Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Need help interpreting RKill Log


  • Please log in to reply
8 replies to this topic

#1 redrevolver77

redrevolver77

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:10:53 PM

Posted 11 September 2012 - 02:04 PM

Hi, I'm in the middle of battling a redirect virus after clearing off other infections from my system. I've haphazardly and naively run Superantispyware, Hitman Pro, TDSS, Roguekiller, Malwarebytes, and ComboFix (unfortunately) before discovering this site and reading the warnings and instructions regarding the battle against malware. I recently ran a repair install on my Vista business 64 OS to fix the damage from my naive anti-viral efforts. But I still have a redirect virus on my system. At this point, I have run all of the above anti-malware programs again with the exception of ComboFix. The only one that came back with any results aside from tracking cookies was RogueKiller, but the results had registry components listed and after my former debacles, I wanted to get an interpretation of the results before taking further action. Thanks for any input and help you might offer. Here's the Rkill log:


Operating System: Windows Vista (6.0.6001 Service Pack 1) 64 bits version
Started in : Normal mode
User : VisionDAW User [Admin rights]
Mode : Scan -- Date : 09/11/2012 14:04:47

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 7 ¤¤¤
[RUN][BLPATH] HKLM\[...]\Wow6432Node\Run : AsioThk32Reg (REGSVR32.EXE /S CTASIO.DLL) -> FOUND
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND
[HJPOL] HKLM\[...]\Wow6432Node\System : DisableRegistryTools (0) -> FOUND
[HJ] HKLM\[...]\System : EnableLUA (0) -> FOUND
[HJ] HKLM\[...]\Wow6432Node\System : EnableLUA (0) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: WDC WD800JB-22JJC0 ATA Device +++++
--- User ---
[MBR] e61fff0c799da265493df89cfefefbe6
[BSP] bfac1b9833c0318e40fc2fad640484e3 : Windows Vista MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 76316 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: WDC WD5002ABYS-01B1B0 ATA Device +++++
--- User ---
[MBR] ed28a0572ca9c8cb69cdbf01b3fe2348
[BSP] 146313d245fa51fa1f632e7019623d85 : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 476937 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive2: WDC WD5002ABYS-01B1B0 ATA Device +++++
--- User ---
[MBR] 6c91b29606ce31ed8e56eeaf84007482
[BSP] f5c4b5fdcfd8fb05d5edeedd6a3a1b7f : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 476936 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive3: WIBU - CodeMeter-Stick USB Device +++++
--- User ---
[MBR] 2cbab136f95c73c2cbdae250ae698794
[BSP] 0311e51f3b1570dc2361593457f236bf : Standard MBR Code
Partition table:
0 - [ACTIVE] FAT32 (0x0b) [VISIBLE] Offset (sectors): 63 | Size: 39 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Finished : << RKreport[1].txt >>
RKreport[1].txt

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:53 PM

Posted 11 September 2012 - 04:41 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 redrevolver77

redrevolver77
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:10:53 PM

Posted 12 September 2012 - 12:18 PM

Hi narenxp, thanks for the reply. I ran everything you asked and here are the logs. I didn't actually delete anything they encountered, as I wanted to receive further instruction before doing so.

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-09-12 11:45:58
-----------------------------
11:45:58.603 OS Version: Windows x64 6.0.6001 Service Pack 1
11:45:58.603 Number of processors: 4 586 0x1A05
11:45:58.603 ComputerName: VISIONDAW-20310 UserName: VisionDAW User
11:45:59.040 Initialize success
11:47:46.750 AVAST engine defs: 12091200
11:49:16.949 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-1
11:49:16.949 Disk 0 Vendor: WDC_WD800JB-22JJC0 05.01C05 Size: 76318MB BusType: 3
11:49:16.949 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP3T0L0-5
11:49:16.949 Disk 1 Vendor: WDC_WD5002ABYS-01B1B0 02.03B02 Size: 476940MB BusType: 3
11:49:16.949 Disk 2 \Device\Harddisk2\DR2 -> \Device\Ide\IdeDeviceP2T0L0-3
11:49:16.949 Disk 2 Vendor: WDC_WD5002ABYS-01B1B0 02.03B02 Size: 476938MB BusType: 3
11:49:16.949 Disk 3 \Device\Harddisk3\DR3 -> \Device\00000074
11:49:16.949 Disk 3 Vendor: Size: 476938MB BusType: 0
11:49:16.964 Disk 0 MBR read successfully
11:49:16.964 Disk 0 MBR scan
11:49:16.964 Disk 0 Windows VISTA default MBR code
11:49:16.980 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 76316 MB offset 2048
11:49:16.996 Disk 0 scanning C:\Windows\system32\drivers
11:49:24.593 Service scanning
11:49:43.313 Modules scanning
11:49:43.313 Disk 0 trace - called modules:
11:49:43.313 ntoskrnl.exe CLASSPNP.SYS disk.sys acpi.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
11:49:43.313 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800878f260]
11:49:43.328 3 CLASSPNP.SYS[fffffa6000b8ab3a] -> nt!IofCallDriver -> [0xfffffa800798eb20]
11:49:43.328 5 acpi.sys[fffffa60008f2ff6] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T0L0-1[0xfffffa80079ad4b0]
11:49:44.077 AVAST engine scan C:\Windows
11:49:46.090 AVAST engine scan C:\Windows\system32
11:52:00.421 AVAST engine scan C:\Windows\system32\drivers
11:52:08.830 AVAST engine scan C:\Users\VisionDAW User
11:54:12.990 AVAST engine scan C:\ProgramData
11:54:46.187 Disk 0 MBR has been saved successfully to "C:\Users\VisionDAW User\Desktop\MBR.dat"
11:54:46.187 The log file has been saved successfully to "C:\Users\VisionDAW User\Desktop\aswMBR.txt"

