Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Browser opens Popups to "uncoverthenet" search site


  • Please log in to reply
15 replies to this topic

#1 wired1000

wired1000

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:11:55 PM

Posted 02 October 2012 - 07:10 PM

Hello,

I'm having an issue where my browser (Google Chrome 22.0.1229.79 m) will sometimes open a new tab (when I click a link) with some random website, usually a search on "uncoverthenet.com" but it has been others lately. I have updated ESET Virus Protection (not the whole suite) and it doesn't find anything, nor does Spybot, which I run regularly. The browser redirects are annoying, but the computer's really starting to slow down which is even more annoying.

Using Vista Home Premium, SP1, 64 bit

Thanks in advance!

Edited by Budapest, 02 October 2012 - 07:11 PM.
Moved from Vista ~Budapest


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:55 AM

Posted 02 October 2012 - 07:13 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 wired1000

wired1000
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:11:55 PM

Posted 02 October 2012 - 07:31 PM

Thanks for your fast reply!
TDSSKiller Log


19:29:44.0964 0660 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
19:29:45.0261 0660 ============================================================
19:29:45.0261 0660 Current date / time: 2012/10/02 19:29:45.0261
19:29:45.0261 0660 SystemInfo:
19:29:45.0261 0660
19:29:45.0261 0660 OS Version: 6.0.6001 ServicePack: 1.0
19:29:45.0261 0660 Product type: Workstation
19:29:45.0261 0660 ComputerName: WIRED1000-PC
19:29:45.0261 0660 UserName: wired1000
19:29:45.0261 0660 Windows directory: C:\Windows
19:29:45.0261 0660 System windows directory: C:\Windows
19:29:45.0261 0660 Running under WOW64
19:29:45.0261 0660 Processor architecture: Intel x64
19:29:45.0261 0660 Number of processors: 4
19:29:45.0261 0660 Page size: 0x1000
19:29:45.0261 0660 Boot type: Normal boot
19:29:45.0261 0660 ============================================================
19:29:46.0142 0660 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:29:46.0147 0660 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
19:29:46.0190 0660 ============================================================
19:29:46.0190 0660 \Device\Harddisk0\DR0:
19:29:46.0190 0660 MBR partitions:
19:29:46.0190 0660 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x730607C1
19:29:46.0190 0660 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x73060800, BlocksNum 0x16A5800
19:29:46.0190 0660 \Device\Harddisk1\DR1:
19:29:46.0191 0660 MBR partitions:
19:29:46.0191 0660 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x74705982
19:29:46.0191 0660 ============================================================
19:29:46.0331 0660 C: <-> \Device\Harddisk0\DR0\Partition1
19:29:46.0452 0660 D: <-> \Device\Harddisk0\DR0\Partition2
19:29:46.0482 0660 J: <-> \Device\Harddisk1\DR1\Partition1
19:29:46.0482 0660 ============================================================
19:29:46.0482 0660 Initialize success
19:29:46.0482 0660 ============================================================
19:29:56.0878 3552 ============================================================
19:29:56.0878 3552 Scan started
19:29:56.0878 3552 Mode: Manual;
19:29:56.0878 3552 ============================================================
19:29:58.0235 3552 ================ Scan system memory ========================
19:29:58.0235 3552 System memory - ok
19:29:58.0235 3552 ================ Scan services =============================
19:29:58.0703 3552 [ 8C99ED256A889D647935A97C543B7B85 ] ACPI C:\Windows\system32\drivers\acpi.sys
19:29:58.0703 3552 ACPI - ok
19:29:58.0843 3552 [ 2F0683FD2DF1D92E891CACA14B45A8C1 ] adfs C:\Windows\system32\drivers\adfs.sys
19:29:58.0843 3552 adfs - ok
19:29:59.0046 3552 [ 57A3B9A69F14414ACE12AFD6BA701773 ] Adobe Version Cue CS4 C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe
19:29:59.0046 3552 Adobe Version Cue CS4 - ok
19:29:59.0171 3552 [ F14215E37CF124104575073F782111D2 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
19:29:59.0171 3552 adp94xx - ok
19:29:59.0264 3552 [ 7D05A75E3066861A6610F7EE04FF085C ] adpahci C:\Windows\system32\drivers\adpahci.sys
19:29:59.0264 3552 adpahci - ok
