Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Virus and sound


  • Please log in to reply
27 replies to this topic

#1 tomuksas

tomuksas

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:02:01 PM

Posted 14 September 2012 - 12:54 PM

My friend somehow installed fake antivirus live platinum security. I tried to scan with avira but when it reached one file, avira suggested to restart pc and perform deep scan. After i did this, it was the same so i pressed no and final result was 2 viruses. After restart fake antivirus still exists, so i installed malwerabyte anti-malware, the result - 20+ infesctions which i deleted( deleted fake antivirus too). After restart here was no sound( we cant find an audio device), cd-rom cant read disks(only bootable ones), i cant open HD VDeck and i cant see virtual devices in my computer. I cant find found video, audio and game graph in devices and priters. Avira still found some sort of viruses, malwarebyte is blocking something... Any suggestions?

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:01 PM

Posted 14 September 2012 - 01:12 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 tomuksas

tomuksas
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:02:01 PM

Posted 14 September 2012 - 02:51 PM

21:17:59.0593 1600 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
21:17:59.0893 1600 ============================================================
21:17:59.0893 1600 Current date / time: 2012/09/14 21:17:59.0893
21:17:59.0893 1600 SystemInfo:
21:17:59.0893 1600
21:17:59.0893 1600 OS Version: 6.1.7601 ServicePack: 1.0
21:17:59.0893 1600 Product type: Workstation
21:17:59.0893 1600 ComputerName: TOMAS-PC
21:17:59.0893 1600 UserName: Tomas
21:17:59.0893 1600 Windows directory: C:\Windows
21:17:59.0893 1600 System windows directory: C:\Windows
21:17:59.0893 1600 Processor architecture: Intel x86
21:17:59.0893 1600 Number of processors: 4
21:17:59.0893 1600 Page size: 0x1000
21:17:59.0893 1600 Boot type: Normal boot
21:17:59.0893 1600 ============================================================
21:18:00.0853 1600 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
21:18:00.0863 1600 ============================================================
21:18:00.0863 1600 \Device\Harddisk0\DR0:
21:18:00.0863 1600 MBR partitions:
21:18:00.0863 1600 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x2D08D2B8
21:18:00.0863 1600 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2D08D2F7, BlocksNum 0xD2F794A
21:18:00.0863 1600 ============================================================
21:18:00.0883 1600 C: <-> \Device\Harddisk0\DR0\Partition1
21:18:00.0923 1600 D: <-> \Device\Harddisk0\DR0\Partition2
21:18:00.0923 1600 ============================================================
21:18:00.0923 1600 Initialize success
21:18:00.0923 1600 ============================================================
21:18:56.0053 5092 ============================================================
21:18:56.0053 5092 Scan started
21:18:56.0053 5092 Mode: Manual; TDLFS;
21:18:56.0053 5092 ============================================================
21:18:57.0213 5092 ================ Scan system memory ========================
21:18:57.0213 5092 System memory - ok
21:18:57.0213 5092 ================ Scan services =============================
21:18:57.0363 5092 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
21:18:57.0393 5092 1394ohci - ok
21:18:57.0563 5092 5679 - ok
21:18:57.0643 5092 [ BEB5E6A8C17C3C7485563281E0F9E77E ] 61883 C:\Windows\system32\DRIVERS\61883.sys
21:18:57.0643 5092 61883 - ok
21:18:57.0683 5092 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
21:18:57.0683 5092 ACPI - ok
21:18:57.0713 5092 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
21:18:57.0733 5092 AcpiPmi - ok
21:18:57.0813 5092 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
21:18:57.0813 5092 AdobeFlashPlayerUpdateSvc - ok
21:18:57.0853 5092 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
21:18:57.0893 5092 adp94xx - ok
21:18:57.0913 5092 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
21:18:57.0943 5092 adpahci - ok
21:18:57.0943 5092 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
21:18:57.0963 5092 adpu320 - ok
21:18:57.0983 5092 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
21:18:57.0983 5092 AeLookupSvc - ok
21:18:58.0033 5092 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
21:18:58.0043 5092 AFD - ok
21:18:58.0063 5092 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
21:18:58.0083 5092 agp440 - ok
21:18:58.0113 5092 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
21:18:58.0113 5092 aic78xx - ok
21:18:58.0153 5092 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
21:18:58.0173 5092 ALG - ok
21:18:58.0183 5092 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
21:18:58.0203 5092 aliide - ok
21:18:58.0223 5092 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
21:18:58.0243 5092 amdagp - ok
21:18:58.0273 5092 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
21:18:58.0303 5092 amdide - ok
21:18:58.0323 5092 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
21:18:58.0343 5092 AmdK8 - ok
21:18:58.0373 5092 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
21:18:58.0393 5092 AmdPPM - ok
21:18:58.0433 5092 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
21:18:58.0463 5092 amdsata - ok
21:18:58.0483 5092 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
21:18:58.0503 5092 amdsbs - ok
21:18:58.0523 5092 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
21:18:58.0523 5092 amdxata - ok
21:18:58.0603 5092 [ 0A1CC583E8147004E4AD4625D7FBF88C ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
21:18:58.0603 5092 AntiVirSchedulerService - ok
21:18:58.0643 5092 [ C9A36EF935ACED86AEDF93E97E606911 ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe
21:18:58.0643 5092 AntiVirService - ok
21:18:58.0683 5092 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
21:18:58.0703 5092 AppID - ok
21:18:58.0743 5092 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
21:18:58.0763 5092 AppIDSvc - ok
21:18:58.0793 5092 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
21:18:58.0803 5092 Appinfo - ok
21:18:58.0843 5092 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
21:18:58.0863 5092 AppMgmt - ok
21:18:58.0883 5092 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
21:18:58.0903 5092 arc - ok
21:18:58.0923 5092 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
21:18:58.0943 5092 arcsas - ok
21:18:59.0033 5092 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
21:18:59.0033 5092 aspnet_state - ok
21:18:59.0063 5092 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
21:18:59.0073 5092 AsyncMac - ok
21:18:59.0103 5092 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
21:18:59.0103 5092 atapi - ok
21:18:59.0133 5092 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:18:59.0133 5092 AudioEndpointBuilder - ok
21:18:59.0143 5092 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
21:18:59.0143 5092 Audiosrv - ok
21:18:59.0183 5092 [ C44BDD77E06053CF5AFE046F3A47C16B ] Avc C:\Windows\system32\DRIVERS\avc.sys
21:18:59.0203 5092 Avc - ok
21:18:59.0243 5092 [ D5541F0AFB767E85FC412FC609D96A74 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
21:18:59.0243 5092 avgntflt - ok
21:18:59.0283 5092 [ 7D967A682D4694DF7FA57D63A2DB01FE ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
21:18:59.0293 5092 avipbb - ok
21:18:59.0303 5092 [ 271CFD1A989209B1964E24D969552BF7 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
21:18:59.0333 5092 avkmgr - ok
21:18:59.0363 5092 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
21:18:59.0373 5092 AxInstSV - ok
21:18:59.0423 5092 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
21:18:59.0463 5092 b06bdrv - ok
21:18:59.0493 5092 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
21:18:59.0513 5092 b57nd60x - ok
21:18:59.0563 5092 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
21:18:59.0583 5092 BDESVC - ok
21:18:59.0603 5092 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
21:18:59.0623 5092 Beep - ok
21:18:59.0673 5092 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
21:18:59.0683 5092 BFE - ok
21:18:59.0713 5092 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll
21:18:59.0723 5092 BITS - ok
21:18:59.0733 5092 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
21:18:59.0763 5092 blbdrive - ok
21:18:59.0793 5092 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
21:18:59.0793 5092 bowser - ok
21:18:59.0803 5092 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
21:18:59.0813 5092 BrFiltLo - ok
21:18:59.0823 5092 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
21:18:59.0823 5092 BrFiltUp - ok
21:18:59.0863 5092 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
21:18:59.0863 5092 Browser - ok
21:18:59.0883 5092 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
21:18:59.0913 5092 Brserid - ok
21:18:59.0913 5092 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
21:18:59.0943 5092 BrSerWdm - ok
21:18:59.0953 5092 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
21:18:59.0953 5092 BrUsbMdm - ok
21:18:59.0973 5092 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
21:18:59.0993 5092 BrUsbSer - ok
21:19:00.0003 5092 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
21:19:00.0033 5092 BTHMODEM - ok
21:19:00.0083 5092 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
21:19:00.0113 5092 bthserv - ok
21:19:00.0133 5092 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
21:19:00.0153 5092 cdfs - ok
21:19:00.0203 5092 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
21:19:00.0223 5092 cdrom - ok
21:19:00.0253 5092 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
21:19:00.0253 5092 CertPropSvc - ok
21:19:00.0283 5092 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
21:19:00.0303 5092 circlass - ok
21:19:00.0343 5092 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
21:19:00.0343 5092 CLFS - ok
21:19:00.0393 5092 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:19:00.0393 5092 clr_optimization_v2.0.50727_32 - ok
21:19:00.0433 5092 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:19:00.0433 5092 clr_optimization_v4.0.30319_32 - ok
21:19:00.0433 5092 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
21:19:00.0463 5092 CmBatt - ok
21:19:00.0493 5092 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
21:19:00.0513 5092 cmdide - ok
21:19:00.0543 5092 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\Windows\system32\Drivers\cng.sys
21:19:00.0553 5092 CNG - ok
21:19:00.0563 5092 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
21:19:00.0573 5092 Compbatt - ok
21:19:00.0603 5092 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
21:19:00.0613 5092 CompositeBus - ok
21:19:00.0633 5092 COMSysApp - ok
21:19:00.0653 5092 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
21:19:00.0683 5092 crcdisk - ok
21:19:00.0723 5092 [ 06E771AA596B8761107AB57E99F128D7 ] CryptSvc C:\Windows\system32\cryptsvc.dll
21:19:00.0723 5092 CryptSvc - ok
21:19:00.0743 5092 [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC C:\Windows\system32\drivers\csc.sys
21:19:00.0763 5092 CSC - ok
21:19:00.0803 5092 [ 15F93B37F6801943360D9EB42485D5D3 ] CscService C:\Windows\System32\cscsvc.dll
21:19:00.0803 5092 CscService - ok
21:19:00.0823 5092 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
21:19:00.0833 5092 DcomLaunch - ok
21:19:00.0853 5092 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
21:19:00.0863 5092 defragsvc - ok
21:19:00.0883 5092 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
21:19:00.0883 5092 DfsC - ok
21:19:00.0913 5092 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
21:19:00.0913 5092 Dhcp - ok
21:19:00.0923 5092 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
21:19:00.0923 5092 discache - ok
21:19:00.0953 5092 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
21:19:00.0953 5092 Disk - ok
21:19:00.0983 5092 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
21:19:00.0983 5092 Dnscache - ok
21:19:01.0003 5092 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
21:19:01.0033 5092 dot3svc - ok
21:19:01.0063 5092 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
21:19:01.0063 5092 DPS - ok
21:19:01.0093 5092 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
21:19:01.0093 5092 drmkaud - ok
21:19:01.0133 5092 [ 687AF6BB383885FF6A64071B189A7F3E ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
21:19:01.0143 5092 dtsoftbus01 - ok
21:19:01.0183 5092 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
21:19:01.0203 5092 DXGKrnl - ok
21:19:01.0223 5092 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
21:19:01.0223 5092 EapHost - ok
21:19:01.0303 5092 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
21:19:01.0373 5092 ebdrv - ok
21:19:01.0403 5092 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
21:19:01.0413 5092 EFS - ok
21:19:01.0453 5092 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
21:19:01.0473 5092 ehRecvr - ok
21:19:01.0493 5092 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
21:19:01.0503 5092 ehSched - ok
21:19:01.0533 5092 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
21:19:01.0543 5092 elxstor - ok
21:19:01.0643 5092 [ EC6A73CD8413F68655E5E0B99C415A21 ] EPSON_EB_RPCV4_01 C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE
21:19:01.0643 5092 EPSON_EB_RPCV4_01 - ok
21:19:01.0673 5092 [ 8FE6AB59CAB8F2C038FEA9522A5EEBA7 ] EPSON_PM_RPCV4_01 C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE
21:19:01.0673 5092 EPSON_PM_RPCV4_01 - ok
21:19:01.0693 5092 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
21:19:01.0693 5092 ErrDev - ok
21:19:01.0743 5092 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
21:19:01.0743 5092 EventSystem - ok
21:19:01.0763 5092 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
21:19:01.0773 5092 exfat - ok
21:19:01.0783 5092 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
21:19:01.0803 5092 fastfat - ok
21:19:01.0863 5092 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
21:19:01.0863 5092 Fax - ok
21:19:01.0873 5092 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
21:19:01.0903 5092 fdc - ok
21:19:01.0923 5092 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
21:19:01.0943 5092 fdPHost - ok
21:19:01.0963 5092 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
21:19:01.0963 5092 FDResPub - ok
21:19:01.0973 5092 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
21:19:01.0983 5092 FileInfo - ok
21:19:01.0983 5092 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
21:19:02.0003 5092 Filetrace - ok
21:19:02.0023 5092 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
21:19:02.0043 5092 flpydisk - ok
21:19:02.0063 5092 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
21:19:02.0073 5092 FltMgr - ok
21:19:02.0113 5092 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\Windows\system32\FntCache.dll
21:19:02.0113 5092 FontCache - ok
21:19:02.0163 5092 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
21:19:02.0163 5092 FontCache3.0.0.0 - ok
21:19:02.0263 5092 [ B53D64A7BA4BC661B0BAF6453F6FC743 ] ForceWare Intelligent Application Manager (IAM) C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
21:19:02.0263 5092 ForceWare Intelligent Application Manager (IAM) - ok
21:19:02.0273 5092 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
21:19:02.0283 5092 FsDepends - ok
21:19:02.0293 5092 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
21:19:02.0313 5092 Fs_Rec - ok
21:19:02.0353 5092 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
21:19:02.0363 5092 fvevol - ok
21:19:02.0393 5092 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
21:19:02.0413 5092 gagp30kx - ok
21:19:02.0443 5092 GGSAFERDriver - ok
21:19:02.0473 5092 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
21:19:02.0483 5092 gpsvc - ok
21:19:02.0553 5092 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
21:19:02.0553 5092 gupdate - ok
21:19:02.0573 5092 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
21:19:02.0573 5092 gupdatem - ok
21:19:02.0583 5092 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
21:19:02.0603 5092 hcw85cir - ok
21:19:02.0653 5092 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:19:02.0683 5092 HdAudAddService - ok
21:19:02.0703 5092 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
21:19:02.0723 5092 HDAudBus - ok
21:19:02.0743 5092 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
21:19:02.0763 5092 HidBatt - ok
21:19:02.0783 5092 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
21:19:02.0803 5092 HidBth - ok
21:19:02.0813 5092 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
21:19:02.0843 5092 HidIr - ok
21:19:02.0863 5092 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
21:19:02.0863 5092 hidserv - ok
21:19:02.0913 5092 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\drivers\hidusb.sys
21:19:02.0933 5092 HidUsb - ok
21:19:02.0963 5092 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
21:19:02.0963 5092 hkmsvc - ok
21:19:02.0993 5092 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:19:02.0993 5092 HomeGroupListener - ok
21:19:03.0023 5092 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:19:03.0023 5092 HomeGroupProvider - ok
21:19:03.0073 5092 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
21:19:03.0093 5092 HpSAMD - ok
21:19:03.0133 5092 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
21:19:03.0133 5092 HTTP - ok
21:19:03.0153 5092 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
21:19:03.0153 5092 hwpolicy - ok
21:19:03.0183 5092 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
21:19:03.0203 5092 i8042prt - ok
21:19:03.0233 5092 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
21:19:03.0263 5092 iaStorV - ok
21:19:03.0313 5092 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
21:19:03.0323 5092 idsvc - ok
21:19:03.0343 5092 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
21:19:03.0373 5092 iirsp - ok
21:19:03.0403 5092 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
21:19:03.0403 5092 IKEEXT - ok
21:19:03.0423 5092 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
21:19:03.0443 5092 intelide - ok
21:19:03.0473 5092 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
21:19:03.0483 5092 intelppm - ok
21:19:03.0523 5092 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
21:19:03.0533 5092 IPBusEnum - ok
21:19:03.0533 5092 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:19:03.0563 5092 IpFilterDriver - ok
21:19:03.0593 5092 [ 4D65A07B795D6674312F879D09AA7663 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
21:19:03.0593 5092 iphlpsvc - ok
21:19:03.0613 5092 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
21:19:03.0623 5092 IPMIDRV - ok
21:19:03.0643 5092 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
21:19:03.0653 5092 IPNAT - ok
21:19:03.0673 5092 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
21:19:03.0683 5092 IRENUM - ok
21:19:03.0693 5092 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
21:19:03.0703 5092 isapnp - ok
21:19:03.0723 5092 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
21:19:03.0743 5092 iScsiPrt - ok
21:19:03.0783 5092 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
21:19:03.0813 5092 kbdclass - ok
21:19:03.0843 5092 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
21:19:03.0843 5092 kbdhid - ok
21:19:03.0853 5092 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
21:19:03.0853 5092 KeyIso - ok
21:19:03.0913 5092 [ 4476FE98AAF505ACDCD3EE6360AABEC1 ] KMWDFILTERx86 C:\Windows\system32\DRIVERS\KMWDFILTER.sys
21:19:03.0913 5092 KMWDFILTERx86 - ok
21:19:03.0943 5092 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
21:19:03.0943 5092 KSecDD - ok
21:19:03.0973 5092 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
21:19:03.0973 5092 KSecPkg - ok
21:19:04.0003 5092 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
21:19:04.0013 5092 KtmRm - ok
21:19:04.0033 5092 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\system32\srvsvc.dll
21:19:04.0033 5092 LanmanServer - ok
21:19:04.0043 5092 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:19:04.0053 5092 LanmanWorkstation - ok
21:19:04.0103 5092 [ 83D8BE94E1CBCBE2EA8372DB1A95A159 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
21:19:04.0103 5092 LightScribeService - ok
21:19:04.0133 5092 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
21:19:04.0153 5092 lltdio - ok
21:19:04.0173 5092 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
21:19:04.0183 5092 lltdsvc - ok
21:19:04.0193 5092 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
21:19:04.0193 5092 lmhosts - ok
21:19:04.0223 5092 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
21:19:04.0243 5092 LSI_FC - ok
21:19:04.0253 5092 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
21:19:04.0273 5092 LSI_SAS - ok
21:19:04.0293 5092 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
21:19:04.0303 5092 LSI_SAS2 - ok
21:19:04.0323 5092 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
21:19:04.0343 5092 LSI_SCSI - ok
21:19:04.0353 5092 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
21:19:04.0363 5092 luafv - ok
21:19:04.0393 5092 [ A3E700D78EEC390F1208098CDCA5C6B6 ] MarvinBus C:\Windows\system32\DRIVERS\MarvinBus.sys
21:19:04.0393 5092 MarvinBus - ok
21:19:04.0443 5092 [ 65E794E86468B61F2BC79ABC48BC4433 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
21:19:04.0443 5092 MBAMProtector - ok
21:19:04.0523 5092 [ 0DCF16B1449811EFA47AB52CAC84093C ] MBAMScheduler D:\malware\Malwarebytes' Anti-Malware\mbamscheduler.exe
21:19:04.0523 5092 MBAMScheduler - ok
21:19:04.0563 5092 [ 9EAABA4D601004BEA4DAA6E146E19A96 ] MBAMService D:\malware\Malwarebytes' Anti-Malware\mbamservice.exe
21:19:04.0573 5092 MBAMService - ok
21:19:04.0603 5092 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
21:19:04.0613 5092 Mcx2Svc - ok
21:19:04.0643 5092 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
21:19:04.0663 5092 megasas - ok
21:19:04.0693 5092 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
21:19:04.0713 5092 MegaSR - ok
21:19:04.0743 5092 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
21:19:04.0743 5092 MMCSS - ok
21:19:04.0763 5092 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
21:19:04.0793 5092 Modem - ok
21:19:04.0813 5092 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
21:19:04.0823 5092 monitor - ok
21:19:04.0863 5092 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\drivers\mouclass.sys
21:19:04.0883 5092 mouclass - ok
21:19:04.0903 5092 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
21:19:04.0913 5092 mouhid - ok
21:19:04.0933 5092 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
21:19:04.0933 5092 mountmgr - ok
21:19:04.0953 5092 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
21:19:04.0973 5092 mpio - ok
21:19:04.0993 5092 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
21:19:05.0013 5092 mpsdrv - ok
21:19:05.0053 5092 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
21:19:05.0053 5092 MpsSvc - ok
21:19:05.0083 5092 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
21:19:05.0103 5092 MRxDAV - ok
21:19:05.0133 5092 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
21:19:05.0133 5092 mrxsmb - ok
21:19:05.0153 5092 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:19:05.0153 5092 mrxsmb10 - ok
21:19:05.0163 5092 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:19:05.0163 5092 mrxsmb20 - ok
21:19:05.0183 5092 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
21:19:05.0183 5092 msahci - ok
21:19:05.0203 5092 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
21:19:05.0223 5092 msdsm - ok
21:19:05.0253 5092 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
21:19:05.0253 5092 MSDTC - ok
21:19:05.0293 5092 [ 114B67C324D64C8195FD3BF93B4DF02A ] MSDV C:\Windows\system32\DRIVERS\msdv.sys
21:19:05.0303 5092 MSDV - ok
21:19:05.0333 5092 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
21:19:05.0333 5092 Msfs - ok
21:19:05.0343 5092 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
21:19:05.0343 5092 mshidkmdf - ok
21:19:05.0353 5092 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
21:19:05.0373 5092 msisadrv - ok
21:19:05.0413 5092 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
21:19:05.0413 5092 MSiSCSI - ok
21:19:05.0423 5092 msiserver - ok
21:19:05.0453 5092 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
21:19:05.0473 5092 MSKSSRV - ok
21:19:05.0493 5092 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
21:19:05.0493 5092 MSPCLOCK - ok
21:19:05.0513 5092 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
21:19:05.0513 5092 MSPQM - ok
21:19:05.0523 5092 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
21:19:05.0523 5092 MsRPC - ok
21:19:05.0533 5092 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
21:19:05.0543 5092 mssmbios - ok
21:19:05.0553 5092 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
21:19:05.0563 5092 MSTEE - ok
21:19:05.0583 5092 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
21:19:05.0593 5092 MTConfig - ok
21:19:05.0633 5092 [ D48659BB24C48345D926ECB45C1EBDF5 ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
21:19:05.0633 5092 MTsensor - ok
21:19:05.0643 5092 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
21:19:05.0643 5092 Mup - ok
21:19:05.0673 5092 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
21:19:05.0683 5092 napagent - ok
21:19:05.0723 5092 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
21:19:05.0723 5092 NativeWifiP - ok
21:19:05.0803 5092 [ E4534BCCDD1EA7A7A256BB9D6688A5FC ] NAUpdate C:\Program Files\Nero\Update\NASvc.exe
21:19:05.0813 5092 NAUpdate - ok
21:19:05.0843 5092 [ E7C54812A2AAF43316EB6930C1FFA108 ] NDIS C:\Windows\system32\drivers\ndis.sys
21:19:05.0853 5092 NDIS - ok
21:19:05.0873 5092 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
21:19:05.0903 5092 NdisCap - ok
21:19:05.0933 5092 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
21:19:05.0963 5092 NdisTapi - ok
21:19:05.0993 5092 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
21:19:06.0003 5092 Ndisuio - ok
21:19:06.0013 5092 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
21:19:06.0033 5092 NdisWan - ok
21:19:06.0063 5092 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
21:19:06.0083 5092 NDProxy - ok
21:19:06.0103 5092 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
