Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Firewall, Secuity Center Issues


  • Please log in to reply
7 replies to this topic

#1 gregkle

gregkle

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:06:28 PM

Posted 29 September 2012 - 01:14 PM

Mod Edit: Split from http://www.bleepingcomputer.com/forums/topic470118.html/page__p__2855140#entry2855140 - Hamluis.

Hello!
I have the same issue with topic starter, i was affected with sirefef virus and i have clean it with avast av putting the disk to another pc (because is restarting after 2 min from boot, even in safe mode).
Searching and reading i have download from www.smartestcomputing.us.com/files/download/9-registry-network-keys/ the registry keys and merge bfe.reg and mpssvc.reg
now i don't take the error message but the service of win firewall cant start and security center doesn't work.

tdsskiller log

17:11:16.0627 1664 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
17:11:16.0895 1664 ============================================================
17:11:16.0896 1664 Current date / time: 2012/09/29 17:11:16.0895
17:11:16.0896 1664 SystemInfo:
17:11:16.0896 1664
17:11:16.0896 1664 OS Version: 6.1.7601 ServicePack: 1.0
17:11:16.0896 1664 Product type: Workstation
17:11:16.0896 1664 ComputerName: .....-PC
17:11:16.0896 1664 UserName: ......
17:11:16.0896 1664 Windows directory: C:\Windows
17:11:16.0896 1664 System windows directory: C:\Windows
17:11:16.0896 1664 Processor architecture: Intel x86
17:11:16.0896 1664 Number of processors: 2
17:11:16.0896 1664 Page size: 0x1000
17:11:16.0896 1664 Boot type: Normal boot
17:11:16.0897 1664 ============================================================
17:11:19.0869 1664 Drive \Device\Harddisk1\DR1 - Size: 0x45DECD2000 (279.48 Gb), SectorSize: 0x200, Cylinders: 0x976C, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000050
17:11:19.0881 1664 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
17:11:19.0911 1664 Drive \Device\Harddisk2\DR2 - Size: 0x3C1800000 (15.02 Gb), SectorSize: 0x200, Cylinders: 0x7A9, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
17:11:19.0913 1664 ============================================================
17:11:19.0913 1664 \Device\Harddisk1\DR1:
17:11:19.0913 1664 MBR partitions:
17:11:19.0913 1664 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
17:11:19.0913 1664 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x22EC2800
17:11:19.0913 1664 \Device\Harddisk0\DR0:
17:11:19.0913 1664 MBR partitions:
17:11:19.0913 1664 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1D1C4800
17:11:19.0913 1664 \Device\Harddisk2\DR2:
17:11:19.0914 1664 MBR partitions:
17:11:19.0914 1664 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x2, BlocksNum 0x1E0BFFE
17:11:19.0914 1664 ============================================================
17:11:19.0915 1664 C: <-> \Device\Harddisk0\DR0\Partition1
17:11:19.0943 1664 F: <-> \Device\Harddisk1\DR1\Partition2
17:11:19.0943 1664 ============================================================
17:11:19.0943 1664 Initialize success
17:11:19.0943 1664 ============================================================
17:11:32.0305 0800 ============================================================
17:11:32.0305 0800 Scan started
17:11:32.0305 0800 Mode: Manual;
17:11:32.0305 0800 ============================================================
17:11:32.0926 0800 ================ Scan system memory ========================
17:11:32.0926 0800 System memory - ok
17:11:32.0928 0800 ================ Scan services =============================
17:11:33.0146 0800 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
17:11:33.0149 0800 1394ohci - ok
17:11:33.0194 0800 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
17:11:33.0198 0800 ACPI - ok
17:11:33.0235 0800 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
17:11:33.0237 0800 AcpiPmi - ok
17:11:33.0349 0800 [ E12CFCF1DDBFC50948A75E6E38793225 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
17:11:33.0352 0800 AdobeFlashPlayerUpdateSvc - ok
17:11:33.0388 0800 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
17:11:33.0406 0800 adp94xx - ok
17:11:33.0422 0800 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
17:11:33.0427 0800 adpahci - ok
17:11:33.0442 0800 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
17:11:33.0447 0800 adpu320 - ok
17:11:33.0496 0800 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:11:33.0497 0800 AeLookupSvc - ok
17:11:33.0559 0800 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
17:11:33.0574 0800 AFD - ok
17:11:33.0608 0800 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
17:11:33.0610 0800 agp440 - ok
17:11:33.0633 0800 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
17:11:33.0635 0800 aic78xx - ok
17:11:33.0653 0800 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
17:11:33.0655 0800 ALG - ok
17:11:33.0669 0800 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
17:11:33.0671 0800 aliide - ok
17:11:33.0708 0800 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
17:11:33.0709 0800 amdagp - ok
17:11:33.0735 0800 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
17:11:33.0736 0800 amdide - ok
17:11:33.0750 0800 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
17:11:33.0753 0800 AmdK8 - ok
17:11:33.0759 0800 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
17:11:33.0763 0800 AmdPPM - ok
17:11:33.0802 0800 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
17:11:33.0805 0800 amdsata - ok
17:11:33.0828 0800 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
17:11:33.0832 0800 amdsbs - ok
17:11:33.0852 0800 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
17:11:33.0854 0800 amdxata - ok
17:11:33.0892 0800 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
17:11:33.0894 0800 AppID - ok
17:11:33.0916 0800 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
17:11:33.0917 0800 AppIDSvc - ok
17:11:33.0953 0800 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
17:11:33.0955 0800 Appinfo - ok
17:11:33.0968 0800 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
17:11:33.0972 0800 AppMgmt - ok
17:11:33.0990 0800 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
17:11:33.0993 0800 arc - ok
17:11:34.0002 0800 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
17:11:34.0004 0800 arcsas - ok
17:11:34.0017 0800 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:11:34.0019 0800 AsyncMac - ok
17:11:34.0035 0800 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
17:11:34.0036 0800 atapi - ok
17:11:34.0083 0800 [ F0D933B42CD0594048E4D5200AE9E417 ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys
17:11:34.0086 0800 atksgt - ok
17:11:34.0127 0800 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:11:34.0143 0800 AudioEndpointBuilder - ok
17:11:34.0154 0800 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
17:11:34.0157 0800 Audiosrv - ok
17:11:34.0199 0800 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
17:11:34.0201 0800 AxInstSV - ok
17:11:34.0248 0800 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
17:11:34.0265 0800 b06bdrv - ok
17:11:34.0335 0800 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
17:11:34.0339 0800 b57nd60x - ok
17:11:34.0354 0800 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
17:11:34.0357 0800 BDESVC - ok
17:11:34.0373 0800 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
17:11:34.0374 0800 Beep - ok
17:11:34.0425 0800 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
17:11:34.0442 0800 BFE - ok
17:11:34.0466 0800 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
17:11:34.0467 0800 blbdrive - ok
17:11:34.0499 0800 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:11:34.0500 0800 bowser - ok
17:11:34.0517 0800 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:11:34.0519 0800 BrFiltLo - ok
17:11:34.0525 0800 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:11:34.0528 0800 BrFiltUp - ok
17:11:34.0570 0800 [ 6E11F33D14D020F58D5E02E4D67DFA19 ] Browser C:\Windows\System32\browser.dll
17:11:34.0573 0800 Browser - ok
17:11:34.0595 0800 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
17:11:34.0612 0800 Brserid - ok
17:11:34.0620 0800 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
17:11:34.0623 0800 BrSerWdm - ok
17:11:34.0631 0800 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
17:11:34.0634 0800 BrUsbMdm - ok
17:11:34.0648 0800 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
17:11:34.0650 0800 BrUsbSer - ok
17:11:34.0666 0800 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
17:11:34.0667 0800 BTHMODEM - ok
17:11:34.0697 0800 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
17:11:34.0699 0800 bthserv - ok
17:11:34.0725 0800 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:11:34.0729 0800 cdfs - ok
17:11:34.0769 0800 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
17:11:34.0771 0800 cdrom - ok
17:11:34.0804 0800 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
17:11:34.0806 0800 CertPropSvc - ok
17:11:34.0820 0800 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
17:11:34.0822 0800 circlass - ok
17:11:34.0852 0800 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
17:11:34.0856 0800 CLFS - ok
17:11:34.0923 0800 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:11:34.0926 0800 clr_optimization_v2.0.50727_32 - ok
17:11:34.0988 0800 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:11:35.0020 0800 clr_optimization_v4.0.30319_32 - ok
17:11:35.0030 0800 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
17:11:35.0032 0800 CmBatt - ok
17:11:35.0053 0800 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
17:11:35.0054 0800 cmdide - ok
17:11:35.0088 0800 [ 6427525D76F61D0C519B008D3680E8E7 ] CNG C:\Windows\system32\Drivers\cng.sys
17:11:35.0113 0800 CNG - ok
17:11:35.0120 0800 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
17:11:35.0123 0800 Compbatt - ok
17:11:35.0146 0800 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
17:11:35.0148 0800 CompositeBus - ok
17:11:35.0155 0800 COMSysApp - ok
17:11:35.0178 0800 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
17:11:35.0179 0800 crcdisk - ok
17:11:35.0218 0800 [ 06E771AA596B8761107AB57E99F128D7 ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:11:35.0221 0800 CryptSvc - ok
17:11:35.0265 0800 [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC C:\Windows\system32\drivers\csc.sys
17:11:35.0281 0800 CSC - ok
17:11:35.0331 0800 [ 15F93B37F6801943360D9EB42485D5D3 ] CscService C:\Windows\System32\cscsvc.dll
17:11:35.0347 0800 CscService - ok
17:11:35.0372 0800 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
17:11:35.0389 0800 DcomLaunch - ok
17:11:35.0427 0800 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
17:11:35.0441 0800 defragsvc - ok
17:11:35.0490 0800 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:11:35.0492 0800 DfsC - ok
17:11:35.0541 0800 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
17:11:35.0545 0800 Dhcp - ok
17:11:35.0575 0800 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
17:11:35.0576 0800 discache - ok
17:11:35.0588 0800 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
17:11:35.0590 0800 Disk - ok
17:11:35.0627 0800 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:11:35.0631 0800 Dnscache - ok
17:11:35.0669 0800 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
17:11:35.0677 0800 dot3svc - ok
17:11:35.0717 0800 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
17:11:35.0721 0800 DPS - ok
17:11:35.0741 0800 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:11:35.0743 0800 drmkaud - ok
17:11:35.0799 0800 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:11:35.0825 0800 DXGKrnl - ok
17:11:35.0860 0800 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
17:11:35.0864 0800 EapHost - ok
17:11:35.0955 0800 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
17:11:36.0031 0800 ebdrv - ok
17:11:36.0074 0800 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
17:11:36.0077 0800 EFS - ok
17:11:36.0123 0800 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:11:36.0140 0800 ehRecvr - ok
17:11:36.0170 0800 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
17:11:36.0173 0800 ehSched - ok
17:11:36.0203 0800 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
17:11:36.0220 0800 elxstor - ok
17:11:36.0265 0800 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
17:11:36.0297 0800 ErrDev - ok
17:11:36.0413 0800 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
17:11:36.0420 0800 EventSystem - ok
17:11:36.0427 0800 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
17:11:36.0431 0800 exfat - ok
17:11:36.0453 0800 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:11:36.0456 0800 fastfat - ok
17:11:36.0502 0800 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
17:11:36.0518 0800 Fax - ok
17:11:36.0540 0800 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
17:11:36.0541 0800 fdc - ok
17:11:36.0557 0800 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
17:11:36.0561 0800 fdPHost - ok
17:11:36.0570 0800 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
17:11:36.0573 0800 FDResPub - ok
17:11:36.0587 0800 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:11:36.0589 0800 FileInfo - ok
17:11:36.0607 0800 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:11:36.0608 0800 Filetrace - ok
17:11:36.0622 0800 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
17:11:36.0624 0800 flpydisk - ok
17:11:36.0645 0800 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:11:36.0648 0800 FltMgr - ok
17:11:36.0703 0800 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\Windows\system32\FntCache.dll
17:11:36.0729 0800 FontCache - ok
17:11:36.0785 0800 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
17:11:36.0787 0800 FontCache3.0.0.0 - ok
17:11:36.0793 0800 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
17:11:36.0795 0800 FsDepends - ok
17:11:36.0832 0800 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:11:36.0833 0800 Fs_Rec - ok
17:11:36.0860 0800 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
17:11:36.0863 0800 fvevol - ok
17:11:36.0885 0800 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
17:11:36.0887 0800 gagp30kx - ok
17:11:36.0932 0800 [ D556CB79967E92B5CC69686D16C1D846 ] gdrv C:\Windows\gdrv.sys
17:11:36.0953 0800 gdrv - ok
17:11:37.0002 0800 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
17:11:37.0028 0800 gpsvc - ok
17:11:37.0165 0800 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
17:11:37.0166 0800 gupdate - ok
17:11:37.0179 0800 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
17:11:37.0181 0800 gupdatem - ok
17:11:37.0234 0800 [ CC839E8D766CC31A7710C9F38CF3E375 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
17:11:37.0237 0800 gusvc - ok
17:11:37.0255 0800 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
17:11:37.0257 0800 hcw85cir - ok
17:11:37.0313 0800 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:11:37.0321 0800 HdAudAddService - ok
17:11:37.0340 0800 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
17:11:37.0342 0800 HDAudBus - ok
17:11:37.0360 0800 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
17:11:37.0362 0800 HidBatt - ok
17:11:37.0370 0800 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
17:11:37.0372 0800 HidBth - ok
17:11:37.0382 0800 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
17:11:37.0384 0800 HidIr - ok
17:11:37.0420 0800 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
17:11:37.0423 0800 hidserv - ok
17:11:37.0455 0800 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
17:11:37.0468 0800 HidUsb - ok
17:11:37.0520 0800 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
17:11:37.0535 0800 hkmsvc - ok
17:11:37.0584 0800 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:11:37.0592 0800 HomeGroupListener - ok
17:11:37.0653 0800 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:11:37.0667 0800 HomeGroupProvider - ok
17:11:37.0895 0800 [ 1DAE5C46D42B02A6D5862E1482EFB390 ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
17:11:37.0907 0800 hpqcxs08 - ok
17:11:37.0947 0800 [ 99E8EEF42FE2F4AF29B08C3355DD7685 ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
17:11:37.0959 0800 hpqddsvc - ok
17:11:37.0978 0800 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
17:11:37.0994 0800 HpSAMD - ok
17:11:38.0177 0800 [ 210388FD8225B02BD83D77628AAE64A9 ] HsfXAudioService C:\Windows\system32\XAudio32.dll
17:11:38.0188 0800 HsfXAudioService - ok
17:11:38.0337 0800 [ C761B4A8391F5E47F7C51A691CE773F4 ] HSF_DPV C:\Windows\system32\DRIVERS\HSX_DPV.sys
17:11:38.0351 0800 HSF_DPV - ok
17:11:38.0421 0800 [ 849FF2C828E97B8CBBD2F91F1213CA9D ] HSXHWBS2 C:\Windows\system32\DRIVERS\HSXHWBS2.sys
17:11:38.0426 0800 HSXHWBS2 - ok
17:11:38.0603 0800 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:11:38.0617 0800 HTTP - ok
17:11:38.0666 0800 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
17:11:38.0672 0800 hwpolicy - ok
17:11:38.0738 0800 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
17:11:38.0749 0800 i8042prt - ok
17:11:38.0817 0800 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
17:11:38.0830 0800 iaStorV - ok
17:11:39.0028 0800 [ 4B2CD05E33D86EBD486DAA0B403743F9 ] ICScsiSV C:\Program Files\Sony\IMAGE CONVERTER 3\ICScsiSV.exe
17:11:39.0089 0800 ICScsiSV - ok
17:11:39.0130 0800 [ F3DA2B062A361C2BC9DC6E42F6D283F0 ] IcVzMonLauncher C:\Program Files\Sony\IMAGE CONVERTER 3\IcVzMonLauncher.exe
17:11:39.0178 0800 IcVzMonLauncher - ok
17:11:39.0349 0800 [ DAF66902F08796F9C694901660E5A64A ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
17:11:39.0365 0800 IDriverT - ok
17:11:39.0518 0800 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
17:11:39.0540 0800 idsvc - ok
17:11:39.0575 0800 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
17:11:39.0592 0800 iirsp - ok
17:11:39.0655 0800 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
17:11:39.0695 0800 IKEEXT - ok
17:11:39.0736 0800 [ FE9BF2EF80A435BA0B5F8FD9C926D5A8 ] Image Converter video recording monitor for VAIO Entertainment C:\Program Files\Sony\IMAGE CONVERTER 3\IcVzMon.exe
17:11:39.0815 0800 Image Converter video recording monitor for VAIO Entertainment - ok
17:11:40.0145 0800 [ AEE99ECF06CD1CEA95816CCB5BF73EC8 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