19:29:59.0280 3552 [ 820A201FE08A0C345B3BEDBC30E1A77C ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
19:29:59.0296 3552 adpu160m - ok
19:29:59.0311 3552 [ 9B4AB6854559DC168FBB4C24FC52E794 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
19:29:59.0311 3552 adpu320 - ok
19:29:59.0374 3552 [ 0F421175574BFE0BF2F4D8E910A253BB ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:29:59.0374 3552 AeLookupSvc - ok
19:29:59.0436 3552 [ 9BB97042FA331A0FB4BDD98B9280A50A ] AFD C:\Windows\system32\drivers\afd.sys
19:29:59.0452 3552 AFD - ok
19:29:59.0483 3552 [ F6F6793B7F17B550ECFDBD3B229173F7 ] agp440 C:\Windows\system32\drivers\agp440.sys
19:29:59.0483 3552 agp440 - ok
19:29:59.0498 3552 [ 222CB641B4B8A1D1126F8033F9FD6A00 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
19:29:59.0514 3552 aic78xx - ok
19:29:59.0514 3552 [ 5922F4F59B7868F3D74BBBBEB7B825A3 ] ALG C:\Windows\System32\alg.exe
19:29:59.0514 3552 ALG - ok
19:29:59.0608 3552 [ 157D0898D4B73F075CE9FA26B482DF98 ] aliide C:\Windows\system32\drivers\aliide.sys
19:29:59.0608 3552 aliide - ok
19:29:59.0608 3552 [ 970FA5059E61E30D25307B99903E991E ] amdide C:\Windows\system32\drivers\amdide.sys
19:29:59.0623 3552 amdide - ok
19:29:59.0639 3552 [ CDC3632A3A5EA4DBB83E46076A3165A1 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
19:29:59.0639 3552 AmdK8 - ok
19:29:59.0701 3552 [ 9C37B3FD5615477CB9A0CD116CF43F5C ] Appinfo C:\Windows\System32\appinfo.dll
19:29:59.0701 3552 Appinfo - ok
19:29:59.0779 3552 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:29:59.0795 3552 Apple Mobile Device - ok
19:29:59.0857 3552 [ BA8417D4765F3988FF921F30F630E303 ] arc C:\Windows\system32\drivers\arc.sys
19:29:59.0857 3552 arc - ok
19:29:59.0873 3552 [ 9D41C435619733B34CC16A511E644B11 ] arcsas C:\Windows\system32\drivers\arcsas.sys
19:29:59.0873 3552 arcsas - ok
19:29:59.0920 3552 [ 22D13FF3DAFEC2A80634752B1EAA2DE6 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:29:59.0920 3552 AsyncMac - ok
19:29:59.0951 3552 [ 1898FAE8E07D97F2F6C2D5326C633FAC ] atapi C:\Windows\system32\drivers\atapi.sys
19:29:59.0951 3552 atapi - ok
19:29:59.0966 3552 [ 2A54B6A48AB6D2166271B05E9469326E ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:29:59.0982 3552 AudioEndpointBuilder - ok
19:29:59.0982 3552 [ 2A54B6A48AB6D2166271B05E9469326E ] AudioSrv C:\Windows\System32\Audiosrv.dll
19:29:59.0982 3552 AudioSrv - ok
19:30:00.0029 3552 [ BC4737AAFFA5964E4F8827C9B8C0EB8E ] BFE C:\Windows\System32\bfe.dll
19:30:00.0029 3552 BFE - ok
19:30:00.0122 3552 [ D896A0D43F8AB81ECB1FC6C24DECFD58 ] BITS C:\Windows\System32\qmgr.dll
19:30:00.0138 3552 BITS - ok
19:30:00.0185 3552 [ 79FEEB40056683F8F61398D81DDA65D2 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
19:30:00.0185 3552 blbdrive - ok
19:30:00.0325 3552 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:30:00.0325 3552 Bonjour Service - ok
19:30:00.0356 3552 [ F0F035FCEC3554CC1B70C5611BD87951 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:30:00.0403 3552 bowser - ok
19:30:00.0403 3552 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
19:30:00.0403 3552 BrFiltLo - ok
19:30:00.0434 3552 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
19:30:00.0434 3552 BrFiltUp - ok
19:30:00.0466 3552 [ A1B39DE453433B115B4EA69EE0343816 ] Browser C:\Windows\System32\browser.dll
19:30:00.0466 3552 Browser - ok
19:30:00.0481 3552 [ F0F0BA4D815BE446AA6A4583CA3BCA9B ] Brserid C:\Windows\system32\drivers\brserid.sys
19:30:00.0481 3552 Brserid - ok
19:30:00.0512 3552 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
19:30:00.0512 3552 BrSerWdm - ok
19:30:00.0544 3552 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
19:30:00.0544 3552 BrUsbMdm - ok
19:30:00.0575 3552 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
19:30:00.0575 3552 BrUsbSer - ok
19:30:00.0590 3552 [ E0777B34E05F8A82A21856EFC900C29F ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
19:30:00.0590 3552 BTHMODEM - ok
19:30:00.0606 3552 [ B4D787DB8D30793A4D4DF9FEED18F136 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:30:00.0606 3552 cdfs - ok
19:30:00.0622 3552 [ 3B2FB35363423ED60C8FBF15FC8680BD ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
19:30:00.0622 3552 cdrom - ok
19:30:00.0668 3552 [ EDFFFC8B6AFB609BF33DBE0A900426B6 ] CertPropSvc C:\Windows\System32\certprop.dll