21:19:06.0113 5092 NetBIOS - ok
21:19:06.0173 5092 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
21:19:06.0173 5092 NetBT - ok
21:19:06.0183 5092 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
21:19:06.0183 5092 Netlogon - ok
21:19:06.0233 5092 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
21:19:06.0243 5092 Netman - ok
21:19:06.0283 5092 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
21:19:06.0283 5092 NetMsmqActivator - ok
21:19:06.0303 5092 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
21:19:06.0303 5092 NetPipeActivator - ok
21:19:06.0323 5092 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
21:19:06.0323 5092 netprofm - ok
21:19:06.0333 5092 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
21:19:06.0333 5092 NetTcpActivator - ok
21:19:06.0343 5092 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
21:19:06.0343 5092 NetTcpPortSharing - ok
21:19:06.0373 5092 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
21:19:06.0393 5092 nfrd960 - ok
21:19:06.0433 5092 [ 912084381D30D8B89EC4E293053F4710 ] NlaSvc C:\Windows\System32\nlasvc.dll
21:19:06.0433 5092 NlaSvc - ok
21:19:06.0443 5092 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
21:19:06.0443 5092 Npfs - ok
21:19:06.0473 5092 npggsvc - ok
21:19:06.0503 5092 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
21:19:06.0503 5092 nsi - ok
21:19:06.0513 5092 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
21:19:06.0533 5092 nsiproxy - ok
21:19:06.0593 5092 [ 168437A522D178DF6A372F09782B084F ] nSvcIp C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
21:19:06.0603 5092 nSvcIp - ok
21:19:06.0643 5092 [ 81189C3D7763838E55C397759D49007A ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
21:19:06.0653 5092 Ntfs - ok
21:19:06.0673 5092 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
21:19:06.0673 5092 Null - ok
21:19:06.0713 5092 [ B5E37E31C053BC9950455A257526514B ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x32.sys
21:19:06.0743 5092 NVENETFD - ok
21:19:06.0943 5092 [ 10999ADF4C796FE23E1B891EF3441A13 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
21:19:07.0053 5092 nvlddmkm - ok
21:19:07.0093 5092 [ C9C82E1A08955FDBDF92AAC55BC3A4E4 ] NVNET C:\Windows\system32\DRIVERS\nvmf6232.sys
21:19:07.0123 5092 NVNET - ok
21:19:07.0153 5092 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
21:19:07.0173 5092 nvraid - ok
21:19:07.0203 5092 [ F13618F0CB1E95232F4C2401592A59E9 ] nvsmu C:\Windows\system32\DRIVERS\nvsmu.sys
21:19:07.0213 5092 nvsmu - ok
21:19:07.0233 5092 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
21:19:07.0263 5092 nvstor - ok
21:19:07.0303 5092 [ 7C732AFF202DCD06C3D262966D71604C ] nvsvc C:\Windows\system32\nvvsvc.exe
21:19:07.0313 5092 nvsvc - ok
21:19:07.0383 5092 [ 262D2FBF211A88DCB84249DF0F6EF6E7 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
21:19:07.0393 5092 nvUpdatusService - ok
21:19:07.0423 5092 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
21:19:07.0433 5092 nv_agp - ok
21:19:07.0463 5092 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
21:19:07.0473 5092 ohci1394 - ok
21:19:07.0513 5092 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:19:07.0513 5092 ose - ok
21:19:07.0553 5092 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
21:19:07.0563 5092 p2pimsvc - ok
21:19:07.0573 5092 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
21:19:07.0583 5092 p2psvc - ok
21:19:07.0603 5092 [ C81216D1AE3FA5C51AE9D587C3F4B85D ] PAC7302 C:\Windows\system32\DRIVERS\PAC7302.SYS
21:19:07.0623 5092 PAC7302 - ok
21:19:07.0653 5092 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
21:19:07.0683 5092 Parport - ok
21:19:07.0703 5092 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
21:19:07.0703 5092 partmgr - ok
21:19:07.0713 5092 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
21:19:07.0733 5092 Parvdm - ok
21:19:07.0753 5092 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
21:19:07.0763 5092 PcaSvc - ok
21:19:07.0773 5092 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
21:19:07.0773 5092 pci - ok
21:19:07.0783 5092 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
21:19:07.0783 5092 pciide - ok
21:19:07.0803 5092 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
21:19:07.0823 5092 pcmcia - ok
21:19:07.0843 5092 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
21:19:07.0843 5092 pcw - ok
21:19:07.0883 5092 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
21:19:07.0913 5092 PEAUTH - ok
21:19:07.0963 5092 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
21:19:07.0963 5092 PeerDistSvc - ok
21:19:08.0023 5092 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
21:19:08.0073 5092 pla - ok
21:19:08.0093 5092 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
21:19:08.0103 5092 PlugPlay - ok
21:19:08.0113 5092 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
21:19:08.0113 5092 PNRPAutoReg - ok
21:19:08.0133 5092 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
21:19:08.0133 5092 PNRPsvc - ok
21:19:08.0153 5092 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
21:19:08.0153 5092 PolicyAgent - ok
21:19:08.0183 5092 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
21:19:08.0183 5092 Power - ok
21:19:08.0213 5092 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
21:19:08.0223 5092 PptpMiniport - ok
21:19:08.0233 5092 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
21:19:08.0243 5092 Processor - ok
21:19:08.0283 5092 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
21:19:08.0283 5092 ProfSvc - ok
21:19:08.0293 5092 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
21:19:08.0293 5092 ProtectedStorage - ok
21:19:08.0323 5092 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
21:19:08.0323 5092 Psched - ok
21:19:08.0353 5092 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
21:19:08.0403 5092 ql2300 - ok
21:19:08.0423 5092 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
21:19:08.0433 5092 ql40xx - ok
21:19:08.0453 5092 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
21:19:08.0463 5092 QWAVE - ok
21:19:08.0473 5092 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
21:19:08.0493 5092 QWAVEdrv - ok
21:19:08.0513 5092 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
21:19:08.0523 5092 RasAcd - ok
21:19:08.0563 5092 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
21:19:08.0563 5092 RasAgileVpn - ok
21:19:08.0573 5092 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
21:19:08.0603 5092 RasAuto - ok
21:19:08.0623 5092 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
21:19:08.0623 5092 Rasl2tp - ok
21:19:08.0663 5092 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
21:19:08.0693 5092 RasMan - ok
21:19:08.0713 5092 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
21:19:08.0743 5092 RasPppoe - ok
21:19:08.0773 5092 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
21:19:08.0793 5092 RasSstp - ok
21:19:08.0823 5092 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
21:19:08.0823 5092 rdbss - ok
21:19:08.0833 5092 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
21:19:08.0853 5092 rdpbus - ok
21:19:08.0883 5092 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
21:19:08.0903 5092 RDPCDD - ok
21:19:08.0933 5092 [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
21:19:08.0963 5092 RDPDR - ok
21:19:09.0013 5092 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
21:19:09.0013 5092 RDPENCDD - ok
21:19:09.0023 5092 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
21:19:09.0043 5092 RDPREFMP - ok
21:19:09.0103 5092 [ 68A0387F58E226DEEE23D9715955572A ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
21:19:09.0123 5092 RdpVideoMiniport - ok
21:19:09.0153 5092 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
21:19:09.0173 5092 RDPWD - ok
21:19:09.0203 5092 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
21:19:09.0203 5092 rdyboost - ok
21:19:09.0233 5092 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
21:19:09.0253 5092 RemoteAccess - ok
21:19:09.0283 5092 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
21:19:09.0303 5092 RemoteRegistry - ok
21:19:09.0353 5092 [ B9BB8E2093C1615AD6EA55AD96214354 ] Revoflt C:\Windows\system32\DRIVERS\revoflt.sys
21:19:09.0373 5092 Revoflt - ok
21:19:09.0403 5092 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
21:19:09.0413 5092 RpcEptMapper - ok
21:19:09.0453 5092 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
21:19:09.0453 5092 RpcLocator - ok
21:19:09.0483 5092 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
21:19:09.0493 5092 RpcSs - ok
21:19:09.0533 5092 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
21:19:09.0533 5092 rspndr - ok
21:19:09.0563 5092 [ E1AB463B36A7EF31D8A73A97A9B57AFA ] s115bus C:\Windows\system32\DRIVERS\s115bus.sys
21:19:09.0573 5092 s115bus - ok
21:19:09.0603 5092 [ E24113FC13B8737C94CF4E3415488C76 ] s115mdfl C:\Windows\system32\DRIVERS\s115mdfl.sys
21:19:09.0623 5092 s115mdfl - ok
21:19:09.0653 5092 [ 4029E49E7C673AA0670BD206B0AF1B5B ] s115mdm C:\Windows\system32\DRIVERS\s115mdm.sys
21:19:09.0673 5092 s115mdm - ok
21:19:09.0793 5092 [ EB02AB4CA8BCCECFDE236CAD8FC6E135 ] s115mgmt C:\Windows\system32\DRIVERS\s115mgmt.sys
21:19:09.0793 5092 s115mgmt - ok
21:19:09.0963 5092 [ 089869DB9FFD2AC807FA87FE82AC7761 ] s115obex C:\Windows\system32\DRIVERS\s115obex.sys
21:19:09.0983 5092 s115obex - ok
21:19:10.0013 5092 [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
21:19:10.0023 5092 s3cap - ok
21:19:10.0033 5092 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
21:19:10.0033 5092 SamSs - ok
21:19:10.0063 5092 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
21:19:10.0073 5092 sbp2port - ok
21:19:10.0093 5092 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
21:19:10.0103 5092 SCardSvr - ok
21:19:10.0133 5092 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
21:19:10.0153 5092 scfilter - ok
21:19:10.0193 5092 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
21:19:10.0203 5092 Schedule - ok
21:19:10.0213 5092 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
21:19:10.0213 5092 SCPolicySvc - ok
21:19:10.0243 5092 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
21:19:10.0253 5092 SDRSVC - ok
21:19:10.0293 5092 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
21:19:10.0293 5092 secdrv - ok
21:19:10.0303 5092 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
21:19:10.0313 5092 seclogon - ok
21:19:10.0343 5092 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
21:19:10.0343 5092 SENS - ok
21:19:10.0373 5092 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
21:19:10.0393 5092 SensrSvc - ok
21:19:10.0413 5092 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
21:19:10.0443 5092 Serenum - ok
21:19:10.0453 5092 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
21:19:10.0483 5092 Serial - ok
21:19:10.0503 5092 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
21:19:10.0523 5092 sermouse - ok
21:19:10.0563 5092 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
21:19:10.0563 5092 SessionEnv - ok
21:19:10.0583 5092 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
21:19:10.0593 5092 sffdisk - ok
21:19:10.0593 5092 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
21:19:10.0613 5092 sffp_mmc - ok
21:19:10.0633 5092 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
21:19:10.0653 5092 sffp_sd - ok
21:19:10.0663 5092 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
21:19:10.0693 5092 sfloppy - ok
21:19:10.0733 5092 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
21:19:10.0743 5092 SharedAccess - ok
21:19:10.0763 5092 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:19:10.0763 5092 ShellHWDetection - ok
21:19:10.0783 5092 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
21:19:10.0783 5092 sisagp - ok
21:19:10.0813 5092 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
21:19:10.0813 5092 SiSRaid2 - ok
21:19:10.0833 5092 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
21:19:10.0833 5092 SiSRaid4 - ok
21:19:10.0983 5092 [ 753D254205E0A62100A050BD8B458D06 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
21:19:11.0003 5092 Skype C2C Service - ok
21:19:11.0093 5092 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate D:\programos\skype\Updater\Updater.exe
21:19:11.0143 5092 SkypeUpdate - ok
21:19:11.0173 5092 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
21:19:11.0193 5092 Smb - ok
21:19:11.0233 5092 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
21:19:11.0253 5092 SNMPTRAP - ok
21:19:11.0273 5092 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
21:19:11.0273 5092 spldr - ok
21:19:11.0303 5092 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
21:19:11.0313 5092 Spooler - ok
21:19:11.0383 5092 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
21:19:11.0403 5092 sppsvc - ok
21:19:11.0423 5092 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
21:19:11.0453 5092 sppuinotify - ok
21:19:11.0493 5092 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
21:19:11.0493 5092 srv - ok
21:19:11.0513 5092 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
21:19:11.0523 5092 srv2 - ok
21:19:11.0543 5092 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
21:19:11.0543 5092 srvnet - ok
21:19:11.0563 5092 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
21:19:11.0563 5092 SSDPSRV - ok
21:19:11.0603 5092 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\Windows\system32\DRIVERS\ssmdrv.sys
21:19:11.0613 5092 ssmdrv - ok
21:19:11.0623 5092 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
21:19:11.0643 5092 SstpSvc - ok
21:19:11.0683 5092 [ 5A1D0CA8A5F1E7B4EC50B9D76C001F0E ] ss_bus C:\Windows\system32\DRIVERS\ss_bus.sys
21:19:11.0683 5092 ss_bus - ok
21:19:11.0703 5092 [ F0A85580E36A3A85059037D39A9CF079 ] ss_mdfl C:\Windows\system32\DRIVERS\ss_mdfl.sys
21:19:11.0703 5092 ss_mdfl - ok
21:19:11.0713 5092 [ 84C3DBFD1BFA4ADC0A950B3D5506CB00 ] ss_mdm C:\Windows\system32\DRIVERS\ss_mdm.sys
21:19:11.0733 5092 ss_mdm - ok
21:19:11.0773 5092 [ 306521935042FC0A6988D528643619B3 ] StarOpen C:\Windows\system32\drivers\StarOpen.sys
21:19:11.0773 5092 StarOpen - ok
21:19:11.0793 5092 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
21:19:11.0813 5092 stexstor - ok
21:19:11.0863 5092 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
21:19:11.0863 5092 StiSvc - ok
21:19:11.0883 5092 [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
21:19:11.0903 5092 storflt - ok
21:19:11.0933 5092 [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc C:\Windows\system32\drivers\storvsc.sys
21:19:11.0943 5092 storvsc - ok
21:19:11.0963 5092 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
21:19:11.0983 5092 swenum - ok
21:19:12.0003 5092 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
21:19:12.0003 5092 swprv - ok
21:19:12.0023 5092 Synth3dVsc - ok
21:19:12.0063 5092 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
21:19:12.0073 5092 SysMain - ok
21:19:12.0093 5092 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:19:12.0103 5092 TabletInputService - ok
21:19:12.0133 5092 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
21:19:12.0153 5092 TapiSrv - ok
21:19:12.0173 5092 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
21:19:12.0193 5092 TBS - ok
21:19:12.0243 5092 [ 7FA2E0F8B072BD04B77B421480B6CC22 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
21:19:12.0263 5092 Tcpip - ok
21:19:12.0293 5092 [ 7FA2E0F8B072BD04B77B421480B6CC22 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
21:19:12.0293 5092 TCPIP6 - ok
21:19:12.0323 5092 [ CCA24162E055C3714CE5A88B100C64ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
21:19:12.0343 5092 tcpipreg - ok
21:19:12.0373 5092 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
21:19:12.0383 5092 TDPIPE - ok
21:19:12.0403 5092 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
21:19:12.0423 5092 TDTCP - ok
21:19:12.0453 5092 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
21:19:12.0483 5092 tdx - ok
21:19:12.0503 5092 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys
21:19:12.0523 5092 TermDD - ok
21:19:12.0553 5092 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
21:19:12.0563 5092 TermService - ok
21:19:12.0583 5092 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
21:19:12.0583 5092 Themes - ok
21:19:12.0593 5092 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
21:19:12.0593 5092 THREADORDER - ok
21:19:12.0623 5092 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
21:19:12.0633 5092 TrkWks - ok
21:19:12.0673 5092 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:19:12.0693 5092 TrustedInstaller - ok
21:19:12.0733 5092 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
21:19:12.0753 5092 tssecsrv - ok
21:19:12.0793 5092 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
21:19:12.0813 5092 TsUsbFlt - ok
21:19:12.0813 5092 tsusbhub - ok
21:19:12.0853 5092 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
21:19:12.0863 5092 tunnel - ok
21:19:12.0893 5092 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
21:19:12.0913 5092 uagp35 - ok
21:19:12.0943 5092 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
21:19:12.0953 5092 udfs - ok
21:19:12.0963 5092 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
21:19:12.0973 5092 UI0Detect - ok
21:19:13.0003 5092 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
21:19:13.0023 5092 uliagpkx - ok
21:19:13.0053 5092 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\drivers\umbus.sys
21:19:13.0063 5092 umbus - ok
21:19:13.0103 5092 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
21:19:13.0113 5092 UmPass - ok
21:19:13.0153 5092 [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService C:\Windows\System32\umrdp.dll
21:19:13.0163 5092 UmRdpService - ok
21:19:13.0193 5092 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
21:19:13.0193 5092 upnphost - ok
21:19:13.0223 5092 [ 1D9F2BD026E8E2D45033A4DF3F16B78C ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
21:19:13.0233 5092 usbaudio - ok
21:19:13.0253 5092 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
21:19:13.0273 5092 usbccgp - ok
21:19:13.0293 5092 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
21:19:13.0303 5092 usbcir - ok
21:19:13.0313 5092 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
21:19:13.0343 5092 usbehci - ok
21:19:13.0373 5092 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
21:19:13.0383 5092 usbhub - ok
21:19:13.0403 5092 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
21:19:13.0423 5092 usbohci - ok
21:19:13.0453 5092 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
21:19:13.0463 5092 usbprint - ok
21:19:13.0503 5092 [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
21:19:13.0523 5092 usbscan - ok
21:19:13.0543 5092 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:19:13.0553 5092 USBSTOR - ok
21:19:13.0573 5092 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
21:19:13.0583 5092 usbuhci - ok
21:19:13.0593 5092 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
21:19:13.0603 5092 UxSms - ok
21:19:13.0613 5092 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
21:19:13.0613 5092 VaultSvc - ok
21:19:13.0643 5092 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
21:19:13.0653 5092 vdrvroot - ok
21:19:13.0683 5092 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
21:19:13.0713 5092 vds - ok
21:19:13.0743 5092 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
21:19:13.0763 5092 vga - ok
21:19:13.0773 5092 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
21:19:13.0773 5092 VgaSave - ok
21:19:13.0793 5092 VGPU - ok
21:19:13.0823 5092 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
21:19:13.0833 5092 vhdmp - ok
21:19:13.0863 5092 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
21:19:13.0863 5092 viaagp - ok
21:19:13.0883 5092 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
21:19:13.0893 5092 ViaC7 - ok
21:19:13.0953 5092 [ 4906E025DD6B322C4BBD6B9E35C9993A ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
21:19:13.0993 5092 VIAHdAudAddService - ok
21:19:14.0013 5092 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
21:19:14.0033 5092 viaide - ok
21:19:14.0073 5092 [ C2F2911156FDC7817C52829C86DA494E ] vmbus C:\Windows\system32\drivers\vmbus.sys
21:19:14.0093 5092 vmbus - ok
21:19:14.0113 5092 [ D4D77455211E204F370D08F4963063CE ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
21:19:14.0113 5092 VMBusHID - ok
21:19:14.0123 5092 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
21:19:14.0123 5092 volmgr - ok
21:19:14.0143 5092 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
21:19:14.0143 5092 volmgrx - ok
21:19:14.0163 5092 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
21:19:14.0163 5092 volsnap - ok
21:19:14.0183 5092 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
21:19:14.0203 5092 vsmraid - ok
21:19:14.0243 5092 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
21:19:14.0253 5092 VSS - ok
21:19:14.0273 5092 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
21:19:14.0273 5092 vwifibus - ok
21:19:14.0293 5092 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
21:19:14.0303 5092 W32Time - ok
21:19:14.0323 5092 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
21:19:14.0333 5092 WacomPen - ok
21:19:14.0363 5092 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
21:19:14.0363 5092 WANARP - ok
21:19:14.0373 5092 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
21:19:14.0373 5092 Wanarpv6 - ok
21:19:14.0423 5092 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
21:19:14.0433 5092 WatAdminSvc - ok
21:19:14.0473 5092 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
21:19:14.0513 5092 wbengine - ok
21:19:14.0533 5092 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
21:19:14.0553 5092 WbioSrvc - ok
21:19:14.0583 5092 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
21:19:14.0613 5092 wcncsvc - ok
21:19:14.0633 5092 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:19:14.0653 5092 WcsPlugInService - ok
21:19:14.0683 5092 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
21:19:14.0683 5092 Wd - ok
21:19:14.0713 5092 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
21:19:14.0713 5092 WdiServiceHost - ok
21:19:14.0723 5092 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
21:19:14.0723 5092 WdiSystemHost - ok
21:19:14.0753 5092 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
21:19:14.0763 5092 WebClient - ok
21:19:14.0773 5092 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
21:19:14.0803 5092 Wecsvc - ok
21:19:14.0823 5092 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
21:19:14.0823 5092 wercplsupport - ok
21:19:14.0863 5092 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
21:19:14.0863 5092 WerSvc - ok
21:19:14.0893 5092 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
21:19:14.0913 5092 WfpLwf - ok
21:19:14.0943 5092 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
21:19:14.0963 5092 WIMMount - ok
21:19:15.0013 5092 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
21:19:15.0023 5092 WinDefend - ok
21:19:15.0023 5092 WinHttpAutoProxySvc - ok
21:19:15.0073 5092 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
21:19:15.0073 5092 Winmgmt - ok
21:19:15.0123 5092 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
21:19:15.0133 5092 WinRM - ok
21:19:15.0183 5092 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
21:19:15.0183 5092 WinUsb - ok
21:19:15.0213 5092 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
21:19:15.0233 5092 Wlansvc - ok
21:19:15.0273 5092 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
21:19:15.0273 5092 WmiAcpi - ok
21:19:15.0283 5092 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
21:19:15.0313 5092 wmiApSrv - ok
21:19:15.0383 5092 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
21:19:15.0393 5092 WMPNetworkSvc - ok
21:19:15.0403 5092 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
21:19:15.0423 5092 WPCSvc - ok
21:19:15.0463 5092 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
21:19:15.0473 5092 WPDBusEnum - ok
21:19:15.0493 5092 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
21:19:15.0493 5092 ws2ifsl - ok
21:19:15.0503 5092 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\System32\wscsvc.dll
21:19:15.0513 5092 wscsvc - ok
21:19:15.0513 5092 WSearch - ok
21:19:15.0583 5092 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
21:19:15.0603 5092 wuauserv - ok
21:19:15.0613 5092 [ E714A1C0354636837E20CCBF00888EE7 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
21:19:15.0623 5092 WudfPf - ok
21:19:15.0663 5092 [ 1023EE888C9B47178C5293ED5336AB69 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
21:19:15.0673 5092 WUDFRd - ok
21:19:15.0703 5092 [ 8D1E1E529A2C9E9B6A85B55A345F7629 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
21:19:15.0703 5092 wudfsvc - ok
21:19:15.0723 5092 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
21:19:15.0743 5092 WwanSvc - ok
21:19:15.0763 5092 ================ Scan global ===============================
21:19:15.0793 5092 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
21:19:15.0813 5092 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\Windows\system32\winsrv.dll
21:19:15.0823 5092 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\Windows\system32\winsrv.dll
21:19:15.0853 5092 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
21:19:15.0873 5092 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
21:19:15.0873 5092 [Global] - ok
21:19:15.0873 5092 ================ Scan MBR ==================================
21:19:15.0893 5092 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
21:19:16.0303 5092 \Device\Harddisk0\DR0 - ok
21:19:16.0303 5092 ================ Scan VBR ==================================
21:19:16.0303 5092 [ E2341546964B29A3B154DD46DB9BE39A ] \Device\Harddisk0\DR0\Partition1
21:19:16.0313 5092 \Device\Harddisk0\DR0\Partition1 - ok
21:19:16.0323 5092 [ 54900E5E19A0A0757ABB76587B840D29 ] \Device\Harddisk0\DR0\Partition2
21:19:16.0323 5092 \Device\Harddisk0\DR0\Partition2 - ok
21:19:16.0323 5092 ============================================================
21:19:16.0323 5092 Scan finished
21:19:16.0323 5092 ============================================================
21:19:16.0333 5952 Detected object count: 0
21:19:16.0333 5952 Actual detected object count: 0
21:19:47.0133 5544 Deinitialize success