TDSS Results
---
11:42:16.0608 0700 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
11:42:16.0826 0700 ============================================================
11:42:16.0826 0700 Current date / time: 2012/09/12 11:42:16.0826
11:42:16.0826 0700 SystemInfo:
11:42:16.0826 0700
11:42:16.0826 0700 OS Version: 6.0.6001 ServicePack: 1.0
11:42:16.0826 0700 Product type: Workstation
11:42:16.0826 0700 ComputerName: VISIONDAW-20310
11:42:16.0826 0700 UserName: VisionDAW User
11:42:16.0826 0700 Windows directory: C:\Windows
11:42:16.0826 0700 System windows directory: C:\Windows
11:42:16.0826 0700 Running under WOW64
11:42:16.0826 0700 Processor architecture: Intel x64
11:42:16.0826 0700 Number of processors: 4
11:42:16.0826 0700 Page size: 0x1000
11:42:16.0826 0700 Boot type: Normal boot
11:42:16.0826 0700 ============================================================
11:42:17.0918 0700 Drive \Device\Harddisk0\DR0 - Size: 0x12A1E0DE00 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:42:22.0021 0700 Drive \Device\Harddisk2\DR2 - Size: 0x7470AFDE00 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:42:26.0467 0700 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:42:26.0467 0700 Drive \Device\Harddisk3\DR3 - Size: 0x2740000 (0.04 Gb), SectorSize: 0x200, Cylinders: 0x5, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
11:42:26.0467 0700 ============================================================
11:42:26.0467 0700 \Device\Harddisk0\DR0:
11:42:26.0467 0700 MBR partitions:
11:42:26.0467 0700 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x950E000
11:42:26.0467 0700 \Device\Harddisk2\DR2:
11:42:26.0483 0700 MBR partitions:
11:42:26.0483 0700 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A384000
11:42:26.0483 0700 \Device\Harddisk1\DR1:
11:42:26.0483 0700 MBR partitions:
11:42:26.0483 0700 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A384800
11:42:26.0483 0700 \Device\Harddisk3\DR3:
11:42:26.0483 0700 MBR partitions:
11:42:26.0483 0700 \Device\Harddisk3\DR3\Partition1: MBR, Type 0xB, StartLBA 0x3F, BlocksNum 0x13986
11:42:26.0483 0700 ============================================================
11:42:26.0498 0700 C: <-> \Device\Harddisk0\DR0\Partition1
11:42:26.0529 0700 D: <-> \Device\Harddisk2\DR2\Partition1
11:42:26.0545 0700 E: <-> \Device\Harddisk1\DR1\Partition1
11:42:26.0561 0700 I: <-> \Device\Harddisk3\DR3\Partition1
11:42:26.0561 0700 ============================================================
11:42:26.0561 0700 Initialize success
11:42:26.0561 0700 ============================================================
11:43:02.0751 1420 ============================================================
11:43:02.0751 1420 Scan started
11:43:02.0751 1420 Mode: Manual; TDLFS;
11:43:02.0751 1420 ============================================================
11:43:03.0079 1420 ================ Scan system memory ========================
11:43:03.0079 1420 System memory - ok
11:43:03.0079 1420 ================ Scan services =============================
11:43:03.0157 1420 [ 581D88B25C4D4121824FED2CA38E562F ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
11:43:03.0157 1420 !SASCORE - ok
11:43:03.0281 1420 [ 8C99ED256A889D647935A97C543B7B85 ] ACPI C:\Windows\system32\drivers\acpi.sys
11:43:03.0281 1420 ACPI - ok
11:43:03.0313 1420 [ F14215E37CF124104575073F782111D2 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
11:43:03.0313 1420 adp94xx - ok
11:43:03.0344 1420 [ 7D05A75E3066861A6610F7EE04FF085C ] adpahci C:\Windows\system32\drivers\adpahci.sys
11:43:03.0344 1420 adpahci - ok
11:43:03.0359 1420 [ 820A201FE08A0C345B3BEDBC30E1A77C ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
11:43:03.0359 1420 adpu160m - ok
11:43:03.0391 1420 [ 9B4AB6854559DC168FBB4C24FC52E794 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
11:43:03.0391 1420 adpu320 - ok
11:43:03.0422 1420 [ 0F421175574BFE0BF2F4D8E910A253BB ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
11:43:03.0422 1420 AeLookupSvc - ok
11:43:03.0453 1420 [ DB37041AB857ABC7E179E856D8E1582C ] AFD C:\Windows\system32\drivers\afd.sys
11:43:03.0453 1420 AFD - ok
11:43:03.0469 1420 [ F6F6793B7F17B550ECFDBD3B229173F7 ] agp440 C:\Windows\system32\drivers\agp440.sys
11:43:03.0469 1420 agp440 - ok
11:43:03.0500 1420 [ 222CB641B4B8A1D1126F8033F9FD6A00 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
11:43:03.0500 1420 aic78xx - ok
11:43:03.0515 1420 [ 5922F4F59B7868F3D74BBBBEB7B825A3 ] ALG C:\Windows\System32\alg.exe
11:43:03.0515 1420 ALG - ok
11:43:03.0515 1420 [ 157D0898D4B73F075CE9FA26B482DF98 ] aliide C:\Windows\system32\drivers\aliide.sys
11:43:03.0515 1420 aliide - ok
11:43:03.0531 1420 [ 970FA5059E61E30D25307B99903E991E ] amdide C:\Windows\system32\drivers\amdide.sys
11:43:03.0531 1420 amdide - ok
11:43:03.0531 1420 [ CDC3632A3A5EA4DBB83E46076A3165A1 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
11:43:03.0531 1420 AmdK8 - ok
11:43:03.0547 1420 [ 9C37B3FD5615477CB9A0CD116CF43F5C ] Appinfo C:\Windows\System32\appinfo.dll
11:43:03.0547 1420 Appinfo - ok
11:43:03.0640 1420 [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
11:43:03.0640 1420 Apple Mobile Device - ok
11:43:03.0656 1420 [ 3DA98C07B18A676180FE7EED924D1673 ] AppMgmt C:\Windows\System32\appmgmts.dll
11:43:03.0656 1420 AppMgmt - ok
11:43:03.0656 1420 [ BA8417D4765F3988FF921F30F630E303 ] arc C:\Windows\system32\drivers\arc.sys
11:43:03.0671 1420 arc - ok
11:43:03.0687 1420 [ 9D41C435619733B34CC16A511E644B11 ] arcsas C:\Windows\system32\drivers\arcsas.sys
11:43:03.0687 1420 arcsas - ok
11:43:03.0703 1420 [ 22D13FF3DAFEC2A80634752B1EAA2DE6 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
11:43:03.0703 1420 AsyncMac - ok
11:43:03.0718 1420 [ 1898FAE8E07D97F2F6C2D5326C633FAC ] atapi C:\Windows\system32\drivers\atapi.sys
11:43:03.0718 1420 atapi - ok
11:43:03.0749 1420 [ 2A54B6A48AB6D2166271B05E9469326E ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:43:03.0765 1420 AudioEndpointBuilder - ok
11:43:03.0765 1420 [ 2A54B6A48AB6D2166271B05E9469326E ] AudioSrv C:\Windows\System32\Audiosrv.dll
11:43:03.0781 1420 AudioSrv - ok
11:43:03.0796 1420 [ BC4737AAFFA5964E4F8827C9B8C0EB8E ] BFE C:\Windows\System32\bfe.dll
11:43:03.0796 1420 BFE - ok
11:43:03.0859 1420 [ D896A0D43F8AB81ECB1FC6C24DECFD58 ] BITS C:\Windows\System32\qmgr.dll
11:43:03.0859 1420 BITS - ok
11:43:03.0874 1420 [ 79FEEB40056683F8F61398D81DDA65D2 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
11:43:03.0874 1420 blbdrive - ok
11:43:03.0905 1420 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
11:43:03.0921 1420 Bonjour Service - ok
11:43:03.0937 1420 [ 8B2B19031D0AEADE6E1B933DF1ACBA7E ] bowser C:\Windows\system32\DRIVERS\bowser.sys
11:43:03.0937 1420 bowser - ok
11:43:03.0968 1420 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
11:43:03.0968 1420 BrFiltLo - ok
11:43:03.0968 1420 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
11:43:03.0968 1420 BrFiltUp - ok
11:43:03.0983 1420 [ A1B39DE453433B115B4EA69EE0343816 ] Browser C:\Windows\System32\browser.dll
11:43:03.0983 1420 Browser - ok
11:43:03.0999 1420 [ F0F0BA4D815BE446AA6A4583CA3BCA9B ] Brserid C:\Windows\system32\drivers\brserid.sys
11:43:04.0015 1420 Brserid - ok
11:43:04.0015 1420 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
11:43:04.0015 1420 BrSerWdm - ok
11:43:04.0015 1420 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
11:43:04.0015 1420 BrUsbMdm - ok
11:43:04.0030 1420 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
11:43:04.0030 1420 BrUsbSer - ok
11:43:04.0046 1420 [ E0777B34E05F8A82A21856EFC900C29F ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
11:43:04.0046 1420 BTHMODEM - ok
11:43:04.0046 1420 [ B4D787DB8D30793A4D4DF9FEED18F136 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
11:43:04.0046 1420 cdfs - ok
11:43:04.0061 1420 [ 3B2FB35363423ED60C8FBF15FC8680BD ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
11:43:04.0061 1420 cdrom - ok
11:43:04.0077 1420 [ EDFFFC8B6AFB609BF33DBE0A900426B6 ] CertPropSvc C:\Windows\System32\certprop.dll
11:43:04.0077 1420 CertPropSvc - ok
11:43:04.0077 1420 [ 02EA568D498BBDD4BA55BF3FCE34D456 ] circlass C:\Windows\system32\drivers\circlass.sys
11:43:04.0077 1420 circlass - ok
11:43:04.0093 1420 [ CAEDA2572B7042B11062F327F099251D ] CLFS C:\Windows\system32\CLFS.sys
11:43:04.0093 1420 CLFS - ok
11:43:04.0171 1420 [ A4AF4201BD519971F8F34724F3CA9DBB ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:43:04.0171 1420 clr_optimization_v2.0.50727_32 - ok
11:43:04.0217 1420 [ 0EE3F378DFF6A8F0A122B5BFB6F2D9E5 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:43:04.0217 1420 clr_optimization_v2.0.50727_64 - ok
11:43:04.0233 1420 [ E5D5499A1C50A54B5161296B6AFE6192 ] cmdide C:\Windows\system32\drivers\cmdide.sys
11:43:04.0233 1420 cmdide - ok
11:43:04.0358 1420 [ 1C15404EA8FC42DAB8A7B3765ED53E58 ] CodeMeter.exe C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
11:43:04.0373 1420 CodeMeter.exe - ok
11:43:04.0436 1420 [ 9E10F4E7F4C7FF1EA3E94F9892BD067F ] COMMONFX C:\Windows\system32\drivers\COMMONFX.SYS
11:43:04.0436 1420 COMMONFX - ok
11:43:04.0451 1420 [ 9E10F4E7F4C7FF1EA3E94F9892BD067F ] COMMONFX.SYS C:\Windows\System32\drivers\COMMONFX.SYS
11:43:04.0451 1420 COMMONFX.SYS - ok
11:43:04.0451 1420 [ 7FB8AD01DB0EABE60C8A861531A8F431 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
11:43:04.0451 1420 Compbatt - ok
11:43:04.0451 1420 COMSysApp - ok
11:43:04.0467 1420 [ A8585B6412253803CE8EFCBD6D6DC15C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
11:43:04.0467 1420 crcdisk - ok
11:43:04.0498 1420 [ 4374F784121D8B3BB466B03F5E5EBD33 ] CryptSvc C:\Windows\system32\cryptsvc.dll
11:43:04.0498 1420 CryptSvc - ok
11:43:04.0514 1420 [ A25E4DD707714DA07FE1FEBF1DC91D86 ] CSC C:\Windows\system32\drivers\csc.sys
11:43:04.0529 1420 CSC - ok
11:43:04.0545 1420 [ 06AF83C429743F3B85F1224C50254BEF ] CscService C:\Windows\System32\cscsvc.dll
11:43:04.0545 1420 CscService - ok
11:43:04.0561 1420 [ F3D40F24BE053348B6E71ACE28FBA457 ] CT20XUT C:\Windows\system32\drivers\CT20XUT.SYS
11:43:04.0576 1420 CT20XUT - ok
11:43:04.0576 1420 [ F3D40F24BE053348B6E71ACE28FBA457 ] CT20XUT.SYS C:\Windows\System32\drivers\CT20XUT.SYS
11:43:04.0592 1420 CT20XUT.SYS - ok
11:43:04.0623 1420 [ C6575499CB77E3482D99AA610B7C354A ] ctac32k C:\Windows\system32\drivers\ctac32k.sys
11:43:04.0639 1420 ctac32k - ok
11:43:04.0670 1420 [ 834F2E7BFDEE4F0E0301F1E16E141983 ] ctaud2k C:\Windows\system32\drivers\ctaud2k.sys
11:43:04.0670 1420 ctaud2k - ok
11:43:04.0701 1420 [ 15613C3987E336F0E29639723EDA1CE6 ] CTAUDFX C:\Windows\system32\drivers\CTAUDFX.SYS
11:43:04.0701 1420 CTAUDFX - ok
11:43:04.0717 1420 [ 15613C3987E336F0E29639723EDA1CE6 ] CTAUDFX.SYS C:\Windows\System32\drivers\CTAUDFX.SYS
11:43:04.0732 1420 CTAUDFX.SYS - ok
11:43:04.0732 1420 [ 3284CAB1DAD1F4A5FF84706EDE8C0AD0 ] CTEAPSFX C:\Windows\system32\drivers\CTEAPSFX.SYS
11:43:04.0732 1420 CTEAPSFX - ok
11:43:04.0748 1420 [ 3284CAB1DAD1F4A5FF84706EDE8C0AD0 ] CTEAPSFX.SYS C:\Windows\System32\drivers\CTEAPSFX.SYS
11:43:04.0763 1420 CTEAPSFX.SYS - ok
11:43:04.0763 1420 [ A8C84E9E9443D73195E869B4C9B74BAD ] CTEDSPFX C:\Windows\system32\drivers\CTEDSPFX.SYS
11:43:04.0763 1420 CTEDSPFX - ok
11:43:04.0779 1420 [ A8C84E9E9443D73195E869B4C9B74BAD ] CTEDSPFX.SYS C:\Windows\System32\drivers\CTEDSPFX.SYS
11:43:04.0779 1420 CTEDSPFX.SYS - ok
11:43:04.0795 1420 [ 5B354CA888A4EB1BA1A36D0D6589CCC7 ] CTEDSPIO C:\Windows\system32\drivers\CTEDSPIO.SYS
11:43:04.0795 1420 CTEDSPIO - ok
11:43:04.0795 1420 [ 5B354CA888A4EB1BA1A36D0D6589CCC7 ] CTEDSPIO.SYS C:\Windows\System32\drivers\CTEDSPIO.SYS
11:43:04.0795 1420 CTEDSPIO.SYS - ok
11:43:04.0873 1420 [ A0B1D9E47C33A6ADC1B48D668AAD12E1 ] CTEDSPSY C:\Windows\system32\drivers\CTEDSPSY.SYS
11:43:04.0873 1420 CTEDSPSY - ok
11:43:04.0873 1420 [ A0B1D9E47C33A6ADC1B48D668AAD12E1 ] CTEDSPSY.SYS C:\Windows\System32\drivers\CTEDSPSY.SYS
11:43:04.0873 1420 CTEDSPSY.SYS - ok
11:43:04.0904 1420 [ 36975325697A9100F105EFABC923D5B5 ] CTERFXFX C:\Windows\system32\drivers\CTERFXFX.SYS
11:43:04.0904 1420 CTERFXFX - ok
11:43:04.0919 1420 [ 36975325697A9100F105EFABC923D5B5 ] CTERFXFX.SYS C:\Windows\System32\drivers\CTERFXFX.SYS
11:43:04.0919 1420 CTERFXFX.SYS - ok
11:43:04.0951 1420 [ 5C7B8C1559FB630E8D17DDFDDCFE3DB9 ] CTEXFIFX C:\Windows\system32\drivers\CTEXFIFX.SYS
11:43:04.0966 1420 CTEXFIFX - ok
11:43:05.0029 1420 [ 5C7B8C1559FB630E8D17DDFDDCFE3DB9 ] CTEXFIFX.SYS C:\Windows\System32\drivers\CTEXFIFX.SYS
11:43:05.0044 1420 CTEXFIFX.SYS - ok
11:43:05.0044 1420 [ 92D7BE76504C0A459DA5AE9F983A8918 ] CTHWIUT C:\Windows\system32\drivers\CTHWIUT.SYS
11:43:05.0044 1420 CTHWIUT - ok
11:43:05.0044 1420 [ 92D7BE76504C0A459DA5AE9F983A8918 ] CTHWIUT.SYS C:\Windows\System32\drivers\CTHWIUT.SYS
11:43:05.0044 1420 CTHWIUT.SYS - ok
11:43:05.0060 1420 [ 767CF74A38F30097688D5DD8ED65EA5C ] ctprxy2k C:\Windows\system32\drivers\ctprxy2k.sys
11:43:05.0060 1420 ctprxy2k - ok
11:43:05.0091 1420 [ FED737BC339D7A92B4025A7609B55EA9 ] CTSBLFX C:\Windows\system32\drivers\CTSBLFX.SYS
11:43:05.0091 1420 CTSBLFX - ok
11:43:05.0107 1420 [ FED737BC339D7A92B4025A7609B55EA9 ] CTSBLFX.SYS C:\Windows\System32\drivers\CTSBLFX.SYS
11:43:05.0122 1420 CTSBLFX.SYS - ok
11:43:05.0138 1420 [ D17A852D6E00A112EC0196B8CCB17713 ] ctsfm2k C:\Windows\system32\drivers\ctsfm2k.sys
11:43:05.0138 1420 ctsfm2k - ok
11:43:05.0185 1420 [ FF27BE0BA7B3C48D5C99AFCB56D436C2 ] DcomLaunch C:\Windows\system32\rpcss.dll
11:43:05.0185 1420 DcomLaunch - ok
11:43:05.0200 1420 [ BD4ACC56E477AD7419CBE90FCEEB621B ] DfsC C:\Windows\system32\Drivers\dfsc.sys
11:43:05.0200 1420 DfsC - ok
11:43:05.0309 1420 [ 1781F99840979EE7B126C9073C377FD0 ] DFSR C:\Windows\system32\DFSR.exe
11:43:05.0325 1420 DFSR - ok
11:43:05.0372 1420 [ FDAA0EDFCFB70CD529589AD654651B40 ] Dhcp C:\Windows\System32\dhcpcsvc.dll
11:43:05.0372 1420 Dhcp - ok
11:43:05.0387 1420 [ 2DC415FC05FB8A079F896CBBACB19324 ] disk C:\Windows\system32\drivers\disk.sys
11:43:05.0387 1420 disk - ok
11:43:05.0403 1420 [ 93CE26DBED3182634F18DD2FE10E41BE ] Dnscache C:\Windows\System32\dnsrslvr.dll
11:43:05.0403 1420 Dnscache - ok
11:43:05.0419 1420 [ CC661867677627F2911C2A4970DEE0F1 ] dot3svc C:\Windows\System32\dot3svc.dll
11:43:05.0419 1420 dot3svc - ok
11:43:05.0434 1420 [ 1583B39790DB3EAEC7EDB0CB0140C708 ] DPS C:\Windows\system32\dps.dll
11:43:05.0450 1420 DPS - ok
11:43:05.0481 1420 [ F1A78A98CFC2EE02144C6BEC945447E6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
11:43:05.0481 1420 drmkaud - ok
11:43:05.0512 1420 [ 645B6C9DAD903EDDE4703CB76929B7DC ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
11:43:05.0512 1420 DXGKrnl - ok
11:43:05.0528 1420 [ 264CEE7B031A9D6C827F3D0CB031F2FE ] E1G60 C:\Windows\system32\DRIVERS\E1G6032E.sys
11:43:05.0528 1420 E1G60 - ok
11:43:05.0543 1420 [ C2303883FD9BE49DC36A6400643002EA ] EapHost C:\Windows\System32\eapsvc.dll
11:43:05.0543 1420 EapHost - ok
11:43:05.0559 1420 [ 7343D950A34A95DCB7441642E3E6BEEF ] Ecache C:\Windows\system32\drivers\ecache.sys
11:43:05.0559 1420 Ecache - ok
11:43:05.0590 1420 [ C4636D6E10469404AB5308D9FD45ED07 ] elxstor C:\Windows\system32\drivers\elxstor.sys
11:43:05.0590 1420 elxstor - ok
11:43:05.0606 1420 [ 31272DD1F13EE5031AF1E3EA054FD92C ] EMDMgmt C:\Windows\system32\emdmgmt.dll
11:43:05.0606 1420 EMDMgmt - ok
11:43:05.0621 1420 [ 2F20C75D94C3827192F808FCF1FF79EC ] emupia C:\Windows\system32\drivers\emupia2k.sys
11:43:05.0621 1420 emupia - ok
11:43:05.0637 1420 [ BC3A58E938BB277E46BF4B3003B01ABD ] ErrDev C:\Windows\system32\drivers\errdev.sys
11:43:05.0637 1420 ErrDev - ok
11:43:05.0653 1420 [ D8338E6B3C23AD36096A6FDABD039283 ] EventSystem C:\Windows\system32\es.dll
11:43:05.0668 1420 EventSystem - ok
11:43:05.0684 1420 [ 2A546B9A84658B0554B1EC35CD9ADAF5 ] exfat C:\Windows\system32\drivers\exfat.sys
11:43:05.0684 1420 exfat - ok
11:43:05.0699 1420 [ FE731D345ED9EEABBC72A59B35941834 ] fastfat C:\Windows\system32\drivers\fastfat.sys
11:43:05.0699 1420 fastfat - ok
11:43:05.0731 1420 [ 989A776A2FF32A148FCF15C44058B129 ] Fax C:\Windows\system32\fxssvc.exe
11:43:05.0762 1420 Fax - ok
11:43:05.0777 1420 [ 81B79B6DF71FA1D2C6D688D830616E39 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
11:43:05.0777 1420 fdc - ok
11:43:05.0809 1420 [ BB9267ACACD8B7533DD936C34A0CBA5E ] fdPHost C:\Windows\system32\fdPHost.dll
11:43:05.0809 1420 fdPHost - ok
11:43:05.0824 1420 [ 300C80931EABBE1DB7591C516EFE8D0F ] FDResPub C:\Windows\system32\fdrespub.dll
11:43:05.0824 1420 FDResPub - ok
11:43:05.0840 1420 [ 457B7D1D533E4BD62A99AED9C7BB4C59 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
11:43:05.0840 1420 FileInfo - ok
11:43:05.0840 1420 [ D421327FD6EFCCAF884A54C58E1B0D7F ] Filetrace C:\Windows\system32\drivers\filetrace.sys
11:43:05.0840 1420 Filetrace - ok
11:43:05.0840 1420 [ 230923EA2B80F79B0F88D90F87B87EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
11:43:05.0840 1420 flpydisk - ok
11:43:05.0855 1420 [ 7DACF1A3A4219575070C6DC7C957428A ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
11:43:05.0855 1420 FltMgr - ok
11:43:05.0918 1420 [ 3A8059E00C155283323CF57F998A73E0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:43:05.0918 1420 FontCache3.0.0.0 - ok
11:43:05.0918 1420 [ 29D99E860A1CA0A03C6A733FDD0DA703 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
11:43:05.0918 1420 Fs_Rec - ok
11:43:05.0933 1420 [ C8E416668D3DC2BE3D4FE4C79224997F ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
11:43:05.0933 1420 gagp30kx - ok
11:43:05.0965 1420 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
11:43:05.0965 1420 GEARAspiWDM - ok
11:43:05.0980 1420 [ 9E5B254D58232EC8921EC3C5A94C81ED ] gpsvc C:\Windows\System32\gpsvc.dll
11:43:05.0996 1420 gpsvc - ok
11:43:06.0058 1420 [ DDD48753EA2037A8F64ED377616E6D38 ] ha10kx2k C:\Windows\system32\drivers\ha10kx2k.sys
11:43:06.0058 1420 ha10kx2k - ok
11:43:06.0105 1420 [ DF45F8142DC6DF9D18C39B3EFFBD0409 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
11:43:06.0105 1420 HdAudAddService - ok
11:43:06.0121 1420 [ 0C0D0F8A3FF09ECC81963D09EC6A0A84 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
11:43:06.0121 1420 HDAudBus - ok
11:43:06.0136 1420 [ B4881C84A180E75B8C25DC1D726C375F ] HidBth C:\Windows\system32\drivers\hidbth.sys
11:43:06.0136 1420 HidBth - ok
11:43:06.0136 1420 [ 4E77A77E2C986E8F88F996BB3E1AD829 ] HidIr C:\Windows\system32\drivers\hidir.sys
11:43:06.0136 1420 HidIr - ok
11:43:06.0152 1420 [ 0AA154538544E988429DA2D5AA803A6C ] hidserv C:\Windows\system32\hidserv.dll
11:43:06.0152 1420 hidserv - ok
11:43:06.0167 1420 [ 128E2DA8483FDD4DD0C7B3F9ABD6F323 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
11:43:06.0167 1420 HidUsb - ok