19:30:00.0668 3552 CertPropSvc - ok
19:30:00.0668 3552 [ 02EA568D498BBDD4BA55BF3FCE34D456 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
19:30:00.0668 3552 circlass - ok
19:30:00.0684 3552 [ CAEDA2572B7042B11062F327F099251D ] CLFS C:\Windows\system32\CLFS.sys
19:30:00.0684 3552 CLFS - ok
19:30:00.0824 3552 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:30:00.0824 3552 clr_optimization_v2.0.50727_32 - ok
19:30:00.0902 3552 [ FA58B51ED71C9133E141164EAA7C54EB ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:30:00.0902 3552 clr_optimization_v2.0.50727_64 - ok
19:30:00.0965 3552 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:30:00.0965 3552 clr_optimization_v4.0.30319_32 - ok
19:30:01.0027 3552 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:30:01.0027 3552 clr_optimization_v4.0.30319_64 - ok
19:30:01.0074 3552 [ E5D5499A1C50A54B5161296B6AFE6192 ] cmdide C:\Windows\system32\drivers\cmdide.sys
19:30:01.0074 3552 cmdide - ok
19:30:01.0105 3552 [ 7FB8AD01DB0EABE60C8A861531A8F431 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
19:30:01.0105 3552 Compbatt - ok
19:30:01.0121 3552 COMSysApp - ok
19:30:01.0136 3552 [ A8585B6412253803CE8EFCBD6D6DC15C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
19:30:01.0136 3552 crcdisk - ok
19:30:01.0168 3552 [ 4374F784121D8B3BB466B03F5E5EBD33 ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:30:01.0183 3552 CryptSvc - ok
19:30:01.0277 3552 [ 52CDADE8289FF21F1F2215FF51A5F36C ] DcomLaunch C:\Windows\system32\rpcss.dll
19:30:01.0277 3552 DcomLaunch - ok
19:30:01.0324 3552 [ 3725C43C9E90731ECA651D506CC599A3 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:30:01.0324 3552 DfsC - ok
19:30:01.0583 3552 [ 1781F99840979EE7B126C9073C377FD0 ] DFSR C:\Windows\system32\DFSR.exe
19:30:01.0629 3552 DFSR - ok
19:30:01.0721 3552 [ FDAA0EDFCFB70CD529589AD654651B40 ] Dhcp C:\Windows\System32\dhcpcsvc.dll
19:30:01.0725 3552 Dhcp - ok
19:30:01.0741 3552 [ 2DC415FC05FB8A079F896CBBACB19324 ] disk C:\Windows\system32\drivers\disk.sys
19:30:01.0742 3552 disk - ok
19:30:01.0765 3552 [ DAF05293C1264E251D3A25E7E24B2DDF ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:30:01.0767 3552 Dnscache - ok
19:30:01.0803 3552 [ CC661867677627F2911C2A4970DEE0F1 ] dot3svc C:\Windows\System32\dot3svc.dll
19:30:01.0807 3552 dot3svc - ok
19:30:01.0888 3552 [ 1583B39790DB3EAEC7EDB0CB0140C708 ] DPS C:\Windows\system32\dps.dll
19:30:01.0891 3552 DPS - ok
19:30:01.0939 3552 [ F1A78A98CFC2EE02144C6BEC945447E6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:30:01.0940 3552 drmkaud - ok
19:30:01.0972 3552 [ 412964040CE920FF83AFF6B5B551BF99 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:30:01.0982 3552 DXGKrnl - ok
19:30:02.0009 3552 [ 264CEE7B031A9D6C827F3D0CB031F2FE ] E1G60 C:\Windows\system32\DRIVERS\E1G6032E.sys
19:30:02.0011 3552 E1G60 - ok
19:30:02.0067 3552 [ 13533557D01B88C83110D5CF749F14D7 ] eamonm C:\Windows\system32\DRIVERS\eamonm.sys
19:30:02.0069 3552 eamonm - ok
19:30:02.0081 3552 [ C2303883FD9BE49DC36A6400643002EA ] EapHost C:\Windows\System32\eapsvc.dll
19:30:02.0083 3552 EapHost - ok
19:30:02.0087 3552 easytether - ok
19:30:02.0093 3552 [ 7343D950A34A95DCB7441642E3E6BEEF ] Ecache C:\Windows\system32\drivers\ecache.sys
19:30:02.0095 3552 Ecache - ok
19:30:02.0132 3552 [ E097728129E7B79BF1089D7AEF42332B ] ehdrv C:\Windows\system32\DRIVERS\ehdrv.sys
19:30:02.0133 3552 ehdrv - ok
19:30:02.0209 3552 [ 14CE384D2E27B64C256BDA4DC39C312D ] ehRecvr C:\Windows\ehome\ehRecvr.exe
19:30:02.0212 3552 ehRecvr - ok
19:30:02.0218 3552 [ B93159C1313D66FDFBBE876F5189CD52 ] ehSched C:\Windows\ehome\ehsched.exe
19:30:02.0220 3552 ehSched - ok
19:30:02.0414 3552 [ F5EE2527D74449868E3C3227A59BCD28 ] ehstart C:\Windows\ehome\ehstart.dll
19:30:02.0415 3552 ehstart - ok
19:30:02.0550 3552 [ C7BB95CF9631AA401E4ADED1648F6AF7 ] ekrn C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
19:30:02.0557 3552 ekrn - ok
19:30:02.0762 3552 [ C4636D6E10469404AB5308D9FD45ED07 ] elxstor C:\Windows\system32\drivers\elxstor.sys
19:30:02.0762 3552 elxstor - ok
19:30:02.0794 3552 [ E4EB76D0A8FC43DB7F36302E1F33791F ] EMDMgmt C:\Windows\system32\emdmgmt.dll
19:30:02.0809 3552 EMDMgmt - ok
19:30:02.0840 3552 [ 2380976CF8A4A56611F35633ACD2A74F ] epfwwfpr C:\Windows\system32\DRIVERS\epfwwfpr.sys
19:30:02.0856 3552 epfwwfpr - ok
