Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

FBI Money Pak VIrus


  • Please log in to reply
18 replies to this topic

#1 DGREW

DGREW

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:10:34 AM

Posted 27 September 2012 - 03:17 PM

I have an FBI Money Pak infection. Hijacked to a screen which won't let me do anything and wants me to give them $200!

I cannot Boot in Safe Mode using F8 (that was always difficult on this computer) and I am unable to start MSCONFIG.

I can start the computer without the Internet (the hijack screen comes back as soon as I plug in the Internet in normal mode) but I am not able to start Task Manager to cancel any processes.

I ran Malwarebytes & it appeared to find several problems - but I still had the major one.

I ran Emsisoft and It found 2 major problems - but I still have the virus.
Ran Malwarebytes again and got 19 hits - deleted them - but still have the problem.

I've got it going in the Safe Mode now and can restart it in Safe Mode with MSCONFIG & wuse the internet.

Would appreciate any help you could give me.

DRP

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:34 PM

Posted 27 September 2012 - 03:18 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 DGREW

DGREW
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:10:34 AM

Posted 27 September 2012 - 05:57 PM

Thanks for the Prompt reply,


10:29:05.0866 1488 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
10:29:07.0878 1488 ============================================================
10:29:07.0878 1488 Current date / time: 2012/09/27 10:29:07.0878
10:29:07.0878 1488 SystemInfo:
10:29:07.0878 1488
10:29:07.0878 1488 OS Version: 6.1.7601 ServicePack: 1.0
10:29:07.0878 1488 Product type: Workstation
10:29:07.0878 1488 ComputerName: DRP-PC
10:29:07.0878 1488 UserName: DRP
10:29:07.0878 1488 Windows directory: C:\Windows
10:29:07.0878 1488 System windows directory: C:\Windows
10:29:07.0878 1488 Running under WOW64
10:29:07.0878 1488 Processor architecture: Intel x64
10:29:07.0878 1488 Number of processors: 2
10:29:07.0878 1488 Page size: 0x1000
10:29:07.0878 1488 Boot type: Safe boot with network
10:29:07.0878 1488 ============================================================
10:29:09.0095 1488 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:29:09.0111 1488 ============================================================
10:29:09.0111 1488 \Device\Harddisk0\DR0:
10:29:09.0111 1488 MBR partitions:
10:29:09.0111 1488 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x43000, BlocksNum 0x1339000
10:29:09.0111 1488 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x137C000, BlocksNum 0x1BE49000
10:29:09.0111 1488 ============================================================
10:29:09.0126 1488 C: <-> \Device\Harddisk0\DR0\Partition2
10:29:09.0126 1488 ============================================================
10:29:09.0126 1488 Initialize success
10:29:09.0126 1488 ============================================================
10:30:02.0291 2428 ============================================================
10:30:02.0291 2428 Scan started
10:30:02.0291 2428 Mode: Manual; TDLFS;
10:30:02.0291 2428 ============================================================
10:30:04.0897 2428 ================ Scan system memory ========================
10:30:04.0897 2428 System memory - ok
10:30:04.0897 2428 ================ Scan services =============================
10:30:05.0209 2428 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
10:30:05.0209 2428 1394ohci - ok
10:30:05.0349 2428 [ 3044D0F3FEB9FFE8BC953D8F34B5B504 ] A2DDA C:\Users\DRP\Downloads\EmsisoftEmergencyKit\Run\a2ddax64.sys
10:30:05.0349 2428 A2DDA - ok
10:30:05.0380 2428 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
10:30:05.0380 2428 ACPI - ok
10:30:05.0411 2428 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
10:30:05.0411 2428 AcpiPmi - ok
10:30:05.0552 2428 [ 6D182C31ACF16213407F2768F1107FE3 ] Adobe LM Service C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
10:30:05.0552 2428 Adobe LM Service - ok
10:30:05.0645 2428 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
10:30:05.0645 2428 AdobeARMservice - ok
10:30:05.0770 2428 [ B2B64AF436FACCFA854DD397027C5360 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
10:30:05.0770 2428 AdobeFlashPlayerUpdateSvc - ok
10:30:05.0817 2428 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
10:30:05.0817 2428 adp94xx - ok
10:30:05.0864 2428 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
10:30:05.0864 2428 adpahci - ok
10:30:05.0879 2428 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
10:30:05.0879 2428 adpu320 - ok
10:30:05.0926 2428 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
10:30:05.0926 2428 AeLookupSvc - ok
10:30:05.0989 2428 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
10:30:05.0989 2428 AFD - ok
10:30:06.0004 2428 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
10:30:06.0004 2428 agp440 - ok
10:30:06.0035 2428 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
10:30:06.0035 2428 ALG - ok
10:30:06.0067 2428 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
10:30:06.0067 2428 aliide - ok
10:30:06.0113 2428 [ 9A5495EDEBE7D6B3F7E9A86EBE5EA248 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
10:30:06.0113 2428 AMD External Events Utility - ok
10:30:06.0129 2428 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
10:30:06.0129 2428 amdide - ok
10:30:06.0176 2428 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
10:30:06.0176 2428 AmdK8 - ok
10:30:06.0176 2428 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
10:30:06.0191 2428 AmdPPM - ok
10:30:06.0223 2428 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
10:30:06.0223 2428 amdsata - ok
10:30:06.0269 2428 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
10:30:06.0269 2428 amdsbs - ok
10:30:06.0285 2428 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
10:30:06.0285 2428 amdxata - ok
10:30:06.0316 2428 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
10:30:06.0316 2428 AppID - ok
10:30:06.0332 2428 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
10:30:06.0332 2428 AppIDSvc - ok
10:30:06.0347 2428 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
10:30:06.0347 2428 Appinfo - ok
10:30:06.0410 2428 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
10:30:06.0410 2428 Apple Mobile Device - ok
10:30:06.0457 2428 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
10:30:06.0457 2428 AppMgmt - ok
10:30:06.0472 2428 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
10:30:06.0472 2428 arc - ok
10:30:06.0488 2428 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
10:30:06.0488 2428 arcsas - ok
10:30:06.0628 2428 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
10:30:06.0628 2428 aspnet_state - ok
10:30:06.0675 2428 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
10:30:06.0675 2428 AsyncMac - ok
10:30:06.0691 2428 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
10:30:06.0691 2428 atapi - ok
10:30:06.0722 2428 [ 38467FF83C2B4265D51F418812A91E3C ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
10:30:06.0722 2428 AtiHdmiService - ok
10:30:06.0862 2428 [ A08339AE90972E268B9622C668F450E8 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
10:30:07.0003 2428 atikmdag - ok
10:30:07.0081 2428 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:30:07.0081 2428 AudioEndpointBuilder - ok
10:30:07.0096 2428 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
10:30:07.0096 2428 AudioSrv - ok
10:30:07.0143 2428 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
10:30:07.0143 2428 AxInstSV - ok
10:30:07.0190 2428 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
10:30:07.0190 2428 b06bdrv - ok
10:30:07.0237 2428 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
10:30:07.0237 2428 b57nd60a - ok
10:30:07.0283 2428 [ E001DD475A7C27EBE5A0DB45C11BAD71 ] BCM42RLY C:\Windows\system32\drivers\BCM42RLY.sys
10:30:07.0283 2428 BCM42RLY - ok
10:30:07.0346 2428 [ F4CD5F52850BF2C978DE178F256BA372 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
10:30:07.0408 2428 BCM43XX - ok
10:30:07.0424 2428 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
10:30:07.0424 2428 BDESVC - ok
10:30:07.0455 2428 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
10:30:07.0455 2428 Beep - ok
10:30:07.0517 2428 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
10:30:07.0533 2428 BFE - ok
10:30:07.0580 2428 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
10:30:07.0595 2428 BITS - ok
10:30:07.0627 2428 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
10:30:07.0627 2428 blbdrive - ok
10:30:07.0705 2428 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
10:30:07.0720 2428 Bonjour Service - ok
10:30:07.0751 2428 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
10:30:07.0751 2428 bowser - ok
10:30:07.0751 2428 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
10:30:07.0751 2428 BrFiltLo - ok
10:30:07.0783 2428 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
10:30:07.0783 2428 BrFiltUp - ok
10:30:07.0798 2428 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
10:30:07.0798 2428 Browser - ok
10:30:07.0829 2428 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
10:30:07.0829 2428 Brserid - ok
10:30:07.0845 2428 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
10:30:07.0845 2428 BrSerWdm - ok
10:30:07.0861 2428 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
10:30:07.0861 2428 BrUsbMdm - ok
10:30:07.0876 2428 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
10:30:07.0876 2428 BrUsbSer - ok
10:30:07.0876 2428 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
10:30:07.0876 2428 BTHMODEM - ok
10:30:07.0892 2428 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
10:30:07.0892 2428 bthserv - ok
10:30:07.0907 2428 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
10:30:07.0907 2428 cdfs - ok
10:30:07.0954 2428 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
10:30:07.0954 2428 cdrom - ok
10:30:07.0970 2428 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
10:30:07.0970 2428 CertPropSvc - ok
10:30:08.0032 2428 [ 45B5A89DC41577282E5BF41B1165EA71 ] cfwids C:\Windows\system32\drivers\cfwids.sys
10:30:08.0032 2428 cfwids - ok
10:30:08.0063 2428 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
10:30:08.0063 2428 circlass - ok
10:30:08.0079 2428 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
10:30:08.0079 2428 CLFS - ok
10:30:08.0157 2428 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:30:08.0157 2428 clr_optimization_v2.0.50727_32 - ok
10:30:08.0204 2428 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:30:08.0204 2428 clr_optimization_v2.0.50727_64 - ok
10:30:08.0297 2428 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:30:08.0297 2428 clr_optimization_v4.0.30319_32 - ok
10:30:08.0329 2428 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:30:08.0329 2428 clr_optimization_v4.0.30319_64 - ok
10:30:08.0360 2428 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
10:30:08.0360 2428 CmBatt - ok
10:30:08.0375 2428 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
10:30:08.0375 2428 cmdide - ok
10:30:08.0407 2428 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
10:30:08.0407 2428 CNG - ok
10:30:08.0438 2428 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
10:30:08.0438 2428 Compbatt - ok
10:30:08.0469 2428 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
10:30:08.0469 2428 CompositeBus - ok
10:30:08.0485 2428 COMSysApp - ok
10:30:08.0516 2428 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
10:30:08.0531 2428 crcdisk - ok
10:30:08.0578 2428 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
10:30:08.0578 2428 CryptSvc - ok
10:30:08.0594 2428 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
10:30:08.0609 2428 CSC - ok
10:30:08.0656 2428 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
10:30:08.0687 2428 CscService - ok
10:30:08.0719 2428 [ 1CA90212A99DB6975C344826D11055C9 ] dc3d C:\Windows\system32\DRIVERS\dc3d.sys
10:30:08.0719 2428 dc3d - ok
10:30:08.0765 2428 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
10:30:08.0765 2428 DcomLaunch - ok
10:30:08.0906 2428 [ 2AB40D0F2C34549604C75DC0B54451E7 ] DefaultTabSearch C:\Program Files (x86)\DefaultTab\DefaultTabSearch.exe
10:30:08.0906 2428 DefaultTabSearch - ok
10:30:09.0046 2428 [ 34AE0DFA3EE3B5B9975042D87332D0B7 ] DefaultTabUpdate C:\Users\DRP\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe
10:30:09.0062 2428 DefaultTabUpdate - ok
10:30:09.0077 2428 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
10:30:09.0077 2428 defragsvc - ok
10:30:09.0109 2428 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
10:30:09.0109 2428 DfsC - ok
10:30:09.0155 2428 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
10:30:09.0155 2428 Dhcp - ok
10:30:09.0171 2428 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
10:30:09.0171 2428 discache - ok
10:30:09.0202 2428 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
10:30:09.0202 2428 Disk - ok
10:30:09.0218 2428 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
10:30:09.0218 2428 Dnscache - ok
10:30:09.0249 2428 DockLoginService - ok
10:30:09.0265 2428 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
10:30:09.0265 2428 dot3svc - ok
10:30:09.0296 2428 [ B42ED0320C6E41102FDE0005154849BB ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
10:30:09.0311 2428 Dot4 - ok
10:30:09.0343 2428 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\Windows\system32\drivers\Dot4Prt.sys
10:30:09.0343 2428 Dot4Print - ok
10:30:09.0358 2428 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
10:30:09.0358 2428 dot4usb - ok
10:30:09.0374 2428 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
10:30:09.0374 2428 DPS - ok
10:30:09.0405 2428 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
10:30:09.0405 2428 drmkaud - ok
10:30:09.0436 2428 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
10:30:09.0467 2428 DXGKrnl - ok
10:30:09.0530 2428 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
10:30:09.0530 2428 EapHost - ok
10:30:09.0623 2428 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
10:30:09.0686 2428 ebdrv - ok
10:30:09.0733 2428 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
10:30:09.0733 2428 EFS - ok
10:30:09.0795 2428 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
10:30:09.0811 2428 ehRecvr - ok
10:30:09.0811 2428 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
10:30:09.0826 2428 ehSched - ok
10:30:09.0873 2428 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
10:30:09.0873 2428 elxstor - ok
10:30:09.0904 2428 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
10:30:09.0904 2428 ErrDev - ok
10:30:09.0951 2428 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
10:30:09.0951 2428 EventSystem - ok
10:30:09.0967 2428 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
10:30:09.0967 2428 exfat - ok
10:30:09.0982 2428 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
10:30:09.0982 2428 fastfat - ok
10:30:10.0045 2428 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
10:30:10.0060 2428 Fax - ok
10:30:10.0107 2428 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
10:30:10.0107 2428 fdc - ok
10:30:10.0138 2428 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
10:30:10.0138 2428 fdPHost - ok
10:30:10.0154 2428 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
10:30:10.0154 2428 FDResPub - ok
10:30:10.0169 2428 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
10:30:10.0169 2428 FileInfo - ok
10:30:10.0169 2428 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
10:30:10.0185 2428 Filetrace - ok
10:30:10.0185 2428 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
10:30:10.0185 2428 flpydisk - ok
10:30:10.0216 2428 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
10:30:10.0216 2428 FltMgr - ok
10:30:10.0247 2428 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
10:30:10.0247 2428 FontCache - ok
10:30:10.0310 2428 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:30:10.0310 2428 FontCache3.0.0.0 - ok
10:30:10.0341 2428 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
10:30:10.0341 2428 FsDepends - ok
10:30:10.0372 2428 [ 6C06701BF1DB05405804D7EB610991CE ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
10:30:10.0372 2428 fssfltr - ok
10:30:10.0481 2428 [ 4CE9DAC1518FF7E77BD213E6394B9D77 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
10:30:10.0513 2428 fsssvc - ok
10:30:10.0559 2428 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
10:30:10.0559 2428 Fs_Rec - ok
10:30:10.0622 2428 [ 35FD2BB5131714E657B7AB3A78642854 ] FTDIBUS C:\Windows\system32\drivers\ftdibus.sys
10:30:10.0622 2428 FTDIBUS - ok
10:30:10.0653 2428 [ 196C9BDDBEF9B6D0973F398BEF5B2EEE ] FTSER2K C:\Windows\system32\drivers\ftser2k.sys
10:30:10.0669 2428 FTSER2K - ok
10:30:10.0715 2428 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
10:30:10.0715 2428 fvevol - ok
10:30:10.0731 2428 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
10:30:10.0731 2428 gagp30kx - ok
10:30:10.0762 2428 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
10:30:10.0762 2428 GEARAspiWDM - ok
10:30:10.0871 2428 [ 8F6AE606EB0CC884EE12C41948424422 ] GoToAssist C:\Program Files (x86)\Citrix\GoToAssist\615\g2aservice.exe
10:30:10.0871 2428 GoToAssist - ok
10:30:10.0903 2428 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
10:30:10.0918 2428 gpsvc - ok
10:30:10.0949 2428 [ 2ED7FF3E1ADA4092632393781518B3A7 ] grmnusb C:\Windows\system32\drivers\grmnusb.sys
10:30:10.0949 2428 grmnusb - ok
10:30:11.0059 2428 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:30:11.0059 2428 gupdate - ok
10:30:11.0074 2428 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:30:11.0074 2428 gupdatem - ok
10:30:11.0121 2428 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
10:30:11.0121 2428 gusvc - ok
10:30:11.0215 2428 [ 17D5A13ABBD270B5EC5B8F6A63C4A71C ] HauppaugeTVServer C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe
10:30:11.0215 2428 HauppaugeTVServer - ok
10:30:11.0246 2428 [ F531C096D13A9E12B143DB770814DE92 ] hcw72ADFilter C:\Windows\system32\DRIVERS\hcw72ADFilter.sys
10:30:11.0246 2428 hcw72ADFilter - ok
10:30:11.0324 2428 [ 0496F2A26A9B45412C5CC096D451AA22 ] hcw72ATV C:\Windows\system32\DRIVERS\hcw72ATV.sys
10:30:11.0355 2428 hcw72ATV - ok
10:30:11.0417 2428 [ 13D8E1F19E5F461F99C24E50BC987B58 ] hcw72DTV C:\Windows\system32\DRIVERS\hcw72DTV.sys
10:30:11.0449 2428 hcw72DTV - ok
10:30:11.0464 2428 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
10:30:11.0464 2428 hcw85cir - ok
10:30:11.0511 2428 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
10:30:11.0511 2428 HdAudAddService - ok
10:30:11.0558 2428 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
10:30:11.0558 2428 HDAudBus - ok
10:30:11.0573 2428 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
10:30:11.0573 2428 HidBatt - ok
10:30:11.0589 2428 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
10:30:11.0589 2428 HidBth - ok
10:30:11.0636 2428 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
10:30:11.0636 2428 HidIr - ok
10:30:11.0667 2428 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
10:30:11.0667 2428 hidserv - ok
10:30:11.0714 2428 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
10:30:11.0714 2428 HidUsb - ok
10:30:11.0761 2428 [ A894FB2CAE6A29F5D9C8EDA47B074623 ] HipShieldK C:\Windows\system32\drivers\HipShieldK.sys
10:30:11.0761 2428 HipShieldK - ok
10:30:11.0792 2428 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
10:30:11.0792 2428 hkmsvc - ok
10:30:11.0807 2428 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
10:30:11.0807 2428 HomeGroupListener - ok
10:30:11.0854 2428 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
10:30:11.0854 2428 HomeGroupProvider - ok
10:30:11.0870 2428 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
10:30:11.0870 2428 HpSAMD - ok
10:30:11.0917 2428 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
10:30:11.0917 2428 HTTP - ok
10:30:11.0932 2428 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
10:30:11.0932 2428 hwpolicy - ok
10:30:11.0979 2428 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
10:30:11.0979 2428 i8042prt - ok
10:30:12.0026 2428 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
10:30:12.0026 2428 iaStorV - ok
10:30:12.0088 2428 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:30:12.0088 2428 idsvc - ok
10:30:12.0119 2428 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
10:30:12.0119 2428 iirsp - ok
10:30:12.0151 2428 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
10:30:12.0182 2428 IKEEXT - ok
10:30:12.0182 2428 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
10:30:12.0182 2428 intelide - ok
10:30:12.0213 2428 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
10:30:12.0229 2428 intelppm - ok
10:30:12.0244 2428 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
10:30:12.0244 2428 IPBusEnum - ok
10:30:12.0260 2428 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:30:12.0260 2428 IpFilterDriver - ok
10:30:12.0291 2428 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
10:30:12.0291 2428 iphlpsvc - ok
10:30:12.0307 2428 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
10:30:12.0307 2428 IPMIDRV - ok
10:30:12.0322 2428 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
10:30:12.0322 2428 IPNAT - ok
10:30:12.0385 2428 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
10:30:12.0416 2428 iPod Service - ok
10:30:12.0447 2428 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
10:30:12.0447 2428 IRENUM - ok
10:30:12.0463 2428 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
10:30:12.0463 2428 isapnp - ok
10:30:12.0478 2428 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
10:30:12.0478 2428 iScsiPrt - ok
10:30:12.0525 2428 [ 8D990A44B4F2B68E2C56A3724EC3EB84 ] itecir C:\Windows\system32\DRIVERS\itecir.sys
10:30:12.0525 2428 itecir - ok
10:30:12.0556 2428 [ BD5BF20EC242E003A2F570B8754A56D1 ] ivusb C:\Windows\system32\DRIVERS\ivusb.sys
10:30:12.0556 2428 ivusb - ok
10:30:12.0572 2428 [ 08DD34F74D65E1C8F238565570952630 ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
10:30:12.0572 2428 k57nd60a - ok
10:30:12.0603 2428 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
10:30:12.0603 2428 kbdclass - ok
10:30:12.0650 2428 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
10:30:12.0650 2428 kbdhid - ok
10:30:12.0650 2428 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
10:30:12.0650 2428 KeyIso - ok
10:30:12.0681 2428 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
10:30:12.0681 2428 KSecDD - ok
10:30:12.0712 2428 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
10:30:12.0712 2428 KSecPkg - ok
10:30:12.0728 2428 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
10:30:12.0728 2428 ksthunk - ok
10:30:12.0759 2428 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
10:30:12.0759 2428 KtmRm - ok
10:30:12.0790 2428 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
10:30:12.0790 2428 LanmanServer - ok
10:30:12.0806 2428 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:30:12.0821 2428 LanmanWorkstation - ok
10:30:12.0853 2428 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
10:30:12.0853 2428 lltdio - ok
10:30:12.0868 2428 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
10:30:12.0868 2428 lltdsvc - ok
10:30:12.0915 2428 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
10:30:12.0915 2428 lmhosts - ok
10:30:12.0962 2428 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
10:30:12.0962 2428 LSI_FC - ok
10:30:12.0977 2428 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
10:30:12.0977 2428 LSI_SAS - ok
10:30:12.0993 2428 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
10:30:12.0993 2428 LSI_SAS2 - ok
10:30:13.0009 2428 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
10:30:13.0009 2428 LSI_SCSI - ok
10:30:13.0040 2428 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
10:30:13.0055 2428 luafv - ok
10:30:13.0102 2428 [ B9FC4CCE5758B816F27DD4D1EED11841 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
10:30:13.0102 2428 MBAMProtector - ok
10:30:13.0180 2428 [ 0DCF16B1449811EFA47AB52CAC84093C ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
10:30:13.0196 2428 MBAMScheduler - ok
10:30:13.0243 2428 [ 9EAABA4D601004BEA4DAA6E146E19A96 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
10:30:13.0258 2428 MBAMService - ok
10:30:13.0367 2428 [ C121367D21599367F2ADB9C11B7BABAA ] McAfee SiteAdvisor Service C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
10:30:13.0383 2428 McAfee SiteAdvisor Service - ok
10:30:13.0445 2428 [ FD3AD5E1ECDAA94A89D6697F5C5465D6 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\2.1.121\McCHSvc.exe
10:30:13.0445 2428 McComponentHostService - ok
10:30:13.0477 2428 [ C121367D21599367F2ADB9C11B7BABAA ] McMPFSvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
10:30:13.0477 2428 McMPFSvc - ok
10:30:13.0492 2428 [ C121367D21599367F2ADB9C11B7BABAA ] mcmscsvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
10:30:13.0492 2428 mcmscsvc - ok
10:30:13.0492 2428 [ C121367D21599367F2ADB9C11B7BABAA ] McNaiAnn C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
10:30:13.0492 2428 McNaiAnn - ok
10:30:13.0508 2428 [ C121367D21599367F2ADB9C11B7BABAA ] McNASvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
10:30:13.0508 2428 McNASvc - ok
10:30:13.0601 2428 [ 9EF2FF066F067C140EB2CB776104C602 ] McODS C:\Program Files\McAfee\VirusScan\mcods.exe
10:30:13.0601 2428 McODS - ok
10:30:13.0617 2428 [ C121367D21599367F2ADB9C11B7BABAA ] McProxy C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
10:30:13.0617 2428 McProxy - ok
10:30:13.0664 2428 [ 4DEC9B5BEDAA97B1FF6A3923E1C4F58A ] McShield C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
10:30:13.0664 2428 McShield - ok
10:30:13.0695 2428 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
10:30:13.0695 2428 Mcx2Svc - ok
10:30:13.0711 2428 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
10:30:13.0711 2428 megasas - ok
10:30:13.0742 2428 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
10:30:13.0757 2428 MegaSR - ok
10:30:13.0804 2428 [ B574522827D94126C03975FD53F0B26B ] mfeapfk C:\Windows\system32\drivers\mfeapfk.sys
10:30:13.0804 2428 mfeapfk - ok
10:30:13.0820 2428 [ B393753ECE9A9E2307CB1984ACF3DA9D ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys
10:30:13.0835 2428 mfeavfk - ok
10:30:13.0851 2428 [ 97C398750C8E80A48EB63999546F796E ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
10:30:13.0867 2428 mfefire - ok
10:30:13.0913 2428 [ C52A1ABF03DD219375EA0F6A8BE941C3 ] mfefirek C:\Windows\system32\drivers\mfefirek.sys
10:30:13.0913 2428 mfefirek - ok
10:30:13.0976 2428 [ 7092A6C6158FC4F5AA39EBEB9D5AF03D ] mfehidk C:\Windows\system32\drivers\mfehidk.sys
10:30:13.0991 2428 mfehidk - ok
10:30:14.0007 2428 [ D2A941C82A0A9227CD6F47AD40A40F69 ] mferkdet C:\Windows\system32\drivers\mferkdet.sys
10:30:14.0007 2428 mferkdet - ok
10:30:14.0023 2428 [ 04D48692EFF181DA46DD8EA8BE9FFB2B ] mfevtp C:\Windows\system32\mfevtps.exe
10:30:14.0038 2428 mfevtp - ok
10:30:14.0054 2428 [ 1631E2DA6C4B47D97ECA94842836592E ] mfewfpk C:\Windows\system32\drivers\mfewfpk.sys
10:30:14.0069 2428 mfewfpk - ok
10:30:14.0101 2428 [ E805A347AB28AD569C5CED370A966D80 ] MHIKEY10 C:\Windows\system32\Drivers\MHIKEY10x64.sys
10:30:14.0101 2428 MHIKEY10 - ok
10:30:14.0116 2428 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
10:30:14.0116 2428 MMCSS - ok
10:30:14.0147 2428 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
10:30:14.0147 2428 Modem - ok
10:30:14.0179 2428 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
10:30:14.0179 2428 monitor - ok
10:30:14.0179 2428 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
10:30:14.0179 2428 mouclass - ok
10:30:14.0210 2428 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
10:30:14.0210 2428 mouhid - ok
10:30:14.0225 2428 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
10:30:14.0225 2428 mountmgr - ok
10:30:14.0241 2428 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
10:30:14.0241 2428 mpio - ok
10:30:14.0257 2428 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
10:30:14.0257 2428 mpsdrv - ok
10:30:14.0288 2428 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
10:30:14.0303 2428 MpsSvc - ok
10:30:14.0335 2428 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
10:30:14.0335 2428 MRxDAV - ok
10:30:14.0350 2428 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
10:30:14.0350 2428 mrxsmb - ok
10:30:14.0381 2428 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:30:14.0397 2428 mrxsmb10 - ok
10:30:14.0397 2428 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:30:14.0397 2428 mrxsmb20 - ok
10:30:14.0413 2428 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
10:30:14.0413 2428 msahci - ok
10:30:14.0428 2428 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
