName: ANDREW-PC
08:00:16.0091 6180 UserName: Andrew
08:00:16.0091 6180 Windows directory: C:\Windows
08:00:16.0091 6180 System windows directory: C:\Windows
08:00:16.0091 6180 Running under WOW64
08:00:16.0091 6180 Processor architecture: Intel x64
08:00:16.0091 6180 Number of processors: 2
08:00:16.0091 6180 Page size: 0x1000
08:00:16.0091 6180 Boot type: Normal boot
08:00:16.0091 6180 ============================================================
08:00:21.0161 6180 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
08:00:21.0171 6180 Drive \Device\Harddisk1\DR3 - Size: 0x1D1C1115E00 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
08:00:21.0181 6180 ============================================================
08:00:21.0181 6180 \Device\Harddisk0\DR0:
08:00:21.0181 6180 MBR partitions:
08:00:21.0181 6180 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1BB7A7C1
08:00:21.0181 6180 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1BB7A800, BlocksNum 0x1649800
08:00:21.0181 6180 \Device\Harddisk1\DR3:
08:00:21.0181 6180 MBR partitions:
08:00:21.0181 6180 \Device\Harddisk1\DR3\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xE8E074C1
08:00:21.0181 6180 ============================================================
08:00:21.0531 6180 C: <-> \Device\Harddisk0\DR0\Partition1
08:00:21.0861 6180 D: <-> \Device\Harddisk0\DR0\Partition2
08:00:21.0911 6180 F: <-> \Device\Harddisk1\DR3\Partition1
08:00:21.0911 6180 ============================================================
08:00:21.0911 6180 Initialize success
08:00:21.0911 6180 ============================================================
08:01:45.0642 1444 ============================================================
08:01:45.0642 1444 Scan started
08:01:45.0642 1444 Mode: Manual; TDLFS;
08:01:45.0642 1444 ============================================================
08:01:47.0218 1444 ================ Scan system memory ========================
08:01:47.0218 1444 System memory - ok
08:01:47.0234 1444 ================ Scan services =============================
08:01:47.0827 1444 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
08:01:47.0873 1444 1394ohci - ok
08:01:47.0967 1444 [ 5C368F4B04ED2A923E6AFCA2D37BAFF5 ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys
08:01:48.0029 1444 Accelerometer - ok
08:01:48.0170 1444 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
08:01:48.0232 1444 ACPI - ok
08:01:48.0279 1444 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
08:01:48.0340 1444 AcpiPmi - ok
08:01:48.0840 1444 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
08:01:48.0900 1444 AdobeARMservice - ok
08:01:49.0571 1444 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
08:01:49.0571 1444 AdobeFlashPlayerUpdateSvc - ok
08:01:49.0701 1444 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
08:01:49.0721 1444 adp94xx - ok
08:01:49.0791 1444 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
08:01:49.0801 1444 adpahci - ok
08:01:49.0851 1444 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
08:01:49.0861 1444 adpu320 - ok
08:01:49.0891 1444 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
08:01:49.0901 1444 AeLookupSvc - ok
08:01:50.0516 1444 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe
08:01:50.0563 1444 AESTFilters - ok
08:01:50.0859 1444 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
08:01:51.0374 1444 AFD - ok
08:01:51.0436 1444 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
08:01:51.0452 1444 agp440 - ok
08:01:51.0499 1444 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
08:01:51.0514 1444 ALG - ok
08:01:51.0624 1444 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
08:01:51.0624 1444 aliide - ok
08:01:51.0639 1444 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
08:01:51.0655 1444 amdide - ok
08:01:51.0717 1444 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
08:01:51.0733 1444 AmdK8 - ok
08:01:51.0748 1444 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
08:01:51.0811 1444 AmdPPM - ok
08:01:51.0889 1444 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
08:01:52.0450 1444 amdsata - ok
08:01:52.0575 1444 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
08:01:52.0575 1444 amdsbs - ok
08:01:52.0622 1444 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
08:01:52.0669 1444 amdxata - ok
08:01:52.0809 1444 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
08:01:52.0856 1444 AppID - ok
08:01:52.0903 1444 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
08:01:52.0903 1444 AppIDSvc - ok
08:01:52.0965 1444 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
08:01:53.0012 1444 Appinfo - ok
08:01:53.0184 1444 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
08:01:53.0246 1444 Apple Mobile Device - ok
08:01:53.0333 1444 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
08:01:53.0333 1444 arc - ok
08:01:53.0353 1444 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
08:01:53.0363 1444 arcsas - ok
08:01:53.0423 1444 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
08:01:53.0423 1444 AsyncMac - ok
08:01:53.0473 1444 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
08:01:53.0473 1444 atapi - ok
08:01:53.0573 1444 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
08:01:53.0583 1444 AudioEndpointBuilder - ok
08:01:53.0593 1444 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
08:01:53.0603 1444 AudioSrv - ok
08:01:53.0663 1444 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
08:01:53.0703 1444 AxInstSV - ok
08:01:53.0813 1444 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
08:01:53.0823 1444 b06bdrv - ok
08:01:53.0923 1444 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
08:01:53.0933 1444 b57nd60a - ok
08:01:54.0393 1444 [ 370504F7B1085DDDAB63581E0E19BB9E ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
08:01:54.0473 1444 BCM43XX - ok
08:01:54.0513 1444 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
08:01:54.0513 1444 BDESVC - ok
08:01:54.0593 1444 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
08:01:54.0593 1444 Beep - ok
08:01:54.0623 1444 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
08:01:54.0633 1444 blbdrive - ok
08:01:54.0723 1444 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
08:01:54.0783 1444 Bonjour Service - ok
08:01:54.0823 1444 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
08:01:54.0873 1444 bowser - ok
08:01:54.0923 1444 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
08:01:54.0923 1444 BrFiltLo - ok
08:01:54.0983 1444 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
08:01:54.0993 1444 BrFiltUp - ok
08:01:55.0093 1444 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
08:01:55.0133 1444 Browser - ok
08:01:55.0293 1444 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
08:01:55.0313 1444 Brserid - ok
08:01:55.0343 1444 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
08:01:55.0343 1444 BrSerWdm - ok
08:01:55.0421 1444 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
08:01:55.0421 1444 BrUsbMdm - ok
08:01:55.0468 1444 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
08:01:55.0468 1444 BrUsbSer - ok
08:01:55.0514 1444 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
08:01:55.0514 1444 BTHMODEM - ok
08:01:55.0608 1444 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
08:01:55.0608 1444 bthserv - ok
08:01:55.0764 1444 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
08:01:55.0764 1444 cdfs - ok
08:01:55.0842 1444 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
08:01:55.0904 1444 cdrom - ok
08:01:55.0982 1444 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
08:01:56.0029 1444 CertPropSvc - ok
08:01:56.0138 1444 [ 45B5A89DC41577282E5BF41B1165EA71 ] cfwids C:\Windows\system32\drivers\cfwids.sys
08:01:56.0201 1444 cfwids - ok
08:01:56.0294 1444 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
08:01:56.0294 1444 circlass - ok
08:01:56.0372 1444 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
08:01:56.0388 1444 CLFS - ok
08:01:56.0528 1444 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:01:56.0591 1444 clr_optimization_v2.0.50727_32 - ok
08:01:56.0778 1444 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
08:01:56.0778 1444 clr_optimization_v2.0.50727_64 - ok
08:01:56.0856 1444 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
08:01:56.0856 1444 clr_optimization_v4.0.30319_32 - ok
08:01:56.0981 1444 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
08:01:57.0043 1444 clr_optimization_v4.0.30319_64 - ok
08:01:57.0124 1444 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
08:01:57.0124 1444 CmBatt - ok
08:01:57.0174 1444 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
08:01:57.0174 1444 cmdide - ok
08:01:57.0244 1444 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
08:01:57.0294 1444 CNG - ok
08:01:57.0414 1444 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
08:01:57.0424 1444 Compbatt - ok
08:01:57.0474 1444 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
08:01:57.0524 1444 CompositeBus - ok
08:01:57.0554 1444 COMSysApp - ok
08:01:57.0594 1444 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
08:01:57.0594 1444 crcdisk - ok
08:01:57.0674 1444 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
08:01:57.0734 1444 CryptSvc - ok
08:01:57.0814 1444 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
08:01:57.0824 1444 DcomLaunch - ok
08:01:57.0904 1444 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
08:01:57.0914 1444 defragsvc - ok
08:01:57.0974 1444 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
08:01:58.0024 1444 DfsC - ok
08:01:58.0074 1444 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
08:01:58.0124 1444 Dhcp - ok
08:01:58.0154 1444 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
08:01:58.0164 1444 discache - ok
08:01:58.0254 1444 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
08:01:58.0264 1444 Disk - ok
08:01:58.0344 1444 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
08:01:58.0394 1444 Dnscache - ok
08:01:58.0524 1444 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
08:01:58.0565 1444 dot3svc - ok
08:01:58.0645 1444 [ B42ED0320C6E41102FDE0005154849BB ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
08:01:58.0655 1444 Dot4 - ok
08:01:58.0785 1444 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
08:01:58.0835 1444 Dot4Print - ok
08:01:58.0865 1444 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
08:01:58.0905 1444 dot4usb - ok
08:01:58.0955 1444 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
08:01:58.0955 1444 DPS - ok
08:01:59.0055 1444 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
08:01:59.0055 1444 drmkaud - ok
08:01:59.0203 1444 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
08:01:59.0344 1444 DXGKrnl - ok
08:01:59.0391 1444 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
08:01:59.0391 1444 EapHost - ok
08:02:00.0186 1444 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
08:02:00.0467 1444 ebdrv - ok
08:02:00.0514 1444 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
08:02:00.0561 1444 EFS - ok
08:02:00.0810 1444 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
08:02:00.0873 1444 ehRecvr - ok
08:02:00.0904 1444 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
08:02:00.0904 1444 ehSched - ok
08:02:01.0231 1444 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
08:02:01.0278 1444 elxstor - ok
08:02:01.0356 1444 [ 3A70DC8951B995C73A22B9A23210833E ] enecir C:\Windows\system32\DRIVERS\enecir.sys
08:02:01.0403 1444 enecir - ok
08:02:01.0419 1444 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
08:02:01.0419 1444 ErrDev - ok
08:02:01.0497 1444 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
08:02:01.0497 1444 EventSystem - ok
08:02:01.0528 1444 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
08:02:01.0543 1444 exfat - ok
08:02:01.0591 1444 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
08:02:01.0591 1444 fastfat - ok
08:02:03.0480 1444 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
08:02:03.0761 1444 Fax - ok
08:02:03.0870 1444 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
08:02:03.0870 1444 fdc - ok
08:02:03.0948 1444 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
08:02:03.0948 1444 fdPHost - ok
08:02:03.0995 1444 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
08:02:03.0995 1444 FDResPub - ok
08:02:04.0041 1444 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
08:02:04.0057 1444 FileInfo - ok
08:02:04.0416 1444 [ 13AE84E8E90D60CE9AF309EE08FF1B85 ] FileOpenManagerSvc C:\Program Files\FileOpen\Services\FileOpenManagerSvc64.exe
08:02:04.0463 1444 FileOpenManagerSvc - ok
08:02:04.0509 1444 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
08:02:04.0525 1444 Filetrace - ok
08:02:04.0587 1444 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
08:02:04.0603 1444 flpydisk - ok
08:02:04.0634 1444 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
08:02:04.0681 1444 FltMgr - ok
08:02:04.0806 1444 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
08:02:04.0977 1444 FontCache - ok
08:02:05.0087 1444 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
08:02:05.0087 1444 FontCache3.0.0.0 - ok
08:02:05.0118 1444 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
08:02:05.0118 1444 FsDepends - ok
08:02:05.0165 1444 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
08:02:05.0227 1444 Fs_Rec - ok
08:02:05.0352 1444 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
08:02:05.0414 1444 fvevol - ok
08:02:05.0477 1444 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
08:02:05.0477 1444 gagp30kx - ok
08:02:05.0601 1444 [ 6139AE70E943B2A57AD04B70A316C0A0 ] GameConsoleService C:\Program Files (x86)\HP Games\My HP Game Console\GameConsoleService.exe
08:02:05.0664 1444 GameConsoleService - ok
08:02:05.0711 1444 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
08:02:05.0773 1444 GEARAspiWDM - ok
08:02:05.0882 1444 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
08:02:05.0960 1444 gpsvc - ok
08:02:06.0085 1444 [ 626A24ED1228580B9518C01930936DF9 ] gupdate1c984f01c096d0 C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:02:06.0085 1444 gupdate1c984f01c096d0 - ok
08:02:06.0116 1444 [ 626A24ED1228580B9518C01930936DF9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:02:06.0132 1444 gupdatem - ok
08:02:06.0163 1444 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
08:02:06.0179 1444 hcw85cir - ok
08:02:06.0288 1444 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
08:02:06.0335 1444 HDAudBus - ok
08:02:06.0381 1444 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
08:02:06.0381 1444 HidBatt - ok
08:02:06.0428 1444 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
08:02:06.0428 1444 HidBth - ok
08:02:06.0475 1444 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
08:02:06.0491 1444 HidIr - ok
08:02:06.0537 1444 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
08:02:06.0537 1444 hidserv - ok
08:02:06.0663 1444 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
08:02:06.0710 1444 HidUsb - ok
08:02:06.0788 1444 [ A894FB2CAE6A29F5D9C8EDA47B074623 ] HipShieldK C:\Windows\system32\drivers\HipShieldK.sys
08:02:06.0850 1444 HipShieldK - ok
08:02:06.0913 1444 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
08:02:06.0944 1444 hkmsvc - ok
08:02:06.0991 1444 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
08:02:07.0038 1444 HomeGroupListener - ok
08:02:07.0084 1444 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
08:02:07.0084 1444 HomeGroupProvider - ok
08:02:07.0209 1444 [ 13BB1114451C63BFB41BA7DAA4D70A29 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
08:02:07.0272 1444 HP Support Assistant Service - ok
08:02:07.0365 1444 [ BCC4A8B2E2E902F52E7F2E7D8E125765 ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
08:02:07.0428 1444 HPDrvMntSvc.exe - ok
08:02:07.0725 1444 [ 4E0BEC0F78096FFD6D3314B497FC49D3 ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys
08:02:07.0772 1444 hpdskflt - ok
08:02:08.0006 1444 [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
08:02:08.0053 1444 hpqcxs08 - ok
08:02:08.0131 1444 [ 75CC8C5146A3FB76221A7606628778D5 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
08:02:08.0177 1444 hpqddsvc - ok
08:02:08.0255 1444 [ 0ECC54FD34D6A089C300846B011E81D6 ] HpqKbFiltr C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
08:02:08.0302 1444 HpqKbFiltr - ok
08:02:08.0349 1444 [ E53D53D66D61794AF8160741946D0B43 ] HpqRemHid C:\Windows\system32\DRIVERS\HpqRemHid.sys
08:02:08.0396 1444 HpqRemHid - ok
08:02:08.0583 1444 [ EC9739A46F1F83C6E52A7A4697F44A65 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
08:02:08.0599 1444 hpqwmiex - ok
08:02:08.0677 1444 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
08:02:08.0727 1444 HpSAMD - ok
08:02:08.0857 1444 [ D4F91CF4DE215D6F14A06087D46725E4 ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
08:02:08.0867 1444 HPSLPSVC - ok
08:02:08.0927 1444 [ FC7C13B5A9E9BE23B7AE72BBC7FDB278 ] hpsrv C:\Windows\system32\Hpservice.exe
08:02:08.0987 1444 hpsrv - ok
08:02:09.0087 1444 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
08:02:09.0207 1444 HTTP - ok
08:02:09.0307 1444 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
08:02:09.0347 1444 hwpolicy - ok
08:02:09.0427 1444 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
08:02:09.0437 1444 i8042prt - ok
08:02:09.0567 1444 [ 631FA8935163B01FC0C02966CB3ADB92 ] iaStor C:\Windows\system32\drivers\iaStor.sys
08:02:09.0567 1444 iaStor - ok
08:02:09.0697 1444 [ 7493EA4DE41348F7D3EDBF9DB298F56A ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
08:02:09.0757 1444 IAStorDataMgrSvc - ok
08:02:09.0937 1444 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
08:02:09.0997 1444 iaStorV - ok
08:02:10.0107 1444 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
08:02:10.0117 1444 IDriverT - ok
08:02:10.0257 1444 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
08:02:10.0327 1444 idsvc - ok
08:02:11.0413 1444 [ C6238C6ABD6AC99F5D152DA4E9439A3D ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
08:02:11.0881 1444 igfx - ok
08:02:11.0975 1444 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
08:02:11.0990 1444 iirsp - ok
08:02:12.0084 1444 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
08:02:12.0146 1444 IKEEXT - ok
08:02:12.0209 1444 [ C7C9720A5B0FD2B974FC4F72E405204B ] IntcHdmiAddService C:\Windows\system32\drivers\IntcHdmi.sys
08:02:12.0256 1444 IntcHdmiAddService - ok
08:02:12.0287 1444 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
08:02:12.0287 1444 intelide - ok
08:02:12.0380 1444 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
08:02:12.0380 1444 intelppm - ok
08:02:12.0458 1444 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
08:02:12.0458 1444 IPBusEnum - ok
08:02:12.0505 1444 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
08:02:12.0568 1444 IpFilterDriver - ok
08:02:12.0630 1444 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
08:02:12.0677 1444 IPMIDRV - ok
08:02:12.0739 1444 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
08:02:12.0739 1444 IPNAT - ok
08:02:12.0848 1444 [ A9AB99EE7D39725EAFEC82732D2B3271 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
08:02:12.0864 1444 iPod Service - ok
08:02:12.0973 1444 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
08:02:12.0973 1444 IRENUM - ok
08:02:13.0020 1444 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
08:02:13.0036 1444 isapnp - ok
08:02:13.0067 1444 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
08:02:13.0114 1444 iScsiPrt - ok
08:02:13.0176 1444 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
08:02:13.0176 1444 kbdclass - ok
08:02:13.0207 1444 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
08:02:13.0254 1444 kbdhid - ok
08:02:13.0285 1444 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
08:02:13.0285 1444 KeyIso - ok
08:02:13.0332 1444 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
08:02:13.0394 1444 KSecDD - ok
08:02:13.0426 1444 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
08:02:13.0488 1444 KSecPkg - ok
08:02:13.0535 1444 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
08:02:13.0550 1444 ksthunk - ok
08:02:13.0644 1444 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
08:02:13.0660 1444 KtmRm - ok
08:02:13.0738 1444 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
08:02:13.0800 1444 LanmanServer - ok
08:02:13.0862 1444 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
08:02:13.0904 1444 LanmanWorkstation - ok
08:02:14.0144 1444 [ 4D25A79A9F67A7E2D8D5382E75FCB124 ] LBTServ C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe
08:02:14.0214 1444 LBTServ - ok
08:02:14.0284 1444 [ AA3D903C5A7538803F2400A8391F1881 ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
08:02:14.0344 1444 LHidFilt - ok
08:02:14.0714 1444 [ 71C6A95A5F0CCC87298C4DD0F2C3635A ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
08:02:14.0774 1444 LightScribeService - ok
08:02:14.0844 1444 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
08:02:14.0854 1444 lltdio - ok
08:02:14.0904 1444 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
08:02:14.0924 1444 lltdsvc - ok
08:02:14.0954 1444 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
08:02:14.0964 1444 lmhosts - ok
08:02:14.0974 1444 [ 90B4B2B0B5F05ABB9FB365405A7B825B ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys
08:02:15.0034 1444 LMouFilt - ok
08:02:15.0134 1444 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
08:02:15.0154 1444 LSI_FC - ok
08:02:15.0194 1444 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
08:02:15.0204 1444 LSI_SAS - ok
08:02:15.0224 1444 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
08:02:15.0234 1444 LSI_SAS2 - ok
08:02:15.0264 1444 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
08:02:15.0274 1444 LSI_SCSI - ok
08:02:15.0314 1444 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
08:02:15.0324 1444 luafv - ok
08:02:15.0444 1444 [ C121367D21599367F2ADB9C11B7BABAA ] McAfee SiteAdvisor Service C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
08:02:15.0534 1444 McAfee SiteAdvisor Service - ok
08:02:15.0634 1444 [ F453D1E6D881E8F8717E20CCD4199E85 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe
08:02:15.0724 1444 McComponentHostService - ok
08:02:15.0855 1444 [ C121367D21599367F2ADB9C11B7BABAA ] McMPFSvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
08:02:15.0855 1444 McMPFSvc - ok
08:02:15.0885 1444 [ C121367D21599367F2ADB9C11B7BABAA ] mcmscsvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
08:02:15.0895 1444 mcmscsvc - ok
08:02:15.0905 1444 [ C121367D21599367F2ADB9C11B7BABAA ] McNaiAnn C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
08:02:15.0915 1444 McNaiAnn - ok
08:02:15.0955 1444 [ C121367D21599367F2ADB9C11B7BABAA ] McNASvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
08:02:15.0955 1444 McNASvc - ok
08:02:16.0282 1444 [ 9EF2FF066F067C140EB2CB776104C602 ] McODS C:\Program Files\McAfee\VirusScan\mcods.exe
08:02:16.0298 1444 McODS - ok
08:02:16.0360 1444 [ C121367D21599367F2ADB9C11B7BABAA ] McProxy C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
08:02:16.0360 1444 McProxy - ok
08:02:16.0501 1444 [ 4DEC9B5BEDAA97B1FF6A3923E1C4F58A ] McShield C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
08:02:16.0563 1444 McShield - ok
08:02:16.0625 1444 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
08:02:16.0688 1444 Mcx2Svc - ok
08:02:16.0703 1444 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
08:02:16.0719 1444 megasas - ok
08:02:16.0781 1444 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
08:02:16.0781 1444 MegaSR - ok
08:02:16.0891 1444 [ B574522827D94126C03975FD53F0B26B ] mfeapfk C:\Windows\system32\drivers\mfeapfk.sys
08:02:16.0969 1444 mfeapfk - ok
08:02:17.0140 1444 [ B393753ECE9A9E2307CB1984ACF3DA9D ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys
08:02:17.0234 1444 mfeavfk - ok
08:02:17.0281 1444 mfeavfk01 - ok
08:02:17.0359 1444 [ 97C398750C8E80A48EB63999546F796E ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
08:02:17.0437 1444 mfefire - ok
08:02:17.0515 1444 [ C52A1ABF03DD219375EA0F6A8BE941C3 ] mfefirek C:\Windows\system32\drivers\mfefirek.sys
08:02:17.0593 1444 mfefirek - ok
08:02:17.0811 1444 [ 7092A6C6158FC4F5AA39EBEB9D5AF03D ] mfehidk C:\Windows\system32\drivers\mfehidk.sys
08:02:17.0905 1444 mfehidk - ok
08:02:18.0029 1444 [ D2A941C82A0A9227CD6F47AD40A40F69 ] mferkdet C:\Windows\system32\drivers\mferkdet.sys
08:02:18.0029 1444 mferkdet - ok
08:02:18.0139 1444 [ 04D48692EFF181DA46DD8EA8BE9FFB2B ] mfevtp C:\Windows\system32\mfevtps.exe
08:02:18.0217 1444 mfevtp - ok
08:02:18.0326 1444 [ 1631E2DA6C4B47D97ECA94842836592E ] mfewfpk C:\Windows\system32\drivers\mfewfpk.sys
08:02:18.0388 1444 mfewfpk - ok
08:02:18.0435 1444 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
08:02:18.0435 1444 MMCSS - ok
08:02:18.0482 1444 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
08:02:18.0482 1444 Modem - ok
08:02:18.0575 1444 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
08:02:18.0575 1444 monitor - ok
08:02:18.0591 1444 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
08:02:18.0607 1444 mouclass - ok
08:02:18.0778 1444 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
08:02:18.0794 1444 mouhid - ok
08:02:18.0809 1444 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
08:02:18.0965 1444 mountmgr - ok
08:02:19.0324 1444 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
08:02:19.0387 1444 MozillaMaintenance - ok
08:02:19.0449 1444 [ AE2E68527013EB4F761ECCC630F7F1A3 ] MPFP C:\Windows\system32\Drivers\Mpfp.sys
08:02:19.0496 1444 MPFP - ok
08:02:19.0605 1444 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
08:02:19.0652 1444 mpio - ok
08:02:19.0699 1444 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
08:02:19.0699 1444 mpsdrv - ok
08:02:19.0761 1444 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
08:02:19.0808 1444 MRxDAV - ok
08:02:19.0886 1444 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
08:02:19.0933 1444 mrxsmb - ok
08:02:20.0151 1444 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
08:02:20.0213 1444 mrxsmb10 - ok
08:02:20.0276 1444 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
08:02:20.0338 1444 mrxsmb20 - ok
08:02:20.0447 1444 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
08:02:20.0510 1444 msahci - ok
08:02:20.0541 1444 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
08:02:20.0635 1444 msdsm - ok
08:02:20.0681 1444 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
08:02:20.0713 1444 MSDTC - ok
08:02:20.0744 1444 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
08:02:20.0744 1444 Msfs - ok
08:02:20.0900 1444 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
08:02:20.0915 1444 mshidkmdf - ok
08:02:20.0947 1444 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
08:02:20.0947 1444 msisadrv - ok
08:02:21.0009 1444 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
08:02:21.0025 1444 MSiSCSI - ok
08:02:21.0025 1444 msiserver - ok
08:02:21.0087 1444 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
08:02:21.0103 1444 MSKSSRV - ok
08:02:21.0196 1444 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
08:02:21.0196 1444 MSPCLOCK - ok
08:02:21.0243 1444 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
08:02:21.0259 1444 MSPQM - ok
08:02:21.0337 1444 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
08:02:21.0399 1444 MsRPC - ok
08:02:21.0477 1444 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
08:02:21.0477 1444 mssmbios - ok
08:02:21.0586 1444 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
08:02:21.0586 1444 MSTEE - ok
08:02:21.0680 1444 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
08:02:21.0680 1444 MTConfig - ok
08:02:21.0695 1444 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
08:02:21.0711 1444 Mup - ok
08:02:21.0961 1444 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
08:02:22.0007 1444 napagent - ok
08:02:22.0241 1444 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
08:02:22.0288 1444 NativeWifiP - ok
08:02:22.0397 1444 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
08:02:22.0460 1444 NDIS - ok
08:02:22.0538 1444 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
08:02:22.0538 1444 NdisCap - ok
08:02:22.0616 1444 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
08:02:22.0912 1444 NdisTapi - ok
08:02:23.0006 1444 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
08:02:23.0053 1444 Ndisuio - ok
08:02:23.0115 1444 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
08:02:23.0193 1444 NdisWan - ok
08:02:23.0223 1444 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
08:02:23.0273 1444 NDProxy - ok
08:02:23.0393 1444 [ DC6530A291D4BDF6DF399F1F128E7F8F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
08:02:23.0433 1444 Net Driver HPZ12 - ok
08:02:23.0533 1444 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
08:02:23.0543 1444 NetBIOS - ok
08:02:23.0573 1444 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
08:02:23.0633 1444 NetBT - ok
08:02:23.0643 1444 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
08:02:23.0653 1444 Netlogon - ok
08:02:23.0803 1444 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
08:02:23.0823 1444 Netman - ok
08:02:23.0853 1444 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
08:02:23.0863 1444 netprofm - ok
08:02:24.0043 1444 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
08:02:24.0043 1444 NetTcpPortSharing - ok
08:02:24.0193 1444 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
08:02:24.0193 1444 nfrd960 - ok
08:02:24.0353 1444 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
08:02:27.0033 1444 NlaSvc - ok
08:02:27.0079 1444 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
08:02:27.0079 1444 Npfs - ok
08:02:27.0157 1444 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
08:02:27.0220 1444 nsi - ok
08:02:27.0251 1444 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
08:02:27.0251 1444 nsiproxy - ok
08:02:27.0501 1444 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
08:02:27.0625 1444 Ntfs - ok
08:02:27.0657 1444 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
08:02:27.0672 1444 Null - ok
08:02:27.0735 1444 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
08:02:27.0813 1444 nvraid - ok
08:02:28.0125 1444 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
08:02:28.0265 1444 nvstor - ok
08:02:28.0327 1444 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
08:02:28.0343 1444 nv_agp - ok
08:02:28.0622 1444 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
08:02:28.0728 1444 odserv - ok
08:02:28.0750 1444 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
08:02:28.0781 1444 ohci1394 - ok
08:02:28.0922 1444 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
08:02:28.0984 1444 ose - ok
08:02:29.0078 1444 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
08:02:29.0093 1444 p2pimsvc - ok
08:02:29.0202 1444 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
08:02:29.0218 1444 p2psvc - ok
08:02:29.0280 1444 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
08:02:29.0280 1444 Parport - ok
08:02:29.0343 1444 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
08:02:29.0405 1444 partmgr - ok
08:02:29.0499 1444 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
08:02:29.0514 1444 PcaSvc - ok
08:02:29.0561 1444 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
08:02:29.0608 1444 pci - ok
08:02:29.0670 1444 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
08:02:29.0686 1444 pciide - ok
08:02:29.0811 1444 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
08:02:29.0826 1444 pcmcia - ok
08:02:29.0858 1444 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
08:02:29.0858 1444 pcw - ok
08:02:29.0936 1444 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
08:02:29.0951 1444 PEAUTH - ok
08:02:30.0076 1444 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
08:02:30.0076 1444 PerfHost - ok
08:02:30.0435 1444 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
08:02:30.0575 1444 pla - ok
08:02:30.0653 1444 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
08:02:30.0700 1444 PlugPlay - ok
08:02:30.0731 1444 [ 71F62C51DFDFBC04C83C5C64B2B8058E ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
08:02:30.0778 1444 Pml Driver HPZ12 - ok
08:02:30.0840 1444 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
08:02:30.0850 1444 PNRPAutoReg - ok
08:02:30.0880 1444 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
08:02:30.0880 1444 PNRPsvc - ok
08:02:30.0950 1444 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
08:02:31.0000 1444 PolicyAgent - ok
08:02:31.0110 1444 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
08:02:31.0120 1444 Power - ok
08:02:31.0180 1444 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
08:02:31.0240 1444 PptpMiniport - ok
08:02:31.0350 1444 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
08:02:31.0360 1444 Processor - ok
08:02:31.0470 1444 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
08:02:31.0480 1444 ProfSvc - ok
08:02:31.0560 1444 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
08:02:31.0560 1444 ProtectedStorage - ok
08:02:31.0670 1444 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
08:02:31.0750 1444 Psched - ok
08:02:31.0930 1444 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
08:02:32.0091 1444 ql2300 - ok
08:02:32.0121 1444 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
08:02:32.0331 1444 ql40xx - ok
08:02:32.0461 1444 [ 6803B69C14696CC4907C5F77FBB04A14 ] QPCapSvc C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
08:02:32.0471 1444 QPCapSvc - ok
08:02:32.0511 1444 [ 95A0B86B9F1D27B613830864341A8252 ] QPSched C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\QPSched.exe
08:02:32.0601 1444 QPSched - ok
08:02:32.0671 1444 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
08:02:32.0691 1444 QWAVE - ok
08:02:32.0731 1444 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
08:02:32.0741 1444 QWAVEdrv - ok
08:02:32.0791 1444 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
08:02:32.0791 1444 RasAcd - ok
08:02:32.0851 1444 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
08:02:32.0861 1444 RasAgileVpn - ok
08:02:32.0961 1444 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
08:02:32.0981 1444 RasAuto - ok
08:02:33.0031 1444 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
08:02:33.0091 1444 Rasl2tp - ok
08:02:33.0161 1444 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
08:02:33.0221 1444 RasMan - ok
08:02:33.0261 1444 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
08:02:33.0271 1444 RasPppoe - ok
08:02:33.0338 1444 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
08:02:33.0338 1444 RasSstp - ok
08:02:33.0385 1444 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
08:02:33.0447 1444 rdbss - ok
08:02:33.0510 1444 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
08:02:33.0525 1444 rdpbus - ok
08:02:33.0572 1444 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
08:02:33.0588 1444 RDPCDD - ok
08:02:33.0681 1444 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
08:02:33.0697 1444 RDPENCDD - ok
08:02:33.0728 1444 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
08:02:33.0744 1444 RDPREFMP - ok
08:02:33.0791 1444 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
08:02:33.0869 1444 RDPWD - ok
08:02:33.0947 1444 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
08:02:34.0040 1444 rdyboost - ok
08:02:34.0196 1444 [ B9570481A1BABCC4A9E941C553596077 ] Recovery Service for Windows C:\Windows\SMINST\BLService.exe
08:02:34.0305 1444 Recovery Service for Windows - ok
08:02:34.0352 1444 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
08:02:34.0368 1444 RemoteAccess - ok
08:02:34.0461 1444 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
08:02:34.0461 1444 RemoteRegistry - ok
08:02:34.0586 1444 [ DC9B2C035692B3E59125B6D73FC6F8FC ] ReplicaSysMon C:\Program Files (x86)\Seagate Replica\bin\ReplicaSysMon.exe
08:02:34.0695 1444 ReplicaSysMon - ok
08:02:34.0867 1444 [ 17E0BEF5CA5C9CE52CC8082AC6EBC449 ] RichVideo C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe
08:02:34.0945 1444 RichVideo - ok
08:02:35.0007 1444 [ 71B48DDAF5E9C2B40E64DE5C405F5AAC ] RimUsb C:\Windows\system32\Drivers\RimUsb_AMD64.sys
08:02:35.0085 1444 RimUsb - ok
08:02:35.0179 1444 [ C903D49655B4AAE46673F0AAA6BE0F58 ] RimVSerPort C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
08:02:35.0257 1444 RimVSerPort - ok
08:02:35.0319 1444 [ 388D3DD1A6457280F3BADBA9F3ACD6B1 ] ROOTMODEM C:\Windows\system32\Drivers\RootMdm.sys
08:02:35.0335 1444 ROOTMODEM - ok
08:02:35.0382 1444 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
08:02:35.0397 1444 RpcEptMapper - ok
08:02:35.0444 1444 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
08:02:35.0460 1444 RpcLocator - ok
08:02:35.0522 1444 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
08:02:35.0538 1444 RpcSs - ok
08:02:35.0600 1444 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
08:02:35.0616 1444 rspndr - ok
08:02:35.0694 1444 [ DFADCAE64AEBE2C67DA9CD2AE74CCDE5 ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh64.sys
08:02:35.0772 1444 RTL8169 - ok
08:02:35.0803 1444 [ ED619C32CE98909614BF2BC4D9AD3FC6 ] RTSTOR C:\Windows\system32\drivers\RTSTOR64.SYS
08:02:35.0865 1444 RTSTOR - ok
08:02:35.0897 1444 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
08:02:35.0897 1444 SamSs - ok
08:02:35.0959 1444 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
08:02:36.0021 1444 sbp2port - ok
08:02:36.0085 1444 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
08:02:36.0100 1444 SCardSvr - ok
08:02:36.0147 1444 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
08:02:36.0225 1444 scfilter - ok
08:02:36.0272 1444 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
08:02:36.0288 1444 Schedule - ok
08:02:36.0334 1444 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
08:02:36.0334 1444 SCPolicySvc - ok
08:02:36.0381 1444 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
08:02:36.0381 1444 SDRSVC - ok
08:02:36.0397 1444 Seagate-Replica-Svc - ok
08:02:36.0444 1444 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
08:02:36.0444 1444 secdrv - ok
08:02:36.0490 1444 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
08:02:36.0537 1444 seclogon - ok
08:02:36.0568 1444 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
08:02:36.0568 1444 SENS - ok
08:02:36.0584 1444 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
08:02:36.0584 1444 SensrSvc - ok
08:02:36.0615 1444 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
08:02:36.0631 1444 Serenum - ok
08:02:36.0678 1444 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
08:02:36.0678 1444 Serial - ok
08:02:36.0693 1444 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
08:02:36.0693 1444 sermouse - ok
08:02:36.0771 1444 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
08:02:36.0802 1444 SessionEnv - ok
08:02:36.0865 1444 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
08:02:36.0865 1444 sffdisk - ok
08:02:36.0912 1444 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
08:02:36.0912 1444 sffp_mmc - ok
08:02:36.0958 1444 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
08:02:37.0005 1444 sffp_sd - ok
08:02:37.0036 1444 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
08:02:37.0036 1444 sfloppy - ok
08:02:37.0068 1444 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
08:02:37.0125 1444 ShellHWDetection - ok
08:02:37.0172 1444 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
08:02:37.0188 1444 SiSRaid2 - ok
08:02:37.0203 1444 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
08:02:37.0203 1444 SiSRaid4 - ok
08:02:37.0375 1444 [ EA396139541706B4B433641D62EA53CE ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
08:02:52.0669 1444 SkypeUpdate - ok
08:02:52.0729 1444 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
08:02:52.0749 1444 Smb - ok
08:02:52.0859 1444 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
08:02:52.0879 1444 SNMPTRAP - ok
08:02:52.0969 1444 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
08:02:52.0979 1444 spldr - ok
08:02:53.0089 1444 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
08:02:53.0239 1444 Spooler - ok
08:02:53.0629 1444 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
08:02:53.0989 1444 sppsvc - ok
08:02:54.0039 1444 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
08:02:54.0059 1444 sppuinotify - ok
08:02:54.0159 1444 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
08:02:54.0319 1444 srv - ok
08:02:54.0369 1444 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
08:02:54.0519 1444 srv2 - ok
08:02:54.0589 1444 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
08:02:54.0719 1444 srvnet - ok
08:02:54.0819 1444 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
08:02:54.0839 1444 SSDPSRV - ok
08:02:54.0869 1444 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
08:02:54.0889 1444 SstpSvc - ok
08:02:55.0109 1444 [ 7595D53EE8E8B0BAA9A2DDDE867EBB0C ] STacSV C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe
08:02:55.0249 1444 STacSV - ok
08:02:55.0299 1444 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
08:02:55.0309 1444 stexstor - ok
08:02:55.0399 1444 [ DFFBC024DFC7BB05B2129E05CBC7A201 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
08:02:55.0409 1444 STHDA - ok
08:02:55.0509 1444 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
08:02:55.0519 1444 StillCam - ok
08:02:55.0629 1444 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
08:02:56.0576 1444 stisvc - ok
08:02:56.0623 1444 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
08:02:56.0639 1444 swenum - ok
08:02:56.0717 1444 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
08:02:56.0732 1444 swprv - ok
08:02:56.0904 1444 [ 3A706A967295E16511E40842B1A2761D ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
08:02:57.0044 1444 SynTP - ok
08:02:57.0278 1444 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
08:02:57.0403 1444 SysMain - ok
08:02:57.0481 1444 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
08:02:57.0575 1444 TabletInputService - ok
08:02:57.0621 1444 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
08:02:57.0731 1444 TapiSrv - ok
08:02:57.0762 1444 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
08:02:57.0777 1444 TBS - ok
08:02:58.0023 1444 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
08:02:58.0223 1444 Tcpip - ok
08:02:58.0333 1444 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
08:02:58.0373 1444 TCPIP6 - ok
08:02:58.0473 1444 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
08:02:58.0613 1444 tcpipreg - ok
08:02:58.0663 1444 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
08:02:58.0683 1444 TDPIPE - ok
08:02:58.0743 1444 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
08:02:58.0873 1444 TDTCP - ok
08:02:58.0943 1444 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
08:02:59.0063 1444 tdx - ok
08:02:59.0183 1444 [ 622FCF264119F7DF127BE353F796B319 ] TelevisionFanaticService C:\PROGRA~2\TELEVI~2\bar\1.bin\64barsvc.exe
08:02:59.0343 1444 TelevisionFanaticService - ok
08:02:59.0423 1444 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
08:02:59.0523 1444 TermDD - ok
08:02:59.0693 1444 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
08:02:59.0833 1444 TermService - ok
08:02:59.0853 1444 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
08:02:59.0883 1444 Themes - ok
08:02:59.0943 1444 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
08:02:59.0943 1444 THREADORDER - ok
08:03:00.0013 1444 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
08:03:00.0033 1444 TrkWks - ok
08:03:00.0203 1444 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
08:03:00.0213 1444 TrustedInstaller - ok
08:03:00.0273 1444 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
08:03:00.0393 1444 tssecsrv - ok
08:03:00.0493 1444 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
08:03:00.0613 1444 TsUsbFlt - ok
08:03:00.0673 1444 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
08:03:00.0803 1444 TsUsbGD - ok
08:03:00.0903 1444 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
08:03:01.0034 1444 tunnel - ok
08:03:01.0074 1444 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
08:03:01.0084 1444 uagp35 - ok
08:03:01.0184 1444 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
08:03:01.0314 1444 udfs - ok
08:03:01.0394 1444 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
08:03:01.0414 1444 UI0Detect - ok
08:03:01.0454 1444 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
08:03:01.0474 1444 uliagpkx - ok
08:03:01.0514 1444 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
08:03:01.0644 1444 umbus - ok
08:03:01.0674 1444 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
08:03:01.0684 1444 UmPass - ok
08:03:01.0814 1444 [ 145DF344FF20DEE82A2BED96A413536F ] Updater Service for ooVoo Toolbar C:\Program Files (x86)\ooVoo Toolbar\ToolbarUpdaterService.exe
08:03:01.0984 1444 Updater Service for ooVoo Toolbar - ok
08:03:02.0064 1444 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
08:03:02.0084 1444 upnphost - ok
08:03:02.0164 1444 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
08:03:02.0214 1444 usbccgp - ok
08:03:02.0274 1444 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
08:03:02.0284 1444 usbcir - ok
08:03:02.0314 1444 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
08:03:02.0374 1444 usbehci - ok
08:03:02.0424 1444 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
08:03:02.0474 1444 usbhub - ok
08:03:02.0494 1444 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
08:03:02.0544 1444 usbohci - ok
08:03:02.0594 1444 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
08:03:02.0594 1444 usbprint - ok
08:03:02.0624 1444 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
08:03:02.0624 1444 usbscan - ok
08:03:02.0674 1444 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
08:03:02.0734 1444 USBSTOR - ok
08:03:02.0744 1444 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
08:03:02.0794 1444 usbuhci - ok
08:03:02.0844 1444 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
08:03:02.0904 1444 usbvideo - ok
08:03:02.0954 1444 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
08:03:02.0954 1444 UxSms - ok
08:03:02.0964 1444 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
08:03:02.0964 1444 VaultSvc - ok
08:03:03.0024 1444 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
08:03:03.0034 1444 vdrvroot - ok
08:03:03.0084 1444 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
08:03:03.0144 1444 vds - ok
08:03:03.0224 1444 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
08:03:03.0224 1444 vga - ok
08:03:03.0244 1444 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
08:03:03.0254 1444 VgaSave - ok
08:03:03.0284 1444 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
08:03:03.0344 1444 vhdmp - ok
08:03:03.0394 1444 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
08:03:03.0404 1444 viaide - ok
08:03:03.0454 1444 [ 5F974FDE801C73952770736BECDE11E7 ] Viewpoint Manager Service C:\Program Files (x86)\Viewpoint\Common\ViewpointService.exe
08:03:03.0514 1444 Viewpoint Manager Service - ok
08:03:03.0544 1444 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
08:03:03.0604 1444 volmgr - ok
08:03:03.0634 1444 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
08:03:03.0704 1444 volmgrx - ok
08:03:03.0744 1444 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
08:03:03.0804 1444 volsnap - ok
08:03:03.0854 1444 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
08:03:03.0864 1444 vsmraid - ok
08:03:04.0044 1444 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
08:03:04.0114 1444 VSS - ok
08:03:04.0154 1444 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
08:03:04.0164 1444 vwifibus - ok
08:03:04.0244 1444 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
08:03:04.0254 1444 vwififlt - ok
08:03:04.0314 1444 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
08:03:04.0314 1444 vwifimp - ok
08:03:04.0424 1444 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
08:03:04.0444 1444 W32Time - ok
08:03:04.0484 1444 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
08:03:04.0484 1444 WacomPen - ok
08:03:04.0574 1444 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
08:03:04.0654 1444 WANARP - ok
08:03:04.0664 1444 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
08:03:04.0664 1444 Wanarpv6 - ok
08:03:04.0752 1444 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
08:03:04.0846 1444 WatAdminSvc - ok
08:03:04.0970 1444 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
08:03:05.0033 1444 wbengine - ok
08:03:05.0080 1444 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
08:03:05.0095 1444 WbioSrvc - ok
08:03:05.0173 1444 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
08:03:05.0236 1444 wcncsvc - ok
08:03:05.0267 1444 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
08:03:05.0282 1444 WcsPlugInService - ok
08:03:05.0329 1444 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
08:03:05.0345 1444 Wd - ok
08:03:05.0501 1444 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
08:03:05.0594 1444 Wdf01000 - ok
08:03:05.0641 1444 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
08:03:05.0657 1444 WdiServiceHost - ok
08:03:05.0657 1444 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
08:03:05.0672 1444 WdiSystemHost - ok
08:03:05.0735 1444 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
08:03:05.0797 1444 WebClient - ok
08:03:05.0891 1444 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
08:03:05.0906 1444 Wecsvc - ok
08:03:05.0984 1444 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
08:03:06.0000 1444 wercplsupport - ok
08:03:06.0062 1444 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
08:03:06.0078 1444 WerSvc - ok
08:03:06.0140 1444 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
08:03:06.0156 1444 WfpLwf - ok
08:03:06.0172 1444 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
08:03:06.0172 1444 WIMMount - ok
08:03:06.0187 1444 WinHttpAutoProxySvc - ok
08:03:06.0296 1444 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
08:03:06.0312 1444 Winmgmt - ok
08:03:06.0546 1444 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
08:03:06.0702 1444 WinRM - ok
08:03:06.0782 1444 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
08:03:06.0842 1444 WinUsb - ok
08:03:06.0962 1444 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
08:03:06.0982 1444 Wlansvc - ok
08:03:07.0032 1444 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
08:03:07.0042 1444 WmiAcpi - ok
08:03:07.0112 1444 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
08:03:07.0122 1444 wmiApSrv - ok
08:03:07.0202 1444 WMPNetworkSvc - ok
08:03:07.0262 1444 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
08:03:07.0272 1444 WPCSvc - ok
08:03:07.0282 1444 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
08:03:07.0332 1444 WPDBusEnum - ok
08:03:07.0492 1444 WPFFontCache_v0400 - ok
08:03:07.0552 1444 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
08:03:07.0562 1444 ws2ifsl - ok
08:03:07.0582 1444 WSearch - ok
08:03:07.0622 1444 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
08:03:07.0682 1444 WudfPf - ok
08:03:07.0772 1444 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
08:03:07.0782 1444 WUDFRd - ok
08:03:07.0832 1444 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
08:03:07.0902 1444 wudfsvc - ok
08:03:07.0932 1444 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
08:03:07.0942 1444 WwanSvc - ok
08:03:08.0012 1444 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
08:03:08.0132 1444 YahooAUService - ok
08:03:08.0182 1444 ================ Scan global ===============================
08:03:08.0252 1444 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
08:03:08.0282 1444 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
08:03:08.0342 1444 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
08:03:08.0392 1444 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
08:03:08.0502 1444 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
08:03:08.0512 1444 [Global] - ok
08:03:08.0512 1444 ================ Scan MBR ==================================
08:03:08.0532 1444 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
08:03:09.0283 1444 \Device\Harddisk0\DR0 - ok
08:03:09.0299 1444 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR3
08:03:09.0658 1444 \Device\Harddisk1\DR3 - ok
08:03:09.0658 1444 ================ Scan VBR ==================================
08:03:09.0751 1444 [ FEB7B9D4878079B8C6476B37BC23FB02 ] \Device\Harddisk0\DR0\Partition1
08:03:09.0782 1444 \Device\Harddisk0\DR0\Partition1 - ok
08:03:09.0782 1444 [ 5B56AAA3341A8456F332B41C19D97C67 ] \Device\Harddisk0\DR0\Partition2
08:03:09.0798 1444 \Device\Harddisk0\DR0\Partition2 - ok
08:03:09.0798 1444 [ FABB7500109887F4189258EADDA30BDD ] \Device\Harddisk1\DR3\Partition1
08:03:09.0829 1444 \Device\Harddisk1\DR3\Partition1 - ok
08:03:09.0829 1444 ============================================================
08:03:09.0829 1444 Scan finished
08:03:09.0829 1444 ============================================================
08:03:09.0829 5620 Detected object count: 0
08:03:09.0829 5620 Actual detected object count: 0


Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-09-13 08:20:33
-----------------------------
08:20:33.378 OS Version: Windows x64 6.1.7601 Service Pack 1
08:20:33.378 Number of processors: 2 586 0xF0D
08:20:33.378 ComputerName: ANDREW-PC UserName: Andrew
08:20:34.288 Initialize success
08:21:46.498 AVAST engine defs: 12091300
08:22:11.204 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
08:22:11.220 Disk 0 Vendor: TOSHIBA_ LV01 Size: 238475MB BusType: 3
08:22:11.220 Disk 2 \Device\Harddisk2\DR2 -> \Device\0000009e
08:22:11.220 Disk 2 Vendor: Size: 238475MB BusType: 0
08:22:11.236 Disk 0 MBR read successfully
08:22:11.251 Disk 0 MBR scan
08:22:11.329 Disk 0 Windows 7 default MBR code
08:22:11.548 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 227060 MB offset 63
08:22:11.610 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 11411 MB offset 465020928
08:22:11.688 Disk 0 scanning C:\Windows\system32\drivers
08:22:29.875 Service scanning
08:23:19.725 Modules scanning
08:23:19.735 Disk 0 trace - called modules:
08:23:19.755 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys iaStor.sys hal.dll
08:23:19.755 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8006a30060]
08:23:19.765 3 CLASSPNP.SYS[fffff88001bc743f] -> nt!IofCallDriver -> [0xfffffa8006a2f880]
08:23:19.775 5 hpdskflt.sys[fffff88001ba8189] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004730050]
08:23:20.308 AVAST engine scan C:\Windows
08:23:25.912 AVAST engine scan C:\Windows\system32
08:32:01.906 AVAST engine scan C:\Windows\system32\drivers
08:32:46.015 AVAST engine scan C:\Users\Andrew
08:37:30.069 Disk 0 MBR has been saved successfully to "C:\Users\Andrew\Documents\SOFTWARE ISSUES\SECURITY THREATS\MBR.dat"
08:37:30.079 The log file has been saved successfully to "C:\Users\Andrew\Documents\SOFTWARE ISSUES\SECURITY THREATS\aswMBR Quick.txt"