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-09-14 21:20:12
-----------------------------
21:20:12.243 OS Version: Windows 6.1.7601 Service Pack 1
21:20:12.243 Number of processors: 4 586 0x203
21:20:12.243 ComputerName: TOMAS-PC UserName: Tomas
21:20:13.253 Initialize success
21:22:39.343 AVAST engine defs: 12091400
21:23:18.773 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP3T0L0-4
21:23:18.773 Disk 0 Vendor: SAMSUNG_HD502IJ 1AA01112 Size: 476940MB BusType: 3
21:23:18.783 Disk 0 MBR read successfully
21:23:18.783 Disk 0 MBR scan
21:23:18.793 Disk 0 Windows 7 default MBR code
21:23:18.793 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 368922 MB offset 63
21:23:18.823 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 108015 MB offset 755553015
21:23:18.823 Disk 0 scanning sectors +976768065
21:23:18.883 Disk 0 scanning C:\Windows\system32\drivers
21:23:30.423 Service scanning
21:23:50.093 Modules scanning
21:23:56.323 Disk 0 trace - called modules:
21:23:56.343 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys
21:23:56.353 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x863db030]
21:23:56.353 3 CLASSPNP.SYS[8bdaa59e] -> nt!IofCallDriver -> [0x85e99f08]
21:23:56.363 5 ACPI.sys[833233d4] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP3T0L0-4[0x85ede610]
21:23:57.023 AVAST engine scan C:\Windows
21:23:59.393 AVAST engine scan C:\Windows\system32
21:27:30.323 AVAST engine scan C:\Windows\system32\drivers
21:27:43.903 AVAST engine scan C:\Users\Tomas
21:28:18.353 Disk 0 MBR has been saved successfully to "C:\Users\Tomas\Desktop\MBR.dat"
21:28:18.363 The log file has been saved successfully to "C:\Users\Tomas\Desktop\aswMBR.txt"