10:30:14.0428 2428 msdsm - ok
10:30:14.0459 2428 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
10:30:14.0459 2428 MSDTC - ok
10:30:14.0506 2428 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
10:30:14.0506 2428 Msfs - ok
10:30:14.0506 2428 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
10:30:14.0522 2428 mshidkmdf - ok
10:30:14.0522 2428 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
10:30:14.0522 2428 msisadrv - ok
10:30:14.0569 2428 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
10:30:14.0569 2428 MSiSCSI - ok
10:30:14.0584 2428 msiserver - ok
10:30:14.0647 2428 [ C121367D21599367F2ADB9C11B7BABAA ] MSK80Service C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
10:30:14.0647 2428 MSK80Service - ok
10:30:14.0678 2428 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
10:30:14.0678 2428 MSKSSRV - ok
10:30:14.0709 2428 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
10:30:14.0725 2428 MSPCLOCK - ok
10:30:14.0725 2428 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
10:30:14.0725 2428 MSPQM - ok
10:30:14.0740 2428 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
10:30:14.0756 2428 MsRPC - ok
10:30:14.0756 2428 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
10:30:14.0756 2428 mssmbios - ok
10:30:14.0881 2428 MSSQL$SQLEXPRESS - ok
10:30:14.0959 2428 [ 04EF36EAF5C4DBCE424D81B76F1E9231 ] MSSQLServerADHelper100 C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
10:30:14.0959 2428 MSSQLServerADHelper100 - ok
10:30:14.0990 2428 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
10:30:15.0005 2428 MSTEE - ok
10:30:15.0021 2428 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
10:30:15.0021 2428 MTConfig - ok
10:30:15.0052 2428 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
10:30:15.0052 2428 Mup - ok
10:30:15.0099 2428 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
10:30:15.0099 2428 napagent - ok
10:30:15.0146 2428 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
10:30:15.0146 2428 NativeWifiP - ok
10:30:15.0208 2428 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
10:30:15.0239 2428 NDIS - ok
10:30:15.0271 2428 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
10:30:15.0271 2428 NdisCap - ok
10:30:15.0302 2428 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
10:30:15.0302 2428 NdisTapi - ok
10:30:15.0302 2428 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
10:30:15.0302 2428 Ndisuio - ok
10:30:15.0333 2428 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
10:30:15.0333 2428 NdisWan - ok
10:30:15.0333 2428 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
10:30:15.0349 2428 NDProxy - ok
10:30:15.0364 2428 [ D5AC41AE382738483FAFFBD7E373D49A ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
10:30:15.0364 2428 Net Driver HPZ12 - ok
10:30:15.0411 2428 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
10:30:15.0411 2428 NetBIOS - ok
10:30:15.0427 2428 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
10:30:15.0427 2428 NetBT - ok
10:30:15.0442 2428 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
10:30:15.0442 2428 Netlogon - ok
10:30:15.0489 2428 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
10:30:15.0489 2428 Netman - ok
10:30:15.0551 2428 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:30:15.0551 2428 NetMsmqActivator - ok
10:30:15.0551 2428 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:30:15.0551 2428 NetPipeActivator - ok
10:30:15.0583 2428 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
10:30:15.0583 2428 netprofm - ok
10:30:15.0583 2428 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:30:15.0583 2428 NetTcpActivator - ok
10:30:15.0598 2428 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:30:15.0598 2428 NetTcpPortSharing - ok
10:30:15.0614 2428 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
10:30:15.0614 2428 nfrd960 - ok
10:30:15.0645 2428 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
10:30:15.0661 2428 NlaSvc - ok
10:30:15.0661 2428 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
10:30:15.0661 2428 Npfs - ok
10:30:15.0676 2428 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
10:30:15.0676 2428 nsi - ok
10:30:15.0692 2428 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
10:30:15.0692 2428 nsiproxy - ok
10:30:15.0723 2428 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
10:30:15.0770 2428 Ntfs - ok
10:30:15.0770 2428 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
10:30:15.0770 2428 Null - ok
10:30:15.0817 2428 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
10:30:15.0817 2428 nvraid - ok
10:30:15.0848 2428 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
10:30:15.0848 2428 nvstor - ok
10:30:15.0863 2428 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
10:30:15.0863 2428 nv_agp - ok
10:30:15.0895 2428 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
10:30:15.0895 2428 ohci1394 - ok
10:30:16.0004 2428 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:30:16.0004 2428 ose - ok
10:30:16.0051 2428 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
10:30:16.0051 2428 p2pimsvc - ok
10:30:16.0066 2428 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
10:30:16.0082 2428 p2psvc - ok
10:30:16.0097 2428 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
10:30:16.0097 2428 Parport - ok
10:30:16.0129 2428 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
10:30:16.0129 2428 partmgr - ok
10:30:16.0144 2428 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
10:30:16.0144 2428 PcaSvc - ok
10:30:16.0222 2428 [ 4B5F5774FF1C577B9515FDD2B5C535C5 ] PCDSRVC{1E208CE0-FB7451FF-06020200}_0 c:\program files\dell support center\pcdsrvc_x64.pkms
10:30:16.0269 2428 PCDSRVC{1E208CE0-FB7451FF-06020200}_0 - ok
10:30:16.0285 2428 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
10:30:16.0285 2428 pci - ok
10:30:16.0300 2428 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
10:30:16.0300 2428 pciide - ok
10:30:16.0316 2428 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
10:30:16.0316 2428 pcmcia - ok
10:30:16.0331 2428 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
10:30:16.0331 2428 pcw - ok
10:30:16.0363 2428 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
10:30:16.0378 2428 PEAUTH - ok
10:30:16.0441 2428 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
10:30:16.0472 2428 PeerDistSvc - ok
10:30:16.0550 2428 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
10:30:16.0565 2428 PerfHost - ok
10:30:16.0597 2428 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
10:30:16.0643 2428 pla - ok
10:30:16.0706 2428 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
10:30:16.0706 2428 PlugPlay - ok
10:30:16.0721 2428 [ 37F6046CDC630442D7DC087501FF6FC6 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
10:30:16.0721 2428 Pml Driver HPZ12 - ok
10:30:16.0737 2428 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
10:30:16.0737 2428 PNRPAutoReg - ok
10:30:16.0753 2428 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
10:30:16.0753 2428 PNRPsvc - ok
10:30:16.0799 2428 [ 4F0878FD62D5F7444C5F1C4C66D9D293 ] Point64 C:\Windows\system32\DRIVERS\point64.sys
10:30:16.0799 2428 Point64 - ok
10:30:16.0846 2428 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
10:30:16.0846 2428 PolicyAgent - ok
10:30:16.0862 2428 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
10:30:16.0877 2428 Power - ok
10:30:16.0909 2428 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
10:30:16.0909 2428 PptpMiniport - ok
10:30:16.0924 2428 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
10:30:16.0924 2428 Processor - ok
10:30:16.0971 2428 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
10:30:16.0971 2428 ProfSvc - ok
10:30:16.0987 2428 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
10:30:16.0987 2428 ProtectedStorage - ok
10:30:17.0033 2428 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
10:30:17.0033 2428 Psched - ok
10:30:17.0049 2428 [ 4712CC14E720ECCCC0AA16949D18AAF1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
10:30:17.0049 2428 PxHlpa64 - ok
10:30:17.0111 2428 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
10:30:17.0143 2428 ql2300 - ok
10:30:17.0158 2428 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
10:30:17.0158 2428 ql40xx - ok
10:30:17.0189 2428 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
10:30:17.0205 2428 QWAVE - ok
10:30:17.0205 2428 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
10:30:17.0205 2428 QWAVEdrv - ok
10:30:17.0221 2428 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
10:30:17.0221 2428 RasAcd - ok
10:30:17.0267 2428 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
10:30:17.0283 2428 RasAgileVpn - ok
10:30:17.0283 2428 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
10:30:17.0283 2428 RasAuto - ok
10:30:17.0299 2428 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
10:30:17.0299 2428 Rasl2tp - ok
10:30:17.0314 2428 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
10:30:17.0314 2428 RasMan - ok
10:30:17.0330 2428 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
10:30:17.0330 2428 RasPppoe - ok
10:30:17.0377 2428 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
10:30:17.0377 2428 RasSstp - ok
10:30:17.0392 2428 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
10:30:17.0392 2428 rdbss - ok
10:30:17.0408 2428 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
10:30:17.0408 2428 rdpbus - ok
10:30:17.0408 2428 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
10:30:17.0408 2428 RDPCDD - ok
10:30:17.0439 2428 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
10:30:17.0439 2428 RDPDR - ok
10:30:17.0455 2428 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
10:30:17.0455 2428 RDPENCDD - ok
10:30:17.0455 2428 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
10:30:17.0455 2428 RDPREFMP - ok
10:30:17.0501 2428 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
10:30:17.0501 2428 RDPWD - ok
10:30:17.0517 2428 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
10:30:17.0533 2428 rdyboost - ok
10:30:17.0564 2428 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
10:30:17.0564 2428 RemoteAccess - ok
10:30:17.0579 2428 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
10:30:17.0579 2428 RemoteRegistry - ok
10:30:17.0611 2428 [ 6FAF5B04BEDC66D300D9D233B2D222F0 ] rimmptsk C:\Windows\system32\DRIVERS\rimmpx64.sys
10:30:17.0611 2428 rimmptsk - ok
10:30:17.0626 2428 [ 67F50C31713106FD1B0F286F86AA2B2E ] rimsptsk C:\Windows\system32\DRIVERS\rimspx64.sys
10:30:17.0626 2428 rimsptsk - ok
10:30:17.0642 2428 [ 4D7EF3D46346EC4C58784DB964B365DE ] rismxdp C:\Windows\system32\DRIVERS\rixdpx64.sys
10:30:17.0642 2428 rismxdp - ok
10:30:17.0767 2428 [ 05FC44D32A144925EAE45570029FD6E1 ] RoxMediaDB10 c:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
10:30:17.0798 2428 RoxMediaDB10 - ok
10:30:17.0813 2428 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
10:30:17.0813 2428 RpcEptMapper - ok
10:30:17.0845 2428 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
10:30:17.0845 2428 RpcLocator - ok
10:30:17.0860 2428 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
10:30:17.0860 2428 RpcSs - ok
10:30:17.0907 2428 [ EB1C539E621A35A49F7692B0EB565AB9 ] RsFx0150 C:\Windows\system32\DRIVERS\RsFx0150.sys
10:30:17.0907 2428 RsFx0150 - ok
10:30:17.0923 2428 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
10:30:17.0938 2428 rspndr - ok
10:30:17.0954 2428 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
10:30:17.0954 2428 s3cap - ok
10:30:17.0969 2428 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
10:30:17.0969 2428 SamSs - ok
10:30:17.0985 2428 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
10:30:17.0985 2428 sbp2port - ok
10:30:18.0094 2428 [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
10:30:18.0110 2428 SBSDWSCService - ok
10:30:18.0125 2428 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
10:30:18.0125 2428 SCardSvr - ok
10:30:18.0141 2428 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
10:30:18.0141 2428 scfilter - ok
10:30:18.0172 2428 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
10:30:18.0203 2428 Schedule - ok
10:30:18.0235 2428 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
10:30:18.0235 2428 SCPolicySvc - ok
10:30:18.0281 2428 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\drivers\sdbus.sys
10:30:18.0281 2428 sdbus - ok
10:30:18.0313 2428 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
10:30:18.0313 2428 SDRSVC - ok
10:30:18.0344 2428 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
10:30:18.0344 2428 secdrv - ok
10:30:18.0359 2428 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
10:30:18.0359 2428 seclogon - ok
10:30:18.0359 2428 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
10:30:18.0375 2428 SENS - ok
10:30:18.0391 2428 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
10:30:18.0391 2428 SensrSvc - ok
10:30:18.0422 2428 [ 052D4299E72FFFCCD9A168ADCDF5C450 ] Ser2pl C:\Windows\system32\DRIVERS\ser2pl64.sys
10:30:18.0437 2428 Ser2pl - ok
10:30:18.0469 2428 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
10:30:18.0469 2428 Serenum - ok
10:30:18.0484 2428 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
10:30:18.0484 2428 Serial - ok
10:30:18.0500 2428 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
10:30:18.0500 2428 sermouse - ok
10:30:18.0515 2428 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
10:30:18.0531 2428 SessionEnv - ok
10:30:18.0531 2428 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
10:30:18.0531 2428 sffdisk - ok
10:30:18.0547 2428 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
10:30:18.0547 2428 sffp_mmc - ok
10:30:18.0562 2428 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
10:30:18.0562 2428 sffp_sd - ok
10:30:18.0578 2428 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
10:30:18.0578 2428 sfloppy - ok
10:30:18.0625 2428 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
10:30:18.0625 2428 SharedAccess - ok
10:30:18.0656 2428 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:30:18.0671 2428 ShellHWDetection - ok
10:30:18.0687 2428 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
10:30:18.0687 2428 SiSRaid2 - ok
10:30:18.0703 2428 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
10:30:18.0703 2428 SiSRaid4 - ok
10:30:18.0749 2428 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
10:30:18.0749 2428 SkypeUpdate - ok
10:30:18.0781 2428 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
10:30:18.0796 2428 Smb - ok
10:30:18.0827 2428 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
10:30:18.0827 2428 SNMPTRAP - ok
10:30:18.0827 2428 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
10:30:18.0843 2428 spldr - ok
10:30:18.0859 2428 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
10:30:18.0874 2428 Spooler - ok
10:30:18.0968 2428 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
10:30:19.0046 2428 sppsvc - ok
10:30:19.0061 2428 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
10:30:19.0061 2428 sppuinotify - ok
10:30:19.0186 2428 [ BEA7FEA5BB31EB58D78971F821AE6844 ] SQLAgent$SQLEXPRESS C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
10:30:19.0186 2428 SQLAgent$SQLEXPRESS - ok
10:30:19.0264 2428 [ 7D67C07C63796775CC5492BCFEAFF125 ] SQLBrowser C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
10:30:19.0264 2428 SQLBrowser - ok
10:30:19.0342 2428 [ F98DDFBFE0EE66D4C4B00693512B9527 ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
10:30:19.0342 2428 SQLWriter - ok
10:30:19.0358 2428 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
10:30:19.0358 2428 srv - ok
10:30:19.0389 2428 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
10:30:19.0389 2428 srv2 - ok
10:30:19.0405 2428 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
10:30:19.0405 2428 srvnet - ok
10:30:19.0436 2428 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
10:30:19.0436 2428 SSDPSRV - ok
10:30:19.0451 2428 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
10:30:19.0451 2428 SstpSvc - ok
10:30:19.0467 2428 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
10:30:19.0467 2428 stexstor - ok
10:30:19.0529 2428 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
10:30:19.0545 2428 stisvc - ok
10:30:19.0607 2428 [ FF5EB78AF7DFB68C2FB363537AAF753E ] stllssvr c:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
10:30:19.0607 2428 stllssvr - ok
10:30:19.0639 2428 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
10:30:19.0639 2428 storflt - ok
10:30:19.0654 2428 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
10:30:19.0654 2428 StorSvc - ok
10:30:19.0670 2428 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
10:30:19.0670 2428 storvsc - ok
10:30:19.0685 2428 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
10:30:19.0685 2428 swenum - ok
10:30:19.0701 2428 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
10:30:19.0717 2428 swprv - ok
10:30:19.0748 2428 [ 1657B7442D5CE30533F5C4317716B468 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
10:30:19.0748 2428 SynTP - ok
10:30:19.0795 2428 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
10:30:19.0841 2428 SysMain - ok
10:30:19.0857 2428 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:30:19.0857 2428 TabletInputService - ok
10:30:19.0873 2428 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
10:30:19.0873 2428 TapiSrv - ok
10:30:19.0888 2428 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
10:30:19.0888 2428 TBS - ok
10:30:19.0966 2428 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
10:30:19.0997 2428 Tcpip - ok
10:30:20.0075 2428 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
10:30:20.0075 2428 TCPIP6 - ok
10:30:20.0091 2428 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
10:30:20.0107 2428 tcpipreg - ok
10:30:20.0122 2428 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
10:30:20.0122 2428 TDPIPE - ok
10:30:20.0153 2428 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
10:30:20.0153 2428 TDTCP - ok
10:30:20.0169 2428 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
10:30:20.0169 2428 tdx - ok
10:30:20.0185 2428 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
10:30:20.0185 2428 TermDD - ok
10:30:20.0216 2428 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
10:30:20.0231 2428 TermService - ok
10:30:20.0247 2428 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
10:30:20.0247 2428 Themes - ok
10:30:20.0278 2428 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
10:30:20.0294 2428 THREADORDER - ok
10:30:20.0309 2428 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
10:30:20.0309 2428 TrkWks - ok
10:30:20.0372 2428 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:30:20.0372 2428 TrustedInstaller - ok
10:30:20.0387 2428 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
10:30:20.0387 2428 tssecsrv - ok
10:30:20.0419 2428 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
10:30:20.0434 2428 TsUsbFlt - ok
10:30:20.0465 2428 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
10:30:20.0481 2428 tunnel - ok
10:30:20.0481 2428 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
10:30:20.0481 2428 uagp35 - ok
10:30:20.0512 2428 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
10:30:20.0512 2428 udfs - ok
10:30:20.0543 2428 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
10:30:20.0543 2428 UI0Detect - ok
10:30:20.0590 2428 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
10:30:20.0590 2428 uliagpkx - ok
10:30:20.0606 2428 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
10:30:20.0606 2428 umbus - ok
10:30:20.0621 2428 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
10:30:20.0621 2428 UmPass - ok
10:30:20.0637 2428 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
10:30:20.0637 2428 UmRdpService - ok
10:30:20.0653 2428 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
10:30:20.0668 2428 upnphost - ok
10:30:20.0715 2428 [ E68ADC602CD39B28AE844131A3D3762C ] USB28xxBGA C:\Windows\system32\DRIVERS\emBDA64.sys
10:30:20.0715 2428 USB28xxBGA - ok
10:30:20.0762 2428 [ 859A05F09F7D5CAD8B77D4563CE53E51 ] USB28xxOEM C:\Windows\system32\DRIVERS\emOEM64.sys
10:30:20.0762 2428 USB28xxOEM - ok
10:30:20.0809 2428 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
10:30:20.0809 2428 USBAAPL64 - ok
10:30:20.0855 2428 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
10:30:20.0855 2428 usbaudio - ok
10:30:20.0871 2428 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
10:30:20.0871 2428 usbccgp - ok
10:30:20.0887 2428 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
10:30:20.0887 2428 usbcir - ok
10:30:20.0902 2428 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
10:30:20.0902 2428 usbehci - ok
10:30:20.0918 2428 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
10:30:20.0918 2428 usbhub - ok
10:30:20.0933 2428 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
10:30:20.0933 2428 usbohci - ok
10:30:20.0965 2428 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
10:30:20.0965 2428 usbprint - ok
10:30:20.0980 2428 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
10:30:20.0980 2428 usbscan - ok
10:30:20.0980 2428 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:30:20.0996 2428 USBSTOR - ok
10:30:20.0996 2428 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
10:30:21.0011 2428 usbuhci - ok
10:30:21.0058 2428 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
10:30:21.0058 2428 usbvideo - ok
10:30:21.0074 2428 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
10:30:21.0074 2428 UxSms - ok
10:30:21.0089 2428 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
10:30:21.0089 2428 VaultSvc - ok
10:30:21.0089 2428 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
10:30:21.0089 2428 vdrvroot - ok
10:30:21.0105 2428 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
10:30:21.0121 2428 vds - ok
10:30:21.0136 2428 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
10:30:21.0136 2428 vga - ok
10:30:21.0152 2428 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
10:30:21.0152 2428 VgaSave - ok
10:30:21.0167 2428 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
10:30:21.0183 2428 vhdmp - ok
10:30:21.0199 2428 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
10:30:21.0199 2428 viaide - ok
10:30:21.0214 2428 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
10:30:21.0214 2428 vmbus - ok
10:30:21.0230 2428 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
10:30:21.0230 2428 VMBusHID - ok
10:30:21.0245 2428 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
10:30:21.0245 2428 volmgr - ok
10:30:21.0261 2428 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
10:30:21.0261 2428 volmgrx - ok
10:30:21.0277 2428 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
10:30:21.0277 2428 volsnap - ok
10:30:21.0292 2428 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
10:30:21.0308 2428 vsmraid - ok
10:30:21.0370 2428 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
10:30:21.0401 2428 VSS - ok
10:30:21.0448 2428 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
10:30:21.0448 2428 vwifibus - ok
10:30:21.0448 2428 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
10:30:21.0448 2428 vwififlt - ok
10:30:21.0479 2428 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
10:30:21.0479 2428 W32Time - ok
10:30:21.0495 2428 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
10:30:21.0495 2428 WacomPen - ok
10:30:21.0542 2428 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
10:30:21.0542 2428 WANARP - ok
10:30:21.0542 2428 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
10:30:21.0542 2428 Wanarpv6 - ok
10:30:21.0604 2428 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
10:30:21.0635 2428 WatAdminSvc - ok
10:30:21.0682 2428 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
10:30:21.0698 2428 wbengine - ok
10:30:21.0729 2428 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
10:30:21.0729 2428 WbioSrvc - ok
10:30:21.0745 2428 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
10:30:21.0760 2428 wcncsvc - ok
10:30:21.0760 2428 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:30:21.0760 2428 WcsPlugInService - ok
10:30:21.0776 2428 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
10:30:21.0776 2428 Wd - ok
10:30:21.0823 2428 [ A3D04EBF5227886029B4532F20D026F7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam64.sys
10:30:21.0823 2428 WDC_SAM - ok
10:30:21.0854 2428 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
10:30:21.0854 2428 Wdf01000 - ok
10:30:21.0885 2428 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
10:30:21.0885 2428 WdiServiceHost - ok
10:30:21.0885 2428 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
10:30:21.0885 2428 WdiSystemHost - ok
10:30:21.0916 2428 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
10:30:21.0916 2428 WebClient - ok
10:30:21.0932 2428 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
10:30:21.0932 2428 Wecsvc - ok
10:30:21.0947 2428 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
10:30:21.0947 2428 wercplsupport - ok
10:30:21.0979 2428 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
10:30:21.0979 2428 WerSvc - ok
10:30:22.0010 2428 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
10:30:22.0010 2428 WfpLwf - ok
10:30:22.0025 2428 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
10:30:22.0025 2428 WIMMount - ok
10:30:22.0057 2428 WinDefend - ok
10:30:22.0057 2428 WinHttpAutoProxySvc - ok
10:30:22.0119 2428 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
10:30:22.0119 2428 Winmgmt - ok
10:30:22.0197 2428 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
10:30:22.0228 2428 WinRM - ok
10:30:22.0275 2428 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
10:30:22.0275 2428 WinUsb - ok
10:30:22.0306 2428 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
10:30:22.0337 2428 Wlansvc - ok
10:30:22.0400 2428 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
10:30:22.0400 2428 wlcrasvc - ok
10:30:22.0540 2428 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
10:30:22.0587 2428 wlidsvc - ok
10:30:22.0665 2428 [ 13B0A570E1AE451C92DA550085D72CF3 ] wltrysvc C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
10:30:22.0665 2428 wltrysvc - ok
10:30:22.0696 2428 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
10:30:22.0696 2428 WmiAcpi - ok
10:30:22.0712 2428 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
10:30:22.0712 2428 wmiApSrv - ok
10:30:22.0712 2428 WMPNetworkSvc - ok
10:30:22.0727 2428 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
10:30:22.0727 2428 WPCSvc - ok
10:30:22.0743 2428 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
10:30:22.0743 2428 WPDBusEnum - ok
10:30:22.0759 2428 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
10:30:22.0759 2428 ws2ifsl - ok
10:30:22.0790 2428 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
10:30:22.0790 2428 wscsvc - ok
10:30:22.0805 2428 WSearch - ok
10:30:22.0883 2428 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
10:30:22.0930 2428 wuauserv - ok
10:30:22.0946 2428 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
10:30:22.0946 2428 WudfPf - ok
10:30:22.0961 2428 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
10:30:22.0961 2428 WUDFRd - ok
10:30:22.0977 2428 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
10:30:22.0977 2428 wudfsvc - ok
10:30:22.0993 2428 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
10:30:22.0993 2428 WwanSvc - ok
10:30:23.0117 2428 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
10:30:23.0133 2428 YahooAUService - ok
10:30:23.0133 2428 ================ Scan global ===============================
10:30:23.0164 2428 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
10:30:23.0195 2428 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
10:30:23.0211 2428 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
10:30:23.0242 2428 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
10:30:23.0258 2428 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
10:30:23.0273 2428 [Global] - ok
10:30:23.0273 2428 ================ Scan MBR ==================================
10:30:23.0289 2428 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
10:30:23.0523 2428 \Device\Harddisk0\DR0 - ok
10:30:23.0523 2428 ================ Scan VBR ==================================
10:30:23.0523 2428 [ 16DD54555F90995E2D3B4BB028A49EA0 ] \Device\Harddisk0\DR0\Partition1
10:30:23.0523 2428 \Device\Harddisk0\DR0\Partition1 - ok
10:30:23.0554 2428 [ ADAD449361249A4E94AE6F1A5420CD89 ] \Device\Harddisk0\DR0\Partition2
10:30:23.0554 2428 \Device\Harddisk0\DR0\Partition2 - ok
10:30:23.0554 2428 ============================================================
10:30:23.0554 2428 Scan finished
10:30:23.0554 2428 ============================================================
10:30:23.0554 2748 Detected object count: 0
10:30:23.0554 2748 Actual detected object count: 0