17:11:40.0214 0800 IntcAzAudAddService - ok
17:11:40.0281 0800 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
17:11:40.0282 0800 intelide - ok
17:11:40.0294 0800 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
17:11:40.0296 0800 intelppm - ok
17:11:40.0390 0800 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:11:40.0395 0800 IPBusEnum - ok
17:11:40.0409 0800 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:11:40.0413 0800 IpFilterDriver - ok
17:11:40.0464 0800 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
17:11:40.0481 0800 IPMIDRV - ok
17:11:40.0497 0800 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
17:11:40.0502 0800 IPNAT - ok
17:11:40.0518 0800 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:11:40.0530 0800 IRENUM - ok
17:11:40.0551 0800 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
17:11:40.0562 0800 isapnp - ok
17:11:40.0623 0800 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
17:11:40.0642 0800 iScsiPrt - ok
17:11:40.0663 0800 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
17:11:40.0675 0800 kbdclass - ok
17:11:40.0706 0800 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
17:11:40.0716 0800 kbdhid - ok
17:11:40.0737 0800 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
17:11:40.0739 0800 KeyIso - ok
17:11:40.0778 0800 [ F4647BB23DB9038A7536CF6B68F4207F ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:11:40.0781 0800 KSecDD - ok
17:11:40.0814 0800 [ E73CAE53BBB72BA26918492C6B4C229D ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
17:11:40.0817 0800 KSecPkg - ok
17:11:40.0863 0800 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
17:11:40.0875 0800 KtmRm - ok
17:11:40.0901 0800 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\system32\srvsvc.dll
17:11:40.0917 0800 LanmanServer - ok
17:11:40.0957 0800 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:11:40.0961 0800 LanmanWorkstation - ok
17:11:41.0053 0800 [ 910344E2A984010435AE84783B25E5EB ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
17:11:41.0060 0800 LBTServ - ok
17:11:41.0112 0800 [ 01CC7FB6E790EF044B411377F3A1FF41 ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
17:11:41.0114 0800 LHidFilt - ok
17:11:41.0182 0800 [ F8A7212D0864EF5E9185FB95E6623F4D ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys
17:11:41.0197 0800 lirsgt - ok
17:11:41.0250 0800 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:11:41.0264 0800 lltdio - ok
17:11:41.0304 0800 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:11:41.0321 0800 lltdsvc - ok
17:11:41.0347 0800 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
17:11:41.0350 0800 lmhosts - ok
17:11:41.0386 0800 [ A2E7EAE8898D7B4B8C302B8F4E836BB5 ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys
17:11:41.0388 0800 LMouFilt - ok
17:11:41.0408 0800 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
17:11:41.0412 0800 LSI_FC - ok
17:11:41.0425 0800 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
17:11:41.0428 0800 LSI_SAS - ok
17:11:41.0448 0800 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:11:41.0451 0800 LSI_SAS2 - ok
17:11:41.0465 0800 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:11:41.0468 0800 LSI_SCSI - ok
17:11:41.0504 0800 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
17:11:41.0507 0800 luafv - ok
17:11:41.0547 0800 [ DDFA88E36D5F8DB5FBDBDDDC4969DB0A ] LUsbFilt C:\Windows\system32\Drivers\LUsbFilt.Sys
17:11:41.0549 0800 LUsbFilt - ok
17:11:41.0587 0800 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:11:41.0593 0800 Mcx2Svc - ok
17:11:41.0625 0800 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys
17:11:41.0626 0800 mdmxsdk - ok
17:11:41.0652 0800 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
17:11:41.0654 0800 megasas - ok
17:11:41.0671 0800 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
17:11:41.0676 0800 MegaSR - ok
17:11:41.0722 0800 Microsoft SharePoint Workspace Audit Service - ok
17:11:41.0742 0800 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
17:11:41.0745 0800 MMCSS - ok
17:11:41.0768 0800 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
17:11:41.0769 0800 Modem - ok
17:11:41.0794 0800 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:11:41.0795 0800 monitor - ok
17:11:41.0811 0800 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
17:11:41.0813 0800 mouclass - ok
17:11:41.0822 0800 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
17:11:41.0823 0800 mouhid - ok
17:11:41.0856 0800 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
17:11:41.0859 0800 mountmgr - ok
17:11:41.0903 0800 [ D993BEA500E7382DC4E760BF4F35EFCB ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
17:11:41.0906 0800 MpFilter - ok
17:11:41.0935 0800 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
17:11:41.0946 0800 mpio - ok
17:11:42.0083 0800 [ A69630D039C38018689190234F866D77 ] MpKsl0a44dd79 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3D45D8A9-3903-4038-B943-5F98C73599DF}\MpKsl0a44dd79.sys
17:11:42.0084 0800 MpKsl0a44dd79 - ok
17:11:42.0106 0800 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:11:42.0108 0800 mpsdrv - ok
17:11:42.0217 0800 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
17:11:42.0235 0800 MpsSvc - ok
17:11:42.0284 0800 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:11:42.0297 0800 MRxDAV - ok
17:11:42.0341 0800 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:11:42.0344 0800 mrxsmb - ok
17:11:42.0389 0800 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:11:42.0393 0800 mrxsmb10 - ok
17:11:42.0458 0800 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:11:42.0475 0800 mrxsmb20 - ok
17:11:42.0514 0800 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
17:11:42.0516 0800 msahci - ok
17:11:42.0618 0800 [ 8E46A7BAC823DD82D4FB2A34C3DF4C1D ] MSCSPTISRV C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
17:11:42.0620 0800 MSCSPTISRV - ok
17:11:42.0639 0800 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
17:11:42.0643 0800 msdsm - ok
17:11:42.0664 0800 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
17:11:42.0668 0800 MSDTC - ok
17:11:42.0704 0800 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:11:42.0705 0800 Msfs - ok
17:11:42.0721 0800 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
17:11:42.0722 0800 mshidkmdf - ok
17:11:42.0757 0800 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
17:11:42.0759 0800 msisadrv - ok
17:11:42.0791 0800 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:11:42.0795 0800 MSiSCSI - ok
17:11:42.0801 0800 msiserver - ok
17:11:42.0837 0800 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:11:42.0839 0800 MSKSSRV - ok
17:11:42.0911 0800 [ 24516BF4E12A46CB67302E2CDCB8CDDF ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe
17:11:42.0912 0800 MsMpSvc - ok
17:11:42.0930 0800 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:11:42.0932 0800 MSPCLOCK - ok
17:11:42.0956 0800 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:11:42.0958 0800 MSPQM - ok
17:11:42.0981 0800 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:11:42.0984 0800 MsRPC - ok
17:11:43.0027 0800 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
17:11:43.0028 0800 mssmbios - ok
17:11:43.0045 0800 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:11:43.0047 0800 MSTEE - ok
17:11:43.0061 0800 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
17:11:43.0063 0800 MTConfig - ok
17:11:43.0077 0800 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
17:11:43.0079 0800 Mup - ok
17:11:43.0182 0800 [ 72F8C1568A56C7059CB1074A7E529DC6 ] MyWebFace_5aService C:\PROGRA~1\MYWEBF~2\bar\1.bin\5abarsvc.exe
17:11:43.0183 0800 MyWebFace_5aService - ok
17:11:43.0206 0800 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
17:11:43.0223 0800 napagent - ok
17:11:43.0244 0800 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:11:43.0248 0800 NativeWifiP - ok
17:11:43.0322 0800 [ 3BAE2BFCB6D69E19C8373F635DD544DC ] NBService C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
17:11:43.0347 0800 NBService - ok
17:11:43.0384 0800 [ E7C54812A2AAF43316EB6930C1FFA108 ] NDIS C:\Windows\system32\drivers\ndis.sys
17:11:43.0411 0800 NDIS - ok
17:11:43.0427 0800 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
17:11:43.0430 0800 NdisCap - ok
17:11:43.0445 0800 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:11:43.0446 0800 NdisTapi - ok
17:11:43.0482 0800 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:11:43.0484 0800 Ndisuio - ok
17:11:43.0517 0800 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:11:43.0519 0800 NdisWan - ok
17:11:43.0566 0800 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:11:43.0568 0800 NDProxy - ok
17:11:43.0575 0800 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:11:43.0577 0800 NetBIOS - ok
17:11:43.0610 0800 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
17:11:43.0613 0800 NetBT - ok
17:11:43.0625 0800 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
17:11:43.0627 0800 Netlogon - ok
17:11:43.0657 0800 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
17:11:43.0672 0800 Netman - ok
17:11:43.0694 0800 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
17:11:43.0709 0800 netprofm - ok
17:11:43.0756 0800 [ 954E3565A7D6951AF3DA5B0F649E42FB ] netr28u C:\Windows\system32\DRIVERS\netr28u.sys
17:11:43.0782 0800 netr28u - ok
17:11:43.0823 0800 [ 76B1157EF850830C5ECE61D3E591CA8B ] netr73 C:\Windows\system32\DRIVERS\netr73.sys
17:11:43.0841 0800 netr73 - ok
17:11:43.0871 0800 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:11:43.0874 0800 NetTcpPortSharing - ok
17:11:43.0917 0800 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
17:11:43.0919 0800 nfrd960 - ok
17:11:43.0948 0800 [ B52F26BADE7D7E4A79706E3FD91834CD ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
17:11:43.0951 0800 NisDrv - ok
17:11:44.0002 0800 [ 290C0D4C4889398797F8DF3BE00B9698 ] NisSrv C:\Program Files\Microsoft Security Client\NisSrv.exe
17:11:44.0006 0800 NisSrv - ok
17:11:44.0047 0800 [ 912084381D30D8B89EC4E293053F4710 ] NlaSvc C:\Windows\System32\nlasvc.dll
17:11:44.0053 0800 NlaSvc - ok
17:11:44.0096 0800 [ 193FA51DDDD0BFFDED1C340F0434999A ] NMIndexingService C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
17:11:44.0103 0800 NMIndexingService - ok
17:11:44.0122 0800 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:11:44.0123 0800 Npfs - ok
17:11:44.0162 0800 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
17:11:44.0166 0800 nsi - ok
17:11:44.0171 0800 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:11:44.0172 0800 nsiproxy - ok
17:11:44.0240 0800 [ 81189C3D7763838E55C397759D49007A ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:11:44.0274 0800 Ntfs - ok
17:11:44.0291 0800 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
17:11:44.0291 0800 Null - ok
17:11:44.0327 0800 [ 77F9F9A199B87FE3F852E12F5419240B ] NVHDA C:\Windows\system32\drivers\nvhda32v.sys
17:11:44.0330 0800 NVHDA - ok
17:11:44.0599 0800 [ D3F22DA8F670EFD15D348B5952769CEF ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
17:11:44.0839 0800 nvlddmkm - ok
17:11:44.0877 0800 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
17:11:44.0880 0800 nvraid - ok
17:11:44.0898 0800 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
17:11:44.0901 0800 nvstor - ok
17:11:44.0935 0800 [ A3B80E6B7CDE9660F639658739A5824E ] nvsvc C:\Windows\system32\nvvsvc.exe
17:11:44.0960 0800 nvsvc - ok
17:11:45.0033 0800 [ 61FF84F865B4414EFDC11856BF5757AD ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
17:11:45.0068 0800 nvUpdatusService - ok
17:11:45.0111 0800 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
17:11:45.0113 0800 nv_agp - ok
17:11:45.0212 0800 [ 141EAD6452349D25EAFEFBF4D96C2A7B ] O&O Defrag C:\Program Files\OO Software\Defrag\oodag.exe
17:11:45.0248 0800 O&O Defrag - ok
17:11:45.0290 0800 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
17:11:45.0292 0800 ohci1394 - ok
17:11:45.0341 0800 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:11:45.0344 0800 ose - ok
17:11:45.0500 0800 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:11:45.0600 0800 osppsvc - ok
17:11:45.0640 0800 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
17:11:45.0658 0800 p2pimsvc - ok
17:11:45.0676 0800 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
17:11:45.0694 0800 p2psvc - ok
17:11:45.0730 0800 [ 753A8F339F231D2B857E2CCD51A6E6CA ] PACSPTISVR C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
17:11:45.0732 0800 PACSPTISVR - ok
17:11:45.0763 0800 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
17:11:45.0765 0800 Parport - ok
17:11:45.0802 0800 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:11:45.0804 0800 partmgr - ok
17:11:45.0822 0800 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
17:11:45.0824 0800 Parvdm - ok
17:11:45.0841 0800 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
17:11:45.0847 0800 PcaSvc - ok
17:11:45.0863 0800 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
17:11:45.0866 0800 pci - ok
17:11:45.0880 0800 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
17:11:45.0882 0800 pciide - ok
17:11:45.0903 0800 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
17:11:45.0907 0800 pcmcia - ok
17:11:45.0952 0800 [ 5B6C11DE7E839C05248CED8825470FEF ] pcouffin C:\Windows\system32\Drivers\pcouffin.sys
17:11:45.0959 0800 pcouffin - ok
17:11:45.0976 0800 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
17:11:45.0979 0800 pcw - ok
17:11:46.0011 0800 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:11:46.0037 0800 PEAUTH - ok
17:11:46.0084 0800 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
17:11:46.0111 0800 PeerDistSvc - ok
17:11:46.0210 0800 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
17:11:46.0253 0800 pla - ok
17:11:46.0295 0800 [ 875E4E0661F3A5994DF9E5E3A0A4F96B ] PLFlash DeviceIoControl Service C:\Windows\system32\IoctlSvc.exe
17:11:46.0299 0800 PLFlash DeviceIoControl Service - ok
17:11:46.0336 0800 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:11:46.0354 0800 PlugPlay - ok
17:11:46.0388 0800 [ 19E83B09AB8EE1D837665DA941E2AC44 ] PnkBstrA C:\Windows\system32\PnkBstrA.exe
17:11:46.0392 0800 PnkBstrA - ok
17:11:46.0429 0800 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
17:11:46.0447 0800 PNRPAutoReg - ok
17:11:46.0481 0800 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
17:11:46.0486 0800 PNRPsvc - ok
17:11:46.0607 0800 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:11:46.0613 0800 PolicyAgent - ok
17:11:46.0653 0800 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
17:11:46.0658 0800 Power - ok
17:11:46.0676 0800 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:11:46.0678 0800 PptpMiniport - ok
17:11:46.0697 0800 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
17:11:46.0699 0800 Processor - ok
17:11:46.0738 0800 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
17:11:46.0745 0800 ProfSvc - ok
17:11:46.0756 0800 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:11:46.0759 0800 ProtectedStorage - ok
17:11:46.0774 0800 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
17:11:46.0777 0800 Psched - ok
17:11:46.0820 0800 [ E42E3433DBB4CFFE8FDD91EAB29AEA8E ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
17:11:46.0822 0800 PxHelp20 - ok
17:11:46.0872 0800 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
17:11:46.0907 0800 ql2300 - ok
17:11:46.0921 0800 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
17:11:46.0924 0800 ql40xx - ok
17:11:46.0957 0800 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
17:11:46.0973 0800 QWAVE - ok
17:11:46.0997 0800 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:11:46.0999 0800 QWAVEdrv - ok
17:11:47.0056 0800 [ 2EE6D9CAB03900646D1D3D9077167BD6 ] RalinkRegistryWriter C:\Program Files\Ralink\Common\RaRegistry.exe
17:11:47.0057 0800 RalinkRegistryWriter - ok
17:11:47.0076 0800 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:11:47.0077 0800 RasAcd - ok
17:11:47.0098 0800 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
17:11:47.0100 0800 RasAgileVpn - ok
17:11:47.0111 0800 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
17:11:47.0117 0800 RasAuto - ok
17:11:47.0123 0800 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:11:47.0127 0800 Rasl2tp - ok
17:11:47.0173 0800 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
17:11:47.0189 0800 RasMan - ok
17:11:47.0207 0800 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:11:47.0208 0800 RasPppoe - ok
17:11:47.0219 0800 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
17:11:47.0221 0800 RasSstp - ok
17:11:47.0249 0800 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:11:47.0252 0800 rdbss - ok
17:11:47.0267 0800 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
17:11:47.0268 0800 rdpbus - ok
17:11:47.0296 0800 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
17:11:47.0298 0800 RDPCDD - ok
17:11:47.0325 0800 [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
17:11:47.0328 0800 RDPDR - ok
17:11:47.0350 0800 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
17:11:47.0351 0800 RDPENCDD - ok
17:11:47.0362 0800 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
17:11:47.0364 0800 RDPREFMP - ok
17:11:47.0408 0800 [ 68A0387F58E226DEEE23D9715955572A ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
17:11:47.0419 0800 RdpVideoMiniport - ok
17:11:47.0474 0800 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
17:11:47.0478 0800 RDPWD - ok
17:11:47.0517 0800 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
17:11:47.0520 0800 rdyboost - ok
17:11:47.0546 0800 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
17:11:47.0550 0800 RemoteAccess - ok
17:11:47.0566 0800 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:11:47.0571 0800 RemoteRegistry - ok
17:11:47.0585 0800 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
17:11:47.0590 0800 RpcEptMapper - ok
17:11:47.0610 0800 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
17:11:47.0614 0800 RpcLocator - ok
17:11:47.0653 0800 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
17:11:47.0659 0800 RpcSs - ok
17:11:47.0672 0800 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:11:47.0673 0800 rspndr - ok
17:11:47.0721 0800 [ 9F55771752D6130E6E1EF28905965961 ] RTL2832UBDA C:\Windows\system32\drivers\RTL2832UBDA.sys
