Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Roguekiller advice


  • Please log in to reply
16 replies to this topic

#1 Genex17

Genex17

  • Members
  • 80 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:06 AM

Posted 24 September 2012 - 07:48 PM

Greetings,

I had a bit of a scare last night. MBAM tagged three Windows/Installer .tmp files as spyware.password Long story short, I restored the files, updated the MBAM definitions the very next day and it cleared those files as not being infected.

While I should have not done so without being asked,I ran RogueKiller, and it pointed out to registry entries. The report is brief,but I would like to know if this HJDesk entry is a problem or not. Copied and pasted. If this goes elsewhere let me know. Thanks for your patience. Gene




RogueKiller V8.0.5 [09/23/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Gene [Admin rights]
Mode : Scan -- Date : 09/24/2012 17:35:42

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 2 ¤¤¤
[HJ DESK] HKCU\[...]\ClassicStartMenu : {59031A47-3F72-44A7-89C5-5595FE6B30EE} (1) -> FOUND
[HJ DESK] HKCU\[...]\NewStartPanel : {59031A47-3F72-44A7-89C5-5595FE6B30EE} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ Extern Hives: ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts



¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: ST9500325AS +++++
--- User ---
[MBR] 2f69629b3189da803695bf96af3c61ce
[BSP] 8dbf03f54e06d2cd0fa09cc560b81515 : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 39 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 81920 | Size: 20286 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 41627648 | Size: 456613 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[2].txt >>
RKreport[1].txt ; RKreport[2].txt

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:06 PM

Posted 24 September 2012 - 08:50 PM

Report is good

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 Genex17

Genex17
  • Topic Starter

  • Members
  • 80 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:06 AM

Posted 24 September 2012 - 09:28 PM

Thanks for your time,narenxp.

I ran TDSKiller and will post the logfile while I run the ESET scanner. The checkbox is on "remove threats" Did you want that on? I'll wait your reply.

No luck with aswMBR. It quit in both the Normal and Safe with Networking Mode.