11:43:06.0199 1420 [ B12F367EA39C0795FD57E31242CE1A5A ] hkmsvc C:\Windows\system32\kmsvc.dll
11:43:06.0199 1420 hkmsvc - ok
11:43:06.0214 1420 [ D7109A1E6BD2DFDBCBA72A6BC626A13B ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
11:43:06.0214 1420 HpCISSs - ok
11:43:06.0230 1420 [ 7C39506BC3BE2B77B7671BB320FDB736 ] HTTP C:\Windows\system32\drivers\HTTP.sys
11:43:06.0245 1420 HTTP - ok
11:43:06.0245 1420 [ DA94C854CEA5FAC549D4E1F6E88349E8 ] i2omp C:\Windows\system32\drivers\i2omp.sys
11:43:06.0245 1420 i2omp - ok
11:43:06.0261 1420 [ CBB597659A2713CE0C9CC20C88C7591F ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
11:43:06.0261 1420 i8042prt - ok
11:43:06.0292 1420 [ 3E3BF3627D886736D0B4E90054F929F6 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
11:43:06.0292 1420 iaStorV - ok
11:43:06.0339 1420 [ F8E071CD7B92E81A2C64D860347EDA1E ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:43:06.0339 1420 idsvc - ok
11:43:06.0355 1420 [ 8C3951AD2FE886EF76C7B5027C3125D3 ] iirsp C:\Windows\system32\drivers\iirsp.sys
11:43:06.0355 1420 iirsp - ok
11:43:06.0401 1420 [ 3A3B232140C33376E134E7B61A0EAA44 ] IKEEXT C:\Windows\System32\ikeext.dll
11:43:06.0401 1420 IKEEXT - ok
11:43:06.0417 1420 [ F37E4DC8EFC72AEE6CEFEE2DAD00ABD0 ] iLokDrvr C:\Windows\system32\DRIVERS\iLokDrvr.sys
11:43:06.0417 1420 iLokDrvr - ok
11:43:06.0464 1420 [ DF797A12176F11B2D301C5B234BB200E ] intelide C:\Windows\system32\drivers\intelide.sys
11:43:06.0464 1420 intelide - ok
11:43:06.0479 1420 [ BFD84AF32FA1BAD6231C4585CB469630 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
11:43:06.0479 1420 intelppm - ok
11:43:06.0479 1420 [ 5624BC1BC5EEB49C0AB76A8114F05EA3 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
11:43:06.0495 1420 IPBusEnum - ok
11:43:06.0495 1420 [ 99B821F5BEBD6A3CC3FE564F802AE0FD ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:43:06.0495 1420 IpFilterDriver - ok
11:43:06.0511 1420 [ 82EFC3D6D161DD874F1203C5F60F623C ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
11:43:06.0511 1420 iphlpsvc - ok
11:43:06.0526 1420 IpInIp - ok
11:43:06.0526 1420 [ 9C2EE2E6E5A7203BFAE15C299475EC67 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
11:43:06.0526 1420 IPMIDRV - ok
11:43:06.0542 1420 [ B7E6212F581EA5F6AB0C3A6CEEEB89BE ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
11:43:06.0542 1420 IPNAT - ok
11:43:06.0620 1420 [ 755E4BA6DCE627A2683BB7640553C8D6 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
11:43:06.0620 1420 iPod Service - ok
11:43:06.0635 1420 [ 8C42CA155343A2F11D29FECA67FAA88D ] IRENUM C:\Windows\system32\drivers\irenum.sys
11:43:06.0635 1420 IRENUM - ok
11:43:06.0651 1420 [ 0672BFCEDC6FC468A2B0500D81437F4F ] isapnp C:\Windows\system32\drivers\isapnp.sys
11:43:06.0651 1420 isapnp - ok
11:43:06.0682 1420 [ 49E4CCBF74783FCE5D2CC1FF6480E1F4 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
11:43:06.0682 1420 iScsiPrt - ok
11:43:06.0698 1420 [ 63C766CDC609FF8206CB447A65ABBA4A ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
11:43:06.0698 1420 iteatapi - ok
11:43:06.0713 1420 [ 1281FE73B17664631D12F643CBEA3F59 ] iteraid C:\Windows\system32\drivers\iteraid.sys
11:43:06.0713 1420 iteraid - ok
11:43:06.0729 1420 [ 423696F3BA6472DD17699209B933BC26 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
11:43:06.0729 1420 kbdclass - ok
11:43:06.0745 1420 [ BF8783A5066CFECF45095459E8010FA7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
11:43:06.0745 1420 kbdhid - ok
11:43:06.0760 1420 [ 1B461E9F6DB0EF829B4369F47A24BBEC ] KeyIso C:\Windows\system32\lsass.exe
11:43:06.0760 1420 KeyIso - ok
11:43:06.0776 1420 [ A6F636C447CF3DEF5F50018F0C0E1AAE ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
11:43:06.0791 1420 KSecDD - ok
11:43:06.0807 1420 [ 1D419CF43DB29396ECD7113D129D94EB ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
11:43:06.0807 1420 ksthunk - ok
11:43:06.0838 1420 [ 1FAF6926F3416D3DA05C5B265491BDAE ] KtmRm C:\Windows\system32\msdtckrm.dll
11:43:06.0838 1420 KtmRm - ok
11:43:06.0854 1420 [ 6F212EDD7AAE8BD905C9E8824A34F8AE ] LanmanServer C:\Windows\system32\srvsvc.dll
11:43:06.0854 1420 LanmanServer - ok
11:43:06.0885 1420 [ D81690276C9E06A50D398CD1AE3C89AB ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:43:06.0885 1420 LanmanWorkstation - ok
11:43:06.0916 1420 [ 96ECE2659B6654C10A0C310AE3A6D02C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
11:43:06.0916 1420 lltdio - ok
11:43:06.0947 1420 [ 961CCBD0B1CCB5675D64976FAE37D092 ] lltdsvc C:\Windows\System32\lltdsvc.dll
11:43:06.0963 1420 lltdsvc - ok
11:43:06.0979 1420 [ A47F8080CACC23C91FE823AD19AA5612 ] lmhosts C:\Windows\System32\lmhsvc.dll
11:43:06.0979 1420 lmhosts - ok
11:43:06.0994 1420 [ ACBE1AF32D3123E330A07BFBC5EC4A9B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
11:43:06.0994 1420 LSI_FC - ok
11:43:07.0010 1420 [ 799FFB2FC4729FA46D2157C0065B3525 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
11:43:07.0010 1420 LSI_SAS - ok
11:43:07.0025 1420 [ F445FF1DAAD8A226366BFAF42551226B ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
11:43:07.0025 1420 LSI_SCSI - ok
11:43:07.0041 1420 [ 52F87B9CC8932C2A7375C3B2A9BE5E3E ] luafv C:\Windows\system32\drivers\luafv.sys
11:43:07.0041 1420 luafv - ok
11:43:07.0057 1420 [ B9FC4CCE5758B816F27DD4D1EED11841 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
11:43:07.0057 1420 MBAMProtector - ok
11:43:07.0103 1420 [ 0DCF16B1449811EFA47AB52CAC84093C ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
11:43:07.0119 1420 MBAMScheduler - ok
11:43:07.0135 1420 [ 9EAABA4D601004BEA4DAA6E146E19A96 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
11:43:07.0150 1420 MBAMService - ok
11:43:07.0166 1420 [ 5C5CD6AACED32FB26C3FB34B3DCF972F ] megasas C:\Windows\system32\drivers\megasas.sys
11:43:07.0166 1420 megasas - ok
11:43:07.0197 1420 [ 859BC2436B076C77C159ED694ACFE8F8 ] MegaSR C:\Windows\system32\drivers\megasr.sys
11:43:07.0197 1420 MegaSR - ok
11:43:07.0213 1420 [ D6916F43A8E5EDDC45D735CEEB9F2E09 ] mlmolcp3 C:\Windows\system32\Drivers\mlmolcp3.sys
11:43:07.0213 1420 mlmolcp3 - ok
11:43:07.0213 1420 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] MMCSS C:\Windows\system32\mmcss.dll
11:43:07.0213 1420 MMCSS - ok
11:43:07.0244 1420 [ 59848D5CC74606F0EE7557983BB73C2E ] Modem C:\Windows\system32\drivers\modem.sys
11:43:07.0244 1420 Modem - ok
11:43:07.0259 1420 [ 9177E5791690B921D2184397B8B2EAE7 ] molcpeth C:\Windows\system32\DRIVERS\molcpeth.sys
11:43:07.0259 1420 molcpeth - ok
11:43:07.0275 1420 [ C247CC2A57E0A0C8C6DCCF7807B3E9E5 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
11:43:07.0275 1420 monitor - ok
11:43:07.0291 1420 [ 9367304E5E412B120CF5F4EA14E4E4F1 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
11:43:07.0291 1420 mouclass - ok
11:43:07.0322 1420 [ C2C2BD5C5CE5AAF786DDD74B75D2AC69 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
11:43:07.0322 1420 mouhid - ok
11:43:07.0322 1420 [ 11BC9B1E8801B01F7F6ADB9EAD30019B ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
11:43:07.0322 1420 MountMgr - ok
11:43:07.0337 1420 [ F8276EB8698142884498A528DFEA8478 ] mpio C:\Windows\system32\drivers\mpio.sys
11:43:07.0337 1420 mpio - ok
11:43:07.0353 1420 [ C92B9ABDB65A5991E00C28F13491DBA2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
11:43:07.0353 1420 mpsdrv - ok
11:43:07.0384 1420 [ 8A670648C755867A3AA38DA50BA569AA ] MpsSvc C:\Windows\system32\mpssvc.dll
11:43:07.0384 1420 MpsSvc - ok
11:43:07.0400 1420 [ 3C200630A89EF2C0864D515B7A75802E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
11:43:07.0400 1420 Mraid35x - ok
11:43:07.0415 1420 [ FE2706C15F8345C342820E4E4583FEA0 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
11:43:07.0415 1420 MRxDAV - ok
11:43:07.0431 1420 [ 8E01ED1D845B0DAC094A9BE50D426187 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
11:43:07.0431 1420 mrxsmb - ok
11:43:07.0447 1420 [ 7ACA70376A4ECA01A8E02957E55D2710 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:43:07.0447 1420 mrxsmb10 - ok
11:43:07.0462 1420 [ 168DA84EBF8AFBC6E8F8EE229CC6DC9F ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:43:07.0462 1420 mrxsmb20 - ok
11:43:07.0462 1420 [ 1AC860612B85D8E85EE257D372E39F4D ] msahci C:\Windows\system32\drivers\msahci.sys
11:43:07.0462 1420 msahci - ok
11:43:07.0478 1420 [ 264BBB4AAF312A485F0E44B65A6B7202 ] msdsm C:\Windows\system32\drivers\msdsm.sys
11:43:07.0478 1420 msdsm - ok
11:43:07.0493 1420 [ 7EC02CE772F068ED0BEAFA3DA341A9BC ] MSDTC C:\Windows\System32\msdtc.exe
11:43:07.0509 1420 MSDTC - ok
11:43:07.0509 1420 [ 704F59BFC4512D2BB0146AEC31B10A7C ] Msfs C:\Windows\system32\drivers\Msfs.sys
11:43:07.0509 1420 Msfs - ok
11:43:07.0525 1420 [ 00EBC952961664780D43DCA157E79B27 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
11:43:07.0525 1420 msisadrv - ok
11:43:07.0540 1420 [ 366B0C1F4478B519C181E37D43DCDA32 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
11:43:07.0540 1420 MSiSCSI - ok
11:43:07.0556 1420 msiserver - ok
11:43:07.0571 1420 [ 0EA73E498F53B96D83DBFCA074AD4CF8 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
11:43:07.0571 1420 MSKSSRV - ok
11:43:07.0587 1420 [ 52E59B7E992A58E740AA63F57EDBAE8B ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
11:43:07.0587 1420 MSPCLOCK - ok
11:43:07.0603 1420 [ 49084A75BAE043AE02D5B44D02991BB2 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
11:43:07.0603 1420 MSPQM - ok
11:43:07.0618 1420 [ B8E32E6103FBBA9FBB1D0C11FF0D13B5 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
11:43:07.0618 1420 MsRPC - ok
11:43:07.0634 1420 [ 855796E59DF77EA93AF46F20155BF55B ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
11:43:07.0634 1420 mssmbios - ok
11:43:07.0634 1420 [ 86D632D75D05D5B7C7C043FA3564AE86 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
11:43:07.0634 1420 MSTEE - ok
11:43:07.0649 1420 [ DDF133501F68D6988A0F55DFA88637B4 ] Mup C:\Windows\system32\Drivers\mup.sys
11:43:07.0649 1420 Mup - ok
11:43:07.0681 1420 [ C25022CDD18980846973B598900915F8 ] napagent C:\Windows\system32\qagentRT.dll
11:43:07.0681 1420 napagent - ok
11:43:07.0712 1420 [ 7C81124EA83CCA576558371C6AC0896D ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
11:43:07.0712 1420 NativeWifiP - ok
11:43:07.0743 1420 [ 2A2EE457AF36C5C9A6808C768BD3A12B ] NDIS C:\Windows\system32\drivers\ndis.sys
11:43:07.0743 1420 NDIS - ok
11:43:07.0759 1420 [ 64DF698A425478E321981431AC171334 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
11:43:07.0759 1420 NdisTapi - ok
11:43:07.0759 1420 [ 8BAA43196D7B5BB972C9A6B2BBF61A19 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
11:43:07.0759 1420 Ndisuio - ok
11:43:07.0774 1420 [ 52E3E8E35101399BE9B2938C992AA087 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
11:43:07.0774 1420 NdisWan - ok
11:43:07.0790 1420 [ 9CB77ED7CB72850253E973A2D6AFDF49 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
11:43:07.0790 1420 NDProxy - ok
11:43:07.0805 1420 [ A499294F5029A7862ADC115BDA7371CE ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
11:43:07.0805 1420 NetBIOS - ok
11:43:07.0821 1420 [ 7A29CA243A629230799754162D80120F ] netbt C:\Windows\system32\DRIVERS\netbt.sys
11:43:07.0821 1420 netbt - ok
11:43:07.0837 1420 [ 1B461E9F6DB0EF829B4369F47A24BBEC ] Netlogon C:\Windows\system32\lsass.exe
11:43:07.0837 1420 Netlogon - ok
11:43:07.0868 1420 [ 9B63B29DEFC0F3115A559D2597BF5D75 ] Netman C:\Windows\System32\netman.dll
11:43:07.0868 1420 Netman - ok
11:43:07.0883 1420 [ 7846D0136CC2B264926A73047BA7688A ] netprofm C:\Windows\System32\netprofm.dll
11:43:07.0899 1420 netprofm - ok
11:43:07.0915 1420 [ F9102685F97F9BA85F4A70AFCF722CFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:43:07.0915 1420 NetTcpPortSharing - ok
11:43:07.0946 1420 [ 4AC08BD6AF2DF42E0C3196D826C8AEA7 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
11:43:07.0946 1420 nfrd960 - ok
11:43:08.0180 1420 [ 40BEA22940D61ED46E0AF88B5C622534 ] NIHardwareService C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
11:43:08.0227 1420 NIHardwareService - ok
11:43:08.0258 1420 [ F145BF4C4668E7E312069F81EF847CFC ] NlaSvc C:\Windows\System32\nlasvc.dll
11:43:08.0258 1420 NlaSvc - ok
11:43:08.0258 1420 [ B06154E2A2C91E9BE5599FCA53BC4CD0 ] Npfs C:\Windows\system32\drivers\Npfs.sys
11:43:08.0258 1420 Npfs - ok
11:43:08.0289 1420 [ ACB62BAA1C319B17752553DF3026EEEB ] nsi C:\Windows\system32\nsisvc.dll
11:43:08.0289 1420 nsi - ok
11:43:08.0289 1420 [ 1523AF19EE8B030BA682F7A53537EAEB ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
11:43:08.0289 1420 nsiproxy - ok
11:43:08.0336 1420 [ FE86BA5AC3B50E2CA911E9C60C07B638 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
11:43:08.0351 1420 Ntfs - ok
11:43:08.0351 1420 [ DD5D684975352B85B52E3FD5347C20CB ] Null C:\Windows\system32\drivers\Null.sys
11:43:08.0351 1420 Null - ok
11:43:08.0710 1420 [ B15258B1F45F9571758AC6BB2F043B01 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
11:43:08.0788 1420 nvlddmkm - ok
11:43:08.0819 1420 [ 2C040B7ADA5B06F6FACADAC8514AA034 ] nvraid C:\Windows\system32\drivers\nvraid.sys
11:43:08.0819 1420 nvraid - ok
11:43:08.0819 1420 [ F7EA0FE82842D05EDA3EFDD376DBFDBA ] nvstor C:\Windows\system32\drivers\nvstor.sys
11:43:08.0819 1420 nvstor - ok
11:43:08.0882 1420 [ 2D7092FEC9BD2ACA199673BBA2BA9277 ] nvsvc C:\Windows\system32\nvvsvc.exe
11:43:08.0897 1420 nvsvc - ok
11:43:08.0991 1420 [ 7E22DE30E222BFDFCEC7E77032BAF3CD ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
11:43:09.0007 1420 nvUpdatusService - ok
11:43:09.0022 1420 [ 19067CA93075EF4823E3938A686F532F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
11:43:09.0022 1420 nv_agp - ok
11:43:09.0022 1420 NwlnkFlt - ok
11:43:09.0038 1420 NwlnkFwd - ok
11:43:09.0085 1420 [ 1B30103FDE512915A9214B108B6E7A9C ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
11:43:09.0085 1420 ohci1394 - ok
11:43:09.0100 1420 [ 960C6B84BFBD0839B0F33204CFF5FB56 ] ossrv C:\Windows\system32\drivers\ctoss2k.sys
11:43:09.0100 1420 ossrv - ok
11:43:09.0147 1420 [ 430F35C5592D253F43A26B4F5A523DBF ] p2pimsvc C:\Windows\system32\p2psvc.dll
11:43:09.0178 1420 p2pimsvc - ok
11:43:09.0209 1420 [ 430F35C5592D253F43A26B4F5A523DBF ] p2psvc C:\Windows\system32\p2psvc.dll
11:43:09.0209 1420 p2psvc - ok
11:43:09.0225 1420 [ AECD57F94C887F58919F307C35498EA0 ] Parport C:\Windows\system32\drivers\parport.sys
11:43:09.0241 1420 Parport - ok
11:43:09.0241 1420 [ 5AB40C36894F4C06BDAB0C9A2FBA282D ] partmgr C:\Windows\system32\drivers\partmgr.sys
11:43:09.0241 1420 partmgr - ok
11:43:09.0256 1420 [ 9AB157B374192FF276C1628FBDBA2B0E ] PcaSvc C:\Windows\System32\pcasvc.dll
11:43:09.0256 1420 PcaSvc - ok
11:43:09.0272 1420 [ 2A5B2A51559066EA84742909B5B2CD69 ] pci C:\Windows\system32\drivers\pci.sys
11:43:09.0272 1420 pci - ok
11:43:09.0272 1420 [ 8D618C829034479985A9ED56106CC732 ] pciide C:\Windows\system32\drivers\pciide.sys
11:43:09.0272 1420 pciide - ok
11:43:09.0287 1420 [ 037661F3D7C507C9993B7010CEEE6288 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
11:43:09.0287 1420 pcmcia - ok
11:43:09.0334 1420 [ 58865916F53592A61549B04941BFD80D ] PEAUTH C:\Windows\system32\drivers\peauth.sys
11:43:09.0334 1420 PEAUTH - ok
11:43:09.0412 1420 [ 0ED8727EA0172860F47258456C06CAEA ] PerfHost C:\Windows\SysWow64\perfhost.exe
11:43:09.0412 1420 PerfHost - ok
11:43:09.0459 1420 [ E9E68C1A0F25CF4A7AC966EEA74EE89E ] pla C:\Windows\system32\pla.dll
11:43:09.0506 1420 pla - ok
11:43:09.0537 1420 [ 5AAA0C5534B05ED49919FCD9DBD11A5B ] PlugPlay C:\Windows\system32\umpnpmgr.dll
11:43:09.0537 1420 PlugPlay - ok
11:43:09.0553 1420 [ 430F35C5592D253F43A26B4F5A523DBF ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
11:43:09.0568 1420 PNRPAutoReg - ok
11:43:09.0584 1420 [ 430F35C5592D253F43A26B4F5A523DBF ] PNRPsvc C:\Windows\system32\p2psvc.dll
11:43:09.0584 1420 PNRPsvc - ok
11:43:09.0631 1420 [ 93EDFB7BE39DC47645069B4890B2CE7E ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
11:43:09.0631 1420 PolicyAgent - ok
11:43:09.0662 1420 [ F5739F2C6DB2534C384AD5150808E8F5 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
11:43:09.0662 1420 PptpMiniport - ok
11:43:09.0677 1420 [ 5080E59ECEE0BC923F14018803AA7A01 ] Processor C:\Windows\system32\drivers\processr.sys
11:43:09.0677 1420 Processor - ok
11:43:09.0709 1420 [ B21FE10DAD3AB59E78DF7AA3FBF41E70 ] ProfSvc C:\Windows\system32\profsvc.dll
11:43:09.0709 1420 ProfSvc - ok
11:43:09.0709 1420 [ 1B461E9F6DB0EF829B4369F47A24BBEC ] ProtectedStorage C:\Windows\system32\lsass.exe
11:43:09.0709 1420 ProtectedStorage - ok
11:43:09.0724 1420 [ CE3AECB2BF2C377380EE028864841F4E ] PSched C:\Windows\system32\DRIVERS\pacer.sys
11:43:09.0724 1420 PSched - ok
11:43:09.0771 1420 [ 0B83F4E681062F3839BE2EC1D98FD94A ] ql2300 C:\Windows\system32\drivers\ql2300.sys
11:43:09.0787 1420 ql2300 - ok
11:43:09.0787 1420 [ E1C80F8D4D1E39EF9595809C1369BF2A ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
11:43:09.0787 1420 ql40xx - ok
11:43:09.0802 1420 [ 90574842C3DA781E279061A3EFF91F07 ] QWAVE C:\Windows\system32\qwave.dll
11:43:09.0818 1420 QWAVE - ok
11:43:09.0818 1420 [ E8D76EDAB77EC9C634C27B8EAC33ADC5 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
11:43:09.0818 1420 QWAVEdrv - ok
11:43:09.0833 1420 [ 1013B3B663A56D3DDD784F581C1BD005 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
11:43:09.0833 1420 RasAcd - ok
11:43:09.0849 1420 [ B2AE18F847D07F0044404DDF7CB04497 ] RasAuto C:\Windows\System32\rasauto.dll
11:43:09.0865 1420 RasAuto - ok
11:43:09.0880 1420 [ 3B9085F91EF00ABD15A6F36570E90E12 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
11:43:09.0880 1420 Rasl2tp - ok
11:43:09.0880 1420 [ 2A63D46B01685FD4BE9778CA3C231C2D ] RasMan C:\Windows\System32\rasmans.dll
11:43:09.0880 1420 RasMan - ok
11:43:09.0896 1420 [ 2CE1703C27196094FB6E4C6E439F2C21 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
11:43:09.0896 1420 RasPppoe - ok
11:43:09.0896 1420 [ FCD04FA67E8B40FA0AD361DD38593942 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
11:43:09.0896 1420 RasSstp - ok
11:43:09.0911 1420 [ 33FA5B6136D92EE0F53F021C79091300 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
11:43:09.0911 1420 rdbss - ok
11:43:09.0927 1420 [ 603900CC05F6BE65CCBF373800AF3716 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
11:43:09.0927 1420 RDPCDD - ok
11:43:09.0943 1420 [ C045D1FB111C28DF0D1BE8D4BDA22C06 ] rdpdr C:\Windows\system32\DRIVERS\rdpdr.sys
11:43:09.0943 1420 rdpdr - ok
11:43:09.0943 1420 [ CAB9421DAF3D97B33D0D055858E2C3AB ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
11:43:09.0943 1420 RDPENCDD - ok
11:43:09.0958 1420 [ 7747082F672AA2846235C9CEA42E2E72 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
11:43:09.0974 1420 RDPWD - ok
11:43:09.0989 1420 [ C612B9557DA73F70D41F8A6FBC8E5344 ] RemoteAccess C:\Windows\System32\mprdim.dll