ASW MBR:

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-09-27 10:33:29
-----------------------------
10:33:29.818 OS Version: Windows x64 6.1.7601 Service Pack 1
10:33:29.818 Number of processors: 2 586 0x170A
10:33:29.818 ComputerName: DRP-PC UserName: DRP
10:33:30.645 Initialize success
10:34:44.324 AVAST engine defs: 12092700
10:34:49.488 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
10:34:49.488 Disk 0 Vendor: WDC_WD2500BJKT-75F4T0 11.01A11 Size: 238475MB BusType: 11
10:34:49.519 Disk 0 MBR read successfully
10:34:49.519 Disk 0 MBR scan
10:34:49.519 Disk 0 Windows 7 default MBR code
10:34:49.519 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 133 MB offset 63
10:34:49.535 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 9842 MB offset 274432
10:34:49.550 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 228498 MB offset 20430848
10:34:49.581 Disk 0 scanning C:\Windows\system32\drivers
10:34:57.787 Service scanning
10:35:21.343 Modules scanning
10:35:21.343 Disk 0 trace - called modules:
10:35:21.374 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
10:35:21.374 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007cb7060]
10:35:21.390 3 CLASSPNP.SYS[fffff88001a8d43f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa80076c01f0]
10:35:22.778 AVAST engine scan C:\Windows
10:35:25.087 AVAST engine scan C:\Windows\system32
10:38:49.635 AVAST engine scan C:\Windows\system32\drivers
10:39:06.904 AVAST engine scan C:\Users\DRP
10:45:46.405 Disk 0 MBR has been saved successfully to "C:\Users\DRP\Documents\DRP\COMPUTER\9-26\MBR.dat"
10:45:46.405 The log file has been saved successfully to "C:\Users\DRP\Documents\DRP\COMPUTER\9-26\aswMBR.txt"


ESET List:
C:\Program Files (x86)\Shop to Win 27\Toolbar.dll Win32/Toolbar.BHO.B application cleaned by deleting - quarantined
C:\Users\DRP\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\B7T6ME6R\7516fd43adaa5e0b8a65a672c39845d2[1].htm HTML/Iframe.B.Gen virus deleted - quarantined
C:\Users\DRP\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\FWTP6P2M\7516fd43adaa5e0b8a65a672c39845d2[1].htm HTML/Iframe.B.Gen virus deleted - quarantined
C:\Users\DRP\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\KAHBJ8F0\cse[1].htm HTML/Iframe.B.Gen virus deleted - quarantined
C:\Users\DRP\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\N0QG6P33\49944772[1].htm HTML/Iframe.B.Gen virus deleted - quarantined
C:\Users\DRP\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\U8GDF5SN\99[1].htm HTML/Iframe.B.Gen virus deleted - quarantined
C:\Users\DRP\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\XEF5U3MT\7516fd43adaa5e0b8a65a672c39845d2[1].htm HTML/Iframe.B.Gen virus deleted - quarantined
C:\Users\DRP\AppData\Local\Temp\YEkZgzU.exe Win32/LockScreen.AKU trojan cleaned by deleting - quarantined
C:\Users\DRP\AppData\Local\Temp\033ED4FC-BAB0-7891-910C-F20225B4C202\Latest\MyBabylonTB.exe Win32/Toolbar.Babylon application cleaned by deleting - quarantined
C:\Users\DRP\AppData\LocalLow\FCTB000100565\Toolbar\Toolbar.dll Win32/Toolbar.BHO.B application cleaned by deleting - quarantined
C:\Users\DRP\Downloads\File_Extractor_4.exe a variant of Win32/InstallCore.AH application cleaned by deleting - quarantined


Regards,

DRP

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:34 PM

Posted 27 September 2012 - 06:33 PM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

Launch it and scan should start running.After scan gets completed,post the generated log here.

#5 DGREW

DGREW
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:10:34 AM

Posted 27 September 2012 - 09:35 PM

Computer operating much better - No Hijack to FBI screen, Task Manager functions, MSCONFIG works.

Here are the Logs:

Junkware Removal Tool (JRT) by Thisisu
Version: 1.1.1 (09.27.2012)
OS: Windows 7 Professional x64
Ran by DRP on Thu 09/27/2012 at 16:17:59.43
Blog: http://thisisudax.blogspot.com
**************************************************************




*** Registry Values: 0 Detections



*** Registry Keys:

Successfully deleted: [KEY] hkey_current_user\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}
ERROR: Access is denied.

Failed to delete: [KEY-LOCKED!] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}
ERROR: Access is denied.

Failed to delete: [KEY-LOCKED!] hkey_local_machine\software\wow6432node\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}
ERROR: Access is denied.

Failed to delete: [KEY-LOCKED!] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}
ERROR: Access is denied.

Failed to delete: [KEY-LOCKED!] hkey_local_machine\software\wow6432node\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}
ERROR: Access is denied.

Failed to delete: [KEY-LOCKED!] "hkey_local_machine\software\wow6432node\microsoft\tracing\mybabylontb_rasapi32"
ERROR: Access is denied.

Failed to delete: [KEY-LOCKED!] "hkey_local_machine\software\wow6432node\microsoft\tracing\mybabylontb_rasmancs"



*** Files: 0 Detections



*** Folders: 0 Detections



*** Ask Toolbar: - Remnants removed






*** Event Viewer Logs - Cleared





**************************************************************
Scan was completed on Thu 09/27/2012 at 16:18:15.83
End of Report



Thanks very much for your help on this,

DRP

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:34 PM

Posted 27 September 2012 - 09:52 PM

OTHER LOGS?

Right click on JUNKWARE tool and select-run as admin

Post the log generated here

#7 DGREW

DGREW
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:10:34 AM

Posted 27 September 2012 - 10:15 PM

Here it is ~ thanks for the prompt reply,

Junkware Removal Tool (JRT) by Thisisu
Version: 1.1.1 (09.27.2012)
OS: Windows 7 Professional x64
Ran by DRP on Thu 09/27/2012 at 17:07:11.34
Blog: http://thisisudax.blogspot.com
**************************************************************




*** Registry Values: 0 Detections



*** Registry Keys:

Successfully deleted: [KEY] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}
Successfully deleted: [KEY] "hkey_local_machine\software\wow6432node\microsoft\tracing\mybabylontb_rasapi32"
Successfully deleted: [KEY] "hkey_local_machine\software\wow6432node\microsoft\tracing\mybabylontb_rasmancs"



*** Files: 0 Detections



*** Folders: 0 Detections



*** Ask Toolbar: - Remnants removed






*** Event Viewer Logs - Cleared





**************************************************************
Scan was completed on Thu 09/27/2012 at 17:07:27.45
End of Report

Regards,

DRP

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:34 PM

Posted 27 September 2012 - 10:24 PM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here


?

#9 DGREW

DGREW
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:10:34 AM

Posted 27 September 2012 - 11:01 PM

OOPS !!

I thought that I had included all of that - had all of the logs/reports - somehow it didn't copy into the reply. Will locate it & get it to you.

Very, very sorry - will get right on it.

DRP

#10 DGREW

DGREW
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:10:34 AM

Posted 27 September 2012 - 11:06 PM

Here is what I thought that I had sent you ~ I'll preview post everything before I send it from now on.

Again - sorry for the screw up.

Malwarebytes Anti-Malware (PRO) 1.65.0.1400
www.malwarebytes.org

Database version: v2012.09.27.10

Windows 7 Service Pack 1 x64 NTFS (Safe Mode/Networking)
Internet Explorer 9.0.8112.16421
DRP :: DRP-PC [administrator]

Protection: Disabled

9/27/2012 1:32:32 PM
mbam-log-2012-09-27 (13-32-32).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 429666
Time elapsed: 53 minute(s), 34 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)






MiniToolBox by Farbar Version: 23-07-2012
Ran by DRP (administrator) on 27-09-2012 at 14:55:44
Microsoft Windows 7 Professional Service Pack 1 (X64)
Boot Mode: Network
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================


127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com

There are 15218 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================

Dell Wireless 1397 WLAN Mini-Card = Wireless Network Connection (Connected)
Broadcom NetLink ™ Gigabit Ethernet = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : DRP-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : earthlink.com

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : earthlink.com
Description . . . . . . . . . . . : Broadcom NetLink ™ Gigabit Ethernet
Physical Address. . . . . . . . . : 00-26-B9-24-43-A5
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::ed39:a86b:2aab:494a%11(Preferred)
IPv4 Address. . . . . . . . . . . : 66.133.242.176(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.128
Lease Obtained. . . . . . . . . . : Thursday, September 27, 2012 2:51:01 PM
Lease Expires . . . . . . . . . . : Friday, September 28, 2012 1:20:34 AM
Default Gateway . . . . . . . . . : 66.133.242.129
DHCP Server . . . . . . . . . . . : 24.25.227.132
DHCPv6 IAID . . . . . . . . . . . : 234890937
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-74-E2-4A-00-26-B9-24-43-A5
DNS Servers . . . . . . . . . . . : 207.69.188.186
207.69.188.187
NetBIOS over Tcpip. . . . . . . . : Enabled

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : earthlink.com
Description . . . . . . . . . . . : Dell Wireless 1397 WLAN Mini-Card
Physical Address. . . . . . . . . : C4-17-FE-A3-EA-C3
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::58dc:8e25:76d:c08d%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.113(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Thursday, September 27, 2012 2:51:24 PM
Lease Expires . . . . . . . . . . : Friday, September 28, 2012 2:51:23 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 230955006
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-74-E2-4A-00-26-B9-24-43-A5
DNS Servers . . . . . . . . . . . : 207.69.188.186
207.69.188.187
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.earthlink.com:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: rns2.earthlink.net
Address: 207.69.188.186

Name: google.com
Addresses: 2001:4860:4001:803::1009
74.125.224.66
74.125.224.69
74.125.224.64
74.125.224.71
74.125.224.65
74.125.224.68
74.125.224.73
74.125.224.67
74.125.224.72
74.125.224.78
74.125.224.70


Pinging google.com [74.125.224.72] with 32 bytes of data:
Reply from 74.125.224.72: bytes=32 time=520ms TTL=53
Reply from 74.125.224.72: bytes=32 time=72ms TTL=53

Ping statistics for 74.125.224.72:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 72ms, Maximum = 520ms, Average = 296ms
Server: rns2.earthlink.net
Address: 207.69.188.186

Name: yahoo.com
Addresses: 72.30.38.140
98.138.253.109
98.139.183.24


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=270ms TTL=48
Reply from 98.139.183.24: bytes=32 time=170ms TTL=48

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 170ms, Maximum = 270ms, Average = 220ms
Server: rns2.earthlink.net
Address: 207.69.188.186

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
11...00 26 b9 24 43 a5 ......Broadcom NetLink ™ Gigabit Ethernet
10...c4 17 fe a3 ea c3 ......Dell Wireless 1397 WLAN Mini-Card
1...........................Software Loopback Interface 1
15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 66.133.242.129 66.133.242.176 20
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.113 30
66.133.242.128 255.255.255.128 On-link 66.133.242.176 276
66.133.242.176 255.255.255.255 On-link 66.133.242.176 276
66.133.242.255 255.255.255.255 On-link 66.133.242.176 276
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.113 286
192.168.1.113 255.255.255.255 On-link 192.168.1.113 286
192.168.1.255 255.255.255.255 On-link 192.168.1.113 286
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 66.133.242.176 276
224.0.0.0 240.0.0.0 On-link 192.168.1.113 286
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 66.133.242.176 276
255.255.255.255 255.255.255.255 On-link 192.168.1.113 286
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
11 276 fe80::/64 On-link
10 286 fe80::/64 On-link
10 286 fe80::58dc:8e25:76d:c08d/128
On-link
11 276 fe80::ed39:a86b:2aab:494a/128
On-link
1 306 ff00::/8 On-link
11 276 ff00::/8 On-link
10 286 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 08 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 08 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/27/2012 02:54:06 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/27/2012 01:48:26 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/27/2012 09:30:40 AM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt.