18:57:54.0802 5436 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
18:57:55.0301 5436 ============================================================
18:57:55.0301 5436 Current date / time: 2012/09/24 18:57:55.0301
18:57:55.0301 5436 SystemInfo:
18:57:55.0301 5436
18:57:55.0301 5436 OS Version: 6.1.7601 ServicePack: 1.0
18:57:55.0301 5436 Product type: Workstation
18:57:55.0301 5436 ComputerName: MADOKA
18:57:55.0301 5436 UserName: Gene
18:57:55.0301 5436 Windows directory: C:\Windows
18:57:55.0301 5436 System windows directory: C:\Windows
18:57:55.0301 5436 Running under WOW64
18:57:55.0301 5436 Processor architecture: Intel x64
18:57:55.0301 5436 Number of processors: 4
18:57:55.0301 5436 Page size: 0x1000
18:57:55.0301 5436 Boot type: Normal boot
18:57:55.0301 5436 ============================================================
18:57:55.0769 5436 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:57:55.0785 5436 ============================================================
18:57:55.0785 5436 \Device\Harddisk0\DR0:
18:57:55.0785 5436 MBR partitions:
18:57:55.0785 5436 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x279F000
18:57:55.0785 5436 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x27B3000, BlocksNum 0x37BD2800
18:57:55.0785 5436 ============================================================
18:57:55.0800 5436 C: <-> \Device\Harddisk0\DR0\Partition2
18:57:55.0800 5436 ============================================================
18:57:55.0800 5436 Initialize success
18:57:55.0800 5436 ============================================================
18:58:58.0637 2464 ============================================================
18:58:58.0637 2464 Scan started
18:58:58.0637 2464 Mode: Manual; TDLFS;
18:58:58.0637 2464 ============================================================
18:58:58.0871 2464 ================ Scan system memory ========================
18:58:58.0871 2464 System memory - ok
18:58:58.0871 2464 ================ Scan services =============================
18:58:59.0012 2464 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
18:58:59.0027 2464 1394ohci - ok
18:58:59.0043 2464 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
18:58:59.0059 2464 ACPI - ok
18:58:59.0074 2464 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
18:58:59.0074 2464 AcpiPmi - ok
18:58:59.0152 2464 [ D44BCAF639E4E45307C2BC80715273D5 ] adfs C:\Windows\system32\drivers\adfs.sys
18:58:59.0152 2464 adfs - ok
18:58:59.0246 2464 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:58:59.0246 2464 AdobeARMservice - ok
18:58:59.0402 2464 [ E12CFCF1DDBFC50948A75E6E38793225 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:58:59.0402 2464 AdobeFlashPlayerUpdateSvc - ok
18:58:59.0433 2464 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
18:58:59.0449 2464 adp94xx - ok
18:58:59.0495 2464 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
18:58:59.0495 2464 adpahci - ok
18:58:59.0511 2464 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
18:58:59.0511 2464 adpu320 - ok
18:58:59.0542 2464 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
18:58:59.0542 2464 AeLookupSvc - ok
18:58:59.0589 2464 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
18:58:59.0589 2464 AFD - ok
18:58:59.0636 2464 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
18:58:59.0636 2464 agp440 - ok
18:58:59.0651 2464 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
18:58:59.0651 2464 ALG - ok
18:58:59.0667 2464 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
18:58:59.0667 2464 aliide - ok
18:58:59.0683 2464 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
18:58:59.0683 2464 amdide - ok
18:58:59.0698 2464 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
18:58:59.0698 2464 AmdK8 - ok
18:58:59.0714 2464 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
18:58:59.0714 2464 AmdPPM - ok
18:58:59.0745 2464 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
18:58:59.0745 2464 amdsata - ok
18:58:59.0761 2464 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
18:58:59.0761 2464 amdsbs - ok
18:58:59.0776 2464 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
18:58:59.0776 2464 amdxata - ok
18:58:59.0823 2464 [ 157B1C973637919DCD0D0464167C86BA ] AMPPAL C:\Windows\system32\DRIVERS\AMPPAL.sys
18:58:59.0823 2464 AMPPAL - ok
18:58:59.0839 2464 [ 157B1C973637919DCD0D0464167C86BA ] AMPPALP C:\Windows\system32\DRIVERS\amppal.sys
18:58:59.0839 2464 AMPPALP - ok
18:58:59.0979 2464 [ FB70F8C1283C8CC6BFAA6F9971107E68 ] AMPPALR3 C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
18:58:59.0995 2464 AMPPALR3 - ok
18:59:00.0041 2464 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
18:59:00.0041 2464 AppID - ok
18:59:00.0073 2464 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
18:59:00.0073 2464 AppIDSvc - ok
18:59:00.0088 2464 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
18:59:00.0088 2464 Appinfo - ok
18:59:00.0119 2464 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
18:59:00.0119 2464 arc - ok
18:59:00.0135 2464 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
18:59:00.0135 2464 arcsas - ok
18:59:00.0229 2464 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
18:59:00.0229 2464 aspnet_state - ok
18:59:00.0260 2464 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
18:59:00.0260 2464 AsyncMac - ok
18:59:00.0307 2464 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
18:59:00.0307 2464 atapi - ok
18:59:00.0353 2464 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:59:00.0369 2464 AudioEndpointBuilder - ok
18:59:00.0400 2464 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
18:59:00.0416 2464 AudioSrv - ok
18:59:00.0447 2464 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
18:59:00.0463 2464 AxInstSV - ok
18:59:00.0494 2464 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
18:59:00.0509 2464 b06bdrv - ok
18:59:00.0541 2464 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
18:59:00.0541 2464 b57nd60a - ok
18:59:00.0572 2464 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
18:59:00.0572 2464 BDESVC - ok
18:59:00.0587 2464 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
18:59:00.0587 2464 Beep - ok
18:59:00.0619 2464 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
18:59:00.0634 2464 BFE - ok
18:59:00.0681 2464 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
18:59:00.0712 2464 BITS - ok
18:59:00.0743 2464 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
18:59:00.0743 2464 blbdrive - ok
18:59:00.0853 2464 [ 05981C3E51D827ED6B8101A54B05E392 ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
18:59:00.0868 2464 Bluetooth Device Monitor - ok
18:59:00.0915 2464 [ BBFAF63BF768047FE2441B4139E803E3 ] Bluetooth Media Service C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
18:59:00.0931 2464 Bluetooth Media Service - ok
18:59:00.0993 2464 [ 41D8F56E6BBE0111244D87BE2FA90374 ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
18:59:01.0009 2464 Bluetooth OBEX Service - ok
18:59:01.0071 2464 [ 73686FE0B2E0469F89FD2075BE724704 ] Bonjour Service C:\Program Files (x86)\Bonjour\mDNSResponder.exe
18:59:01.0071 2464 Bonjour Service - ok
18:59:01.0102 2464 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
18:59:01.0102 2464 bowser - ok
18:59:01.0133 2464 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
18:59:01.0133 2464 BrFiltLo - ok
18:59:01.0149 2464 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
18:59:01.0149 2464 BrFiltUp - ok
18:59:01.0165 2464 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
18:59:01.0165 2464 Browser - ok
18:59:01.0180 2464 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
18:59:01.0180 2464 Brserid - ok
18:59:01.0227 2464 [ 34F6C504B150F99DAE69D7073D2A4DF4 ] BrSerIf C:\Windows\system32\DRIVERS\BrSerIf.sys
18:59:01.0227 2464 BrSerIf - ok
18:59:01.0227 2464 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
18:59:01.0227 2464 BrSerWdm - ok
18:59:01.0243 2464 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
18:59:01.0243 2464 BrUsbMdm - ok
18:59:01.0243 2464 [ 601CB966FFFEBC6806626DC8E7AA0EF2 ] BrUsbSer C:\Windows\system32\DRIVERS\BrUsbSer.sys
18:59:01.0258 2464 BrUsbSer - ok
18:59:01.0289 2464 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
18:59:01.0289 2464 BthEnum - ok
18:59:01.0321 2464 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
18:59:01.0321 2464 BTHMODEM - ok
18:59:01.0352 2464 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
18:59:01.0352 2464 BthPan - ok
18:59:01.0383 2464 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
18:59:01.0399 2464 BTHPORT - ok
18:59:01.0430 2464 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
18:59:01.0430 2464 bthserv - ok
18:59:01.0461 2464 [ FA2D081709A764F6BEE16B7FFE03E36C ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
18:59:01.0461 2464 BTHSSecurityMgr - ok
18:59:01.0477 2464 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
18:59:01.0477 2464 BTHUSB - ok
18:59:01.0492 2464 [ 988CC6CC49303665D3B2435C51505C3F ] btmaux C:\Windows\system32\DRIVERS\btmaux.sys
18:59:01.0492 2464 btmaux - ok
18:59:01.0523 2464 [ 2B4B508AFAC2A563931AF1FE875A5B16 ] btmhsf C:\Windows\system32\DRIVERS\btmhsf.sys
18:59:01.0555 2464 btmhsf - ok
18:59:01.0570 2464 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
18:59:01.0570 2464 cdfs - ok
18:59:01.0617 2464 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
18:59:01.0633 2464 cdrom - ok
18:59:01.0664 2464 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
18:59:01.0679 2464 CertPropSvc - ok
18:59:01.0695 2464 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
18:59:01.0695 2464 circlass - ok
18:59:01.0726 2464 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
18:59:01.0726 2464 CLFS - ok
18:59:01.0789 2464 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:59:01.0789 2464 clr_optimization_v2.0.50727_32 - ok
18:59:01.0820 2464 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:59:01.0820 2464 clr_optimization_v2.0.50727_64 - ok
18:59:01.0867 2464 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:59:01.0867 2464 clr_optimization_v4.0.30319_32 - ok
18:59:01.0898 2464 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:59:01.0898 2464 clr_optimization_v4.0.30319_64 - ok
18:59:01.0945 2464 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
18:59:01.0945 2464 CmBatt - ok
18:59:01.0960 2464 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
18:59:01.0960 2464 cmdide - ok
18:59:01.0991 2464 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
18:59:02.0007 2464 CNG - ok
18:59:02.0054 2464 [ 97238AC8006C14EAF80E374D3B81C2B3 ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys
18:59:02.0101 2464 CnxtHdAudService - ok
18:59:02.0147 2464 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
18:59:02.0147 2464 Compbatt - ok
18:59:02.0179 2464 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
18:59:02.0179 2464 CompositeBus - ok
18:59:02.0194 2464 COMSysApp - ok
18:59:02.0241 2464 [ 474425A857CD259222F649922DB45870 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
18:59:02.0241 2464 cphs - ok
18:59:02.0303 2464 [ D0C2CAA17C7B6D2200E1B5AA9D07135E ] cpuz135 C:\Program Files (x86)\CPUID\PC Wizard 2012\pcwiz_x64.sys
18:59:02.0303 2464 cpuz135 - ok
18:59:02.0350 2464 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
18:59:02.0350 2464 crcdisk - ok
18:59:02.0397 2464 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
18:59:02.0397 2464 CryptSvc - ok
18:59:02.0475 2464 [ BC3D4F90978CD7C8EABD1BAF3BF7873A ] CtClsFlt C:\Windows\system32\DRIVERS\CtClsFlt.sys
18:59:02.0475 2464 CtClsFlt - ok
18:59:02.0537 2464 [ 9A59DF2CA690019FEA3B265D5A7EB619 ] CxUtilSvc C:\Program Files\Conexant\SA3\CxUtilSvc.exe
18:59:02.0537 2464 CxUtilSvc - ok
18:59:02.0584 2464 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
18:59:02.0600 2464 DcomLaunch - ok
18:59:02.0615 2464 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
18:59:02.0631 2464 defragsvc - ok
18:59:02.0693 2464 [ 88D5FE2109F1A52CF69BA410082A833A ] DellDigitalDelivery C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
18:59:02.0693 2464 DellDigitalDelivery - ok
18:59:02.0725 2464 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
18:59:02.0725 2464 DfsC - ok
18:59:02.0756 2464 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
18:59:02.0771 2464 Dhcp - ok
18:59:02.0803 2464 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
18:59:02.0803 2464 discache - ok
18:59:02.0818 2464 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
18:59:02.0834 2464 Disk - ok
18:59:02.0849 2464 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
18:59:02.0865 2464 Dnscache - ok
18:59:02.0896 2464 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
18:59:02.0896 2464 dot3svc - ok
18:59:02.0912 2464 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
18:59:02.0912 2464 DPS - ok
18:59:02.0959 2464 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
18:59:02.0959 2464 drmkaud - ok
18:59:03.0005 2464 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
18:59:03.0037 2464 DXGKrnl - ok
18:59:03.0083 2464 [ D00EAE9C735A7DEE8049E50D73D25434 ] eamonm C:\Windows\system32\DRIVERS\eamonm.sys
18:59:03.0083 2464 eamonm - ok
18:59:03.0115 2464 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
18:59:03.0115 2464 EapHost - ok
18:59:03.0193 2464 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
18:59:03.0302 2464 ebdrv - ok
18:59:03.0317 2464 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
18:59:03.0317 2464 EFS - ok
18:59:03.0364 2464 [ E5EDDE3C8158DD0CBC5812F201DCDED0 ] ehdrv C:\Windows\system32\DRIVERS\ehdrv.sys
18:59:03.0380 2464 ehdrv - ok
18:59:03.0442 2464 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
18:59:03.0442 2464 ehRecvr - ok
18:59:03.0458 2464 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
18:59:03.0458 2464 ehSched - ok
18:59:03.0536 2464 [ AD4FAADE819E0DA9933BEA7C01D2C763 ] ekrn C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
18:59:03.0551 2464 ekrn - ok
18:59:03.0583 2464 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
18:59:03.0614 2464 elxstor - ok
18:59:03.0645 2464 [ 3EBB7FD3C605262B942868A1D840F4F1 ] epfwwfpr C:\Windows\system32\DRIVERS\epfwwfpr.sys
18:59:03.0645 2464 epfwwfpr - ok
18:59:03.0661 2464 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
18:59:03.0661 2464 ErrDev - ok
18:59:03.0707 2464 [ 3B1F66A4E400D7ACF90D233D47DE6C7E ] ETD C:\Windows\system32\DRIVERS\ETD.sys
18:59:03.0707 2464 ETD - ok
18:59:03.0723 2464 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
18:59:03.0739 2464 EventSystem - ok
18:59:03.0832 2464 [ 52AE29A233832E0C704FD7FC534AF9FB ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
18:59:03.0832 2464 EvtEng - ok
18:59:03.0863 2464 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
18:59:03.0863 2464 exfat - ok
18:59:03.0895 2464 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
18:59:03.0895 2464 fastfat - ok
18:59:03.0941 2464 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
18:59:03.0957 2464 Fax - ok
18:59:03.0988 2464 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
18:59:03.0988 2464 fdc - ok
18:59:04.0019 2464 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
18:59:04.0019 2464 fdPHost - ok
18:59:04.0035 2464 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
18:59:04.0051 2464 FDResPub - ok
18:59:04.0082 2464 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
18:59:04.0082 2464 FileInfo - ok
18:59:04.0097 2464 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
18:59:04.0097 2464 Filetrace - ok
18:59:04.0160 2464 [ 1F63900E2EB00101B9ACA2B7A870704E ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
18:59:04.0175 2464 FLEXnet Licensing Service - ok
18:59:04.0238 2464 [ 1C3FB052A0BB72EDAED90785C34D6EED ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
18:59:04.0253 2464 FLEXnet Licensing Service 64 - ok
18:59:04.0285 2464 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
18:59:04.0285 2464 flpydisk - ok
18:59:04.0316 2464 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
18:59:04.0316 2464 FltMgr - ok
18:59:04.0363 2464 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
18:59:04.0394 2464 FontCache - ok
18:59:04.0441 2464 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:59:04.0441 2464 FontCache3.0.0.0 - ok
18:59:04.0456 2464 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
18:59:04.0456 2464 FsDepends - ok
18:59:04.0487 2464 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
18:59:04.0487 2464 Fs_Rec - ok
18:59:04.0503 2464 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
18:59:04.0519 2464 fvevol - ok
18:59:04.0519 2464 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
18:59:04.0534 2464 gagp30kx - ok
18:59:04.0565 2464 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
18:59:04.0597 2464 gpsvc - ok
18:59:04.0643 2464 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:59:04.0643 2464 gupdate - ok
18:59:04.0643 2464 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:59:04.0643 2464 gupdatem - ok
18:59:04.0675 2464 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
18:59:04.0675 2464 hcw85cir - ok
18:59:04.0690 2464 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
18:59:04.0690 2464 HDAudBus - ok
18:59:04.0721 2464 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
18:59:04.0721 2464 HidBatt - ok
18:59:04.0737 2464 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