17:11:47.0725 0800 RTL2832UBDA - ok
17:11:47.0758 0800 [ 65C058CC2FC28A65929777636B8DF378 ] RTL2832UUSB C:\Windows\system32\Drivers\RTL2832UUSB.sys
17:11:47.0760 0800 RTL2832UUSB - ok
17:11:47.0794 0800 [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
17:11:47.0796 0800 s3cap - ok
17:11:47.0814 0800 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
17:11:47.0816 0800 SamSs - ok
17:11:47.0865 0800 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
17:11:47.0868 0800 sbp2port - ok
17:11:47.0887 0800 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:11:47.0895 0800 SCardSvr - ok
17:11:47.0950 0800 [ 9FEB2026A460916D1A1198B460632630 ] SCDEmu C:\Windows\system32\drivers\SCDEmu.sys
17:11:48.0094 0800 SCDEmu - ok
17:11:48.0102 0800 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
17:11:48.0104 0800 scfilter - ok
17:11:48.0159 0800 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
17:11:48.0184 0800 Schedule - ok
17:11:48.0218 0800 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
17:11:48.0219 0800 SCPolicySvc - ok
17:11:48.0259 0800 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
17:11:48.0264 0800 SDRSVC - ok
17:11:48.0295 0800 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:11:48.0296 0800 secdrv - ok
17:11:48.0343 0800 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
17:11:48.0347 0800 seclogon - ok
17:11:48.0363 0800 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
17:11:48.0367 0800 SENS - ok
17:11:48.0376 0800 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
17:11:48.0381 0800 SensrSvc - ok
17:11:48.0396 0800 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
17:11:48.0397 0800 Serenum - ok
17:11:48.0416 0800 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
17:11:48.0417 0800 Serial - ok
17:11:48.0451 0800 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
17:11:48.0453 0800 sermouse - ok
17:11:48.0488 0800 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
17:11:48.0494 0800 SessionEnv - ok
17:11:48.0533 0800 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
17:11:48.0535 0800 sffdisk - ok
17:11:48.0546 0800 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
17:11:48.0548 0800 sffp_mmc - ok
17:11:48.0569 0800 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
17:11:48.0571 0800 sffp_sd - ok
17:11:48.0582 0800 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
17:11:48.0583 0800 sfloppy - ok
17:11:48.0628 0800 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:11:48.0646 0800 ShellHWDetection - ok
17:11:48.0680 0800 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
17:11:48.0682 0800 sisagp - ok
17:11:48.0708 0800 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:11:48.0710 0800 SiSRaid2 - ok
17:11:48.0727 0800 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
17:11:48.0730 0800 SiSRaid4 - ok
17:11:48.0738 0800 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
17:11:48.0742 0800 Smb - ok
17:11:48.0770 0800 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:11:48.0776 0800 SNMPTRAP - ok
17:11:48.0831 0800 [ 977AAA4398D7D6FA65D973F5B3F54E40 ] SonicStage Back-End Service C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe
17:11:48.0833 0800 SonicStage Back-End Service - ok
17:11:48.0844 0800 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
17:11:48.0846 0800 spldr - ok
17:11:48.0881 0800 [ 866A43013535DC8587C258E43579C764 ] Spooler C:\Windows\System32\spoolsv.exe
17:11:48.0898 0800 Spooler - ok
17:11:49.0009 0800 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
17:11:49.0085 0800 sppsvc - ok
17:11:49.0135 0800 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
17:11:49.0140 0800 sppuinotify - ok
17:11:49.0182 0800 [ E3E6C96B0EF4492C3C8FD0DEEF4E35A1 ] SPTISRV C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
17:11:49.0184 0800 SPTISRV - ok
17:11:49.0218 0800 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
17:11:49.0222 0800 srv - ok
17:11:49.0244 0800 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:11:49.0250 0800 srv2 - ok
17:11:49.0278 0800 [ 682FCF7D2EB5158CD30408E976562408 ] SrvHsfPCI C:\Windows\system32\DRIVERS\VSTBS23.SYS
17:11:49.0286 0800 SrvHsfPCI - ok
17:11:49.0334 0800 [ CEB4E3B6890E1E42DCA6694D9E59E1A0 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV3.SYS
17:11:49.0360 0800 SrvHsfV92 - ok
17:11:49.0391 0800 [ BC0C7EA89194C299F051C24119000E17 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
17:11:49.0407 0800 SrvHsfWinac - ok
17:11:49.0447 0800 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:11:49.0449 0800 srvnet - ok
17:11:49.0477 0800 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:11:49.0486 0800 SSDPSRV - ok
17:11:49.0527 0800 [ 756E371B3B86A3D3039926D32EAC0E8D ] SSScsiSV C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
17:11:49.0529 0800 SSScsiSV - ok
17:11:49.0542 0800 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
17:11:49.0548 0800 SstpSvc - ok
17:11:49.0621 0800 [ A766CCAD980235FF34E7F8089D3175A3 ] Stereo Service C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
17:11:49.0635 0800 Stereo Service - ok
17:11:49.0655 0800 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
17:11:49.0657 0800 stexstor - ok
17:11:49.0679 0800 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
17:11:49.0697 0800 StiSvc - ok
17:11:49.0715 0800 [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
17:11:49.0717 0800 storflt - ok
17:11:49.0754 0800 [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc C:\Windows\system32\drivers\storvsc.sys
17:11:49.0756 0800 storvsc - ok
17:11:49.0775 0800 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
17:11:49.0776 0800 swenum - ok
17:11:49.0794 0800 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
17:11:49.0812 0800 swprv - ok
17:11:49.0818 0800 Synth3dVsc - ok
17:11:49.0887 0800 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
17:11:49.0923 0800 SysMain - ok
17:11:49.0941 0800 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:11:49.0948 0800 TabletInputService - ok
17:11:49.0993 0800 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
17:11:50.0009 0800 TapiSrv - ok
17:11:50.0025 0800 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
17:11:50.0031 0800 TBS - ok
17:11:50.0097 0800 [ 7FA2E0F8B072BD04B77B421480B6CC22 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:11:50.0132 0800 Tcpip - ok
17:11:50.0182 0800 [ 7FA2E0F8B072BD04B77B421480B6CC22 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
17:11:50.0194 0800 TCPIP6 - ok
17:11:50.0250 0800 [ CCA24162E055C3714CE5A88B100C64ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:11:50.0250 0800 tcpipreg - ok
17:11:50.0291 0800 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
17:11:50.0300 0800 TDPIPE - ok
17:11:50.0331 0800 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
17:11:50.0333 0800 TDTCP - ok
17:11:50.0370 0800 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:11:50.0372 0800 tdx - ok
17:11:50.0434 0800 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys
17:11:50.0436 0800 TermDD - ok
17:11:50.0528 0800 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
17:11:50.0544 0800 TermService - ok
17:11:50.0572 0800 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
17:11:50.0577 0800 Themes - ok
17:11:50.0614 0800 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
17:11:50.0617 0800 THREADORDER - ok
17:11:50.0650 0800 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
17:11:50.0655 0800 TrkWks - ok
17:11:50.0735 0800 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:11:50.0740 0800 TrustedInstaller - ok
17:11:50.0764 0800 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
17:11:50.0766 0800 tssecsrv - ok
17:11:50.0793 0800 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
17:11:50.0795 0800 TsUsbFlt - ok
17:11:50.0828 0800 tsusbhub - ok
17:11:50.0889 0800 [ 529EF4070A4A1F949AB254E38782B5D4 ] TuneUp.UtilitiesSvc C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe
17:11:50.0924 0800 TuneUp.UtilitiesSvc - ok
17:11:50.0953 0800 [ F2107C9D85EC0DF116939CCCE06AE697 ] TuneUpUtilitiesDrv C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys
17:11:50.0954 0800 TuneUpUtilitiesDrv - ok
17:11:50.0996 0800 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:11:50.0998 0800 tunnel - ok
17:11:51.0017 0800 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
17:11:51.0020 0800 uagp35 - ok
17:11:51.0061 0800 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:11:51.0065 0800 udfs - ok
17:11:51.0085 0800 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:11:51.0090 0800 UI0Detect - ok
17:11:51.0110 0800 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
17:11:51.0112 0800 uliagpkx - ok
17:11:51.0146 0800 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\drivers\umbus.sys
17:11:51.0148 0800 umbus - ok
17:11:51.0162 0800 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
17:11:51.0164 0800 UmPass - ok
17:11:51.0227 0800 [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService C:\Windows\System32\umrdp.dll
17:11:51.0233 0800 UmRdpService - ok
17:11:51.0256 0800 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
17:11:51.0273 0800 upnphost - ok
17:11:51.0306 0800 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
17:11:51.0309 0800 usbccgp - ok
17:11:51.0341 0800 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
17:11:51.0343 0800 usbcir - ok
17:11:51.0362 0800 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
17:11:51.0363 0800 usbehci - ok
17:11:51.0377 0800 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
17:11:51.0381 0800 usbhub - ok
17:11:51.0399 0800 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\drivers\usbohci.sys
17:11:51.0401 0800 usbohci - ok
17:11:51.0420 0800 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
17:11:51.0422 0800 usbprint - ok
17:11:51.0446 0800 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:11:51.0448 0800 USBSTOR - ok
17:11:51.0498 0800 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
17:11:51.0500 0800 usbuhci - ok
17:11:51.0515 0800 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
17:11:51.0520 0800 UxSms - ok
17:11:51.0556 0800 [ 866ED31801B008CACFB3276F78AB5800 ] UxTuneUp C:\Windows\System32\uxtuneup.dll
17:11:51.0561 0800 UxTuneUp - ok
17:11:51.0573 0800 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
17:11:51.0575 0800 VaultSvc - ok
17:11:51.0587 0800 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
17:11:51.0589 0800 vdrvroot - ok
17:11:51.0643 0800 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
17:11:51.0660 0800 vds - ok
17:11:51.0700 0800 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
17:11:51.0702 0800 vga - ok
17:11:51.0710 0800 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
17:11:51.0712 0800 VgaSave - ok
17:11:51.0731 0800 VGPU - ok
17:11:51.0773 0800 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
17:11:51.0777 0800 vhdmp - ok
17:11:51.0793 0800 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
17:11:51.0796 0800 viaagp - ok
17:11:51.0819 0800 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
17:11:51.0822 0800 ViaC7 - ok
17:11:51.0852 0800 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
17:11:51.0853 0800 viaide - ok
17:11:51.0881 0800 [ C2F2911156FDC7817C52829C86DA494E ] vmbus C:\Windows\system32\drivers\vmbus.sys
17:11:51.0884 0800 vmbus - ok
17:11:51.0909 0800 [ D4D77455211E204F370D08F4963063CE ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
17:11:51.0912 0800 VMBusHID - ok
17:11:51.0949 0800 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
17:11:51.0951 0800 volmgr - ok
17:11:51.0966 0800 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:11:51.0983 0800 volmgrx - ok
17:11:52.0008 0800 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
17:11:52.0012 0800 volsnap - ok
17:11:52.0032 0800 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
17:11:52.0036 0800 vsmraid - ok
17:11:52.0089 0800 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
17:11:52.0124 0800 VSS - ok
17:11:52.0151 0800 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
17:11:52.0154 0800 vwifibus - ok
17:11:52.0176 0800 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
17:11:52.0177 0800 vwififlt - ok
17:11:52.0220 0800 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
17:11:52.0238 0800 W32Time - ok
17:11:52.0260 0800 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
17:11:52.0263 0800 WacomPen - ok
17:11:52.0309 0800 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
17:11:52.0311 0800 WANARP - ok
17:11:52.0316 0800 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:11:52.0317 0800 Wanarpv6 - ok
17:11:52.0412 0800 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
17:11:52.0446 0800 WatAdminSvc - ok
17:11:52.0524 0800 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
17:11:52.0558 0800 wbengine - ok
17:11:52.0568 0800 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
17:11:52.0574 0800 WbioSrvc - ok
17:11:52.0616 0800 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:11:52.0633 0800 wcncsvc - ok
17:11:52.0650 0800 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:11:52.0656 0800 WcsPlugInService - ok
17:11:52.0679 0800 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
17:11:52.0680 0800 Wd - ok
17:11:52.0703 0800 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:11:52.0720 0800 Wdf01000 - ok
17:11:52.0740 0800 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:11:52.0745 0800 WdiServiceHost - ok
17:11:52.0750 0800 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:11:52.0754 0800 WdiSystemHost - ok
17:11:52.0776 0800 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
17:11:52.0784 0800 WebClient - ok
17:11:52.0808 0800 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
17:11:52.0825 0800 Wecsvc - ok
17:11:52.0837 0800 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:11:52.0842 0800 wercplsupport - ok
17:11:52.0854 0800 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
17:11:52.0859 0800 WerSvc - ok
17:11:52.0883 0800 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
17:11:52.0884 0800 WfpLwf - ok
17:11:52.0904 0800 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
17:11:52.0906 0800 WIMMount - ok
17:11:52.0958 0800 [ 253A9C2DF9A2A7B3B23146014959F2CD ] winachsf C:\Windows\system32\DRIVERS\HSX_CNXT.sys
17:11:52.0973 0800 winachsf - ok
17:11:52.0981 0800 WinHttpAutoProxySvc - ok
17:11:53.0053 0800 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:11:53.0056 0800 Winmgmt - ok
17:11:53.0096 0800 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
17:11:53.0130 0800 WinRM - ok
17:11:53.0165 0800 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
17:11:53.0191 0800 Wlansvc - ok
17:11:53.0291 0800 [ FB01D4AE207B9EFDBABFC55DC95C7E31 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:11:53.0334 0800 wlidsvc - ok
17:11:53.0368 0800 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
17:11:53.0370 0800 WmiAcpi - ok
17:11:53.0388 0800 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:11:53.0391 0800 wmiApSrv - ok
17:11:53.0461 0800 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
17:11:53.0497 0800 WMPNetworkSvc - ok
17:11:53.0520 0800 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:11:53.0525 0800 WPCSvc - ok
17:11:53.0560 0800 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:11:53.0566 0800 WPDBusEnum - ok
17:11:53.0604 0800 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:11:53.0606 0800 ws2ifsl - ok
17:11:53.0640 0800 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\system32\wscsvc.dll
17:11:53.0646 0800 wscsvc - ok
17:11:53.0652 0800 WSearch - ok
17:11:53.0693 0800 [ E714A1C0354636837E20CCBF00888EE7 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
17:11:53.0695 0800 WudfPf - ok
17:11:53.0732 0800 [ 1023EE888C9B47178C5293ED5336AB69 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
17:11:53.0735 0800 WUDFRd - ok
17:11:53.0775 0800 [ 8D1E1E529A2C9E9B6A85B55A345F7629 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:11:53.0781 0800 wudfsvc - ok
17:11:53.0798 0800 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
17:11:53.0815 0800 WwanSvc - ok
17:11:53.0832 0800 [ 894F963BE999BA9DB5AAC3AED55B115D ] XAudio C:\Windows\system32\DRIVERS\XAudio32.sys
17:11:53.0833 0800 XAudio - ok
17:11:53.0886 0800 ================ Scan global ===============================
17:11:53.0951 0800 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
17:11:53.0995 0800 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\Windows\system32\winsrv.dll
17:11:54.0008 0800 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\Windows\system32\winsrv.dll
17:11:54.0042 0800 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
17:11:54.0075 0800 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
17:11:54.0080 0800 [Global] - ok
17:11:54.0081 0800 ================ Scan MBR ==================================
17:11:54.0096 0800 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
17:11:54.0200 0800 \Device\Harddisk1\DR1 - ok
17:11:54.0217 0800 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
17:11:54.0223 0800 \Device\Harddisk0\DR0 - ok
17:11:54.0229 0800 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk2\DR2
17:11:54.0237 0800 \Device\Harddisk2\DR2 - ok
17:11:54.0238 0800 ================ Scan VBR ==================================
17:11:54.0251 0800 [ 85DC7855C560ED207F6AB0E4F2601FEF ] \Device\Harddisk1\DR1\Partition1
17:11:54.0254 0800 \Device\Harddisk1\DR1\Partition1 - ok
17:11:54.0267 0800 [ 9034347BB41A63FE207045E45320826C ] \Device\Harddisk1\DR1\Partition2
17:11:54.0269 0800 \Device\Harddisk1\DR1\Partition2 - ok
17:11:54.0282 0800 [ EB63F03B074ABFAB37C3804D2530DF34 ] \Device\Harddisk0\DR0\Partition1
17:11:54.0284 0800 \Device\Harddisk0\DR0\Partition1 - ok
17:11:54.0291 0800 [ 29B7B20335D5292382BF28EB1CB81BFA ] \Device\Harddisk2\DR2\Partition1
17:11:54.0294 0800 \Device\Harddisk2\DR2\Partition1 - ok
17:11:54.0295 0800 ============================================================
17:11:54.0295 0800 Scan finished
17:11:54.0295 0800 ============================================================
17:11:54.0312 1664 Detected object count: 0
17:11:54.0312 1664 Actual detected object count: 0
17:13:06.0958 2336 Deinitialize success