19:30:02.0872 3552 [ BC3A58E938BB277E46BF4B3003B01ABD ] ErrDev C:\Windows\system32\drivers\errdev.sys
19:30:02.0872 3552 ErrDev - ok
19:30:02.0981 3552 [ 6B1A97BF9FEFBDC83F3C7C7D0F826C66 ] EventSystem C:\Windows\system32\es.dll
19:30:02.0996 3552 EventSystem - ok
19:30:03.0059 3552 [ 2A546B9A84658B0554B1EC35CD9ADAF5 ] exfat C:\Windows\system32\drivers\exfat.sys
19:30:03.0059 3552 exfat - ok
19:30:03.0090 3552 [ FE731D345ED9EEABBC72A59B35941834 ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:30:03.0090 3552 fastfat - ok
19:30:03.0152 3552 [ 81B79B6DF71FA1D2C6D688D830616E39 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
19:30:03.0152 3552 fdc - ok
19:30:03.0168 3552 [ BB9267ACACD8B7533DD936C34A0CBA5E ] fdPHost C:\Windows\system32\fdPHost.dll
19:30:03.0168 3552 fdPHost - ok
19:30:03.0184 3552 [ 300C80931EABBE1DB7591C516EFE8D0F ] FDResPub C:\Windows\system32\fdrespub.dll
19:30:03.0184 3552 FDResPub - ok
19:30:03.0199 3552 [ 457B7D1D533E4BD62A99AED9C7BB4C59 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:30:03.0199 3552 FileInfo - ok
19:30:03.0215 3552 [ D421327FD6EFCCAF884A54C58E1B0D7F ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:30:03.0215 3552 Filetrace - ok
19:30:03.0246 3552 [ 1F63900E2EB00101B9ACA2B7A870704E ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
19:30:03.0262 3552 FLEXnet Licensing Service - ok
19:30:03.0324 3552 [ 1C3FB052A0BB72EDAED90785C34D6EED ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
19:30:03.0340 3552 FLEXnet Licensing Service 64 - ok
19:30:03.0371 3552 [ 230923EA2B80F79B0F88D90F87B87EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
19:30:03.0371 3552 flpydisk - ok
19:30:03.0371 3552 [ 7DACF1A3A4219575070C6DC7C957428A ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:30:03.0386 3552 FltMgr - ok
19:30:03.0433 3552 [ 73D0F1D32EDAE3DCC4E84468BF910ADD ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:30:03.0433 3552 FontCache3.0.0.0 - ok
19:30:03.0464 3552 [ 29D99E860A1CA0A03C6A733FDD0DA703 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:30:03.0480 3552 Fs_Rec - ok
19:30:03.0527 3552 [ C8E416668D3DC2BE3D4FE4C79224997F ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
19:30:03.0527 3552 gagp30kx - ok
19:30:03.0558 3552 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:30:03.0558 3552 GEARAspiWDM - ok
19:30:03.0589 3552 [ 9E5B254D58232EC8921EC3C5A94C81ED ] gpsvc C:\Windows\System32\gpsvc.dll
19:30:03.0589 3552 gpsvc - ok
19:30:03.0636 3552 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
19:30:03.0636 3552 gusvc - ok
19:30:03.0683 3552 [ 5171235F3727D5B65F356DDE6433D357 ] HCW85BDA C:\Windows\system32\drivers\HCW85BDA.sys
19:30:03.0698 3552 HCW85BDA - ok
19:30:03.0714 3552 [ 0C0D0F8A3FF09ECC81963D09EC6A0A84 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
19:30:03.0714 3552 HDAudBus - ok
19:30:03.0745 3552 [ B4881C84A180E75B8C25DC1D726C375F ] HidBth C:\Windows\system32\drivers\hidbth.sys
19:30:03.0745 3552 HidBth - ok
19:30:03.0776 3552 [ 5F47839455D01FF6403B008D481A6F5B ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
19:30:03.0776 3552 HidIr - ok
19:30:03.0776 3552 [ 0AA154538544E988429DA2D5AA803A6C ] hidserv C:\Windows\system32\hidserv.dll
19:30:03.0792 3552 hidserv - ok
19:30:03.0792 3552 [ 128E2DA8483FDD4DD0C7B3F9ABD6F323 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
19:30:03.0792 3552 HidUsb - ok
19:30:03.0808 3552 [ B12F367EA39C0795FD57E31242CE1A5A ] hkmsvc C:\Windows\system32\kmsvc.dll
19:30:03.0808 3552 hkmsvc - ok
19:30:03.0870 3552 [ CB383AB0B8BA871D893B86D3C9A3ED9F ] HP Health Check Service c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
19:30:03.0870 3552 HP Health Check Service - ok
19:30:03.0964 3552 [ DEB82AF183F1CD06813D91ED104C645C ] HPBtnSrv c:\hp\HPEZBTN\HPBtnSrv.exe
19:30:03.0964 3552 HPBtnSrv - ok
19:30:04.0010 3552 [ D7109A1E6BD2DFDBCBA72A6BC626A13B ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
19:30:04.0010 3552 HpCISSs - ok
19:30:04.0010 3552 HTCAND64 - ok
19:30:04.0057 3552 [ E690736DA6C543F5D99C8FA27BEA31DB ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:30:04.0057 3552 HTTP - ok
19:30:04.0073 3552 [ DA94C854CEA5FAC549D4E1F6E88349E8 ] i2omp C:\Windows\system32\drivers\i2omp.sys
19:30:04.0073 3552 i2omp - ok