18:59:04.0737 2464 HidBth - ok
18:59:04.0768 2464 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
18:59:04.0768 2464 HidIr - ok
18:59:04.0784 2464 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
18:59:04.0799 2464 hidserv - ok
18:59:04.0815 2464 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
18:59:04.0815 2464 HidUsb - ok
18:59:04.0846 2464 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
18:59:04.0846 2464 hkmsvc - ok
18:59:04.0862 2464 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:59:04.0862 2464 HomeGroupListener - ok
18:59:04.0893 2464 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:59:04.0909 2464 HomeGroupProvider - ok
18:59:04.0924 2464 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
18:59:04.0924 2464 HpSAMD - ok
18:59:04.0955 2464 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
18:59:04.0987 2464 HTTP - ok
18:59:04.0987 2464 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
18:59:04.0987 2464 hwpolicy - ok
18:59:05.0033 2464 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
18:59:05.0033 2464 i8042prt - ok
18:59:05.0096 2464 [ D1753C06EE17E29352B065EACF3F10D0 ] iaStor C:\Windows\system32\drivers\iaStor.sys
18:59:05.0096 2464 iaStor - ok
18:59:05.0174 2464 [ 545462D0DBE24AF379BA869B7C185CCD ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
18:59:05.0189 2464 IAStorDataMgrSvc - ok
18:59:05.0221 2464 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
18:59:05.0236 2464 iaStorV - ok
18:59:05.0252 2464 [ 9E3D44CE737388F6BBBB6DD4A1C1847C ] ibtfltcoex C:\Windows\system32\DRIVERS\iBtFltCoex.sys
18:59:05.0252 2464 ibtfltcoex - ok
18:59:05.0299 2464 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:59:05.0314 2464 idsvc - ok
18:59:05.0611 2464 [ 72A89FFAB63239771DEE03C15AE7CAFD ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
18:59:05.0891 2464 igfx - ok
18:59:05.0938 2464 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
18:59:05.0938 2464 iirsp - ok
18:59:05.0969 2464 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
18:59:06.0001 2464 IKEEXT - ok
18:59:06.0063 2464 [ 4552B448CF9C00BA2A94032AF35BD9FC ] ImeDictUpdateService C:\Program Files\Common Files\Microsoft Shared\IME14\SHARED\IMEDICTUPDATE.EXE
18:59:06.0063 2464 ImeDictUpdateService - ok
18:59:06.0125 2464 [ A387D6DE360C3B2284B23000B212910A ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
18:59:06.0141 2464 intaud_WaveExtensible - ok
18:59:06.0172 2464 [ 6C9FFFECA9FED31347D211C5D1FFBD2D ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
18:59:06.0188 2464 IntcDAud - ok
18:59:06.0250 2464 [ 7C76466F4E0F76CE259C6005D161E9E8 ] Intel® Capability Licensing Service Interface c:\Program Files\Intel\iCLS Client\HeciServer.exe
18:59:06.0250 2464 Intel® Capability Licensing Service Interface - ok
18:59:06.0266 2464 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
18:59:06.0266 2464 intelide - ok
18:59:06.0297 2464 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
18:59:06.0297 2464 intelppm - ok
18:59:06.0328 2464 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
18:59:06.0328 2464 IPBusEnum - ok
18:59:06.0359 2464 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:59:06.0359 2464 IpFilterDriver - ok
18:59:06.0406 2464 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
18:59:06.0422 2464 iphlpsvc - ok
18:59:06.0437 2464 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
18:59:06.0437 2464 IPMIDRV - ok
18:59:06.0453 2464 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
18:59:06.0453 2464 IPNAT - ok
18:59:06.0469 2464 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
18:59:06.0469 2464 IRENUM - ok
18:59:06.0484 2464 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
18:59:06.0484 2464 isapnp - ok
18:59:06.0515 2464 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
18:59:06.0515 2464 iScsiPrt - ok
18:59:06.0562 2464 [ 846354992EBB373F452EB9182D501B08 ] iusb3hcs C:\Windows\system32\drivers\iusb3hcs.sys
18:59:06.0562 2464 iusb3hcs - ok
18:59:06.0609 2464 [ 1D88A23853387D34D52CC8F9DDBFC56C ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys
18:59:06.0625 2464 iusb3hub - ok
18:59:06.0671 2464 [ FC5EFD7C797DF19DFB999F0605A7924E ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys
18:59:06.0687 2464 iusb3xhc - ok
18:59:06.0703 2464 [ 716F66336F10885D935B08174DC54242 ] iwdbus C:\Windows\system32\DRIVERS\iwdbus.sys
18:59:06.0718 2464 iwdbus - ok
18:59:06.0734 2464 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
18:59:06.0734 2464 kbdclass - ok
18:59:06.0749 2464 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
18:59:06.0749 2464 kbdhid - ok
18:59:06.0781 2464 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
18:59:06.0796 2464 KeyIso - ok
18:59:06.0812 2464 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
18:59:06.0812 2464 KSecDD - ok
18:59:06.0827 2464 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
18:59:06.0827 2464 KSecPkg - ok
18:59:06.0843 2464 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
18:59:06.0843 2464 ksthunk - ok
18:59:06.0874 2464 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
18:59:06.0874 2464 KtmRm - ok
18:59:06.0921 2464 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
18:59:06.0937 2464 LanmanServer - ok
18:59:06.0968 2464 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:59:06.0968 2464 LanmanWorkstation - ok
18:59:06.0999 2464 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
18:59:06.0999 2464 lltdio - ok
18:59:07.0030 2464 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
18:59:07.0046 2464 lltdsvc - ok
18:59:07.0061 2464 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
18:59:07.0061 2464 lmhosts - ok
18:59:07.0108 2464 [ 5C08357C65F658E29B5DDC2EF18D575C ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
18:59:07.0108 2464 LMS - ok
18:59:07.0155 2464 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
18:59:07.0155 2464 LSI_FC - ok
18:59:07.0171 2464 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
18:59:07.0171 2464 LSI_SAS - ok
18:59:07.0186 2464 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
18:59:07.0186 2464 LSI_SAS2 - ok
18:59:07.0202 2464 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
18:59:07.0202 2464 LSI_SCSI - ok
18:59:07.0217 2464 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
18:59:07.0217 2464 luafv - ok
18:59:07.0280 2464 [ B9FC4CCE5758B816F27DD4D1EED11841 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
18:59:07.0280 2464 MBAMProtector - ok
18:59:07.0358 2464 [ 0DCF16B1449811EFA47AB52CAC84093C ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
18:59:07.0373 2464 MBAMScheduler - ok
18:59:07.0436 2464 [ 9EAABA4D601004BEA4DAA6E146E19A96 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
18:59:07.0436 2464 MBAMService - ok
18:59:07.0467 2464 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
18:59:07.0483 2464 Mcx2Svc - ok
18:59:07.0498 2464 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
18:59:07.0498 2464 megasas - ok
18:59:07.0529 2464 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
18:59:07.0529 2464 MegaSR - ok
18:59:07.0576 2464 [ 6B01B7414A105B9E51652089A03027CF ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
18:59:07.0576 2464 MEIx64 - ok
18:59:07.0607 2464 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
18:59:07.0623 2464 MMCSS - ok
18:59:07.0623 2464 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
18:59:07.0623 2464 Modem - ok
18:59:07.0654 2464 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
18:59:07.0654 2464 monitor - ok
18:59:07.0685 2464 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
18:59:07.0685 2464 mouclass - ok
18:59:07.0717 2464 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\drivers\mouhid.sys
18:59:07.0717 2464 mouhid - ok
18:59:07.0732 2464 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
18:59:07.0748 2464 mountmgr - ok
18:59:07.0810 2464 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:59:07.0810 2464 MozillaMaintenance - ok
18:59:07.0826 2464 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
18:59:07.0826 2464 mpio - ok
18:59:07.0857 2464 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
18:59:07.0857 2464 mpsdrv - ok
18:59:07.0904 2464 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
18:59:07.0935 2464 MpsSvc - ok
18:59:07.0951 2464 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
18:59:07.0951 2464 MRxDAV - ok
18:59:07.0982 2464 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
18:59:07.0982 2464 mrxsmb - ok
18:59:07.0997 2464 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:59:08.0013 2464 mrxsmb10 - ok
18:59:08.0029 2464 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:59:08.0029 2464 mrxsmb20 - ok
18:59:08.0060 2464 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
18:59:08.0060 2464 msahci - ok
18:59:08.0091 2464 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
18:59:08.0107 2464 msdsm - ok
18:59:08.0122 2464 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
18:59:08.0138 2464 MSDTC - ok
18:59:08.0153 2464 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
18:59:08.0153 2464 Msfs - ok
18:59:08.0169 2464 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
18:59:08.0169 2464 mshidkmdf - ok
18:59:08.0185 2464 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
18:59:08.0185 2464 msisadrv - ok
18:59:08.0200 2464 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
18:59:08.0216 2464 MSiSCSI - ok
18:59:08.0216 2464 msiserver - ok
18:59:08.0247 2464 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
18:59:08.0247 2464 MSKSSRV - ok
18:59:08.0278 2464 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
18:59:08.0278 2464 MSPCLOCK - ok
18:59:08.0294 2464 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
18:59:08.0294 2464 MSPQM - ok
18:59:08.0325 2464 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
18:59:08.0325 2464 MsRPC - ok
18:59:08.0356 2464 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
18:59:08.0356 2464 mssmbios - ok
18:59:08.0372 2464 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
18:59:08.0372 2464 MSTEE - ok
18:59:08.0372 2464 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
18:59:08.0372 2464 MTConfig - ok
18:59:08.0387 2464 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
18:59:08.0387 2464 Mup - ok
18:59:08.0419 2464 [ 4D02A9A4AAE43280D8631F232AAD79BC ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
18:59:08.0419 2464 MyWiFiDHCPDNS - ok
18:59:08.0465 2464 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
18:59:08.0465 2464 napagent - ok
18:59:08.0512 2464 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
18:59:08.0528 2464 NativeWifiP - ok
18:59:08.0559 2464 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
18:59:08.0606 2464 NDIS - ok
18:59:08.0621 2464 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
18:59:08.0621 2464 NdisCap - ok
18:59:08.0653 2464 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
18:59:08.0653 2464 NdisTapi - ok
18:59:08.0684 2464 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
18:59:08.0684 2464 Ndisuio - ok
18:59:08.0699 2464 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
18:59:08.0699 2464 NdisWan - ok
18:59:08.0715 2464 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
18:59:08.0715 2464 NDProxy - ok
18:59:08.0731 2464 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
18:59:08.0731 2464 NetBIOS - ok
18:59:08.0746 2464 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
18:59:08.0746 2464 NetBT - ok
18:59:08.0762 2464 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
18:59:08.0762 2464 Netlogon - ok
18:59:08.0809 2464 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
18:59:08.0824 2464 Netman - ok
18:59:08.0871 2464 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:59:08.0871 2464 NetMsmqActivator - ok
18:59:08.0871 2464 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:59:08.0871 2464 NetPipeActivator - ok
18:59:08.0902 2464 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
18:59:08.0933 2464 netprofm - ok
18:59:08.0933 2464 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:59:08.0933 2464 NetTcpActivator - ok
18:59:08.0949 2464 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:59:08.0949 2464 NetTcpPortSharing - ok
18:59:09.0199 2464 [ 262225F08B891FD7F16B3B93A3177C1F ] NETwNs64 C:\Windows\system32\DRIVERS\Netwsw00.sys
18:59:09.0433 2464 NETwNs64 - ok
18:59:09.0448 2464 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
18:59:09.0448 2464 nfrd960 - ok
18:59:09.0479 2464 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
18:59:09.0479 2464 NlaSvc - ok
18:59:09.0573 2464 [ B1EF4686961986DFFB7FE8F18E6FCB5B ] nlsX86cc C:\Windows\SysWOW64\nlssrv32.exe
18:59:09.0573 2464 nlsX86cc - ok
18:59:09.0589 2464 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
18:59:09.0589 2464 Npfs - ok
18:59:09.0604 2464 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
18:59:09.0604 2464 nsi - ok
18:59:09.0620 2464 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
18:59:09.0620 2464 nsiproxy - ok
18:59:09.0698 2464 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
18:59:09.0745 2464 Ntfs - ok
18:59:09.0776 2464 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
18:59:09.0776 2464 Null - ok
18:59:09.0807 2464 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
18:59:09.0807 2464 nvraid - ok
18:59:09.0838 2464 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
18:59:09.0854 2464 nvstor - ok
18:59:09.0885 2464 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
18:59:09.0885 2464 nv_agp - ok
18:59:09.0901 2464 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
18:59:09.0901 2464 ohci1394 - ok
18:59:09.0947 2464 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:59:09.0947 2464 ose - ok
18:59:10.0088 2464 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
18:59:10.0103 2464 osppsvc - ok
18:59:10.0135 2464 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
18:59:10.0150 2464 p2pimsvc - ok
18:59:10.0166 2464 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
18:59:10.0181 2464 p2psvc - ok
18:59:10.0213 2464 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
18:59:10.0213 2464 Parport - ok
18:59:10.0244 2464 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
18:59:10.0244 2464 partmgr - ok
18:59:10.0259 2464 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
18:59:10.0275 2464 PcaSvc - ok
18:59:10.0291 2464 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
18:59:10.0291 2464 pci - ok
18:59:10.0322 2464 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
18:59:10.0322 2464 pciide - ok
18:59:10.0337 2464 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
18:59:10.0337 2464 pcmcia - ok
18:59:10.0369 2464 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
18:59:10.0369 2464 pcw - ok
18:59:10.0400 2464 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
18:59:10.0415 2464 PEAUTH - ok
18:59:10.0447 2464 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
18:59:10.0447 2464 PerfHost - ok
18:59:10.0493 2464 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
18:59:10.0556 2464 pla - ok
18:59:10.0587 2464 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
18:59:10.0587 2464 PlugPlay - ok
18:59:10.0603 2464 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
18:59:10.0603 2464 PNRPAutoReg - ok
18:59:10.0618 2464 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
18:59:10.0634 2464 PNRPsvc - ok
18:59:10.0665 2464 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
18:59:10.0681 2464 PolicyAgent - ok
18:59:10.0727 2464 [ A2CCA4FB273E6050F17A0A416CFF2FCD ] Power C:\Windows\system32\umpo.dll
18:59:10.0727 2464 Power - ok
18:59:10.0743 2464 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
18:59:10.0759 2464 PptpMiniport - ok
18:59:10.0774 2464 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
18:59:10.0774 2464 Processor - ok
18:59:10.0805 2464 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
18:59:10.0805 2464 ProfSvc - ok
18:59:10.0821 2464 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:59:10.0821 2464 ProtectedStorage - ok
18:59:10.0852 2464 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
18:59:10.0852 2464 Psched - ok
18:59:10.0899 2464 [ 788CB65D49D1162C5EE6814AFE5B0A70 ] PSI_SVC_2_x64 c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
18:59:10.0899 2464 PSI_SVC_2_x64 - ok
18:59:10.0961 2464 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
18:59:11.0008 2464 ql2300 - ok
18:59:11.0024 2464 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
18:59:11.0024 2464 ql40xx - ok
18:59:11.0039 2464 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
18:59:11.0055 2464 QWAVE - ok
18:59:11.0071 2464 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
18:59:11.0071 2464 QWAVEdrv - ok
18:59:11.0071 2464 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
18:59:11.0071 2464 RasAcd - ok
18:59:11.0102 2464 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
18:59:11.0117 2464 RasAgileVpn - ok
18:59:11.0133 2464 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
18:59:11.0149 2464 RasAuto - ok
18:59:11.0164 2464 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
18:59:11.0164 2464 Rasl2tp - ok
18:59:11.0180 2464 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
18:59:11.0195 2464 RasMan - ok
18:59:11.0211 2464 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
18:59:11.0211 2464 RasPppoe - ok