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply


C:\Program Files (x86)\ooVoo Toolbar\ooVooToolbarUninstall.exe Win32/Toolbar.Zugo application cleaned by deleting - quarantined
C:\Program Files (x86)\ooVoo Toolbar\Toolbar32.dll a variant of Win32/Toolbar.Zugo application cleaned by deleting - quarantined
C:\Program Files (x86)\ooVoo Toolbar\ToolbarUpdaterService.exe a variant of Win32/Toolbar.Zugo application cleaned by deleting (after the next restart) - quarantined
C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64datact.dll a variant of Win32/Toolbar.MyWebSearch.A application cleaned by deleting - quarantined
C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64html.dll probably a variant of Win32/Toolbar.MyWebSearch.F application cleaned by deleting - quarantined
C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64htmlmu.dll probably a variant of Win32/Toolbar.MyWebSearch.B application cleaned by deleting (after the next restart) - quarantined
C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64ieovr.dll probably a variant of Win32/Toolbar.MyWebSearch.P application cleaned by deleting - quarantined
C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64Plugin.dll a variant of Win32/Toolbar.MyWebSearch application cleaned by deleting (after the next restart) - quarantined
C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64skin.dll a variant of Win32/Toolbar.MyWebSearch.P application cleaned by deleting - quarantined
C:\Users\Andrew\AppData\Local\Temp\jar_cache4522560234567232392.tmp multiple threats deleted - quarantined
C:\Users\Andrew\AppData\Local\Temp\jar_cache4816517038933153043.tmp multiple threats deleted - quarantined
C:\Users\Andrew\AppData\Local\Temp\NODB2B9.tmp probably a variant of Win32/Toolbar.MyWebSearch.B application cleaned by deleting - quarantined
C:\Users\Andrew\AppData\Local\Temp\NODB9D9.tmp a variant of Win32/Toolbar.Zugo application cleaned by deleting (after the next restart) - quarantined
C:\Users\Andrew\AppData\Local\Temp\NODC782.tmp a variant of Win32/Toolbar.MyWebSearch application cleaned by deleting - quarantined
C:\Users\Andrew\AppData\Local\Temp\ooVooTBing.exe Win32/Toolbar.Zugo application cleaned by deleting - quarantined
C:\Users\Andrew\AppData\Local\Temp\YYBrBCHf.exe.part a variant of Win32/InstallIQ application cleaned by deleting - quarantined
C:\Users\Andrew\AppData\Local\{EF9CA819-F11A-11E1-8270-B8AC6F996F26}\chrome\content\browser.xul JS/Redirector.NIQ trojan cleaned by deleting - quarantined
C:\Users\Andrew\AppData\LocalLow\TelevisionFanaticEI\Installr\Cache\024573D3.exe a variant of Win32/Toolbar.MyWebSearch.O application cleaned by deleting - quarantined
C:\Users\Andrew\AppData\Roaming\nsntsr.dll a variant of Win32/Medfos.CU trojan cleaned by deleting - quarantined
C:\Users\Andrew\Desktop\FreeFileViewer2011Setup.exe a variant of Win32/InstallIQ application cleaned by deleting - quarantined
C:\Users\Andrew\Desktop\TelevisionFanatic.exe a variant of Win32/Toolbar.MyWebSearch.Q application deleted - quarantined
C:\Windows\Temp\Temporary Internet Files\Content.IE5\6LK9Y9I5\cat-and-dolphin-playing-together[1].htm HTML/ScrInject.B.Gen virus deleted - quarantined
F:\ANDREW-PC\Backup Set 2011-08-27 110318\Backup Files 2011-08-27 110318\Backup files 15.zip a variant of Win32/InstallIQ application deleted - quarantined
F:\ANDREW-PC\Backup Set 2011-08-27 110318\Backup Files 2011-08-29 220006\Backup files 3.zip multiple threats deleted - quarantined
F:\ANDREW-PC\Backup Set 2011-08-27 110318\Backup Files 2011-08-31 083114\Backup files 1.zip multiple threats deleted - quarantined
F:\ANDREW-PC\Backup Set 2011-08-27 110318\Backup Files 2011-09-01 072600\Backup files 1.zip a variant of Win32/Toolbar.MyWebSearch.Q application deleted - quarantined
F:\ANDREW-PC\Backup Set 2011-08-27 110318\Backup Files 2011-09-03 105353\Backup files 1.zip multiple threats deleted - quarantined
F:\ANDREW-PC\Backup Set 2011-08-27 110318\Backup Files 2011-09-04 090615\Backup files 1.zip multiple threats deleted - quarantined
F:\ANDREW-PC\Backup Set 2011-08-27 110318\Backup Files 2011-09-07 091704\Backup files 1.zip multiple threats deleted - quarantined
F:\ANDREW-PC\Backup Set 2011-08-27 110318\Backup Files 2011-09-08 220015\Backup files 1.zip multiple threats deleted - quarantined
F:\ANDREW-PC\Backup Set 2011-08-27 110318\Backup Files 2011-09-09 220004\Backup files 1.zip a variant of Win32/Toolbar.MyWebSearch.Q application deleted - quarantined
F:\ANDREW-PC\Backup Set 2011-08-27 110318\Backup Files 2011-09-11 220001\Backup files 3.zip multiple threats deleted - quarantined
F:\ANDREW-PC\Backup Set 2011-08-27 110318\Backup Files 2011-09-13 220025\Backup files 1.zip multiple threats deleted - quarantined
F:\ANDREW-PC\Backup Set 2011-08-27 110318\Backup Files 2011-09-14 220006\Backup files 1.zip multiple threats deleted - quarantined
F:\ANDREW-PC\Backup Set 2011-08-27 110318\Backup Files 2011-09-16 220022\Backup files 19.zip multiple threats deleted - quarantined
F:\ANDREW-PC\Backup Set 2011-09-17 220153\Backup Files 2011-09-18 220109\Backup files 12.zip multiple threats deleted - quarantined
F:\ANDREW-PC\Backup Set 2011-10-12 220041\Backup Files 2011-10-12 220041\Backup files 29.zip probably a variant of Win32/Toolbar.MyWebSearch.L application deleted - quarantined
F:\ANDREW-PC\Backup Set 2011-10-12 220041\Backup Files 2011-10-12 220041\Backup files 45.zip multiple threats deleted - quarantined
F:\ANDREW-PC\Backup Set 2011-11-06 220059\Backup Files 2011-11-06 220059\Backup files 35.zip multiple threats deleted - quarantined
F:\ANDREW-PC\Backup Set 2011-11-06 220059\Backup Files 2011-12-14 010134\Backup files 5.zip JS/Agent.NEF trojan deleted - quarantined
F:\ANDREW-PC\Backup Set 2012-01-18 010047\Backup Files 2012-01-18 010047\Backup files 32.zip multiple threats deleted - quarantined
F:\ANDREW-PC\Backup Set 2012-01-18 010047\Backup Files 2012-04-25 010047\Backup files 34.zip multiple threats deleted - quarantined
F:\ANDREW-PC\Backup Set 2012-01-18 010047\Backup Files 2012-04-25 010047\Backup files 35.zip a variant of Win32/Toolbar.MyWebSearch.Q application deleted - quarantined
F:\ANDREW-PC\Backup Set 2012-05-02 010301\Backup Files 2012-05-02 010301\Backup files 36.zip multiple threats deleted - quarantined
F:\ANDREW-PC\Backup Set 2012-05-02 010301\Backup Files 2012-05-02 010301\Backup files 37.zip a variant of Win32/Toolbar.MyWebSearch.Q application deleted - quarantined
F:\ANDREW-PC\Backup Set 2012-05-02 010301\Backup Files 2012-06-20 010227\Backup files 35.zip multiple threats deleted - quarantined
F:\ANDREW-PC\Backup Set 2012-05-02 010301\Backup Files 2012-06-20 010227\Backup files 36.zip a variant of Win32/Toolbar.MyWebSearch.Q application deleted - quarantined
F:\ANDREW-PC\Backup Set 2012-06-27 010107\Backup Files 2012-07-18 083709\Backup files 39.zip multiple threats deleted - quarantined
F:\ANDREW-PC\Backup Set 2012-06-27 010107\Backup Files 2012-07-18 083709\Backup files 40.zip a variant of Win32/Toolbar.MyWebSearch.Q application deleted - quarantined
F:\ANDREW-PC\Backup Set 2012-06-27 010107\Backup Files 2012-08-01 010101\Backup files 31.zip multiple threats deleted - quarantined
F:\ANDREW-PC\Backup Set 2012-06-27 010107\Backup Files 2012-08-01 010101\Backup files 32.zip a variant of Win32/Toolbar.MyWebSearch.Q application deleted - quarantined
F:\ANDREW-PC\Backup Set 2012-08-08 010022\Backup Files 2012-08-08 010022\Backup files 37.zip multiple threats deleted - quarantined
F:\ANDREW-PC\Backup Set 2012-08-08 010022\Backup Files 2012-08-08 010022\Backup files 38.zip a variant of Win32/Toolbar.MyWebSearch.Q application deleted - quarantined
F:\ANDREW-PC\Backup Set 2012-08-08 010022\Backup Files 2012-08-15 010149\Backup files 1.zip a variant of Win32/InstallIQ application deleted - quarantined
F:\ANDREW-PC\Backup Set 2012-08-08 010022\Backup Files 2012-08-15 010149\Backup files 2.zip a variant of Win32/Toolbar.MyWebSearch.Q application deleted - quarantined
F:\ANDREW-PC\Backup Set 2012-08-08 010022\Backup Files 2012-08-22 010221\Backup files 3.zip a variant of Win32/InstallIQ application deleted - quarantined
F:\ANDREW-PC\Backup Set 2012-08-08 010022\Backup Files 2012-08-22 010221\Backup files 4.zip a variant of Win32/Toolbar.MyWebSearch.Q application deleted - quarantined
F:\ANDREW-PC\Backup Set 2012-08-08 010022\Backup Files 2012-09-12 010530\Backup files 32.zip a variant of Win32/Medfos.CU trojan deleted - quarantined
F:\ANDREW-PC\Backup Set 2012-08-08 010022\Backup Files 2012-09-12 010530\Backup files 40.zip multiple threats deleted - quarantined
F:\ANDREW-PC\Backup Set 2012-08-08 010022\Backup Files 2012-09-12 010530\Backup files 41.zip a variant of Win32/Toolbar.MyWebSearch.Q application deleted - quarantined
F:\Rebit\data\cfs\12\1297BBC0EA80B1D5FF73F01CC8B114AD-1592512 a variant of Win32/InstallIQ application cleaned by deleting - quarantined