19:30:04.0104 3552 [ CBB597659A2713CE0C9CC20C88C7591F ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
19:30:04.0104 3552 i8042prt - ok
19:30:04.0151 3552 [ 204A73A56751C68C6031E9D5D611EC98 ] IAANTMON C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaantmon.exe
19:30:04.0151 3552 IAANTMON - ok
19:30:04.0198 3552 [ CEB53BB804B41C52AB0782505C8E2994 ] iaStor C:\Windows\system32\drivers\iastor.sys
19:30:04.0198 3552 iaStor - ok
19:30:04.0213 3552 [ 3E3BF3627D886736D0B4E90054F929F6 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
19:30:04.0213 3552 iaStorV - ok
19:30:04.0260 3552 [ 76EA63CDB2D88DAE7209691D089BEF1D ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:30:04.0276 3552 idsvc - ok
19:30:04.0276 3552 [ 8C3951AD2FE886EF76C7B5027C3125D3 ] iirsp C:\Windows\system32\drivers\iirsp.sys
19:30:04.0291 3552 iirsp - ok
19:30:04.0307 3552 [ 3A3B232140C33376E134E7B61A0EAA44 ] IKEEXT C:\Windows\System32\ikeext.dll
19:30:04.0307 3552 IKEEXT - ok
19:30:04.0354 3552 [ 2C62599E693372A9221C262B8040E3AC ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
19:30:04.0369 3552 IntcAzAudAddService - ok
19:30:04.0463 3552 [ DF797A12176F11B2D301C5B234BB200E ] intelide C:\Windows\system32\drivers\intelide.sys
19:30:04.0463 3552 intelide - ok
19:30:04.0478 3552 [ BFD84AF32FA1BAD6231C4585CB469630 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
19:30:04.0478 3552 intelppm - ok
19:30:04.0510 3552 [ 5624BC1BC5EEB49C0AB76A8114F05EA3 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:30:04.0525 3552 IPBusEnum - ok
19:30:04.0541 3552 [ 99B821F5BEBD6A3CC3FE564F802AE0FD ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:30:04.0541 3552 IpFilterDriver - ok
19:30:04.0588 3552 [ 3A0427F35E7F8C16BBC5B1BE32B8DE76 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
19:30:04.0588 3552 iphlpsvc - ok
19:30:04.0603 3552 IpInIp - ok
19:30:04.0619 3552 [ 9C2EE2E6E5A7203BFAE15C299475EC67 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
19:30:04.0619 3552 IPMIDRV - ok
19:30:04.0650 3552 [ B7E6212F581EA5F6AB0C3A6CEEEB89BE ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
19:30:04.0650 3552 IPNAT - ok
19:30:04.0728 3552 [ A9AB99EE7D39725EAFEC82732D2B3271 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
19:30:04.0744 3552 iPod Service - ok
19:30:04.0775 3552 [ 8C42CA155343A2F11D29FECA67FAA88D ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:30:04.0790 3552 IRENUM - ok
19:30:04.0806 3552 [ 0672BFCEDC6FC468A2B0500D81437F4F ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:30:04.0806 3552 isapnp - ok
19:30:04.0837 3552 [ 49E4CCBF74783FCE5D2CC1FF6480E1F4 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
19:30:04.0837 3552 iScsiPrt - ok
19:30:04.0853 3552 [ 63C766CDC609FF8206CB447A65ABBA4A ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
19:30:04.0853 3552 iteatapi - ok
19:30:04.0884 3552 [ 1281FE73B17664631D12F643CBEA3F59 ] iteraid C:\Windows\system32\drivers\iteraid.sys
19:30:04.0884 3552 iteraid - ok
19:30:04.0900 3552 [ 423696F3BA6472DD17699209B933BC26 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
19:30:04.0900 3552 kbdclass - ok
19:30:04.0915 3552 [ BF8783A5066CFECF45095459E8010FA7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
19:30:04.0915 3552 kbdhid - ok
19:30:04.0962 3552 [ 80F4593E92FF960E4763380D3168E498 ] KeyIso C:\Windows\system32\lsass.exe
19:30:04.0962 3552 KeyIso - ok
19:30:05.0149 3552 [ CCDCCE6224E1E207E953AF826B98A9D9 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:30:05.0149 3552 KSecDD - ok
19:30:05.0165 3552 [ 1D419CF43DB29396ECD7113D129D94EB ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
19:30:05.0165 3552 ksthunk - ok
19:30:05.0321 3552 [ 1FAF6926F3416D3DA05C5B265491BDAE ] KtmRm C:\Windows\system32\msdtckrm.dll
19:30:05.0321 3552 KtmRm - ok
19:30:05.0399 3552 [ 3F27C9CDAE606D74431E3AB39571A7F3 ] LanmanServer C:\Windows\system32\srvsvc.dll
19:30:05.0399 3552 LanmanServer - ok
19:30:05.0430 3552 [ 6E25FFC6FEAD6544C6E9F1D23329570C ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:30:05.0430 3552 LanmanWorkstation - ok
19:30:05.0461 3552 [ C215E09622118383B236DD56C2065183 ] LightScribeService c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
19:30:05.0461 3552 LightScribeService - ok
19:30:05.0461 3552 [ 96ECE2659B6654C10A0C310AE3A6D02C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:30:05.0477 3552 lltdio - ok