18:59:11.0227 2464 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
18:59:11.0227 2464 RasSstp - ok
18:59:11.0242 2464 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
18:59:11.0258 2464 rdbss - ok
18:59:11.0289 2464 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
18:59:11.0289 2464 rdpbus - ok
18:59:11.0320 2464 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
18:59:11.0320 2464 RDPCDD - ok
18:59:11.0336 2464 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
18:59:11.0336 2464 RDPENCDD - ok
18:59:11.0351 2464 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
18:59:11.0351 2464 RDPREFMP - ok
18:59:11.0383 2464 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
18:59:11.0383 2464 RDPWD - ok
18:59:11.0414 2464 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
18:59:11.0414 2464 rdyboost - ok
18:59:11.0476 2464 [ C480D028012881E0136962A49379688D ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
18:59:11.0492 2464 RegSrvc - ok
18:59:11.0507 2464 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
18:59:11.0523 2464 RemoteAccess - ok
18:59:11.0539 2464 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
18:59:11.0539 2464 RemoteRegistry - ok
18:59:11.0570 2464 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
18:59:11.0585 2464 RFCOMM - ok
18:59:11.0601 2464 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
18:59:11.0601 2464 RpcEptMapper - ok
18:59:11.0617 2464 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
18:59:11.0632 2464 RpcLocator - ok
18:59:11.0663 2464 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
18:59:11.0663 2464 RpcSs - ok
18:59:11.0695 2464 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
18:59:11.0695 2464 rspndr - ok
18:59:11.0726 2464 [ 40817D2DA49866C55781DB7601ABCEC1 ] RSUSBVSTOR C:\Windows\system32\Drivers\RTSUVSTOR.sys
18:59:11.0726 2464 RSUSBVSTOR - ok
18:59:11.0773 2464 [ C5CD940EFFADE1F6246730BCA14E9FE6 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
18:59:11.0788 2464 RTL8167 - ok
18:59:11.0804 2464 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
18:59:11.0804 2464 SamSs - ok
18:59:11.0819 2464 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
18:59:11.0835 2464 sbp2port - ok
18:59:11.0851 2464 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
18:59:11.0851 2464 SCardSvr - ok
18:59:11.0882 2464 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
18:59:11.0882 2464 scfilter - ok
18:59:11.0913 2464 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
18:59:11.0960 2464 Schedule - ok
18:59:11.0975 2464 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
18:59:11.0975 2464 SCPolicySvc - ok
18:59:11.0991 2464 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
18:59:11.0991 2464 SDRSVC - ok
18:59:12.0007 2464 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
18:59:12.0007 2464 secdrv - ok
18:59:12.0022 2464 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
18:59:12.0022 2464 seclogon - ok
18:59:12.0053 2464 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
18:59:12.0053 2464 SENS - ok
18:59:12.0053 2464 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
18:59:12.0053 2464 SensrSvc - ok
18:59:12.0100 2464 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
18:59:12.0100 2464 Serenum - ok
18:59:12.0116 2464 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
18:59:12.0116 2464 Serial - ok
18:59:12.0131 2464 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
18:59:12.0131 2464 sermouse - ok
18:59:12.0163 2464 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
18:59:12.0163 2464 SessionEnv - ok
18:59:12.0163 2464 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
18:59:12.0163 2464 sffdisk - ok
18:59:12.0163 2464 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
18:59:12.0178 2464 sffp_mmc - ok
18:59:12.0178 2464 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
18:59:12.0178 2464 sffp_sd - ok
18:59:12.0178 2464 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
18:59:12.0178 2464 sfloppy - ok
18:59:12.0209 2464 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
18:59:12.0209 2464 SharedAccess - ok
18:59:12.0225 2464 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:59:12.0241 2464 ShellHWDetection - ok
18:59:12.0256 2464 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
18:59:12.0256 2464 SiSRaid2 - ok
18:59:12.0272 2464 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
18:59:12.0287 2464 SiSRaid4 - ok
18:59:12.0303 2464 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
18:59:12.0303 2464 Smb - ok
18:59:12.0334 2464 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
18:59:12.0334 2464 SNMPTRAP - ok
18:59:12.0350 2464 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
18:59:12.0350 2464 spldr - ok
18:59:12.0381 2464 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
18:59:12.0412 2464 Spooler - ok
18:59:12.0506 2464 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
18:59:12.0537 2464 sppsvc - ok
18:59:12.0553 2464 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
18:59:12.0553 2464 sppuinotify - ok
18:59:12.0568 2464 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
18:59:12.0584 2464 srv - ok
18:59:12.0599 2464 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
18:59:12.0615 2464 srv2 - ok
18:59:12.0631 2464 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
18:59:12.0631 2464 srvnet - ok
18:59:12.0662 2464 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
18:59:12.0677 2464 SSDPSRV - ok
18:59:12.0677 2464 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
18:59:12.0693 2464 SstpSvc - ok
18:59:12.0709 2464 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
18:59:12.0709 2464 stexstor - ok
18:59:12.0740 2464 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
18:59:12.0740 2464 StillCam - ok
18:59:12.0787 2464 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
18:59:12.0802 2464 stisvc - ok
18:59:12.0833 2464 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
18:59:12.0833 2464 swenum - ok
18:59:12.0927 2464 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
18:59:12.0927 2464 SwitchBoard - ok
18:59:12.0958 2464 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
18:59:12.0989 2464 swprv - ok
18:59:13.0036 2464 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
18:59:13.0099 2464 SysMain - ok
18:59:13.0114 2464 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:59:13.0130 2464 TabletInputService - ok
18:59:13.0130 2464 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
18:59:13.0145 2464 TapiSrv - ok
18:59:13.0145 2464 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
18:59:13.0161 2464 TBS - ok
18:59:13.0239 2464 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
18:59:13.0301 2464 Tcpip - ok
18:59:13.0364 2464 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
18:59:13.0379 2464 TCPIP6 - ok
18:59:13.0411 2464 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
18:59:13.0411 2464 tcpipreg - ok
18:59:13.0426 2464 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
18:59:13.0426 2464 TDPIPE - ok
18:59:13.0457 2464 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
18:59:13.0457 2464 TDTCP - ok
18:59:13.0473 2464 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
18:59:13.0473 2464 tdx - ok
18:59:13.0489 2464 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
18:59:13.0504 2464 TermDD - ok
18:59:13.0535 2464 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
18:59:13.0567 2464 TermService - ok
18:59:13.0567 2464 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
18:59:13.0582 2464 Themes - ok
18:59:13.0582 2464 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
18:59:13.0598 2464 THREADORDER - ok
18:59:13.0598 2464 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
18:59:13.0598 2464 TrkWks - ok
18:59:13.0645 2464 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:59:13.0660 2464 TrustedInstaller - ok
18:59:13.0676 2464 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
18:59:13.0676 2464 tssecsrv - ok
18:59:13.0707 2464 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
18:59:13.0707 2464 TsUsbFlt - ok
18:59:13.0707 2464 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
18:59:13.0707 2464 TsUsbGD - ok
18:59:13.0738 2464 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
18:59:13.0738 2464 tunnel - ok
18:59:13.0769 2464 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
18:59:13.0769 2464 uagp35 - ok
18:59:13.0785 2464 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
18:59:13.0801 2464 udfs - ok
18:59:13.0832 2464 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
18:59:13.0832 2464 UI0Detect - ok
18:59:13.0847 2464 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
18:59:13.0847 2464 uliagpkx - ok
18:59:13.0863 2464 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
18:59:13.0863 2464 umbus - ok
18:59:13.0863 2464 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
18:59:13.0863 2464 UmPass - ok
18:59:13.0894 2464 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
18:59:13.0894 2464 upnphost - ok
18:59:13.0910 2464 [ 19AD7990C0B67E48DAC5B26F99628223 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
18:59:13.0910 2464 usbccgp - ok
18:59:13.0941 2464 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
18:59:13.0941 2464 usbcir - ok
18:59:13.0957 2464 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
18:59:13.0957 2464 usbehci - ok
18:59:14.0003 2464 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
18:59:14.0003 2464 usbhub - ok
18:59:14.0019 2464 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
18:59:14.0035 2464 usbohci - ok
18:59:14.0050 2464 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
18:59:14.0050 2464 usbprint - ok
18:59:14.0097 2464 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
18:59:14.0097 2464 usbscan - ok
18:59:14.0113 2464 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:59:14.0113 2464 USBSTOR - ok
18:59:14.0128 2464 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
18:59:14.0128 2464 usbuhci - ok
18:59:14.0144 2464 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
18:59:14.0159 2464 usbvideo - ok
18:59:14.0175 2464 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
18:59:14.0175 2464 UxSms - ok
18:59:14.0206 2464 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
18:59:14.0206 2464 VaultSvc - ok
18:59:14.0237 2464 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
18:59:14.0237 2464 vdrvroot - ok
18:59:14.0269 2464 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
18:59:14.0284 2464 vds - ok
18:59:14.0300 2464 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
18:59:14.0315 2464 vga - ok
18:59:14.0315 2464 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
18:59:14.0331 2464 VgaSave - ok
18:59:14.0347 2464 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
18:59:14.0347 2464 vhdmp - ok
18:59:14.0362 2464 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
18:59:14.0362 2464 viaide - ok
18:59:14.0378 2464 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
18:59:14.0378 2464 volmgr - ok
18:59:14.0393 2464 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
18:59:14.0393 2464 volmgrx - ok
18:59:14.0425 2464 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
18:59:14.0425 2464 volsnap - ok
18:59:14.0440 2464 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
18:59:14.0456 2464 vsmraid - ok
18:59:14.0518 2464 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
18:59:14.0565 2464 VSS - ok
18:59:14.0565 2464 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
18:59:14.0565 2464 vwifibus - ok
18:59:14.0596 2464 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
18:59:14.0596 2464 vwififlt - ok
18:59:14.0612 2464 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
18:59:14.0612 2464 vwifimp - ok
18:59:14.0659 2464 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
18:59:14.0659 2464 W32Time - ok
18:59:14.0690 2464 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
18:59:14.0690 2464 WacomPen - ok
18:59:14.0721 2464 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
18:59:14.0737 2464 WANARP - ok
18:59:14.0737 2464 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
18:59:14.0737 2464 Wanarpv6 - ok
18:59:14.0799 2464 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
18:59:14.0830 2464 WatAdminSvc - ok
18:59:14.0893 2464 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
18:59:14.0939 2464 wbengine - ok
18:59:14.0971 2464 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
18:59:14.0986 2464 WbioSrvc - ok
18:59:15.0002 2464 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
18:59:15.0017 2464 wcncsvc - ok
18:59:15.0033 2464 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:59:15.0033 2464 WcsPlugInService - ok
18:59:15.0064 2464 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
18:59:15.0064 2464 Wd - ok
18:59:15.0095 2464 [ A3D04EBF5227886029B4532F20D026F7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam64.sys
18:59:15.0095 2464 WDC_SAM - ok
18:59:15.0127 2464 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
18:59:15.0158 2464 Wdf01000 - ok
18:59:15.0173 2464 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
18:59:15.0189 2464 WdiServiceHost - ok
18:59:15.0189 2464 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
18:59:15.0189 2464 WdiSystemHost - ok
18:59:15.0220 2464 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
18:59:15.0220 2464 WebClient - ok
18:59:15.0236 2464 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
18:59:15.0251 2464 Wecsvc - ok
18:59:15.0251 2464 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
18:59:15.0267 2464 wercplsupport - ok
18:59:15.0283 2464 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
18:59:15.0283 2464 WerSvc - ok
18:59:15.0329 2464 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
18:59:15.0329 2464 WfpLwf - ok
18:59:15.0361 2464 [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
18:59:15.0361 2464 WimFltr - ok
18:59:15.0392 2464 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
18:59:15.0392 2464 WIMMount - ok
18:59:15.0392 2464 WinDefend - ok
18:59:15.0407 2464 WinHttpAutoProxySvc - ok
18:59:15.0470 2464 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
18:59:15.0470 2464 Winmgmt - ok
18:59:15.0532 2464 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
18:59:15.0595 2464 WinRM - ok
18:59:15.0657 2464 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
18:59:15.0657 2464 WinUsb - ok
18:59:15.0704 2464 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
18:59:15.0735 2464 Wlansvc - ok
18:59:15.0782 2464 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
18:59:15.0782 2464 WmiAcpi - ok
18:59:15.0797 2464 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
18:59:15.0797 2464 wmiApSrv - ok
18:59:15.0829 2464 WMPNetworkSvc - ok
18:59:15.0844 2464 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
18:59:15.0860 2464 WPCSvc - ok
18:59:15.0875 2464 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
18:59:15.0875 2464 WPDBusEnum - ok
18:59:15.0907 2464 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
18:59:15.0907 2464 ws2ifsl - ok
18:59:15.0922 2464 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
18:59:15.0922 2464 wscsvc - ok
18:59:15.0969 2464 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
18:59:15.0969 2464 WSDPrintDevice - ok
18:59:15.0969 2464 WSearch - ok
18:59:16.0047 2464 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
18:59:16.0109 2464 wuauserv - ok
18:59:16.0125 2464 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
18:59:16.0125 2464 WudfPf - ok
18:59:16.0141 2464 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
18:59:16.0141 2464 WUDFRd - ok
18:59:16.0156 2464 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
18:59:16.0172 2464 wudfsvc - ok
18:59:16.0187 2464 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
18:59:16.0187 2464 WwanSvc - ok
18:59:16.0328 2464 [ 118C018DF1C53B94F8C06D2CABBBDA52 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
18:59:16.0359 2464 ZeroConfigService - ok
18:59:16.0390 2464 ================ Scan global ===============================
18:59:16.0421 2464 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
18:59:16.0453 2464 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
18:59:16.0468 2464 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
18:59:16.0499 2464 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
18:59:16.0515 2464 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
18:59:16.0515 2464 [Global] - ok
18:59:16.0515 2464 ================ Scan MBR ==================================
18:59:16.0531 2464 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
18:59:16.0936 2464 \Device\Harddisk0\DR0 - ok
18:59:16.0936 2464 ================ Scan VBR ==================================
18:59:16.0936 2464 [ F639182AB27DDE2C2BF6BC75549E98F3 ] \Device\Harddisk0\DR0\Partition1
18:59:16.0936 2464 \Device\Harddisk0\DR0\Partition1 - ok
18:59:16.0967 2464 [ F5D3D02E2DAD6AD92511A44BD3325762 ] \Device\Harddisk0\DR0\Partition2
18:59:16.0967 2464 \Device\Harddisk0\DR0\Partition2 - ok
18:59:16.0967 2464 ============================================================
18:59:16.0967 2464 Scan finished
18:59:16.0967 2464 ============================================================
18:59:16.0983 6264 Detected object count: 0
18:59:16.0983 6264 Actual detected object count: 0