Details:
The content index catalog is corrupt. 0xc0041801 (0xc0041801)

Error: (09/27/2012 09:30:40 AM) (Source: Windows Search Service) (User: )
Description: The search service has detected corrupted data files in the index {id=2350}. The service will attempt to automatically correct this problem by rebuilding the index.

Details:
The content index catalog is corrupt. 0xc0041801 (0xc0041801)

Error: (09/27/2012 09:29:58 AM) (Source: Application Error) (User: )
Description: Faulting application name: DefaultTabSearch.exe, version: 0.0.0.0, time stamp: 0x5004e5aa
Faulting module name: DefaultTabSearch.exe, version: 0.0.0.0, time stamp: 0x5004e5aa
Exception code: 0xc0000005
Fault offset: 0x00002d80
Faulting process id: 0x710
Faulting application start time: 0xDefaultTabSearch.exe0
Faulting application path: DefaultTabSearch.exe1
Faulting module path: DefaultTabSearch.exe2
Report Id: DefaultTabSearch.exe3

Error: (09/27/2012 09:14:59 AM) (Source: System Restore) (User: )
Description: System restore ended unexpectedly because of power loss or a program error. Additional information: (Removed MaxiLink.).

Error: (09/27/2012 09:14:38 AM) (Source: Application Error) (User: )
Description: Faulting application name: DefaultTabSearch.exe, version: 0.0.0.0, time stamp: 0x5004e5aa
Faulting module name: DefaultTabSearch.exe, version: 0.0.0.0, time stamp: 0x5004e5aa
Exception code: 0xc0000005
Fault offset: 0x00002d80
Faulting process id: 0x6dc
Faulting application start time: 0xDefaultTabSearch.exe0
Faulting application path: DefaultTabSearch.exe1
Faulting module path: DefaultTabSearch.exe2
Report Id: DefaultTabSearch.exe3

Error: (09/27/2012 08:57:05 AM) (Source: Application Error) (User: )
Description: Faulting application name: DefaultTabSearch.exe, version: 0.0.0.0, time stamp: 0x5004e5aa
Faulting module name: DefaultTabSearch.exe, version: 0.0.0.0, time stamp: 0x5004e5aa
Exception code: 0xc0000005
Fault offset: 0x00002d80
Faulting process id: 0x708
Faulting application start time: 0xDefaultTabSearch.exe0
Faulting application path: DefaultTabSearch.exe1
Faulting module path: DefaultTabSearch.exe2
Report Id: DefaultTabSearch.exe3

Error: (09/27/2012 05:18:41 AM) (Source: System Restore) (User: )
Description: System restore ended unexpectedly because of power loss or a program error. Additional information: (Removed MaxiLink.).

Error: (09/27/2012 04:11:33 AM) (Source: Application Error) (User: )
Description: Faulting application name: DefaultTabSearch.exe, version: 0.0.0.0, time stamp: 0x5004e5aa
Faulting module name: DefaultTabSearch.exe, version: 0.0.0.0, time stamp: 0x5004e5aa
Exception code: 0xc0000005
Fault offset: 0x00002d80
Faulting process id: 0x720
Faulting application start time: 0xDefaultTabSearch.exe0
Faulting application path: DefaultTabSearch.exe1
Faulting module path: DefaultTabSearch.exe2
Report Id: DefaultTabSearch.exe3


System errors:
=============
Error: (09/27/2012 02:55:14 PM) (Source: DCOM) (User: )
Description: 1084McNaiAnn{DC7EF8E1-824F-4110-AB43-1604DA9B4F40}

Error: (09/27/2012 02:52:32 PM) (Source: DCOM) (User: )
Description: 1084MSIServer{000C101C-0000-0000-C000-000000000046}

Error: (09/27/2012 02:51:35 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (09/27/2012 02:51:35 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (09/27/2012 02:51:35 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (09/27/2012 02:51:35 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (09/27/2012 02:51:35 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (09/27/2012 02:51:35 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (09/27/2012 02:51:28 PM) (Source: DCOM) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (09/27/2012 02:51:28 PM) (Source: DCOM) (User: )
Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}


Microsoft Office Sessions:
=========================
Error: (09/27/2012 02:54:06 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\DRP\Downloads\esetsmartinstaller_enu.exe

Error: (09/27/2012 01:48:26 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\DRP\Downloads\esetsmartinstaller_enu.exe

Error: (09/27/2012 09:30:40 AM) (Source: Windows Search Service)(User: )
Description: Details:
The content index catalog is corrupt. 0xc0041801 (0xc0041801)
The catalog is corrupt

Error: (09/27/2012 09:30:40 AM) (Source: Windows Search Service)(User: )
Description: Details:
The content index catalog is corrupt. 0xc0041801 (0xc0041801)
2350

Error: (09/27/2012 09:29:58 AM) (Source: Application Error)(User: )
Description: DefaultTabSearch.exe0.0.0.05004e5aaDefaultTabSearch.exe0.0.0.05004e5aac000000500002d8071001cd9ce6710ec317C:\Program Files (x86)\DefaultTab\DefaultTabSearch.exeC:\Program Files (x86)\DefaultTab\DefaultTabSearch.exeb7fe2889-08d9-11e2-9f08-0026b92443a5

Error: (09/27/2012 09:14:59 AM) (Source: System Restore)(User: )
Description: Removed MaxiLink.

Error: (09/27/2012 09:14:38 AM) (Source: Application Error)(User: )
Description: DefaultTabSearch.exe0.0.0.05004e5aaDefaultTabSearch.exe0.0.0.05004e5aac000000500002d806dc01cd9ce44d143aceC:\Program Files (x86)\DefaultTab\DefaultTabSearch.exeC:\Program Files (x86)\DefaultTab\DefaultTabSearch.exe945e148a-08d7-11e2-b578-0026b92443a5

Error: (09/27/2012 08:57:05 AM) (Source: Application Error)(User: )
Description: DefaultTabSearch.exe0.0.0.05004e5aaDefaultTabSearch.exe0.0.0.05004e5aac000000500002d8070801cd9ce1d90cb7a6C:\Program Files (x86)\DefaultTab\DefaultTabSearch.exeC:\Program Files (x86)\DefaultTab\DefaultTabSearch.exe20816a26-08d5-11e2-8028-0026b92443a5

Error: (09/27/2012 05:18:41 AM) (Source: System Restore)(User: )
Description: Removed MaxiLink.

Error: (09/27/2012 04:11:33 AM) (Source: Application Error)(User: )
Description: DefaultTabSearch.exe0.0.0.05004e5aaDefaultTabSearch.exe0.0.0.05004e5aac000000500002d8072001cd9cb9f5975b06C:\Program Files (x86)\DefaultTab\DefaultTabSearch.exeC:\Program Files (x86)\DefaultTab\DefaultTabSearch.exe3d17f468-08ad-11e2-b41e-0026b92443a5


=========================== Installed Programs ============================

64 Bit HP CIO Components Installer (Version: 6.2.1)
7-zip v9.20 (Version: v9.20)
Acrobat.com (Version: 2.1.0)
Acrobat.com (Version: 2.1.0.0)
Adobe Acrobat 7.0 Professional (Version: 7.1.0)
Adobe Acrobat 7.1.0 Professional (Version: 7.1.0)
Adobe AIR (Version: 1.5.3.9130)
Adobe Flash Player 11 ActiveX (Version: 11.4.402.265)
Adobe Photoshop 7.0 (Version: 7.0)
Adobe Reader X (10.1.4) (Version: 10.1.4)
Advanced Audio FX Engine (Version: 1.12.05)
Apple Application Support (Version: 2.2.2)
Apple Mobile Device Support (Version: 6.0.0.59)
Apple Software Update (Version: 2.1.3.127)
ATI Catalyst Control Center (Version: 2.009.0625.1811)
AutoUpdate (Version: 1.1)
Bing Rewards Client Installer (Version: 16.0.345.0)
Bonjour (Version: 3.0.0.10)
Canon MP Navigator 3.0
Canon MP510
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Core Implementation (Version: 2009.0625.1812.30825)
Catalyst Control Center Graphics Full Existing (Version: 2009.0625.1812.30825)
Catalyst Control Center Graphics Full New (Version: 2009.0625.1812.30825)
Catalyst Control Center Graphics Light (Version: 2009.0625.1812.30825)
Catalyst Control Center Graphics Previews Common (Version: 2009.0625.1812.30825)
Catalyst Control Center Graphics Previews Vista (Version: 2009.0625.1812.30825)
Catalyst Control Center InstallProxy (Version: 2009.0625.1812.30825)
Catalyst Control Center Localization All (Version: 2009.0625.1812.30825)
ccc-core-static (Version: 2009.0625.1812.30825)
ccc-utility64 (Version: 2009.0625.1812.30825)
CCC Help Chinese Standard (Version: 2009.0625.1811.30825)
CCC Help Chinese Traditional (Version: 2009.0625.1811.30825)
CCC Help Danish (Version: 2009.0625.1811.30825)
CCC Help Dutch (Version: 2009.0625.1811.30825)
CCC Help English (Version: 2009.0625.1811.30825)
CCC Help Finnish (Version: 2009.0625.1811.30825)
CCC Help French (Version: 2009.0625.1811.30825)
CCC Help German (Version: 2009.0625.1811.30825)
CCC Help Italian (Version: 2009.0625.1811.30825)
CCC Help Japanese (Version: 2009.0625.1811.30825)
CCC Help Korean (Version: 2009.0625.1811.30825)
CCC Help Norwegian (Version: 2009.0625.1811.30825)
CCC Help Portuguese (Version: 2009.0625.1811.30825)
CCC Help Russian (Version: 2009.0625.1811.30825)
CCC Help Spanish (Version: 2009.0625.1811.30825)
CCC Help Swedish (Version: 2009.0625.1811.30825)
Cisco EAP-FAST Module (Version: 2.2.14)
Cisco LEAP Module (Version: 1.0.19)
Cisco PEAP Module (Version: 1.1.6)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
CutePDF Writer 2.8
D3DX10 (Version: 15.4.2368.0902)
Dell Edoc Viewer (Version: 1.0.0)
Dell Support Center (Version: 3.2.6032.55)
Dell Touchpad (Version: 13.2.2.2)
Dell Wireless WLAN Card Utility (Version: 5.30.21.0)
DirectXInstallService (Version: 9.0.2)
DivX Codec (Version: 6.6.1)
DVD-Cloner V8.40 Build 1010 (Version: 8.40.0.1010)
EMC 10 Content (Version: 1.0.035)
EMCGadgets64 (Version: 1.0.302)
ESET Online Scanner v3
File Type Assistant
Garmin Communicator Plugin (Version: 3.0.1)
Garmin Training Center (Version: 3.6.5)
Garmin USB Drivers (Version: 2.3.0.0)
Google Chrome (Version: 21.0.1180.89)
Google Earth (Version: 6.1.0.5001)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.4.3230.2052)
Google Update Helper (Version: 1.3.21.123)
GoToAssist Corporate (Version: 9.1.0.615)
Hauppauge WinTV 7 (Version: v7.0.30151 (CD 2.5d))
Internet TV for Windows Media Center (Version: 4.2.2.0)
iTunes (Version: 10.7.0.21)
Java Auto Updater (Version: 2.1.6.0)
Java™ 7 Update 5 (Version: 7.0.50)
Junk Mail filter update (Version: 15.4.3502.0922)
Malwarebytes Anti-Malware version 1.65.0.1400 (Version: 1.65.0.1400)
McAfee Security Scan Plus (Version: 2.1.121.2)
McAfee SecurityCenter (Version: 11.6.434)
McAfee Virtual Technician (Version: 6.5.0.2101)
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Multi-Targeting Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft ASP.NET MVC 2 - VWD Express 2010 Tools (Version: 2.0.50217.0)
Microsoft ASP.NET MVC 2 (Version: 2.0.50217.0)
Microsoft Default Manager (Version: 2.2.114.0)
Microsoft Help Viewer 1.1 (Version: 1.1.40219)
Microsoft IntelliPoint 8.2 (Version: 8.20.468.0)
Microsoft IntelliType Pro 8.2 (Version: 8.20.468.0)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Outlook Connector (Version: 14.0.5118.5000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Office Professional Edition 2003 (Version: 11.0.8173.0)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft Silverlight 3 SDK (Version: 3.0.40818.0)
Microsoft Silverlight 4 SDK (Version: 4.0.50826.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft SQL Server 2008 R2 (64-bit)
Microsoft SQL Server 2008 R2 Management Objects (Version: 10.50.1750.9)
Microsoft SQL Server 2008 R2 Native Client (Version: 10.50.1600.1)
Microsoft SQL Server 2008 R2 RsFx Driver (Version: 10.50.1600.1)
Microsoft SQL Server 2008 R2 Setup (English) (Version: 10.50.1600.1)
Microsoft SQL Server 2008 Setup Support Files (Version: 10.1.2731.0)
Microsoft SQL Server Browser (Version: 10.50.1600.1)
Microsoft SQL Server Database Publishing Wizard 1.4 (Version: 10.1.2512.8)
Microsoft SQL Server System CLR Types (Version: 10.50.1750.9)
Microsoft SQL Server VSS Writer (Version: 10.50.1600.1)
Microsoft UI Engine (Version: 6.3.2348.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (Version: 9.0.30729.4974)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Runtime - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (Version: 10.0.40219)
Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU (Version: 10.0.40219)
Microsoft Visual Studio 2010 Service Pack 1 (Version: 10.0.40219)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.31119)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.31124)
Microsoft Visual Web Developer 2010 Express - ENU (Version: 10.0.40219)
Microsoft Web Platform Installer 2.0 (Version: 2.1.1)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
PL-2303 USB-to-Serial (Version: 1.2.10)
PlayReady PC Runtime amd64 (Version: 1.3.0)
PowerDVD DX (Version: 8.3.6029)
Quickset64 (Version: 9.6.6)
QuickTime (Version: 7.72.80.56)
Roxio Activation Module (Version: 1.0)
Roxio BackOnTrack (Version: 1.3.0)
Roxio Central Audio (Version: 3.8.0)
Roxio Central Copy (Version: 3.8.0)
Roxio Central Core (Version: 3.8.0)
Roxio Central Data (Version: 3.8.0)
Roxio Central Tools (Version: 3.8.0)
Roxio Easy CD and DVD Burning (Version: 10.3)
Roxio Easy CD and DVD Burning (Version: 10.3.106)
Roxio Express Labeler 3 (Version: 3.2.1)
Roxio File Backup (Version: 1.3.0)
Roxio Update Manager (Version: 6.0.0)
Shared C Run-time for x64 (Version: 10.0.0)
Shop To Win (Version: 1.2.0.0)
Skins (Version: 2009.0625.1812.30825)
Skype™ 5.10 (Version: 5.10.116)
Sonic CinePlayer Decoder Pack (Version: 4.3.0)
Spybot - Search & Destroy (Version: 1.6.2)
SQL Server 2008 R2 Common Files (Version: 10.50.1600.1)
SQL Server 2008 R2 Database Engine Services (Version: 10.50.1600.1)
SQL Server 2008 R2 Database Engine Shared (Version: 10.50.1600.1)
Sql Server Customer Experience Improvement Program (Version: 10.50.1600.1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
VD64Inst (Version: 1.00.0000)
Web Deployment Tool (Version: 1.1.0618)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0) (Version: 06/03/2009 2.3.0.0)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Family Safety (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3502.0922)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Media Center Add-in for Flash (Version: 4.1.2.0)
Windows Media Center Add-in for Silverlight (Version: 4.7.3.0)
Yahoo! Software Update
Yahoo! Toolbar