Eset list:
C:\Program Files\Browsers Protector\regmon32.exe a variant of Win32/TopMedia application cleaned by deleting - quarantined
C:\Program Files\Searchqu Toolbar\Datamngr\BrowserConnection.dll Win32/Toolbar.SearchSuite application cleaned by deleting (after the next restart) - quarantined
C:\Program Files\Searchqu Toolbar\Datamngr\datamngr.dll Win32/Toolbar.SearchSuite application cleaned by deleting (after the next restart) - quarantined
C:\Program Files\Searchqu Toolbar\Datamngr\datamngrUI.exe a variant of Win32/Toolbar.SearchSuite application cleaned by deleting - quarantined
C:\Program Files\Searchqu Toolbar\Datamngr\DnsBHO.dll Win32/Toolbar.SearchSuite application cleaned by deleting (after the next restart) - quarantined
C:\Program Files\Searchqu Toolbar\Datamngr\IEBHO.dll Win32/Toolbar.SearchSuite application cleaned by deleting (after the next restart) - quarantined
C:\Users\Tomas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YO3MZMAE\lietuva_com--win_net[1].htm HTML/ScrInject.B.Gen virus deleted - quarantined
C:\Users\Tomas\AppData\Local\Temp\chutil.dll a variant of Win32/TopMedia.A application cleaned by deleting - quarantined
C:\Users\Tomas\AppData\Local\Temp\NODDEAF.tmp Win32/Toolbar.SearchSuite application cleaned by deleting (after the next restart) - quarantined
C:\Users\Tomas\AppData\Local\Temp\NODE2D5.tmp Win32/Toolbar.SearchSuite application cleaned by deleting (after the next restart) - quarantined
C:\Users\Tomas\AppData\Local\Temp\NODE9B9.tmp Win32/Toolbar.SearchSuite application cleaned by deleting (after the next restart) - quarantined
C:\Users\Tomas\AppData\Local\Temp\NODECD6.tmp Win32/Toolbar.SearchSuite application cleaned by deleting (after the next restart) - quarantined
C:\Users\Tomas\AppData\Local\Temp\V.class probably a variant of Java/Exploit.CVE-2011-3544.BQ trojan cleaned by deleting - quarantined
C:\Users\Tomas\AppData\Local\Temp\Addons\3BAF93E5\babylon.exe Win32/Toolbar.Babylon application cleaned by deleting - quarantined
C:\Users\Tomas\AppData\Local\Temp\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbar4ie.exe Win32/Toolbar.Babylon application cleaned by deleting - quarantined
C:\Users\Tomas\AppData\Local\Temp\DC4A8E87-BAB0-7891-A6F2-B9F75B818C05\MyBabylonTB.exe Win32/Toolbar.Babylon application cleaned by deleting - quarantined
C:\Users\Tomas\AppData\Local\Temp\NERO1002529\unit_app_75\Toolbar.exe Win32/Toolbar.AskSBar application cleaned by deleting - quarantined
C:\Users\Tomas\AppData\Local\Temp\PromoEngineInstaller\chutil.dll Win32/TopMedia application cleaned by deleting - quarantined
C:\Users\Tomas\AppData\LocalLow\FunWebProducts\Installr\Cache\013F5B30.exe a variant of Win32/Toolbar.MyWebSearch.O application cleaned by deleting - quarantined

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:01 PM

Posted 14 September 2012 - 02:52 PM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log

#5 tomuksas

tomuksas
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:02:01 PM

Posted 15 September 2012 - 02:50 AM

I posted previuos mbaw scan log, because now he found nothing:
Malwarebytes Anti-Malware (Bandomasis) 1.62.0.1300
www.malwarebytes.org

zinomu kenkeju bazes versija: v2012.09.09.04

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Tomas :: TOMAS-PC [administratorius]

Apsauga: Ijungta

2012.09.09 19:07:48
mbam-log-2012-09-09 (19-07-48).txt

Skenavimo tipas: Greitas skenavimas
Ijungtos skenavimo opcijos: Atmintis | Paleistis | Registrai | Failu Systema | Heuristine/Papildoma | Heuristine/Shuriken | PUP | PUM
Isjungtos skenavimo opcijos: P2P
Nuskenuoti failai: 247527
Praejo laiko: 9 minute(-es), 25 sekunde(-es)

Aptikti(-as)Uzkrestas atminties procesas: 0
(Kenksmingu failu neaptikta)

Aptikti(-as) uzkrestas atminties modulis: 0
(Kenksmingu failu neaptikta)

Aptikti registro raktai: 18
HKCR\CLSID\{A4730EBE-43A6-443e-9776-36915D323AD3} (PUP.MyWebSearch) -> Sekmingai istaisyta ir perkelta i karantina.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EAB-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Sekmingai istaisyta ir perkelta i karantina.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (PUP.MyWebSearch) -> Sekmingai istaisyta ir perkelta i karantina.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (PUP.MyWebSearch) -> Sekmingai istaisyta ir perkelta i karantina.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8} (PUP.MyWebSearch) -> Sekmingai istaisyta ir perkelta i karantina.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481} (PUP.MyWebSearch) -> Sekmingai istaisyta ir perkelta i karantina.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AF847F-6E91-45dd-9B68-D6A12C30E5D7} (PUP.MyWebSearch) -> Sekmingai istaisyta ir perkelta i karantina.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907} (PUP.MyWebSearch) -> Sekmingai istaisyta ir perkelta i karantina.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48dd-9B6D-7A13A3E42127} (PUP.MyWebSearch) -> Sekmingai istaisyta ir perkelta i karantina.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40fd-8DAE-FF14757F60C7} (PUP.MyWebSearch) -> Sekmingai istaisyta ir perkelta i karantina.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA} (PUP.MyWebSearch) -> Sekmingai istaisyta ir perkelta i karantina.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} (PUP.VShareRedir) -> Sekmingai istaisyta ir perkelta i karantina.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Sekmingai istaisyta ir perkelta i karantina.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Live Security Platinum (Trojan.LameShield) -> Sekmingai istaisyta ir perkelta i karantina.
HKCU\SOFTWARE\MyWebSearch (PUP.MyWebSearch) -> Sekmingai istaisyta ir perkelta i karantina.
HKLM\SOFTWARE\FocusInteractive (PUP.MyWebSearch) -> Sekmingai istaisyta ir perkelta i karantina.
HKLM\SOFTWARE\Fun Web Products (PUP.MyWebSearch) -> Sekmingai istaisyta ir perkelta i karantina.
HKLM\SOFTWARE\MyWebSearch (PUP.MyWebSearch) -> Sekmingai istaisyta ir perkelta i karantina.

Aptiktos registro reiksmes: 0
(Kenksmingu failu neaptikta)

Aptiktos registro failu reiksmes: 4
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (Hijack.StartPage) -> Blogai: (http://startsear.ch/?aff=1&cf=3203dac0-3d46-11e1-85ea-001fc6df05c3) Gerai: (http://www.google.com) -> Sekmnigai pakeista ir perkelta i karantina.
HKLM\SOFTWARE\Microsoft\Security Center|AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Blogai: (1) Gerai: (0) -> Sekmnigai pakeista ir perkelta i karantina.
HKLM\SOFTWARE\Microsoft\Security Center|FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Blogai: (1) Gerai: (0) -> Sekmnigai pakeista ir perkelta i karantina.
HKLM\SOFTWARE\Microsoft\Security Center|UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Blogai: (1) Gerai: (0) -> Sekmnigai pakeista ir perkelta i karantina.

Aptikti katalogai: 13
C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Live Security Platinum (Rogue.LiveSecurityPlatinum) -> Sekmingai istaisyta ir perkelta i karantina.
C:\Program Files\FunWebProducts (PUP.MyWebSearch) -> Sekmingai istaisyta ir perkelta i karantina.
C:\Program Files\FunWebProducts\Installr (PUP.MyWebSearch) -> Sekmingai istaisyta ir perkelta i karantina.
C:\Program Files\FunWebProducts\Installr\1.bin (PUP.MyWebSearch) -> Sekmingai istaisyta ir perkelta i karantina.
C:\Program Files\FunWebProducts\Installr\1.bin\chrome (PUP.MyWebSearch) -> Sekmingai istaisyta ir perkelta i karantina.
C:\Program Files\FunWebProducts\ScreenSaver (PUP.MyWebSearch) -> Sekmingai istaisyta ir perkelta i karantina.
C:\Program Files\FunWebProducts\ScreenSaver\Images (PUP.MyWebSearch) -> Sekmingai istaisyta ir perkelta i karantina.
C:\Program Files\MyWebSearch (PUP.MyWebSearch) -> Sekmingai istaisyta ir perkelta i karantina.
C:\Program Files\MyWebSearch\bar (PUP.MyWebSearch) -> Sekmingai istaisyta ir perkelta i karantina.
C:\Program Files\MyWebSearch\bar\gen1 (PUP.MyWebSearch) -> Sekmingai istaisyta ir perkelta i karantina.
C:\Program Files\MyWebSearch\bar\History (PUP.MyWebSearch) -> Sekmingai istaisyta ir perkelta i karantina.
C:\Program Files\MyWebSearch\bar\Settings (PUP.MyWebSearch) -> Sekmingai istaisyta ir perkelta i karantina.
C:\Program Files\MyWebSearch\bar\wbnotify (PUP.MyWebSearch) -> Sekmingai istaisyta ir perkelta i karantina.