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:06 PM

Posted 24 September 2012 - 09:29 PM

I ran TDSKiller and will post the logfile while I run the ESET scanner. The checkbox is on "remove threats" Did you want that on? I'll wait your reply.


Yes

Skip ASWMBR

#5 Genex17

Genex17
  • Topic Starter

  • Members
  • 80 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:06 AM

Posted 24 September 2012 - 09:46 PM

I am posting from my backup computer and have started the scan. I do have MBAM Pro, and a licensed copy of Eset NOD32 AV installed, but for you to make a proper diagnosis, I am running the online scanner and any other tests you think are important.

I'll get the Eset results as soon as possible.

Gene

#6 Genex17

Genex17
  • Topic Starter

  • Members
  • 80 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:06 AM

Posted 24 September 2012 - 10:48 PM

Eset Online Scanner results: No Threats found.

I'll remove the online scanner unless you advise differently.

Gene

Edited by Genex17, 24 September 2012 - 10:49 PM.


#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:06 PM

Posted 24 September 2012 - 11:05 PM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

Launch it and scan should start running.After scan gets completed,post the generated log here.

#8 Genex17

Genex17
  • Topic Starter

  • Members
  • 80 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:06 AM

Posted 25 September 2012 - 01:01 AM

Malware bytes log:



Malwarebytes Anti-Malware (PRO) 1.65.0.1400
www.malwarebytes.org

Database version: v2012.09.25.02

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Gene :: MADOKA [administrator]

Protection: Disabled

9/24/2012 9:16:21 PM
mbam-log-2012-09-24 (21-16-21).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 438275
Time elapsed: 1 hour(s), 10 minute(s), 5 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#9 Genex17

Genex17
  • Topic Starter

  • Members
  • 80 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:06 AM

Posted 25 September 2012 - 01:05 AM

Minitoolbox:

MiniToolBox by Farbar Version: 23-07-2012
Ran by Gene (administrator) on 24-09-2012 at 23:03:37
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Realtek PCIe FE Family Controller = Local Area Connection (Connected)
Intel® Centrino® Wireless-N 2230 = Wireless Network Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 3 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Madoka
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection 3:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter #2
Physical Address. . . . . . . . . : 68-5D-43-25-85-BA
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 68-5D-43-25-85-BA
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® Centrino® Wireless-N 2230
Physical Address. . . . . . . . . : 68-5D-43-25-85-B9
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
Physical Address. . . . . . . . . : D4-BE-D9-36-97-8C
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::e057:cac2:3869:4ba4%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.100(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Monday, September 24, 2012 7:17:25 PM
Lease Expires . . . . . . . . . . : Tuesday, September 25, 2012 7:17:25 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 248823513
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-17-6B-A8-B9-D4-BE-D9-36-97-8C
DNS Servers . . . . . . . . . . . : 208.201.224.11
208.201.224.33
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{59AD75CB-2707-40AB-B3A3-09870182D290}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:3414:394e:b9db:794c(Preferred)
Link-local IPv6 Address . . . . . : fe80::3414:394e:b9db:794c%18(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: ns1.sonic.net
Address: 208.201.224.11

Name: google.com
Addresses: 2001:4860:4001:800::1005
74.125.224.68
74.125.224.69
74.125.224.72
74.125.224.78
74.125.224.64
74.125.224.70
74.125.224.73
74.125.224.67
74.125.224.65
74.125.224.71
74.125.224.66


Pinging google.com [74.125.224.68] with 32 bytes of data:
Reply from 74.125.224.68: bytes=32 time=31ms TTL=56
Reply from 74.125.224.68: bytes=32 time=32ms TTL=56

Ping statistics for 74.125.224.68:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 31ms, Maximum = 32ms, Average = 31ms
Server: ns1.sonic.net
Address: 208.201.224.11

Name: yahoo.com
Addresses: 72.30.38.140
98.138.253.109
98.139.183.24


Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=93ms TTL=51
Reply from 98.138.253.109: bytes=32 time=93ms TTL=51

Ping statistics for 98.138.253.109:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 93ms, Maximum = 93ms, Average = 93ms
Server: ns1.sonic.net
Address: 208.201.224.11

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
17...68 5d 43 25 85 ba ......Microsoft Virtual WiFi Miniport Adapter #2
16...68 5d 43 25 85 ba ......Microsoft Virtual WiFi Miniport Adapter
13...68 5d 43 25 85 b9 ......Intel® Centrino® Wireless-N 2230
11...d4 be d9 36 97 8c ......Realtek PCIe FE Family Controller
1...........................Software Loopback Interface 1
19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
18...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.100 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
169.254.0.0 255.255.0.0 169.254.75.164 192.168.1.100 30
192.168.1.0 255.255.255.0 On-link 192.168.1.100 276
192.168.1.100 255.255.255.255 On-link 192.168.1.100 276
192.168.1.255 255.255.255.255 On-link 192.168.1.100 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.100 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.100 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
18 58 ::/0 On-link
1 306 ::1/128 On-link
18 58 2001::/32 On-link
18 306 2001:0:9d38:6ab8:3414:394e:b9db:794c/128
On-link
11 276 fe80::/64 On-link
18 306 fe80::/64 On-link
18 306 fe80::3414:394e:b9db:794c/128
On-link
11 276 fe80::e057:cac2:3869:4ba4/128
On-link
1 306 ff00::/8 On-link
18 306 ff00::/8 On-link
11 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [94208] (Apple Computer, Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/24/2012 07:20:32 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/24/2012 07:20:19 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/24/2012 07:19:50 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/24/2012 07:17:32 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/24/2012 07:15:56 PM) (Source: Application Error) (User: )
Description: Faulting application name: aswMBR.exe, version: 0.9.9.1665, time stamp: 0x4f5f9c86
Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp: 0x4ec49b8f
Exception code: 0xc0000005
Fault offset: 0x0002e3be
Faulting process id: 0x408
Faulting application start time: 0xaswMBR.exe0
Faulting application path: aswMBR.exe1
Faulting module path: aswMBR.exe2
Report Id: aswMBR.exe3

Error: (09/24/2012 07:13:00 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/24/2012 07:08:36 PM) (Source: Application Error) (User: )
Description: Faulting application name: aswMBR.exe, version: 0.9.9.1665, time stamp: 0x4f5f9c86
Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp: 0x4ec49b8f
Exception code: 0xc0000005
Fault offset: 0x0002e3be
Faulting process id: 0x1aa4
Faulting application start time: 0xaswMBR.exe0
Faulting application path: aswMBR.exe1
Faulting module path: aswMBR.exe2
Report Id: aswMBR.exe3

Error: (09/24/2012 01:54:47 PM) (Source: Brother BrLog) (User: )
Description: TWN BrtTWN: [2012/09/24 13:54:47.832]: [00003540]: Initialize TwdsMain Class failed!

Error: (09/24/2012 01:54:47 PM) (Source: Brother BrLog) (User: )
Description: TWN BrtTWN: [2012/09/24 13:54:47.832]: [00003540]: ##### Fatal ERROR!! Create STI-device failed! #####

Error: (09/24/2012 10:20:18 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (09/24/2012 07:19:49 PM) (Source: Service Control Manager) (User: )
Description: The Dell Digital Delivery Service service terminated unexpectedly. It has done this 1 time(s).

Error: (09/24/2012 07:18:32 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (09/24/2012 07:15:57 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (09/24/2012 07:15:57 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (09/24/2012 07:15:57 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (09/24/2012 07:15:57 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (09/24/2012 07:15:57 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (09/24/2012 07:15:57 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (09/24/2012 07:13:39 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (09/24/2012 07:13:39 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068


Microsoft Office Sessions:
=========================
Error: (09/24/2012 07:20:32 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Gene\Desktop\esetsmartinstaller_enu.exe

Error: (09/24/2012 07:20:19 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Gene\Desktop\esetsmartinstaller_enu.exe

Error: (09/24/2012 07:19:50 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Gene\Desktop\esetsmartinstaller_enu.exe

Error: (09/24/2012 07:17:32 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/24/2012 07:15:56 PM) (Source: Application Error)(User: )
Description: aswMBR.exe0.9.9.16654f5f9c86ntdll.dll6.1.7601.177254ec49b8fc00000050002e3be40801cd9ac32d6e03b1C:\Users\Gene\Desktop\aswMBR.exeC:\Windows\SysWOW64\ntdll.dllf048ac06-06b6-11e2-aaef-d4bed936978c

Error: (09/24/2012 07:13:00 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/24/2012 07:08:36 PM) (Source: Application Error)(User: )
Description: aswMBR.exe0.9.9.16654f5f9c86ntdll.dll6.1.7601.177254ec49b8fc00000050002e3be1aa401cd9ac1c13583a2C:\Users\Gene\Desktop\aswMBR.exeC:\Windows\SysWOW64\ntdll.dlle9a37b9f-06b5-11e2-9838-d4bed936978c

Error: (09/24/2012 01:54:47 PM) (Source: Brother BrLog)(User: )
Description: TWNBrtTWN: [2012/09/24 13:54:47.832]: [00003540]: Initialize TwdsMain Class failed!

Error: (09/24/2012 01:54:47 PM) (Source: Brother BrLog)(User: )
Description: TWNBrtTWN: [2012/09/24 13:54:47.832]: [00003540]: ##### Fatal ERROR!! Create STI-device failed! #####

Error: (09/24/2012 10:20:18 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