========================= Memory info: ===================================

Percentage of memory in use: 10%
Total physical RAM: 8156.86 MB
Available physical RAM: 7294.31 MB
Total Pagefile: 16311.9 MB
Available Pagefile: 15472.4 MB
Total Virtual: 4095.88 MB
Available Virtual: 3980.05 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:223.14 GB) (Free:133.12 GB) NTFS

========================= Users: ========================================

User accounts for \\DRP-PC

Administrator DRP Guest

========================= Restore Points ==================================

12-09-2012 18:24:59 Scheduled Checkpoint
13-09-2012 13:00:15 Windows Update
21-09-2012 02:05:25 Scheduled Checkpoint
22-09-2012 13:00:25 Windows Update
23-09-2012 16:17:26 Removed MaxiLink.
26-09-2012 13:00:20 Windows Update
26-09-2012 23:55:45 Restore Operation

**** End of log ****




Farbar Service Scanner Version: 19-09-2012
Ran by DRP (administrator) on 27-09-2012 at 15:25:27
Running from "C:\Users\DRP\Downloads"
Microsoft Windows 7 Professional Service Pack 1 (X64)
Boot Mode: Network
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============
SDRSVC Service is not running. Checking service configuration:
The start type of SDRSVC service is OK.
The ImagePath of SDRSVC service is OK.
The ServiceDll of SDRSVC service is OK.

VSS Service is not running. Checking service configuration:
The start type of VSS service is OK.
The ImagePath of VSS service is OK.


System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is OK.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.

BITS Service is not running. Checking service configuration:
The start type of BITS service is OK.
The ImagePath of BITS service is OK.
The ServiceDll of BITS service is OK.

EventSystem Service is not running. Checking service configuration:
The start type of EventSystem service is OK.
The ImagePath of EventSystem service is OK.
The ServiceDll of EventSystem service is OK.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****




# AdwCleaner v2.003 - Logfile created 09/27/2012 at 15:28:37
# Updated 23/09/2012 by Xplode
# Operating system : Windows 7 Professional Service Pack 1 (64 bits)
# User : DRP - DRP-PC
# Boot Mode : Safe mode with networking
# Running from : C:\Users\DRP\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Google Chrome v [Unable to get version]

File : C:\Users\DRP\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [5529 octets] - [27/09/2012 14:48:31]
AdwCleaner[S1].txt - [6344 octets] - [27/09/2012 14:49:22]
AdwCleaner[R2].txt - [928 octets] - [27/09/2012 15:06:47]
AdwCleaner[S2].txt - [987 octets] - [27/09/2012 15:07:15]
AdwCleaner[R3].txt - [1046 octets] - [27/09/2012 15:27:57]
AdwCleaner[S3].txt - [979 octets] - [27/09/2012 15:28:37]

########## EOF - C:\AdwCleaner[S3].txt - [1038 octets] ##########


Junkware Removal Tool (JRT) by Thisisu
Version: 1.1.1 (09.27.2012)
OS: Windows 7 Professional x64
Ran by DRP on Thu 09/27/2012 at 16:17:59.43
Blog: http://thisisudax.blogspot.com
**************************************************************




*** Registry Values: 0 Detections



*** Registry Keys:

Successfully deleted: [KEY] hkey_current_user\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}
ERROR: Access is denied.
Failed to delete: [KEY-LOCKED!] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}
ERROR: Access is denied.
Failed to delete: [KEY-LOCKED!] hkey_local_machine\software\wow6432node\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}
ERROR: Access is denied.
Failed to delete: [KEY-LOCKED!] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}
ERROR: Access is denied.
Failed to delete: [KEY-LOCKED!] hkey_local_machine\software\wow6432node\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}
ERROR: Access is denied.
Failed to delete: [KEY-LOCKED!] "hkey_local_machine\software\wow6432node\microsoft\tracing\mybabylontb_rasapi32"
ERROR: Access is denied.
Failed to delete: [KEY-LOCKED!] "hkey_local_machine\software\wow6432node\microsoft\tracing\mybabylontb_rasmancs"



*** Files: 0 Detections



*** Folders: 0 Detections



*** Ask Toolbar: - Remnants removed






*** Event Viewer Logs - Cleared





**************************************************************
Scan was completed on Thu 09/27/2012 at 16:18:15.83
End of Report

#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:34 PM

Posted 28 September 2012 - 03:50 AM

Please run malwarebytes and Farbar service scanner in normal mode and post the new logs

Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#12 DGREW

DGREW
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:10:34 AM

Posted 28 September 2012 - 11:57 AM

Ran Auto runs a couple of times before I figured it out -


Malwarebytes Anti-Malware (PRO) 1.65.0.1400
www.malwarebytes.org

Database version: v2012.09.28.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
DRP :: DRP-PC [administrator]

Protection: Enabled

9/28/2012 4:24:42 AM
mbam-log-2012-09-28 (04-24-42).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 431742
Time elapsed: 1 hour(s), 58 minute(s), 45 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)









Farbar Service Scanner Version: 19-09-2012
Ran by DRP (administrator) on 28-09-2012 at 06:35:21
Running from "C:\Users\DRP\Downloads"
Microsoft Windows 7 Professional Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****



Rkill 2.4.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 09/28/2012 06:37:14 AM in x64 mode.
Windows Version: Windows 7 Professional Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\Program Files (x86)\Adobe\Acrobat 7.0\Distillr\acrotray.exe (PID: 3996) [FI]
* C:\Users\DRP\Downloads\FSS.exe (PID: 6672) [UP-HEUR]

2 proccesses terminated!

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
* HKLM\Software\Classes\exefile\shell\open\command\\IsolatedCommand was changed. It was reset to "%1" %*!

* HKLM\Software\Classes\exefile\shell\runas\command\\IsolatedCommand was changed. It was reset to "%1" %*!


Performing miscellaneous checks:

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

* ALERT: ZEROACCESS rootkit symptoms found!

* HKEY_CLASSES_ROOT\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InprocServer32 [ZA Reg Hijack]
* C:\$Recycle.Bin\S-1-5-21-751523452-466077293-969968218-1001\$2e5da3185d7f9dbb52812519e82f628e\ [ZA Dir]
* C:\$Recycle.Bin\S-1-5-21-751523452-466077293-969968218-1001\$2e5da3185d7f9dbb52812519e82f628e\L\ [ZA Dir]
* C:\$Recycle.Bin\S-1-5-21-751523452-466077293-969968218-1001\$2e5da3185d7f9dbb52812519e82f628e\U\ [ZA Dir]

Checking Windows Service Integrity:

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Manual

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* Cannot edit the HOSTS file.
* Permissions Fixed. Administrators can now edit the HOSTS file.

* HOSTS file entries found:

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com

20 out of 15238 HOSTS entries shown.
Please review HOSTS file for further entries.

Program finished at: 09/28/2012 06:37:38 AM
Execution time: 0 hours(s), 0 minute(s), and 24 seconds(s)