19:30:05.0524 3552 [ 961CCBD0B1CCB5675D64976FAE37D092 ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:30:05.0524 3552 lltdsvc - ok
19:30:05.0555 3552 [ A47F8080CACC23C91FE823AD19AA5612 ] lmhosts C:\Windows\System32\lmhsvc.dll
19:30:05.0555 3552 lmhosts - ok
19:30:05.0570 3552 [ ACBE1AF32D3123E330A07BFBC5EC4A9B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
19:30:05.0570 3552 LSI_FC - ok
19:30:05.0586 3552 [ 799FFB2FC4729FA46D2157C0065B3525 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
19:30:05.0586 3552 LSI_SAS - ok
19:30:05.0617 3552 [ F445FF1DAAD8A226366BFAF42551226B ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
19:30:05.0617 3552 LSI_SCSI - ok
19:30:05.0648 3552 [ 52F87B9CC8932C2A7375C3B2A9BE5E3E ] luafv C:\Windows\system32\drivers\luafv.sys
19:30:05.0648 3552 luafv - ok
19:30:05.0789 3552 [ 0C4BC1D7DB00896EE53862FCF29E6B5C ] lxdwCATSCustConnectService C:\Windows\system32\spool\DRIVERS\x64\3\\lxdwserv.exe
19:30:05.0789 3552 lxdwCATSCustConnectService - ok
19:30:05.0789 3552 lxdw_device - ok
19:30:05.0851 3552 [ 76A58DF02BD4EA29F189B82D0BEF17F8 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
19:30:05.0851 3552 Mcx2Svc - ok
19:30:05.0867 3552 [ E4F44EC214B3E381E1FC844A02926666 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys
19:30:05.0867 3552 mdmxsdk - ok
19:30:05.0882 3552 [ 5C5CD6AACED32FB26C3FB34B3DCF972F ] megasas C:\Windows\system32\drivers\megasas.sys
19:30:05.0882 3552 megasas - ok
19:30:05.0898 3552 [ 859BC2436B076C77C159ED694ACFE8F8 ] MegaSR C:\Windows\system32\drivers\megasr.sys
19:30:05.0914 3552 MegaSR - ok
19:30:05.0960 3552 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] MMCSS C:\Windows\system32\mmcss.dll
19:30:05.0960 3552 MMCSS - ok
19:30:06.0007 3552 [ 59848D5CC74606F0EE7557983BB73C2E ] Modem C:\Windows\system32\drivers\modem.sys
19:30:06.0007 3552 Modem - ok
19:30:06.0038 3552 [ C247CC2A57E0A0C8C6DCCF7807B3E9E5 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:30:06.0038 3552 monitor - ok
19:30:06.0038 3552 [ 9367304E5E412B120CF5F4EA14E4E4F1 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
19:30:06.0038 3552 mouclass - ok
19:30:06.0070 3552 [ C2C2BD5C5CE5AAF786DDD74B75D2AC69 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:30:06.0070 3552 mouhid - ok
19:30:06.0070 3552 [ 11BC9B1E8801B01F7F6ADB9EAD30019B ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
19:30:06.0070 3552 MountMgr - ok
19:30:06.0085 3552 [ F8276EB8698142884498A528DFEA8478 ] mpio C:\Windows\system32\drivers\mpio.sys
19:30:06.0085 3552 mpio - ok
19:30:06.0101 3552 [ C92B9ABDB65A5991E00C28F13491DBA2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:30:06.0101 3552 mpsdrv - ok
19:30:06.0116 3552 [ 8A670648C755867A3AA38DA50BA569AA ] MpsSvc C:\Windows\system32\mpssvc.dll
19:30:06.0132 3552 MpsSvc - ok
19:30:06.0148 3552 [ 3C200630A89EF2C0864D515B7A75802E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
19:30:06.0148 3552 Mraid35x - ok
19:30:06.0179 3552 [ FE2706C15F8345C342820E4E4583FEA0 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:30:06.0194 3552 MRxDAV - ok
19:30:06.0257 3552 [ B698EB9ACC7ECD4927D99D268918F912 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:30:06.0257 3552 mrxsmb - ok
19:30:06.0304 3552 [ 9A797E27FD28500EE13D43000C931435 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:30:06.0428 3552 mrxsmb10 - ok
19:30:06.0444 3552 [ F9425D610712533107A264E2D5B2154B ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:30:06.0444 3552 mrxsmb20 - ok
19:30:06.0460 3552 [ 1AC860612B85D8E85EE257D372E39F4D ] msahci C:\Windows\system32\drivers\msahci.sys
19:30:06.0460 3552 msahci - ok
19:30:06.0475 3552 [ 264BBB4AAF312A485F0E44B65A6B7202 ] msdsm C:\Windows\system32\drivers\msdsm.sys
19:30:06.0491 3552 msdsm - ok
19:30:06.0522 3552 [ 7EC02CE772F068ED0BEAFA3DA341A9BC ] MSDTC C:\Windows\System32\msdtc.exe
19:30:06.0522 3552 MSDTC - ok
19:30:06.0538 3552 [ 704F59BFC4512D2BB0146AEC31B10A7C ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:30:06.0553 3552 Msfs - ok
19:30:06.0569 3552 [ 00EBC952961664780D43DCA157E79B27 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:30:06.0569 3552 msisadrv - ok
19:30:06.0584 3552 [ 366B0C1F4478B519C181E37D43DCDA32 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:30:06.0584 3552 MSiSCSI - ok