aswMBR log



aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-09-29 17:13:16
-----------------------------
17:13:16.245 OS Version: Windows 6.1.7601 Service Pack 1
17:13:16.245 Number of processors: 2 586 0x602
17:13:16.247 ComputerName: .....-PC UserName: ......
17:13:17.062 Initialize success
17:15:00.345 AVAST engine defs: 12092900
17:15:07.828 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP3T0L0-5
17:15:07.831 Disk 0 Vendor: WDC_WD2500KS-00MJB0 02.01C03 Size: 238475MB BusType: 11
17:15:07.834 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP2T0L0-4
17:15:07.838 Disk 1 Vendor: Maxtor_6V300F0 VA111630 Size: 286188MB BusType: 11
17:15:07.850 Disk 0 MBR read successfully
17:15:07.856 Disk 0 MBR scan
17:15:07.917 Disk 0 Windows XP default MBR code
17:15:07.931 Disk 0 Partition 1 00 07 HPFS/NTFS NTFS 238473 MB offset 2048
17:15:07.987 Disk 0 scanning sectors +488394752
17:15:08.116 Disk 0 scanning C:\Windows\system32\drivers
17:15:29.697 Service scanning
17:15:49.728 Service MpKsl0a44dd79 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3D45D8A9-3903-4038-B943-5F98C73599DF}\MpKsl0a44dd79.sys **LOCKED** 32
17:16:21.777 Modules scanning
17:16:28.166 Disk 0 trace - called modules:
17:16:28.200 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll ataport.SYS PCIIDEX.SYS msahci.sys
17:16:28.208 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86a8e860]
17:16:28.216 3 CLASSPNP.SYS[89baf59e] -> nt!IofCallDriver -> [0x86995c10]
17:16:28.224 5 ACPI.sys[898c53d4] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP3T0L0-5[0x865c3908]
17:16:29.242 AVAST engine scan C:\Windows
17:16:34.916 AVAST engine scan C:\Windows\system32
17:22:04.089 AVAST engine scan C:\Windows\system32\drivers
17:22:33.272 AVAST engine scan C:\Users\......
17:47:14.137 AVAST engine scan C:\ProgramData
17:51:57.858 Scan finished successfully
18:00:22.740 Disk 0 MBR has been saved successfully to "C:\Users\......\Documents\MBR.dat"
18:00:22.787 The log file has been saved successfully to "C:\Users\......\Documents\aswMBR.txt"


eset online scanner log


C:\Program Files\Activision\Empires Dawn of the Modern World\EDMW_ResSet.exe probably a variant of Win32/Agent.KFOIWYH trojan cleaned by deleting - quarantined
C:\Program Files\MyWebFace_5a\bar\1.bin\5adatact.dll probably a variant of Win32/Toolbar.MyWebSearch.A application cleaned by deleting - quarantined
C:\Program Files\MyWebFace_5a\bar\1.bin\5ahtml.dll probably a variant of Win32/Toolbar.MyWebSearch.F application cleaned by deleting - quarantined
C:\Program Files\MyWebFace_5a\bar\1.bin\5ahtmlmu.dll probably a variant of Win32/Toolbar.MyWebSearch.B application cleaned by deleting - quarantined
C:\Program Files\MyWebFace_5a\bar\1.bin\5aieovr.dll probably a variant of Win32/Toolbar.MyWebSearch.P application cleaned by deleting - quarantined
C:\Program Files\MyWebFace_5a\bar\1.bin\5aPlugin.dll probably a variant of Win32/Toolbar.MyWebSearch application cleaned by deleting - quarantined
C:\Program Files\MyWebFace_5a\bar\1.bin\5askin.dll a variant of Win32/Toolbar.MyWebSearch.P application cleaned by deleting - quarantined


farbar log


Farbar Service Scanner Version: 19-09-2012
Ran by ...... (administrator) on 29-09-2012 at 21:08:34
Running from "C:\Users\......\Downloads"
Microsoft Windows 7 Ultimate Service Pack 1 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
MpsSvc Service is not running. Checking service configuration:
The start type of MpsSvc service is OK.
The ImagePath of MpsSvc service is OK.
The ServiceDll of MpsSvc service is OK.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is OK.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.

BITS Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.


Other Services:
==============
Checking Start type of SharedAccess: ATTENTION!=====> Unable to retrieve start type of SharedAccess. The value does not exist.
Checking ImagePath of SharedAccess: ATTENTION!=====> Unable to retrieve ImagePath of SharedAccess. The value does not exist.
Checking ServiceDll of SharedAccess: ATTENTION!=====> Unable to retrieve ServiceDll of SharedAccess. The value does not exist.


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcore.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\ipnathlp.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****

Edited by hamluis, 29 September 2012 - 01:22 PM.
Split, PM sent new OP - Hamluis.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:28 AM

Posted 29 September 2012 - 01:24 PM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.


Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

Launch it and scan should start running.After scan gets completed,post the generated log here.

NOTE:For vista and windows 7,right click on the tool and select run as administrator


Run the services repair tool

http://kb.eset.com/library/ESET/KB%20Team%20Only/Malware/ServicesRepair.exe

Run Farbar service scanner again and post the new log

Edited by narenxp, 29 September 2012 - 01:24 PM.


#3 gregkle

gregkle
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:06:28 PM

Posted 29 September 2012 - 03:40 PM

Thanks for the help the firewall working now!


Malwarebytes log


Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org

Database version: v2012.09.29.01

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
...... :: ......-PC [administrator]

29/9/2012 21:31:01
mbam-log-2012-09-29 (21-31-01).txt

Scan type: Full scan (C:\|F:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 412397
Time elapsed: 1 hour(s), 2 minute(s), 43 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 20
HKCR\CLSID\{14d02517-c8be-4735-a344-3c8366c77aa0} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{14D02517-C8BE-4735-A344-3C8366C77AA0} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{14D02517-C8BE-4735-A344-3C8366C77AA0} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{14D02517-C8BE-4735-A344-3C8366C77AA0} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{af94b35c-3ac5-4030-9f9c-15fb4e3dc339} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{AF94B35C-3AC5-4030-9F9C-15FB4E3DC339} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{AF94B35C-3AC5-4030-9F9C-15FB4E3DC339} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWebFace_5abar Uninstall (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{b1df253a-9e7a-480d-b6a5-7a435b520dbb} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B1DF253A-9E7A-480D-B6A5-7A435B520DBB} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{B1DF253A-9E7A-480D-B6A5-7A435B520DBB} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{B1DF253A-9E7A-480D-B6A5-7A435B520DBB} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{498c8ec2-2aba-4f18-a415-e8661aeaf515} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TypeLib\{ca039ce1-eee2-4f9f-b2bf-b602ef19d4d3} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Interface\{BD91F60F-0512-49B3-9F1F-B60B57341F3D} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{0a9d317b-2882-4bf7-a5ae-9f696d177328} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TypeLib\{0b9410d4-adcb-408f-bb37-e3020f64da4a} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Interface\{F0D0A65C-6AD4-41D1-8D7D-E189D82DAEAB} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\MyWebFace_5a.RadioSettings.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\MyWebFace_5a.RadioSettings (PUP.MyWebSearch) -> Quarantined and deleted successfully.

Registry Values Detected: 3
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|MyWebFace Search Scope Monitor (PUP.MyWebSearch) -> Data: "C:\PROGRA~1\MYWEBF~2\bar\1.bin\5asrchmn.exe" /m=2 /w /h -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser|{AF94B35C-3AC5-4030-9F9C-15FB4E3DC339} (PUP.MyWebSearch) -> Data: \³”―Ε:0@ŸœϋN=Γ9 -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{AF94B35C-3AC5-4030-9F9C-15FB4E3DC339} (PUP.MyWebSearch) -> Data: -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 13

C:\Program Files\MyWebFace_5a\bar\1.bin\5aSrchMn.exe (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebFace_5a\bar\1.bin\5aSrcAs.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebFace_5a\bar\1.bin\5abar.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebFace_5a\bar\1.bin\5aauxstb.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebFace_5a\bar\1.bin\5adlghk.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebFace_5a\bar\1.bin\5ahighin.exe (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebFace_5a\bar\1.bin\5ahkstub.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebFace_5a\bar\1.bin\5amedint.exe (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebFace_5a\bar\1.bin\5aradio.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebFace_5a\bar\1.bin\5aregfft.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebFace_5a\bar\1.bin\5areghk.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebFace_5a\bar\1.bin\5aregiet.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebFace_5a\bar\1.bin\NP5aStub.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.

(end)




Minitoolbox log




MiniToolBox by Farbar Version: 23-07-2012
Ran by ...... (administrator) on 29-09-2012 at 22:45:53
Microsoft Windows 7 Ultimate Service Pack 1 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================


127.0.0.1 validation.sls.microsoft.com

========================= IP Configuration: ================================

Broadcom NetLink ™ Gigabit Ethernet = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : ......-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom NetLink ™ Gigabit Ethernet
Physical Address. . . . . . . . . : 00-16-E6-44-85-D1
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::70e2:6489:40f3:929f%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.7(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : ‘α™™˜«¦, 29 ‘œ§«œ£™¨ε¦¬ 2012 22:42:43
Lease Expires . . . . . . . . . . : ’¨ε«ž, 2 Ž΅«ΰ™¨ε¦¬ 2012 22:42:43
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 234886886
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-64-8E-8C-00-16-E6-44-85-D1
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{776F4F1F-AA77-40D3-831D-D8DF0B2EEE08}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: 192.168.1.1

Name: google.com
Addresses: 173.194.67.113
173.194.67.101
173.194.67.102
173.194.67.100
173.194.67.139
173.194.67.138


Pinging google.com [173.194.67.138] with 32 bytes of data:
Reply from 173.194.67.138: bytes=32 time=56ms TTL=46
Reply from 173.194.67.138: bytes=32 time=55ms TTL=46

Ping statistics for 173.194.67.138:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 55ms, Maximum = 56ms, Average = 55ms
Server: UnKnown
Address: 192.168.1.1

Name: yahoo.com
Addresses: 98.139.183.24
98.138.253.109
72.30.38.140


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=196ms TTL=49
Reply from 98.139.183.24: bytes=32 time=256ms TTL=49

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 196ms, Maximum = 256ms, Average = 226ms
Server: UnKnown
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
10...00 16 e6 44 85 d1 ......Broadcom NetLink ™ Gigabit Ethernet
1...........................Software Loopback Interface 1
19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.7 10
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.7 266
192.168.1.7 255.255.255.255 On-link 192.168.1.7 266
192.168.1.255 255.255.255.255 On-link 192.168.1.7 266
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.7 266
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.7 266
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
10 266 fe80::/64 On-link
10 266 fe80::70e2:6489:40f3:929f/128
On-link
1 306 ff00::/8 On-link
10 266 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\System32\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\System32\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 29 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 30 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 31 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 32 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 33 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 34 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 35 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 36 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 37 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 38 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 39 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 40 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 41 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 42 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/26/2012 09:31:40 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: The Cryptographic Services service failed to initialize the VSS backup "System Writer" object.

Details:
Could not query the status of the EventSystem service.

System Error:
The RPC server is unavailable.
.

Error: (09/26/2012 09:20:08 PM) (Source: Application Error) (User: )
Description: Faulting application name: rundll32.exe_newdev.dll, version: 6.1.7600.16385, time stamp: 0x4a5bc637
Faulting module name: PSAPI.DLL_unloaded, version: 0.0.0.0, time stamp: 0x4a5bdace
Exception code: 0xc0000005
Fault offset: 0x75ca13f0
Faulting process id: 0xa64
Faulting application start time: 0xrundll32.exe_newdev.dll0
Faulting application path: rundll32.exe_newdev.dll1
Faulting module path: rundll32.exe_newdev.dll2
Report Id: rundll32.exe_newdev.dll3

Error: (09/26/2012 09:17:15 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: The Cryptographic Services service failed to initialize the VSS backup "System Writer" object.

Details:
Could not query the status of the EventSystem service.

System Error:
The RPC server is unavailable.
.

Error: (07/09/2012 10:44:59 AM) (Source: Microsoft Security Client Setup) (User: ......-PC)......PC
Description: HRESULT:0x8004FF01
Description:Cannot complete uninstall wizard. An error has prevented the Security Essentials Uninstall Wizard from continuing. Please restart your computer and try again. Error code:0x8004FF01.

Error: (07/09/2012 10:43:33 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {80957955-b104-474e-aed2-5272afb11ae4}

Error: (07/09/2012 10:39:24 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: The Cryptographic Services service failed to initialize the VSS backup "System Writer" object.

Details:
Could not query the status of the EventSystem service.

System Error:
The RPC server is unavailable.
.

Error: (07/09/2012 10:39:23 AM) (Source: Microsoft Security Client Setup) (User: .....-PC)......-PC
Description: HRESULT:0x8004FF11
Description:Can’t install Microsoft Security Essentials on a computer running in safe mode. Your computer is currently running in safe mode. To install Security Essentials, your computer must be running in normal mode. Please restart your computer in normal mode, and then try to run the Security Essentials Setup Wizard again. Error code:0x8004FF11.

Error: (07/09/2012 10:39:11 AM) (Source: System Restore) (User: )
Description: Failed to create restore point (Process = C:\Program Files\VS Revo Group\Revo Uninstaller\Revouninstaller.exe Files\VS Revo Group\Revo Uninstaller\Revouninstaller.exe" ; Description = Revo Uninstaller's restore point - Microsoft Security Essentials; Error = 0x8007043c).

Error: (07/09/2012 10:30:42 AM) (Source: System Restore) (User: )
Description: Failed to create restore point (Process = C:\Program Files\VS Revo Group\Revo Uninstaller\Revouninstaller.exe Files\VS Revo Group\Revo Uninstaller\Revouninstaller.exe" ; Description = Revo Uninstaller's restore point - Microsoft Security Essentials; Error = 0x80042302).