AUTORUNS

"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Broadcom Wireless Manager UI" "Dell Wireless WLAN Card Wireless Network Tray Applet" "Dell Inc." "c:\program files\dell\dell wireless wlan card\wltray.exe"
+ "IntelliPoint" "IPoint.exe" "Microsoft Corporation" "c:\program files\microsoft intellipoint\ipoint.exe"
+ "itype" "IType.exe" "Microsoft Corporation" "c:\program files\microsoft intellitype pro\itype.exe"
+ "QuickSet" "QuickSet" "Dell Inc." "c:\program files\dell\quickset\quickset.exe"
+ "SynTPEnh" "Synaptics TouchPad Enhancements" "Synaptics Incorporated" "c:\program files\synaptics\syntp\syntpenh.exe"
+ "SysTrayApp" "IDT PC Audio" "IDT, Inc." "c:\program files\idt\wdm\sttray64.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Acrobat Assistant 7.0" "AcroTray" "Adobe Systems Inc." "c:\program files (x86)\adobe\acrobat 7.0\distillr\acrotray.exe"
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe"
+ "APSDaemon" "Apple Push" "Apple Inc." "c:\program files (x86)\common files\apple\apple application support\apsdaemon.exe"
+ "DellSupportCenter" "" "" "File not found: C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe"
+ "iTunesHelper" "iTunesHelper" "Apple Inc." "c:\program files (x86)\itunes\ituneshelper.exe"
+ "mcui_exe" "McAfee Security Center" "McAfee, Inc." "c:\program files\mcafee.com\agent\mcagent.exe"
+ "Microsoft Default Manager" "Microsoft Default Manager" "Microsoft Corporation" "c:\program files (x86)\microsoft\search enhancement pack\default manager\defmgr.exe"
+ "PDVDDXSrv" "CyberLink PowerDVD Resident Program" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\pdvddxsrv.exe"
+ "QuickTime Task" "QuickTime Task" "Apple Inc." "c:\program files (x86)\quicktime\qttask.exe"
+ "StartCCC" "Catalyst® Control Center Launcher" "Advanced Micro Devices, Inc." "c:\program files (x86)\ati technologies\ati.ace\core-static\clistart.exe"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files (x86)\common files\java\java update\jusched.exe"
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "Adobe Acrobat Speed Launcher.lnk" "" "" "c:\windows\installer\{ac76ba86-1033-0000-7760-000000000002}\sc_acrobat.exe"
+ "Adobe Gamma Loader.lnk" "Adobe Gamma Loader" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\calibration\adobe gamma loader.exe"
+ "AutoStart IR.lnk" "IR" "Hauppauge Computer Works" "c:\program files (x86)\wintv\ir.exe"
+ "McAfee Security Scan Plus.lnk" "" "" "File not found: C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe"
+ "WinTV Recording Status.lnk" "WinTVTray" "Hauppauge Computer Works, Inc." "c:\program files (x86)\wintv\wintv7\wintvtray.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "gStart" "gStart Application" "GARMIN Corp." "c:\program files (x86)\garmin\training center\gstart.exe"
+ "Microsoft Updat" "" "" "File not found: C:\Windows\Tasks\sqlservr.exe"
+ "SpybotSD TeaTimer" "System settings protector" "Safer-Networking Ltd." "c:\program files (x86)\spybot - search & destroy\teatimer.exe"
+ "swg" "GoogleToolbarNotifier" "Google Inc." "c:\program files (x86)\google\googletoolbarnotifier\googletoolbarnotifier.exe"
+ "updateMgr" "Adobe Update Manager" "Adobe Systems Incorporated" "c:\program files (x86)\adobe\acrobat 7.0\acrobat\adobeupdatemanager.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "application/x-mfe-ipt" "McAfee MSC IE plugin DLL" "McAfee, Inc." "c:\program files\mcafee\msc\mcsniepl64.dll"
"HKLM\SOFTWARE\Classes\Protocols\Handler" "" "" ""
+ "dssrequest" "SiteAdvisor" "McAfee, Inc." "c:\program files (x86)\mcafee\siteadvisor\x64\mcieplg.dll"
+ "sacore" "SiteAdvisor" "McAfee, Inc." "c:\program files (x86)\mcafee\siteadvisor\x64\mcieplg.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "McCtxMenuFrmWrk" "McAfee ContextMenu Framework" "McAfee, Inc." "c:\program files\mcafee\msc\mcctxmenufrmwrk.dll"
+ "RXDCExtSvr" "Roxio Disc Copier Shell Extension (AMD64)" "Sonic Solutions" "c:\program files\roxio\virtual drive 10\dc_shellext64.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "Adobe.Acrobat.ContextMenu" "Adobe Acrobat Context Menu" "Adobe Systems Inc." "c:\program files (x86)\adobe\acrobat 7.0\acrobat elements\contextmenu.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "McCtxMenuFrmWrk" "McAfee ContextMenu Framework" "McAfee, Inc." "c:\program files\mcafee\msc\mcctxmenufrmwrk.dll"
+ "RXDCExtSvr" "Roxio Disc Copier Shell Extension (AMD64)" "Sonic Solutions" "c:\program files\roxio\virtual drive 10\dc_shellext64.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Google Toolbar Helper" "Google Toolbar" "Google Inc." "c:\program files (x86)\google\google toolbar\googletoolbar_64.dll"
+ "McAfee SiteAdvisor BHO" "SiteAdvisor" "McAfee, Inc." "c:\program files (x86)\mcafee\siteadvisor\x64\mcieplg.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "&Yahoo! Toolbar Helper" "Yahoo! Toolbar" "Yahoo! Inc." "c:\program files (x86)\yahoo!\companion\installs\cpn1\yt.dll"
+ "Adobe PDF Conversion Toolbar Helper" "Adobe IE plugin" "Adobe Systems Incorporated" "c:\program files (x86)\adobe\acrobat 7.0\acrobat\acroiefavclient.dll"
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "Adobe PDF Reader Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelper.dll"
+ "DefaultTab Browser Helper" "" "" "File not found: C:\Users\DRP\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll"
+ "Google Toolbar Helper" "Google Toolbar" "Google Inc." "c:\program files (x86)\google\google toolbar\googletoolbar_32.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\java\jre7\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\java\jre7\bin\ssv.dll"
+ "McAfee SiteAdvisor BHO" "SiteAdvisor" "McAfee, Inc." "c:\program files (x86)\mcafee\siteadvisor\mcieplg.dll"
+ "Qwiklinx" "" "" "File not found: C:\Users\DRP\AppData\Roaming\Qwiklinx\Qwiklinx.dll"
+ "Shop to Win" "Shop To Win" "Shop To Win, LLC" "c:\program files (x86)\shop to win 27\shop to win 27.dll"
+ "Spybot-S&D IE Protection" "SBSD IE Protection" "Safer Networking Limited" "c:\program files (x86)\spybot - search & destroy\sdhelper.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll"
+ "Windows Live Messenger Companion Helper" "Windows Live Messenger Companion Core" "Microsoft Corporation" "c:\program files (x86)\windows live\companion\companioncore.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "Google Toolbar" "Google Toolbar" "Google Inc." "c:\program files (x86)\google\google toolbar\googletoolbar_64.dll"
+ "McAfee SiteAdvisor" "SiteAdvisor" "McAfee, Inc." "c:\program files (x86)\mcafee\siteadvisor\x64\mcieplg.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "Adobe PDF" "Adobe IE plugin" "Adobe Systems Incorporated" "c:\program files (x86)\adobe\acrobat 7.0\acrobat\acroiefavclient.dll"
+ "Google Toolbar" "Google Toolbar" "Google Inc." "c:\program files (x86)\google\google toolbar\googletoolbar_32.dll"
+ "McAfee SiteAdvisor" "SiteAdvisor" "McAfee, Inc." "c:\program files (x86)\mcafee\siteadvisor\mcieplg.dll"
+ "Yahoo! Toolbar" "Yahoo! Toolbar" "Yahoo! Inc." "c:\program files (x86)\yahoo!\companion\installs\cpn1\yt.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "&Blog This in Windows Live Writer" "Windows Live Writer Blog This Extension" "Microsoft Corporation" "c:\program files (x86)\windows live\writer\writerbrowserextension.dll"
+ "Messenger Companion (Ctrl+Shift+C)" "Windows Live Messenger Companion Core" "Microsoft Corporation" "c:\program files (x86)\windows live\companion\companioncore.dll"
+ "Spybot - Search && Destroy Configuration" "SBSD IE Protection" "Safer Networking Limited" "c:\program files (x86)\spybot - search & destroy\sdhelper.dll"
"Task Scheduler" "" "" ""
X "\ALARMS\OTTMAR" "" "" "c:\users\drp\music\ottmar liebert\nouveau flamenco [1990-2000 special tenth anniversary edition]\02 santa fe.wma"
+ "\Apple\AppleSoftwareUpdate" "Apple Software Update" "Apple Inc." "c:\program files (x86)\apple software update\softwareupdate.exe"
+ "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task" "Windows Live Social Object Extractor Engine" "Microsoft Corporation" "c:\program files (x86)\windows live\soxe\wlsoxe.dll"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
+ "\Microsoft_Hardware_Launch_IPoint_exe" "IPoint.exe" "Microsoft Corporation" "c:\program files\microsoft intellipoint\ipoint.exe"
+ "\Microsoft_Hardware_Launch_IType_exe" "IType.exe" "Microsoft Corporation" "c:\program files\microsoft intellitype pro\itype.exe"
+ "\PCDEventLauncher" "PC-Doctor Module" "PC-Doctor, Inc." "c:\program files\dell support center\sessionchecker.exe"
+ "\PCDoctorBackgroundMonitorTask" "PC-Doctor Module" "PC-Doctor, Inc." "c:\program files\dell support center\uaclauncher.exe"
+ "\SystemToolsDailyTest" "" "" "File not found: uaclauncher.exe"
+ "\{09EA5C68-79BC-49E6-8B36-C4B69FEB3CE5}" "Adobe Acrobat 7.0" "Adobe Systems Incorporated" "c:\program files (x86)\adobe\acrobat 7.0\acrobat\acrobat.exe"
+ "\{111A2978-36F2-4102-992A-7E6982E736B5}" "" "" "File not found: D:\SETUP.EXE"
+ "\{25B42679-CA50-4DE8-9631-6680CC628087}" "" "" "File not found: D:\SETUP.EXE"
+ "\{4858E63D-7BF6-454E-8988-B15FBF1EF92F}" "" "" "File not found: D:\SETUP.EXE"
+ "\{4AFDAEF8-8AC9-433C-8C83-C4EAD0746348}" "" "" "File not found: D:\AutoRun.exe"
+ "\{5D4EAB0F-8BC7-4CC9-A749-0C926335174F}" "" "" "File not found: C:\Users\DRP\Documents\OFFICE\AutoRun.exe"
+ "\{6F1DA906-85D9-41AC-B50C-CCFB9C3BC58E}" "Adobe Acrobat 7.0" "Adobe Systems Incorporated" "c:\program files (x86)\adobe\acrobat 7.0\acrobat\acrobat.exe"
+ "\{7FC6EA66-8F3E-4D60-9709-DE02E78D7000}" "" "" "File not found: D:\AutoRun.exe"
+ "\{AD8830D5-713E-485B-837B-FDB532ACB62A}" "" "" "File not found: D:\AutoRun.exe"
+ "\{ADDC804D-3583-4837-A3FC-CE3F3BABDAF9}" "" "" "File not found: D:\AutoRun.exe"
+ "\{B4C1C79D-C789-4291-98E5-5048BEEDF7F7}" "E-Train Data" "CATEYE" "c:\cateye\cateye\e-train data\etrain.exe"
+ "\{C83B8C4E-989E-4904-8D6B-1BD863FC76D7}" "Skype " "Skype Technologies S.A." "c:\program files (x86)\skype\phone\skype.exe"
+ "\{DC7B767C-DE47-4D8F-8E58-C6C69359A1E6}" "" "" "File not found: D:\AutoRun.exe"
+ "\{EA8B4FA7-C9F0-461F-999A-2F9854FFBE10}" "WinTV7" "Hauppauge Computer Works, Inc." "c:\program files (x86)\wintv\wintv7\wintv7.exe"
+ "\{F9E84776-97B5-405B-A214-9D9C85FCC06B}" "" "" "File not found: C:\Users\DRP\Documents\OFFICE\AutoRun.exe"
+ "\{FF0475FB-E12B-4A8E-B388-10B7C13F3DC4}" "Adobe Photoshop" "Adobe Systems, Incorporated" "c:\program files (x86)\adobe\photoshop 7.0\photoshop.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "Adobe LM Service" "AdobeLM Service" "Adobe Systems" "c:\program files (x86)\common files\adobe systems shared\service\adobelmsvc.exe"
+ "AdobeARMservice" "Adobe Acrobat Updater keeps your Adobe software up to date." "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe"
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "AMD External Events Utility" "AMD External Events Service Module" "AMD" "c:\windows\system32\atiesrxx.exe"
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files (x86)\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "Bonjour Service" "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence." "Apple Inc." "c:\program files\bonjour\mdnsresponder.exe"
+ "DefaultTabUpdate" "DefaultTab Update Service" "" "File not found: C:\Users\DRP\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe"
+ "DockLoginService" "Dock Login Service" "" "File not found: C:\Program Files\Dell\DellDock\DockLogin.exe"
+ "fsssvc" "This service enables Family Safety on the computer. If this service is not running, Family Safety will not work." "Microsoft Corporation" "c:\program files (x86)\windows live\family safety\fsssvc.exe"
+ "GoToAssist" "Citrix GoToAssist provides remote help to this PC." "Citrix Online, a division of Citrix Systems, Inc." "c:\program files (x86)\citrix\gotoassist\615\g2aservice.exe"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "gusvc" "Google Updater keeps your Google software up to date. If Google Updater Service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work." "Google" "c:\program files (x86)\google\common\google updater\googleupdaterservice.exe"
+ "HauppaugeTVServer" "Hauppauge TV Server" "Hauppauge Computer Works" "c:\program files (x86)\wintv\tvserver\hauppaugetvserver.exe"
+ "iPod Service" "iPod hardware management services" "Apple Inc." "c:\program files\ipod\bin\ipodservice.exe"
+ "MBAMScheduler" "Malwarebytes Anti-Malware scheduler" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamscheduler.exe"
+ "MBAMService" "Malwarebytes Anti-Malware service" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamservice.exe"
+ "McAfee SiteAdvisor Service" "McAfee SiteAdvisor Service" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McComponentHostService" "McAfee Security Scan Component Host Service" "McAfee, Inc." "c:\program files (x86)\mcafee security scan\2.1.121\mcchsvc.exe"
+ "McMPFSvc" "Helps protect your computer from intrusion and let's you manage your computer's trusted programs." "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "mcmscsvc" "McAfee Services" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McNaiAnn" "McAfee VirusScan Announcer" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McNASvc" "McAfee Network Agent" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McODS" "McAfee Scanner" "McAfee, Inc." "c:\program files\mcafee\virusscan\mcods.exe"
+ "McProxy" "McAfee Proxy Service" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McShield" "McAfee OnAccess Scanner" "McAfee, Inc." "c:\program files\common files\mcafee\systemcore\mcshield.exe"
+ "mfefire" "Provides firewall services to McAfee products" "McAfee, Inc." "c:\program files\common files\mcafee\systemcore\mfefire.exe"
+ "mfevtp" "Provides validation trust protection services" "McAfee, Inc." "c:\windows\system32\mfevtps.exe"
+ "MSK80Service" "This service filters e-mail messages on your computer" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "MSSQL$SQLEXPRESS" "Provides storage, processing and controlled access of data, and rapid transaction processing." "Microsoft Corporation" "c:\program files\microsoft sql server\mssql10_50.sqlexpress\mssql\binn\sqlservr.exe"
+ "Net Driver HPZ12" "Dot4Net Module" "Hewlett-Packard" "c:\windows\system32\hpzinw12.dll"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"
+ "Pml Driver HPZ12" "PmlDrv Module" "Hewlett-Packard" "c:\windows\system32\hpzipm12.dll"
+ "RoxMediaDB10" "Roxio RoxMediaDB10 Service" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\sharedcom\roxmediadb10.exe"
+ "SBSDWSCService" "Spybot-S&D Security Center integration" "Safer Networking Ltd." "c:\program files (x86)\spybot - search & destroy\sdwinsec.exe"
+ "SkypeUpdate" "Enables the detection, download and installation of updates for Skype." "Skype Technologies" "c:\program files (x86)\skype\updater\updater.exe"
+ "SQLWriter" "Provides the interface to backup/restore Microsoft SQL server through the Windows VSS infrastructure." "Microsoft Corporation" "c:\program files\microsoft sql server\90\shared\sqlwriter.exe"
+ "stllssvr" "SureThing Labelflash Disc Printer Service Module" "MicroVision Development, Inc." "c:\program files (x86)\common files\surething shared\stllssvr.exe"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "wlidsvc" "Enables Windows Live ID authentication." "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
+ "wltrysvc" "Provides automatic configuration for the 802.11 adapter using the Broadcom supplicant." "" "c:\program files\dell\dell wireless wlan card\wltrysvc.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
+ "YahooAUService" "Keeps your favorite Yahoo! software up-to-date with the latest features, tools, and enhancements." "Yahoo! Inc." "c:\program files (x86)\yahoo!\softwareupdate\yahooauservice.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "A2DDA" "Emsisoft Direct Disk Access Support Driver" "Emsi Software GmbH" "c:\users\drp\downloads\emsisoftemergencykit\run\a2ddax64.sys"
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "AtiHdmiService" "Ati High Definition Audio Function Driver" "ATI Research Inc." "c:\windows\system32\drivers\atihdmi.sys"
+ "atikmdag" "ATI Radeon Kernel Mode Driver" "ATI Technologies Inc." "c:\windows\system32\drivers\atikmdag.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "BCM42RLY" "Broadcom iLine10™ PCI Network Adapter Proxy Protocol Driver" "Broadcom Corporation" "c:\windows\system32\drivers\bcm42rly.sys"
+ "BCM43XX" "Broadcom 802.11 Network Adapter wireless driver" "Broadcom Corporation" "c:\windows\system32\drivers\bcmwl664.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "cfwids" "McAfee Personal Firewall IDS Plugin" "McAfee, Inc." "c:\windows\system32\drivers\cfwids.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "FTDIBUS" "FTDIBUS USB Driver" "FTDI Ltd." "c:\windows\system32\drivers\ftdibus.sys"
+ "FTSER2K" "FTDIBUS Serial Device Driver" "FTDI Ltd." "c:\windows\system32\drivers\ftser2k.sys"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "grmnusb" "grmnusb.sys" "GARMIN Corp." "c:\windows\system32\drivers\grmnusb.sys"
+ "hcw72ADFilter" "WinTV HVR-950 USB Audio Filter Service" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw72adfilter.sys"
+ "hcw72ATV" "WinTV HVR-950 AVStream Driver" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw72atv.sys"
+ "hcw72DTV" "WinTV HVR-950 BDA Driver" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw72dtv.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HipShieldK" "McAfee HIP IPS Driver" "McAfee, Inc." "c:\windows\system32\drivers\hipshieldk.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "itecir" "ITE Consumer IR Driver for eHome" "ITE Tech. Inc. " "c:\windows\system32\drivers\itecir.sys"
+ "ivusb" "Initio Default Vendor Specific Device Driver" "Initio Corporation" "c:\windows\system32\drivers\ivusb.sys"
+ "k57nd60a" "Broadcom NetLink ™ Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\k57nd60a.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "MBAMProtector" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\windows\system32\drivers\mbam.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "mfeapfk" "Access Protection Filter Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfeapfk.sys"
+ "mfeavfk" "Anti-Virus File System Filter Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfeavfk.sys"