11:43:09.0989 1420 RemoteAccess - ok
11:43:09.0989 1420 [ 416C611369CBE49074B89CEE2F83ABEF ] RemoteRegistry C:\Windows\system32\regsvc.dll
11:43:10.0005 1420 RemoteRegistry - ok
11:43:10.0021 1420 [ F46C457840D4B7A4DAAFEE739CE04102 ] RpcLocator C:\Windows\system32\locator.exe
11:43:10.0021 1420 RpcLocator - ok
11:43:10.0052 1420 [ FF27BE0BA7B3C48D5C99AFCB56D436C2 ] RpcSs C:\Windows\system32\rpcss.dll
11:43:10.0067 1420 RpcSs - ok
11:43:10.0067 1420 [ 22A9CB08B1A6707C1550C6BF099AAE73 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
11:43:10.0067 1420 rspndr - ok
11:43:10.0114 1420 [ 390482953C63E81BAE52F20386394421 ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh64.sys
11:43:10.0114 1420 RTL8169 - ok
11:43:10.0161 1420 [ 56E8DBA585F8164E12CB2BECA4C04E7B ] RTL8192su C:\Windows\system32\DRIVERS\RTL8192su.sys
11:43:10.0161 1420 RTL8192su - ok
11:43:10.0177 1420 [ 1B461E9F6DB0EF829B4369F47A24BBEC ] SamSs C:\Windows\system32\lsass.exe
11:43:10.0177 1420 SamSs - ok
11:43:10.0223 1420 [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
11:43:10.0223 1420 SASDIFSV - ok
11:43:10.0239 1420 [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
11:43:10.0239 1420 SASKUTIL - ok
11:43:10.0270 1420 [ CD9C693589C60AD59BBBCFB0E524E01B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
11:43:10.0270 1420 sbp2port - ok
11:43:10.0348 1420 [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
11:43:10.0348 1420 SBSDWSCService - ok
11:43:10.0364 1420 [ F024D560FEA06F8B56D673849EB89AE6 ] SCardSvr C:\Windows\System32\SCardSvr.dll
11:43:10.0364 1420 SCardSvr - ok
11:43:10.0395 1420 [ C74C6C01353D87AAFE1193B426D667B0 ] Schedule C:\Windows\system32\schedsvc.dll
11:43:10.0411 1420 Schedule - ok
11:43:10.0426 1420 [ EDFFFC8B6AFB609BF33DBE0A900426B6 ] SCPolicySvc C:\Windows\System32\certprop.dll
11:43:10.0426 1420 SCPolicySvc - ok
11:43:10.0426 1420 [ 4FF71B076A7760FE75EA5AE2D0EE0018 ] SDRSVC C:\Windows\System32\SDRSVC.dll
11:43:10.0442 1420 SDRSVC - ok
11:43:10.0442 1420 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
11:43:10.0442 1420 secdrv - ok
11:43:10.0457 1420 [ 5ACDCBC67FCF894A1815B9F96D704490 ] seclogon C:\Windows\system32\seclogon.dll
11:43:10.0457 1420 seclogon - ok
11:43:10.0457 1420 [ 90973A64B96CD647FF81C79443618EED ] SENS C:\Windows\System32\sens.dll
11:43:10.0457 1420 SENS - ok
11:43:10.0473 1420 [ F71BFE7AC6C52273B7C82CBF1BB2A222 ] Serenum C:\Windows\system32\drivers\serenum.sys
11:43:10.0473 1420 Serenum - ok
11:43:10.0489 1420 [ E62FAC91EE288DB29A9696A9D279929C ] Serial C:\Windows\system32\drivers\serial.sys
11:43:10.0489 1420 Serial - ok
11:43:10.0489 1420 [ A842F04833684BCEEA7336211BE478DF ] sermouse C:\Windows\system32\drivers\sermouse.sys
11:43:10.0504 1420 sermouse - ok
11:43:10.0504 1420 [ A8E4A4407A09F35DCCC3771AF590B0C4 ] SessionEnv C:\Windows\system32\sessenv.dll
11:43:10.0504 1420 SessionEnv - ok
11:43:10.0504 1420 [ 14D4B4465193A87C127933978E8C4106 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
11:43:10.0520 1420 sffdisk - ok
11:43:10.0535 1420 [ 7073AEE3F82F3D598E3825962AA98AB2 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
11:43:10.0535 1420 sffp_mmc - ok
11:43:10.0535 1420 [ 35E59EBE4A01A0532ED67975161C7B82 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
11:43:10.0535 1420 sffp_sd - ok
11:43:10.0551 1420 [ 6B7838C94135768BD455CBDC23E39E5F ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
11:43:10.0551 1420 sfloppy - ok
11:43:10.0567 1420 [ 4C5AEE179DA7E1EE9A9CCB9DA289AF34 ] SharedAccess C:\Windows\System32\ipnathlp.dll
11:43:10.0567 1420 SharedAccess - ok
11:43:10.0582 1420 [ EB3114330236CF030E8EDF62881BAF67 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:43:10.0598 1420 ShellHWDetection - ok
11:43:10.0598 1420 [ 7A5DE502AEB719D4594C6471060A78B3 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
11:43:10.0598 1420 SiSRaid2 - ok
11:43:10.0598 1420 [ 3A2F769FAB9582BC720E11EA1DFB184D ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
11:43:10.0598 1420 SiSRaid4 - ok
11:43:10.0660 1420 [ A301D2CEFB4747DFE0C24425DCBE0B78 ] slsvc C:\Windows\system32\SLsvc.exe
11:43:10.0676 1420 slsvc - ok
11:43:10.0676 1420 [ F5DDF7C0AF85EB72CB295171F8C3CB35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
11:43:10.0676 1420 SLUINotify - ok
11:43:10.0691 1420 [ 41EB2E8E005FEEDCAFCE301983EFF932 ] Smb C:\Windows\system32\DRIVERS\smb.sys
11:43:10.0691 1420 Smb - ok
11:43:10.0707 1420 [ F8F47F38909823B1AF28D60B96340CFF ] SNMPTRAP C:\Windows\System32\snmptrap.exe
11:43:10.0707 1420 SNMPTRAP - ok
11:43:10.0723 1420 [ F9CB0672162F7F04248E2B82C1FF4617 ] spldr C:\Windows\system32\drivers\spldr.sys
11:43:10.0723 1420 spldr - ok
11:43:10.0723 1420 [ E6519A9E756D74DC51C697BA62162F51 ] Spooler C:\Windows\System32\spoolsv.exe
11:43:10.0723 1420 Spooler - ok
11:43:10.0738 1420 [ B02F20D0D581496B826E21F8572C62B0 ] srv C:\Windows\system32\DRIVERS\srv.sys
11:43:10.0754 1420 srv - ok
11:43:10.0754 1420 [ 68DCD148225F40EF1CDF6CFC115CB6FE ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
11:43:10.0754 1420 srv2 - ok
11:43:10.0754 1420 [ 4D0858B640CDBCBA671C5439A8EF45CB ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
11:43:10.0754 1420 srvnet - ok
11:43:10.0769 1420 [ 192C74646EC5725AEF3F80D19FF75F6A ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
11:43:10.0785 1420 SSDPSRV - ok
11:43:10.0816 1420 [ 2EE3FA0308E6185BA64A9A7F2E74332B ] SstpSvc C:\Windows\system32\sstpsvc.dll
11:43:10.0816 1420 SstpSvc - ok
11:43:10.0863 1420 [ 9E1222C417291BC836210743624A8E5E ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
11:43:10.0879 1420 Stereo Service - ok
11:43:10.0910 1420 [ F14F7D7D68A66777FB999D5D0F21138D ] stisvc C:\Windows\System32\wiaservc.dll
11:43:10.0910 1420 stisvc - ok
11:43:10.0941 1420 [ 8A851CA908B8B974F89C50D2E18D4F0C ] swenum C:\Windows\system32\DRIVERS\swenum.sys
11:43:10.0941 1420 swenum - ok
11:43:10.0972 1420 [ DA34D6EB4A3154C0BEBAEB0A2483EF3E ] swprv C:\Windows\System32\swprv.dll
11:43:10.0988 1420 swprv - ok
11:43:11.0003 1420 [ 2F26A2C6FC96B29BEFF5D8ED74E6625B ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
11:43:11.0003 1420 Symc8xx - ok
11:43:11.0003 1420 [ A909667976D3BCCD1DF813FED517D837 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
11:43:11.0003 1420 Sym_hi - ok
11:43:11.0019 1420 [ 36887B56EC2D98B9C362F6AE4DE5B7B0 ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
11:43:11.0019 1420 Sym_u3 - ok
11:43:11.0050 1420 [ BEA0D5521ED21DF8F6FFEED86DAEDE7B ] SysMain C:\Windows\system32\sysmain.dll
11:43:11.0066 1420 SysMain - ok
11:43:11.0066 1420 [ 005CE42567F9113A3BCCB3B20073B029 ] TabletInputService C:\Windows\System32\TabSvc.dll
11:43:11.0066 1420 TabletInputService - ok
11:43:11.0097 1420 [ 52091001CAF20AE84CF47023EE21B4BB ] TapiSrv C:\Windows\System32\tapisrv.dll
11:43:11.0097 1420 TapiSrv - ok
11:43:11.0113 1420 [ CDBE8D7C1E201B911CDC346D06617FB5 ] TBS C:\Windows\System32\tbssvc.dll
11:43:11.0113 1420 TBS - ok
11:43:11.0159 1420 [ 7A1183FBB802F5ABAD7FA18BC67E0858 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
11:43:11.0159 1420 Tcpip - ok
11:43:11.0206 1420 [ 7A1183FBB802F5ABAD7FA18BC67E0858 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
11:43:11.0206 1420 Tcpip6 - ok
11:43:11.0253 1420 [ C29D4B3B08AD0B7E8564814E4FF6A57B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
11:43:11.0253 1420 tcpipreg - ok
11:43:11.0269 1420 [ 1D8BF4AAA5FB7A2761475781DC1195BC ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
11:43:11.0269 1420 TDPIPE - ok
11:43:11.0269 1420 [ 7F7E00CDF609DF657F4CDA02DD1C9BB1 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
11:43:11.0269 1420 TDTCP - ok
11:43:11.0300 1420 [ 8C39C72E0E853DE04748C0337D9B9216 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
11:43:11.0300 1420 tdx - ok
11:43:11.0300 1420 [ 3F0EBF6EE609F2A276C0D5FAF244EC90 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
11:43:11.0300 1420 TermDD - ok
11:43:11.0315 1420 [ F870A5589D6A94B426EFB13689023946 ] TermService C:\Windows\System32\termsrv.dll
11:43:11.0331 1420 TermService - ok
11:43:11.0347 1420 [ EB3114330236CF030E8EDF62881BAF67 ] Themes C:\Windows\system32\shsvcs.dll
11:43:11.0347 1420 Themes - ok
11:43:11.0362 1420 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] THREADORDER C:\Windows\system32\mmcss.dll
11:43:11.0362 1420 THREADORDER - ok
11:43:11.0378 1420 [ 832F9D02B20DE69C52E81DBE13599EE1 ] Tpkd C:\Windows\system32\drivers\Tpkd.sys
11:43:11.0378 1420 Tpkd - ok
11:43:11.0393 1420 [ F4689F05AF472A651A7B1B7B02D200E7 ] TrkWks C:\Windows\System32\trkwks.dll
11:43:11.0393 1420 TrkWks - ok
11:43:11.0440 1420 [ AC6FF1DF22ED90BAD6417EE5A4C6E2F0 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:43:11.0440 1420 TrustedInstaller - ok
11:43:11.0456 1420 [ 9E5409CD17C8BEF193AAD498F3BC2CB8 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
11:43:11.0456 1420 tssecsrv - ok
11:43:11.0487 1420 [ 89EC74A9E602D16A75A4170511029B3C ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
11:43:11.0487 1420 tunmp - ok
11:43:11.0503 1420 [ F6A4FBA7C03AC2EFD00F3301C0C1E067 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
11:43:11.0503 1420 tunnel - ok
11:43:11.0518 1420 [ FEC266EF401966311744BD0F359F7F56 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
11:43:11.0518 1420 uagp35 - ok
11:43:11.0549 1420 [ ECA6629E33F122AFFF18A2AB7C3EB033 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
11:43:11.0549 1420 udfs - ok
11:43:11.0549 1420 [ 060507C4113391394478F6953A79EEDC ] UI0Detect C:\Windows\system32\UI0Detect.exe
11:43:11.0549 1420 UI0Detect - ok
11:43:11.0596 1420 [ 4EC9447AC3AB462647F60E547208CA00 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
11:43:11.0596 1420 uliagpkx - ok
11:43:11.0612 1420 [ 697F0446134CDC8F99E69306184FBBB4 ] uliahci C:\Windows\system32\drivers\uliahci.sys
11:43:11.0612 1420 uliahci - ok
11:43:11.0612 1420 [ 31707F09846056651EA2C37858F5DDB0 ] UlSata C:\Windows\system32\drivers\ulsata.sys
11:43:11.0612 1420 UlSata - ok
11:43:11.0627 1420 [ 85E5E43ED5B48C8376281BAB519271B7 ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
11:43:11.0627 1420 ulsata2 - ok
11:43:11.0627 1420 [ 46E9A994C4FED537DD951F60B86AD3F4 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
11:43:11.0627 1420 umbus - ok
11:43:11.0659 1420 [ 658C50524E470516067708BABFB08738 ] UmRdpService C:\Windows\System32\umrdp.dll
11:43:11.0659 1420 UmRdpService - ok
11:43:11.0674 1420 [ 7093799FF80E9DECA0680D2E3535BE60 ] upnphost C:\Windows\System32\upnphost.dll
11:43:11.0674 1420 upnphost - ok
11:43:11.0721 1420 [ 07E3498FC60834219D2356293DA0FECC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
11:43:11.0737 1420 usbccgp - ok
11:43:11.0752 1420 [ 9247F7E0B65852C1F6631480984D6ED2 ] usbcir C:\Windows\system32\drivers\usbcir.sys
11:43:11.0752 1420 usbcir - ok
11:43:11.0783 1420 [ DA6D8D8ED0A53C63AC6F4BD40FE83FBE ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
11:43:11.0783 1420 usbehci - ok
11:43:11.0799 1420 [ 99045369AE3216216573D0775FD7ED56 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
11:43:11.0799 1420 usbhub - ok
11:43:11.0815 1420 [ EBA14EF0C07CEC233F1529C698D0D154 ] usbohci C:\Windows\system32\drivers\usbohci.sys
11:43:11.0815 1420 usbohci - ok
11:43:11.0830 1420 [ ACFEE697AF477021BB3EC78C5431FED2 ] usbprint C:\Windows\system32\drivers\usbprint.sys
11:43:11.0830 1420 usbprint - ok
11:43:11.0846 1420 [ 586D9876A4945779C8EEA926C0D16889 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:43:11.0846 1420 USBSTOR - ok
11:43:11.0861 1420 [ B2872CBF9F47316ABD0E0C74A1ABA507 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
11:43:11.0861 1420 usbuhci - ok
11:43:11.0877 1420 [ 9190F03C82547AFA87367F1CECA88F3B ] UxSms C:\Windows\System32\uxsms.dll
11:43:11.0877 1420 UxSms - ok
11:43:11.0893 1420 [ C15A4A550CBA7B9F1F68B72528E04CE1 ] vds C:\Windows\System32\vds.exe
11:43:11.0908 1420 vds - ok
11:43:11.0924 1420 [ 916B94BCF1E09873FFF2D5FB11767BBC ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
11:43:11.0924 1420 vga - ok
11:43:11.0939 1420 [ B83AB16B51FEDA65DD81B8C59D114D63 ] VgaSave C:\Windows\System32\drivers\vga.sys
11:43:11.0939 1420 VgaSave - ok
11:43:11.0955 1420 [ 8294B6C3FDB6C33F24E150DE647ECDAA ] viaide C:\Windows\system32\drivers\viaide.sys
11:43:11.0955 1420 viaide - ok
11:43:11.0971 1420 [ 793D9B32A1C462C91F6F70358283AC97 ] volmgr C:\Windows\system32\drivers\volmgr.sys
11:43:11.0986 1420 volmgr - ok
11:43:12.0002 1420 [ 5AA217DA5DC4FF5B9AC9AB86563B3223 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
11:43:12.0002 1420 volmgrx - ok
11:43:12.0002 1420 [ DE4307412D98050239026E56A7DFF3C0 ] volsnap C:\Windows\system32\drivers\volsnap.sys
11:43:12.0002 1420 volsnap - ok
11:43:12.0033 1420 [ A68F455ED2673835209318DD61BFBB0E ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
11:43:12.0033 1420 vsmraid - ok
11:43:12.0080 1420 [ 186BD53F8A408AD20F5A056C05678629 ] VSS C:\Windows\system32\vssvc.exe
11:43:12.0095 1420 VSS - ok
11:43:12.0095 1420 [ BA29F34A61CB55C0DEE29E787542EDF4 ] W32Time C:\Windows\system32\w32time.dll
11:43:12.0111 1420 W32Time - ok
11:43:12.0111 1420 [ FEF8FE5923FEAD2CEE4DFABFCE3393A7 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
11:43:12.0111 1420 WacomPen - ok
11:43:12.0142 1420 [ AEA75207E443C8623C36B8D03596F84F ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
11:43:12.0142 1420 Wanarp - ok
11:43:12.0158 1420 [ AEA75207E443C8623C36B8D03596F84F ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
11:43:12.0158 1420 Wanarpv6 - ok
11:43:12.0189 1420 [ 54D1827975AFD9BC391343C357B9EA06 ] wbengine C:\Windows\system32\wbengine.exe
11:43:12.0220 1420 wbengine - ok
11:43:12.0251 1420 [ 055449247C490E24B968B44FE8A969EB ] wcncsvc C:\Windows\System32\wcncsvc.dll
11:43:12.0267 1420 wcncsvc - ok
11:43:12.0267 1420 [ EA4B369560E986F19D93F45A881484AC ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:43:12.0267 1420 WcsPlugInService - ok
11:43:12.0283 1420 [ 0C17A0816F65B89E362E682AD5E7266E ] Wd C:\Windows\system32\drivers\wd.sys
11:43:12.0283 1420 Wd - ok
11:43:12.0314 1420 [ D02E7E4567DA1E7582FBF6A91144B0DF ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
11:43:12.0329 1420 Wdf01000 - ok
11:43:12.0329 1420 [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiServiceHost C:\Windows\system32\wdi.dll
11:43:12.0329 1420 WdiServiceHost - ok
11:43:12.0329 1420 [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiSystemHost C:\Windows\system32\wdi.dll
11:43:12.0329 1420 WdiSystemHost - ok
11:43:12.0345 1420 [ 3D4AB55F8178FD0CD3CA45CD0EC9CF5B ] WebClient C:\Windows\System32\webclnt.dll
11:43:12.0345 1420 WebClient - ok
11:43:12.0361 1420 [ BD9A749F36710FFA02E0E530F7451936 ] Wecsvc C:\Windows\system32\wecsvc.dll
11:43:12.0376 1420 Wecsvc - ok
11:43:12.0392 1420 [ 9C980351D7E96288EA0C23AE232BD065 ] wercplsupport C:\Windows\System32\wercplsupport.dll
11:43:12.0392 1420 wercplsupport - ok
11:43:12.0392 1420 [ 66B9ECEBC46683F47EDC06333C075FEF ] WerSvc C:\Windows\System32\WerSvc.dll
11:43:12.0392 1420 WerSvc - ok
11:43:12.0407 1420 WinDefend - ok
11:43:12.0423 1420 WinHttpAutoProxySvc - ok
11:43:12.0470 1420 [ AC98F38FEAB066A8F983D54FF3F4FD4C ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
11:43:12.0470 1420 Winmgmt - ok
11:43:12.0532 1420 [ AEB6C5200FD5517F06076AF0EE4538E1 ] WinRM C:\Windows\system32\WsmSvc.dll
11:43:12.0548 1420 WinRM - ok
11:43:12.0579 1420 [ 05477E53B7B529435026F705B4235324 ] Wlansvc C:\Windows\System32\wlansvc.dll
11:43:12.0579 1420 Wlansvc - ok
11:43:12.0595 1420 [ E18AEBAAA5A773FE11AA2C70F65320F5 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
11:43:12.0595 1420 WmiAcpi - ok
11:43:12.0641 1420 [ D303322DD577C3DEDA1251ED2E7A496C ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
11:43:12.0641 1420 wmiApSrv - ok
11:43:12.0641 1420 WMPNetworkSvc - ok
11:43:12.0657 1420 [ A27C8F92D84E2DDC151978E4692C978E ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
11:43:12.0673 1420 WPDBusEnum - ok
11:43:12.0688 1420 [ 8A900348370E359B6BFF6A550E4649E1 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
11:43:12.0688 1420 ws2ifsl - ok
11:43:12.0688 1420 [ CB8EA6D95949384925CCFCA21CC6DFD8 ] wscsvc C:\Windows\System32\wscsvc.dll
11:43:12.0688 1420 wscsvc - ok
11:43:12.0688 1420 WSearch - ok
11:43:12.0766 1420 [ 69F2BC7B46E3E15C8EC688F42A65B57F ] wuauserv C:\Windows\system32\wuaueng.dll
11:43:12.0782 1420 wuauserv - ok
11:43:12.0797 1420 [ 501A65252617B495C0F1832F908D54D8 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
11:43:12.0797 1420 WUDFRd - ok
11:43:12.0813 1420 [ 6CBD51FF913C851D56ED9DC7F2A27DDE ] wudfsvc C:\Windows\System32\WUDFSvc.dll
11:43:12.0813 1420 wudfsvc - ok
11:43:12.0829 1420 ================ Scan global ===============================
11:43:12.0844 1420 [ 060DC3A7A9A2626031EB23D90151428D ] C:\Windows\system32\basesrv.dll
11:43:12.0891 1420 [ A9C654098A5CA39618DA9D022A6691B8 ] C:\Windows\system32\winsrv.dll
11:43:12.0907 1420 [ A9C654098A5CA39618DA9D022A6691B8 ] C:\Windows\system32\winsrv.dll
11:43:12.0938 1420 [ DFAC660F0F139276CC9299812DE42719 ] C:\Windows\system32\services.exe
11:43:12.0938 1420 [Global] - ok
11:43:12.0938 1420 ================ Scan MBR ==================================
11:43:12.0953 1420 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
11:43:13.0375 1420 \Device\Harddisk0\DR0 - ok
11:43:13.0390 1420 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk2\DR2
11:43:13.0453 1420 \Device\Harddisk2\DR2 - ok
11:43:13.0468 1420 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk1\DR1
11:43:13.0515 1420 \Device\Harddisk1\DR1 - ok
11:43:13.0593 1420 [ 633150EB706C046D64591B7DA0597813 ] \Device\Harddisk3\DR3
11:43:14.0872 1420 \Device\Harddisk3\DR3 - ok
11:43:14.0872 1420 ================ Scan VBR ==================================
11:43:14.0872 1420 [ 9A8CCC40A63B0A93F6E52984FFB8711D ] \Device\Harddisk0\DR0\Partition1
11:43:14.0888 1420 \Device\Harddisk0\DR0\Partition1 - ok
11:43:14.0903 1420 [ 55E4D48B9C3ED47C23403FA70E2305B3 ] \Device\Harddisk2\DR2\Partition1
11:43:14.0903 1420 \Device\Harddisk2\DR2\Partition1 - ok
11:43:14.0919 1420 [ 59FF76187F9C86FEDA3A769629B3BEF0 ] \Device\Harddisk1\DR1\Partition1
11:43:14.0919 1420 \Device\Harddisk1\DR1\Partition1 - ok
11:43:14.0950 1420 [ 3AAAF45E12DD94A190E919334A276A96 ] \Device\Harddisk3\DR3\Partition1
11:43:14.0950 1420 \Device\Harddisk3\DR3\Partition1 - ok
11:43:14.0950 1420 ============================================================
11:43:14.0950 1420 Scan finished
11:43:14.0950 1420 ============================================================
11:43:14.0966 3908 Detected object count: 0
11:43:14.0966 3908 Actual detected object count: 0
11:45:44.0501 3284 Deinitialize success