Error: (07/09/2012 10:30:41 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine GetProviderMgmtInterface. hr = 0x8004230f, The shadow copy provider had an unexpected error while trying to process the specified operation.
.


System errors:
=============
Error: (09/29/2012 10:42:47 PM) (Source: Service Control Manager) (User: )
Description: The Windows Firewall service terminated with service-specific error %%5.

Error: (09/29/2012 05:04:42 PM) (Source: Service Control Manager) (User: )
Description: The Windows Firewall service terminated with service-specific error %%5.

Error: (09/29/2012 05:01:19 PM) (Source: Service Control Manager) (User: )
Description: The Windows Firewall service terminated with service-specific error %%5.

Error: (09/29/2012 04:58:21 PM) (Source: Service Control Manager) (User: )
Description: The Server service terminated with the following error:
%%14

Error: (09/29/2012 04:58:21 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%14

Error: (09/29/2012 04:58:17 PM) (Source: Service Control Manager) (User: )
Description: The Windows Firewall service terminated with service-specific error %%5.

Error: (09/29/2012 04:38:03 PM) (Source: Service Control Manager) (User: )
Description: The Windows Firewall service terminated with service-specific error %%5.

Error: (09/29/2012 01:44:59 PM) (Source: Service Control Manager) (User: )
Description: The Windows Firewall service terminated with service-specific error %%5.

Error: (09/29/2012 01:42:02 PM) (Source: Service Control Manager) (User: )
Description: The Windows Firewall service terminated with service-specific error %%5.

Error: (09/29/2012 01:39:49 PM) (Source: Service Control Manager) (User: )
Description: The Windows Firewall service terminated with service-specific error %%5.


Microsoft Office Sessions:
=========================
Error: (09/26/2012 09:31:40 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: Details:
Could not query the status of the EventSystem service.

System Error:
The RPC server is unavailable.

Error: (09/26/2012 09:20:08 PM) (Source: Application Error)(User: )
Description: rundll32.exe_newdev.dll6.1.7600.163854a5bc637PSAPI.DLL_unloaded0.0.0.04a5bdacec000000575ca13f0a6401cd9c138531e044C:\Windows\system32\rundll32.exePSAPI.DLLccd17a52-0806-11e2-a2bf-0016e64485d1

Error: (09/26/2012 09:17:15 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: Details:
Could not query the status of the EventSystem service.

System Error:
The RPC server is unavailable.

Error: (07/09/2012 10:44:59 AM) (Source: Microsoft Security Client Setup)(User: ......-PC)......-PC
Description: HRESULT:0x8004FF01
Description:Cannot complete uninstall wizard. An error has prevented the Security Essentials Uninstall Wizard from continuing. Please restart your computer and try again. Error code:0x8004FF01.

Error: (07/09/2012 10:43:33 AM) (Source: VSS)(User: )
Description: 0x80070005, Access is denied.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {80957955-b104-474e-aed2-5272afb11ae4}

Error: (07/09/2012 10:39:24 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: Details:
Could not query the status of the EventSystem service.

System Error:
The RPC server is unavailable.

Error: (07/09/2012 10:39:23 AM) (Source: Microsoft Security Client Setup)(User: ......-PC)......-PC
Description: HRESULT:0x8004FF11
Description:Can’t install Microsoft Security Essentials on a computer running in safe mode. Your computer is currently running in safe mode. To install Security Essentials, your computer must be running in normal mode. Please restart your computer in normal mode, and then try to run the Security Essentials Setup Wizard again. Error code:0x8004FF11.

Error: (07/09/2012 10:39:11 AM) (Source: System Restore)(User: )
Description: C:\Program Files\VS Revo Group\Revo Uninstaller\Revouninstaller.exe Files\VS Revo Group\Revo Uninstaller\Revouninstaller.exe" Revo Uninstaller's restore point - Microsoft Security Essentials0x8007043c

Error: (07/09/2012 10:30:42 AM) (Source: System Restore)(User: )
Description: C:\Program Files\VS Revo Group\Revo Uninstaller\Revouninstaller.exe Files\VS Revo Group\Revo Uninstaller\Revouninstaller.exe" Revo Uninstaller's restore point - Microsoft Security Essentials0x80042302

Error: (07/09/2012 10:30:41 AM) (Source: VSS)(User: )
Description: GetProviderMgmtInterface0x8004230f, The shadow copy provider had an unexpected error while trying to process the specified operation.


=========================== Installed Programs ============================

@BIOS (Version: 2.12)
Συλλογή φωτογραφιών του Windows Live (Version: 15.4.3502.0922)
µTorrent (Version: 3.1.3)
Adobe Flash Player 11 ActiveX (Version: 11.4.402.278)
Adobe Reader 9.5.1 (Version: 9.5.1)
Adobe Shockwave Player (Version: 10.2.0.22)
Age of Mythology
Age of Mythology - The Titans Expansion
ANNO 1404 - Venice (Version: 2.01.5010)
Anno 1404 (Version: 1.00.0000)
ANNO 1404 (Version: 1.03.0000)
Belkin Wireless USB Adapter Setup (Version: 2.20)
BufferChm (Version: 130.0.331.000)
Call of Duty
Call of Duty - United Offensive (Version: 1.00.0000)
Call of Duty Modern Warfare 2
Cisco EAP-FAST Module (Version: 2.2.14)
Cisco LEAP Module (Version: 1.0.19)
Cisco PEAP Module (Version: 1.1.6)
D3DX10 (Version: 15.4.2368.0902)
D4200 (Version: 130.0.365.000)
D4200_Help (Version: 90.0.235.000)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
DeviceDiscovery (Version: 130.0.465.000)
dj_sf_ProductContext (Version: 130.0.365.000)
dj_sf_software (Version: 130.0.365.000)
dj_sf_software_req (Version: 130.0.365.000)
Download Updater (AOL LLC)
DVDFab 8.0.2.2 (01/10/2010)
EA SPORTS™ NBA LIVE 08 (Version: 2.0.1.0)
Empire Earth II (Version: 1.02)
Empires Dawn of the Modern World
Enchanted Cavern 2 (Version: 1.0)
eReg (Version: 1.20.138.34)
ESET Online Scanner v3
FIFA 06
Football Manager 2008 (Version: 8.0.0.0)
Google Chrome (Version: 22.0.1229.79)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.3.2710.138)
Google Update Helper (Version: 1.3.21.123)
GPBaseService2 (Version: 130.0.371.000)
Harry Potter and the Prisoner of Azkaban™
HP Customer Participation Program 13.0 (Version: 13.0)
HP Deskjet Printer Driver Software 13.0 Rel. 1 (Version: 13.0)
HP Imaging Device Functions 13.0 (Version: 13.0)
HP Photosmart Essential 3.5 (Version: 3.5)
HP Smart Web Printing 4.51 (Version: 4.51)
HP Solution Center 13.0 (Version: 13.0)
HP Update (Version: 4.000.011.006)
HPPhotoGadget (Version: 130.0.282.000)
HPPhotoSmartDiscLabelContent1 (Version: 2.04.0000)
HPPhotosmartEssential (Version: 2.04.0000)
HPProductAssistant (Version: 130.0.371.000)
HPSSupply (Version: 130.0.371.000)
Image Converter 3 (Version: 3.0)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 31 (Version: 6.0.310)
Logitech SetPoint 6.32 (Version: 6.32.20)
Malwarebytes Anti-Malware version 1.65.0.1400 (Version: 1.65.0.1400)
MarketResearch (Version: 130.0.374.000)
Medieval II Total War (Version: 1.00.0000)
Messenger Companion (Version: 15.4.3502.0922)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Antimalware Service EL-GR Language Pack (Version: 3.0.8402.2)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Games for Windows - LIVE Redistributable (Version: 3.5.92.0)
Microsoft Games for Windows Marketplace (Version: 3.5.50.0)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (Greek) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (Greek) 2010 (Version: 14.0.6029.1000)
Microsoft Office Groove MUI (Greek) 2010 (Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (Greek) 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (Greek) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (Greek) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (Greek) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Greek) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (Greek) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (Greek) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (Greek) 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (Greek) 2010 (Version: 14.0.6029.1000)
Microsoft Security Client (Version: 4.0.1526.0)
Microsoft Security Client EL-GR Language Pack (Version: 2.1.1116.0)
Microsoft Security Essentials (Version: 4.0.1526.0)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft VC9 runtime libraries (Version: 2.0.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
MSVCRT (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML4 Parser (Version: 1.0.0)
Need for Speed™ SHIFT (Version: 1.0.0.0)
Nero 7 Premium (Version: 7.03.1151)
neroxml (Version: 1.0.0)
NVIDIA 3D Vision Controller Driver (Version: 280.19)
NVIDIA 3D Vision Controller Driver 306.23 (Version: 306.23)
NVIDIA 3D Vision Driver 306.23 (Version: 306.23)
NVIDIA Control Panel 306.23 (Version: 306.23)
NVIDIA Graphics Driver 306.23 (Version: 306.23)
NVIDIA HD Audio Driver 1.3.18.0 (Version: 1.3.18.0)
NVIDIA Install Application (Version: 2.1002.85.551)
NVIDIA PhysX (Version: 9.12.0604)
NVIDIA PhysX System Software 9.12.0604 (Version: 9.12.0604)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.0623)
NVIDIA Update 1.10.8 (Version: 1.10.8)
NVIDIA Update Components (Version: 1.10.8)
O&O Defrag Professional (Version: 12.0.197)
OpenMG Limited Patch 4.7-07-14-05-01
OpenMG Secure Module 4.7.00 (Version: 4.7.00.12140)
PCI SoftV92 Modem (Version: 7.80.5.0)
PDF Manual NW-A800 Series (Version: 1.0)
PearlMountain Image Resizer Pro 1.4.0
PowerISO (Version: 4.8)
Pro Evolution Soccer 2011 (Version: 1.01.0000)
Pro Evolution Soccer 2012 (Version: 1.06.0000)
PunkBuster Services (Version: 0.986)
Ralink RT2870 Wireless LAN Card (Version: 1.5.5.0)
Readon TV Movie Radio Player 7.5.0.0 (Version: 7.5.0)
Realtek High Definition Audio Driver (Version: 6.0.1.6167)
RegCure (Version: 3.0.2.0)
Revo Uninstaller 1.90 (Version: 1.90)
Rise Of Legends (Version: 1.00.0000)
Royal Envoy II CE (Version: 1.0)
Shop for HP Supplies (Version: 13.0)
SimCity 4 Deluxe
SimCity™ Societies (Version: 1.0.0.0)
SmartWebPrinting (Version: 130.0.457.000)
Sniper Elite V2
SolutionCenter (Version: 130.0.373.000)
SonicStage 4.3 (Version: 4.3)
Sony Video Shared Library (Version: 3.1.01)
SpongeBob SquarePants - The Movie (Version: 1.0)
Status (Version: 130.0.469.000)
swMSM (Version: 12.0.0.1)
Toolbox (Version: 130.0.648.000)
TrayApp (Version: 130.0.422.000)
TuneUp Utilities 2011 (Version: 10.0.2011.65)
TuneUp Utilities Language Pack (en-US) (Version: 10.0.2011.65)
Turbo-X DTT-1000 Device
Unity Web Player (Version: )
UnloadSupport (Version: 11.0.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
uTorrentBar Toolbar (Version: 6.8.2.0)
uTorrentControl2 Toolbar (Version: 6.9.0.16)
Video Downloader (Version: 1.0.00.03050)
Visual C++ 2008 x86 Runtime - (v9.0.30729) (Version: 9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (Version: 9.0.30729.01)
VivaTV Software
WALKMAN Launcher (Version: 1.0.00.02190)
WebReg (Version: 130.0.132.017)
Win7codecs (Version: 2.6.5)
Winamp (Version: 5.623 )
Winamp Detector Plug-in (Version: 1.0.0.1)
Winamp Toolbar
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
WinRAR archiver

========================= Memory info: ===================================

Percentage of memory in use: 49%
Total physical RAM: 2047.55 MB
Available physical RAM: 1029.36 MB
Total Pagefile: 4095.11 MB
Available Pagefile: 2840.57 MB
Total Virtual: 2047.88 MB
Available Virtual: 1933.37 MB

========================= Partitions: =====================================

2 Drive c: () (Fixed) (Total:232.88 GB) (Free:35.31 GB) NTFS
3 Drive d: (NBALIVE08) (CDROM) (Total:3.47 GB) (Free:0 GB) UDF
4 Drive e: (PES2012) (CDROM) (Total:7.02 GB) (Free:0 GB) UDF
5 Drive f: (BACKUP) (Fixed) (Total:279.38 GB) (Free:99.9 GB) NTFS

========================= Users: ========================================

User accounts for \\......-PC

Administrator ...... Guest
UpdatusUser

========================= Restore Points ==================================

26-06-2012 21:58:35 Revo Uninstaller's restore point - Microsoft .NET Framework 4 Client Profile
26-06-2012 22:00:32 Revo Uninstaller's restore point - Microsoft .NET Framework 4 Client Profile
27-06-2012 11:55:20 Windows Update
28-06-2012 11:45:51 Windows Update
28-06-2012 12:16:35 Revo Uninstaller's restore point - Operation Flashpoint ®: Red River
06-07-2012 12:53:40 Scheduled Checkpoint
09-07-2012 07:43:33 Revo Uninstaller's restore point - Microsoft Security Essentials
29-09-2012 09:49:43 test

**** End of log ****




Adware cleaner log




# AdwCleaner v2.003 - Logfile created 09/29/2012 at 22:49:44
# Updated 23/09/2012 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (32 bits)
# User : ...... - ......-PC
# Boot Mode : Normal
# Running from : C:\Users\......\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Program Files\Common Files\Software Update Utility
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Program Files\uTorrentBar
Folder Deleted : C:\Program Files\uTorrentControl2
Folder Deleted : C:\Program Files\Winamp Toolbar
Folder Deleted : C:\ProgramData\InstallMate
Folder Deleted : C:\ProgramData\Premium
Folder Deleted : C:\ProgramData\Winamp Toolbar
Folder Deleted : C:\Users\......\AppData\Local\Conduit
Folder Deleted : C:\Users\......\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
Folder Deleted : C:\Users\......\AppData\Local\Winamp Toolbar
Folder Deleted : C:\Users\......\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\......\AppData\LocalLow\uTorrentBar
Folder Deleted : C:\Users\......\AppData\LocalLow\uTorrentControl2

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\uTorrentBar
Key Deleted : HKCU\Software\AppDataLow\Software\uTorrentControl2
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Google\Chrome\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4AAF2A6-F6D1-49A5-BA1A-B20735DF1955}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Winamp Toolbar
Key Deleted : HKCU\Software\Winamp Toolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B27D9527-3762-4D71-963D-FB7A94FDD678}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\dnu.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\winamptbServer.exe
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{13119113-0854-469D-807A-171568457991}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{33119133-0854-469D-807A-171568457991}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{57BCA5FA-5DBB-45A2-B558-1755C3F6253B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{687578B9-7132-4A7A-80E4-30EE31099E03}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6EF4E91D-DDD5-4478-BCA7-DA04435934C0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{841FD004-57A2-4B49-BBDB-5897394619DB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B38D6EDE-390B-4620-8365-29E16459EBDA}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D4AAF2A6-F6D1-49A5-BA1A-B20735DF1955}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E1164984-B567-47BD-A7FF-240C2594404A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F20F11FD-203E-45A9-B7BB-AFC1B4FEA7A6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FE178B09-C8AA-4734-804D-1849BCCA0C29}
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdate
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0F54B66A-21CF-4548-AE59-A6B83EE6676F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{51A971CA-D36E-4D13-A799-2CF0A491D04D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{56FBEA9F-EF93-4318-B75F-A96FC7C7BD7B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66DD22B9-6521-4B05-97DB-0EBC00B1DA5D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{78B3C85E-44FF-4DC8-B3AD-156F39DC75E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{841FD004-57A2-4B49-BBDB-5897394619DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E1164984-B567-47BD-A7FF-240C2594404A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E19FDA06-5BDF-43C2-B794-BCD8A4C2051F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FAB076F5-E4DD-4EA4-AFEE-F18BF972B057}
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3072253
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{03119103-0854-469D-807A-171568457991}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{507591C2-2F4E-46A7-92D6-E6CFF82E5F26}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{538CD77C-BFDD-49B0-9562-77419CAB89D1}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.AOLTBSearch
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.AOLTBSearch.1
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.AOLToolBand
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.AOLToolBand.1
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.Downloader
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.Downloader.1
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.ToolbarInfo
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.ToolbarInfo.1
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.ToolbarParams
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.ToolbarParams.1
Key Deleted : HKLM\SOFTWARE\Classes\WinampTbServer.AolToolbarHelper
Key Deleted : HKLM\SOFTWARE\Classes\WinampTbServer.AolToolbarHelper.1
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7C1AF4EE-0072-4760-B0D0-59D3A3CBF014}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{826072AB-DC90-4DD4-AE88-51F9F6C29FD3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AA1435E5-07DC-40C5-93C8-41FAD316C36A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F39D4A80-414D-44B5-9AAA-00F122F6850D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{687578B9-7132-4A7A-80E4-30EE31099E03}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D4AAF2A6-F6D1-49A5-BA1A-B20735DF1955}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentBar Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentControl2 Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Winamp Toolbar
Key Deleted : HKLM\Software\uTorrentBar
Key Deleted : HKLM\Software\uTorrentControl2
Key Deleted : HKLM\Software\Winamp Toolbar
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{687578B9-7132-4A7A-80E4-30EE31099E03}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{687578B9-7132-4A7A-80E4-30EE31099E03}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{687578B9-7132-4A7A-80E4-30EE31099E03}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{687578B9-7132-4A7A-80E4-30EE31099E03}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