19:30:06.0584 3552 msiserver - ok
19:30:06.0694 3552 [ 0EA73E498F53B96D83DBFCA074AD4CF8 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:30:06.0694 3552 MSKSSRV - ok
19:30:06.0709 3552 [ 52E59B7E992A58E740AA63F57EDBAE8B ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:30:06.0709 3552 MSPCLOCK - ok
19:30:06.0725 3552 [ 49084A75BAE043AE02D5B44D02991BB2 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:30:06.0725 3552 MSPQM - ok
19:30:06.0740 3552 [ B8E32E6103FBBA9FBB1D0C11FF0D13B5 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:30:06.0756 3552 MsRPC - ok
19:30:06.0756 3552 [ 855796E59DF77EA93AF46F20155BF55B ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
19:30:06.0756 3552 mssmbios - ok
19:30:06.0772 3552 [ 86D632D75D05D5B7C7C043FA3564AE86 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:30:06.0772 3552 MSTEE - ok
19:30:06.0772 3552 [ DDF133501F68D6988A0F55DFA88637B4 ] Mup C:\Windows\system32\Drivers\mup.sys
19:30:06.0772 3552 Mup - ok
19:30:06.0865 3552 [ C25022CDD18980846973B598900915F8 ] napagent C:\Windows\system32\qagentRT.dll
19:30:06.0881 3552 napagent - ok
19:30:06.0943 3552 [ 73B99C98FA3A2ED1566E02D6FE1913A5 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:30:06.0943 3552 NativeWifiP - ok
19:30:07.0084 3552 [ 2A2EE457AF36C5C9A6808C768BD3A12B ] NDIS C:\Windows\system32\drivers\ndis.sys
19:30:07.0099 3552 NDIS - ok
19:30:07.0099 3552 [ 64DF698A425478E321981431AC171334 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:30:07.0099 3552 NdisTapi - ok
19:30:07.0146 3552 [ 8BAA43196D7B5BB972C9A6B2BBF61A19 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:30:07.0146 3552 Ndisuio - ok
19:30:07.0177 3552 [ 52E3E8E35101399BE9B2938C992AA087 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:30:07.0177 3552 NdisWan - ok
19:30:07.0193 3552 [ 9CB77ED7CB72850253E973A2D6AFDF49 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:30:07.0193 3552 NDProxy - ok
19:30:07.0193 3552 [ A499294F5029A7862ADC115BDA7371CE ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:30:07.0208 3552 NetBIOS - ok
19:30:07.0224 3552 [ 7A29CA243A629230799754162D80120F ] netbt C:\Windows\system32\DRIVERS\netbt.sys
19:30:07.0224 3552 netbt - ok
19:30:07.0240 3552 [ 80F4593E92FF960E4763380D3168E498 ] Netlogon C:\Windows\system32\lsass.exe
19:30:07.0240 3552 Netlogon - ok
19:30:07.0255 3552 [ 9B63B29DEFC0F3115A559D2597BF5D75 ] Netman C:\Windows\System32\netman.dll
19:30:07.0271 3552 Netman - ok
19:30:07.0286 3552 [ 7846D0136CC2B264926A73047BA7688A ] netprofm C:\Windows\System32\netprofm.dll
19:30:07.0286 3552 netprofm - ok
19:30:07.0349 3552 [ 6D323D55DBE94CB408FC657DCE8C7A3C ] netr28x C:\Windows\system32\DRIVERS\netr28x.sys
19:30:07.0349 3552 netr28x - ok
19:30:07.0380 3552 [ B84613B469B98E09F50A748C1D02E132 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:30:07.0380 3552 NetTcpPortSharing - ok
19:30:07.0380 3552 [ 4AC08BD6AF2DF42E0C3196D826C8AEA7 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
19:30:07.0396 3552 nfrd960 - ok
19:30:07.0396 3552 [ F145BF4C4668E7E312069F81EF847CFC ] NlaSvc C:\Windows\System32\nlasvc.dll
19:30:07.0411 3552 NlaSvc - ok
19:30:07.0411 3552 [ B06154E2A2C91E9BE5599FCA53BC4CD0 ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:30:07.0411 3552 Npfs - ok
19:30:07.0411 3552 [ ACB62BAA1C319B17752553DF3026EEEB ] nsi C:\Windows\system32\nsisvc.dll
19:30:07.0411 3552 nsi - ok
19:30:07.0427 3552 [ 1523AF19EE8B030BA682F7A53537EAEB ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:30:07.0427 3552 nsiproxy - ok
19:30:07.0474 3552 [ FE86BA5AC3B50E2CA911E9C60C07B638 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:30:07.0505 3552 Ntfs - ok
19:30:07.0505 3552 [ DD5D684975352B85B52E3FD5347C20CB ] Null C:\Windows\system32\drivers\Null.sys
19:30:07.0505 3552 Null - ok
19:30:07.0832 3552 [ E280AA1750074DADE61C93BB60E7F6B6 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
19:30:07.0910 3552 nvlddmkm - ok
19:30:07.0942 3552 [ 2C040B7ADA5B06F6FACADAC8514AA034 ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:30:07.0942 3552 nvraid - ok
19:30:07.0973 3552 [ F7EA0FE82842D05EDA3EFDD376DBFDBA ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:30:07.0973 3552 nvstor - ok
19:30:08.0020 3552 [ 14429AFFE34A6AE21D9570107BB852FE ] nvsvc C:\Windows\system32\nvvsvc.exe
19:30:08.0020 3552 nvsvc - ok