=========================== Installed Programs ============================

Accidental Damage Services Agreement (Version: 2.0.0)
ACDSee 32
Adobe Acrobat X Pro (Version: 10.1.4)
Adobe AIR (Version: 3.3.0.3670)
Adobe Anchor Service CS3 (Version: 1.0)
Adobe Anchor Service CS4 (Version: 2.0)
Adobe Anchor Service x64 CS4 (Version: 2.0)
Adobe Asset Services CS3 (Version: 3)
Adobe Bridge CS3 (Version: 2)
Adobe Bridge CS4 (Version: 3)
Adobe Bridge Start Meeting (Version: 1.0)
Adobe Camera Raw 4.0 (Version: 4.0)
Adobe CMaps CS4 (Version: 2.0)
Adobe CMaps x64 CS4 (Version: 2.0)
Adobe Color - Photoshop Specific CS4 (Version: 2.0)
Adobe Color Common Settings (Version: 1.0)
Adobe Color EU Extra Settings CS4 (Version: 2.0)
Adobe Color JA Extra Settings CS4 (Version: 2.0)
Adobe Color NA Recommended Settings CS4 (Version: 2.0)
Adobe Community Help (Version: 3.5.23)
Adobe CSI CS4 (Version: 1)
Adobe CSI CS4 x64 (Version: 1)
Adobe Default Language CS4 (Version: 2.0)
Adobe Device Central CS3 (Version: 1.0)
Adobe Device Central CS4 (Version: 2)
Adobe Drive CS4 (Version: 1)
Adobe Drive CS4 x64 (Version: 1)
Adobe ExtendScript Toolkit 2 (Version: 2.0)
Adobe ExtendScript Toolkit CS4 (Version: 3.0.0)
Adobe Extension Manager CS4 (Version: 2.0)
Adobe Flash Player 11 ActiveX (Version: 11.4.402.278)
Adobe Flash Player 11 Plugin (Version: 11.4.402.265)
Adobe Fonts All (Version: 2.0)
Adobe Fonts All x64 (Version: 2.0)
Adobe Help Viewer CS3 (Version: 1)
Adobe Illustrator CS3 (Version: 13.0)
Adobe Lens Profile Downloader (Version: 1.0)
Adobe Linguistics CS3 (Version: 3.0.0)
Adobe Linguistics CS4 (Version: 4.0.0)
Adobe Linguistics CS4 x64 (Version: 4.0.0)
Adobe Media Player (Version: 0.0.0)
Adobe Media Player (Version: 1.1)
Adobe Output Module (Version: 2.0)
Adobe PDF Library Files CS4 (Version: 9.0)
Adobe PDF Library Files x64 CS4 (Version: 9.0)
Adobe Photoshop CS4 (64 Bit) (Version: 11.0)
Adobe Photoshop CS4 (Version: 11.0)
Adobe Photoshop CS4 Support (Version: 11.0)
Adobe Photoshop CS6 (Version: 13.0)
Adobe Search for Help (Version: 1.0)
Adobe Service Manager Extension (Version: 1.0)
Adobe Setup (Version: 1.0)
Adobe Setup (Version: 2.0)
Adobe Stock Photos CS3 (Version: 1.5)
Adobe Type Support CS4 (Version: 9.0)
Adobe Type Support x64 CS4 (Version: 9.0)
Adobe Update Manager CS3 (Version: 5.1.0)
Adobe Update Manager CS4 (Version: 6.0.0)
Adobe Version Cue CS3 Client (Version: 3)
Adobe WinSoft Linguistics Plugin (Version: 1.0)
Adobe WinSoft Linguistics Plugin (Version: 1.1)
Adobe WinSoft Linguistics Plugin x64 (Version: 1.1)
Adobe XMP Panels CS3 (Version: 1.0)
Adobe XMP Panels CS4 (Version: 2.0)
AdobeColorCommonSetCMYK (Version: 2.0)
Advanced Audio FX Engine (Version: 1.12.05)
Apple Application Support (Version: 2.1.7)
Apple Software Update (Version: 2.1.3.127)
Autodesk SketchBook Pro 2011 (Version: 5.50.0000)
Banctec Service Agreement (Version: 2.0.0)
Blio (Version: 2.3.7140)
Brother MFL-Pro Suite MFC-6490CW (Version: 1.0.1.0)
CCleaner (Version: 3.21)
Complete Care Business Service Agreement (Version: 2.0.0)
Conexant SmartAudio HD (Version: 8.54.29.0)
Connect (Version: 1.0.0.1)
Consumer In-Home Service Agreement (Version: 2.0.0)
Corel Painter 12 - IPM (Version: 12.3)
Corel Painter 12 (Version: 12.2.0.703)
CPUID CPU-Z 1.61.3
CPUID HWMonitor 1.19
CrystalDiskInfo 4.1.3 (Version: 4.1.3)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dell Digital Delivery (Version: 2.2.3000.0)
Dell Edoc Viewer (Version: 1.0.0)
Dell Getting Started Guide (Version: 1.00.0000)
Dell Home Systems Service Agreement (Version: 2.0.0)
Dell Stage Remote (Version: 2.0.0.50)
Dell Support Center (Version: 3.2.6032.55)
Dell Touchpad (Version: 10.3.2.2)
Dell Webcam Central (Version: 2.00.44)
Dropbox (Version: 1.4.17)
ESET NOD32 Antivirus (Version: 5.2.9.1)
Google Earth (Version: 6.2.2.6613)
Google Update Helper (Version: 1.3.21.123)
IconHandler 64 bit (Version: 2.0)
Intel PROSet Wireless
Intel® Control Center (Version: 1.2.1.1007)
Intel® Management Engine Components (Version: 8.0.1.1399)
Intel® OpenCL CPU Runtime
Intel® Processor Graphics (Version: 8.15.10.2761)
Intel® PROSet/Wireless for Bluetooth® + High Speed (Version: 15.1.0.0096)
Intel® PROSet/Wireless Software for Bluetooth® Technology (Version: 2.0.0.0086)
Intel® Rapid Storage Technology (Version: 11.1.0.1006)
Intel® USB 3.0 eXtensible Host Controller Driver (Version: 1.0.4.220)
Intel® WiDi (Version: 3.1.26.0)
Intel® Wireless Display
Intel® PROSet/Wireless WiFi Software (Version: 15.01.1000.0927)
Intel® Trusted Connect Service Client (Version: 1.23.219.2)
Java 7 Update 7 (Version: 7.0.70)
Java Auto Updater (Version: 2.1.9.0)
JavaFX 2.1.1 (Version: 2.1.1)
K-Lite Codec Pack 9.2.0 (64-bit) (Version: 9.2.0)
K-Lite Codec Pack 9.2.4 (Standard) (Version: 9.2.4)
kuler (Version: 2.0)
LastPass (uninstall only)
MakeMKV v1.7.7 (Version: v1.7.7)
Malwarebytes Anti-Malware version 1.65.0.1400 (Version: 1.65.0.1400)
Manga Studio EX 4.0
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Office 2010 Language Pack Service Pack 1 (SP1)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access MUI (Japanese) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (Japanese) 2010 (Version: 14.0.6029.1000)
Microsoft Office Groove MUI (Japanese) 2010 (Version: 14.0.6029.1000)
Microsoft Office Home and Student 2010 (Version: 14.0.6029.1000)
Microsoft Office IME (Japanese) 2010 (Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (Japanese) 2010 (Version: 14.0.6029.1000)
Microsoft Office Language Pack 2010 - Japanese/??? (Version: 14.0.6029.1000)
Microsoft Office O MUI (Japanese) 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (Japanese) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook Connector (Version: 14.0.6123.5001)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (Japanese) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (Japanese) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Japanese) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (Japanese) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (Japanese) 2010 (Version: 14.0.6029.1000)
Microsoft Office ScreenTip Language 2010 - ??? (Version: 14.0.4763.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (Japanese) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (Japanese) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office SharePoint Designer MUI (Japanese) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (Japanese) 2010 (Version: 14.0.6029.1000)
Microsoft Office X MUI (Japanese) 2010 (Version: 14.0.6029.1000)
Microsoft Outlook 2010 (Version: 14.0.6029.1000)
Microsoft SharePoint Designer 2010 Service Pack 1 (SP1)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Mozilla Firefox 15.0 (x86 en-US) (Version: 15.0)
Mozilla Firefox 15.0.1 (x86 en-US) (Version: 15.0.1)
Mozilla Maintenance Service (Version: 15.0.1)
Painter 12 - Content (Version: 12.3)
Painter 12 - Core (Version: 12.3)
Painter 12 - Corex64 (Version: 12.1.0)
Painter 12 - EN (Version: 12.3)
Painter 12 - Setup Files (Version: 12.3)
PaintTool SAI Ver.1
PC Wizard 2012.2.11
PDF Settings CS4 (Version: 9.0)
PDF Settings CS6 (Version: 11.0)
Perfect Mask 5 (Version: 5.1)
Perfect Resize 7 (Version: 7.0.7)
Photoshop Camera Raw (Version: 5.0)
Photoshop Camera Raw_x64 (Version: 5.0)
PlayReady PC Runtime x86 (Version: 1.3.0)
Premium Service Agreement (Version: 2.0.0)
PSD Codec by Ardfry Imaging, LLC (32 bit) (Version: 1.0.8.0)
PSD Codec by Ardfry Imaging, LLC (64 bit) (Version: 1.0.8.0)
PSD CODEC Version 1.4.1.0 (Version: 1.4.1.0)
QualxServ Service Agreement (Version: 2.0.0)
Quickset64 (Version: 10.14.010)
QuickTime (Version: 7.72.80.56)
Realtek Ethernet Controller Driver (Version: 7.54.309.2012)
Realtek USB 2.0 Card Reader (Version: 6.1.7601.39019)
Suite Shared Configuration CS4 (Version: 1.0)
Switch Sound File Converter
System Requirements Lab for Intel (Version: 4.5.9.0)
TypingMaster Pro (Version: 7.00)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553272) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596963) 32-Bit Edition
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598241) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598289) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Vector Magic (Version: 1.15)
Winamp (Version: 5.63 )
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
WinRAR 4.20 (64-bit) (Version: 4.20.0)

========================= Memory info: ===================================

Percentage of memory in use: 31%
Total physical RAM: 6046.36 MB
Available physical RAM: 4143.29 MB
Total Pagefile: 12090.9 MB
Available Pagefile: 9914.48 MB
Total Virtual: 4095.88 MB
Available Virtual: 3971.35 MB

========================= Partitions: =====================================

1 Drive c: (Madoka) (Fixed) (Total:445.91 GB) (Free:375.6 GB) NTFS

========================= Users: ========================================

User accounts for \\MADOKA

Administrator Gene Guest

========================= Restore Points ==================================

12-09-2012 03:59:43 Windows Update
19-09-2012 05:52:28 Installed Microsoft Office Language Pack 2010 - Japanese/???
19-09-2012 05:56:08 Microsoft Office ScreenTip Language 2010 - ??? ???????????
19-09-2012 06:01:26 Windows Update
22-09-2012 10:00:20 Windows Update

**** End of log ****

#10 Genex17

Genex17
  • Topic Starter

  • Members
  • 80 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:06 AM

Posted 25 September 2012 - 01:07 AM

FSS

Farbar Service Scanner Version: 19-09-2012
Ran by Gene (administrator) on 24-09-2012 at 23:06:29
Running from "C:\Users\Gene\Desktop"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

#11 Genex17

Genex17
  • Topic Starter

  • Members
  • 80 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:06 AM

Posted 25 September 2012 - 01:18 AM

# AdwCleaner v2.003 - Logfile created 09/24/2012 at 23:09:04
# Updated 23/09/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Gene - MADOKA
# Boot Mode : Normal
# Running from : C:\Users\Gene\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

Restored : [HKCU\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKCU\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]

-\\ Mozilla Firefox v15.0 (en-US)

Profile name : default
File : C:\Users\Gene\AppData\Roaming\Mozilla\Firefox\Profiles\yekcsqxi.default\prefs.js

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [1302 octets] - [24/09/2012 23:09:04]

########## EOF - C:\AdwCleaner[S1].txt - [1362 octets] ##########

#12 Genex17

Genex17
  • Topic Starter

  • Members
  • 80 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:06 AM

Posted 25 September 2012 - 01:28 AM

So this should be it.


Junkware Removal Tool (JRT) by Thisisu
Version: 1.0.7 (09.24.2012)
OS: Windows 7 Home Premium x64
Ran by Gene on Mon 09/24/2012 at 23:25:42.39
Blog: http://thisisudax.blogspot.com
**************************************************************




*** Registry Values: 0 Detections



*** Registry Keys:

ERROR: Access is denied.

Failed to delete: [KEY-LOCKED!] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}
ERROR: Access is denied.

Failed to delete: [KEY-LOCKED!] hkey_local_machine\software\wow6432node\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}



*** Files: 0 Detections



*** Folders: 0 Detections



*** Ask Toolbar: - Remnants removed




*** FireFox detected and repaired:

The below lines were deleted from [FF prefs.js]

=============================

=============================



*** Event Viewer Logs - Cleared





**************************************************************
Scan was completed on Mon 09/24/2012 at 23:25:52.50
End of Report

#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:06 PM

Posted 25 September 2012 - 01:30 AM

Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#14 Genex17

Genex17
  • Topic Starter

  • Members
  • 80 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:06 AM

Posted 25 September 2012 - 01:39 AM

Rkills and Autorun

Rkill 2.4.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 09/24/2012 11:32:06 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* Explorer Policy Removed: NoActiveDesktopChanges [HKLM]

Backup Registry file created at:
C:\Users\Gene\Desktop\rkill\rkill-09-24-2012-11-32-10.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity:

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Manual

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 09/24/2012 11:32:20 PM
Execution time: 0 hours(s), 0 minute(s), and 13 seconds(s)