Aptikti failai: 8
C:\ProgramData\6C82ED49005825641AC00374E56C3443\6C82ED49005825641AC00374E56C3443.exe (Trojan.LameShield) -> Sekmingai istaisyta ir perkelta i karantina.
C:\ProgramData\6C82ED49005825641AC00374F875EF7E\6C82ED49005825641AC00374F875EF7E.exe (Trojan.LameShield) -> Sekmingai istaisyta ir perkelta i karantina.
C:\Users\Tomas\Local Settings\Temporary Internet Files\Content.IE5\CZN78UXU\A4U[1].exe (Trojan.Zbot) -> Sekmingai istaisyta ir perkelta i karantina.
C:\Users\Tomas\Desktop\Live Security Platinum.lnk (Rogue.LiveSecurityPlatinum) -> Sekmingai istaisyta ir perkelta i karantina.
C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Live Security Platinum\Live Security Platinum.lnk (Rogue.LiveSecurityPlatinum) -> Sekmingai istaisyta ir perkelta i karantina.
C:\Program Files\MyWebSearch\bar\gen1\COMMON.F3S (PUP.MyWebSearch) -> Sekmingai istaisyta ir perkelta i karantina.
C:\Program Files\MyWebSearch\bar\Settings\s_pid.dat (PUP.MyWebSearch) -> Sekmingai istaisyta ir perkelta i karantina.
C:\Program Files\MyWebSearch\bar\wbnotify\COMMON.F3S (PUP.MyWebSearch) -> Sekmingai istaisyta ir perkelta i karantina.

(pabaiga)



iniToolBox by Farbar Version: 23-07-2012
Ran by Tomas (administrator) on 15-09-2012 at 10:38:50
Microsoft Windows 7 Ultimate Service Pack 1 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

NVIDIA nForce 10/100/1000 Mbps Ethernet = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Tomas-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : NVIDIA nForce 10/100/1000 Mbps Ethernet
Physical Address. . . . . . . . . : 00-1F-C6-DF-05-C3
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::8c98:db03:b4ca:1b18%10(Preferred)
IPv4 Address. . . . . . . . . . . : 78.58.110.214(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.192.0
Lease Obtained. . . . . . . . . . : 2012 m. rugsejo 15 d. 10:16:13
Lease Expires . . . . . . . . . . : 2012 m. rugsejo 15 d. 10:43:44
Default Gateway . . . . . . . . . : 78.58.127.254
DHCP Server . . . . . . . . . . . : 85.206.18.9
DHCPv6 IAID . . . . . . . . . . . : 234889158
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-21-DF-0F-00-1F-C6-DF-05-C3
DNS Servers . . . . . . . . . . . : 212.59.1.1
212.59.2.2
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{E8AD8CA8-4E8E-4BC1-A44C-141A0A05B7DF}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter 6TO4 Adapter:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2002:4e3a:6ed6::4e3a:6ed6(Preferred)
Default Gateway . . . . . . . . . : 2002:c058:6301::c058:6301
DNS Servers . . . . . . . . . . . : 212.59.1.1
212.59.2.2
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Local Area Connection* 9:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:73b8:1c95:21ac:b1c5:9129(Preferred)
Link-local IPv6 Address . . . . . : fe80::1c95:21ac:b1c5:9129%12(Preferred)
Default Gateway . . . . . . . . . :
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: ns1-cache.teo.lt
Address: 212.59.1.1

Name: google.com
Addresses: 2a00:1450:4001:c01::8a
173.194.70.101
173.194.70.102
173.194.70.113
173.194.70.138
173.194.70.139
173.194.70.100


Pinging google.com [173.194.70.138] with 32 bytes of data:
Reply from 173.194.70.138: bytes=32 time=73ms TTL=49
Reply from 173.194.70.138: bytes=32 time=48ms TTL=49

Ping statistics for 173.194.70.138:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 48ms, Maximum = 73ms, Average = 60ms
Server: ns1-cache.teo.lt
Address: 212.59.1.1

Name: yahoo.com
Addresses: 98.138.253.109
98.139.183.24
72.30.38.140


Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=226ms TTL=50
Reply from 98.138.253.109: bytes=32 time=170ms TTL=51

Ping statistics for 98.138.253.109:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 170ms, Maximum = 226ms, Average = 198ms
Server: ns1-cache.teo.lt
Address: 212.59.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=8ms TTL=128
Reply from 127.0.0.1: bytes=32 time=2ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 2ms, Maximum = 8ms, Average = 5ms
===========================================================================
Interface List
10...00 1f c6 df 05 c3 ......NVIDIA nForce 10/100/1000 Mbps Ethernet
1...........................Software Loopback Interface 1
14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
11...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 78.58.127.254 78.58.110.214 20
78.58.64.0 255.255.192.0 On-link 78.58.110.214 276
78.58.110.214 255.255.255.255 On-link 78.58.110.214 276
78.58.127.255 255.255.255.255 On-link 78.58.110.214 276
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 78.58.110.214 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 78.58.110.214 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
11 1125 ::/0 2002:c058:6301::c058:6301
1 306 ::1/128 On-link
12 58 2001::/32 On-link
12 306 2001:0:5ef5:73b8:1c95:21ac:b1c5:9129/128
On-link
11 1025 2002::/16 On-link
11 281 2002:4e3a:6ed6::4e3a:6ed6/128
On-link
10 276 fe80::/64 On-link
12 306 fe80::/64 On-link
12 306 fe80::1c95:21ac:b1c5:9129/128
On-link
10 276 fe80::8c98:db03:b4ca:1b18/128
On-link
1 306 ff00::/8 On-link
12 306 ff00::/8 On-link
10 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\System32\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\System32\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [268832] (NVIDIA)
Catalog9 02 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [268832] (NVIDIA)
Catalog9 03 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [268832] (NVIDIA)
Catalog9 04 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [268832] (NVIDIA)
Catalog9 05 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [268832] (NVIDIA)
Catalog9 06 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [268832] (NVIDIA)
Catalog9 07 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 17 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [268832] (NVIDIA)
Catalog9 18 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [268832] (NVIDIA)
Catalog9 19 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/15/2012 09:22:02 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (09/13/2012 09:54:39 PM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 9.0.8112.16448 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1580

Start Time: 01cd91e120c8cc80

Termination Time: 5

Application Path: C:\Program Files\Internet Explorer\iexplore.exe

Report Id: 72cec0c1-fdd4-11e1-ba40-001fc6df05c3

Error: (09/13/2012 07:27:05 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (09/13/2012 06:22:38 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (09/13/2012 10:31:53 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (09/10/2012 00:40:58 PM) (Source: Application Error) (User: )
Description: Sugadintos taikomosios programos pavadinimas: svchost.exe_defragsvc, versija: 6.1.7600.16385, laiko zyma: 0x4a5bc100
Sugadinto modulio pavadinimas: ntdll.dll, versija: 6.1.7601.17725, laiko zyma 0x4ec49b60
Isimties kodas: 0xc0000005
Sugadintas poslinkis: 0x00012001
Sugadinto proceso identifikatorius: 0x94c
Sugadintos taikomosios programos paleidimo laikas: 0xsvchost.exe_defragsvc0
Sugadintos taikomosios programos kelias: svchost.exe_defragsvc1
Sugadinto modulio kelias: svchost.exe_defragsvc2
Ataskaitos identifikatorius: svchost.exe_defragsvc3

Error: (09/09/2012 10:23:29 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {560e1263-d17c-4889-b2fb-509221eace1c}

Error: (09/09/2012 08:41:05 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {cd19fa77-de4a-4d75-bd13-951c5bdb7a87}

Error: (09/09/2012 08:30:25 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {cd19fa77-de4a-4d75-bd13-951c5bdb7a87}

Error: (09/09/2012 11:59:12 AM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 9.0.8112.16448 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: b2c

Start Time: 01cd8e68b8395728

Termination Time: 40

Application Path: C:\Program Files\Internet Explorer\iexplore.exe

Report Id: 9bbe4dc9-fa5c-11e1-b517-001fc6df05c3


System errors:
=============
Error: (09/15/2012 10:16:23 AM) (Source: Service Control Manager) (User: )
Description: Nepavyko ikelti sio ikrovos paleidimo arba sistemos tvarkykliu:
cdrom
msisadrv
storflt
vdrvroot
vmbus

Error: (09/15/2012 10:16:11 AM) (Source: Service Control Manager) (User: )
Description: PEAUTH tarnybos nepavyko paleisti del sios klaidos:
%%1450

Error: (09/15/2012 10:16:11 AM) (Source: Service Control Manager) (User: )
Description: 5679 tarnybos nepavyko paleisti del sios klaidos:
%%2

Error: (09/15/2012 08:34:12 AM) (Source: Service Control Manager) (User: )
Description: Nepavyko ikelti sio ikrovos paleidimo arba sistemos tvarkykliu:
cdrom
msisadrv
storflt
vdrvroot
vmbus

Error: (09/15/2012 08:33:59 AM) (Source: Service Control Manager) (User: )
Description: PEAUTH tarnybos nepavyko paleisti del sios klaidos:
%%1450

Error: (09/15/2012 08:33:58 AM) (Source: Service Control Manager) (User: )
Description: 5679 tarnybos nepavyko paleisti del sios klaidos:
%%2

Error: (09/15/2012 08:32:07 AM) (Source: Service Control Manager) (User: )
Description: Nepavyko ikelti sio ikrovos paleidimo arba sistemos tvarkykliu:
cdrom
msisadrv
storflt
vdrvroot
vmbus

Error: (09/15/2012 08:31:56 AM) (Source: Service Control Manager) (User: )
Description: PEAUTH tarnybos nepavyko paleisti del sios klaidos:
%%1450

Error: (09/15/2012 08:31:53 AM) (Source: Service Control Manager) (User: )
Description: 5679 tarnybos nepavyko paleisti del sios klaidos:
%%2

Error: (09/14/2012 10:54:33 PM) (Source: Service Control Manager) (User: )
Description: Nepavyko ikelti sio ikrovos paleidimo arba sistemos tvarkykliu:
cdrom
msisadrv
storflt
vdrvroot
vmbus


Microsoft Office Sessions:
=========================
Error: (09/15/2012 09:22:02 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 80004005

Error: (09/13/2012 09:54:39 PM) (Source: Application Hang)(User: )
Description: iexplore.exe9.0.8112.16448158001cd91e120c8cc805C:\Program Files\Internet Explorer\iexplore.exe72cec0c1-fdd4-11e1-ba40-001fc6df05c3

Error: (09/13/2012 07:27:05 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80004005

Error: (09/13/2012 06:22:38 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80004005

Error: (09/13/2012 10:31:53 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 80004005

Error: (09/10/2012 00:40:58 PM) (Source: Application Error)(User: )
Description: svchost.exe_defragsvc6.1.7600.163854a5bc100ntdll.dll6.1.7601.177254ec49b60c00000050001200194c01cd8f382b042d58C:\Windows\system32\svchost.exeC:\Windows\SYSTEM32\ntdll.dll9fbaf9b0-fb2b-11e1-ba9a-001fc6df05c3

Error: (09/09/2012 10:23:29 PM) (Source: VSS)(User: )
Description: 0x80070005, Access is denied.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {560e1263-d17c-4889-b2fb-509221eace1c}

Error: (09/09/2012 08:41:05 PM) (Source: VSS)(User: )
Description: 0x80070005, Access is denied.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {cd19fa77-de4a-4d75-bd13-951c5bdb7a87}

Error: (09/09/2012 08:30:25 PM) (Source: VSS)(User: )
Description: 0x80070005, Access is denied.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {cd19fa77-de4a-4d75-bd13-951c5bdb7a87}

Error: (09/09/2012 11:59:12 AM) (Source: Application Hang)(User: )
Description: iexplore.exe9.0.8112.16448b2c01cd8e68b839572840C:\Program Files\Internet Explorer\iexplore.exe9bbe4dc9-fa5c-11e1-b517-001fc6df05c3