ESET Results:

C:\$WINDOWS.~Q\DATA\Windows\System32\config\systemprofile\AppData\Roaming\n1xo6m.exe a variant of Win32/TrojanDownloader.VB.PXU trojan cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\$RECYCLE.BIN\S-1-5-18\$0077518b6ba3f31d60ef2fcdd52d5b89\n.vir Win64/Sirefef.AR trojan cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\$RECYCLE.BIN\S-1-5-18\$0077518b6ba3f31d60ef2fcdd52d5b89\U\00000004.@.vir Win64/Conedex.C trojan cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\$RECYCLE.BIN\S-1-5-18\$0077518b6ba3f31d60ef2fcdd52d5b89\U\000000cb.@.vir Win64/Conedex.B trojan cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\$RECYCLE.BIN\S-1-5-18\$0077518b6ba3f31d60ef2fcdd52d5b89\U\80000000.@.vir Win64/Sirefef.AP trojan cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\$RECYCLE.BIN\S-1-5-18\$0077518b6ba3f31d60ef2fcdd52d5b89\U\80000032.@.vir a variant of Win32/Sirefef.FD trojan cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\$RECYCLE.BIN\S-1-5-18\$0077518b6ba3f31d60ef2fcdd52d5b89\U\80000064.@.vir Win64/Sirefef.AN trojan cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\$RECYCLE.BIN\S-1-5-21-3193392620-3598226829-1479453970-1000\$0077518b6ba3f31d60ef2fcdd52d5b89\n.vir Win64/Sirefef.AR trojan cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Users\VisionDAW User\AppData\Roaming\unfsvc.dll.vir a variant of Win32/Medfos.DC trojan cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Windows\Installer\{0077518b-6ba3-f31d-60ef-2fcdd52d5b89}\U\00000004.@.vir Win64/Conedex.C trojan cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Windows\Installer\{0077518b-6ba3-f31d-60ef-2fcdd52d5b89}\U\80000000.@.vir Win64/Sirefef.AP trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\02.09.2012_09.49.22\zasubsys0000\file0000\tsk0000.dta Win64/Patched.B trojan deleted - quarantined
C:\TDSSKiller_Quarantine\02.09.2012_09.49.22\zasubsys0000\zafs0000\tsk0000.dta Win32/Sirefef.EZ trojan deleted - quarantined
C:\TDSSKiller_Quarantine\02.09.2012_09.49.22\zasubsys0000\zafs0000\tsk0001.dta Win64/Sirefef.AD trojan deleted - quarantined
C:\Users\VisionDAW User\AppData\Local\{6A74DE19-F4FD-11E1-8270-B8AC6F996F26}\chrome\content\browser.xul JS/Redirector.NIQ trojan cleaned by deleting - quarantined