Restored : [HKCU\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-21-2524033085-2692716012-3623008080-1001\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]

-\\ Google Chrome v [Unable to get version]

File : C:\Users\......\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted [l.8] : homepage = "hxxp://search.conduit.com/?ctid=CT3072253&SearchSource=48",
Deleted [l.1196] : homepage = "hxxp://search.conduit.com/?ctid=CT3072253&SearchSource=48",

*************************

AdwCleaner[S1].txt - [9945 octets] - [29/09/2012 22:49:44]

########## EOF - C:\AdwCleaner[S1].txt - [10005 octets] ##########



Junkware remooval tool log



Junkware Removal Tool (JRT) by Thisisu
Version: 1.1.5 (09.28.2012)
OS: Windows 7 Ultimate x86
Ran by ...... on ‘˜™ 29/09/2012 at 22:58:04,83
Blog: http://thisisudax.blogspot.com
**************************************************************




*** Registry Values: 0 Detections



*** Registry Keys:

Successfully deleted: [KEY] hkey_current_user\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}
Successfully deleted: [KEY] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}
Successfully deleted: [KEY] hkey_classes_root\clsid\{3c471948-f874-49f5-b338-4f214a2ee0b1}



*** Files: 0 Detections



*** Folders: 0 Detections



Removed the following from [PREFS.JS] :



*** Event Viewer Logs - Cleared





**************************************************************
Scan was completed on ‘˜™ 29/09/2012 at 22:58:11,43
End of Report



Farbar log




Farbar Service Scanner Version: 19-09-2012
Ran by ...... (administrator) on 29-09-2012 at 23:16:18
Running from "C:\Users\......\Downloads"
Microsoft Windows 7 Ultimate Service Pack 1 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcore.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\ipnathlp.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****



it seems ok :clapping:

Edited by gregkle, 29 September 2012 - 05:55 PM.


#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:28 AM

Posted 29 September 2012 - 03:52 PM

Please update malwarebytes and run a scan once again and post the new log

Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#5 gregkle

gregkle
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:06:28 PM

Posted 29 September 2012 - 05:54 PM

Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org

Database version: v2012.09.29.04

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
...... :: ......-PC [administrator]

30/9/2012 0:16:27
mbam-log-2012-09-30 (00-16-27).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 408965
Time elapsed: 1 hour(s), 21 minute(s), 48 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)






Rkill 2.4.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 09/30/2012 01:44:59 AM in x86 mode.
Windows Version: Windows 7 Ultimate Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\Windows\system32\IoctlSvc.exe (PID: 2292) [WD-HEUR]

1 proccess terminated!

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 validation.sls.microsoft.com

Program finished at: 09/30/2012 01:45:18 AM
Execution time: 0 hours(s), 0 minute(s), and 19 seconds(s)