=========================== Installed Programs ============================

Драйвер Pinnacle Video Driver (Version: 12.1.0.030)
µTorrent (Version: 3.1.3)
85Play_Games Toolbar (Version: 6.9.0.16)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.271)
Adobe Flash Player 11 Plugin (Version: 11.3.300.271)
Adobe Shockwave Player 11.6 (Version: 11.6.5.635)
Apple Application Support (Version: 1.4.1)
Avid Studio (Version: 1.1.0.2887)
Avira Free Antivirus (Version: 12.0.0.1199)
BFlix (Version: 0.0.0.1)
Browsers Protector (Version: 1.0.0.0)
Call of Duty® 4 - Modern Warfare™ (Version: 1.00.0000)
CCleaner (Version: 3.11)
DAEMON Tools Lite (Version: 4.45.3.0297)
Darbo pabaigos laikrodis (Version: 0.9)
EA SPORTS Game Face Browser Plugin 1.5.3.0 (Version: 1.5.3.0)
EPSON Scan
EPSON SX210 Series spausdintuvo idiegties pasalinimas
ESET Online Scanner v3
Foxit Reader 5.0 (Version: 5.0.2.718)
Google Chrome (Version: 21.0.1180.89)
Google Update Helper (Version: 1.3.21.115)
Grand Theft Auto IV (Version: 1.0.0013.131)
High-Definition Video Playback 10 (Version: 7.0.11400.29.0)
ImagXpress (Version: 7.0.74.0)
IrfanView (remove only) (Version: 4.30)
Youtube Downloader HD v. 2.8
Java Auto Updater (Version: 2.1.5.1)
Java™ 7 Update 1 (Version: 7.0.10)
K-Lite Codec Pack 8.7.0 (Full) (Version: 8.7.0)
LEGO® Batman™ 2: DC Super Heroes DEMO (Version: 1.0.0.0)
LightScribe System Software (Version: 1.18.6.1)
LiveVDO plugin 1.3 (Version: 1.3)
Malwarebytes Anti-Malware versija 1.65.0.1400 (Version: 1.65.0.1400)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Games for Windows - LIVE Redistributable (Version: 2.0.672.0)
Microsoft Office 2003 Lithuanian User Interface Pack (Version: 11.0.5614.0)
Microsoft Office FrontPage 2003 (Version: 11.0.5614.0)
Microsoft Office Professional Edition 2003 (Version: 11.0.5614.0)
Microsoft Office Project Professional 2003 (Version: 11.0.5614.0)
Microsoft Primary Interoperability Assemblies 2005 (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Windows Media Video 9 VCM
Mozilla Firefox 13.0 (x86 en-US) (Version: 13.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
NBA 2K12 (Version: 1.0.0)
Nero 10 Menu TemplatePack Basic (Version: 10.0.10600.6.0)
Nero 10 Movie ThemePack Basic (Version: 10.0.10600.6.0)
Nero BackItUp 10 (Version: 5.4.11600.19.100)
Nero BackItUp 10 Help (CHM) (Version: 1.0.10700)
Nero Burning ROM 10 (Version: 10.0.11100.10.100)
Nero BurningROM 10 Help (CHM) (Version: 1.0.10700)
Nero BurnRights 10 (Version: 4.0.11000.12.100)
Nero BurnRights 10 Help (CHM) (Version: 1.0.10600)
Nero Control Center 10 (Version: 10.0.12000.1.4)
Nero ControlCenter 10 Help (CHM) (Version: 1.0.10700)
Nero Core Components 10 (Version: 2.0.13700.0.1)
Nero CoverDesigner 10 (Version: 5.0.10900.11.100)
Nero CoverDesigner 10 Help (CHM) (Version: 1.0.10600)
Nero DiscCopy Gadget 10 (Version: 3.0.10700.9.100)
Nero DiscCopyGadget 10 Help (CHM) (Version: 1.0.10600)
Nero DiscSpeed 10 (Version: 6.0.10800.7.100)
Nero DiscSpeed 10 Help (CHM) (Version: 1.0.10600)
Nero Dolby Files 10 (Version: 2.0.11000.0.10)
Nero Express 10 (Version: 10.0.11000.10.100)
Nero Express 10 Help (CHM) (Version: 1.0.10700)
Nero InfoTool 10 (Version: 7.0.10800.8.100)
Nero InfoTool 10 Help (CHM) (Version: 1.0.10600)
Nero MediaHub 10 (Version: 1.0.13400.11.100)
Nero MediaHub 10 Help (CHM) (Version: 1.0.10700)
Nero Multimedia Suite 10 (Version: 10.0.13100)
Nero Recode 10 (Version: 4.6.10900.4.100)
Nero Recode 10 Help (CHM) (Version: 1.0.10600)
Nero RescueAgent 10 (Version: 3.0.10900.9.100)
Nero RescueAgent 10 Help (CHM) (Version: 1.0.10700)
Nero SoundTrax 10 (Version: 4.6.10600.2.100)
Nero SoundTrax 10 Help (CHM) (Version: 1.0.10600)
Nero StartSmart 10 (Version: 10.0.11200.12.100)
Nero StartSmart 10 Help (CHM) (Version: 1.0.10700)
Nero Update (Version: 1.0.0017)
Nero Vision 10 (Version: 7.0.11100.8.100)
Nero Vision 10 Help (CHM) (Version: 1.0.10600)
Nero WaveEditor 10 (Version: 5.6.10600.2.100)
Nero WaveEditor 10 Help (CHM) (Version: 1.0.10600)
neroxml (Version: 1.0.0)
NVIDIA Control Panel 275.33 (Version: 275.33)
NVIDIA Drivers (Version: 1.5)
NVIDIA ForceWare Network Access Manager (Version: 1.00.7313)
NVIDIA Graphics Driver 275.33 (Version: 275.33)
NVIDIA Install Application (Version: 2.275.78.0)
NVIDIA Update 1.3.5 (Version: 1.3.5)
NVIDIA Update Components (Version: 1.3.5)
PC Camera(0028.2010.0804.1040) (Version: 0028.2010.0804.1040)
Pinnacle Studio 15 (Version: 15.0.0.7593)
Platform (Version: 1.34)
proDAD Mercalli 2.0 (Version: 2.0.88)
proDAD Vitascene 2.0 (Version: 2.0.106)
QuickTime (Version: 7.69.80.9)
Revo Uninstaller Pro 2.5.5 (Version: 2.5.5)
SAMSUNG Mobile Modem Driver Set
Samsung Mobile phone USB driver Drive Software
SAMSUNG Mobile USB Modem 1.0 Software
SAMSUNG Mobile USB Modem Software
Samsung PC Studio 3 (Version: 3.0.0.71207)
Samsung PC Studio 3 (Version: 3.2.1.71207)
Samsung PC Studio 3 USB Driver Installer (Version: 3.2.0.70701)
Searchqu Toolbar (Version: 3.0.0.122375)
Skype Click to Call (Version: 6.2.10687)
Skype™ 5.10 (Version: 5.10.116)
Studio Content Light, версия 1.0 (Version: 1.0)
swMSM (Version: 12.0.0.1)
Unity Web Player (Version: )
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
VIA Platform Device Manager (Version: 1.34)
VLC media player 1.0.5 (Version: 1.0.5)
Winamp (Version: 5.621 )
Winamp Detector Plug-in (Version: 1.0.0.1)
WinRAR 4.10 beta 1 (32-bit) (Version: 4.10.1)
World of Warcraft (Version: 3.2.2.10505)
Xilisoft Video Converter Ultimate (Version: 7.0.1.1219)
zMule (Version: 2.0.16)

========================= Memory info: ===================================

Percentage of memory in use: 36%
Total physical RAM: 3327.18 MB
Available physical RAM: 2125.63 MB
Total Pagefile: 6654.35 MB
Available Pagefile: 5261.17 MB
Total Virtual: 2047.88 MB
Available Virtual: 1929.1 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:360.28 GB) (Free:227.37 GB) NTFS
2 Drive d: () (Fixed) (Total:105.48 GB) (Free:27.45 GB) NTFS

========================= Users: ========================================

User accounts for \\TOMAS-PC

Administrator Guest Tomas
UpdatusUser


**** End of log ****



Farbar Service Scanner Version: 06-08-2012
Ran by Tomas (administrator) on 15-09-2012 at 10:40:37
Running from "C:\Users\Tomas\Desktop"
Microsoft Windows 7 Ultimate Service Pack 1 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is set to Disabled. The default start type is Auto.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is set to Disabled. The default start type is Auto.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Disabled. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Other Services:
==============


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcore.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\ipnathlp.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****




# AdwCleaner v2.001 - Logfile created 09/15/2012 at 10:41:53
# Updated 09/09/2012 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (32 bits)
# User : Tomas - TOMAS-PC
# Boot Mode : Normal
# Running from : C:\Users\Tomas\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\user.js
File Deleted : C:\Users\Tomas\AppData\Local\Temp\Searchqu.ini
File Deleted : C:\Users\Tomas\AppData\Local\Temp\searchqutoolbar-manifest.xml
File Deleted : C:\Users\Tomas\AppData\Local\Temp\SetupDataMngr_Searchqu.exe
File Deleted : C:\Users\Tomas\AppData\Local\Temp\Uninstall.exe
Folder Deleted : C:\Program Files\85Play_Games
Folder Deleted : C:\Program Files\Browsers Protector
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Program Files\Searchqu Toolbar
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\InstallMate
Folder Deleted : C:\ProgramData\Premium
Folder Deleted : C:\Users\Tomas\AppData\Local\Babylon
Folder Deleted : C:\Users\Tomas\AppData\Local\Conduit
Folder Deleted : C:\Users\Tomas\AppData\Local\Ilivid Player
Folder Deleted : C:\Users\Tomas\AppData\Local\Temp\BabylonToolbar
Folder Deleted : C:\Users\Tomas\AppData\LocalLow\85Play_Games
Folder Deleted : C:\Users\Tomas\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Tomas\AppData\LocalLow\FunWebProducts
Folder Deleted : C:\Users\Tomas\AppData\LocalLow\MyWebSearch
Folder Deleted : C:\Users\Tomas\AppData\LocalLow\Searchqutoolbar
Folder Deleted : C:\Users\Tomas\AppData\Roaming\Babylon
Folder Deleted : C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\ffxtlbr@babylon.com

***** [Registry] *****

Data Deleted : HKLM\..\Windows [AppInit_DLLs] = C:\PROGRA~1\SEARCH~1\Datamngr\datamngr.dll C:\PROGRA~1\SEARCH~1\Datamngr\IEBHO.dll
Key Deleted : HKCU\Software\AppDataLow\Software\85Play_Games
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\Fun Web Products
Key Deleted : HKCU\Software\AppDataLow\Software\FunWebProducts
Key Deleted : HKCU\Software\AppDataLow\Software\MyWebSearch
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\DataMngr_Toolbar
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7A5F72D2-9BBF-443F-9D35-26FC7E858E77}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D717F81-9148-4F12-8568-69135F087DB0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7A5F72D2-9BBF-443F-9D35-26FC7E858E77}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D717F81-9148-4F12-8568-69135F087DB0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\StartSearch
Key Deleted : HKLM\Software\85Play_Games
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7A5F72D2-9BBF-443F-9D35-26FC7E858E77}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9D717F81-9148-4F12-8568-69135F087DB0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F9750936-BBE1-4B83-99E5-428916EAE43B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FEFD3AF5-A346-4451-AA23-A3AD54915515}
Key Deleted : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard
Key Deleted : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{5B4144E1-B61D-495A-9A50-CD1A95D86D15}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{841D5A49-E48D-413C-9C28-EB3D9081D705}
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2697549
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pbiamblgmkgbcgbcgejjgebalncpmhnp
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5A4CC239-B1B1-4C97-B225-0C7E5CCE5552}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EC569DE7-FCAA-4100-A52A-E79FF771C80E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7A5F72D2-9BBF-443F-9D35-26FC7E858E77}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4F12-8568-69135F087DB0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{08858AF6-42AD-4914-95D2-AC3AB0DC8E28}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F9750936-BBE1-4B83-99E5-428916EAE43B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\85Play_Games Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\LiveVDO plugin
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Searchqu Toolbar
Key Deleted : HKLM\Software\SearchquMediabarTb
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{7A5F72D2-9BBF-443F-9D35-26FC7E858E77}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{7A5F72D2-9BBF-443F-9D35-26FC7E858E77}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{99079A25-328F-4BD4-BE04-00955ACAA0A7}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{7A5F72D2-9BBF-443F-9D35-26FC7E858E77}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [DataMngr]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

Restored : [HKCU\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-21-3063423568-1381549048-471529115-1003\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]

-\\ Mozilla Firefox v13.0 (en-US)

Profile name : default
File : C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\prefs.js

C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\user.js ... Deleted !

[OK] File is clean.

-\\ Google Chrome v [Unable to get version]

File : C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

-\\ Chromium v [Unable to get version]

File : C:\Users\Tomas\AppData\Local\Chromium\User Data\Default\Preferences

[OK] File is clean.

-\\ Opera v [Unable to get version]

File : C:\Users\Tomas\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [9613 octets] - [15/09/2012 10:41:53]

########## EOF - C:\AdwCleaner[S1].txt - [9673 octets] ##########

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:01 PM

Posted 15 September 2012 - 06:34 AM

Please run malwarebytes again and post the clean log

download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the text contents here

#7 tomuksas

tomuksas
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:02:01 PM

Posted 15 September 2012 - 10:38 AM

alwarebytes Anti-Malware (Bandomasis) 1.65.0.1400
www.malwarebytes.org

zinomu kenkeju bazes versija: v2012.09.15.01

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Tomas :: TOMAS-PC [administratorius]

Apsauga: Ijungta

2012.09.15 18:17:45
mbam-log-2012-09-15 (18-17-45).txt

Skenavimo tipas: Greitas skenavimas
Ijungtos skenavimo opcijos: Atmintis | Paleistis | Registrai | Failu Systema | Heuristine/Papildoma | Heuristine/Shuriken | PUP | PUM
Isjungtos skenavimo opcijos: P2P
Nuskenuoti failai: 250235
Praejo laiko: 13 minute(-es), 5 sekunde(-es)

Aptikti(-as)Uzkrestas atminties procesas: 0
(Kenksmingu failu neaptikta)

Aptikti(-as) uzkrestas atminties modulis: 0
(Kenksmingu failu neaptikta)

Aptikti registro raktai: 0
(Kenksmingu failu neaptikta)

Aptiktos registro reiksmes: 0
(Kenksmingu failu neaptikta)

Aptiktos registro failu reiksmes: 0
(Kenksmingu failu neaptikta)

Aptikti katalogai: 0
(Kenksmingu failu neaptikta)

Aptikti failai: 0
(Kenksmingu failu neaptikta)

(pabaiga)


Rkill 2.3.15 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 09/15/2012 06:31:46 PM in x86 mode.
Windows Version: Windows 7 Ultimate Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* Security Center (wscsvc) is not Running.
Startup Type set to: Disabled

* Windows Update (wuauserv) is not Running.
Startup Type set to: Disabled

Searching for Missing Digital Signatures:

* No issues found.