Thanks again for your help. I know now to consult the experts before tackling stuff like this. Please let me know what else I need to do in terms of removing Combofix (it's in my downloads folder, not my desktop)or anything else. Thank you.

#4 redrevolver77

redrevolver77
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:10:53 PM

Posted 12 September 2012 - 05:25 PM

Is there something further that I should do based on these logs? I'm not sure if I should restart my PC, or run something to remove all of these anti-malware programs. Any advice is greatly appreciated.

#5 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:53 PM

Posted 12 September 2012 - 10:12 PM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log

#6 redrevolver77

redrevolver77
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:10:53 PM

Posted 13 September 2012 - 11:48 AM

Ok I ran Malwarebytes and deleted the found objects of the scan. Rebooted, then ran the scan again and it came back clean. I ran the MiniTollbox and here's that log:


MiniToolBox by Farbar Version: 23-07-2012
Ran by VisionDAW User (administrator) on 13-09-2012 at 12:11:34
Microsoft® Windows Vista™ Business Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.type", 0

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================


127.0.0.1 localhost

========================= IP Configuration: ================================

Belkin USB Wireless Adaptor = Wireless Network Connection (Connected)
Realtek RTL8168D/8111D Family PCI Gigabit Ethernet NIC (NDIS 6.0) = Local Area Connection (Media disconnected)
Realtek RTL8168D/8111D Family PCI Gigabit Ethernet NIC (NDIS 6.0) = Local Area Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
add route prefix=0.0.0.0/0 interface="Local Area Connection 2" nexthop=192.168.1.1
add address name="Local Area Connection 2" address=192.168.1.102


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : VisionDAW-20310
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : home

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : home
Description . . . . . . . . . . . : Belkin USB Wireless Adaptor
Physical Address. . . . . . . . . : 94-44-52-E2-02-42
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::a832:2364:bed6:33e3%13(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.6(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Thursday, September 13, 2012 9:15:38 AM
Lease Expires . . . . . . . . . . : Friday, September 14, 2012 9:15:38 AM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek RTL8168D/8111D Family PCI Gigabit Ethernet NIC (NDIS 6.0) #2
Physical Address. . . . . . . . . : 00-24-1D-73-1B-FA
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek RTL8168D/8111D Family PCI Gigabit Ethernet NIC (NDIS 6.0)
Physical Address. . . . . . . . . : 00-24-1D-73-1B-F8
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection*:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:cb4:2401:3f57:fef9(Preferred)
Link-local IPv6 Address . . . . . : fe80::cb4:2401:3f57:fef9%15(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Local Area Connection* 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : home
Description . . . . . . . . . . . : isatap.home
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 8:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{9789819A-9E33-4021-B8DC-9D4DA0C4314C}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{F32D70AD-3C0C-447C-B6C6-4C9ADB0276EC}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: Wireless_Broadband_Router.home
Address: 192.168.1.1

Name: google.com
Addresses: 2607:f8b0:4006:800::1007
173.194.43.7
173.194.43.5
173.194.43.0
173.194.43.8
173.194.43.4
173.194.43.3
173.194.43.6
173.194.43.9
173.194.43.1
173.194.43.14
173.194.43.2



Pinging google.com [74.125.226.197] with 32 bytes of data:

Reply from 74.125.226.197: bytes=32 time=9ms TTL=252

Reply from 74.125.226.197: bytes=32 time=28ms TTL=252



Ping statistics for 74.125.226.197:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 9ms, Maximum = 28ms, Average = 18ms

Server: Wireless_Broadband_Router.home
Address: 192.168.1.1

Name: yahoo.com
Addresses: 72.30.38.140
98.138.253.109
98.139.183.24



Pinging yahoo.com [98.138.253.109] with 32 bytes of data:

Reply from 98.138.253.109: bytes=32 time=194ms TTL=250

Reply from 98.138.253.109: bytes=32 time=88ms TTL=49



Ping statistics for 98.138.253.109:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 88ms, Maximum = 194ms, Average = 141ms

Server: Wireless_Broadband_Router.home
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:

Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),



Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time=4ms TTL=128

Reply from 127.0.0.1: bytes=32 time=1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 1ms, Maximum = 4ms, Average = 2ms

===========================================================================
Interface List
13 ...94 44 52 e2 02 42 ...... Belkin USB Wireless Adaptor
11 ...00 24 1d 73 1b fa ...... Realtek RTL8168D/8111D Family PCI Gigabit Ethernet NIC (NDIS 6.0) #2
9 ...00 24 1d 73 1b f8 ...... Realtek RTL8168D/8111D Family PCI Gigabit Ethernet NIC (NDIS 6.0)
1 ........................... Software Loopback Interface 1
15 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
16 ...00 00 00 00 00 00 00 e0 isatap.home
10 ...00 00 00 00 00 00 00 e0 isatap.{9789819A-9E33-4021-B8DC-9D4DA0C4314C}
12 ...00 00 00 00 00 00 00 e0 isatap.{F32D70AD-3C0C-447C-B6C6-4C9ADB0276EC}
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.6 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.6 281
192.168.1.6 255.255.255.255 On-link 192.168.1.6 281
192.168.1.255 255.255.255.255 On-link 192.168.1.6 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.6 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.6 281
===========================================================================
Persistent Routes:
Network Address Netmask Gateway Address Metric
0.0.0.0 0.0.0.0 192.168.1.1 Default
===========================================================================

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
15 18 ::/0 On-link
1 306 ::1/128 On-link
15 18 2001::/32 On-link
15 266 2001:0:4137:9e76:cb4:2401:3f57:fef9/128
On-link
13 281 fe80::/64 On-link
15 266 fe80::/64 On-link
15 266 fe80::cb4:2401:3f57:fef9/128
On-link
13 281 fe80::a832:2364:bed6:33e3/128
On-link
1 306 ff00::/8 On-link
15 266 ff00::/8 On-link
13 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [19968] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [61440] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [62976] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [78848] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [78848] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [27648] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/12/2012 07:26:32 PM) (Source: Application Hang) (User: )
Description: The program Frozen Throne.exe version 1.5.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel.
Process ID: 884
Start Time: 01cd913df3444ad2
Termination Time: 0

Error: (09/12/2012 07:25:38 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_152e7382f3bd50c6.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_152e7382f3bd50c6.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_152e7382f3bd50c6.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_152e7382f3bd50c6.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc.manifest.

Error: (09/12/2012 07:22:49 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_152e7382f3bd50c6.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_152e7382f3bd50c6.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_152e7382f3bd50c6.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_152e7382f3bd50c6.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc.manifest.

Error: (09/12/2012 06:59:04 PM) (Source: Application Hang) (User: )
Description: The program Frozen Throne.exe version 1.5.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel.
Process ID: e48
Start Time: 01cd913a23b743b2
Termination Time: 2

Error: (09/12/2012 06:18:56 PM) (Source: Application Hang) (User: )
Description: The program Frozen Throne.exe version 1.5.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel.
Process ID: d7c
Start Time: 01cd91348f19adb2
Termination Time: 1

Error: (09/12/2012 06:18:20 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_152e7382f3bd50c6.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_152e7382f3bd50c6.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_152e7382f3bd50c6.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_152e7382f3bd50c6.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc.manifest.

Error: (09/12/2012 03:45:25 PM) (Source: Bonjour Service) (User: )
Description: Client application bug: DNSServiceResolve(BZDN1777797771-QkxaMDAwMkUwTEVDOUVVMUE5NlYxRj1kQEVGQzBERQ==._bzdn._tcp.local.) active for over two minutes. This places considerable burden on the network.

Error: (09/12/2012 03:29:43 PM) (Source: Bonjour Service) (User: )
Description: Client application bug: DNSServiceResolve(BZDN2012089293-QkxaMDAwMkUwTEVDOUVVMUE5NlYxRj1kQEVGQzBERQ==._bzdn._tcp.local.) active for over two minutes. This places considerable burden on the network.

Error: (09/12/2012 03:21:11 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_152e7382f3bd50c6.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_152e7382f3bd50c6.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_152e7382f3bd50c6.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_152e7382f3bd50c6.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc.manifest.

Error: (09/12/2012 03:19:02 PM) (Source: Application Hang) (User: )
Description: The program Frozen Throne.exe version 1.5.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel.
Process ID: a28
Start Time: 01cd911b7111f892
Termination Time: 1


System errors:
=============
Error: (09/13/2012 09:15:32 AM) (Source: HTTP) (User: )
Description: \Device\Http\ReqQueueKerberos

Error: (09/12/2012 07:13:09 PM) (Source: Service Control Manager) (User: )
Description: SBSD Security Center Service1

Error: (09/12/2012 07:13:00 PM) (Source: Service Control Manager) (User: )
Description: Windows Search1300001Restart the service

Error: (09/12/2012 07:12:38 PM) (Source: Service Control Manager) (User: )
Description: NIHardwareService1

Error: (09/12/2012 07:12:34 PM) (Source: Service Control Manager) (User: )
Description: Bonjour Service1

Error: (09/12/2012 07:12:30 PM) (Source: Service Control Manager) (User: )
Description: Apple Mobile Device1600001Restart the service

Error: (09/12/2012 07:12:21 PM) (Source: Service Control Manager) (User: )
Description: iPod Service1

Error: (09/11/2012 01:47:43 PM) (Source: HTTP) (User: )
Description: \Device\Http\ReqQueueKerberos

Error: (09/11/2012 00:55:50 PM) (Source: Service Control Manager) (User: )
Description: SBSD Security Center Service%%1053

Error: (09/11/2012 00:55:50 PM) (Source: Service Control Manager) (User: )
Description: 30000SBSD Security Center Service


Microsoft Office Sessions:
=========================
Error: (09/12/2012 07:26:32 PM) (Source: Application Hang)(User: )
Description: Frozen Throne.exe1.5.0.088401cd913df3444ad20

Error: (09/12/2012 07:25:38 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_152e7382f3bd50c6.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc.manifestC:\Users\VisionDAW User\Desktop\esetsmartinstaller_enu.exe

Error: (09/12/2012 07:22:49 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_152e7382f3bd50c6.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc.manifestC:\Users\VisionDAW User\Desktop\esetsmartinstaller_enu.exe

Error: (09/12/2012 06:59:04 PM) (Source: Application Hang)(User: )
Description: Frozen Throne.exe1.5.0.0e4801cd913a23b743b22

Error: (09/12/2012 06:18:56 PM) (Source: Application Hang)(User: )
Description: Frozen Throne.exe1.5.0.0d7c01cd91348f19adb21

Error: (09/12/2012 06:18:20 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_152e7382f3bd50c6.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc.manifestC:\Users\VisionDAW User\Desktop\esetsmartinstaller_enu.exe

Error: (09/12/2012 03:45:25 PM) (Source: Bonjour Service)(User: )
Description: Client application bug: DNSServiceResolve(BZDN1777797771-QkxaMDAwMkUwTEVDOUVVMUE5NlYxRj1kQEVGQzBERQ==._bzdn._tcp.local.) active for over two minutes. This places considerable burden on the network.