"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "AdobeAAMUpdater-1.0" "Adobe Updater Startup Utility" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\oobe\pdapp\uwa\updaterstartuputility.exe"
+ "BTMTrayAgent" "Bluetooth Shell Extension" "Intel Corporation" "c:\program files (x86)\intel\bluetooth\btmshell.dll"
+ "egui" "ESET GUI" "ESET" "c:\program files\eset\eset nod32 antivirus\egui.exe"
+ "ETDCtrl" "ETD Control Center" "ELAN Microelectronics Corp." "c:\program files\elantech\etdctrl.exe"
+ "HotKeysCmds" "hkcmd Module" "Intel Corporation" "c:\windows\system32\hkcmd.exe"
+ "IgfxTray" "igfxTray Module" "Intel Corporation" "c:\windows\system32\igfxtray.exe"
+ "IME14 JPN Setup" "Microsoft Office IME 2010" "Microsoft Corporation" "c:\program files\common files\microsoft shared\ime14\shared\imeklmg.exe"
+ "Persistence" "persistence Module" "Intel Corporation" "c:\windows\system32\igfxpers.exe"
+ "QuickSet" "QuickSet" "Dell Inc." "c:\program files\dell\quickset\quickset.exe"
+ "SmartAudio" "SmartAudio Control Panel application" "Conexant Systems, Inc." "c:\program files\conexant\sa3\sacpl.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Acrobat Assistant 8.0" "AcroTray" "Adobe Systems Inc." "c:\program files (x86)\adobe\acrobat 10.0\acrobat\acrotray.exe"
+ "Adobe Acrobat Speed Launcher" "Adobe Acrobat SpeedLauncher" "Adobe Systems Incorporated" "c:\program files (x86)\adobe\acrobat 10.0\acrobat\acrobat_sl.exe"
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe"
+ "AdobeCS4ServiceManager" "Adobe CS4 Service Manager" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe"
+ "AdobeCS6ServiceManager" "Adobe CS6 Service Manager" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\cs6servicemanager\cs6servicemanager.exe"
+ "APSDaemon" "Apple Push" "Apple Inc." "c:\program files (x86)\common files\apple\apple application support\apsdaemon.exe"
+ "BCSSync" "Microsoft Office 2010 component" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\bcssync.exe"
+ "BrMfcWnd" "Brother Status Monitor Application" "Brother Industries, Ltd." "c:\program files (x86)\brother\brmfcmon\brmfcwnd.exe"
+ "ControlCenter3" "ControlCenter Program" "Brother Industries, Ltd." "c:\program files (x86)\brother\controlcenter3\brctrcen.exe"
+ "Dell Webcam Central" "Webcam Central" "Creative Technology Ltd" "c:\program files (x86)\dell webcam\dell webcam central\webcamdell2.exe"
+ "IAStorIcon" "Delayed launcher" "Intel Corporation" "c:\program files (x86)\intel\intel® rapid storage technology\iastoriconlaunch.exe"
+ "IME14 JPN Setup" "Microsoft Office IME 2010" "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\ime14\shared\imeklmg.exe"
+ "QuickTime Task" "QuickTime Task" "Apple Inc." "c:\program files (x86)\quicktime\qttask.exe"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files (x86)\common files\java\java update\jusched.exe"
+ "SwitchBoard" "SwitchBoard Server (32 bit)" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\switchboard\switchboard.exe"
+ "USB3MON" "Intel® USB 3.0 Monitor" "Intel Corporation" "c:\program files (x86)\intel\intel® usb 3.0 extensible host controller driver\application\iusb3mon.exe"
"C:\Users\Gene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "Dropbox.lnk" "Dropbox" "Dropbox, Inc." "c:\users\gene\appdata\roaming\dropbox\bin\dropbox.exe"
+ "OneNote 2010 Screen Clipper and Launcher.lnk" "Microsoft OneNote Quick Launcher" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\onenotem.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "AdobeBridge" "Adobe Bridge CS6" "Adobe Systems, Inc." "c:\program files\adobe\adobe bridge cs6 (64 bit)\bridge.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office14\msoxmlmf.dll"
"HKCU\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "DropboxExt" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\gene\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "Adobe.Acrobat.ContextMenu" "Adobe Acrobat Context Menu" "Adobe Systems Inc." "c:\program files (x86)\adobe\acrobat 10.0\acrobat elements\contextmenu64.dll"
+ "ESET Smart Security - Context Menu Shell Extension" "Shell Extension" "ESET" "c:\program files\eset\eset nod32 antivirus\shellext.dll"
+ "WinRAR" "WinRAR shell extension" "Alexander Roshal" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "Adobe.Acrobat.ContextMenu" "Adobe Acrobat Context Menu" "Adobe Systems Inc." "c:\program files (x86)\adobe\acrobat 10.0\acrobat elements\contextmenu.dll"
+ "ESET Smart Security - Context Menu Shell Extension" "Shell Extension" "ESET" "c:\program files\eset\eset nod32 antivirus\x86\shellext.dll"
+ "WinRAR32" "WinRAR shell extension" "Alexander Roshal" "c:\program files\winrar\rarext32.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "Adobe Drive CS4" "Adobe Drive Menu" "Adobe Systems Incorporated" "c:\program files\common files\adobe\adobe drive cs4\adfsmenu.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Wow6432Node\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "Adobe Drive CS4" "Adobe Drive Menu" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\adobe drive cs4\adfsmenu.dll"
"HKCU\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "DropboxExt" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\gene\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
"HKCU\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "DropboxExt" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\gene\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Adobe Drive CS4" "Adobe Drive Menu" "Adobe Systems Incorporated" "c:\program files\common files\adobe\adobe drive cs4\adfsmenu.dll"
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
+ "igfxcui" "igfxpph Module" "Intel Corporation" "c:\windows\system32\igfxpph.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Adobe Drive CS4" "Adobe Drive Menu" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\adobe drive cs4\adfsmenu.dll"
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "Adobe.Acrobat.ContextMenu" "Adobe Acrobat Context Menu" "Adobe Systems Inc." "c:\program files (x86)\adobe\acrobat 10.0\acrobat elements\contextmenu64.dll"
+ "ESET Smart Security - Context Menu Shell Extension" "Shell Extension" "ESET" "c:\program files\eset\eset nod32 antivirus\shellext.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "WinRAR" "WinRAR shell extension" "Alexander Roshal" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "Adobe.Acrobat.ContextMenu" "Adobe Acrobat Context Menu" "Adobe Systems Inc." "c:\program files (x86)\adobe\acrobat 10.0\acrobat elements\contextmenu.dll"
+ "ESET Smart Security - Context Menu Shell Extension" "Shell Extension" "ESET" "c:\program files\eset\eset nod32 antivirus\x86\shellext.dll"
+ "WinRAR32" "WinRAR shell extension" "Alexander Roshal" "c:\program files\winrar\rarext32.dll"
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "WinRAR" "WinRAR shell extension" "Alexander Roshal" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "WinRAR32" "WinRAR shell extension" "Alexander Roshal" "c:\program files\winrar\rarext32.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "DropboxExt1" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\gene\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
+ "DropboxExt2" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\gene\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
+ "DropboxExt3" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\gene\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
+ "DropboxExt4" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\gene\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "DropboxExt1" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\gene\appdata\roaming\dropbox\bin\dropboxext.14.dll"
+ "DropboxExt2" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\gene\appdata\roaming\dropbox\bin\dropboxext.14.dll"
+ "DropboxExt3" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\gene\appdata\roaming\dropbox\bin\dropboxext.14.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "LastPass Vault" "LastPass Toolbar" "" "c:\program files (x86)\lastpass\lptoolbar_x64.dll"
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files\microsoft office\office14\urlredir.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Conversion Toolbar Helper" "Adobe PDF Toolbar for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiefavclient.dll"
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\java\jre7\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\java\jre7\bin\ssv.dll"
+ "LastPass Vault" "LastPass Toolbar" "" "c:\program files (x86)\lastpass\lptoolbar.dll"
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\urlredir.dll"
+ "SmartSelect Class" "Adobe PDF Toolbar for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiefavclient.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "LastPass Toolbar" "LastPass Toolbar" "" "c:\program files (x86)\lastpass\lptoolbar_x64.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "Adobe PDF" "Adobe PDF Toolbar for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiefavclient.dll"
+ "LastPass Toolbar" "LastPass Toolbar" "" "c:\program files (x86)\lastpass\lptoolbar.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "LastPass" "LastPass Toolbar" "" "c:\program files (x86)\lastpass\lptoolbar_x64.dll"
+ "OneNote リンク ノート(&K)" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office14\onbttnielinkednotes.dll"
+ "Se&nd to OneNote" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office14\onbttnie.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "LastPass" "LastPass Toolbar" "" "c:\program files (x86)\lastpass\lptoolbar.dll"
+ "OneNote に送る(&N)" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\onbttnie.dll"
+ "OneNote リンク ノート(&K)" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\onbttnielinkednotes.dll"
"Task Scheduler" "" "" ""
+ "\AdobeAAMUpdater-1.0-Madoka-Gene" "Adobe Updater Startup Utility" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\oobe\pdapp\uwa\updaterstartuputility.exe"
+ "\Apple\AppleSoftwareUpdate" "Apple Software Update" "Apple Inc." "c:\program files (x86)\apple software update\softwareupdate.exe"
+ "\CCleanerSkipUAC" "CCleaner" "Piriform Ltd" "c:\program files\ccleaner\ccleaner.exe"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
+ "\PCDEventLauncher" "PC-Doctor Module" "PC-Doctor, Inc." "c:\program files\dell support center\sessionchecker.exe"
+ "\PCDoctorBackgroundMonitorTask" "PC-Doctor Module" "PC-Doctor, Inc." "c:\program files\dell support center\uaclauncher.exe"
+ "\PCDoctorBackgroundMonitorTask-Retry" "PC-Doctor Module" "PC-Doctor, Inc." "c:\program files\dell support center\uaclauncher.exe"
+ "\SystemToolsDailyTest" "" "" "File not found: uaclauncher.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AdobeARMservice" "Adobe Acrobat Updater keeps your Adobe software up to date." "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe"
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "AMPPALR3" "Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter" "Intel Corporation" "c:\program files\intel\bluetoothhs\bthsamppalservice.exe"
+ "Bluetooth Device Monitor" "A process to monitor Bluetooth radio state and configure Bluetooth remote folders." "Intel Corporation" "c:\program files (x86)\intel\bluetooth\devmonsrv.exe"
+ "Bluetooth Media Service" "Provides Bluetooth Media Profiles support" "Intel Corporation" "c:\program files (x86)\intel\bluetooth\mediasrv.exe"
+ "Bluetooth OBEX Service" "Provides Bluetooth File Transfer Protocol support." "Intel Corporation" "c:\program files (x86)\intel\bluetooth\obexsrv.exe"
+ "Bonjour Service" "##Id_String2.6844F930_1628_4223_B5CC_5BB94B879762##" "Apple Computer, Inc." "c:\program files (x86)\bonjour\mdnsresponder.exe"
+ "BTHSSecurityMgr" "Manages the 802.1x security between two Bluetooth® High Speed connections." "Intel® Corporation" "c:\program files\intel\bluetoothhs\bthssecuritymgr.exe"
+ "cphs" "Intel® Content Protection HECI Service - enables communication with the Content Protection FW" "Intel Corporation" "c:\windows\syswow64\intelcphecisvc.exe"
+ "CxUtilSvc" "Conexant utility service for audio applications" "Conexant Systems, Inc." "c:\program files\conexant\sa3\cxutilsvc.exe"
+ "DellDigitalDelivery" "Downloads and installs the applications that you purchased with your computer." "Dell Products, LP." "c:\program files (x86)\dell digital delivery\deliveryservice.exe"
+ "ekrn" "ESET Service" "ESET" "c:\program files\eset\eset nod32 antivirus\x86\ekrn.exe"
+ "EvtEng" "Manages the event trace messages for all the Intel® PROSet/Wireless Software components." "Intel® Corporation" "c:\program files\intel\wifi\bin\evteng.exe"
+ "FLEXnet Licensing Service" "This service performs licensing functions on behalf of FLEXnet enabled products." "Acresso Software Inc." "c:\program files (x86)\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe"
+ "FLEXnet Licensing Service 64" "This service performs licensing functions on behalf of FLEXnet enabled products." "Acresso Software Inc." "c:\program files\common files\macrovision shared\flexnet publisher\fnplicensingservice64.exe"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "IAStorDataMgrSvc" "Provides storage event notification and manages communication between the storage driver and user space applications." "Intel Corporation" "c:\program files (x86)\intel\intel® rapid storage technology\iastordatamgrsvc.exe"
+ "ImeDictUpdateService" "Microsoft Office IME 2010" "Microsoft Corporation" "c:\program files\common files\microsoft shared\ime14\shared\imedictupdate.exe"
+ "Intel® Capability Licensing Service Interface" "Version: 1.23.219.2" "Intel® Corporation" "c:\program files\intel\icls client\heciserver.exe"
+ "LMS" "Allows applications to access the local Intel® Management and Security Application using its locally-available selected network interfaces." "Intel Corporation" "c:\program files (x86)\intel\intel® management engine components\lms\lms.exe"
+ "MBAMScheduler" "Malwarebytes Anti-Malware scheduler" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamscheduler.exe"
+ "MBAMService" "Malwarebytes Anti-Malware service" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamservice.exe"