+ "mfeavfk01" "" "" "File not found: C:\Windows\System32\Drivers\mfeavfk01.sys"
+ "mfefirek" "McAfee Core Firewall Engine Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfefirek.sys"
+ "mfehidk" "McAfee Link Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfehidk.sys"
+ "mferkdet" "McAfee Code Analysis Driver" "McAfee, Inc." "c:\windows\system32\drivers\mferkdet.sys"
+ "mfewfpk" "Anti-Virus Mini-Firewall Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfewfpk.sys"
+ "MHIKEY10" "MultiCard reader 1.0" "Generic USB smartcard reader" "c:\windows\system32\drivers\mhikey10x64.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "PCDSRVC{1E208CE0-FB7451FF-06020200}_0" "Kernel Driver" "PC-Doctor, Inc." "c:\program files\dell support center\pcdsrvc_x64.pkms"
+ "PxHlpa64" "Px Engine Device Driver for 64-bit Windows" "Sonic Solutions" "c:\windows\system32\drivers\pxhlpa64.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "rimmptsk" "RICOH MMC Driver" "REDC" "c:\windows\system32\drivers\rimmpx64.sys"
+ "rimsptsk" "RICOH MS Driver" "REDC" "c:\windows\system32\drivers\rimspx64.sys"
+ "rismxdp" "RICOH xD SM Driver" "REDC" "c:\windows\system32\drivers\rixdpx64.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "Ser2pl" "USB-to-Serial Cable Driver" "Prolific Technology Inc." "c:\windows\system32\drivers\ser2pl64.sys"
+ "Serial" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\serial.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "SynTP" "Synaptics Touchpad Driver" "Synaptics Incorporated" "c:\windows\system32\drivers\syntp.sys"
+ "USB28xxBGA" "USB 28xx BDA Driver" "eMPIA Technology, Inc." "c:\windows\system32\drivers\embda64.sys"
+ "USB28xxOEM" "USB 28xx BDA Lower filter" "eMPIA Technology, Inc." "c:\windows\system32\drivers\emoem64.sys"
+ "USBAAPL64" "Apple Mobile Device USB Driver" "Apple, Inc." "c:\windows\system32\drivers\usbaapl64.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
+ "WDC_SAM" "Manages WD external storage products." "Western Digital Technologies" "c:\windows\system32\drivers\wdcsam64.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
+ "vidc.DIVX" "DivX" "DivX, Inc." "c:\windows\syswow64\divx.dll"
+ "vidc.yv12" "DivX" "DivX, Inc." "c:\windows\syswow64\divx.dll"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "MainConcept (MCE) MPEG Encoder" "MPEG Encoder and Muxer" "MainConcept AG" "c:\windows\system32\hauppauge\softmce\mceesmpeg.ax"
+ "MS PR Source Filter" "PlayReady DirectShow Source Filter DLL" "Microsoft Corporation" "c:\program files\playready\prsource.dll"
+ "PlayReady DMO Wrapper" "PlayReady DirectShow DMO Wrapper Filter DLL" "Microsoft Corporation" "c:\program files\playready\prdmowrapper.dll"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "ArcSoft Mpeg Mplex Filter" "MplexFilter" "ArcSoft Inc." "c:\program files (x86)\wintv\wintv7\codecs\mpeg-2 ps mux\arcmplexfilter.ax"
+ "ArcSoft TS Stream" "ArcSoft Mpeg Demux" "ArcSoft Inc." "c:\program files (x86)\wintv\wintv7\codecs\encoders\arcdemux.ax"
+ "ATI Ticker" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\ticker.ax"
+ "Audio Destination" "WAVDest Filter (Sample)" "Microsoft Corporation" "c:\program files (x86)\google\google earth\client\wavdest.ax"
+ "Capture File Writer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "CyberLink Audio Decoder" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\claud.ax"
+ "CyberLink Audio Effect" "CyberLink Audio Effect Filter" "CyberLink Corporation" "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\claudfx.ax"
+ "CyberLink Audio Spectrum Analyzer" "CLAudSpa.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\claudspa.ax"
+ "CyberLink Audio Wizard" "CyberLink Audio Wizard Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\claudwizard.ax"
+ "CyberLink AudioCD Filter" "CyberLink AudioCD Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\claudiocd.ax"
+ "CyberLink Demultiplexer" "MPEG-2 Dempltiplexer" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\cldemuxer.ax"
+ "CyberLink DVD Navigator" "CyberLink DVD Navigation Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\clnavx.ax"
+ "CyberLink Line21 Decoder Filter" "CyberLink Line21 Decoder Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\clline21.ax"
+ "Cyberlink SubTitle Importor" "CLSubTitle.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\clsubtitle.ax"
+ "CyberLink TimeStretch Filter" "CLAuTS.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\clauts.ax"
+ "CyberLink Tzan Filter" "Cyberlink Tzan Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\cltzan.ax"
+ "CyberLink Video Effect" "CLVidFx" "CyberLink" "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\clvidfx.ax"
+ "CyberLink Video/SP Decoder" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\clvsd.ax"
+ "DivX Decoder Filter" "DivX® Decoder Filter" "DivX, Inc." "c:\windows\syswow64\divxdec.ax"
+ "DivX Demux" "DivX® Media Filter" "DivXNetworks" "c:\windows\syswow64\divxmedia.ax"
+ "DivX Subtitle Decoder" "DivX® Media Filter" "DivXNetworks" "c:\windows\syswow64\divxmedia.ax"
+ "Dump" "hcwTSSub Dynamic Link Library" "Hauppauge Computer Works, Inc." "c:\program files (x86)\wintv\wintv7\hcwtssubtitles.ax"
+ "Dump" "hcwTSTel Dynamic Link Library" "Hauppauge Computer Works, Inc." "c:\program files (x86)\wintv\wintv7\hcwtsteletext.dll"
+ "Hauppauge AC3 Decoder" "Hauppauge AC3 Decoder -" "PCTV Systems S.à r.l." "c:\program files (x86)\wintv\wintv7\codecs\ac3\haupac3decoder.ax"
+ "Hauppauge CC Dump" "hcwCCDump" "Hauppauge Computer Works" "c:\program files (x86)\wintv\wintv7\hcwccdump.ax"
+ "Hauppauge CC Inserter" "HCW CC Inserter" "Hauppauge Computer Works" "c:\program files (x86)\wintv\wintv7\hcwccinserter.ax"
+ "HAUPPAUGE E-AC3 Decoder" "Hauppauge E-AC3 Decoder -" "PCTV Systems S.à r.l." "c:\program files (x86)\wintv\wintv7\codecs\eac3\haupeac3codec.ax"
+ "Hauppauge MPEG Layer-1/2 Audio Decoder" "Hauppauge MPEG Audio Decoder - DirectX Filter" "PCTV Systems S.à r.l." "c:\program files (x86)\wintv\wintv7\codecs\mpeg-1 layer 2 audio\haupmpegbox.ax"
+ "Hauppauge Net Push Source" "" "" "c:\program files (x86)\wintv\wintv7\hcwnetpushsource.ax"
+ "Hauppauge PSI Parser" "Hauppauge WinTV MPEG PSI Parser" "Hauppauge Computer Works, Inc." "c:\program files (x86)\wintv\wintv7\psiparser.ax"
+ "Hauppauge Raw Sink" "" "" "c:\program files (x86)\wintv\wintv7\hcwrawsink.ax"
+ "Hauppauge Raw Source" "" "" "c:\program files (x86)\wintv\wintv7\hcwrawsource.ax"
+ "Hauppauge Transport Analog Teletext" "Hauppauge WinTV Analog Teletext Filter" "Hauppauge Computer Works" "c:\program files (x86)\wintv\wintv7\hcwtsanalogtxt.ax"
+ "Hauppauge Transport Filter" "HCW TS Statistics" "Hauppauge Computer Works" "c:\program files (x86)\wintv\wintv7\hcwtsfilter.ax"
+ "Hauppauge Transport Reader" "Hauppauge WinTV Transport File Reader" "Hauppauge Computer Works, Inc." "c:\program files (x86)\wintv\wintv7\hcwtsreader.ax"
+ "Hauppauge Transport Writer" "HCW Transport Writer" "Hauppauge Computer Works" "c:\program files (x86)\wintv\wintv7\hcwtswriter.ax"
+ "Hauppauge VBI Slicer" "HCW VBI Slicer" "Hauppauge Computer Works" "c:\program files (x86)\wintv\wintv7\hcwvbislicer.ax"
+ "LVMWriter" "LVMWriter" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\lvmwriter.ax"
+ "MainConcept (HCW) Layer II Audio Encoder" "Layer-II Audio Encoder" "MainConcept GmbH" "c:\program files (x86)\wintv\wintv7\softpvr\hcw_mcl2ae.ax"
+ "MainConcept (HCW) MPEG Multiplexer-Plus" "MPEG Multiplexer-Plus DS Filter" "MainConcept GmbH" "c:\program files (x86)\wintv\wintv7\softpvr\hcw_mcmpeg2mux.ax"
+ "MainConcept (HCW) MPEG-2 Video Decoder" "MPEG-2 Video Decoder" "MainConcept AG" "c:\program files (x86)\wintv\wintv7\codecs\mpeg-2 video\hcw_mcm2vd.ax"
+ "MainConcept (HCW) MPEG-2 Video Encoder" "MPEG-2 Video Encoder" "MainConcept GmbH" "c:\program files (x86)\wintv\wintv7\softpvr\hcw_mcm2ve.ax"
+ "Media Analyser" "analyse Filter (Sample)" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\mediaanalyser.ax"
+ "MMACE Deinterlace" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "MMACE ProcAmp" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "MMACE SoftEmu" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "Pinnacle CSC" "Color Space Converter - DirectX Filter" "PCTV Systems S.à r.l." "c:\program files (x86)\wintv\wintv7\pclecsc.ax"
+ "Pinnacle Image Converter" "Color Space Converter - DirectX Filter" "PCTV Systems S.à r.l." "c:\program files (x86)\wintv\wintv7\pclecsc.ax"
+ "Pinnacle Image Scaler" "Color Space Converter - DirectX Filter" "PCTV Systems S.à r.l." "c:\program files (x86)\wintv\wintv7\pclecsc.ax"
+ "Pinnacle Video AntiJitter" "Color Space Converter - DirectX Filter" "PCTV Systems S.à r.l." "c:\program files (x86)\wintv\wintv7\pclecsc.ax"
+ "Pinnacle Video Block Filter" "Color Space Converter - DirectX Filter" "PCTV Systems S.à r.l." "c:\program files (x86)\wintv\wintv7\pclecsc.ax"
+ "Pinnacle Video Deinterlacer" "Color Space Converter - DirectX Filter" "PCTV Systems S.à r.l." "c:\program files (x86)\wintv\wintv7\pclecsc.ax"
+ "PSI Parser" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "Record Queue" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "ROXIO Audio Source 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxaudio.ax"
+ "Roxio Audio Source Filter" "Roxio Audio Source Filter" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\sharedcom\rxdsaudiosource.ax"
+ "Roxio Audio Stream Reader Filter" "Roxio Audio Stream Reader Filter" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\sharedcom\rxdsaudiostreamreader.ax"
+ "Roxio Audio Stream Writer Filter" "Roxio Audio Stream Writer Filter" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\sharedcom\rxdsaudiostreamwriter.ax"
+ "ROXIO Audio VCFChunker 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxaudio.ax"
+ "ROXIO Audio VCFLooper 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxaudio.ax"
+ "ROXIO AudioConvert 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxaudio.ax"
+ "ROXIO AudioGrabber 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO ColorSpace Converter 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO CPU Regulator" "CPURegulator.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\cpuregulator.ax"
+ "ROXIO CrossGraphEx Renderer 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO CrossGraphEx Source 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "roxio DCFilters Audio Sync Filter 2 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\dllshared\dcfilters10.dll"
+ "roxio DCFilters Dragons Lair 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\dllshared\dcfilters10.dll"
+ "roxio DCFilters DVD Muxer 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\dllshared\dcfilters10.dll"
+ "roxio DCFilters DVDStream Reader 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\dllshared\dcfilters10.dll"
+ "roxio DCFilters DVDStream Splitter 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\dllshared\dcfilters10.dll"
+ "roxio DCFilters Mpeg I/II Decoder 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\dllshared\dcfilters10.dll"
+ "roxio DCFilters Smart Resizer 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\dllshared\dcfilters10.dll"
+ "roxio DCFilters Subpicture Mixer 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\dllshared\dcfilters10.dll"
+ "ROXIO Deinterlace 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO DV Scene Detector Tee 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO DVDCrossGraphEx Renderer 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO DVDCrossGraphEx Source 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO Field Combiner 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO Field Splitter 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO Image/Colour Source 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO ListImage Source 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO LPCMSyncFilter" "LPCMSync Filter" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\mpeg\lpcmsyncfilter.dll"
+ "Roxio LVM File Source (Async.)" "LVMAsync" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\lvmasync.ax"
+ "Roxio MPEG Analyzer Filter" "MPEG File Analyzer Dynamic Link Library" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\mpeg\roxiompegprop.dll"
+ "Roxio MPEG Stream Analyzer" "Roxio MPEG Stream Splitter" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\mpeg\mpegstreamanalyzer.dll"
+ "Roxio MPEG1 Audio Encoder" "ROXIO MPEG Audio Encoder" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\mpeg\roxioaudioenc.dll"
+ "Roxio MPEG1 Encoder" "ROXIO MPEG1 Codec" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\mpeg\mpeg1vidcodec.dll"
+ "Roxio MPEG1 Muxer" "ROXIO MPEG MUXER" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\mpeg\mpeg1muxer.dll"
+ "Roxio MPEG2 Demuxer" "ROXIO MPEG Demuxer" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\mpeg\roxiompegdemuxer.dll"
+ "Roxio MPEG2 Encoder" "ROXIO MPEG2 Codec" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\mpeg\mpeg2vidcodec.dll"
+ "Roxio MPEG2 Muxer" "ROXIO MPEG MUXER" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\mpeg\mpeg2muxer.dll"
+ "Roxio MPEG2 Video Decoder" "ROXIO MPEG2 Codec" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\mpeg\mpeg2vidcodec.dll"
+ "ROXIO Pan Zoom 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO Pin Tee" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "Roxio Plasma CrossGraph Renderer" "MGICGFilter.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\plasmacgfilter.ax"
+ "Roxio Plasma CrossGraph Source" "MGICGFilter.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\plasmacgfilter.ax"
+ "ROXIO QT Source" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO QuickGrabber 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO Raw Writer" "ROXIO Raw Writer" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\mpeg\mgirawwriter.dll"
+ "Roxio Repack Filter" "Repack Filter" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\mpeg\repackfilter.dll"
+ "ROXIO Scene Detector 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO SceneRecorder 1.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "Roxio Smart Decoder" "ROXIO MPEG2 Codec" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\mpeg\mpeg2vidcodec.dll"
+ "Roxio Smart Encoder" "ROXIO MPEG2 Codec" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\mpeg\mpeg2vidcodec.dll"
+ "ROXIO SpyPos 3.0" "Null-In-Place (Sample)" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\mginullip.ax"
+ "ROXIO ThumbnailGrabber 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "Roxio Transport Stream Source" "ListFrameSource" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\mpeg\tsmpegsource.dll"
+ "ROXIO VCFAlphaSplitter 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO VCFAudioMixer 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxaudio.ax"
+ "ROXIO VCFDvrSupport 3.0" "DVR support filter" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\dvrsupportfilt.ax"
+ "ROXIO VCFDVSceneDetect 1.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO VCFLatency 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxaudio.ax"
+ "ROXIO VCFpeakmeter 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxaudio.ax"
+ "ROXIO VCFStationLogo 1.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO VCFVideoCutList 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO VCFWaveform 1.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxaudio.ax"
+ "ROXIO Video Effect 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO Video Resampler 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO Video VCFLooper 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO VideoCombine 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "Roxio VOB Formatter" "VOBFormatter" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\vobformatter.ax"
+ "Roxio Vob Loader" "VOBLoader" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\vobloader.ax"
+ "Sewer" "MVWcDSutil" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\mvwcdsutil.dll"
+ "Sonic Cinemaster® Audio Decoder 4.3" "SonicHDAudio" "Sonic Solutions" "c:\program files (x86)\common files\sonic shared\cinemasteraudio.dll"
+ "Sonic Cinemaster® VideoDecoder 4.3" "CinemasterVideo" "Sonic Solutions" "c:\program files (x86)\common files\sonic shared\cinemastervideo.dll"
+ "Sonic HD Demuxer" "Sonic HD Demuxer" "" "c:\program files (x86)\roxio\sonichddemuxer.dll"
+ "Sonic HD Nav" "SonicHDNav" "" "c:\program files (x86)\common files\sonic shared\sonichdnav.dll"
+ "Sonic MPEG-2 Video Decoder" "MPEG-2 Video Decoder" "Sonic Solutions Inc." "c:\program files (x86)\common files\sonic shared\sonicmc02\sonic7m2vd.ax"
+ "SubPicture Encoder" "ROXIO SubPicture Encoder" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\mpeg\subpictenc.dll"
+ "VCG Null Renderer 3.0" "VideoCompositing Module" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\videocompositing.ax"
+ "VCG Video Mixer 3.0" "VideoCompositing Module" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\videocompositing.ax"
+ "VCGImageSource" "VideoCompositing Module" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\videocompositing.ax"
+ "VMR9 Wrapper 3.0" "VideoCompositing Module" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\videocompositing.ax"
+ "VW Input Selector" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "VW Video Transition" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "VW Video Transition" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "WM VIH2 Fix" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT DV Extract Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" "" "" ""
+ "WLIDCredentialProvider" "Microsoft® Windows Live ID Credential Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "GoToAssist" "Citrix Online GoToAssist Corporate" "Citrix Online, a division of Citrix Systems, Inc." "c:\program files (x86)\citrix\gotoassist\615\g2awinlogon_x64.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files (x86)\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "Canon BJ Language Monitor MP510" "IJ Language Monitor" "CANON INC." "c:\windows\system32\cnmlm85.dll"
+ "CutePDF Writer Monitor" "" "" "c:\windows\system32\cpwmon64.dll"
+ "LIDIL hpzllwn7" "LanguageMonitor" "Hewlett-Packard Company" "c:\windows\system32\hpzllwn7.dll"