Error: (09/12/2012 03:29:43 PM) (Source: Bonjour Service)(User: )
Description: Client application bug: DNSServiceResolve(BZDN2012089293-QkxaMDAwMkUwTEVDOUVVMUE5NlYxRj1kQEVGQzBERQ==._bzdn._tcp.local.) active for over two minutes. This places considerable burden on the network.

Error: (09/12/2012 03:21:11 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_152e7382f3bd50c6.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc.manifestC:\Users\VisionDAW User\Desktop\esetsmartinstaller_enu.exe

Error: (09/12/2012 03:19:02 PM) (Source: Application Hang)(User: )
Description: Frozen Throne.exe1.5.0.0a2801cd911b7111f8921


=========================== Installed Programs ============================

Apple Mobile Device Support (Version: 5.1.1.4)
Authorizer 2.0 (Version: 2.0)
Authorizer Ignition Key Support (Version: 1.0.3.0)
Bonjour (Version: 3.0.0.10)
EWQL Orchestra 24/16 Bit Platinum Plus (Version: 1.0.079)
EWQL Symphonic Choirs (Version: 1.2.0)
FileZilla Client 3.5.3 (Version: 3.5.3)
Google Chrome (Version: 21.0.1180.89)
iTunes (Version: 10.6.0.40)
K-Lite Codec Pack 5.7.0 (64-bit) (Version: 5.7.0)
Microsoft .NET Framework 3.5 SP1
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
MusicLab MolCp III Driver (Version: 3.2.6.221)
Native Instruments Controller Editor (Version: 1.4.5.910)
Native Instruments FM8 (Version: 1.2.0.1016)
Native Instruments Guitar Rig 5 (Version: 5.1.0.2641)
Native Instruments Guitar Rig Mobile I/O (Version: 3.0.0.625)
Native Instruments Guitar Rig Session I/O (Version: 3.0.0.625)
Native Instruments Kontakt 5 (Version: 5.0.2.5641)
Native Instruments Kontakt Factory Library (Version: 1.0.0.003)
Native Instruments Massive (Version: 1.3.0.2050)
Native Instruments Rig Kontrol 3 (Version: 3.0.0.625)
Native Instruments Service Center (Version: 2.3.2.926)
NVIDIA 3D Vision Controller Driver 285.62 (Version: 285.62)
NVIDIA 3D Vision Driver 285.62 (Version: 285.62)
NVIDIA Control Panel 285.62 (Version: 285.62)
NVIDIA Graphics Driver 285.62 (Version: 285.62)
NVIDIA Install Application (Version: 2.1002.46.235)
NVIDIA PhysX System Software 9.11.0621 (Version: 9.11.0621)
NVIDIA Update 1.5.20 (Version: 1.5.20)
NVIDIA Update Components (Version: 1.5.20)
Play Update 1.2.3 (Version: 1.2.3)
Play Update 1.2.5 (Version: 1.2.5)
Play Update 2.0.9 (Version: 2.0.9)
Play Update 2.1.1 (Version: 2.1.1)
Play Update 3.0.30 (Version: 3.0.30)
QL Ra (Version: 1.1.13)
QL Stormdrum 2 (Version: 1.0.046)
Reason 6.5.1 (Version: 6.5.1)
SUPERAntiSpyware (Version: 5.5.1016)
TruePianos 1.9.3
WinRAR 4.01 (64-bit) (Version: 4.01.0)
WordBuilder PLAY 64 Bit (Version: 1.0.0)

========================= Memory info: ===================================

Percentage of memory in use: 50%
Total physical RAM: 8188.58 MB
Available physical RAM: 4053.55 MB
Total Pagefile: 8068.14 MB
Available Pagefile: 4119.04 MB
Total Virtual: 4095.88 MB
Available Virtual: 4000.29 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:74.53 GB) (Free:16.67 GB) NTFS
2 Drive d: (500GB Disk 1) (Fixed) (Total:465.76 GB) (Free:249.3 GB) NTFS
3 Drive e: (500GB Disk 2) (Fixed) (Total:465.76 GB) (Free:233.47 GB) NTFS
4 Drive g: (My Passport) (Fixed) (Total:931.48 GB) (Free:789.88 GB) NTFS
5 Drive i: (CODEMETER) (Fixed) (Total:0.04 GB) (Free:0 GB) FAT32
6 Drive j: (Seagate External) (Fixed) (Total:596.17 GB) (Free:176.36 GB) NTFS

========================= Users: ========================================

User accounts for \\VISIONDAW-20310

Administrator Guest UpdatusUser
VisionDAW User


**** End of log ****

I ran the adware cleaner and here's that log:
# AdwCleaner v2.001 - Logfile created 09/13/2012 at 12:15:03
# Updated 09/09/2012 by Xplode
# Operating system : Windows ™ Vista Business Service Pack 1 (64 bits)
# User : VisionDAW User - VISIONDAW-20310
# Boot Mode : Normal
# Running from : C:\Users\VisionDAW User\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Deleted on reboot : C:\Users\VisionDAW User\Desktop\Save

***** [Registry] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v7.0.6001.18000

Restored : [HKCU\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]

-\\ Mozilla Firefox v [Unable to get version]

Profile name : default
File : C:\Users\VisionDAW User\AppData\Roaming\Mozilla\Firefox\Profiles\zejuaavv.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v21.0.1180.89

File : C:\Users\VisionDAW User\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [1298 octets] - [13/09/2012 12:15:03]

########## EOF - C:\AdwCleaner[S1].txt - [1358 octets] ##########

I'm still a little paranoid that there's more I need to do and that I'm not finished. I definitely appreciate the help given on this forum.

If there's a next step, please let me know what to do. If you have any advice for safe browsing or staying secure, please let me know. Thanks again.

#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:53 PM

Posted 13 September 2012 - 09:30 PM

Still need farbar service scanner log

Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the text contents here

#8 redrevolver77

redrevolver77
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:10:53 PM

Posted 14 September 2012 - 12:41 PM

Ok here you go:


Rkill 2.3.15 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 09/14/2012 01:38:24 PM in x64 mode.
Windows Version: Windows Vista ™ Business Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* WPCSvc [Missing Service]

Searching for Missing Digital Signatures:

* No issues found.

Program finished at: 09/14/2012 01:38:29 PM
Execution time: 0 hours(s), 0 minute(s), and 4 seconds(s)

And the Autorun:

"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "MolCp3Monitor" "MolCp III MIDI Monitor" "MusicLab, Inc." "c:\program files\musiclab\molcp iii\monitor.exe"
+ "Windows Defender" "Windows Defender User Interface" "Microsoft Corporation" "c:\program files\windows defender\msascui.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "APSDaemon" "Apple Push" "Apple Inc." "c:\program files (x86)\common files\apple\apple application support\apsdaemon.exe"
+ "AsioThk32Reg" "Creative ASIO Driver" "Creative Technology Ltd" "c:\windows\syswow64\ctasio.dll"
+ "CTHelper" "CtHelper Application" "Creative Technology Ltd" "c:\windows\syswow64\cthelper.exe"
+ "CTxfiHlp" "CTXfiHlp MFC Application" "Creative Technology Ltd" "c:\windows\syswow64\ctxfihlp.exe"
+ "iTunesHelper" "iTunesHelper" "Apple Inc." "c:\program files (x86)\itunes\ituneshelper.exe"
+ "QuickTime Task" "QuickTime Task" "Apple Inc." "c:\program files (x86)\quicktime\qttask.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows Mail 7" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows Mail 7" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Google Update" "Google Installer" "Google Inc." "c:\users\visiondaw user\appdata\local\google\update\googleupdate.exe"
+ "SpybotSD TeaTimer" "System settings protector" "Safer-Networking Ltd." "c:\program files (x86)\spybot - search & destroy\teatimer.exe"
+ "SUPERAntiSpyware" "SUPERAntiSpyware Application" "SUPERAntiSpyware.com" "c:\program files\superantispyware\superantispyware.exe"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "SASContextMenu Class" "SUPERAntiSpyware Context Menu Extension" "SUPERAntiSpyware.com" "c:\program files\superantispyware\sasctxmn64.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "WinRAR32" "" "" "c:\program files\winrar\rarext32.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "SASContextMenu Class" "SUPERAntiSpyware Context Menu Extension" "SUPERAntiSpyware.com" "c:\program files\superantispyware\sasctxmn64.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "WinRAR32" "" "" "c:\program files\winrar\rarext32.dll"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "WinRAR32" "" "" "c:\program files\winrar\rarext32.dll"
"HKLM\Software\Classes\Directory\Shellex\CopyHookHandlers" "" "" ""
+ "FileZilla3CopyHook" "fzshellext Dynamic Link Library" "" "c:\program files (x86)\filezilla ftp client\fzshellext_64.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Shellex\CopyHookHandlers" "" "" ""
+ "FileZilla3CopyHook" "fzshellext Dynamic Link Library" "" "c:\program files (x86)\filezilla ftp client\fzshellext.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "NvCplDesktopContext" "" "NVIDIA Corporation" "c:\windows\system32\nvshext.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "WinRAR32" "" "" "c:\program files\winrar\rarext32.dll"
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "WinRAR32" "" "" "c:\program files\winrar\rarext32.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Java™ Plug-In 2 SSV Helper" "" "" "File not found: C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll"
"Task Scheduler" "" "" ""
+ "\GoogleUpdateTaskUserS-1-5-21-3193392620-3598226829-1479453970-1000Core" "Google Installer" "Google Inc." "c:\users\visiondaw user\appdata\local\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-3193392620-3598226829-1479453970-1000UA" "Google Installer" "Google Inc." "c:\users\visiondaw user\appdata\local\google\update\googleupdate.exe"
+ "\Microsoft\Windows Defender\MP Scheduled Scan" "Windows Defender Command Line Utility" "Microsoft Corporation" "c:\program files\windows defender\mpcmdrun.exe"
+ "\Microsoft\Windows Defender\MP Scheduled Signature Update" "Windows Defender Command Line Utility" "Microsoft Corporation" "c:\program files\windows defender\mpcmdrun.exe"
+ "\Microsoft\Windows\Wired\GatherWiredInfo" "" "" "c:\windows\system32\gatherwiredinfo.vbs"
+ "\Microsoft\Windows\Wireless\GatherWirelessInfo" "" "" "c:\windows\system32\gatherwirelessinfo.vbs"
+ "\SUPERAntiSpyware Scheduled Task 129958f6-44ef-4f94-b3de-e9d4de6a8b5b" "SUPERAntiSpyware Task Dispatcher" "SUPERAdBlocker.com" "c:\program files\superantispyware\sastask.exe"
+ "\SUPERAntiSpyware Scheduled Task 17c99259-412d-416f-9bd2-311a42f4fdd1" "SUPERAntiSpyware Task Dispatcher" "SUPERAdBlocker.com" "c:\program files\superantispyware\sastask.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "!SASCORE" "SUPERAntiSpyware Core Service" "SUPERAntiSpyware.com" "c:\program files\superantispyware\sascore64.exe"
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files (x86)\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "Bonjour Service" "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence." "Apple Inc." "c:\program files\bonjour\mdnsresponder.exe"
+ "CodeMeter.exe" "CodeMeter Runtime Server" "WIBU-SYSTEMS AG" "c:\program files (x86)\codemeter\runtime\bin\codemeter.exe"
+ "iPod Service" "iPod hardware management services" "Apple Inc." "c:\program files\ipod\bin\ipodservice.exe"
+ "MBAMScheduler" "Malwarebytes Anti-Malware scheduler" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamscheduler.exe"
+ "MBAMService" "Malwarebytes Anti-Malware service" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamservice.exe"
+ "NIHardwareService" "Manages Native Instruments controller hardware. If this service is stopped, the hardware becomes unavailable." "Native Instruments GmbH" "c:\program files\common files\native instruments\hardware\nihardwareservice.exe"
+ "nvsvc" "Provides system and desktop level support to the NVIDIA display driver" "NVIDIA Corporation" "c:\windows\system32\nvvsvc.exe"
+ "nvUpdatusService" "NVIDIA Settings Update Manager service, used to check new updates from NVIDIA server." "NVIDIA Corporation" "c:\program files (x86)\nvidia corporation\nvidia updatus\daemonu.exe"
+ "SBSDWSCService" "Spybot-S&D Security Center integration" "Safer Networking Ltd." "c:\program files (x86)\spybot - search & destroy\sdwinsec.exe"
+ "WinDefend" "Scan your computer for unwanted software, schedule scans, and get the latest unwanted software definitions." "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "COMMONFX" "Creative Common FX Plug-in" "Creative Technology Ltd" "c:\windows\system32\drivers\commonfx.sys"
+ "COMMONFX.SYS" "Creative Common FX Plug-in" "Creative Technology Ltd" "c:\windows\system32\drivers\commonfx.sys"
+ "CT20XUT" "Creative 20X Utility Effects" "Creative Technology Ltd." "c:\windows\system32\drivers\ct20xut.sys"
+ "CT20XUT.SYS" "Creative 20X Utility Effects" "Creative Technology Ltd." "c:\windows\system32\drivers\ct20xut.sys"
+ "ctac32k" "Creative AC3 SW Decoder Device Driver (WDM)" "Creative Technology Ltd" "c:\windows\system32\drivers\ctac32k.sys"
+ "ctaud2k" "Creative WDM Audio Device Driver" "Creative Technology Ltd" "c:\windows\system32\drivers\ctaud2k.sys"
+ "CTAUDFX" "Creative SB FX Plug-in" "Creative Technology Ltd" "c:\windows\system32\drivers\ctaudfx.sys"
+ "CTAUDFX.SYS" "Creative SB FX Plug-in" "Creative Technology Ltd" "c:\windows\system32\drivers\ctaudfx.sys"
+ "CTEAPSFX" "APS FX Plug-in" "Creative Technology Ltd" "c:\windows\system32\drivers\cteapsfx.sys"
+ "CTEAPSFX.SYS" "APS FX Plug-in" "Creative Technology Ltd" "c:\windows\system32\drivers\cteapsfx.sys"
+ "CTEDSPFX" "E-MU E-DSP Effects Plugin Module" "Creative Technology Ltd" "c:\windows\system32\drivers\ctedspfx.sys"
+ "CTEDSPFX.SYS" "E-MU E-DSP Effects Plugin Module" "Creative Technology Ltd" "c:\windows\system32\drivers\ctedspfx.sys"
+ "CTEDSPIO" "E-MU E-DSP I/O Plugin" "Creative Technology Ltd" "c:\windows\system32\drivers\ctedspio.sys"
+ "CTEDSPIO.SYS" "E-MU E-DSP I/O Plugin" "Creative Technology Ltd" "c:\windows\system32\drivers\ctedspio.sys"
+ "CTEDSPSY" "E-MU E-DSP DSP System Plugin" "Creative Technology Ltd" "c:\windows\system32\drivers\ctedspsy.sys"
+ "CTEDSPSY.SYS" "E-MU E-DSP DSP System Plugin" "Creative Technology Ltd" "c:\windows\system32\drivers\ctedspsy.sys"
+ "CTERFXFX" "E-MU E-DSP Effects Plugin Module" "Creative Technology Ltd" "c:\windows\system32\drivers\cterfxfx.sys"
+ "CTERFXFX.SYS" "E-MU E-DSP Effects Plugin Module" "Creative Technology Ltd" "c:\windows\system32\drivers\cterfxfx.sys"
+ "CTEXFIFX" "Creative XFi Effects" "Creative Technology Ltd." "c:\windows\system32\drivers\ctexfifx.sys"
+ "CTEXFIFX.SYS" "Creative XFi Effects" "Creative Technology Ltd." "c:\windows\system32\drivers\ctexfifx.sys"
+ "CTHWIUT" "Creative Utility Effects" "Creative Technology Ltd." "c:\windows\system32\drivers\cthwiut.sys"
+ "CTHWIUT.SYS" "Creative Utility Effects" "Creative Technology Ltd." "c:\windows\system32\drivers\cthwiut.sys"
+ "ctprxy2k" "Creative Proxy Device Driver (WDM)" "Creative Technology Ltd" "c:\windows\system32\drivers\ctprxy2k.sys"
+ "CTSBLFX" "Creative SB FX Plug-in" "Creative Technology Ltd" "c:\windows\system32\drivers\ctsblfx.sys"
+ "CTSBLFX.SYS" "Creative SB FX Plug-in" "Creative Technology Ltd" "c:\windows\system32\drivers\ctsblfx.sys"
+ "ctsfm2k" "SoundFont® Manager (WDM)" "Creative Technology Ltd" "c:\windows\system32\drivers\ctsfm2k.sys"
+ "E1G60" "Intel® PRO/1000 Adapter NDIS 6 deserialized driver" "Intel Corporation" "c:\windows\system32\drivers\e1g6032e.sys"
+ "emupia" "E-mu Plug-in Architecture Driver (WDM)" "Creative Technology Ltd" "c:\windows\system32\drivers\emupia2k.sys"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "ha10kx2k" "Creative EMU10KX HAL (WDM)" "Creative Technology Ltd" "c:\windows\system32\drivers\ha10kx2k.sys"
+ "iLokDrvr" "iLok Kernel Driver" "" "c:\windows\system32\drivers\ilokdrvr.sys"
+ "IpInIp" "IP in IP Tunnel Driver" "" "File not found: system32\DRIVERS\ipinip.sys"
+ "MBAMProtector" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\windows\system32\drivers\mbam.sys"
+ "mlmolcp3" "MolCp III Driver" "MusicLab, Inc." "c:\windows\system32\drivers\mlmolcp3.sys"
+ "molcpeth" "MusicLab NDIS MolCpEth Protocol" "MusicLab, Inc." "c:\windows\system32\drivers\molcpeth.sys"
+ "nvlddmkm" "NVIDIA Windows Kernel Mode Driver, Version 285.62 " "NVIDIA Corporation" "c:\windows\system32\drivers\nvlddmkm.sys"
+ "NwlnkFlt" "IPX Traffic Filter Driver" "" "File not found: system32\DRIVERS\nwlnkflt.sys"
+ "NwlnkFwd" "IPX Traffic Forwarder Driver" "" "File not found: system32\DRIVERS\nwlnkfwd.sys"
+ "ossrv" "Creative OS Services Driver (WDM)" "Creative Technology Ltd." "c:\windows\system32\drivers\ctoss2k.sys"
+ "RTL8169" "Realtek 8101E/8168/8169 NDIS6 64-bit Driver " "Realtek Corporation " "c:\windows\system32\drivers\rtlh64.sys"
+ "RTL8192su" "Realtek RTL8192S USB NDIS Driver" "Realtek Semiconductor Corporation " "c:\windows\system32\drivers\rtl8192su.sys"
+ "SASDIFSV" "SASDIFSV64.SYS" "SUPERAdBlocker.com and SUPERAntiSpyware.com" "c:\program files\superantispyware\sasdifsv64.sys"
+ "SASKUTIL" "SASKUTIL64.SYS" "SUPERAdBlocker.com and SUPERAntiSpyware.com" "c:\program files\superantispyware\saskutil64.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "Tpkd" "64bit Tpkd Device Driver" "PACE Anti-Piracy, Inc." "c:\windows\system32\drivers\tpkd.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
+ "VIDC.FFDS" "ffdshow VFW" "" "c:\windows\system32\ff_vfw.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
"HKLM\Software\Classes\Filter" "" "" ""
+ "GroovePlayer" "GroovePlayer DLL" "Cakewalk" "c:\program files\cakewalk\shared dxi\groove player\grooveplayer.dll"
+ "Sony Amplitude Modulation" "Sony XFX 3 Plug-In Pack" "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio\sfppack3.dll"
+ "Sony Chorus" "Sony XFX 1 Plug-In Pack " "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio\sfppack1.dll"
+ "Sony Distortion" "Sony XFX 3 Plug-In Pack" "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio\sfppack3.dll"
+ "Sony Dither" "Sony TrackFX 1" "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio\sftrkfx1.dll"
+ "Sony ExpressFX Amplitude Modulation" "Sony ExpressFX 2 " "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio\sfxpfx2.dll"
+ "Sony ExpressFX Audio Restoration" "Sony ExpressFX Audio Restoration" "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio\xpvinyl.dll"
+ "Sony ExpressFX Chorus" "Sony ExpressFX 2 " "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio\sfxpfx2.dll"
+ "Sony ExpressFX Delay" "Sony ExpressFX 2 " "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio\sfxpfx2.dll"
+ "Sony ExpressFX Distortion" "Sony ExpressFX 1" "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio\sfxpfx1.dll"
+ "Sony ExpressFX Dynamics" "Sony ExpressFX 3 " "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio\sfxpfx3.dll"
+ "Sony ExpressFX Equalization" "Sony ExpressFX 2 " "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio\sfxpfx2.dll"
+ "Sony ExpressFX Flange/Wah-Wah" "Sony ExpressFX 1" "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio\sfxpfx1.dll"
+ "Sony ExpressFX Graphic EQ" "Sony ExpressFX 3 " "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio\sfxpfx3.dll"
+ "Sony ExpressFX Noise Gate" "Sony ExpressFX 3 " "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio\sfxpfx3.dll"
+ "Sony ExpressFX Reverb" "Sony ExpressFX 1" "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio\sfxpfx1.dll"
+ "Sony ExpressFX Stutter" "Sony ExpressFX 1" "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio\sfxpfx1.dll"
+ "Sony ExpressFX Time Stretch" "Sony ExpressFX 3 " "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio\sfxpfx3.dll"
+ "Sony Flange/Wah-wah" "Sony XFX 3 Plug-In Pack" "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio\sfppack3.dll"
+ "Sony Gapper/Snipper" "Sony XFX 3 Plug-In Pack" "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio\sfppack3.dll"
+ "Sony Graphic Dynamics" "Sony XFX 2 Plug-In Pack" "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio\sfppack2.dll"
+ "Sony Graphic EQ" "Sony XFX 2 Plug-In Pack" "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio\sfppack2.dll"
+ "Sony Multi-Band Dynamics" "Sony XFX 2 Plug-In Pack" "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio\sfppack2.dll"
+ "Sony Multi-Tap Delay" "Sony XFX 1 Plug-In Pack " "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio\sfppack1.dll"
+ "Sony Noise Gate" "Sony XFX 2 Plug-In Pack" "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio\sfppack2.dll"
+ "Sony Pan" "Sound Forge Pan and Volume 1" "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio\sffrgpnv.dll"
+ "Sony Paragraphic EQ" "Sony XFX 2 Plug-In Pack" "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio\sfppack2.dll"
+ "Sony Parametric EQ" "Sony XFX 2 Plug-In Pack" "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio\sfppack2.dll"
+ "Sony Pitch Shift" "Sony XFX 1 Plug-In Pack " "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio\sfppack1.dll"
+ "Sony Resonant Filter" "Sony Resonant Filter" "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio\sfresfilter.dll"
+ "Sony Reverb" "Sony XFX 1 Plug-In Pack " "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio\sfppack1.dll"
+ "Sony Simple Delay" "Sony XFX 1 Plug-In Pack " "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio\sfppack1.dll"
+ "Sony Smooth/Enhance" "Sony XFX 3 Plug-In Pack" "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio\sfppack3.dll"
+ "Sony Time Stretch" "Sony XFX 1 Plug-In Pack " "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio\sfppack1.dll"
+ "Sony Track Compressor" "Sony TrackFX 1" "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio\sftrkfx1.dll"
+ "Sony Track EQ" "Sony TrackFX 1" "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio\sftrkfx1.dll"
+ "Sony Track Noise Gate" "Sony TrackFX 1" "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio\sftrkfx1.dll"
+ "Sony Vibrato" "Sony XFX 3 Plug-In Pack" "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio\sfppack3.dll"
+ "Sony Volume" "Sound Forge Pan and Volume 1" "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio\sffrgpnv.dll"
+ "Waves AudioTrack" "AudioTrack" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\audiotrack.dll"
+ "Waves AudioTrack" "AudioTrack" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\audiotrack.dll"
+ "Waves AudioTrack Mono" "AudioTrack" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\audiotrack.dll"
+ "Waves AudioTrack Mono" "AudioTrack" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\audiotrack.dll"
+ "Waves C1 comp" "C1" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\c1.dll"
+ "Waves C1 comp" "C1" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\c1.dll"
+ "Waves C1 comp Mono" "C1" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\c1.dll"
+ "Waves C1 comp Mono" "C1" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\c1.dll"
+ "Waves C1 comp-gate" "C1" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\c1.dll"
+ "Waves C1 comp-gate" "C1" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\c1.dll"
+ "Waves C1 comp-gate Mono" "C1" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\c1.dll"
+ "Waves C1 comp-gate Mono" "C1" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\c1.dll"
+ "Waves C1 comp-sc" "C1" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\c1.dll"
+ "Waves C1 comp-sc" "C1" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\c1.dll"
+ "Waves C1 comp-sc Mono" "C1" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\c1.dll"
+ "Waves C1 comp-sc Mono" "C1" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\c1.dll"
+ "Waves C1 gate" "C1" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\c1.dll"
+ "Waves C1 gate" "C1" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\c1.dll"
+ "Waves C1 gate Mono" "C1" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\c1.dll"
+ "Waves C1 gate Mono" "C1" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\c1.dll"
+ "Waves C4" "C4" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\c4.dll"
+ "Waves C4" "C4" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\c4.dll"
+ "Waves C4 Mono" "C4" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\c4.dll"
+ "Waves C4 Mono" "C4" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\c4.dll"
+ "Waves DeEsser" "DeEsser" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\deesser.dll"
+ "Waves DeEsser" "DeEsser" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\deesser.dll"
+ "Waves DeEsser Mono" "DeEsser" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\deesser.dll"
+ "Waves DeEsser Mono" "DeEsser" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\deesser.dll"
+ "Waves DLA" "DLA" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\dla.dll"
+ "Waves DLA C1" "DLA" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\dla.dll"
+ "Waves DLA C1 Mono" "DLA" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\dla.dll"
+ "Waves DLA L1" "DLA" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\dla.dll"
+ "Waves DLA L1 Mono" "DLA" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\dla.dll"
+ "Waves DLA Mono" "DLA" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\dla.dll"
+ "Waves DLA Plus" "DLA" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\dla.dll"
+ "Waves DLA Plus" "DLA" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\dla.dll"
+ "Waves DLA UltraPitch" "DLA" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\dla.dll"
+ "Waves DLA UltraPitch Mono" "DLA" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\dla.dll"
+ "Waves DLA X" "DLA" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\dla.dll"
+ "Waves DLA XL" "DLA" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\dla.dll"
+ "Waves DLA XLB" "DLA" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\dla.dll"
+ "Waves Doppler" "Doppler" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\doppler.dll"
+ "Waves Doppler" "Doppler" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\doppler.dll"
+ "Waves Doppler m/s" "Doppler" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\doppler.dll"
+ "Waves Doppler m/s" "Doppler" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\doppler.dll"
+ "Waves Doubler 2" "Doubler" "Waves Audio Ltd" "c:\program files (x86)\waves\plug-ins\doubler.dll"
+ "Waves Doubler 2" "Doubler" "Waves Audio Ltd" "c:\program files (x86)\waves\plug-ins\doubler.dll"
+ "Waves Doubler 2 m/s" "Doubler" "Waves Audio Ltd" "c:\program files (x86)\waves\plug-ins\doubler.dll"
+ "Waves Doubler 2 m/s" "Doubler" "Waves Audio Ltd" "c:\program files (x86)\waves\plug-ins\doubler.dll"
+ "Waves Doubler 2 Mono" "Doubler" "Waves Audio Ltd" "c:\program files (x86)\waves\plug-ins\doubler.dll"
+ "Waves Doubler 2 Mono" "Doubler" "Waves Audio Ltd" "c:\program files (x86)\waves\plug-ins\doubler.dll"
+ "Waves Doubler 4" "Doubler" "Waves Audio Ltd" "c:\program files (x86)\waves\plug-ins\doubler.dll"
+ "Waves Doubler 4" "Doubler" "Waves Audio Ltd" "c:\program files (x86)\waves\plug-ins\doubler.dll"
+ "Waves Doubler 4 m/s" "Doubler" "Waves Audio Ltd" "c:\program files (x86)\waves\plug-ins\doubler.dll"
+ "Waves Doubler 4 m/s" "Doubler" "Waves Audio Ltd" "c:\program files (x86)\waves\plug-ins\doubler.dll"
+ "Waves Doubler 4 Mono" "Doubler" "Waves Audio Ltd" "c:\program files (x86)\waves\plug-ins\doubler.dll"
+ "Waves Doubler 4 Mono" "Doubler" "Waves Audio Ltd" "c:\program files (x86)\waves\plug-ins\doubler.dll"
+ "Waves Enigma" "Enigma" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\enigma.dll"
+ "Waves Enigma" "Enigma" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\enigma.dll"
+ "Waves Enigma m/s" "Enigma" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\enigma.dll"
+ "Waves Enigma m/s" "Enigma" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\enigma.dll"
+ "Waves IDR" "IDR" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\idr.dll"
+ "Waves IDR" "IDR" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\idr.dll"
+ "Waves IDR Mono" "IDR" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\idr.dll"
+ "Waves IDR Mono" "IDR" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\idr.dll"
+ "Waves L1-Ultramaximizer" "L1" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\l1.dll"
+ "Waves L1-Ultramaximizer" "L1" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\l1.dll"
+ "Waves L1-Ultramaximizer Mono" "L1" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\l1.dll"
+ "Waves L1-Ultramaximizer Mono" "L1" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\l1.dll"
+ "Waves L1-Ultramaximizer+" "L1" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\l1.dll"
+ "Waves L1-Ultramaximizer+" "L1" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\l1.dll"
+ "Waves L2" "L2" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\l2.dll"
+ "Waves L2" "L2" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\l2.dll"
+ "Waves LinEq Broadband" "LinEq" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\lineq.dll"
+ "Waves LinEq Broadband" "LinEq" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\lineq.dll"
+ "Waves LinEq Broadband Mono" "LinEq" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\lineq.dll"
+ "Waves LinEq Broadband Mono" "LinEq" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\lineq.dll"
+ "Waves LinEq Lowband" "LinEq" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\lineq.dll"
+ "Waves LinEq Lowband" "LinEq" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\lineq.dll"
+ "Waves LinEq Lowband Mono" "LinEq" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\lineq.dll"
+ "Waves LinEq Lowband Mono" "LinEq" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\lineq.dll"
+ "Waves LinMB" "LinMB" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\linmb.dll"
+ "Waves LinMB" "LinMB" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\linmb.dll"
+ "Waves LinMB Mono" "LinMB" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\linmb.dll"
+ "Waves LinMB Mono" "LinMB" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\linmb.dll"
+ "Waves MaxxBass" "MaxxBass" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\maxxbass.dll"
+ "Waves MaxxBass" "MaxxBass" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\maxxbass.dll"
+ "Waves MaxxBass Mono" "MaxxBass" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\maxxbass.dll"
+ "Waves MaxxBass Mono" "MaxxBass" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\maxxbass.dll"
+ "Waves MetaFlanger" "MetaFlanger" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\metaflanger.dll"
+ "Waves MetaFlanger" "MetaFlanger" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\metaflanger.dll"
+ "Waves MetaFlanger m/s" "MetaFlanger" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\metaflanger.dll"
+ "Waves MetaFlanger m/s" "MetaFlanger" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\metaflanger.dll"
+ "Waves MetaFlanger Mono" "MetaFlanger" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\metaflanger.dll"
+ "Waves MetaFlanger Mono" "MetaFlanger" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\metaflanger.dll"
+ "Waves MondoMod" "MondoMod" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\mondomod.dll"
+ "Waves MondoMod" "MondoMod" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\mondomod.dll"
+ "Waves MondoMod m/s" "MondoMod" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\mondomod.dll"
+ "Waves MondoMod m/s" "MondoMod" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\mondomod.dll"
+ "Waves MondoMod Mono" "MondoMod" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\mondomod.dll"
+ "Waves MondoMod Mono" "MondoMod" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\mondomod.dll"
+ "Waves Morphoder" "Morphoder" "Waves Audio Ltd" "c:\program files (x86)\waves\plug-ins\morphoder.dll"
+ "Waves Morphoder" "Morphoder" "Waves Audio Ltd" "c:\program files (x86)\waves\plug-ins\morphoder.dll"
+ "Waves Morphoder m/s" "Morphoder" "Waves Audio Ltd" "c:\program files (x86)\waves\plug-ins\morphoder.dll"
+ "Waves Morphoder m/s" "Morphoder" "Waves Audio Ltd" "c:\program files (x86)\waves\plug-ins\morphoder.dll"
+ "Waves Morphoder Mono" "Morphoder" "Waves Audio Ltd" "c:\program files (x86)\waves\plug-ins\morphoder.dll"
+ "Waves Morphoder Mono" "Morphoder" "Waves Audio Ltd" "c:\program files (x86)\waves\plug-ins\morphoder.dll"
+ "Waves PAZ Analyzer" "PAZ" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\paz.dll"
+ "Waves PAZ Analyzer" "PAZ" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\paz.dll"
+ "Waves PAZ Frequency" "PAZ" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\paz.dll"
+ "Waves PAZ Frequency" "PAZ" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\paz.dll"
+ "Waves PAZ Frequency Mono" "PAZ" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\paz.dll"
+ "Waves PAZ Frequency Mono" "PAZ" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\paz.dll"
+ "Waves PAZ Meters" "PAZ" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\paz.dll"
+ "Waves PAZ Meters" "PAZ" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\paz.dll"
+ "Waves PAZ Meters Mono" "PAZ" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\paz.dll"
+ "Waves PAZ Meters Mono" "PAZ" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\paz.dll"
+ "Waves PAZ Position" "PAZ" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\paz.dll"
+ "Waves PAZ Position" "PAZ" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\paz.dll"
+ "Waves PS22 Split" "PS22" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\ps22.dll"
+ "Waves PS22 Split m/s" "PS22" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\ps22.dll"
+ "Waves PS22 Spread" "PS22" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\ps22.dll"
+ "Waves PS22 Spread m/s" "PS22" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\ps22.dll"
+ "Waves PS22 Spread(10)" "PS22" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\ps22.dll"
+ "Waves PS22 Spread(10) m/s" "PS22" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\ps22.dll"
+ "Waves PS22 XSplit" "PS22" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\ps22.dll"
+ "Waves PS22 XSplit m/s" "PS22" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\ps22.dll"
+ "Waves Q1-Paragraphic EQ" "Qn" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\qn.dll"
+ "Waves Q1-Paragraphic EQ" "Qn" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\qn.dll"
+ "Waves Q1-Paragraphic EQ Mono" "Qn" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\qn.dll"
+ "Waves Q1-Paragraphic EQ Mono" "Qn" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\qn.dll"
+ "Waves Q10-Paragraphic EQ" "Qn" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\qn.dll"
+ "Waves Q10-Paragraphic EQ" "Qn" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\qn.dll"
+ "Waves Q10-Paragraphic EQ Mono" "Qn" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\qn.dll"
+ "Waves Q10-Paragraphic EQ Mono" "Qn" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\qn.dll"
+ "Waves Q2-Paragraphic EQ" "Qn" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\qn.dll"
+ "Waves Q2-Paragraphic EQ" "Qn" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\qn.dll"
+ "Waves Q2-Paragraphic EQ Mono" "Qn" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\qn.dll"
+ "Waves Q2-Paragraphic EQ Mono" "Qn" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\qn.dll"
+ "Waves Q3-Paragraphic EQ" "Qn" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\qn.dll"
+ "Waves Q3-Paragraphic EQ" "Qn" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\qn.dll"
+ "Waves Q3-Paragraphic EQ Mono" "Qn" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\qn.dll"
+ "Waves Q3-Paragraphic EQ Mono" "Qn" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\qn.dll"
+ "Waves Q4-Paragraphic EQ" "Qn" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\qn.dll"
+ "Waves Q4-Paragraphic EQ" "Qn" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\qn.dll"
+ "Waves Q4-Paragraphic EQ Mono" "Qn" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\qn.dll"
+ "Waves Q4-Paragraphic EQ Mono" "Qn" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\qn.dll"
+ "Waves Q6-Paragraphic EQ" "Qn" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\qn.dll"
+ "Waves Q6-Paragraphic EQ" "Qn" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\qn.dll"
+ "Waves Q6-Paragraphic EQ Mono" "Qn" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\qn.dll"
+ "Waves Q6-Paragraphic EQ Mono" "Qn" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\qn.dll"
+ "Waves Q8-Paragraphic EQ" "Qn" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\qn.dll"
+ "Waves Q8-Paragraphic EQ" "Qn" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\qn.dll"
+ "Waves Q8-Paragraphic EQ Mono" "Qn" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\qn.dll"
+ "Waves Q8-Paragraphic EQ Mono" "Qn" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\qn.dll"
+ "Waves RBass" "Renaissance Bass" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\rbass.dll"
+ "Waves RBass" "Renaissance Bass" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\rbass.dll"
+ "Waves RBass Mono" "Renaissance Bass" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\rbass.dll"
+ "Waves RBass Mono" "Renaissance Bass" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\rbass.dll"
+ "Waves RChannel" "RChannel" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\rchannel.dll"
+ "Waves RChannel" "RChannel" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\rchannel.dll"
+ "Waves RChannel m/s" "RChannel" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\rchannel.dll"
+ "Waves RChannel m/s" "RChannel" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\rchannel.dll"
+ "Waves RChannel Mono" "RChannel" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\rchannel.dll"
+ "Waves RChannel Mono" "RChannel" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\rchannel.dll"
+ "Waves RComp" "RCL" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\rcl.dll"
+ "Waves RComp" "RCL" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\rcl.dll"
+ "Waves RComp Mono" "RCL" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\rcl.dll"
+ "Waves RComp Mono" "RCL" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\rcl.dll"
+ "Waves RDeEsser" "Renaissance DeEsser" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\rdeesser.dll"
+ "Waves RDeEsser" "Renaissance DeEsser" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\rdeesser.dll"
+ "Waves RDeEsser Mono" "Renaissance DeEsser" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\rdeesser.dll"
+ "Waves RDeEsser Mono" "Renaissance DeEsser" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\rdeesser.dll"
+ "Waves REQ 2 bands" "REQ" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\req.dll"
+ "Waves REQ 2 bands" "REQ" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\req.dll"
+ "Waves REQ 2 bands Mono" "REQ" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\req.dll"
+ "Waves REQ 2 bands Mono" "REQ" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\req.dll"
+ "Waves REQ 4 bands" "REQ" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\req.dll"
+ "Waves REQ 4 bands" "REQ" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\req.dll"
+ "Waves REQ 4 bands Mono" "REQ" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\req.dll"
+ "Waves REQ 4 bands Mono" "REQ" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\req.dll"
+ "Waves REQ 6 bands" "REQ" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\req.dll"
+ "Waves REQ 6 bands" "REQ" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\req.dll"
+ "Waves REQ 6 bands Mono" "REQ" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\req.dll"
+ "Waves REQ 6 bands Mono" "REQ" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\req.dll"
+ "Waves RVerb" "RVerb" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\rverb.dll"
+ "Waves RVerb" "RVerb" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\rverb.dll"
+ "Waves RVerb Compact" "RVerb" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\rverb.dll"
+ "Waves RVerb Compact m/s" "RVerb" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\rverb.dll"
+ "Waves RVerb m/s" "RVerb" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\rverb.dll"
+ "Waves RVerb m/s" "RVerb" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\rverb.dll"
+ "Waves RVox" "RVox" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\rvox.dll"
+ "Waves RVox" "RVox" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\rvox.dll"
+ "Waves RVox Mono" "RVox" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\rvox.dll"
+ "Waves RVox Mono" "RVox" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\rvox.dll"
+ "Waves S1(48)-Shuffler" "S1" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\s1.dll"
+ "Waves S1-Imager" "S1" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\s1.dll"
+ "Waves S1-Imager" "S1" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\s1.dll"
+ "Waves S1-MS Matrix" "S1" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\s1.dll"
+ "Waves S1-MS Matrix" "S1" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\s1.dll"
+ "Waves S1-Shuffler" "S1" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\s1.dll"
+ "Waves S1-Shuffler" "S1" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\s1.dll"
+ "Waves SoundShifter G Offline" "SoundShifter" "Waves Audio Ltd" "c:\program files (x86)\waves\plug-ins\soundshifter.dll"
+ "Waves SoundShifter G Offline Mono" "SoundShifter" "Waves Audio Ltd" "c:\program files (x86)\waves\plug-ins\soundshifter.dll"
+ "Waves SoundShifter P" "SoundShifter" "Waves Audio Ltd" "c:\program files (x86)\waves\plug-ins\soundshifter.dll"
+ "Waves SoundShifter P Mono" "SoundShifter" "Waves Audio Ltd" "c:\program files (x86)\waves\plug-ins\soundshifter.dll"
+ "Waves SoundShifter P Offline" "SoundShifter" "Waves Audio Ltd" "c:\program files (x86)\waves\plug-ins\soundshifter.dll"
+ "Waves SoundShifter P Offline Mono" "SoundShifter" "Waves Audio Ltd" "c:\program files (x86)\waves\plug-ins\soundshifter.dll"
+ "Waves SuperTap 2-Taps 6 sec" "SuperTap" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\supertap.dll"
+ "Waves SuperTap 2-Taps 6 sec m/s" "SuperTap" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\supertap.dll"
+ "Waves SuperTap 2-Taps 6 sec Mono" "SuperTap" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\supertap.dll"
+ "Waves SuperTap 2-Taps Mod" "SuperTap" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\supertap.dll"
+ "Waves SuperTap 2-Taps Mod" "SuperTap" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\supertap.dll"
+ "Waves SuperTap 2-Taps Mod m/s" "SuperTap" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\supertap.dll"
+ "Waves SuperTap 2-Taps Mod m/s" "SuperTap" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\supertap.dll"
+ "Waves SuperTap 2-Taps Mod Mono" "SuperTap" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\supertap.dll"
+ "Waves SuperTap 2-Taps Mod Mono" "SuperTap" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\supertap.dll"
+ "Waves SuperTap 6-Taps 6 sec" "SuperTap" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\supertap.dll"
+ "Waves SuperTap 6-Taps 6 sec m/s" "SuperTap" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\supertap.dll"
+ "Waves SuperTap 6-Taps 6 sec Mono" "SuperTap" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\supertap.dll"
+ "Waves SuperTap 6-Taps Mod" "SuperTap" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\supertap.dll"
+ "Waves SuperTap 6-Taps Mod" "SuperTap" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\supertap.dll"
+ "Waves SuperTap 6-Taps Mod m/s" "SuperTap" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\supertap.dll"
+ "Waves SuperTap 6-Taps Mod m/s" "SuperTap" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\supertap.dll"
+ "Waves SuperTap 6-Taps Mod Mono" "SuperTap" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\supertap.dll"
+ "Waves SuperTap 6-Taps Mod Mono" "SuperTap" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\supertap.dll"
+ "Waves TransX Multi" "Trans-X" "Waves Audio Ltd" "c:\program files (x86)\waves\plug-ins\transx.dll"
+ "Waves TransX Multi" "Trans-X" "Waves Audio Ltd" "c:\program files (x86)\waves\plug-ins\transx.dll"
+ "Waves TransX Multi Mono" "Trans-X" "Waves Audio Ltd" "c:\program files (x86)\waves\plug-ins\transx.dll"
+ "Waves TransX Multi Mono" "Trans-X" "Waves Audio Ltd" "c:\program files (x86)\waves\plug-ins\transx.dll"
+ "Waves TransX Wide" "Trans-X" "Waves Audio Ltd" "c:\program files (x86)\waves\plug-ins\transx.dll"
+ "Waves TransX Wide" "Trans-X" "Waves Audio Ltd" "c:\program files (x86)\waves\plug-ins\transx.dll"
+ "Waves TransX Wide Mono" "Trans-X" "Waves Audio Ltd" "c:\program files (x86)\waves\plug-ins\transx.dll"
+ "Waves TransX Wide Mono" "Trans-X" "Waves Audio Ltd" "c:\program files (x86)\waves\plug-ins\transx.dll"
+ "Waves TrueVerb" "TrueVerb" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\trueverb.dll"
+ "Waves TrueVerb" "TrueVerb" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\trueverb.dll"
+ "Waves TrueVerb m/s" "TrueVerb" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\trueverb.dll"
+ "Waves TrueVerb m/s" "TrueVerb" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\trueverb.dll"
+ "Waves TrueVerb Mono" "TrueVerb" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\trueverb.dll"
+ "Waves UltraPitch 3-Voice" "UltraPitch" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\ultrapitch.dll"
+ "Waves UltraPitch 3-Voice m/s" "UltraPitch" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\ultrapitch.dll"
+ "Waves UltraPitch 3-Voice m/s" "UltraPitch" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\ultrapitch.dll"
+ "Waves UltraPitch 3-Voice Mono" "UltraPitch" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\ultrapitch.dll"
+ "Waves UltraPitch 3-Voice Mono" "UltraPitch" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\ultrapitch.dll"
+ "Waves UltraPitch 6-Voice" "UltraPitch" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\ultrapitch.dll"
+ "Waves UltraPitch 6-Voice m/s" "UltraPitch" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\ultrapitch.dll"
+ "Waves UltraPitch 6-Voice m/s" "UltraPitch" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\ultrapitch.dll"
+ "Waves UltraPitch 6-Voice Mono" "UltraPitch" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\ultrapitch.dll"
+ "Waves UltraPitch 6-Voice Mono" "UltraPitch" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\ultrapitch.dll"
+ "Waves UltraPitch Shift" "UltraPitch" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\ultrapitch.dll"
+ "Waves UltraPitch Shift m/s" "UltraPitch" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\ultrapitch.dll"
+ "Waves UltraPitch Shift m/s" "UltraPitch" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\ultrapitch.dll"
+ "Waves UltraPitch Shift Mono" "UltraPitch" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\ultrapitch.dll"
+ "Waves UltraPitch Shift Mono" "UltraPitch" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\ultrapitch.dll"
+ "Waves X-Click" "X-Click" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\xclick.dll"
+ "Waves X-Click" "X-Click" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\xclick.dll"
+ "Waves X-Click Mono" "X-Click" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\xclick.dll"
+ "Waves X-Click Mono" "X-Click" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\xclick.dll"
+ "Waves X-Crackle" "X-Crackle" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\xcrackle.dll"
+ "Waves X-Crackle" "X-Crackle" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\xcrackle.dll"
+ "Waves X-Crackle Mono" "X-Crackle" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\xcrackle.dll"
+ "Waves X-Crackle Mono" "X-Crackle" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\xcrackle.dll"
+ "Waves X-Hum" "X-Hum" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\xhum.dll"
+ "Waves X-Hum" "X-Hum" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\xhum.dll"
+ "Waves X-Hum Mono" "X-Hum" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\xhum.dll"
+ "Waves X-Hum Mono" "X-Hum" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\xhum.dll"
+ "Waves X-Noise" "X-Noise" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\xnoise.dll"
+ "Waves X-Noise" "X-Noise" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\xnoise.dll"
+ "Waves X-Noise Mono" "X-Noise" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\xnoise.dll"
+ "Waves X-Noise Mono" "X-Noise" "Waves Audio LTD" "c:\program files (x86)\waves\plug-ins\xnoise.dll"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "9x8Resize" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "AC3File" "" "" "c:\program files\k-lite codec pack x64\filters\ac3file64.ax"
+ "Allocator Fix" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Bitmap" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Cakewalk Analyst" "Analyst DLL" "" "c:\program files\cakewalk\shared plugins\analyst.dll"
+ "Cakewalk TTS-1" "Cakewalk TTS-1 HQ Software Synthesizer" "Twelve Tone Systems Inc." "c:\program files\cakewalk\shared dxi\tts-1\tts-1.dll"
+ "Capture ASF Writer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Cyclone" "Cakewalk Cyclone" "Cakewalk, Inc.." "c:\program files\cakewalk\shared dxi\cyclone\cyclone.dll"
+ "DirectVobSub" "VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth" "MPC-HC Team" "c:\program files\k-lite codec pack x64\filters\vsfilter.dll"
+ "DirectVobSub (auto-loading version)" "VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth" "MPC-HC Team" "c:\program files\k-lite codec pack x64\filters\vsfilter.dll"
+ "ffdshow Audio Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\k-lite codec pack x64\ffdshow\ffdshow.ax"
+ "ffdshow Audio Processor" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\k-lite codec pack x64\ffdshow\ffdshow.ax"
+ "ffdshow DXVA Video Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\k-lite codec pack x64\ffdshow\ffdshow.ax"
+ "ffdshow raw video filter" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\k-lite codec pack x64\ffdshow\ffdshow.ax"
+ "ffdshow subtitles filter" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\k-lite codec pack x64\ffdshow\ffdshow.ax"
+ "ffdshow Video Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\k-lite codec pack x64\ffdshow\ffdshow.ax"
+ "Frame Eater" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Haali Matroska Muxer" "Haali Media Splitter" "" "c:\program files\k-lite codec pack x64\filters\haali\splitter.x64.ax"
+ "Haali Media Splitter" "Haali Media Splitter" "" "c:\program files\k-lite codec pack x64\filters\haali\splitter.x64.ax"
+ "Haali Media Splitter (AR)" "Haali Media Splitter" "" "c:\program files\k-lite codec pack x64\filters\haali\splitter.x64.ax"
+ "Haali Simple Media Splitter" "Haali Media Splitter" "" "c:\program files\k-lite codec pack x64\filters\haali\splitter.x64.ax"
+ "Haali Video Sink" "Haali Media Splitter" "" "c:\program files\k-lite codec pack x64\filters\haali\splitter.x64.ax"
+ "LAV Audio Decoder" "LAV Audio Decoder - DirectShow Audio Decoder" "1f0.de - Hendrik Leppkes" "c:\program files\k-lite codec pack x64\filters\lav\lavaudio.ax"
+ "LAV Splitter" "LAV Splitter - DirectShow Media Splitter" "1f0.de - Hendrik Leppkes" "c:\program files\k-lite codec pack x64\filters\lav\lavsplitter.ax"
+ "LAV Splitter Source" "LAV Splitter - DirectShow Media Splitter" "1f0.de - Hendrik Leppkes" "c:\program files\k-lite codec pack x64\filters\lav\lavsplitter.ax"
+ "LAV Video Decoder" "LAV Video Decoder - DirectShow Video Decoder" "1f0.de - Hendrik Leppkes" "c:\program files\k-lite codec pack x64\filters\lav\lavvideo.ax"
+ "MPC - CDXA Reader" "CDXA Reader Filter" "MPC-HC Team" "c:\program files\k-lite codec pack x64\filters\cdxareader.ax"
+ "Multiple File Output" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Pentagon I" "P1DXi DLL" "" "c:\program files\cakewalk\shared dxi\pentagon i\p1dxi.dll"
+ "Proxy Sink" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Proxy Source" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "PSYN II" "" "" "c:\program files\cakewalk\shared dxi\psynii\psyn ii.dll"
+ "Record Queue" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Roland GrooveSynth" "GrooveSynth Software Synthesizer" "Cakewalk / Roland" "c:\program files\cakewalk\shared dxi\p5antom\p5antom.dll"
+ "ShotDetect" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Sonitus:fx Compressor" "Cakewalk Sonitus fx:compressor plug-in" "Cakewalk, Inc.." "c:\program files\cakewalk\shared plugins\sonitusfxcompressor.dll"
+ "Sonitus:fx Delay" "Cakewalk Sonitus fx:delay plug-in" "Cakewalk, Inc.." "c:\program files\cakewalk\shared plugins\sonitusfxdelay.dll"
+ "Sonitus:fx Equalizer" "Cakewalk Sonitus fx:equalizer plug-in" "Cakewalk, Inc.." "c:\program files\cakewalk\shared plugins\sonitusfxequalizer.dll"
+ "Sonitus:fx Gate" "Cakewalk Sonitus fx:gate plug-in" "Cakewalk, Inc.." "c:\program files\cakewalk\shared plugins\sonitusfxgate.dll"
+ "Sonitus:fx Modulator" "Cakewalk Sonitus fx:modulator plug-in" "Cakewalk, Inc.." "c:\program files\cakewalk\shared plugins\sonitusfxmodulator.dll"
+ "Sonitus:fx Multiband" "Cakewalk Sonitus fx:multiband plug-in" "Cakewalk, Inc.." "c:\program files\cakewalk\shared plugins\sonitusfxmultiband.dll"
+ "Sonitus:fx Phase" "Cakewalk Sonitus fx:phase plug-in" "Cakewalk, Inc.." "c:\program files\cakewalk\shared plugins\sonitusfxphase.dll"
+ "Sonitus:fx Reverb" "Cakewalk Sonitus fx:reverb plug-in" "Cakewalk, Inc.." "c:\program files\cakewalk\shared plugins\sonitusfxreverb.dll"
+ "Sonitus:fx Surround" "Cakewalk Sonitus fx:surround plug-in" "Cakewalk, Inc.." "c:\program files\cakewalk\shared plugins\sonitusfxsurround.dll"
+ "Sonitus:fx SurroundComp" "Cakewalk Sonitus:fx Surround Compressor plug-in" "Cakewalk, Inc.." "c:\program files\cakewalk\shared plugins\sonitusfxsurroundcompressor.dll"
+ "Sonitus:fx Wahwah" "Cakewalk Sonitus fx:wahwah plug-in" "Cakewalk, Inc.." "c:\program files\cakewalk\shared plugins\sonitusfxwahwah.dll"
+ "Stetch" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WM VIH2 Fix" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Audio Analyzer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Black Frame Generator" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT DV Extract Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT FormatConversion" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Import Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Interlacer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Log Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT MuxDeMux Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Sample Info Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Switch Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Renderer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Source" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Volume" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "Audio Source" "Windows Media Preview Object" "Microsoft Corporation" "c:\program files (x86)\windows media components\encoder\wmprevu.dll"
+ "DivX for Blizzard Decoder Filter" "DivX ™ Decoder Filter" "DivXNetworks, Inc." "e:\warcraft 3\warcraft iii\blizzard.ax"
+ "Record Queue" "WME Record Queue" "Microsoft Corporation" "c:\program files (x86)\windows media components\encoder\wmedque.dll"
+ "Video Source" "Windows Media Preview Object" "Microsoft Corporation" "c:\program files (x86)\windows media components\encoder\wmprevu.dll"
+ "WMEnc Screen Capture Filter" "WMESrcWp Module" "Microsoft Corporation" "c:\program files (x86)\windows media components\encoder\wmesrcwp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "LIDIL hpzlllhn" "LanguageMonitor" "Hewlett-Packard Company" "c:\windows\system32\hpzlllhn.dll"
"C:\Users\VisionDAW User\AppData\Local\Microsoft\Windows Sidebar\Settings.ini" "" "" ""
+ "Clock" "Watch the clock in your own time zone or any city in the world." "Microsoft Corporation" "C:\Program Files\windows sidebar\gadgets\Clock.gadget\en-US\Gadget.xml"
+ "Feed Headlines" "Track the latest news, sports, and entertainment headlines." "Microsoft Corporation" "C:\Program Files\windows sidebar\gadgets\RSSFeeds.Gadget\en-US\Gadget.xml"
+ "Slide Show" "Show a continuous slide show of your pictures." "Microsoft Corporation" "C:\Program Files\windows sidebar\gadgets\SlideShow.Gadget\en-US\Gadget.xml"


Thanks again for your help! Please let me know what the next step is.

#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:53 PM

Posted 14 September 2012 - 01:16 PM

That looks good

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows-vista/Turn-System-Restore-on-or-off

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp

Update your flash player

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users