+ "MozillaMaintenance" "The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled." "Mozilla Foundation" "c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe"
+ "MyWiFiDHCPDNS" "Wireless PAN DHCP and DNS Server" "" "c:\program files\intel\wifi\bin\pandhcpdns.exe"
+ "nlsX86cc" "Nalpeiron Licensing Service" "Nalpeiron Ltd." "c:\windows\syswow64\nlssrv32.exe"
+ "ose" "更新や修復に使用されるインストール用ファイルを保存します。また、セットアップ更新プログラムやワトソン エラー レポートをダウンロードする際に必要です。" "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"
+ "osppsvc" "Office Software Protection Platform Service (unlocalized description)" "Microsoft Corporation" "c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe"
+ "PSI_SVC_2_x64" "This service provides Protexis licensing functionalty." "arvato digital services llc" "c:\program files\common files\protexis\license service\psiservice_2.exe"
+ "RegSrvc" "Provides registry access to all Intel® PROSet/Wireless Software components" "Intel® Corporation" "c:\program files\common files\intel\wirelesscommon\regsrvc.exe"
+ "SwitchBoard" "Adobe SwitchBoard" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\switchboard\switchboard.exe"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
+ "ZeroConfigService" "Manages the zero configuration service for all the Intel® PROSet/Wireless Software components." "Intel® Corporation" "c:\program files\intel\wifi\bin\zeroconfigservice.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "adfs" "Adobe Drive File System Driver" "Adobe Systems, Inc." "c:\windows\system32\drivers\adfs.sys"
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "AMPPAL" "Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter" "Windows ® Win 7 DDK provider" "c:\windows\system32\drivers\amppal.sys"
+ "AMPPALP" "Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protocol" "Windows ® Win 7 DDK provider" "c:\windows\system32\drivers\amppal.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerIf" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserif.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "btmaux" "Bluetooth Auxiliary Driver" "Intel Corporation" "c:\windows\system32\drivers\btmaux.sys"
+ "btmhsf" "Bluetooth HighSpeed Filter Driver" "Intel Corporation" "c:\windows\system32\drivers\btmhsf.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "CnxtHdAudService" "64-bit High Definition Audio Function Driver" "Conexant Systems Inc." "c:\windows\system32\drivers\chdrt64.sys"
+ "cpuz135" "CPUID Driver" "CPUID" "c:\program files (x86)\cpuid\pc wizard 2012\pcwiz_x64.sys"
+ "CtClsFlt" "Video Class Upper Filter Driver (64-bit)" "Creative Technology Ltd." "c:\windows\system32\drivers\ctclsflt.sys"
+ "eamonm" "Eset file on-access scanner" "ESET" "c:\windows\system32\drivers\eamonm.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "ehdrv" "Eset Helper driver" "ESET" "c:\windows\system32\drivers\ehdrv.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "epfwwfpr" "EPFW Filter Driver" "ESET" "c:\windows\system32\drivers\epfwwfpr.sys"
+ "ETD" "ETD Kernel Center" "ELAN Microelectronics Corp." "c:\windows\system32\drivers\etd.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStor" "Intel Rapid Storage Technology driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastor.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "ibtfltcoex" "Intel® Centrino® Wireless (Bluetooth Adapter) Driver" "Intel Corporation" "c:\windows\system32\drivers\ibtfltcoex.sys"
+ "igfx" "Intel Graphics Kernel Mode Driver" "Intel Corporation" "c:\windows\system32\drivers\igdkmd64.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "intaud_WaveExtensible" "Intel® WiDi Solution" "Intel Corporation" "c:\windows\system32\drivers\intelaud.sys"
+ "IntcDAud" "Intel® Display Audio Driver" "Intel® Corporation" "c:\windows\system32\drivers\intcdaud.sys"
+ "iusb3hcs" "Intel® USB 3.0 Host Controller Switch Driver" "Intel Corporation" "c:\windows\system32\drivers\iusb3hcs.sys"
+ "iusb3hub" "Intel® USB 3.0 Hub Driver" "Intel Corporation" "c:\windows\system32\drivers\iusb3hub.sys"
+ "iusb3xhc" "Intel® USB 3.0 eXtensible Host Controller Driver" "Intel Corporation" "c:\windows\system32\drivers\iusb3xhc.sys"
+ "iwdbus" "Intel® WiDi Solution" "Intel Corporation" "c:\windows\system32\drivers\iwdbus.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "MBAMProtector" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\windows\system32\drivers\mbam.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "MEIx64" "Intel® Management Engine Interface" "Intel Corporation" "c:\windows\system32\drivers\hecix64.sys"
+ "NETwNs64" "Intel® Wireless WiFi Link Driver" "Intel Corporation" "c:\windows\system32\drivers\netwsw00.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "RSUSBVSTOR" "Realtek USB Mass Storage Driver for 2K/XP/Vista/Win7" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtsuvstor.sys"
+ "RTL8167" "Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver " "Realtek " "c:\windows\system32\drivers\rt64win7.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "Serial" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\serial.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
+ "WDC_SAM" "Manages WD external storage products." "Western Digital Technologies" "c:\windows\system32\drivers\wdcsam64.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Audio Layer-3 Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codecp.acm"
+ "VIDC.FFDS" "ffdshow VFW" "" "c:\windows\system32\ff_vfw.dll"
+ "VIDC.LAGS" "Lagarith" " " "c:\windows\system32\lagarith.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "msacm.l3codecp" "MPEG Audio Layer-3 Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codecp.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "AC3File" "" "" "c:\program files\k-lite codec pack x64\filters\ac3file64.ax"
+ "DirectVobSub" "VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth" "MPC-HC Team" "c:\program files\k-lite codec pack x64\filters\vsfilter.dll"
+ "DirectVobSub (auto-loading version)" "VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth" "MPC-HC Team" "c:\program files\k-lite codec pack x64\filters\vsfilter.dll"
+ "DS Video Buffer Filter" "WiDiAgent.dll COM object." "Intel Corporation" "c:\program files\common files\intel corporation\widiagent\dsbuffer_video.ax"
+ "ffdshow Audio Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\k-lite codec pack x64\filters\ffdshow\ffdshow.ax"
+ "ffdshow Audio Processor" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\k-lite codec pack x64\filters\ffdshow\ffdshow.ax"
+ "ffdshow raw video filter" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\k-lite codec pack x64\filters\ffdshow\ffdshow.ax"
+ "ffdshow subtitles filter" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\k-lite codec pack x64\filters\ffdshow\ffdshow.ax"
+ "ffdshow Video Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\k-lite codec pack x64\filters\ffdshow\ffdshow.ax"
+ "Haali Matroska Muxer" "Haali Media Splitter" "" "c:\program files\k-lite codec pack x64\filters\haali\splitter.x64.ax"
+ "Haali Media Splitter" "Haali Media Splitter" "" "c:\program files\k-lite codec pack x64\filters\haali\splitter.x64.ax"
+ "Haali Media Splitter (AR)" "Haali Media Splitter" "" "c:\program files\k-lite codec pack x64\filters\haali\splitter.x64.ax"
+ "Haali Simple Media Splitter" "Haali Media Splitter" "" "c:\program files\k-lite codec pack x64\filters\haali\splitter.x64.ax"
+ "Haali Video Sink" "Haali Media Splitter" "" "c:\program files\k-lite codec pack x64\filters\haali\splitter.x64.ax"
+ "Intel® AAC encoder" "" "" "c:\program files\common files\intel corporation\widiagent\intelaac.dll"
+ "Intel® Mux Renderer" "Intel® TS Mux / Network Renderer" "Intel Corporation" "c:\program files\common files\intel corporation\widiagent\intelmux.dll"
+ "Intel®WiDi H264 encoder" "" "" "c:\program files\common files\intel corporation\widiagent\h264hwenc.dll"
+ "LAV Audio Decoder" "LAV Audio Decoder - DirectShow Audio Decoder" "1f0.de - Hendrik Leppkes" "c:\program files\k-lite codec pack x64\filters\lav\lavaudio.ax"
+ "LAV Splitter" "LAV Splitter - DirectShow Media Splitter" "1f0.de - Hendrik Leppkes" "c:\program files\k-lite codec pack x64\filters\lav\lavsplitter.ax"
+ "LAV Splitter Source" "LAV Splitter - DirectShow Media Splitter" "1f0.de - Hendrik Leppkes" "c:\program files\k-lite codec pack x64\filters\lav\lavsplitter.ax"
+ "LAV Video Decoder" "LAV Video Decoder - DirectShow Video Decoder" "1f0.de - Hendrik Leppkes" "c:\program files\k-lite codec pack x64\filters\lav\lavvideo.ax"
+ "MainConcept AAC Encoder" "AAC audio encoder filter" "MainConcept GmbH" "c:\program files\common files\intel corporation\mainconcept filters\mc_enc_aac_ds.ax"
+ "WD Audio Filter" "WiDi Audio Source Filter." "Intel Corporation" "c:\program files\common files\intel corporation\widiagent\wdaudiofilter.dll"
+ "WD Secure Source Filter" "Intel® WiDi Secure Video Source Filter." "Intel Corporation" "c:\program files\common files\intel corporation\widiagent\wdsecuresourcefilter.dll"
+ "WD Silence Filter" "" "" "c:\program files\common files\intel corporation\widiagent\wdsilencefilter.dll"
+ "WDSource Filter" "WiDi Video Source Filter." "Intel Corporation" "c:\program files\common files\intel corporation\widiagent\wdsourcefilter.dll"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "Audio Destination" "WAVDest Filter (Sample)" "Microsoft Corporation" "c:\program files (x86)\google\google earth\client\wavdest.ax"
+ "Creative Correct TimeStamp Filter" "Creative Correct TimeStamp Filter" "Creative Technology Ltd." "c:\program files (x86)\creative\shared files\ctfrfix.ax"
+ "Creative H264 No Quality Control Filter" "Creative No Quality Control Filter" "Creative Technology Ltd." "c:\program files (x86)\dell webcam\dell webcam central\cth264noqc.ax"
+ "Creative MJPEG Decoder 2" "Decoder" "Creative Technology Ltd." "c:\program files (x86)\creative\shared files\ctmjpgdec2.ax"
+ "Creative Video Processing Filter" "Creative Video Processing Filter" "Creative Technology Ltd." "c:\program files (x86)\creative\shared files\vidprocu.ax"
+ "DirectVobSub" "VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth" "xy-VSFilter Team" "c:\program files (x86)\k-lite codec pack\filters\vsfilter.dll"
+ "DirectVobSub (auto-loading version)" "VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth" "xy-VSFilter Team" "c:\program files (x86)\k-lite codec pack\filters\vsfilter.dll"
+ "ffdshow Audio Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\k-lite codec pack\filters\ffdshow\ffdshow.ax"
+ "ffdshow Audio Processor" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\k-lite codec pack\filters\ffdshow\ffdshow.ax"
+ "ffdshow raw video filter" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\k-lite codec pack\filters\ffdshow\ffdshow.ax"
+ "ffdshow subtitles filter" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\k-lite codec pack\filters\ffdshow\ffdshow.ax"
+ "ffdshow Video Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\k-lite codec pack\filters\ffdshow\ffdshow.ax"
+ "Haali Matroska Muxer" "Haali Media Splitter" "" "c:\program files (x86)\k-lite codec pack\filters\haali\splitter.ax"
+ "Haali Media Splitter" "Haali Media Splitter" "" "c:\program files (x86)\k-lite codec pack\filters\haali\splitter.ax"
+ "Haali Media Splitter (AR)" "Haali Media Splitter" "" "c:\program files (x86)\k-lite codec pack\filters\haali\splitter.ax"
+ "Haali Simple Media Splitter" "Haali Media Splitter" "" "c:\program files (x86)\k-lite codec pack\filters\haali\splitter.ax"
+ "Haali Video Renderer" "" "" "c:\program files (x86)\k-lite codec pack\filters\haali\dxr.dll"
+ "Haali Video Sink" "Haali Media Splitter" "" "c:\program files (x86)\k-lite codec pack\filters\haali\splitter.ax"
+ "LAV Audio Decoder" "LAV Audio Decoder - DirectShow Audio Decoder" "1f0.de - Hendrik Leppkes" "c:\program files (x86)\k-lite codec pack\filters\lav\lavaudio.ax"
+ "LAV Splitter" "LAV Splitter - DirectShow Media Splitter" "1f0.de - Hendrik Leppkes" "c:\program files (x86)\k-lite codec pack\filters\lav\lavsplitter.ax"
+ "LAV Splitter Source" "LAV Splitter - DirectShow Media Splitter" "1f0.de - Hendrik Leppkes" "c:\program files (x86)\k-lite codec pack\filters\lav\lavsplitter.ax"
+ "LAV Video Decoder" "LAV Video Decoder - DirectShow Video Decoder" "1f0.de - Hendrik Leppkes" "c:\program files (x86)\k-lite codec pack\filters\lav\lavvideo.ax"
+ "MS PR Source Filter" "PlayReady DirectShow Source Filter DLL" "Microsoft Corporation" "c:\program files (x86)\playready\prsource.dll"
+ "PlayReady DMO Wrapper" "PlayReady DirectShow DMO Wrapper Filter DLL" "Microsoft Corporation" "c:\program files (x86)\playready\prdmowrapper.dll"
+ "QIC1802 Demux" "QIC1802 Demux" "Quanta Computer Inc." "c:\program files (x86)\dell webcam\dell webcam central\qicdemux.ax"
"HKLM\Software\Classes\CLSID\{7ED96837-96F0-4812-B211-F13C24117ED3}\Instance" "" "" ""
+ "{01EA983A-60B5-46c9-AA60-55139B4BF47E}" "PSD Decoder" "Ardfry Imaging, LLC" "c:\program files\ardfryimaging\psd codec\ardfrypsdcodec.dll"
"HKLM\Software\Wow6432Node\Classes\CLSID\{7ED96837-96F0-4812-B211-F13C24117ED3}\Instance" "" "" ""
+ "{01EA983A-60B5-46c9-AA60-55139B4BF47E}" "PSD Decoder" "Ardfry Imaging, LLC" "c:\program files (x86)\ardfryimaging\psd codec\ardfrypsdcodec.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "igfxcui" "igfxdev Module" "Intel Corporation" "c:\windows\system32\igfxdev.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Computer, Inc." "c:\program files (x86)\bonjour\mdnsnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "Adobe PDF Port Monitor" "Adobe PDF Port Monitor DLL" "Adobe Systems Inc" "c:\windows\system32\adobepdf.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order" "" "" ""
+ "AdobeDriveCS4_NP" "Adobe Drive CS4 Network" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\adobe drive cs4\adobedrivecs4_np.dll"

#15 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:06 PM

Posted 25 September 2012 - 01:58 AM

That looks good

Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

XP-http://support.microsoft.com/kb/310405

Vista & windows 7-http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users