Autorans log


"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "BCSSync" "Microsoft Office 2010 component" "Microsoft Corporation" "c:\program files\microsoft office\office14\bcssync.exe"
+ "EvtMgr6" "Logitech SetPoint Event Manager (UNICODE)" "Logitech, Inc." "c:\program files\logitech\setpointp\setpoint.exe"
+ "hpqSRMon" "HpqSRmon" "Hewlett-Packard" "c:\program files\hp\digital imaging\bin\hpqsrmon.exe"
+ "MSC" "Microsoft Security Client User Interface" "Microsoft Corporation" "c:\program files\microsoft security client\msseces.exe"
+ "MyWebFace_5a Browser Plugin Loader" "VER_DESCRIPTION" "VER_COMPANY_NAME" "c:\program files\mywebface_5a\bar\1.bin\5abrmon.exe"
+ "OODefragTray" "O&O Defrag TrayIcon (Win32)" "O&O Software GmbH" "c:\program files\oo software\defrag\oodtray.exe"
+ "PWRISOVM.EXE" "PowerISO Virtual Drive Manager" "PowerISO Computing, Inc." "c:\program files\poweriso\pwrisovm.exe"
+ "RtHDVCpl" "Realtek HD Audio Manager" "Realtek Semiconductor" "c:\program files\realtek\audio\hda\rthdvcpl.exe"
+ "WinampAgent" "Winamp Agent" "Nullsoft, Inc." "c:\program files\winamp\winampa.exe"
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "HP Digital Imaging Monitor.lnk" "HP Digital Imaging Monitor" "Hewlett-Packard Co." "c:\program files\hp\digital imaging\bin\hpqtra08.exe"
+ "Ralink Wireless Utility.lnk" "RaUI MFC Application" "Ralink Technology, Corp." "c:\program files\ralink\common\raui.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "OfficeSyncProcess" "Microsoft Office Document Cache" "Microsoft Corporation" "c:\program files\microsoft office\office14\msosync.exe"
+ "Sidebar" "Windows Desktop Gadgets" "Microsoft Corporation" "c:\program files\windows sidebar\sidebar.exe"
+ "TiVme Agent" "Schedule Agent" "" "c:\program files\turbo-x dtt-1000\vivatv\scheduleagent.exe"
"HKLM\SOFTWARE\Microsoft\Windows CE Services\AutoStartOnConnect" "" "" ""
+ "NeroMobileAd" "Nero Mobile Advertisment" "Nero AG" "c:\program files\nero\nero 7\nero mobile\neromobilead.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office14\msoxmlmf.dll"
"HKLM\SOFTWARE\Classes\Protocols\Handler" "" "" ""
+ "livecall" "Windows Live Messenger Protocol Handler Module" "Microsoft Corporation" "c:\program files\windows live\messenger\msgrapp.dll"
+ "ms-help" "Microsoft® Help Data Services Module" "Microsoft Corporation" "c:\program files\common files\microsoft shared\help\hxds.dll"
+ "msnim" "Windows Live Messenger Protocol Handler Module" "Microsoft Corporation" "c:\program files\windows live\messenger\msgrapp.dll"
+ "wlpg" "Windows Live Album Download Protocol Handler" "Microsoft Corporation" "c:\program files\windows live\photo gallery\albumdownloadprotocolhandler.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks" "" "" ""
+ "Groove GFS Stub Execution Hook" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "Cover Designer" "Cover Designer" "Nero AG" "c:\program files\nero\nero 7\nero coverdesigner\coveredextension.dll"
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll"
+ "ImageConverter3" "CtxMenu" " " "c:\program files\sony\image converter 3\ctxmenu.dll"
+ "NBShellHook Class" "Nero BackItUp" "Nero AG" "c:\program files\nero\nero 7\nero backitup\nbshell.dll"
+ "OODefrag" "O&O Defrag Shell Extension (Win32)" "O&O Software GmbH" "c:\program files\oo software\defrag\oodsh.dll"
+ "PowerISO" "PowerISOShell DLL" "PowerISO Computing, Inc." "c:\program files\poweriso\pwrisosh.dll"
+ "TuneUp Shredder Shell Extension" "TuneUp Shredder Shell Extension" "TuneUp Software" "c:\program files\tuneup utilities 2011\sdshelex-win32.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll"
+ "ImageConverter3" "CtxMenu" " " "c:\program files\sony\image converter 3\ctxmenu.dll"
+ "PowerISO" "PowerISOShell DLL" "PowerISO Computing, Inc." "c:\program files\poweriso\pwrisosh.dll"
+ "TuneUp Disk Space Explorer Shell Extension" "TuneUp Disk Space Explorer Shell Extension" "TuneUp Software" "c:\program files\tuneup utilities 2011\dseshext-x86.dll"
+ "TuneUp Shredder Shell Extension" "TuneUp Shredder Shell Extension" "TuneUp Software" "c:\program files\tuneup utilities 2011\sdshelex-win32.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
+ "ImageConverter3" "CtxMenu" " " "c:\program files\sony\image converter 3\ctxmenu.dll"
+ "NvCplDesktopContext" "" "NVIDIA Corporation" "c:\windows\system32\nvshext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
+ "NBShellHook Class" "Nero BackItUp" "Nero AG" "c:\program files\nero\nero 7\nero backitup\nbshell.dll"
+ "OODefrag" "O&O Defrag Shell Extension (Win32)" "O&O Software GmbH" "c:\program files\oo software\defrag\oodsh.dll"
+ "PowerISO" "PowerISOShell DLL" "PowerISO Computing, Inc." "c:\program files\poweriso\pwrisosh.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "NBShellHook" "Nero BackItUp" "Nero AG" "c:\program files\nero\nero 7\nero backitup\nbshell.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2 (GFS Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 3 (GFS Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "Google Toolbar Helper" "Google Toolbar" "Google Inc." "c:\program files\google\google toolbar\googletoolbar_32.dll"
+ "Groove GFS Browser Helper" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "HP Print Enhancer" "HP Smart Web Printing add-on for Internet Explorer" "Hewlett-Packard Co." "c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll"
+ "HP Smart BHO Class" "HP Smart Web Printing add-on for Internet Explorer" "Hewlett-Packard Co." "c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files\java\jre6\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files\java\jre6\bin\ssv.dll"
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files\microsoft office\office14\urlredir.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
+ "Windows Live Messenger Companion Helper" "Windows Live Messenger Companion Core" "Microsoft Corporation" "c:\program files\windows live\companion\companioncore.dll"
"HKCU\Software\Microsoft\Internet Explorer\UrlSearchHooks" "" "" ""
+ "5aSrcAs.dll" "" "" "File not found: C:\Program Files\MyWebFace_5a\bar\1.bin\5aSrcAs.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "Google Toolbar" "Google Toolbar" "Google Inc." "c:\program files\google\google toolbar\googletoolbar_32.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "Messenger Companion (Ctrl+Shift+C)" "Windows Live Messenger Companion Core" "Microsoft Corporation" "c:\program files\windows live\companion\companioncore.dll"
+ "Απ&οστολή στο OneNote" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office14\onbttnie.dll"
+ "Εμφάνιση ή απόκρυψη του HP Smart Web Printing" "HP Smart Web Printing add-on for Internet Explorer" "Hewlett-Packard Co." "c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll"
+ "Συνδεδεμένες &σημειώσεις του OneNote" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office14\onbttnielinkednotes.dll"
"Task Scheduler" "" "" ""
+ "\Adobe online update program" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files\common files\adobe\arm\1.0\adobearm.exe"
+ "\Adobe Reader and Acrobat Manager" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files\common files\adobe\arm\1.0\adobearm.exe"
+ "\HP online update program" "hpwuSchd Application" "Hewlett-Packard" "c:\program files\hp\hp software update\hpwuschd2.exe"
+ "\Java Update Scheduler" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files\common files\java\java update\jusched.exe"
+ "\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\microsoft security client\mpcmdrun.exe"
+ "\Microsoft\Microsoft Antimalware\MpIdleTask" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\microsoft security client\mpcmdrun.exe"
+ "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task" "Windows Live Social Object Extractor Engine" "Microsoft Corporation" "c:\program files\windows live\soxe\wlsoxe.dll"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
+ "\RegCure" "RegCure Application" "" "c:\program files\regcure\regcure.exe"
+ "\RegCure Program Check" "RegCure Application" "" "c:\program files\regcure\regcure.exe"
+ "\SidebarExecute" "Windows Desktop Gadgets" "Microsoft Corporation" "c:\program files\windows sidebar\sidebar.exe"
+ "\TuneUpUtilities_Task_BkGndMaintenance2011" "TuneUp 1-Click Maintenance" "TuneUp Software" "c:\program files\tuneup utilities 2011\oneclick.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\system32\macromed\flash\flashplayerupdateservice.exe"
+ "gupdate" "Διατηρεί ενημερωμένο το λογισμικό Google που διαθέτετε. Αν αυτή η υπηρεσία είναι απενεργοποιημένη ή έχει διακοπεί, το λογισμικό Google δεν θα διατηρείται ενημερωμένο, πράγμα που σημαίνει ότι δεν θα είναι δυνατή η επιδιόρθωση αδυναμιών ασφαλείας που μπορεί να εμφανιστούν και μπορεί να μην λειτουργούν ορισμένα χαρακτηριστικά. Η εγκατάσταση της υπηρεσίας καταργείται αυτόματα όταν δεν υπάρχει λογισμικό Google που να τη χρησιμοποιεί." "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "gupdatem" "Διατηρεί ενημερωμένο το λογισμικό Google που διαθέτετε. Αν αυτή η υπηρεσία είναι απενεργοποιημένη ή έχει διακοπεί, το λογισμικό Google δεν θα διατηρείται ενημερωμένο, πράγμα που σημαίνει ότι δεν θα είναι δυνατή η επιδιόρθωση αδυναμιών ασφαλείας που μπορεί να εμφανιστούν και μπορεί να μην λειτουργούν ορισμένα χαρακτηριστικά. Η εγκατάσταση της υπηρεσίας καταργείται αυτόματα όταν δεν υπάρχει λογισμικό Google που να τη χρησιμοποιεί." "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "gusvc" "Google Updater keeps your Google software up to date. If Google Updater Service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work." "Google" "c:\program files\google\common\google updater\googleupdaterservice.exe"
+ "hpqcxs08" "HP CUE Context Manager Objects" "Hewlett-Packard Co." "c:\program files\hp\digital imaging\bin\hpqcxs08.dll"
+ "hpqddsvc" "This service detects and monitors CUE devices on the system." "Hewlett-Packard Co." "c:\program files\hp\digital imaging\bin\hpqddsvc.dll"
+ "HsfXAudioService" "User-mode gate for HSF Modem" "Conexant Systems, Inc." "c:\windows\system32\xaudio32.dll"
+ "ICScsiSV" "SonicStage Scsi I/F Server" "Sony Corporation" "c:\program files\sony\image converter 3\icscsisv.exe"
+ "IcVzMonLauncher" "Image Converter VAIO Zone Recording Monitor Launcher" "Sony Corporation" "c:\program files\sony\image converter 3\icvzmonlauncher.exe"
+ "IDriverT" "Provides support for the Running Object Table for InstallShield Drivers" "Macrovision Corporation" "c:\program files\common files\installshield\driver\1150\intel 32\idrivert.exe"
+ "Image Converter video recording monitor for VAIO Entertainment" "Image Converter recording monitor and conversion service" "Sony Corporation" "c:\program files\sony\image converter 3\icvzmon.exe"
+ "LBTServ" "Logitech Bluetooth Service" "Logitech, Inc." "c:\program files\common files\logishrd\bluetooth\lbtserv.exe"
+ "Microsoft SharePoint Workspace Audit Service" "Microsoft SharePoint Workspace" "Microsoft Corporation" "c:\program files\microsoft office\office14\groove.exe"
+ "MSCSPTISRV" "MSCSPTISRV Module" "Sony Corporation" "c:\program files\common files\sony shared\avlib\mscsptisrv.exe"
+ "MsMpSvc" "Helps protect users from malware and other potentially unwanted software" "Microsoft Corporation" "c:\program files\microsoft security client\msmpeng.exe"
+ "MyWebFace_5aService" "PRODUCTVERS_TITLE" "COMPANYVERS_NAME" "c:\program files\mywebface_5a\bar\1.bin\5abarsvc.exe"
+ "NBService" "Nero BackItUp Service is responsible to control all jobs created using Nero BackItUp. These jobs can create backups of selected files/folders/partitions or complete hard disk to hard disk, network drive, disc or FTP." "Nero AG" "c:\program files\nero\nero 7\nero backitup\nbservice.exe"
+ "NisSrv" "Helps guard against intrusion attempts targeting known and newly discovered vulnerabilities in network protocols" "Microsoft Corporation" "c:\program files\microsoft security client\nissrv.exe"
+ "NMIndexingService" "Nero Home" "Nero AG" "c:\program files\common files\ahead\lib\nmindexingservice.exe"
+ "nvsvc" "Provides system and desktop level support to the NVIDIA display driver" "NVIDIA Corporation" "c:\windows\system32\nvvsvc.exe"
+ "nvUpdatusService" "NVIDIA Settings Update Manager service, used to check new updates from NVIDIA server." "NVIDIA Corporation" "c:\program files\nvidia corporation\nvidia update core\daemonu.exe"
+ "O&O Defrag" "O&O Defrag" "O&O Software GmbH" "c:\program files\oo software\defrag\oodag.exe"
+ "ose" "Αποθηκεύει αρχεία εγκατάστασης που χρησιμοποιούνται για ενημερώσεις και επιδιορθώσεις και απαιτείται για τη λήψη ενημερωμένων εκδόσεων του προγράμματος Εγκατάστασης καθώς και αναφορών σφαλμάτων του βοηθητικού προγράμματος Watson." "Microsoft Corporation" "c:\program files\common files\microsoft shared\source engine\ose.exe"
+ "osppsvc" "Office Software Protection Platform Service (unlocalized description)" "Microsoft Corporation" "c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe"
+ "PACSPTISVR" "PACSPTISVR Module" "" "c:\program files\common files\sony shared\avlib\pacsptisvr.exe"
+ "PLFlash DeviceIoControl Service" "PLFlash DeviceIoControl Service" "Prolific Technology Inc." "c:\windows\system32\ioctlsvc.exe"
+ "PnkBstrA" "PunkBuster Service Component [v1029] http://www.evenbalance.com" "" "c:\windows\system32\pnkbstra.exe"
+ "RalinkRegistryWriter" "RalinkRegistryWriter" "Ralink Technology, Corp." "c:\program files\ralink\common\raregistry.exe"
+ "SonicStage Back-End Service" "SonicStage Back-End Service Module" "Sony Corporation" "c:\program files\common files\sony shared\avlib\ssbesvc.exe"
+ "SPTISRV" "SPTISRV Module" "Sony Corporation" "c:\program files\common files\sony shared\avlib\sptisrv.exe"
+ "SSScsiSV" "SonicStage Scsi I/F Server" "Sony Corporation" "c:\program files\common files\sony shared\avlib\ssscsisv.exe"
+ "Stereo Service" "Provides system support for NVIDIA Stereoscopic 3D driver" "NVIDIA Corporation" "c:\program files\nvidia corporation\3d vision\nvscpapisvr.exe"
+ "TuneUp.UtilitiesSvc" "This service analyzes the usage of your computer in the background, enabling automatic usage-dependent optimizations. All of its functions can be set in TuneUp Utilities. If you stop or disable this service, parts of TuneUp Utilities will not work anymore." "TuneUp Software" "c:\program files\tuneup utilities 2011\tuneuputilitiesservice32.exe"
+ "UxTuneUp" "Allows to use visual styles without Microsoft signature." "TuneUp Software" "c:\windows\system32\uxtuneup.dll"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "wlidsvc" "Enables Windows Live ID authentication." "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aic78xx" "Adaptec Ultra SCSI miniport" "Adaptec, Inc." "c:\windows\system32\drivers\djsvs.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows family" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "atksgt" "" "" "c:\windows\system32\drivers\atksgt.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbdx.sys"
+ "b57nd60x" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60x.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbdx.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "gdrv" "GIGABYTE Tools" "Windows ® 2000 DDK provider" "c:\windows\gdrv.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "HSF_DPV" "HSF_DP driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\hsx_dpv.sys"
+ "HSXHWBS2" "HSF_HWB2 WDM driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\hsxhwbs2.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - ia32" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "IntcAzAudAddService" "Realtek® High Definition Audio Function Driver" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtkvhda.sys"
+ "LHidFilt" "Logitech HID Filter Driver." "Logitech, Inc." "c:\windows\system32\drivers\lhidfilt.sys"
+ "lirsgt" "" "" "c:\windows\system32\drivers\lirsgt.sys"
+ "LMouFilt" "Logitech Mouse Filter Driver." "Logitech, Inc." "c:\windows\system32\drivers\lmoufilt.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "LUsbFilt" "Logitech USB Filter Driver." "Logitech, Inc." "c:\windows\system32\drivers\lusbfilt.sys"
+ "mdmxsdk" "Diagnostic Interface x86 Driver" "Conexant" "c:\windows\system32\drivers\mdmxsdk.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7 for x86" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "MpKsl0a44dd79" "" "" "File not found: C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3D45D8A9-3903-4038-B943-5F98C73599DF}\MpKsl0a44dd79.sys"
+ "netr28u" "Ralink 802.11n Wireless Adapter Driver" "Ralink Technology Corp." "c:\windows\system32\drivers\netr28u.sys"
+ "netr73" "Ralink 802.11 USB Wireless Adapter Driver" "Ralink Technology, Corp." "c:\windows\system32\drivers\netr73.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "NVHDA" "NVIDIA HDMI Audio Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvhda32v.sys"
+ "nvlddmkm" "NVIDIA Windows Kernel Mode Driver, Version 306.23 " "NVIDIA Corporation" "c:\windows\system32\drivers\nvlddmkm.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "pcouffin" "low level access layer for CD/DVD/BD devices" "VSO Software" "c:\windows\system32\drivers\pcouffin.sys"
+ "PxHelp20" "Px Engine Device Driver for Windows 2000/XP" "Sonic Solutions" "c:\windows\system32\drivers\pxhelp20.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "RTL2832UBDA" "RTL2832UBDA Driver" "REALTEK SEMICONDUCTOR Corp." "c:\windows\system32\drivers\rtl2832ubda.sys"
+ "RTL2832UUSB" "RTL2832UUSB Driver" "REALTEK SEMICONDUCTOR Corp." "c:\windows\system32\drivers\rtl2832uusb.sys"
+ "SCDEmu" "PowerISO Virtual Drive" "PowerISO Computing, Inc." "c:\windows\system32\drivers\scdemu.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "SrvHsfPCI" "HSF_HWB2 WDM driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\vstbs23.sys"
+ "SrvHsfV92" "HSF_DP driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\vstdpv3.sys"
+ "SrvHsfWinac" "HSF_CNXT driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\vstcnxt3.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "Synth3dVsc" "" "" "File not found: System32\drivers\synth3dvsc.sys"
+ "tsusbhub" "@%SystemRoot%\system32\drivers\tsusbhub.sys,-2" "" "File not found: system32\drivers\tsusbhub.sys"
+ "TuneUpUtilitiesDrv" "TuneUp Utilities Driver" "TuneUp Software" "c:\program files\tuneup utilities 2011\tuneuputilitiesdriver32.sys"
+ "VGPU" "" "" "File not found: System32\drivers\rdvgkmd.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
+ "winachsf" "HSF_CNXT driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\hsx_cnxt.sys"
+ "XAudio" "Modem Audio Device Driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\xaudio32.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.ac3filter" "" "" "c:\windows\system32\ac3filter.acm"
+ "msacm.avis" "ffdshow Audio Decoder" "" "c:\windows\system32\ff_acm.acm"
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\system32\iccvid.dll"
+ "VIDC.dvsd" "Video for Windows driver for DV" "Sony Corporation" "c:\program files\common files\sony shared\videolib\sonydv.dll"
+ "VIDC.FFDS" "" "" "c:\windows\system32\ff_vfw.dll"
+ "vidc.XVID" "" "" "c:\windows\system32\xvidvfw.dll"
"HKLM\Software\Classes\Filter" "" "" ""
+ "Sony MPEG2 TS Splitter Ex" "" "Sony Corporation" "c:\program files\common files\sony shared\videolib\tssplt_s.ax"
+ "Sony MPEG2 TS Splitter Ex" "" "Sony Corporation" "c:\program files\common files\sony shared\videolib\tssplt_s.ax"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "AC3File" "" "" "c:\program files\win7codecs\filters\ac3file.ax"
+ "Capture File Writer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "CL Dvb Subtitle Decoder" "CLDvbSub" "CyberLink_DE" "c:\program files\turbo-x dtt-1000\vivatv\cldvbsub.ax"
+ "CoreVorbis Audio Decoder" "CoreVorbis" "-" "c:\program files\win7codecs\filters\corevorbis.ax"
+ "CyberLink Audio Decoder(KWorld)" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files\turbo-x dtt-1000\vivatv\claud.ax"