Program finished at: 09/15/2012 06:31:58 PM
Execution time: 0 hours(s), 0 minute(s), and 11 seconds(s)



"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "avgnt" "Avira System Tray Tool" "Avira Operations GmbH & Co. KG" "c:\program files\avira\antivir desktop\avgnt.exe"
+ "HDAudDeck" "VIA HD Audio CPL" "VIA" "c:\program files\via\viaudioi\vdeck\vdeck.exe"
+ "NBAgent" "Nero BackItUp" "Nero AG" "c:\program files\nero\nero 10\nero backitup\nbagent.exe"
+ "PAC7302_Monitor" "Registry Monitor" "PixArt Imaging Incorporation" "c:\windows\pixart\pac7302\monitor.exe"
+ "QuickTime Task" "QuickTime Task" "Apple Inc." "c:\program files\quicktime\qttask.exe"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files\common files\java\java update\jusched.exe"
+ "USBToolTip" "Pinnacle USB Tip - for Multi Media eXtensions" "Pinnacle Systems GmbH" "c:\program files\pinnacle\shared files\programs\usbtip\usbtip.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "LightScribe Control Panel" "" "Hewlett-Packard Company" "c:\program files\common files\lightscribe\lsrunonce.exe"
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "DAEMON Tools Lite" "DAEMON Tools Lite" "DT Soft Ltd" "c:\program files\daemon tools lite\dtlite.exe"
+ "EPSON SX210 Series" "EPSON Status Monitor 3" "SEIKO EPSON CORPORATION" "c:\windows\system32\spool\drivers\w32x86\3\e_fatifde.exe"
+ "LightScribe Control Panel" "" "Hewlett-Packard Company" "c:\program files\common files\lightscribe\lightscribecontrolpanel.exe"
+ "Sidebar" "Windows darbalaukio įtaisai" "Microsoft Corporation" "c:\program files\windows sidebar\sidebar.exe"
+ "uTorrent" "µTorrent" "BitTorrent, Inc." "d:\programos\utorrent\utorrent.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office11\msoxmlmf.dll"
"HKLM\SOFTWARE\Classes\Protocols\Handler" "" "" ""
+ "mso-offdap" "Microsoft Office XP Web Components" "Microsoft Corporation" "c:\program files\common files\microsoft shared\web components\10\owc10.dll"
+ "mso-offdap11" "Microsoft Office Web Components 2003" "Microsoft Corporation" "c:\program files\common files\microsoft shared\web components\11\owc11.dll"
+ "skype-ie-addon-data" "Skype Click to Call for Internet Explorer" "Skype Technologies S.A." "d:\programos\skype\toolbars\internet explorer\skypeieplugin.dll"
+ "skype4com" "Skype for COM API" "Skype Technologies" "c:\program files\common files\skype\skype4com.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "Cover Designer" "Cover Designer" "Nero AG" "c:\program files\nero\nero 9\nero coverdesigner\coveredextension.dll"
+ "NBShellHook Class" "Nero BackItUp" "Nero AG" "c:\program files\nero\nero 10\nero backitup\nbshell.dll"
+ "NeroShellExt Class" "Nero Burning ROM Shell Extension" "Nero AG" "c:\program files\common files\nero\neroshellext\neroshellext.dll"
+ "Shell Extension for Malware scanning" "Avira Shell Extension Library" "Avira Operations GmbH & Co. KG" "c:\program files\avira\antivir desktop\shlext.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "NeroShellExt Class" "Nero Burning ROM Shell Extension" "Nero AG" "c:\program files\common files\nero\neroshellext\neroshellext.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Šonines juostos paskirties vieta" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
+ "NvCplDesktopContext" "" "NVIDIA Corporation" "c:\windows\system32\nvshext.dll"
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "NeroDigitalColumnHandler Class" "" "" "File not found: C:\Program Files\Common Files\Nero\SMC\NeroDigitalExt.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
+ "NBShellHook Class" "Nero BackItUp" "Nero AG" "c:\program files\nero\nero 10\nero backitup\nbshell.dll"
+ "RUShellExt" "Revo Uninstaller Pro Extension" "VS Revo Group" "c:\program files\vs revo group\revo uninstaller pro\ruext.dll"
+ "Shell Extension for Malware scanning" "Avira Shell Extension Library" "Avira Operations GmbH & Co. KG" "c:\program files\avira\antivir desktop\shlext.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "NBShellHook" "Nero BackItUp" "Nero AG" "c:\program files\nero\nero 10\nero backitup\nbshell.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "bflix Class" "bflix - Add Joy to your facebook wall" "bflix" "c:\program files\bflix\bflix.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files\java\jre7\bin\jp2ssv.dll"
+ "Skype Browser Helper" "Skype Click to Call for Internet Explorer" "Skype Technologies S.A." "d:\programos\skype\toolbars\internet explorer\skypeieplugin.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "ßķäĺźń.Įąš" "" "" "File not found: C:\Program Files\Yandex\YandexBarIE\yndbar.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "Skype Click to Call" "Skype Click to Call for Internet Explorer" "Skype Technologies S.A." "d:\programos\skype\toolbars\internet explorer\skypeieplugin.dll"
"Task Scheduler" "" "" ""
+ "\Adobe Flash Player Updater" "Adobe® Flash® Player Update Service 11.3 r300" "Adobe Systems Incorporated" "c:\windows\system32\macromed\flash\flashplayerupdateservice.exe"
+ "\GoogleUpdateTaskMachineCore" "„Google“ diegimo programa" "„Google Inc.“" "c:\program files\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskMachineUA" "„Google“ diegimo programa" "„Google Inc.“" "c:\program files\google\update\googleupdate.exe"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media leistuvo tinklo bendro naudojimo paslaugos konfigūravimo programa" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
+ "\{A697994F-5351-41E8-A7A8-BC276AE6BFAD}" "Internet Explorer" "Microsoft Corporation" "c:\program files\internet explorer\iexplore.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\system32\macromed\flash\flashplayerupdateservice.exe"
+ "AntiVirSchedulerService" "Service to schedule Avira Free Antivirus jobs and updates." "Avira Operations GmbH & Co. KG" "c:\program files\avira\antivir desktop\sched.exe"
+ "AntiVirService" "Offers permanent protection against viruses and malware with the Avira search engine." "Avira Operations GmbH & Co. KG" "c:\program files\avira\antivir desktop\avguard.exe"
+ "EPSON_EB_RPCV4_01" "EPSON Status Monitor 3" "SEIKO EPSON CORPORATION" "c:\programdata\epson\epw!3 ssrp\e_s40st7.exe"
+ "EPSON_PM_RPCV4_01" "EPSON Status Monitor 3" "SEIKO EPSON CORPORATION" "c:\programdata\epson\epw!3 ssrp\e_s40rp7.exe"
+ "ForceWare Intelligent Application Manager (IAM)" "app_filter Module" "" "c:\program files\nvidia corporation\networkaccessmanager\bin32\nsvcappflt.exe"
+ "gupdate" "Nuolat naujina „Google“ programinę įrangą. Išjungus arba sustabdžius šią paslaugą, „Google“ programinė įranga nebus naujinama. Tai reiškia, kad gali nepavykti pašalinti galimų saugos pažeidimų ir funkcijos gali neveikti. Ši paslauga pasišalina pati, kai „Google“ programinė įranga jos nenaudoja." "„Google Inc.“" "c:\program files\google\update\googleupdate.exe"
+ "gupdatem" "Nuolat naujina „Google“ programinę įrangą. Išjungus arba sustabdžius šią paslaugą, „Google“ programinė įranga nebus naujinama. Tai reiškia, kad gali nepavykti pašalinti galimų saugos pažeidimų ir funkcijos gali neveikti. Ši paslauga pasišalina pati, kai „Google“ programinė įranga jos nenaudoja." "„Google Inc.“" "c:\program files\google\update\googleupdate.exe"
+ "LightScribeService" "Used by the LightScribe software components to support 3rd party disc labeling applications using the LightScribe COM Application Programming Interface (LSCAPI). This service needs to run for LightScribe direct disc labeling to work." "Hewlett-Packard Company" "c:\program files\common files\lightscribe\lssrvc.exe"
+ "MBAMScheduler" "Malwarebytes Anti-Malware scheduler" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamscheduler.exe"
+ "MBAMService" "Malwarebytes Anti-Malware service" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamservice.exe"
+ "NAUpdate" "Provides access to Nero application updates and manages Nero applications." "Nero AG" "c:\program files\nero\update\nasvc.exe"
+ "npggsvc" "nProtect GameGuard Service" "INCA Internet Co., Ltd." "c:\windows\system32\gamemon.des"
+ "nSvcIp" "NVIDIA Corporation" "" "c:\program files\nvidia corporation\networkaccessmanager\bin32\nsvcip.exe"
+ "nvsvc" "Provides system and desktop level support to the NVIDIA display driver" "NVIDIA Corporation" "c:\windows\system32\nvvsvc.exe"
+ "nvUpdatusService" "NVIDIA Settings Update Manager service, used to check new updates from NVIDIA server." "NVIDIA Corporation" "c:\program files\nvidia corporation\nvidia updatus\daemonu.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files\common files\microsoft shared\source engine\ose.exe"
+ "Skype C2C Service" "Skype Click to Call Update Service" "Skype Technologies S.A." "c:\programdata\skype\toolbars\skype c2c service\c2c_service.exe"
+ "SkypeUpdate" "Enables the detection, download and installation of updates for Skype." "Skype Technologies" "d:\programos\skype\updater\updater.exe"
+ "WMPNetworkSvc" "Leidžia bendrai naudotis Windows Media leistuvo bibliotekomis kitiems tinkle esantiems leistuvams ir medijos įrenginiams naudojant universalųjį įrenginį prijungti ir leisti" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "5679" "" "" "File not found: C:\Users\Tomas\AppData\Local\Temp\5679.sys"
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aic78xx" "Adaptec Ultra SCSI miniport" "Adaptec, Inc." "c:\windows\system32\drivers\djsvs.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows family" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "avgntflt" "Avira mini-filter driver" "Avira GmbH" "c:\windows\system32\drivers\avgntflt.sys"
+ "avipbb" "Avira Security Enhancement Driver" "Avira GmbH" "c:\windows\system32\drivers\avipbb.sys"
+ "avkmgr" "Avira Manager Driver" "Avira GmbH" "c:\windows\system32\drivers\avkmgr.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbdx.sys"
+ "b57nd60x" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60x.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "dtsoftbus01" "DAEMON Tools Virtual Bus Driver" "DT Soft Ltd" "c:\windows\system32\drivers\dtsoftbus01.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbdx.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "GGSAFERDriver" "GGSAFER Driver" "" "File not found: C:\Program Files\Garena Classic\safedrv.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - ia32" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "KMWDFILTERx86" "KMWDFilter Driver from UASSOFT.COM" "Windows ® Codename Longhorn DDK provider" "c:\windows\system32\drivers\kmwdfilter.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "MarvinBus" "Pinnacle Marvin Discrete Bus Enumerator" "Pinnacle Systems GmbH" "c:\windows\system32\drivers\marvinbus.sys"
+ "MBAMProtector" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\windows\system32\drivers\mbam.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7 for x86" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "MTsensor" "ATK0110 ACPI Utility" "" "c:\windows\system32\drivers\asacpi.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "NVENETFD" "NVIDIA MCP Networking Function Driver." "NVIDIA Corporation" "c:\windows\system32\drivers\nvm62x32.sys"
+ "nvlddmkm" "NVIDIA Windows Kernel Mode Driver, Version 186.34 " "NVIDIA Corporation" "c:\windows\system32\drivers\nvlddmkm.sys"
+ "NVNET" "NVIDIA MCP Networking Function Driver." "NVIDIA Corporation" "c:\windows\system32\drivers\nvmf6232.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvsmu" "NVIDIA nForce™ SMU Microcontroller Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvsmu.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "PAC7302" "PAC7302" "PixArt Imaging Inc." "c:\windows\system32\drivers\pac7302.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "Revoflt" "Revo Uninstaller Filter driver" "VS Revo Group" "c:\windows\system32\drivers\revoflt.sys"
+ "s115bus" "Sony Ericsson Device 115 Driver" "MCCI Corporation" "c:\windows\system32\drivers\s115bus.sys"
+ "s115mdfl" "Sony Ericsson Device 115 USB WMC Modem Filter" "MCCI Corporation" "c:\windows\system32\drivers\s115mdfl.sys"
+ "s115mdm" "Sony Ericsson Device 115 USB WMC Modem Driver" "MCCI Corporation" "c:\windows\system32\drivers\s115mdm.sys"
+ "s115mgmt" "Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM)" "MCCI Corporation" "c:\windows\system32\drivers\s115mgmt.sys"
+ "s115obex" "Sony Ericsson Device 115 USB WMC OBEX Interface" "MCCI Corporation" "c:\windows\system32\drivers\s115obex.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "ss_bus" "SAMSUNG Mobile USB Device 1.0 Driver" "MCCI Corporation" "c:\windows\system32\drivers\ss_bus.sys"
+ "ss_mdfl" "SAMSUNG Mobile USB Modem 1.0 Filter" "MCCI Corporation" "c:\windows\system32\drivers\ss_mdfl.sys"
+ "ss_mdm" "SAMSUNG Mobile USB Modem 1.0 Drivers" "MCCI Corporation" "c:\windows\system32\drivers\ss_mdm.sys"
+ "ssmdrv" "Avira Snapshot Driver" "Avira GmbH" "c:\windows\system32\drivers\ssmdrv.sys"
+ "StarOpen" "" "" "c:\windows\system32\drivers\staropen.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "Synth3dVsc" "" "" "File not found: System32\drivers\synth3dvsc.sys"
+ "tsusbhub" "@%SystemRoot%\system32\drivers\tsusbhub.sys,-2" "" "File not found: system32\drivers\tsusbhub.sys"
+ "VGPU" "" "" "File not found: System32\drivers\rdvgkmd.sys"
+ "VIAHdAudAddService" "VIA High Definition Audio Function Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viahduaa.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\system32\iccvid.dll"
+ "vidc.pDAD" "Video-Codec by proDAD" "proDAD GmbH" "c:\windows\system32\prodad-codec.dll"
"HKCU\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "PICVideo M-JPEG 3 Compressor" "PICVideo M-JPEG 3 codec" "Pegasus Imaging Corporation" "c:\program files\common files\pegasus imaging\pvmjpg30.dll"
+ "PICVideo M-JPEG 3 Decompressor" "PICVideo M-JPEG 3 codec" "Pegasus Imaging Corporation" "c:\program files\common files\pegasus imaging\pvmjpg30.dll"
+ "Pinnacle MP3 Encoder" "Pinnacle MP3 compressor" "Pinnacle Systems" "c:\program files\pinnacle\studio 15\programs\pclemp3encoder.ax"
+ "Pinnacle Systems MovieBox Deluxe Renderer" "PCLEMarvinAVRenderer - for MarvinBox USB" "Pinnacle Systems GmbH" "c:\program files\pinnacle\shared files\filter\marvinavrenderer.ax"
+ "Pinnacle(dicas) AMR Audio Encoder" "dsamraudenc" "dicas digital image coding GmbH" "c:\program files\pinnacle\studio 15\programs\pcleamraudenc.ax"
+ "Pinnacle(dicas) H263 Video Encoder" "dsh263videnc" "dicas digital image coding GmbH" "c:\program files\pinnacle\studio 15\programs\pcleh263videnc.ax"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "AC3File" "" "" "c:\program files\k-lite codec pack\filters\ac3file.ax"
+ "BorisFX Media Source" "" "" "c:\windows\system32\bfxsrcfilter.ax"
+ "DC-Bass Source" "DirectShow™ Audio Decoder" "http://www.dsp-worx.de" "c:\program files\k-lite codec pack\filters\dcbasssource.ax"
+ "DirectVobSub" "VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth" "MPC-HC Team" "c:\program files\k-lite codec pack\filters\vsfilter.dll"
+ "DirectVobSub (auto-loading version)" "VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth" "MPC-HC Team" "c:\program files\k-lite codec pack\filters\vsfilter.dll"
+ "DivX MKV Demux" "DivX MKV Splitter" "" "c:\program files\pinnacle\studio 15\import\programs\divx.divx9\divx_source_dmf_ds.ax"
+ "DivX MKV Demux (unrestricted)" "DivX MKV Splitter" "" "c:\program files\pinnacle\studio 15\import\programs\divx.divx9\divx_source_dmf_ds.ax"
+ "DivX Video Decoder 0004" "DivX® Decoder Filter" "DivX, Inc." "c:\program files\pinnacle\shared files\filter\divxdec.ax"
+ "ffdshow Audio Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\k-lite codec pack\ffdshow\ffdshow.ax"
+ "ffdshow Audio Processor" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\k-lite codec pack\ffdshow\ffdshow.ax"
+ "ffdshow DXVA Video Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\k-lite codec pack\ffdshow\ffdshow.ax"
+ "ffdshow raw video filter" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\k-lite codec pack\ffdshow\ffdshow.ax"
+ "ffdshow subtitles filter" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\k-lite codec pack\ffdshow\ffdshow.ax"
+ "ffdshow Video Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\k-lite codec pack\ffdshow\ffdshow.ax"
+ "File Source (Monkey Audio)" "" "" "c:\program files\k-lite codec pack\filters\monkeysource.ax"
+ "FunBox Audio Codec Filter" "FunBox Audio Codec Filter" "Mobile Leader" "c:\program files\samsung\samsung pc studio 3\funaudiocodecfilter.ax"
+ "FunBox Audio EQ Filter" "FunBox Audio Equalizer Filter" "Mobile Leader" "c:\program files\samsung\samsung pc studio 3\funeqfilter.ax"
+ "FunBox Conversion Filter" "FunBox Conversion Filter" "Mobile Leader" "c:\program files\samsung\samsung pc studio 3\funconvfilter.ax"
+ "FunBox Image Decoder Filter" "FunImgFilter Dynamic Link Library" "Mobile Leader" "c:\program files\samsung\samsung pc studio 3\funimgfilter.ax"
+ "FunBox Mp3 Decoder Filter" "FunMpgDecFilter Dynamic Link Library" "Mobile Leader" "c:\program files\samsung\samsung pc studio 3\funmp3decfilter.ax"
+ "FunBox MPEG Decoder Filter" "FunBox Decoder Filter" "Mobile Leader" "c:\program files\samsung\samsung pc studio 3\fundecfilter.ax"
+ "FunBox MPEG Encoder Filter" "FunBox Encoder Filter" "Mobile Leader" "c:\program files\samsung\samsung pc studio 3\funencfilter.ax"
+ "FunBox Mpg Decoder Filter" "FunMpgDecFilter Dynamic Link Library" "Mobile Leader" "c:\program files\samsung\samsung pc studio 3\funmpgdecfilter.ax"
+ "FunBox Mpg Grab Filter" "FunMpgGrabFilter Dynamic Link Library" "Mobile Leader" "c:\program files\samsung\samsung pc studio 3\funmpggrabfilter.ax"
+ "FunBox Ogg Decoder Filter" "FunOggDecFilter Dynamic Link Library" "Mobile Leader" "c:\program files\samsung\samsung pc studio 3\funoggdecfilter.ax"
+ "FunBox Sample Grabber Filter" "FunBox SampleGrabber Filter" "MobileLeader" "c:\program files\samsung\samsung pc studio 3\funsamplegrabberfilter.ax"
+ "FunBox Subtitle Filter" "FunBox Subtitle Filter" "Mobile Leader" "c:\program files\samsung\samsung pc studio 3\funsubfilter.ax"
+ "FunBox Video Adjust Filter" "FunBox Video Adjust Filter" "Mobile Leader" "c:\program files\samsung\samsung pc studio 3\funvideoadjustfilter.ax"
+ "FunBox Video Codec Filter" "FunBox Video Codec Filter" "Mobile Leader" "c:\program files\samsung\samsung pc studio 3\funvideocodecfilter.ax"
+ "FunBox Video Resize Filter" "FunBox Video Resize Filter" "Mobile Leader" "c:\program files\samsung\samsung pc studio 3\funvideoresizefilter.ax"
+ "Haali Matroska Muxer" "Haali Media Splitter" "" "c:\program files\k-lite codec pack\filters\haali\splitter.ax"
+ "Haali Media Splitter" "Haali Media Splitter" "" "c:\program files\k-lite codec pack\filters\haali\splitter.ax"
+ "Haali Media Splitter (AR)" "Haali Media Splitter" "" "c:\program files\k-lite codec pack\filters\haali\splitter.ax"
+ "Haali Simple Media Splitter" "Haali Media Splitter" "" "c:\program files\k-lite codec pack\filters\haali\splitter.ax"
+ "Haali Video Renderer" "" "" "c:\program files\k-lite codec pack\filters\haali\dxr.dll"
+ "Haali Video Sink" "Haali Media Splitter" "" "c:\program files\k-lite codec pack\filters\haali\splitter.ax"
+ "LAV Audio Decoder" "LAV Audio Decoder - DirectShow Audio Decoder" "1f0.de - Hendrik Leppkes" "c:\program files\k-lite codec pack\filters\lav\lavaudio.ax"
+ "LAV Splitter" "LAV Splitter - DirectShow Media Splitter" "1f0.de - Hendrik Leppkes" "c:\program files\k-lite codec pack\filters\lav\lavsplitter.ax"
+ "LAV Splitter Source" "LAV Splitter - DirectShow Media Splitter" "1f0.de - Hendrik Leppkes" "c:\program files\k-lite codec pack\filters\lav\lavsplitter.ax"
+ "LAV Video Decoder" "LAV Video Decoder - DirectShow Video Decoder" "1f0.de - Hendrik Leppkes" "c:\program files\k-lite codec pack\filters\lav\lavvideo.ax"
+ "madFlac Decoder" "DirectShow FLAC Decoder" "www.madshi.net" "c:\program files\k-lite codec pack\filters\madflac.ax"
+ "madFlac Source" "DirectShow FLAC Decoder" "www.madshi.net" "c:\program files\k-lite codec pack\filters\madflac.ax"
+ "madVR" "madshi's D3D9 based video renderer" "madshi.net" "c:\program files\k-lite codec pack\filters\madvr\madvr.ax"
+ "PICVideo M-JPEG 3 Compressor" "PICVideo M-JPEG 3 codec" "Pegasus Imaging Corporation" "c:\program files\common files\pegasus imaging\pvmjpg30.dll"
+ "PICVideo M-JPEG 3 Decompressor" "PICVideo M-JPEG 3 codec" "Pegasus Imaging Corporation" "c:\program files\common files\pegasus imaging\pvmjpg30.dll"
+ "Pinnacle MCE Multiplexer" "Pinnacle MPEG Codec - DirectX Filter" "Avid Development GmbH" "c:\program files\pinnacle\shared files\filter\pclempegbox.ax"
+ "Pinnacle MP3 Encoder" "Pinnacle MP3 compressor" "Pinnacle Systems" "c:\program files\pinnacle\studio 15\programs\pclemp3encoder.ax"
+ "Pinnacle MPEG 2 Decoder" "Pinnacle MPEG Codec - DirectX Filter" "Avid Development GmbH" "c:\program files\pinnacle\shared files\filter\pclempegbox.ax"
+ "Pinnacle MPEG 2 Encoder" "Pinnacle MPEG Codec - DirectX Filter" "Avid Development GmbH" "c:\program files\pinnacle\shared files\filter\pclempegbox.ax"
+ "Pinnacle MPEG 2 Splicer" "Pinnacle MPEG Codec - DirectX Filter" "Avid Development GmbH" "c:\program files\pinnacle\shared files\filter\pclempegbox.ax"
+ "Pinnacle MPEG 2/AVC Multiplexer" "Pinnacle MPEG Codec - DirectX Filter" "Avid Development GmbH" "c:\program files\pinnacle\shared files\filter\pclempegbox.ax"
+ "Pinnacle MPEG Adjust" "Pinnacle MPEG Codec - DirectX Filter" "Avid Development GmbH" "c:\program files\pinnacle\shared files\filter\pclempegbox.ax"
+ "Pinnacle MPEG Demuxer" "MPEG Demuxer Filter - Program stream demuxer" "Avid Development GmbH" "c:\program files\pinnacle\shared files\filter\pclempgdemux.ax"
+ "Pinnacle MPEG Layer-1/2 Audio Decoder" "Pinnacle MPEG Codec - DirectX Filter" "Avid Development GmbH" "c:\program files\pinnacle\shared files\filter\pclempegbox.ax"
+ "Pinnacle MPEG Layer-2 Audio Encoder" "Pinnacle MPEG Codec - DirectX Filter" "Avid Development GmbH" "c:\program files\pinnacle\shared files\filter\pclempegbox.ax"
+ "Pinnacle(dicas) AMR Audio Decoder" "dsamrauddec" "dicas digital image coding GmbH" "c:\program files\pinnacle\shared files\filter\pcleamrauddec.ax"
+ "Pinnacle(dicas) AMR Audio Encoder" "dsamraudenc" "dicas digital image coding GmbH" "c:\program files\pinnacle\studio 15\programs\pcleamraudenc.ax"
+ "Pinnacle(dicas) H263 Video Encoder" "dsh263videnc" "dicas digital image coding GmbH" "c:\program files\pinnacle\studio 15\programs\pcleh263videnc.ax"
+ "Pinnacle(dicas) MPEG-4 Audio Decoder" "dsmpeg4auddec" "dicas digital image coding GmbH" "c:\program files\pinnacle\shared files\filter\pclempeg4auddec.ax"
+ "Pinnacle(dicas) MPEG-4 File Reader" "dsmp4filereader" "dicas digital image coding GmbH" "c:\program files\pinnacle\shared files\filter\pclemp4filereader.ax"
+ "Pinnacle(dicas) MPEG-4 Video Decoder" "dsmpeg4viddec" "dicas digital image coding GmbH" "c:\program files\pinnacle\shared files\filter\pclempeg4viddec.ax"
+ "RadLight OptimFROG DirectShow Filter" "RLOFRDec" "RadLight" "c:\program files\k-lite codec pack\filters\rlofrdec.ax"
+ "RealMediaRenderer2" "Real Media Renderer 2" "Pinnacle Systems, Inc." "c:\program files\pinnacle\shared files\realvideo\pclermrenderer2.ax"
+ "SubPicture Filter" "SubPictu 동적 연결 라이브러리" "" "c:\program files\samsung\samsung pc studio 3\dexsubpicturefilter.dll"
+ "T" "VP7 Decompression Filter" "On2.com Inc." "c:\program files\k-lite codec pack\filters\vp7dec.ax"
+ "WAV Dest" "WAVDest Filter (Sample)" "Microsoft Corporation" "c:\program files\samsung\samsung pc studio 3\wavdest.ax"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries" "" "" ""
+ "NVIDIA App Filter IPv4" "NVIDIA IAM LSP" "NVIDIA" "c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll"
+ "NVIDIA App Filter IPv4 over [MSAFD Tcpip [RAW/IP]]" "NVIDIA IAM LSP" "NVIDIA" "c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll"
+ "NVIDIA App Filter IPv4 over [MSAFD Tcpip [TCP/IP]]" "NVIDIA IAM LSP" "NVIDIA" "c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll"
+ "NVIDIA App Filter IPv4 over [MSAFD Tcpip [UDP/IP]]" "NVIDIA IAM LSP" "NVIDIA" "c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll"
+ "NVIDIA App Filter IPv6" "NVIDIA IAM LSP" "NVIDIA" "c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll"
+ "NVIDIA App Filter IPv6 over [MSAFD Tcpip [RAW/IPv6]]" "NVIDIA IAM LSP" "NVIDIA" "c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll"
+ "NVIDIA App Filter IPv6 over [MSAFD Tcpip [TCP/IPv6]]" "NVIDIA IAM LSP" "NVIDIA" "c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll"
+ "NVIDIA App Filter IPv6 over [MSAFD Tcpip [UDP/IPv6]]" "NVIDIA IAM LSP" "NVIDIA" "c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "EPSON SX210 Series 32MonitorBE" "EPSON Bi-directional Monitor x86" "SEIKO EPSON CORPORATION" "c:\windows\system32\e_flbfde.dll"
"C:\Users\Tomas\AppData\Local\Microsoft\Windows Sidebar\Settings.ini" "" "" ""
+ "Laikrodis" "StebД—kite savo laiko juostos arba bet kurio pasaulio miesto laikД…." "Microsoft Corporation" "C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\lt-LT\Gadget.xml"