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:02 PM

Posted 14 September 2012 - 02:04 PM

DO not quote my posts.Just post the log alone

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log

#5 GKRmaximumattack

GKRmaximumattack
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:02 PM

Posted 15 September 2012 - 05:49 PM

MiniToolBox by Farbar Version: 23-07-2012
Ran by Andrew (administrator) on 15-09-2012 at 16:36:56
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

::1 localhost

127.0.0.1 localhost

========================= IP Configuration: ================================

Realtek PCIe FE Family Controller = Local Area Connection (Media disconnected)
Broadcom 802.11b/g WLAN = Wireless Network Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
add address name="Local Area Connection" address=192.168.0.1 mask=255.255.255.0


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : ANDREW-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 00-21-00-8D-7D-07
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom 802.11b/g WLAN
Physical Address. . . . . . . . . : 00-21-00-8D-7D-07
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
Physical Address. . . . . . . . . : 00-23-8B-48-24-CF
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{40ED4D7D-B2E8-4EA1-B37F-DF467991D46E}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{D10682FA-B236-4C81-AB3B-B96F78BA4DD9}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: 127.0.0.1

DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
Ping request could not find host google.com. Please check the name and try again.
Server: UnKnown
Address: 127.0.0.1

DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
Ping request could not find host yahoo.com. Please check the name and try again.
Server: UnKnown
Address: 127.0.0.1

DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
Ping request could not find host bleepingcomputer.com. Please check the name and try again.

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
14...00 21 00 8d 7d 07 ......Microsoft Virtual WiFi Miniport Adapter
12...00 21 00 8d 7d 07 ......Broadcom 802.11b/g WLAN
11...00 23 8b 48 24 cf ......Realtek PCIe FE Family Controller
1...........................Software Loopback Interface 1
16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
1 306 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/15/2012 00:29:31 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/15/2012 08:28:47 AM) (Source: Application Error) (User: )
Description: Faulting application name: wmpnetwk.exe, version: 12.0.7601.17514, time stamp: 0x4ce7ae7f
Faulting module name: wmp.dll, version: 12.0.7601.17514, time stamp: 0x4ce7ca81
Exception code: 0xc0000005
Fault offset: 0x00000000000cd812
Faulting process id: 0x12c8
Faulting application start time: 0xwmpnetwk.exe0
Faulting application path: wmpnetwk.exe1
Faulting module path: wmpnetwk.exe2
Report Id: wmpnetwk.exe3

Error: (09/15/2012 08:19:24 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/15/2012 08:18:30 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/14/2012 03:03:37 PM) (Source: McLogEvent) (User: NT AUTHORITY)NT AUTHORITY
Description: A thread in process C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe took longer than 90000 ms to complete a request.

The process will be terminated.
Thread id : 5432 (0x1538)

Thread address : 0x0000000076EA138A

Thread message :

Build VSCORE.15.1.0.461 / 5500.1093
Object being scanned = \Device\HarddiskVolume1\ProgramData\McAfee\SiteAdvisor\saUpd.exe\log.txt
by c:\PROGRA~2\mcafee\SITEAD~1\saUpd.exe
4(0)(0)
4(0)(0)
7200(0)(0)
7595(0)(0)
7005(0)(0)
7004(0)(0)
5006(0)(0)
5004(0)(0)

Error: (09/14/2012 09:20:33 AM) (Source: Application Error) (User: )
Description: Faulting application name: ToolbarUpdaterService.exe, version: 0.0.0.0, time stamp: 0x4e205299
Faulting module name: msxml3.dll, version: 8.110.7601.17857, time stamp: 0x4fcee2f0
Exception code: 0xc0000005
Fault offset: 0x00032531
Faulting process id: 0x914
Faulting application start time: 0xToolbarUpdaterService.exe0
Faulting application path: ToolbarUpdaterService.exe1
Faulting module path: ToolbarUpdaterService.exe2
Report Id: ToolbarUpdaterService.exe3

Error: (09/13/2012 08:40:38 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/13/2012 08:40:18 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/13/2012 08:40:18 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/13/2012 08:40:01 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============
Error: (09/15/2012 04:33:38 PM) (Source: Service Control Manager) (User: )
Description: The McAfee Personal Firewall Service service depends the following service: MpsSvc. This service might not be installed.

Error: (09/15/2012 04:33:38 PM) (Source: Service Control Manager) (User: )
Description: The McAfee Personal Firewall Service service depends the following service: MpsSvc. This service might not be installed.

Error: (09/15/2012 04:33:34 PM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (09/15/2012 04:33:34 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (09/15/2012 04:33:10 PM) (Source: Service Control Manager) (User: )
Description: The McAfee Personal Firewall Service service depends the following service: MpsSvc. This service might not be installed.

Error: (09/15/2012 04:33:08 PM) (Source: Service Control Manager) (User: )
Description: The McAfee Personal Firewall Service service depends the following service: MpsSvc. This service might not be installed.

Error: (09/15/2012 04:33:00 PM) (Source: Service Control Manager) (User: )
Description: The McAfee Personal Firewall Service service depends the following service: MpsSvc. This service might not be installed.

Error: (09/15/2012 04:32:59 PM) (Source: Service Control Manager) (User: )
Description: The McAfee Personal Firewall Service service depends the following service: MpsSvc. This service might not be installed.

Error: (09/15/2012 04:32:58 PM) (Source: Service Control Manager) (User: )
Description: The McAfee Personal Firewall Service service depends the following service: MpsSvc. This service might not be installed.

Error: (09/15/2012 04:32:55 PM) (Source: Service Control Manager) (User: )
Description: The McAfee Personal Firewall Service service depends the following service: MpsSvc. This service might not be installed.


Microsoft Office Sessions:
=========================
Error: (08/20/2012 06:02:30 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 22787 seconds with 3540 seconds of active time. This session ended with a crash.

Error: (08/20/2012 11:40:24 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 75949 seconds with 1020 seconds of active time. This session ended with a crash.

Error: (07/24/2012 10:59:45 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 14138 seconds with 1020 seconds of active time. This session ended with a crash.

Error: (06/04/2012 08:50:00 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 160560 seconds with 3000 seconds of active time. This session ended with a crash.

Error: (02/23/2012 03:38:45 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 161 seconds with 0 seconds of active time. This session ended with a crash.

Error: (08/26/2009 10:53:27 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1056 seconds with 480 seconds of active time. This session ended with a crash.


=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
64 Bit HP CIO Components Installer (Version: 6.2.2)
6400_Help (Version: 1.00.0000)
Activation Assistant for the 2007 Microsoft Office suites
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0)
AD_Install (Version: 1.00.0000)
Adobe AIR (Version: 3.2.0.2070)
Adobe Download Assistant (Version: 1.2.2)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.271)
Adobe Flash Player 11 Plugin (Version: 11.3.300.271)
Adobe Reader X (10.1.4) (Version: 10.1.4)
AIM 6
Apple Application Support (Version: 2.1.9)
Apple Mobile Device Support (Version: 5.2.0.6)
Apple Software Update (Version: 2.1.3.127)
Bend-Tech PRO (Version: 4.00.03)
BlackBerry App World Browser Plugin (Version: 3.1.3.5)
BlackBerry Desktop Software 6.1 (Version: 6.1.0.35)
BlackBerry Device Software Updater (Version: 6.0.1.37)
BlackBerry Device Software v5.0.0 for the BlackBerry 9700 smartphone (Version: 5.0.0.979 (Platform 5.1.0.177))
Bonjour (Version: 3.0.0.10)
bpd_scan (Version: 3.00.0000)
BPDSoftware (Version: 130.0.000.000)
BPDSoftware_Ini (Version: 1.00.0000)
Broadcom 802.11 Wireless LAN Adapter (Version: 5.60.48.18)
BufferChm (Version: 140.0.212.000)
C4700 (Version: 140.0.690.000)
CDDRV_Installer (Version: 1.00.0000)
CDDRV_Installer (Version: 4.60)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
CustomerResearchQFolder (Version: 1.00.0000)
CyberLink DVD Suite (Version: 5.5.1519)
CyberLink YouCam (Version: 2.0.2029)
D4300 (Version: 100.0.206.000)
D4300_Help (Version: 100.0.206.000)
DeLorme Topo North America 9.0 (Version: 9.100.14857)
Destinations (Version: 130.0.0.0)
DeviceDiscovery (Version: 130.0.465.000)
DeviceManagementQFolder (Version: 1.00.0000)
DHTML Editing Component (Version: 6.02.0001)
Dictionary.com Toolbar (Version: 1.15.2.0)
Dictionary.com Toolbar Updater (Version: 1.2.1.23037)
DJ_SF_03_D4300_ProductContext (Version: 100.0.215.000)
DJ_SF_03_D4300_Software (Version: 100.0.206.000)
DJ_SF_03_D4300_Software_Min (Version: 100.0.206.000)
DocMgr (Version: 100.0.201.000)
DocProc (Version: 13.0.0.0)
DocProcQFolder (Version: 1.00.0000)
Download Updater (AOL LLC)
eBay Excel Add-in (Version: 1.0.11.19)
eBay Toolbar Featuring Yahoo! (Version: 2.50.12.3)
eFax Messenger (Version: 4.4.1.528)
ESET Online Scanner v3
eSupportQFolder (Version: 1.00.0000)
Fax (Version: 130.0.418.000)
File Type Assistant
FileOpen Client (x64) (Version: 3.0.73.917)
Free File Viewer 2011
Garmin BaseCamp (Version: 3.2.2)
Garmin City Navigator North America NT 2012.30 Update (Version: 15.30.0.0)
Garmin Communicator Plugin (Version: 3.0.1)
Garmin Lifetime Updater (Version: 2.1.7)
Garmin USB Drivers (Version: 2.3.0.0)
Garmin WebUpdater (Version: 2.5.4)
Google Chrome (Version: 21.0.1180.89)
Google Earth (Version: 6.1.0.5001)
Google Update Helper (Version: 1.3.21.123)
Google Updater (Version: 2.4.1536.6592)
GoToMeeting 5.1.0.880 (Version: 5.1.0.880)
GPBaseService (Version: 100.0.187.000)
GPBaseService2 (Version: 130.0.371.000)
Hewlett-Packard ACLM.NET v1.1.2.0 (Version: 1.00.0000)
HP Advisor (Version: 3.3.12286.3436)
HP Customer Experience Enhancements (Version: 6.0.1.7)
HP Customer Participation Program 13.0 (Version: 13.0)
HP Deskjet D4300 Printer Driver Software 10.0 Rel .3 (Version: 10.0)
HP Doc Viewer (Version: 1.03.0001)
HP Document Manager 1.0 (Version: 1.0)
HP Imaging Device Functions 13.0 (Version: 13.0)
HP OfficeJet J6400 (Version: 13.0)
HP Photo Creations (Version: 1.0.0.8812)
HP Photosmart C4700 All-in-One Driver Software 14.0 Rel. 6 (Version: 14.0)
HP Photosmart Essential 2.5 (Version: 1.02.0000)
HP Photosmart Essential 2.5 (Version: 2.5)
HP QuickPlay 3.7
HP QuickTouch 1.00 D2 (Version: 1.0.9)
HP Smart Web Printing 4.60 (Version: 4.60)
HP Solution Center 13.0 (Version: 13.0)
HP Support Assistant (Version: 6.1.12.1)
HP Update (Version: 5.002.005.003)
HP User Guides 0102 (Version: 1.01.0000)
HP Wireless Assistant (Version: 3.50.9.1)
HP_Network_UserGuide (Version: 1.00.0000)
HPPhotoGadget (Version: 140.0.524.000)
HPProductAssistant (Version: 130.0.371.000)
HPSSupply (Version: 130.0.371.000)
HPTCSSetup (Version: 1.0.964.2626)
iCloud (Version: 1.0.1.29)
IDT Audio (Version: 1.0.5893.0)
Intel® Control Center (Version: 1.2.0.1006)
Intel® Graphics Media Accelerator Driver
Intel® Rapid Storage Technology (Version: 9.5.0.1037)
iPhone Configuration Utility (Version: 2.1.0.163)
iTunes (Version: 10.6.3.25)
J6400 (Version: 130.0.000.000)
Japanese Fonts Support For Adobe Reader 8 (Version: 8.0)
Java Auto Updater (Version: 2.1.6.0)
Java™ 6 Update 5 (Version: 1.6.0.50)
Java™ 7 Update 5 (Version: 7.0.50)
JavaFX 2.1.1 (Version: 2.1.1)
JD2 Tube Bend App. (Version: 1.01.0003)
KhalInstallWrapper (Version: 4.00.121)
KhalInstallWrapper (Version: 4.60.122)
LabelPrint (Version: 2.20.2719)
LightScribe System Software (Version: 1.18.24.1)
Logitech SetPoint (Version: 4.60)
Malwarebytes Anti-Malware version 1.65.0.1400 (Version: 1.65.0.1400)
MapQuest Toolbar
MarketResearch (Version: 130.0.374.000)
McAfee AntiVirus (Version: 11.6.385)
McAfee Security Scan Plus (Version: 2.0.181.2)
McAfee Virtual Technician (Version: 6.0.0.0)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft VC9 runtime libraries (Version: 2.0.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Works (Version: 9.7.0621)
MobileMe Control Panel (Version: 3.1.8.0)
Mozilla Firefox 15.0 (x86 en-US) (Version: 15.0)
Mozilla Firefox 15.0.1 (x86 en-US) (Version: 15.0.1)
Mozilla Maintenance Service (Version: 15.0.1)
MSVCSetup (Version: 1.00.0000)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
muvee autoProducer 6.1 (Version: 6.10.050)
My HP Games (Version: 1.0.0.43)
Network64 (Version: 140.0.215.000)
OCR Software by I.R.I.S. 13.0 (Version: 13.0)
ooVoo (Version: 3.0.7008)
ooVoo Toolbar (Version: 2.3.0)
ooVoo Toolbar (Version: 2.5.0.3)
ParetoLogic DriverCure (Version: 1.6.1.0)
PCsync (Version: 5.07.3001)
Power2Go (Version: 5.6.3919)
PowerDirector (Version: 6.5.2719)
ProductContext (Version: 130.0.000.000)
ProtectSmart Hard Drive Protection (Version: 3.10.1.7)
PS_AIO_06_C4700_SW_Min (Version: 140.0.690.000)
PSSWCORE (Version: 2.02.0000)
QuickPlay SlingPlayer 0.4.6 (Version: 0.4.6)
QuickTime (Version: 7.72.80.56)
QuickTransfer (Version: 140.0.98.000)
Realtek 8169 8168 8101E 8102E Ethernet Driver (Version: 1.00.0000)
Realtek USB 2.0 Card Reader (Version: )
Safari (Version: 5.34.57.2)
Scan (Version: 140.0.80.000)
Seagate Replica v3.0.1801.8554
Serif WebPlus 10 (Version: 10.1.1.036)
Serif WebPlus 10 Resources (Version: 10.1.0.007)
Shared C Run-time for x64 (Version: 10.0.0)
Shop for HP Supplies (Version: 13.0)
Skype Click to Call (Version: 5.9.9216)
Skype™ 5.10 (Version: 5.10.116)
Slingbox Flash Tour (Version: 1.0.0)
SlingPlayer (Version: 1.04.0206)
SmartWebPrinting (Version: 140.0.186.000)
SolutionCenter (Version: 130.0.373.000)
Sony Picture Utility (Version: 3.0.00.11220)
Stamps.com
Stamps.com (Version: 8.9.0.2137)
Status (Version: 130.0.469.000)
Synaptics Pointing Device Driver (Version: 15.0.17.4)
Toolbox (Version: 140.0.428.000)
TrayApp (Version: 130.0.422.000)
Turbo Lister 2 (Version: 2.0.0)
UnloadSupport (Version: 10.0.0)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VideoToolkit01 (Version: 100.0.128.000)
Viewpoint Media Player
Visual Studio Tools for the Office system 3.0 Runtime
Visual Studio Tools for the Office system 3.0 Runtime (Version: 9.0.30729)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (Version: 1)
WebReg (Version: 140.0.212.017)
Windows 7 Upgrade Advisor (Version: 2.0.5000.0)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0) (Version: 06/03/2009 2.3.0.0)
Yahoo! BrowserPlus 2.9.8
Yahoo! Install Manager
Yahoo! Internet Mail
Yahoo! Mail Advisor
Yahoo! Software Update
Yahoo! Toolbar

========================= Memory info: ===================================

Percentage of memory in use: 65%
Total physical RAM: 4027.21 MB
Available physical RAM: 1369.95 MB
Total Pagefile: 8052.61 MB
Available Pagefile: 5502.46 MB
Total Virtual: 4095.88 MB
Available Virtual: 3973.67 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:221.74 GB) (Free:77.26 GB) NTFS
2 Drive d: (HP_RECOVERY) (Fixed) (Total:11.14 GB) (Free:1.38 GB) NTFS
4 Drive f: (Seagate Replica) (Fixed) (Total:1863.01 GB) (Free:983.01 GB) NTFS

========================= Users: ========================================

User accounts for \\ANDREW-PC

Administrator Andrew Guest
Jan


**** End of log ****

#6 GKRmaximumattack

GKRmaximumattack
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:02 PM

Posted 15 September 2012 - 05:52 PM

Farbar Service Scanner Version: 06-08-2012
Ran by Andrew (administrator) on 15-09-2012 at 18:50:48
Running from "C:\Users\Andrew\Desktop"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.

bfe Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.

BITS Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============
Checking Start type of SharedAccess: ATTENTION!=====> Unable to retrieve start type of SharedAccess. The value does not exist.
Checking ImagePath of SharedAccess: ATTENTION!=====> Unable to retrieve ImagePath of SharedAccess. The value does not exist.
Checking ServiceDll of SharedAccess: ATTENTION!=====> Unable to retrieve ServiceDll of SharedAccess. The value does not exist.