+ "CyberLink Audio Encoder(KWorld)" "CyberLink Audio Encoder Filter" "Cyberlink Corp." "c:\program files\turbo-x dtt-1000\vivatv\claudenc.ax"
+ "CyberLink Demultiplexer(KWorld)" "MPEG-2 Dempltiplexer" "CyberLink Corp." "c:\program files\turbo-x dtt-1000\vivatv\cldemuxer.ax"
+ "Cyberlink Dump Filter" "Cyberlink File Dump Filter" "CyberLink Corp." "c:\program files\turbo-x dtt-1000\vivatv\cldump.ax"
+ "Cyberlink File Reader (Async.)" "Cyberlink MPEG File Reader" "CyberLink Corp." "c:\program files\turbo-x dtt-1000\vivatv\clreader.ax"
+ "CyberLink H.264/AVC Decoder (KWorld)" "CyberLink 264 Decoder Filter" "CyberLink Corp." "c:\program files\turbo-x dtt-1000\vivatv\cl264dec.ax"
+ "CyberLink Line21 Decoder Filter" "CyberLink Line21 Decoder Filter" "CyberLink Corp." "c:\program files\turbo-x dtt-1000\vivatv\cldtvcc.ax"
+ "CyberLink MPEG Muxer" "MpgMux" "CyberLink" "c:\program files\turbo-x dtt-1000\vivatv\mpgmux.ax"
+ "CyberLink MPEG Video Encoder(KWorld)" "CyberLink MPEG Video Encoder " "CyberLink Corp. " "c:\program files\turbo-x dtt-1000\vivatv\clvidenc.ax"
+ "CyberLink MPEG-4 Muxer(KWorld)" "CyberLink MPEG-4 Muxer" "CyberLink Corp." "c:\program files\turbo-x dtt-1000\vivatv\clm4muxer.ax"
+ "CyberLink MPEG-4 Splitter(KWorld)" "CyberLink MPEG-4 Splitter" "CyberLink Corp." "c:\program files\turbo-x dtt-1000\vivatv\clm4splt.ax"
+ "CyberLink MPEG-4 Video Decoder(KWorld)" "clm4vd" "Cyberlink" "c:\program files\turbo-x dtt-1000\vivatv\clm4vd.ax"
+ "CyberLink Teletext Decoder Filter" "Teletext Renderer Filter" "CyberLink Corp." "c:\program files\turbo-x dtt-1000\vivatv\ttxdec25.ax"
+ "CyberLink Video Effect (KWorld)" "CLVidFx" "CyberLink" "c:\program files\turbo-x dtt-1000\vivatv\clvidfx.ax"
+ "CyberLink Video/SP Decoder(KWorld)" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files\turbo-x dtt-1000\vivatv\clvsd.ax"
+ "DABP Splitter" "version MFC Application" "Realtek" "c:\windows\system32\superframesplitter.dll"
+ "DC-Bass Source" "DirectShow™ Audio Decoder" "http://www.dsp-worx.de" "c:\program files\win7codecs\filters\dcbasssource.ax"
+ "DirectVobSub" "VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth" "Gabest" "c:\windows\system32\vsfilter.dll"
+ "DirectVobSub (auto-loading version)" "VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth" "Gabest" "c:\windows\system32\vsfilter.dll"
+ "DV Scenes" "DV-Timecode based Scenechange Detection" "Nero AG" "c:\program files\nero\nero 7\nero vision\nvdv.dll"
+ "DV Source Filter" "DV-Timecode based Scenechange Detection" "Nero AG" "c:\program files\nero\nero 7\nero vision\nvdv.dll"
+ "ffdshow Audio Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\win7codecs\filters\ffdshow.ax"
+ "ffdshow Audio Processor" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\win7codecs\filters\ffdshow.ax"
+ "ffdshow DXVA Video Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\win7codecs\filters\ffdshow.ax"
+ "ffdshow raw video filter" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\win7codecs\filters\ffdshow.ax"
+ "ffdshow subtitles filter" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\win7codecs\filters\ffdshow.ax"
+ "ffdshow Video Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\win7codecs\filters\ffdshow.ax"
+ "Haali Matroska Muxer" "Haali Media Splitter" "" "c:\program files\win7codecs\filters\splitter.ax"
+ "Haali Media Splitter" "Haali Media Splitter" "" "c:\program files\win7codecs\filters\splitter.ax"
+ "Haali Media Splitter (AR)" "Haali Media Splitter" "" "c:\program files\win7codecs\filters\splitter.ax"
+ "Haali Simple Media Splitter" "Haali Media Splitter" "" "c:\program files\win7codecs\filters\splitter.ax"
+ "Haali Video Renderer" "" "" "c:\program files\win7codecs\filters\dxr.dll"
+ "Haali Video Sink" "Haali Media Splitter" "" "c:\program files\win7codecs\filters\splitter.ax"
+ "HighMAT and MPV Navigator Filter" "MPV Playback Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\hmnavigator.ax"
+ "HighMAT/MPV Navigation Client Filter" "MPV Playback Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\hmnavigator.ax"
+ "Infinite Pin Tee" "Parser Filter" "" "c:\program files\turbo-x dtt-1000\vivatv\kparser4.ax"
+ "Infinite Pin Tee" "Parser Filter" "" "c:\program files\turbo-x dtt-1000\vivatv\kparser2.ax"
+ "Infinite Pin Tee" "KWorld Parser Filter" "" "c:\program files\turbo-x dtt-1000\vivatv\kparser3.ax"
+ "Infinite Pin Tee" "Parser Filter" "" "c:\program files\turbo-x dtt-1000\vivatv\kparser5.ax"
+ "K-World MPEG-2 Splitter" "MPEG Splitter" "CyberLink" "c:\program files\turbo-x dtt-1000\vivatv\clm2splitter.ax"
+ "KWorld denoise filter" "Direct Show Filter" "KWorld" "c:\program files\turbo-x dtt-1000\vivatv\kworlddenoisefilter.ax"
+ "MONOGRAM AAC Decoder" "AAC Decoder" "MONOGRAM Multimedia s.r.o." "c:\program files\win7codecs\filters\mmaacd.ax"
+ "MONOGRAM AMR Decoder" "AMR Filter Pack" "MONOGRAM Multimedia, s.r.o." "c:\program files\win7codecs\filters\mmamr.ax"
+ "MONOGRAM AMR Encoder" "AMR Filter Pack" "MONOGRAM Multimedia, s.r.o." "c:\program files\win7codecs\filters\mmamr.ax"
+ "MONOGRAM AMR Mux" "AMR Filter Pack" "MONOGRAM Multimedia, s.r.o." "c:\program files\win7codecs\filters\mmamr.ax"
+ "MONOGRAM AMR Splitter" "AMR Filter Pack" "MONOGRAM Multimedia, s.r.o." "c:\program files\win7codecs\filters\mmamr.ax"
+ "MPC - DTS/AC3/DD+ Source" "DTS/AC3 Source Filter" "MPC-HC Team" "c:\program files\win7codecs\filters\dtsac3source.ax"
+ "MPC - FLV Source (Gabest)" "FLV Splitter" "MPC-HC Team" "c:\program files\win7codecs\filters\flvsplitter.ax"
+ "MPC - FLV Splitter (Gabest)" "FLV Splitter" "MPC-HC Team" "c:\program files\win7codecs\filters\flvsplitter.ax"
+ "MPC - MP4 Source" "MP4 Splitter" "MPC-HC Team" "c:\program files\win7codecs\filters\mp4splitter.dll"
+ "MPC - MP4 Splitter" "MP4 Splitter" "MPC-HC Team" "c:\program files\win7codecs\filters\mp4splitter.dll"
+ "MPC - Mpeg Source (Gabest)" "Mpeg Splitter" "Gabest" "c:\program files\win7codecs\filters\mpegsplitter1.ax"
+ "MPC - Mpeg Splitter (Gabest)" "Mpeg Splitter" "Gabest" "c:\program files\win7codecs\filters\mpegsplitter1.ax"
+ "MPC - MPEG4 Video Source" "MP4 Splitter" "MPC-HC Team" "c:\program files\win7codecs\filters\mp4splitter.dll"
+ "MPC - MPEG4 Video Splitter" "MP4 Splitter" "MPC-HC Team" "c:\program files\win7codecs\filters\mp4splitter.dll"
+ "MPC - Ogg Source" "Ogg Splitter" "MPC-HC Team" "c:\program files\win7codecs\filters\oggsplitter.ax"
+ "MPC - Ogg Splitter" "Ogg Splitter" "MPC-HC Team" "c:\program files\win7codecs\filters\oggsplitter.ax"
+ "MPC - RealAudio Decoder" "RealMedia Splitter" "MPC-HC Team" "c:\program files\win7codecs\filters\realmediasplitter.ax"
+ "MPC - RealMedia Source" "RealMedia Splitter" "MPC-HC Team" "c:\program files\win7codecs\filters\realmediasplitter.ax"
+ "MPC - RealMedia Splitter" "RealMedia Splitter" "MPC-HC Team" "c:\program files\win7codecs\filters\realmediasplitter.ax"
+ "MPC - RealVideo Decoder" "RealMedia Splitter" "MPC-HC Team" "c:\program files\win7codecs\filters\realmediasplitter.ax"
+ "MPEG-2 PSI Reader Filter" "Mpeg2PsiReader" "Nero AG" "c:\program files\common files\ahead\dsfilter\mpeg2psireader.ax"
+ "MPEG-2 Stream Reader Filter" "Mpeg2StreamReader" "Nero AG" "c:\program files\common files\ahead\dsfilter\mpeg2streamreader.ax"
+ "Nero Audible Decoder" "Nero Audible Decoder" "Nero AG" "c:\program files\common files\ahead\dsfilter\neaudible.ax"
+ "Nero Audio CD Filter" "Nero Audio CD Source Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\neaudcd.ax"
+ "Nero Audio CD Navigator" "Nero Audio CD Source Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\neaudcd.ax"
+ "Nero Audio Source" "Nero Library" "Nero AG" "c:\program files\common files\ahead\dsfilter\nerender.ax"
+ "Nero Audio Stream Renderer" "Nero Library" "Nero AG" "c:\program files\common files\ahead\dsfilter\nerender.ax"
+ "Nero Audio Stream Renderer" "Nero Library" "Nero AG" "c:\program files\common files\ahead\dsfilter\nerender.ax"
+ "Nero AV Synchronizer" "Audio/Video Synchronizer" "Nero AG" "c:\program files\common files\ahead\dsfilter\neavsync.ax"
+ "Nero Deinterlace" "Deinterlacing Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\nedeinterlace.ax"
+ "Nero Digital AVC Audio Encoder" "AAC LC/HE Audio Encoder" "Nero AG" "c:\program files\common files\ahead\dsfilter\nendaud.ax"
+ "Nero Digital AVC File Writer" "NeroDigital File Format Muxer" "Nero AG" "c:\program files\common files\ahead\dsfilter\nendmux.ax"
+ "Nero Digital AVC Muxer" "NeroDigital File Format Muxer" "Nero AG" "c:\program files\common files\ahead\dsfilter\nendmux.ax"
+ "Nero Digital AVC Null Renderer" "NeroDigital File Format Muxer" "Nero AG" "c:\program files\common files\ahead\dsfilter\nendmux.ax"
+ "Nero Digital AVC Subpicture Enc" "NeroDigital File Format Muxer" "Nero AG" "c:\program files\common files\ahead\dsfilter\nendmux.ax"
+ "Nero Digital AVC Video Enc" "MPEG4 and H.264 (AVC) Video Encoder" "Nero AG" "c:\program files\common files\ahead\dsfilter\nendvid.ax"
+ "Nero Digital Parser" "NeroDigital / mp4 / avi / mov parser" "Nero AG" "c:\program files\common files\ahead\dsfilter\ndparser.ax"
+ "Nero DV Splitter" "DV Splitter Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\nedvsplitter.ax"
+ "Nero ES Video Reader" "NeroDigital / mp4 / avi / mov parser" "Nero AG" "c:\program files\common files\ahead\dsfilter\ndparser.ax"
+ "Nero File Source" "Nero SVCD source filter" "Nero AG " "c:\program files\common files\ahead\dsfilter\nefilesrc.ax"
+ "Nero File Source (Async.)" "Nero Home" "Nero AG" "c:\program files\common files\ahead\dsfilter\nefilesourceasync.ax"
+ "Nero File Source / Splitter" "Push Mode VOB Source Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\nefsource.ax"
+ "Nero FLV Splitter" "Nero FLV Splitter Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\neflvsplitter.ax"
+ "Nero Format Converter" "Frame rate / Color space converter" "Nero AG" "c:\program files\common files\ahead\dsfilter\neroformatconv.ax"
+ "Nero Frame Capture" "Direct Show frame grabber filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\necapture.ax"
+ "Nero FTC" "Frame Time Corrector Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\neftc.ax"
+ "Nero InteractiveGraphics Decoder" "Graphics Decoder Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\nebdgraphic.ax"
+ "Nero MP3 Encoder" "MP3 Encoding Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\nemp3encoder.ax"
+ "Nero MP4 Splitter" "MP4 Splitter Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\nemp4splitter.ax"
+ "Nero Mpeg2 Encoder" "MPEG 1/2 encoder filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\nevcr.ax"
+ "Nero Ogg Splitter" "Ogg Splitter Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\neoggsplitter.ax"
+ "Nero Overlay Mixer" "Overlay Mixer Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\neoverlaymixer.ax"
+ "Nero Photo Source" "Nero Home" "Nero AG" "c:\program files\common files\ahead\dsfilter\nephotosource.ax"
+ "Nero PresentationGraphics Decoder" "Graphics Decoder Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\nebdgraphic.ax"
+ "Nero PS Muxer" "" "" "c:\program files\common files\ahead\dsfilter\nepsmuxer.ax"
+ "Nero QuickTime™ Audio Decoder" "QuickTime™ Decoder Wrapper" "Nero AG" "c:\program files\common files\ahead\dsfilter\neqtdec.ax"
+ "Nero QuickTime™ Video Decoder" "QuickTime™ Decoder Wrapper" "Nero AG" "c:\program files\common files\ahead\dsfilter\neqtdec.ax"
+ "Nero Resize" "Resizing Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\neresize.ax"
+ "Nero Sample Queue" "Sample Queue Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\nesamplequeue.ax"
+ "Nero Scene Change Detector" "Scene Change Detector" "Nero AG" "c:\program files\common files\ahead\dsfilter\nescenedetector.ax"
+ "Nero Scene Change Detector" "Scene Change Detector" "Nero AG" "c:\program files\common files\ahead\dsfilter\nescenedetector.ax"
+ "Nero Smart3D Text Effect Filter" "Nero 3D DirectShow Filter" "Nero AG" "c:\program files\common files\ahead\lib\nsg_dxfilter.dll"
+ "Nero Smart3D Transition Effect Filter" "Nero 3D DirectShow Filter" "Nero AG" "c:\program files\common files\ahead\lib\nsg_dxfilter.dll"
+ "Nero Smart3D Video Effect Filter" "Nero 3D DirectShow Filter" "Nero AG" "c:\program files\common files\ahead\lib\nsg_dxfilter.dll"
+ "Nero Sound Processor" "Nero Sound Processor" "Nero AG" "c:\program files\common files\ahead\dsfilter\nesoundproc.ax"
+ "Nero Splitter" "Splitter Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\nesplitter.ax"
+ "Nero Stream Buffer Sink" "Nero Stream Buffer Engine" "Nero AG" "c:\program files\common files\ahead\dsfilter\nesbe.ax"
+ "Nero Stream Buffer Source" "Nero Stream Buffer Engine" "Nero AG" "c:\program files\common files\ahead\dsfilter\nesbe.ax"
+ "Nero Stream Control" "Transport Stream Controller Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\nestreamcontrol.ax"
+ "Nero Subpicture Decoder" "Nero Subpicture Decoder" "Nero AG" "c:\program files\common files\ahead\dsfilter\nesubpicture.ax"
+ "Nero Subtitle" "Subtitle Mixer" "Nero AG" "c:\program files\common files\ahead\dsfilter\nesubtitle.ax"
+ "Nero Thumbnail Decoder" "Thumbnail Decoder Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\nebdthumbnail.ax"
+ "Nero Vcd Navigator" "Nero Vcd Navigator Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\nevcd.ax"
+ "Nero Video Analyzer" "Nero Video Analyzer" "Nero AG" "c:\program files\common files\ahead\dsfilter\nevideoanalyzer.ax"
+ "Nero Video Processor" "Resize / Deinterlace / Color Correction / Film Effect / Frame Capture Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\nerovideoproc.ax"
+ "Nero Video Renderer" "Nero Video Renderer" "Nero AG" "c:\program files\common files\ahead\dsfilter\nevideorenderer.ax"
+ "Nero Video Source" "Nero Library" "Nero AG" "c:\program files\common files\ahead\dsfilter\nerender.ax"
+ "NeSoundSwitch" "Nero Sound Switcher" "Nero AG" "c:\program files\common files\ahead\dsfilter\nesoundswitch.ax"
+ "OMG TRANSFORM" "OmgTransform Filter " "Sony Corporation" "c:\program files\common files\sony shared\openmg\omgtrans.ax"
+ "OmgDsee Filter" "" "" "c:\program files\common files\sony shared\openmg\omgdseefilter.ax"
+ "OmgGenericSrcFilter" "OmgGenericSrcFilter" "Sony Corporation" "c:\program files\common files\sony shared\openmg\omggenericsrcfilter.ax"
+ "OmgMP4Decoder2" "OmgMP4Decoder2" "Sony Corporation" "c:\program files\common files\sony shared\openmg\omgmp4decoder2.ax"
+ "OmgPushSrc" "OmgPushSrc" "Sony Corporation" "c:\program files\common files\sony shared\openmg\omgpushsrc.ax"
+ "OpenMG Async. File Source" "OpenMG Async. File Source" "Sony Corporation" "c:\program files\common files\sony shared\avlib\omgafs.ax"
+ "OpenMG Audio Decrypt" "OpenMG Decrypt Filter" "Sony Corporation" "c:\program files\common files\sony shared\openmg\omgdec.ax"
+ "OpenMG OmgSource Filter" "OpenMG OmgSource Filter" "Sony Corporation" "c:\program files\common files\sony shared\openmg\omgsrc.ax"
+ "RadLight OptimFROG DirectShow Filter" "RLOFRDec" "RadLight" "c:\program files\win7codecs\filters\rlofrdec.ax"
+ "Record Queue" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "RTKDABSourceFilter" "version MFC Application" "Realtek" "c:\windows\system32\rtkdabsource.dll"
+ "RTKFMSourceFilter" "version MFC Application" "Realtek" "c:\windows\system32\rtkfmsource.dll"
+ "SAL Input Converter" "SAL Input Converter Source Filter" "Sony Corporation" "c:\program files\common files\sony shared\openmg\saliconv.ax"
+ "SAL Output Converter" "SAL Output Converter RendererFilter" "Sony Corporation" "c:\program files\common files\sony shared\openmg\saloconv.ax"
+ "Seamless Play" "Seamless-Play Filter (Sample)" "Sony Corporation" "c:\program files\common files\sony shared\openmg\seamlessfilter.ax"
+ "Sony Audio CD Source Filter" "OpenMG CdSource Filter" "Sony Corporation" "c:\program files\common files\sony shared\avlib\cdsrc.ax"
+ "Sony AVC Decoder" "Sony AVC Decoder Filter" "Sony Corporation" "c:\program files\common files\sony shared\videolib\sjvtdl.ax"
+ "SONY DV Video Decoder" "Sony DV Video Decoder" "Sony Corporation" "c:\program files\common files\sony shared\videolib\sdvvd.ax"
+ "Sony LPCM Decoder" "Sony LPCM Decode Filter" "Sony Corporation" "c:\program files\common files\sony shared\videolib\slpcmd.ax"
+ "Sony MP4 File Source" "Sony MP4 File Source Filter" "Sony Corporation" "c:\program files\common files\sony shared\videolib\mp4filesource.ax"
+ "Sony MPEG Audio Decoder" "Sony MPEG Audio Decoder" "Sony Corporation" "c:\program files\common files\sony shared\videolib\smad.ax"
+ "SONY MPEG Video Decoder" "Sony MPEG4 Video Decoder" "Sony Corporation" "c:\program files\common files\sony shared\videolib\sm4spvd.ax"
+ "SONY MPEG Video Decoder" "Sony MPEG Video Decoder" "Sony Corporation" "c:\program files\common files\sony shared\videolib\smvd.ax"
+ "Sony MPEG-TS Parser" "Sony MPEG Parser Filter" "Sony Corporation" "c:\program files\common files\sony shared\videolib\smparse.ax"
+ "SonyMSAConv" "OpenMG Converter Filter" "Sony Corporation" "c:\program files\common files\sony shared\avlib\sonycdsrcwriter.ax"
+ "SonyMSAConv" "OpenMG Converter Filter" "Sony Corporation" "c:\program files\common files\sony shared\avlib\sonymsaconverter3.ax"
+ "SonyWavWriter" "SonyWavWriter" "Sony Corporation" "c:\program files\common files\sony shared\avlib\sonywavwriter.ax"
+ "StreamOnOffControl Filter" "Minimal Null Filter (Sample)" "MyCompanyName" "c:\program files\turbo-x dtt-1000\vivatv\streamonoffcontrol.ax"
+ "T" "VP7 Decompression Filter" "On2.com Inc." "c:\program files\win7codecs\filters\vp7dec.ax"
+ "VaioAacDecFilter" "Sony MPEG4 AAC Decoder" "Sony Corporation" "c:\program files\common files\sony shared\videolib\saaclcd.ax"
+ "WAV Dest" "WAVDest Filter (Sample)" "Microsoft Corporation" "c:\program files\turbo-x dtt-1000\vivatv\wavdest.ax"
+ "WM VIH2 Fix" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT DV Extract Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "Xiph.Org Native FLAC Decoder" "" "" "c:\program files\win7codecs\filters\dsfnativeflacsource.dll"
"HKLM\System\CurrentControlSet\Control\Session Manager\BootExecute" "" "" ""
+ "OODBS" "O&O BootTimeDefrag (Win32)" "O&O Software GmbH" "c:\windows\system32\oodbs.exe"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" "" "" ""
+ "WLIDCredentialProvider" "Microsoft® Windows Live ID Credential Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "LBTWlgn" "Logitech Bluetooth Service" "Logitech, Inc." "c:\program files\common files\logishrd\bluetooth\lbtwlgn.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "LIDIL hpzllw71" "LanguageMonitor" "Hewlett-Packard Corporation" "c:\windows\system32\hpzllw71.dll"
"C:\Users\......\AppData\Local\Microsoft\Windows Sidebar\Settings.ini" "" "" ""
+ "All CPU Meter" "The All Cpu Meter will show you all core cpu usage(24 Core, 16 Core, 12 Core, 8 Core, 6 Core, 4 Core, 3 Core, 2 Core, 1 Core),Temperatures and RAM usage. It also displayes all core usage history." "AddGadget.com" "C:\Users\......\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V3.3[1].gadget\Gadget.xml"
+ "Calendar" "Browse the days of the calendar." "Microsoft Corporation" "C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\en-us\Gadget.xml"
+ "Clock" "Watch the clock in your own time zone or any city in the world." "Microsoft Corporation" "C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-us\Gadget.xml"

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:28 AM

Posted 29 September 2012 - 06:18 PM

That looks good

Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

XP- http://support.microsoft.com/kb/310405

Vista & windows 7- http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing :)

Edited by narenxp, 29 September 2012 - 06:19 PM.


#7 gregkle

gregkle
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:06:28 PM

Posted 29 September 2012 - 06:32 PM

Grateful thanks :)

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:28 AM

Posted 29 September 2012 - 06:40 PM

You're welcome :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users