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:01 PM

Posted 15 September 2012 - 10:56 AM

Press Windows+R key and type

services.msc and click ok

Right click on

Security center
Automatic updates

Change the startup to Automatic and start them

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

#9 tomuksas

tomuksas
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:02:01 PM

Posted 15 September 2012 - 11:45 AM

Farbar Service Scanner Version: 06-08-2012
Ran by Tomas (administrator) on 15-09-2012 at 19:44:14
Running from "C:\Users\Tomas\Desktop"
Microsoft Windows 7 Ultimate Service Pack 1 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Disabled. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Other Services:
==============


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcore.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\ipnathlp.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:01 PM

Posted 15 September 2012 - 12:32 PM

That looks good

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp

update your flash player

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)

#11 tomuksas

tomuksas
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:02:01 PM

Posted 15 September 2012 - 01:33 PM

Thanks for help, but i still dont have sound ( i thought that virus deleted drivers but when i try to manually install it, it says that we cant find a hd device in your computer), also my cd-rom cant read disks(only bootable ones can read)... So i dont know what to do.

Edited by tomuksas, 15 September 2012 - 01:55 PM.


#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:01 PM

Posted 15 September 2012 - 01:57 PM

After restart here was no sound( we cant find an audio device), cd-rom cant read disks(only bootable ones), i cant open HD VDeck and i cant see virtual devices in my computer. I cant find found video, audio and game graph in devices and priters. Avira still found some sort of viruses, malwarebyte is blocking something... Any suggestions?


Do you have restore point before it worked?

Explain to me your current issues?

#13 tomuksas

tomuksas
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:02:01 PM

Posted 15 September 2012 - 02:10 PM

i dont think so. Well near sound device icon ix a red cross where is written "No audio output device is installed". I searched for that device in devices and printers but cant find. I tried to install a new one sound drivers but installiation is unsucessful and message says that we cant find an audio device. Also my cd-rom cant read disks. This happened when the fake antivirus(live platinum security) started to scan my pc, then i scaned with avira , deleted 2 infescted files, restarted pc and then turned off pc. After an hour or 2, my brother call me that here is no sound in a computer.

#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:01 PM

Posted 15 September 2012 - 02:20 PM

Lets look at audio issue first

Press Windows+R key and type

devmgmt.msc and click ok

Expand Sound,audio and video controllers.Do you find your audio drivers?

Press Windows+R key and type

services.msc and click ok

Right click on windows audio service-start it

Does that help?

#15 tomuksas

tomuksas
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:02:01 PM

Posted 15 September 2012 - 02:33 PM

In sound, video and game controllers here is only a USB audio device, which is working. I only find Windows audio and it is started. + i cant open my sound program HD VDeck. Here still no sound

Edited by tomuksas, 15 September 2012 - 02:59 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users