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

#7 GKRmaximumattack

GKRmaximumattack
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:02 PM

Posted 15 September 2012 - 06:14 PM

# AdwCleaner v2.001 - Logfile created 09/15/2012 at 18:54:29
# Updated 09/09/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Andrew - ANDREW-PC
# Boot Mode : Normal
# Running from : C:\Users\Andrew\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****

Stopped & Deleted : Viewpoint Manager Service

***** [Files / Folders] *****

File Deleted : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll
File Deleted : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.xpt
File Deleted : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.dll
File Deleted : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.xpt
File Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
File Deleted : C:\Users\Andrew\AppData\Roaming\Mozilla\Firefox\Profiles\ibuklyhj.default\searchplugins\Askcom.xml
Folder Deleted : C:\Program Files (x86)\Ask.com
Folder Deleted : C:\Program Files (x86)\Common Files\Software Update Utility
Folder Deleted : C:\Program Files (x86)\Viewpoint
Folder Deleted : C:\ProgramData\Viewpoint
Folder Deleted : C:\Users\Andrew\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\Andrew\AppData\Roaming\Mozilla\Firefox\Profiles\ibuklyhj.default\extensions\toolbar@ask.com
Folder Deleted : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

***** [Registry] *****

Key Deleted : HKCU\Software\APN
Key Deleted : HKCU\Software\AppDataLow\AskBarDis
Key Deleted : HKCU\Software\AppDataLow\AskToolbarInfo
Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKCU\Software\Zugo
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Key Deleted : HKLM\Software\APN
Key Deleted : HKLM\Software\AskToolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7E8A36EA-2501-4ED3-A3C8-CFA9143FB169}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B27D9527-3762-4D71-963D-FB7A94FDD678}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\dnu.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\Toolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdate
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\SOFTWARE\Classes\IMsiDe1egate.Application.1
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.BandObject
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.BandObject.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.ToolbarHelperObject
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.ToolbarHelperObject.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6857AC4A-95B4-4E2C-B2D2-8A235FCCEF4A}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}
Key Deleted : HKLM\Software\Freeze.com
Key Deleted : HKLM\Software\MetaStream
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
Key Deleted : HKLM\Software\Viewpoint
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{761F6A83-F007-49E4-8EAC-CDB6808EF06F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{76C45B18-A29E-43EA-AAF8-AF55C2E1AE17}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{96EF404C-24C7-43D0-9096-4CCC8BB7CCAC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{97720195-206A-42AE-8E65-260B9BA5589F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{97D69524-BB57-4185-9C7F-5F05593B771A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{986F7A5A-9676-47E1-8642-F41F8C3FCF82}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B18788A4-92BD-440E-A4D1-380C36531119}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1C888195-0160-4883-91B7-294C0CE2F277}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{99ACA0F7-D864-45CB-8C40-FD42A077E7CA}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1C888195-0160-4883-91B7-294C0CE2F277}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{99ACA0F7-D864-45CB-8C40-FD42A077E7CA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

Restored : [HKCU\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKCU\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page Restore] = hxxp://www.ask.com?o=13735&l=dir --> hxxp://www.google.com

-\\ Mozilla Firefox v15.0 (en-US)

Profile name : default
File : C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\8xuombuy.default\prefs.js

C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\8xuombuy.default\user.js ... Deleted !

[OK] File is clean.

Profile name : default
File : C:\Users\Andrew\AppData\Roaming\Mozilla\Firefox\Profiles\ibuklyhj.default\prefs.js

C:\Users\Andrew\AppData\Roaming\Mozilla\Firefox\Profiles\ibuklyhj.default\user.js ... Deleted !

Deleted : user_pref("aol_toolbar.surf.date", "25");
Deleted : user_pref("aol_toolbar.surf.lastDate", "15");
Deleted : user_pref("aol_toolbar.surf.lastMonth", "8");
Deleted : user_pref("aol_toolbar.surf.lastYear", "2012");
Deleted : user_pref("aol_toolbar.surf.month", "219");
Deleted : user_pref("aol_toolbar.surf.prevMonth", "3640");
Deleted : user_pref("aol_toolbar.surf.total", "244860");
Deleted : user_pref("aol_toolbar.surf.week", "36");
Deleted : user_pref("aol_toolbar.surf.year", "28771");
Deleted : user_pref("browser.search.defaultengine", "Ask.com");
Deleted : user_pref("browser.search.defaultenginename", "Ask.com");
Deleted : user_pref("browser.search.defaulturl", "hxxp://search.aol.com/search/search?query={searchTerms}&invo[...]
Deleted : user_pref("browser.search.order.1", "Ask.com");
Deleted : user_pref("extensions.asktb.InstallDir", "C:\\Program Files (x86)\\Ask.com\\");
Deleted : user_pref("extensions.asktb.abar-war-regex", "conduit\\.com");
Deleted : user_pref("extensions.asktb.abar-war-timeout", "4000");
Deleted : user_pref("extensions.asktb.autofill-competitor-query-enabled", true);
Deleted : user_pref("extensions.asktb.cbid", "D5");
Deleted : user_pref("extensions.asktb.config-updated", true);
Deleted : user_pref("extensions.asktb.default-channel", "dictionary-channel");
Deleted : user_pref("extensions.asktb.default-channel-url-mask", "hxxp://app.dictionary.com/click/sekgso?o=100[...]
Deleted : user_pref("extensions.asktb.displaybehavior", "");
Deleted : user_pref("extensions.asktb.displaytext", "");
Deleted : user_pref("extensions.asktb.dtid", "gog187YYUS");
Deleted : user_pref("extensions.asktb.ff-original-keyword-url", "hxxp://websearch.ask.com/redirect?client=ff&s[...]
Deleted : user_pref("extensions.asktb.first-restart-after-config-update", true);
Deleted : user_pref("extensions.asktb.fresh-install", false);
Deleted : user_pref("extensions.asktb.guid", "7CD0423C-DBAE-429A-88E8-79D1E945CA53");
Deleted : user_pref("extensions.asktb.hxxp-header-whitelist-hosts", "[\"static-dev.en.dev.ask.com\", \"ask.com[...]
Deleted : user_pref("extensions.asktb.if", "su");
Deleted : user_pref("extensions.asktb.l", "dis");
Deleted : user_pref("extensions.asktb.last-config-req", "1347741235328");
Deleted : user_pref("extensions.asktb.last-search-timestamp", "1340120228272");
Deleted : user_pref("extensions.asktb.locale", "en_US");
Deleted : user_pref("extensions.asktb.lstation", "");
Deleted : user_pref("extensions.asktb.new-tab-enabled", true);
Deleted : user_pref("extensions.asktb.news-native-on", true);
Deleted : user_pref("extensions.asktb.o", "13732");
Deleted : user_pref("extensions.asktb.options-lang", "en");
Deleted : user_pref("extensions.asktb.options-locale", "US");
Deleted : user_pref("extensions.asktb.overlay-reloaded-using-restart", true);
Deleted : user_pref("extensions.asktb.pstate", "");
Deleted : user_pref("extensions.asktb.qsrc", "2871");
Deleted : user_pref("extensions.asktb.r", "5");
Deleted : user_pref("extensions.asktb.sa", "YES");
Deleted : user_pref("extensions.asktb.saguid", "A6956E34-ECC4-419D-846F-4D87036E346D");
Deleted : user_pref("extensions.asktb.search-history-queries", "vested interest definition||KING KSFR-22||Raus[...]
Deleted : user_pref("extensions.asktb.search-plugin-suggestions-url", "hxxp://ss.websearch.ask.com/query?qsrc=[...]
Deleted : user_pref("extensions.asktb.search-suggestions-enabled", true);
Deleted : user_pref("extensions.asktb.silent-upgrade", true);
Deleted : user_pref("extensions.asktb.silent-upgrade-from-pre-newtabs-build", true);
Deleted : user_pref("extensions.asktb.socialmini-first", true);
Deleted : user_pref("extensions.asktb.socialmini-interval", "1200000");
Deleted : user_pref("extensions.asktb.socialmini-max-char-ticker", "33");
Deleted : user_pref("extensions.asktb.socialmini-max-items", "30");
Deleted : user_pref("extensions.asktb.socialmini-native-on", true);
Deleted : user_pref("extensions.asktb.socialmini-speed", "10000");
Deleted : user_pref("extensions.asktb.socialmini-transition-first-open", false);
Deleted : user_pref("extensions.asktb.themeid", "");
Deleted : user_pref("extensions.asktb.timeinstalled", "1/24/2012 7:05:27 AM");
Deleted : user_pref("extensions.asktb.v", "3.15.2.100013");
Deleted : user_pref("extensions.asktb.version", "5.15.2.23037");
Deleted : user_pref("extensions.asktb.volume", "");
Deleted : user_pref("extensions.enabledAddons", "64ffxtbr@TelevisionFanatic.com:1.1,{3e0e7d2a-070f-4a47-b019-9[...]
Deleted : user_pref("keyword.URL", "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=DIC2V5&o=13732&local[...]
Deleted : user_pref("mapquest_toolbar.default.search.url", "hxxp://search.aol.com/search/search?query={searchT[...]

-\\ Google Chrome v [Unable to get version]

File : C:\Users\Andrew\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [15129 octets] - [15/09/2012 18:54:29]

########## EOF - C:\AdwCleaner[S1].txt - [15190 octets] ##########

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:02 PM

Posted 15 September 2012 - 06:18 PM

Malwarebytes log?

Run the services repair tool

http://kb.eset.com/library/ESET/KB%20Team%20Only/Malware/ServicesRepair.exe

Post the new FSS log


download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the text contents here

#9 GKRmaximumattack

GKRmaximumattack
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:02 PM

Posted 16 September 2012 - 09:49 AM

Malwarebytes logs (2):

Malwarebytes Anti-Malware (Trial) 1.65.0.1400
www.malwarebytes.org

Database version: v2012.09.15.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Andrew :: ANDREW-PC [administrator]

Protection: Enabled

9/15/2012 8:29:23 AM
mbam-log-2012-09-15 (12-16-31).txt

Scan type: Full scan (C:\|D:\|F:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 927028
Time elapsed: 3 hour(s), 29 minute(s), 55 second(s)

Memory Processes Detected: 1
C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64brmon.exe (PUP.MyWebSearch) -> 4192 -> No action taken.

Memory Modules Detected: 1
C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64brstub.dll (PUP.MyWebSearch) -> No action taken.

Registry Keys Detected: 91
HKLM\SYSTEM\CurrentControlSet\Services\TelevisionFanaticService (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{0696f815-a3a9-490a-bb14-9ec3350b1276} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{5d79f641-c168-40df-a32f-bacea7509e75} (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5D79F641-C168-40DF-A32F-BACEA7509E75} (PUP.MyWebSearch) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{5D79F641-C168-40DF-A32F-BACEA7509E75} (PUP.MyWebSearch) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5D79F641-C168-40DF-A32F-BACEA7509E75} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{04d2b915-19ff-41e9-994d-95dc898bea43} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{0597d3be-9a4d-4426-a8a7-572ad299852e} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{4E7F49ED-8C94-4AAA-A407-3010D099B11A} (PUP.MyWebSearch) -> No action taken.
HKCR\TelevisionFanatic.SettingsPlugin.1 (PUP.MyWebSearch) -> No action taken.
HKCR\TelevisionFanatic.SettingsPlugin (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{04D2B915-19FF-41E9-994D-95DC898BEA43} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{cb41fc95-f1b3-4797-8bb6-1012ff62abba} (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CB41FC95-F1B3-4797-8BB6-1012FF62ABBA} (PUP.MyWebSearch) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{CB41FC95-F1B3-4797-8BB6-1012FF62ABBA} (PUP.MyWebSearch) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CB41FC95-F1B3-4797-8BB6-1012FF62ABBA} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{02515cef-2063-4d64-b87a-d504c99d40dd} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{aed3b1e0-fabb-4c27-a2da-ec8352ee7e30} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{9989BC14-9B5B-4B3B-8040-478FD1685E34} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{07494721-dfcf-41c1-8a03-b3fffb0f8409} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{952c6f00-cba7-47be-baf3-cfc5808e6c7b} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{1E34EA93-600B-4CBC-9858-59BE04C1A581} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{0e8a6cb6-3b14-491d-8bba-86a95a62ff72} (PUP.MyWebSearch) -> No action taken.
HKCR\TelevisionFanatic.PseudoTransparentPlugin.1 (PUP.MyWebSearch) -> No action taken.
HKCR\TelevisionFanatic.PseudoTransparentPlugin (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{0E8A6CB6-3B14-491D-8BBA-86A95A62FF72} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{1D7E63AF-274B-426B-B51D-ADF161DF7F24} (PUP.MyWebSearch) -> No action taken.
HKCR\TelevisionFanatic.HTMLMenu.1 (PUP.MyWebSearch) -> No action taken.
HKCR\TelevisionFanatic.HTMLMenu (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1D7E63AF-274B-426B-B51D-ADF161DF7F24} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{387dface-9e46-415f-8c86-18083b7d6ead} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{73cadbbd-4dc5-419d-84f1-e7bf4c3b20c4} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{32CC4D2E-999C-4853-9D3E-5DE4C02D57C6} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{38deffd9-9379-4ac4-baa9-1a883dba9cd2} (PUP.MyWebSearch) -> No action taken.
HKCR\TelevisionFanatic.MultipleButton.1 (PUP.MyWebSearch) -> No action taken.
HKCR\TelevisionFanatic.MultipleButton (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{52d3c28f-c9ac-40b5-848f-1fb63d2badef} (PUP.MyWebSearch) -> No action taken.
HKCR\TelevisionFanatic.ScriptButton.1 (PUP.MyWebSearch) -> No action taken.
HKCR\TelevisionFanatic.ScriptButton (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{67d33c35-62e9-4f77-a284-9e9d256f7846} (PUP.MyWebSearch) -> No action taken.
HKCR\TelevisionFanatic.DynamicBarButton.1 (PUP.MyWebSearch) -> No action taken.
HKCR\TelevisionFanatic.DynamicBarButton (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{6ffb45e3-cffc-4b3a-95eb-334cb53c85b0} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{a378fd9d-b406-44bb-96d2-8cdaa668713f} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{93A55DA3-83ED-4090-91B6-904C44647639} (PUP.MyWebSearch) -> No action taken.
HKCR\TelevisionFanatic.FeedManager.1 (PUP.MyWebSearch) -> No action taken.
HKCR\TelevisionFanatic.FeedManager (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{7895609d-c8b4-4cf5-a2c7-28223d0c3d92} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{34979cb5-728d-4727-81bf-01850a3bb89b} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{934063FB-A81D-4849-B02C-478446DF3219} (PUP.MyWebSearch) -> No action taken.
HKCR\TelevisionFanatic.ThirdPartyInstaller.1 (PUP.MyWebSearch) -> No action taken.
HKCR\TelevisionFanatic.ThirdPartyInstaller (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7895609D-C8B4-4CF5-A2C7-28223D0C3D92} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{7952f465-ac46-4a82-b383-870f3784d1cd} (PUP.MyWebSearch) -> No action taken.
HKCR\TelevisionFanatic.UrlAlertButton.1 (PUP.MyWebSearch) -> No action taken.
HKCR\TelevisionFanatic.UrlAlertButton (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{7ad9c324-3672-4d33-8477-d9c8e627f4bf} (PUP.MyWebSearch) -> No action taken.
HKCR\TelevisionFanatic.Radio.1 (PUP.MyWebSearch) -> No action taken.
HKCR\TelevisionFanatic.Radio (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{8be781d8-5e70-423d-82de-9e4756fce53c} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{026fd9ba-112b-4d9f-86ea-589e28016e8c} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{0328B630-EA94-4FA3-9F27-8250B6324DDB} (PUP.MyWebSearch) -> No action taken.
HKCR\TelevisionFanatic.XMLSessionPlugin.1 (PUP.MyWebSearch) -> No action taken.
HKCR\TelevisionFanatic.XMLSessionPlugin (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8BE781D8-5E70-423D-82DE-9E4756FCE53C} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{91a8da6b-8013-44aa-b63f-00195312999a} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{03f59b4b-09d9-40f0-a01a-6e895023f2f0} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{42CB7963-EFE0-4737-A927-CE076FAA3BA0} (PUP.MyWebSearch) -> No action taken.
HKCR\TelevisionFanatic.RadioSettings.1 (PUP.MyWebSearch) -> No action taken.
HKCR\TelevisionFanatic.RadioSettings (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{c98d5b61-b0ea-4d48-9839-1079d352d880} (PUP.MyWebSearch) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{C98D5B61-B0EA-4D48-9839-1079D352D880} (PUP.MyWebSearch) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C98D5B61-B0EA-4D48-9839-1079D352D880} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{cd3cae95-556f-46ae-b636-45dc6b297eb1} (PUP.MyWebSearch) -> No action taken.
HKCR\TelevisionFanatic.ToolbarPlugin.1 (PUP.MyWebSearch) -> No action taken.
HKCR\TelevisionFanatic.ToolbarPlugin (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{d09094b3-b426-4f16-a6d9-e211fe222127} (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D09094B3-B426-4F16-A6D9-E211FE222127} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{f02c0832-c85c-4b93-8c6f-9df20121a10d} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{6784d08d-cdc3-419d-9b97-744a351ed908} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{844C2331-94DF-431E-9A67-426ED861D27F} (PUP.MyWebSearch) -> No action taken.
HKCR\TelevisionFanatic.HTMLPanel.1 (PUP.MyWebSearch) -> No action taken.
HKCR\TelevisionFanatic.HTMLPanel (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F02C0832-C85C-4B93-8C6F-9DF20121A10D} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{fba7cbb1-fc93-4149-8862-d94451a7d167} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{608f7340-e221-4afb-a848-c4dad297cd58} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{966430CC-2097-45CA-8626-2C3F454C3297} (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4e7f49ed-8c94-4aaa-a407-3010d099b11a} (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\TelevisionFanaticbar Uninstall (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\MozillaPlugins\@TelevisionFanatic.com/Plugin (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{8cc1c055-a67a-43ef-8ee1-0e1b2683fa67} (PUP.MyWebSearch) -> No action taken.

Registry Values Detected: 6
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|TelevisionFanatic Browser Plugin Loader (PUP.MyWebSearch) -> Data: C:\PROGRA~2\TELEVI~2\bar\1.bin\64brmon.exe -> No action taken.
HKCU\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks|{0696F815-A3A9-490A-BB14-9EC3350B1276} (PUP.MyWebSearch) -> Data: -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{C98D5B61-B0EA-4D48-9839-1079D352D880} (PUP.MyWebSearch) -> Data: -> No action taken.
HKCU\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{0696f815-a3a9-490a-bb14-9ec3350b1276} (PUP.MyWebSearch) -> Data: -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{c98d5b61-b0ea-4d48-9839-1079d352d880} (PUP.MyWebSearch) -> Data: -> No action taken.
HKLM\SOFTWARE\Mozilla\Firefox\Extensions|64ffxtbr@TelevisionFanatic.com (PUP.MyWebSearch) -> Data: C:\Program Files (x86)\TelevisionFanatic\bar\1.bin -> No action taken.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 2
C:\Program Files (x86)\TelevisionFanatic\bar\1.bin (PUP.MyWebSearch) -> No action taken.
C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\chrome (PUP.MyWebSearch) -> No action taken.