#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:34 PM

Posted 28 September 2012 - 12:40 PM

Now run RKILL given in previous instructions and post the new log

Edited by narenxp, 28 September 2012 - 01:28 PM.


#14 DGREW

DGREW
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:10:34 AM

Posted 28 September 2012 - 12:54 PM

Rkill results,

Rkill 2.4.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 09/28/2012 07:46:28 AM in x64 mode.
Windows Version: Windows 7 Professional Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

* ALERT: ZEROACCESS rootkit symptoms found!

* HKEY_CLASSES_ROOT\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InprocServer32 [ZA Reg Hijack]
* C:\$Recycle.Bin\S-1-5-21-751523452-466077293-969968218-1001\$2e5da3185d7f9dbb52812519e82f628e\ [ZA Dir]
* C:\$Recycle.Bin\S-1-5-21-751523452-466077293-969968218-1001\$2e5da3185d7f9dbb52812519e82f628e\L\ [ZA Dir]
* C:\$Recycle.Bin\S-1-5-21-751523452-466077293-969968218-1001\$2e5da3185d7f9dbb52812519e82f628e\U\ [ZA Dir]

Checking Windows Service Integrity:

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Manual

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* Cannot edit the HOSTS file.
* Permissions Fixed. Administrators can now edit the HOSTS file.

* HOSTS file entries found:

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com

20 out of 15238 HOSTS entries shown.
Please review HOSTS file for further entries.

Program finished at: 09/28/2012 07:46:36 AM
Execution time: 0 hours(s), 0 minute(s), and 7 seconds(s)

#15 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:34 PM

Posted 28 September 2012 - 12:57 PM

Please follow my previous instructions :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users