Files Detected: 35
C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64barsvc.exe (PUP.MyWebSearch) -> No action taken.
C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64brmon.exe (PUP.MyWebSearch) -> No action taken.
C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64brstub.dll (PUP.MyWebSearch) -> No action taken.
C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64SrcAs.dll (PUP.MyWebSearch) -> No action taken.
C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64bar.dll (PUP.MyWebSearch) -> No action taken.
C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64httpct.dll (PUP.MyWebSearch) -> No action taken.
C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64mlbtn.dll (PUP.MyWebSearch) -> No action taken.
C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64script.dll (PUP.MyWebSearch) -> No action taken.
C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64dyn.dll (PUP.MyWebSearch) -> No action taken.
C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64feedmg.dll (PUP.MyWebSearch) -> No action taken.
C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64tpinst.dll (PUP.MyWebSearch) -> No action taken.
C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64uabtn.dll (PUP.MyWebSearch) -> No action taken.
C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64radio.dll (PUP.MyWebSearch) -> No action taken.
C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64msg.dll (PUP.MyWebSearch) -> No action taken.
C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64dlghk.dll (PUP.MyWebSearch) -> No action taken.
C:\$RECYCLE.BIN\S-1-5-18\$ff24043d55f85ce9a20a8337d9b4b888\U\00000001.@ (Trojan.0Access) -> No action taken.
C:\$RECYCLE.BIN\S-1-5-18\$ff24043d55f85ce9a20a8337d9b4b888\U\800000cb.@ (Trojan.0Access) -> No action taken.
C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64auxstb.dll (PUP.MyWebSearch) -> No action taken.
C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64highin.exe (PUP.MyWebSearch) -> No action taken.
C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64idle.dll (PUP.MyWebSearch) -> No action taken.
C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64impipe.exe (PUP.MyWebSearch) -> No action taken.
C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64medint.exe (PUP.MyWebSearch) -> No action taken.
C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64regfft.dll (PUP.MyWebSearch) -> No action taken.
C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64regiet.dll (PUP.MyWebSearch) -> No action taken.
C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64skplay.exe (PUP.MyWebSearch) -> No action taken.
C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\NP64Stub.dll (PUP.MyWebSearch) -> No action taken.
C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\T8RES.DLL (PUP.MyWebSearch) -> No action taken.
C:\Users\Andrew\AppData\Local\Temp\.exe (Trojan.Agent) -> No action taken.
C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\CHROME.MANIFEST (PUP.MyWebSearch) -> No action taken.
C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\INSTALL.RDF (PUP.MyWebSearch) -> No action taken.
C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\LOGO.BMP (PUP.MyWebSearch) -> No action taken.
C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\T8FFTBPR.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\T8PATCH.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\T8UNPAT.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\chrome\64ffxtbr.jar (PUP.MyWebSearch) -> No action taken.

(end)
***********************************************************************************************
Malwarebytes Anti-Malware (Trial) 1.65.0.1400
www.malwarebytes.org

Database version: v2012.09.15.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Andrew :: ANDREW-PC [administrator]

Protection: Enabled

9/15/2012 12:32:29 PM
mbam-log-2012-09-15 (12-32-29).txt

Scan type: Full scan (C:\|D:\|F:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 927136
Time elapsed: 3 hour(s), 18 minute(s), 7 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#10 GKRmaximumattack

GKRmaximumattack
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:02 PM

Posted 16 September 2012 - 10:38 AM

Farbar Service Scanner Version: 06-08-2012
Ran by Andrew (administrator) on 15-09-2012 at 18:50:48
Running from "C:\Users\Andrew\Desktop"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.

bfe Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.

BITS Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============
Checking Start type of SharedAccess: ATTENTION!=====> Unable to retrieve start type of SharedAccess. The value does not exist.
Checking ImagePath of SharedAccess: ATTENTION!=====> Unable to retrieve ImagePath of SharedAccess. The value does not exist.
Checking ServiceDll of SharedAccess: ATTENTION!=====> Unable to retrieve ServiceDll of SharedAccess. The value does not exist.


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

Rkill 2.3.15 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 09/16/2012 11:33:53 AM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* Explorer Policy Removed: NoActiveDesktopChanges [HKLM]

Backup Registry file created at:
C:\Users\Andrew\Desktop\rkill\rkill-09-16-2012-11-34-06.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

* ALERT: ZEROACCESS rootkit symptoms found!

* HKEY_CLASSES_ROOT\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InprocServer32 [ZA Reg Hijack]
* HKEY_CLASSES_ROOT\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InprocServer32 [ZA Reg Hijack]
* C:\$Recycle.Bin\S-1-5-18\$ff24043d55f85ce9a20a8337d9b4b888\ [ZA Dir]
* C:\$Recycle.Bin\S-1-5-18\$ff24043d55f85ce9a20a8337d9b4b888\@ [ZA File]
* C:\$Recycle.Bin\S-1-5-18\$ff24043d55f85ce9a20a8337d9b4b888\L\ [ZA Dir]
* C:\$Recycle.Bin\S-1-5-18\$ff24043d55f85ce9a20a8337d9b4b888\U\ [ZA Dir]
* C:\$Recycle.Bin\S-1-5-21-1859224979-656183880-1513983433-1001\$ff24043d55f85ce9a20a8337d9b4b888\ [ZA Dir]
* C:\$Recycle.Bin\S-1-5-21-1859224979-656183880-1513983433-1001\$ff24043d55f85ce9a20a8337d9b4b888\@ [ZA File]
* C:\$Recycle.Bin\S-1-5-21-1859224979-656183880-1513983433-1001\$ff24043d55f85ce9a20a8337d9b4b888\L\ [ZA Dir]
* C:\$Recycle.Bin\S-1-5-21-1859224979-656183880-1513983433-1001\$ff24043d55f85ce9a20a8337d9b4b888\U\ [ZA Dir]

Checking Windows Service Integrity:

* atapi => \SystemRoot\system32\drivers\atapi.sys [Incorrect ImagePath]

Searching for Missing Digital Signatures:

* No issues found.

Program finished at: 09/16/2012 11:35:23 AM
Execution time: 0 hours(s), 1 minute(s), and 30 seconds(s)

#11 GKRmaximumattack

GKRmaximumattack
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:02 PM

Posted 16 September 2012 - 10:47 AM

"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" ""
+ "rdpclip" "" "" "File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "FileOpenBroker" "FileOpen Broker" "FileOpen Systems Inc." "c:\program files\fileopen\services\fileopenbroker64.exe"
+ "HotKeysCmds" "hkcmd Module" "Intel Corporation" "c:\windows\system32\hkcmd.exe"
+ "IgfxTray" "igfxTray Module" "Intel Corporation" "c:\windows\system32\igfxtray.exe"
+ "Kernel and Hardware Abstraction Layer" "Logitech KHAL Main Process" "Logitech, Inc." "c:\windows\khalmnpr.exe"
+ "OnScreenDisplay" "HP QuickTouch On Screen Display" " Hewlett-Packard Development Company, L.P." "c:\program files\hewlett-packard\hp quicktouch\hpkbdapp.exe"
+ "Persistence" "persistence Module" "Intel Corporation" "c:\windows\system32\igfxpers.exe"
+ "SynTPEnh" "Synaptics TouchPad Enhancements" "Synaptics Incorporated" "c:\program files\synaptics\syntp\syntpenh.exe"
+ "SysTrayApp" "IDT PC Audio" "IDT, Inc." "c:\program files\idt\wdm\sttray64.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe"
+ "AppleSyncNotifier" "AppleSyncNotifier" "Apple Inc." "c:\program files (x86)\common files\apple\mobile device support\applesyncnotifier.exe"
+ "APSDaemon" "Apple Push" "Apple Inc." "c:\program files (x86)\common files\apple\apple application support\apsdaemon.exe"
+ "eBayToolbar" "eBay Toolbar Daemon" "eBay Inc." "c:\program files (x86)\ebay\ebay toolbar2\ebaytbdaemon.exe"
+ "Garmin Lifetime Updater" "Garmin Lifetime Updater" "Garmin" "c:\program files (x86)\garmin\lifetime updater\garminlifetime.exe"
+ "IAStorIcon" "IAStorIcon" "Intel Corporation" "c:\program files (x86)\intel\intel® rapid storage technology\iastoricon.exe"
+ "iTunesHelper" "iTunesHelper" "Apple Inc." "c:\program files (x86)\itunes\ituneshelper.exe"
+ "mcui_exe" "McAfee Security Center" "McAfee, Inc." "c:\program files\mcafee.com\agent\mcagent.exe"
+ "ooVooToolbarHelper" "" "" "File not found: C:\Program Files (x86)\ooVoo Toolbar\ToolbarHelper.exe"
+ "QPService" "HP QuickPlay Resident Program" "CyberLink Corp." "c:\program files (x86)\hp\quickplay\qpservice.exe"
+ "QuickTime Task" "QuickTime Task" "Apple Inc." "c:\program files (x86)\quicktime\qttask.exe"
+ "RIMBBLaunchAgent.exe" "Launch Agent Service" "Research In Motion Limited" "c:\program files (x86)\common files\research in motion\usb drivers\rimbblaunchagent.exe"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files (x86)\common files\java\java update\jusched.exe"
+ "UCam_Menu" "StartMen Application" "CyberLink Corp." "c:\program files (x86)\cyberlink\youcam\muitransfer\muistartmenu.exe"
+ "WirelessAssistant" "HP Wireless Assistant Main Program" "Hewlett-Packard" "c:\program files (x86)\hewlett-packard\hp wireless assistant\hpwamain.exe"
+ "YMailAdvisor" "Yahoo! Mail Advisor" "Yahoo! Inc." "c:\program files (x86)\yahoo!\common\ymailadvisor.exe"
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "HP Digital Imaging Monitor.lnk" "HP Digital Imaging Monitor" "Hewlett-Packard Co." "c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe"
+ "Logitech SetPoint.lnk" "Logitech SetPoint Event Manager (UNICODE)" "Logitech, Inc." "c:\program files\logitech\setpoint\setpoint.exe"
+ "McAfee Security Scan Plus.lnk" "McAfee Security Scanner Scheduler" "McAfee, Inc." "c:\program files (x86)\mcafee security scan\2.0.181\ssscheduler.exe"
"C:\Users\Andrew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "eFax 4.4.lnk" "eFax Messenger - Tray" "j2 Global Communications, Inc." "c:\program files (x86)\efax messenger 4.4\j2gtray.exe"
+ "Picture Motion Browser Media Check Tool.lnk" "Media Check Tool" "Sony Corporation" "c:\program files (x86)\sony\sony picture utility\pmbcore\spuvolumewatcher.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "eFax 4.4" "eFax Messenger - DLL Command Utility" "j2 Global Communications, Inc." "c:\program files (x86)\efax messenger 4.4\j2gdllcmd.exe"
+ "LightScribe Control Panel" "" "Hewlett-Packard Company" "c:\program files (x86)\common files\lightscribe\lightscribecontrolpanel.exe"
+ "shbec" "" "" "File not found: C:\Users\Andrew\AppData\Roaming\shbec.dll"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "application/x-mfe-ipt" "McAfee MSC IE plugin DLL" "McAfee, Inc." "c:\program files\mcafee\msc\mcsniepl64.dll"
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office12\msoxmlmf.dll"
"HKLM\SOFTWARE\Classes\Protocols\Handler" "" "" ""
+ "dssrequest" "SiteAdvisor" "McAfee, Inc." "c:\program files (x86)\mcafee\siteadvisor\x64\mcieplg.dll"
+ "sacore" "SiteAdvisor" "McAfee, Inc." "c:\program files (x86)\mcafee\siteadvisor\x64\mcieplg.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "McCtxMenuFrmWrk" "McAfee ContextMenu Framework" "McAfee, Inc." "c:\program files\mcafee\msc\mcctxmenufrmwrk.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "HotShellExt_40" "eFax Messenger - Shell Extension" "j2 Global Communications, Inc." "c:\program files (x86)\efax messenger 4.4\j2gshell.dll"
+ "Yahoo! Mail" "Yahoo! Mail" "Yahoo! Inc." "c:\program files (x86)\yahoo!\common\ymmapi.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "CRebitContextMenuExt" "Seagate Replica Explorer shell extension" "Seagate Technology LLC" "c:\program files\seagate replica\bin\seagate-replica-shell.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Wow6432Node\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "CRebitContextMenuExt" "Seagate Replica Explorer shell extension" "Seagate Technology LLC" "c:\program files (x86)\seagate replica\bin\seagate-replica-shell.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
+ "igfxcui" "igfxpph Module" "Intel Corporation" "c:\windows\system32\igfxpph.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "McCtxMenuFrmWrk" "McAfee ContextMenu Framework" "McAfee, Inc." "c:\program files\mcafee\msc\mcctxmenufrmwrk.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "McAfee SiteAdvisor BHO" "SiteAdvisor" "McAfee, Inc." "c:\program files (x86)\mcafee\siteadvisor\x64\mcieplg.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "&Yahoo! Toolbar Helper" "Yahoo! Toolbar" "Yahoo! Inc." "c:\program files (x86)\yahoo!\companion\installs\cpn4\yt.dll"
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "eBay Toolbar Helper" "eBayTb Dynamic Link Library" "eBay Inc." "c:\program files (x86)\ebay\ebay toolbar2\ebaytb.dll"
+ "Google Toolbar Notifier BHO" "GoogleToolbarNotifier" "Google Inc." "c:\program files (x86)\google\googletoolbarnotifier\5.1.1309.3572\swg.dll"
+ "HP Print Enhancer" "HP Smart Web Printing add-on for Internet Explorer" "Hewlett-Packard Co." "c:\program files (x86)\hp\digital imaging\smart web printing\hpswp_printenhancer.dll"
+ "HP Smart BHO Class" "HP Smart Web Printing add-on for Internet Explorer" "Hewlett-Packard Co." "c:\program files (x86)\hp\digital imaging\smart web printing\hpswp_bho.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\oracle\javafx 2.1 runtime\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\oracle\javafx 2.1 runtime\bin\ssv.dll"
+ "MapQuest Toolbar Loader" "MapQuest Toolbar IE Dynamic Link Library" "MapQuest, Inc" "c:\program files (x86)\mapquest toolbar\mapquesttb.dll"
+ "McAfee SiteAdvisor BHO" "SiteAdvisor" "McAfee, Inc." "c:\program files (x86)\mcafee\siteadvisor\mcieplg.dll"
+ "SingleInstance Class" "Yahoo! Single Instance for Mail" "Yahoo! Inc" "c:\program files (x86)\yahoo!\companion\installs\cpn2\ytsingleinstance.dll"
+ "Skype Browser Helper" "Skype Click to Call for Internet Explorer" "Skype Technologies S.A." "c:\program files (x86)\skype\toolbars\internet explorer\skypeieplugin.dll"
"HKCU\Software\Microsoft\Internet Explorer\UrlSearchHooks" "" "" ""
+ "McAfee SiteAdvisor Toolbar" "SiteAdvisor" "McAfee, Inc." "c:\program files (x86)\mcafee\siteadvisor\x64\mcieplg.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "McAfee SiteAdvisor" "SiteAdvisor" "McAfee, Inc." "c:\program files (x86)\mcafee\siteadvisor\x64\mcieplg.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "eBay Toolbar" "eBayTb Dynamic Link Library" "eBay Inc." "c:\program files (x86)\ebay\ebay toolbar2\ebaytb.dll"
+ "MapQuest Toolbar" "MapQuest Toolbar IE Dynamic Link Library" "MapQuest, Inc" "c:\program files (x86)\mapquest toolbar\mapquesttb.dll"
+ "McAfee SiteAdvisor" "SiteAdvisor" "McAfee, Inc." "c:\program files (x86)\mcafee\siteadvisor\mcieplg.dll"
+ "Yahoo! Toolbar" "Yahoo! Toolbar" "Yahoo! Inc." "c:\program files (x86)\yahoo!\companion\installs\cpn4\yt.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "S&end to OneNote" "Microsoft Office OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office12\onbttnie.dll"
+ "Show or hide HP Smart Web Printing" "HP Smart Web Printing add-on for Internet Explorer" "Hewlett-Packard Co." "c:\program files (x86)\hp\digital imaging\smart web printing\hpswp_bho.dll"
+ "Skype Click to Call" "Skype Click to Call for Internet Explorer" "Skype Technologies S.A." "c:\program files (x86)\skype\toolbars\internet explorer\skypeieplugin.dll"
+ "Sun Java Console" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\oracle\javafx 2.1 runtime\bin\jp2iexp.dll"
"Task Scheduler" "" "" ""
+ "\Apple\AppleSoftwareUpdate" "Apple Software Update" "Apple Inc." "c:\program files (x86)\apple software update\softwareupdate.exe"
+ "\FreeFileViewerUpdateChecker" "Bitberry Software Update Checker" "Bitberry Software" "c:\program files (x86)\freefileviewer\ffvcheckforupdates.exe"
+ "\HP Photo Creations Communicator" "" "" "c:\programdata\hp photo creations\communicator.exe"
+ "\HPCeeScheduleForAndrew" "HP Ceement" "Hewlett-Packard" "c:\program files (x86)\hewlett-packard\hp ceement\hpcee.exe"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
+ "\Microsoft\Windows\Wired\GatherWiredInfo" "" "" "File not found: C:\Windows\system32\gatherWiredInfo.vbs"
+ "\Microsoft\Windows\Wireless\GatherWirelessInfo" "" "" "File not found: C:\Windows\system32\gatherWirelessInfo.vbs"
+ "\ParetoLogic Registration" "ParetoLogic Update Component" "" "c:\program files (x86)\common files\paretologic\uus2\uus.dll"
+ "\ParetoLogic Registration3" "ParetoLogic Update Component" "" "c:\program files (x86)\common files\paretologic\uus3\uus3.dll"
+ "\ParetoLogic Update Version2" "ParetoLogic Update Application" "" "c:\program files (x86)\common files\paretologic\uus2\pareto_update.exe"
+ "\Scheduled Update for Ask Toolbar" "" "" "File not found: C:\Program Files (x86)\Ask.com\UpdateTask.exe"
+ "\SidebarExecute" "Windows Desktop Gadgets" "Microsoft Corporation" "c:\program files\windows sidebar\sidebar.exe"
+ "\vtscheduletask" "McAfee Virtual Technician Application" "McAfee Inc." "c:\program files (x86)\mcafee\supportability\mvt\mvtapp.exe"
+ "\{221E868C-25A7-4DB8-85D6-CA8FF6ABAA7D}" "Skype " "Skype Technologies S.A." "c:\program files (x86)\skype\phone\skype.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AdobeARMservice" "Adobe Acrobat Updater keeps your Adobe software up to date." "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe"
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "AESTFilters" "Andrea filters APO access service (64-bit)" "Andrea Electronics Corporation" "c:\windows\system32\driverstore\filerepository\stwrt64.inf_amd64_neutral_960c1f056a541068\aestsr64.exe"
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files (x86)\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "Bonjour Service" "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence." "Apple Inc." "c:\program files\bonjour\mdnsresponder.exe"
+ "FileOpenManagerSvc" "FileOpen client manager" "FileOpen Systems Inc." "c:\program files\fileopen\services\fileopenmanagersvc64.exe"
+ "GameConsoleService" "GameConsole management services" "WildTangent, Inc." "c:\program files (x86)\hp games\my hp game console\gameconsoleservice.exe"
+ "gupdate1c984f01c096d0" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "HP Support Assistant Service" "HP Support Assistant Service" "Hewlett-Packard Company" "c:\program files (x86)\hewlett-packard\hp support framework\hpsa_service.exe"
+ "HPDrvMntSvc.exe" "HP Quick Synchronization Service" "Hewlett-Packard Company" "c:\program files (x86)\hewlett-packard\shared\hpdrvmntsvc.exe"
+ "hpqcxs08" "HP CUE Context Manager Objects" "Hewlett-Packard Co." "c:\program files (x86)\hp\digital imaging\bin\hpqcxs08.dll"
+ "hpqddsvc" "This service detects and monitors CUE devices on the system." "Hewlett-Packard Co." "c:\program files (x86)\hp\digital imaging\bin\hpqddsvc.dll"
+ "hpqwmiex" "hpqwmiex Module" "Hewlett-Packard Company" "c:\program files (x86)\hewlett-packard\shared\hpqwmiex.exe"
+ "HPSLPSVC" "Discovers and monitors the state and the configuration of the HP devices attached to your network. If the service is stopped, and your network devices change IP addresses, they might become unavailable" "Hewlett-Packard Co." "c:\program files (x86)\hp\digital imaging\bin\hpslpsvc64.dll"
+ "hpsrv" "HpService" "Hewlett-Packard Company" "c:\windows\system32\hpservice.exe"
+ "IAStorDataMgrSvc" "Provides storage event notification and manages communication between the storage driver and user space applications." "Intel Corporation" "c:\program files (x86)\intel\intel® rapid storage technology\iastordatamgrsvc.exe"
+ "IDriverT" "Provides support for the Running Object Table for InstallShield Drivers" "Macrovision Corporation" "c:\program files (x86)\common files\installshield\driver\1050\intel 32\idrivert.exe"
+ "iPod Service" "iPod hardware management services" "Apple Inc." "c:\program files\ipod\bin\ipodservice.exe"
+ "LBTServ" "Logitech Bluetooth Service" "Logitech, Inc." "c:\program files\common files\logitech\bluetooth\lbtserv.exe"
+ "LightScribeService" "Used by the LightScribe software components to support 3rd party disc labeling applications using the LightScribe COM Application Programming Interface (LSCAPI). This service needs to run for LightScribe direct disc labeling to work." "Hewlett-Packard Company" "c:\program files (x86)\common files\lightscribe\lssrvc.exe"
+ "MBAMScheduler" "Malwarebytes Anti-Malware scheduler" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamscheduler.exe"
+ "MBAMService" "Malwarebytes Anti-Malware service" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamservice.exe"
+ "McAfee SiteAdvisor Service" "McAfee SiteAdvisor Service" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McComponentHostService" "McAfee Security Scan Component Host Service" "McAfee, Inc." "c:\program files (x86)\mcafee security scan\2.0.181\mcchsvc.exe"
+ "McMPFSvc" "Helps protect your computer from intrusion and let's you manage your computer's trusted programs." "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "mcmscsvc" "McAfee Services" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McNaiAnn" "McAfee VirusScan Announcer" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McNASvc" "McAfee Network Agent" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McODS" "McAfee Scanner" "McAfee, Inc." "c:\program files\mcafee\virusscan\mcods.exe"
+ "McProxy" "McAfee Proxy Service" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McShield" "McAfee OnAccess Scanner" "McAfee, Inc." "c:\program files\common files\mcafee\systemcore\mcshield.exe"
+ "mfefire" "Provides firewall services to McAfee products" "McAfee, Inc." "c:\program files\common files\mcafee\systemcore\mfefire.exe"
+ "mfevtp" "Provides validation trust protection services" "McAfee, Inc." "c:\windows\system32\mfevtps.exe"
+ "MozillaMaintenance" "The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled." "Mozilla Foundation" "c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe"
+ "Net Driver HPZ12" "Dot4Net Module" "Hewlett-Packard" "c:\windows\system32\hpzinw12.dll"
+ "odserv" "Run portions of Microsoft Office Diagnostics." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\office12\odserv.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"
+ "Pml Driver HPZ12" "PmlDrv Module" "Hewlett-Packard" "c:\windows\system32\hpzipm12.dll"
+ "QPCapSvc" "Provides background buffering, recording and burning functionality for QuickPlay Capturing" "" "c:\program files (x86)\hp\quickplay\kernel\tv\qpcapsvc.exe"
+ "QPSched" "Enables a user to configure and schedule a automated task for QuickPlay Scheduling" "" "c:\program files (x86)\hp\quickplay\kernel\tv\qpsched.exe"
+ "Recovery Service for Windows" "Manages background tasks to ensure compatibility with your system configuration and the capability to recover" "" "c:\windows\sminst\blservice.exe"
+ "ReplicaSysMon" "Seagate Replica System Monitor" "Seagate Technology LLC" "c:\program files (x86)\seagate replica\bin\replicasysmon.exe"
+ "RichVideo" "RichVideo Module" "" "c:\program files (x86)\cyberlink\shared files\richvideo.exe"
+ "Seagate-Replica-Svc" "Seagate Replica Backup Service" "Seagate Technology LLC" "c:\program files (x86)\seagate replica\bin\seagate-replica-svc.exe"
+ "SkypeUpdate" "Enables the detection, download and installation of updates for Skype." "Skype Technologies" "c:\program files (x86)\skype\updater\updater.exe"
+ "STacSV" "Manages audio jack configurations." "IDT, Inc." "c:\windows\system32\driverstore\filerepository\stwrt64.inf_amd64_neutral_960c1f056a541068\stacsv64.exe"
+ "Updater Service for ooVoo Toolbar" "" "" "File not found: C:\Program Files (x86)\ooVoo Toolbar\ToolbarUpdaterService.exe"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
+ "WPFFontCache_v0400" "@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe,-101" "" "File not found: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe"
+ "YahooAUService" "Keeps your favorite Yahoo! software up-to-date with the latest features, tools, and enhancements." "Yahoo! Inc." "c:\program files (x86)\yahoo!\softwareupdate\yahooauservice.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "Accelerometer" "HP Accelerometer" "Hewlett-Packard Company" "c:\windows\system32\drivers\accelerometer.sys"
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "BCM43XX" "Broadcom 802.11 Network Adapter wireless driver" "Broadcom Corporation" "c:\windows\system32\drivers\bcmwl664.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "cfwids" "McAfee Personal Firewall IDS Plugin" "McAfee, Inc." "c:\windows\system32\drivers\cfwids.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "enecir" "ENE CIR Driver for eHome(64)" "ENE TECHNOLOGY INC." "c:\windows\system32\drivers\enecir.sys"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HipShieldK" "McAfee HIP IPS Driver" "McAfee, Inc." "c:\windows\system32\drivers\hipshieldk.sys"
+ "hpdskflt" "HP Disk Filter - SATA/RAID" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpdskflt.sys"
+ "HpqKbFiltr" "HpqKbFiltr Keyboard Filter Driver" "Hewlett-Packard Development Company, L.P." "c:\windows\system32\drivers\hpqkbfiltr.sys"
+ "HpqRemHid" "HP Remote Control HID Device" "Hewlett-Packard Development Company, L.P." "c:\windows\system32\drivers\hpqremhid.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStor" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastor.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "igfx" "Intel Graphics Kernel Mode Driver" "Intel Corporation" "c:\windows\system32\drivers\igdkmd64.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "IntcHdmiAddService" "Intel® High Definition Audio HDMI" "Intel® Corporation" "c:\windows\system32\drivers\intchdmi.sys"
+ "LHidFilt" "Logitech HID Filter Driver." "Logitech, Inc." "c:\windows\system32\drivers\lhidfilt.sys"
+ "LMouFilt" "Logitech Mouse Filter Driver." "Logitech, Inc." "c:\windows\system32\drivers\lmoufilt.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "MBAMProtector" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\windows\system32\drivers\mbam.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "mfeapfk" "Access Protection Filter Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfeapfk.sys"
+ "mfeavfk" "Anti-Virus File System Filter Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfeavfk.sys"
+ "mfeavfk01" "" "" "File not found: C:\Windows\System32\Drivers\mfeavfk01.sys"
+ "mfefirek" "McAfee Core Firewall Engine Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfefirek.sys"
+ "mfehidk" "McAfee Link Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfehidk.sys"
+ "mferkdet" "McAfee Code Analysis Driver" "McAfee, Inc." "c:\windows\system32\drivers\mferkdet.sys"
+ "mfewfpk" "Anti-Virus Mini-Firewall Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfewfpk.sys"
+ "MPFP" "McAfee Personal Firewall Plus Driver" "McAfee, Inc." "c:\windows\system32\drivers\mpfp.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "RimUsb" "BlackBerry Device Driver" "Research In Motion Limited" "c:\windows\system32\drivers\rimusb_amd64.sys"
+ "RimVSerPort" "RIM Virtual Serial Driver" "Research in Motion Ltd" "c:\windows\system32\drivers\rimserial_amd64.sys"
+ "RTL8169" "Realtek 8136/8168/8169 NDIS6 64-bit Driver " "Realtek " "c:\windows\system32\drivers\rtlh64.sys"
+ "RTSTOR" "Realtek USB Mass Storage Driver for Vista x64" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtstor64.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "STHDA" "IDT PC Audio" "IDT, Inc." "c:\windows\system32\drivers\stwrt64.sys"
+ "SynTP" "Synaptics Touchpad Driver" "Synaptics Incorporated" "c:\windows\system32\drivers\syntp.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "msacm.l3codecp" "MPEG Audio Layer-3 Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codecp.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "QP LPCM Decoder 64 Bit" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files (x86)\hp\quickplay\kernel\movie\cllpcmaud64.ax"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "Audio Destination" "WAVDest Filter (Sample)" "Microsoft Corporation" "c:\program files (x86)\google\google earth\client\wavdest.ax"
+ "CL Dvb Subtitle Decoder" "CLDvbSub" "CyberLink_DE" "c:\program files (x86)\hp\quickplay\kernel\tv\pcmrdvbsub.ax"
+ "CL_EVRWindow" "CLEvr" "CyberLink Corp." "c:\program files (x86)\hp\quickplay\kernel\tv\pcmrevr.dll"
+ "CyberLink AudAna Filter" "CLAudAna" "CyberLink" "c:\program files (x86)\cyberlink\powerdirector\pdaudana.dll"
+ "CyberLink Audio Decoder (HomeNetwork)" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files (x86)\hp\quickplay\kernel\dmp\claud.ax"
+ "CyberLink Audio Decoder (QP)" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files (x86)\hp\quickplay\kernel\movie\claud.ax"
+ "CyberLink Audio Effect" "CyberLink Audio Effect Filter" "CyberLink Corporation" "c:\program files (x86)\hp\quickplay\kernel\tv\pcmraudfx.ax"
+ "CyberLink Audio Effect" "CyberLink Audio Effect Filter" "CyberLink Corporation" "c:\program files (x86)\hp\quickplay\kernel\karaoke\claudfx.ax"
+ "CyberLink Audio Noise Reduction" "CLAuNR" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gaunrwrapper.ax"
+ "CyberLink Audio Noise Reduction" "CLAuNR" "CyberLink Corp." "c:\program files (x86)\hp\quickplay\kernel\tv\pcmraunrwrapper.ax"
+ "CyberLink Audio Resampler" "CLAuRsmpl.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdirector\pdaursmpl.ax"
+ "CyberLink Audio Resampler" "CLAuRsmpl.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gaursmpl.ax"
+ "CyberLink Audio Spectrum Analyzer (HomeNetwork)" "CLAudSpa.ax" "CyberLink Corp." "c:\program files (x86)\hp\quickplay\kernel\dmp\claudspa.ax"
+ "CyberLink Audio VolumeBooster" "CyberLink Audio Volume Booster Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gvb.ax"
+ "CyberLink Audio Wizard" "CyberLink Audio Wizard Filter" "CyberLink Corp." "c:\program files (x86)\hp\quickplay\kernel\movie\claudwizard.ax"
+ "CyberLink AudioCD (CD+G) Filter" "CyberLink AudioCD (CD+G) Filter" "CyberLink Corp." "c:\program files (x86)\hp\quickplay\kernel\karaoke\claudiocd.ax"
+ "CyberLink AudioCD Filter" "CyberLink AudioCD Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gaudiocd.ax"
+ "CyberLink AudioCD Filter" "CyberLink AudioCD Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdirector\pdaudiocd.ax"
+ "CyberLink AudioCD Filter" "CyberLink AudioCD Filter" "CyberLink Corp." "c:\program files (x86)\hp\quickplay\kernel\movie\claudiocd.ax"
+ "Cyberlink Byte Counter Filter" "Cyberlink Byte Counter Filter" "CyberLink Corporation" "c:\program files (x86)\cyberlink\powerdirector\pdbytecounter.ax"
+ "CyberLink CD+G Decoder" "CyberLink CD+G Decoder" "" "c:\program files (x86)\hp\quickplay\kernel\karaoke\clcdgdecoder.ax"
+ "CyberLink CD+G Source" "CyberLink CD+G Source Filter" "" "c:\program files (x86)\hp\quickplay\kernel\karaoke\clcdgsource.ax"
+ "CyberLink DDR" "CyberLink DDR" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdirector\pdrender.ax"
+ "CyberLink Demultiplexer" "MPEG-2 Dempltiplexer" "CyberLink Corp." "c:\program files (x86)\hp\quickplay\kernel\tv\pcmrdemuxer.ax"
+ "CyberLink Demultiplexer(NoneScramble)" "MPEG-2 Dempltiplexer" "CyberLink Corp." "c:\program files (x86)\hp\quickplay\kernel\dmp\cldemuxer.ax"
+ "CyberLink Double Pin Tee" "Cyberlink Double Tee Filter" "CtberLink Corporation" "c:\program files (x86)\cyberlink\powerdirector\pddoubletee.ax"
+ "Cyberlink Dump Dispatch Filter" "Cyberlink File Dump Dispatch Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gdumpdispatch.ax"
+ "Cyberlink Dump Filter" "Cyberlink File Dump Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gdump.ax"
+ "CyberLink DV Buffer" "CLDVBuffer Filter" "CyberLink" "c:\program files (x86)\cyberlink\powerdirector\pddvbuffer.ax"
+ "CyberLink DV Dump Filter" "DV dump Filter" "CyberLink Corporation" "c:\program files (x86)\cyberlink\powerdirector\pddvdump.ax"
+ "CyberLink DV Filter" "DVTCR" "CyberLink" "c:\program files (x86)\cyberlink\powerdirector\pddvtcr.ax"
+ "CyberLink DV Reader Filter" "DVMultReader Filter" "CyberLink" "c:\program files (x86)\cyberlink\powerdirector\pddvmrd.ax"
+ "Cyberlink DV Scene Detect Filter" "CLDVScnDt" "CyberLink" "c:\program files (x86)\cyberlink\powerdirector\pddvscndt.ax"
+ "CyberLink DVD Navigator (QP3)" "CyberLink DVD Navigation Filter" "CyberLink Corp." "c:\program files (x86)\hp\quickplay\kernel\movie\clnavx.ax"
+ "CyberLink Editing Service 3.0 (Source)" "CES Kernel" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gedtkrn.dll"
+ "CyberLink Editing Service 4.0 (Source)" "CES Kernel (LT15)" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdirector\cledtkrn.dll"
+ "CyberLink EPG Decoder" "EPGDec" "CyberLink Corp." "c:\program files (x86)\hp\quickplay\kernel\tv\pcmrepgdec.ax"
+ "CyberLink File Map Sink" "CyberLink File Map Sink" "Cyberlink Corporation." "c:\program files (x86)\hp\quickplay\kernel\tv\pcmrfmsnk.ax"
+ "CyberLink File Map Source" "CyberLink File Map Source" "CyberLink File Map Source" "c:\program files (x86)\hp\quickplay\kernel\tv\pcmrfmsrc.ax"
+ "Cyberlink File Reader (Async.)" "Cyberlink MPEG File Reader" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2greader.ax"
+ "Cyberlink Gate Filter" "CLGate" "CyberLink" "c:\program files (x86)\cyberlink\powerdirector\pdgate.ax"
+ "CyberLink HDV Source Filter" "CLImage" "CyberLink" "c:\program files (x86)\cyberlink\powerdirector\pdhdvsrc.ax"
+ "CyberLink Line21 Decoder Filter" "CyberLink Line21 Decoder Filter" "CyberLink Corp." "c:\program files (x86)\hp\quickplay\kernel\tv\pcmrline21.ax"
+ "CyberLink Line21 Decoder Filter" "CyberLink Line21 Decoder Filter" "CyberLink Corp." "c:\program files (x86)\hp\quickplay\kernel\tv\pcmrdtvcc.ax"
+ "CyberLink Line21 Decoder Filter (QP)" "CyberLink Line21 Decoder Filter" "CyberLink Corp." "c:\program files (x86)\hp\quickplay\kernel\movie\clline21.ax"
+ "CyberLink Load Image Filter" "CLImage (LT15)" "CyberLink" "c:\program files (x86)\cyberlink\shared files\climage.ax"
+ "CyberLink M2V Writer" "CLM2VWriter" "CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gm2vwriter.ax"
+ "CyberLink MP3 Wrapper-PCM" "CyberLink MP3 Wrapper" "CyberLink Corp." "c:\program files (x86)\hp\quickplay\kernel\tv\pcmrmp3wrap.ax"
+ "CyberLink MP3/WAV Wrapper" "CyberLink MP3 Wrapper" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gmp3wrap.ax"
+ "CyberLink MPEG Decoder" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gmvd.ax"
+ "CyberLink MPEG Muxer" "MpgMux" "CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gmpgmux.ax"
+ "CyberLink MPEG Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files (x86)\hp\quickplay\kernel\tv\clsplter.ax"
+ "CyberLink MPEG Splitter(Scramble)" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files (x86)\hp\quickplay\kernel\dmp\clsplter.ax"
+ "CyberLink MPEG Video Encoder" "CyberLink MPEG Video Encoder " "CyberLink Corp. " "c:\program files (x86)\cyberlink\power2go\p2gvidenc.ax"
+ "CyberLink MPEG-1 Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gm1spliter.ax"
+ "CyberLink MPEG-2 Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gm2spliter.ax"
+ "CyberLink MPEGV Analyzer" "CLMPEGAnalysis" "CyberLink" "c:\program files (x86)\hp\quickplay\kernel\tv\pcmrmpegvanalyzer.ax"
+ "CyberLink PCM Wrapper" "CyberLink PCM Wrapper" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gpcmenc.ax"
+ "CyberLink Pipe Switch" "CyberLink Pipe Switch" "CyberLink Corp." "c:\program files (x86)\hp\quickplay\kernel\tv\pcmrpipswch.ax"
+ "CyberLink PTS Regulator" "CyberLink PTS Regulator " "CyberLink Corp." "c:\program files (x86)\hp\quickplay\kernel\tv\pcmptsreg.ax"
+ "CyberLink Push-Mode CLStream" "CLStream" "CyberLink" "c:\program files (x86)\hp\quickplay\kernel\dmp\clstream(pushmode).ax"
+ "CyberLink Push-Mode CLStream" "CLStream" "CyberLink" "c:\program files (x86)\hp\quickplay\kernel\tv\clstream.ax"
+ "CyberLink SBE Source Filter" "CLSBESrc" "CyberLink" "c:\program files (x86)\hp\quickplay\kernel\tv\pcmrsbesrc.ax"
+ "Cyberlink Scene Detect Filter" "CLScnDt" "CyberLink" "c:\program files (x86)\cyberlink\powerdirector\pdscndt.ax"
+ "CyberLink Scene Detect Filter 2" "CLScnDt2" "訊連科技" "c:\program files (x86)\cyberlink\powerdirector\pdscndt2.dll"
+ "CyberLink SnapShot Filter" "CLSnapShot Filter" "CyberLink" "c:\program files (x86)\cyberlink\powerdirector\pdsnapshot.ax"
+ "CyberLink Stamp Effect" "" "CyberLink corporate" "c:\program files (x86)\cyberlink\powerdirector\pdstampeffect.ax"
+ "Cyberlink Streamming Filter" "Cyberlink Streaming Source Filter(Scramble)" "CyberLink Corp." "c:\program files (x86)\hp\quickplay\kernel\dmp\clstream.ax"
+ "Cyberlink Sub-Picture Filter" "Cyberlink Sub-Picture Filter" "Cyberlink" "c:\program files (x86)\cyberlink\powerdirector\pdsubpic.ax"
+ "CyberLink Teletext Decoder Filter" "Teletext Renderer Filter" "CyberLink Corp." "c:\program files (x86)\hp\quickplay\kernel\tv\pcmrttxdec.ax"
+ "CyberLink TimeStretch Filter" "CLAuTS.ax" "CyberLink Corp." "c:\program files (x86)\hp\quickplay\kernel\movie\clauts.ax"
+ "CyberLink TimeStretch Filter" "CLAuTS.ax" "CyberLink Corp." "c:\program files (x86)\hp\quickplay\kernel\tv\pcmrauts.ax"
+ "CyberLink TimeStretch Filter (CES)" "CLAuTS.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gauts.ax"
+ "CyberLink TL MPEG Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\youcam\yctlmsplter.ax"
+ "CyberLink TL MPEG Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gtlmsplter.ax"
+ "Cyberlink Track Filter" "Cyberlink Track Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\youcam\yctrack.ax"
+ "CyberLink Transform Tee" "CyberLink Transform Tee" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdirector\pdtee.ax"
+ "Cyberlink TS Information" "CLTSInfo" "Cyberlink" "c:\program files (x86)\hp\quickplay\kernel\tv\pcmrtsinfo.ax"
+ "CyberLink VAudAna Filter" "CLVAudAna" "CyberLink" "c:\program files (x86)\cyberlink\powerdirector\pdvaudana.dll"
+ "CyberLink VidAna Filter" "CLVidAna" "CyberLink" "c:\program files (x86)\cyberlink\powerdirector\pdvidana.dll"
+ "CyberLink Video Effect" "CLVidFx" "CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gvidfx.ax"
+ "CyberLink Video Effect" "CLVidFx" "CyberLink" "c:\program files (x86)\hp\quickplay\kernel\movie\clvidfx.ax"
+ "CyberLink Video Regulator" "CLRGL" "Cyberlink" "c:\program files (x86)\cyberlink\power2go\p2grgl.ax"
+ "CyberLink Video Regulator" "Video Regulator" "Cyberlink" "c:\program files (x86)\cyberlink\youcam\ycrgl.ax"
+ "Cyberlink Video Regulator" "CyberLink Video Regulator" "CyberLink" "c:\program files (x86)\cyberlink\powerdirector\pdresample.ax"
+ "CyberLink Video Stabilizer" "CLVideoDeShaking" "CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gvideostabilizer.ax"
+ "CyberLink Video/SP Decoder" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files (x86)\hp\quickplay\kernel\dmp\clvsd.ax"
+ "CyberLink Video/SP Decoder" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files (x86)\hp\quickplay\kernel\movie\clvsd.ax"
+ "CyberLink WebCamera NULL Render" "CLWEBCAMERARENDER" "CyberLink" "c:\program files (x86)\cyberlink\youcam\ycwebcamerarender.ax"
+ "CyberLink WMV Dumper (YouCam)" "CLWMVDum Dynamic Link Library" "" "c:\program files (x86)\cyberlink\youcam\ycwmvdump.ax"
+ "CyberLink WMV/WMA Demultiplexer" "WMV/WMA Demux" "CyberLink" "c:\program files (x86)\hp\quickplay\kernel\dmp\clwmfdemux.ax"
+ "CyberLink XDS Codec" "CyberLink XDS Codec" "CyberLink Corp." "c:\program files (x86)\hp\quickplay\kernel\tv\pcmrxdscodec.ax"
+ "CyberLink YUY2 DeInterlace" "DitlYuY2" "CyberLink" "c:\program files (x86)\cyberlink\powerdirector\pdditlyuy2.ax"
+ "CyberLink YUY2 Sub-Sampling" "SubYUY2 Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdirector\pdsubyuy2.ax"
+ "Frame Drop Filter" "TODO: <File description>" "TODO: <Company name>" "c:\program files (x86)\cyberlink\powerdirector\pdframedrop.ax"
+ "HP VTK Frame Grabber Filter" "HP Video Toolkit" "Hewlett-Packard Co." "c:\program files (x86)\common files\hp\digital imaging\bin\hpqvtk01.dll"
+ "HP VTK MPEG-1 Encoder" "HP Video Toolkit" "Hewlett-Packard Co." "c:\program files (x86)\common files\hp\digital imaging\bin\hpqvtk01.dll"
+ "HP VTK Resize Filter" "HP Video Toolkit" "Hewlett-Packard Co." "c:\program files (x86)\common files\hp\digital imaging\bin\hpqvtk01.dll"
+ "HP VTK Rotate Filter" "HP Video Toolkit" "Hewlett-Packard Co." "c:\program files (x86)\common files\hp\digital imaging\bin\hpqvtk01.dll"
+ "IDM Filter" "idmf" "Cyberlink" "c:\program files (x86)\cyberlink\powerdirector\pdidmf.ax"
+ "KsProperty Interface Null" "Null-In-Place Filter (Sample)" "Microsoft Corporation" "c:\program files (x86)\hp\quickplay\kernel\tv\pcmrkspropertynull.ax"
+ "MainConcept (Muvee) MPEG Audio Decoder" "MPEG Video and Audio Decoder" "MainConcept AG" "c:\program files (x86)\common files\muvee technologies\mainconcept2\muveedsmpeg.ax"
+ "MainConcept (Muvee) MPEG Splitter" "Mpeg I/II Splitter" "MainConcept AG" "c:\program files (x86)\common files\muvee technologies\mainconcept2\muveespmpeg.ax"
+ "MainConcept (Muvee) MPEG Video Decoder" "MPEG Video and Audio Decoder" "MainConcept AG" "c:\program files (x86)\common files\muvee technologies\mainconcept2\muveedsmpeg.ax"
+ "MainConcept (Muvee) MPEG-2 Video Decoder" "MPEG-2 Video Decoder" "MainConcept AG" "c:\program files (x86)\common files\muvee technologies\mainconcept3\muveem2vd.ax"
+ "MainConcept AAC Decoder" "AAC audio decoder filter" "MainConcept GmbH" "c:\program files (x86)\research in motion\blackberry desktop\codecs\mc_dec_aac_ds.ax"
+ "MainConcept AMR Decoder" "AMR Decoder DirectShow Filter" "MainConcept GmbH" "c:\program files (x86)\research in motion\blackberry desktop\codecs\mc_dec_amr_ds.ax"
+ "MainConcept Audio Converter" "Audio Converter DirectShow Filter" "MainConcept GmbH" "c:\program files (x86)\research in motion\blackberry desktop\codecs\mc_trans_audio_converter_ds.ax"
+ "MainConcept Audio Resampler" "Audio Resampler Direct Show Filter" "MainConcept GmbH" "c:\program files (x86)\research in motion\blackberry desktop\codecs\mc_trans_audio_samplerate_ds.ax"
+ "MainConcept AVC/H.264 Video Decoder" "AVC/H.264 Decoder DirectShow Filter" "MainConcept GmbH" "c:\program files (x86)\research in motion\blackberry desktop\codecs\mc_dec_avc_ds.ax"
+ "MainConcept Color Space Converter" "Color Space Converter DirectShow Filter" "MainConcept GmbH" "c:\program files (x86)\research in motion\blackberry desktop\codecs\mc_trans_video_colorspace_ds.ax"
+ "MainConcept Frame Rate Converter" "Frame Rate Converter DS Filter" "MainConcept GmbH" "c:\program files (x86)\research in motion\blackberry desktop\codecs\mc_trans_video_framerate_ds.ax"
+ "MainConcept ImageScaler" "ImageScaler DS Filter" "MainConcept GmbH" "c:\program files (x86)\research in motion\blackberry desktop\codecs\mc_trans_video_imagescaler_ds.ax"
+ "MainConcept Layer II Audio Decoder" "Layer II Audio Decoder" "MainConcept GmbH" "c:\program files (x86)\research in motion\blackberry desktop\codecs\mc_dec_mpa_ds.ax"
+ "MainConcept MP4 Demultiplexer" "MP4 Demultiplexer Direct Show Filter" "MainConcept GmbH" "c:\program files (x86)\research in motion\blackberry desktop\codecs\mc_demux_mp4_ds.ax"
+ "MainConcept MPEG Audio Decoder" "MPEG Video and Audio Decoder" "MainConcept AG" "c:\program files (x86)\muvee technologies\muvee autoproducer 6.1 - se\mvburnerdll\mcdsmpeg.ax"
+ "MainConcept MPEG Audio Encoder" "MPEG Audio Encoder" "MainConcept AG" "c:\program files (x86)\muvee technologies\muvee autoproducer 6.1 - se\mvburnerdll\mceampeg.ax"
+ "MainConcept MPEG Demultiplexer" "MPEG-1/2 Demultiplexer" "MainConcept GmbH" "c:\program files (x86)\research in motion\blackberry desktop\codecs\mc_demux_mp2_ds.ax"
+ "MainConcept MPEG Encoder" "MPEG Encoder and Muxer" "MainConcept AG" "c:\program files (x86)\muvee technologies\muvee autoproducer 6.1 - se\mvburnerdll\mcesmpeg.ax"
+ "MainConcept MPEG Multiplexer" "MPEG Multiplexer" "MainConcept AG" "c:\program files (x86)\muvee technologies\muvee autoproducer 6.1 - se\mvburnerdll\mcmuxmpeg.ax"
+ "MainConcept MPEG Multiplexer-Plus" "MPEG Multiplexer-Plus DS Filter" "MainConcept AG" "c:\program files (x86)\common files\muvee technologies\mainconcept3\mcmpeg2mux.ax"
+ "MainConcept MPEG Splitter" "Mpeg I/II Splitter" "MainConcept AG" "c:\program files (x86)\muvee technologies\muvee autoproducer 6.1 - se\mvburnerdll\mcspmpeg.ax"
+ "MainConcept MPEG Video Decoder" "MPEG Video and Audio Decoder" "MainConcept AG" "c:\program files (x86)\muvee technologies\muvee autoproducer 6.1 - se\mvburnerdll\mcdsmpeg.ax"
+ "MainConcept MPEG Video Encoder" "MPEG Video Encoder" "MainConcept AG" "c:\program files (x86)\muvee technologies\muvee autoproducer 6.1 - se\mvburnerdll\mcevmpeg.ax"
+ "MainConcept MPEG-2 Video Decoder" "MPEG-2 Video Decoder" "MainConcept GmbH" "c:\program files (x86)\research in motion\blackberry desktop\codecs\mc_dec_mp2v_ds.ax"
+ "MainConcept MPEG-4 Video Decoder" "MPEG-4 Video Decoder Direct Show Filter" "MainConcept GmbH" "c:\program files (x86)\research in motion\blackberry desktop\codecs\mc_dec_mp4v_ds.ax"
+ "MainConcept Sink Filter" "Sink DS Filter" "MainConcept GmbH" "c:\program files (x86)\research in motion\blackberry desktop\codecs\mc_render_fileindex_ds.ax"
+ "MainConcept Stream Parser" "MPEG-1/2 Demultiplexer" "MainConcept GmbH" "c:\program files (x86)\research in motion\blackberry desktop\codecs\mc_demux_mp2_ds.ax"
+ "MediaWriter Filter" "MediaWriter Filter" "muvee Technologies Pte Ltd" "c:\program files (x86)\common files\muvee technologies\030625\mediawriter.ax"
+ "muvee Audio Scope" "Audio Scope Filter for muvee autoProducer" "muvee Technologies Pte Ltd" "c:\program files (x86)\common files\muvee technologies\030625\mvaudioscope.ax"
+ "muvee HXImage Filter" "HXImage Filter for muvee autoProducer" "muvee Technologies Pte Ltd" "c:\program files (x86)\common files\muvee technologies\030625\hximagefilter.ax"
+ "muvee MediaProgress Filter" "MediaProgress Filter for muvee autoProducer" "muvee Technologies Pte Ltd" "c:\program files (x86)\common files\muvee technologies\030625\mvmediaprogress.ax"
+ "muvee Music Analyser" "Music Analyser Filter for muvee autoProducer" "muvee Technologies Pte Ltd" "c:\program files (x86)\common files\muvee technologies\030625\mvmanalyse.ax"
+ "muvee Source Filter" "muveeSource Module" "muvee Technologies Pte Ltd" "c:\program files (x86)\common files\muvee technologies\030625\muveesource.ax"
+ "muvee Video Analyser" "Video Analyser Filter for muvee autoProducer" "muvee Technologies Pte Ltd" "c:\program files (x86)\common files\muvee technologies\030625\mvvanalyse.ax"
+ "P2G Audio Decoder" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gaud.ax"
+ "P2G Audio Encoder" "CyberLink Audio Encoder Filter" "Cyberlink Corp." "c:\program files (x86)\cyberlink\power2go\p2gaudenc.ax"
+ "P2G Video Decoder" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gvsd.ax"
+ "P2G Video Regulator" "CyberLink Video Regulator" "CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gresample.ax"
+ "PDR Audio Decoder" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdirector\pdaud.ax"
+ "PDR Audio Effect" "CyberLink Audio Effect Filter" "CyberLink Corporation" "c:\program files (x86)\cyberlink\powerdirector\pdaudfx.ax"
+ "PDR Audio Encoder" "CyberLink Audio Encoder Filter" "Cyberlink Corp." "c:\program files (x86)\cyberlink\powerdirector\pdaudenc.ax"
+ "PDR Audio Noise Reduction" "CLAuNR" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdirector\claunrwrapper.ax"
+ "PDR Demultiplexer" "MPEG-2 Dempltiplexer" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdirector\pddemuxer.ax"
+ "PDR Dump Dispatch Filter" "Cyberlink File Dump Dispatch Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdirector\pddumpdispatch.ax"
+ "PDR Dump Filter" "Cyberlink File Dump Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdirector\pddump.ax"
+ "PDR DVSD Modifier" "Cyberlink DVSD Modifier" "Cyberlink Corp." "c:\program files (x86)\cyberlink\powerdirector\dvsdmodifier.ax"
+ "PDR File Reader (Async)" "Cyberlink MPEG File Reader" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdirector\pdreader.ax"
+ "PDR H.264/AVC Decoder" "CyberLink 264 Decoder Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdirector\pd264dec.ax"
+ "PDR M2V Writer" "CLM2VWriter" "CyberLink" "c:\program files (x86)\cyberlink\powerdirector\pdm2vwriter.ax"
+ "PDR MPEG Muxer" "MpgMux" "CyberLink" "c:\program files (x86)\cyberlink\powerdirector\pdmpgmux.ax"
+ "PDR MPEG Video Encoder" "CyberLink MPEG Video Encoder " "CyberLink Corp. " "c:\program files (x86)\cyberlink\powerdirector\pdvidenc.ax"
+ "PDR MPEG-1 Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdirector\pdm1splter.ax"
+ "PDR MPEG-2 Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdirector\pdm2splter.ax"
+ "PDR MPEG-4 Muxer" "PDR MPEG-4 Muxer" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdirector\pdm4muxer.ax"
+ "PDR MPEG-4 Splitter" "PDR MPEG-4 Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdirector\pdm4splt.ax"
+ "PDR MPEG1/2 Video Decoder" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdirector\pdvsd.ax"
+ "PDR SnapShotTIP Filter" "CLSShot" "CyberLink" "c:\program files (x86)\cyberlink\powerdirector\pdsshot.ax"
+ "PDR TimeStretch Filter(CES)" "CLAuTS.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdirector\clauts.ax"
+ "PDR TL MPEG Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdirector\pdtlmsplter.ax"
+ "PDR TS Information" "CLTSInfo" "Cyberlink" "c:\program files (x86)\cyberlink\powerdirector\pdtsinfo.ax"
+ "PDR Video Effect" "CLVidFx" "CyberLink" "c:\program files (x86)\cyberlink\powerdirector\clvidfx.ax"
+ "PDR Video Regulator" "CLRGL" "Cyberlink" "c:\program files (x86)\cyberlink\powerdirector\clrgl.ax"
+ "PDR Video Stabilizer" "CLVideoDeShaking" "CyberLink" "c:\program files (x86)\cyberlink\powerdirector\clvideostabilizer.ax"
+ "PDR WAV Dest" "CLWavDest" "CyberLink" "c:\program files (x86)\cyberlink\powerdirector\pdwavdest.ax"
+ "QTSrc" "QuickTime Source Filter" "CyberLink Corp" "c:\program files (x86)\cyberlink\shared files\clqtsrc.ax"
+ "QTWriter" "CLQTFileWriter" "Cyberlink" "c:\program files (x86)\cyberlink\powerdirector\pdqtfilewriter.ax"
+ "QuickPlay Audio Decoder" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files (x86)\hp\quickplay\kernel\tv\pcmraudx.ax"
+ "QuickPlay Audio Encoder" "CyberLink Audio Encoder Filter" "Cyberlink Corp." "c:\program files (x86)\hp\quickplay\kernel\tv\pcmraudenc.ax"
+ "QuickPlay Audio Resampler" "CLAuRsmpl.ax" "CyberLink Corp." "c:\program files (x86)\hp\quickplay\kernel\tv\pcmraursmpl.ax"
+ "QuickPlay Demultiplexer" "MPEG-2 Dempltiplexer" "CyberLink Corp." "c:\program files (x86)\hp\quickplay\kernel\movie\cldemuxer.ax"
+ "QuickPlay Dump Filter" "Cyberlink File Dump Filter" "CyberLink Corp." "c:\program files (x86)\hp\quickplay\kernel\tv\pcmrdump.ax"
+ "QuickPlay MPEG Muxer" "MpgMux" "CyberLink" "c:\program files (x86)\hp\quickplay\kernel\tv\pcmrmpgmux.ax"
+ "QuickPlay MPEG Video Encoder" "CyberLink MPEG Video Encoder " "CyberLink Corp. " "c:\program files (x86)\hp\quickplay\kernel\tv\pcmrmpgvenc.ax"
+ "QuickPlay MPEG Video Encoder 2" "CyberLink MPEG Video Encoder " "CyberLink Corp. " "c:\program files (x86)\hp\quickplay\kernel\tv\pcmrmpgvenc2.ax"
+ "QuickPlay MPEG-2 Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files (x86)\hp\quickplay\kernel\tv\pcmrm2splter.ax"
+ "QuickPlay SnapShotTIP Filter" "CLSShot" "CyberLink" "c:\program files (x86)\hp\quickplay\kernel\tv\pcmrsshot.ax"
+ "QuickPlay Video Effect" "CLVidFx" "CyberLink" "c:\program files (x86)\hp\quickplay\kernel\tv\pcmrvidfx.ax"
+ "QuickPlay Video Regulator" "CyberLink Video Regulator" "CyberLink" "c:\program files (x86)\hp\quickplay\kernel\tv\pcmrresample.ax"
+ "QuickTime Encoder" "QuickTime Encoder" "muvee Technologies" "c:\program files (x86)\common files\muvee technologies\030625\quicktimesink.ax"
+ "QuickTime Source Filter" "QuickTimeSource Module" "" "c:\program files (x86)\common files\muvee technologies\030625\quicktimesource.dll"
+ "ReTimeStamp Filter" "Direct Show Filter" "Empia Technology Inc." "c:\program files (x86)\hp\quickplay\kernel\tv\retimestamp.ax"
+ "RMWriter" "CLRMFileWriter" "Cyberlink" "c:\program files (x86)\cyberlink\powerdirector\pdrmfilewriter.ax"
+ "Time Regulator" "TimeRegulator" "cyberlink" "c:\program files (x86)\cyberlink\powerdirector\pdavi_audtr.ax"
+ "Time Regulator" "TimeRegulator" "cyberlink" "c:\program files (x86)\hp\quickplay\kernel\tv\pcmravi_audtr.ax"
+ "YC_EVRWindow" "CLEvr" "CyberLink Corp." "c:\program files (x86)\cyberlink\youcam\ycevr.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "igfxcui" "igfxdev Module" "Intel Corporation" "c:\windows\system32\igfxdev.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files (x86)\bonjour\mdnsnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "hpf3l70v.dll" "LanguageMonitor" "Hewlett-Packard Company" "c:\windows\system32\hpf3l70v.dll"
+ "LIDIL hpzllw71" "LanguageMonitor" "Hewlett-Packard Corporation" "c:\windows\system32\hpzllw71.dll"
+ "PCL hpz3l64w" "LanguageMonitor" "Hewlett-Packard Company" "c:\windows\system32\hpz3l64w.dll"
+ "PCL hpz3lw71" "LanguageMonitor" "Hewlett-Packard Corporation" "c:\windows\system32\hpz3lw71.dll"

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:02 PM

Posted 16 September 2012 - 12:24 PM

Run the services repair tool

http://kb.eset.com/library/ESET/KB%20Team%20Only/Malware/ServicesRepair.exe

Post the new FSS log

#13 GKRmaximumattack

GKRmaximumattack
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:02 PM

Posted 17 September 2012 - 08:07 AM

I ran the repair tool and everything seems to be working fine now, THANK YOU!!! I can not find the new FSS log, however. I even ran a search for it with no results.

#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:02 PM

Posted 17 September 2012 - 08:11 AM

We still have some work

Download

Rogue killer

right click on it and select run as administrator

Now,click on SCAN After scan completes,click on DELETE

log is not needed.

Run RKILL again and post the new log

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users