19:30:08.0035 3552 [ 19067CA93075EF4823E3938A686F532F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:30:08.0051 3552 nv_agp - ok
19:30:08.0051 3552 NwlnkFlt - ok
19:30:08.0051 3552 NwlnkFwd - ok
19:30:08.0113 3552 [ 1B30103FDE512915A9214B108B6E7A9C ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
19:30:08.0113 3552 ohci1394 - ok
19:30:08.0129 3552 [ 430F35C5592D253F43A26B4F5A523DBF ] p2pimsvc C:\Windows\system32\p2psvc.dll
19:30:08.0144 3552 p2pimsvc - ok
19:30:08.0176 3552 [ 430F35C5592D253F43A26B4F5A523DBF ] p2psvc C:\Windows\system32\p2psvc.dll
19:30:08.0176 3552 p2psvc - ok
19:30:08.0207 3552 [ AECD57F94C887F58919F307C35498EA0 ] Parport C:\Windows\system32\drivers\parport.sys
19:30:08.0207 3552 Parport - ok
19:30:08.0238 3552 [ 5AB40C36894F4C06BDAB0C9A2FBA282D ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:30:08.0238 3552 partmgr - ok
19:30:08.0269 3552 [ 9AB157B374192FF276C1628FBDBA2B0E ] PcaSvc C:\Windows\System32\pcasvc.dll
19:30:08.0269 3552 PcaSvc - ok
19:30:08.0269 3552 [ 2A5B2A51559066EA84742909B5B2CD69 ] pci C:\Windows\system32\drivers\pci.sys
19:30:08.0285 3552 pci - ok
19:30:08.0332 3552 [ 8D618C829034479985A9ED56106CC732 ] pciide C:\Windows\system32\drivers\pciide.sys
19:30:08.0332 3552 pciide - ok
19:30:08.0378 3552 [ 037661F3D7C507C9993B7010CEEE6288 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
19:30:08.0378 3552 pcmcia - ok
19:30:08.0472 3552 [ 58865916F53592A61549B04941BFD80D ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:30:08.0472 3552 PEAUTH - ok
19:30:08.0519 3552 [ 0ED8727EA0172860F47258456C06CAEA ] PerfHost C:\Windows\SysWow64\perfhost.exe
19:30:08.0534 3552 PerfHost - ok
19:30:08.0581 3552 [ E9E68C1A0F25CF4A7AC966EEA74EE89E ] pla C:\Windows\system32\pla.dll
19:30:08.0597 3552 pla - ok
19:30:08.0675 3552 [ 5AAA0C5534B05ED49919FCD9DBD11A5B ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:30:08.0690 3552 PlugPlay - ok
19:30:08.0706 3552 [ 430F35C5592D253F43A26B4F5A523DBF ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
19:30:08.0706 3552 PNRPAutoReg - ok
19:30:08.0722 3552 [ 430F35C5592D253F43A26B4F5A523DBF ] PNRPsvc C:\Windows\system32\p2psvc.dll
19:30:08.0722 3552 PNRPsvc - ok
19:30:08.0850 3552 [ EEF3688D5E9592CBBBED00DE71DDA1EF ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:30:08.0867 3552 PolicyAgent - ok
19:30:08.0892 3552 [ F5739F2C6DB2534C384AD5150808E8F5 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:30:08.0893 3552 PptpMiniport - ok
19:30:08.0910 3552 [ 5080E59ECEE0BC923F14018803AA7A01 ] Processor C:\Windows\system32\drivers\processr.sys
19:30:08.0911 3552 Processor - ok
19:30:08.0956 3552 [ B21FE10DAD3AB59E78DF7AA3FBF41E70 ] ProfSvc C:\Windows\system32\profsvc.dll
19:30:08.0960 3552 ProfSvc - ok
19:30:08.0970 3552 [ 80F4593E92FF960E4763380D3168E498 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:30:08.0972 3552 ProtectedStorage - ok
19:30:08.0994 3552 [ 1D0A3F565397D08707F3D75B88586645 ] Ps2 C:\Windows\system32\DRIVERS\PS2.sys
19:30:08.0996 3552 Ps2 - ok
19:30:09.0022 3552 [ 0E0E205A296095FE4C631E6A4775AD6C ] PSched C:\Windows\system32\DRIVERS\pacer.sys
19:30:09.0023 3552 PSched - ok
19:30:09.0045 3552 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
19:30:09.0046 3552 PxHlpa64 - ok
19:30:09.0079 3552 [ 0B83F4E681062F3839BE2EC1D98FD94A ] ql2300 C:\Windows\system32\drivers\ql2300.sys
19:30:09.0119 3552 ql2300 - ok
19:30:09.0130 3552 [ E1C80F8D4D1E39EF9595809C1369BF2A ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
19:30:09.0132 3552 ql40xx - ok
19:30:09.0150 3552 [ 90574842C3DA781E279061A3EFF91F07 ] QWAVE C:\Windows\system32\qwave.dll
19:30:09.0155 3552 QWAVE - ok
19:30:09.0169 3552 [ E8D76EDAB77EC9C634C27B8EAC33ADC5 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:30:09.0170 3552 QWAVEdrv - ok
19:30:09.0185 3552 [ 1013B3B663A56D3DDD784F581C1BD005 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:30:09.0186 3552 RasAcd - ok
19:30:09.0208 3552 [ B2AE18F847D07F0044404DDF7CB04497 ] RasAuto C:\Windows\System32\rasauto.dll
19:30:09.0211 3552 RasAuto - ok
19:30:09.0225 3552 [ 3B9085F91EF00ABD15A6F36570E90E12 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:30:09.0227 3552 Rasl2tp - ok
19:30:09.0242 3552 [ 2A63D46B01685FD4BE9778CA3C231C2D ] RasMan C:\Windows\System32\rasmans.dll
19:30:09.0248 3552 RasMan - ok
19:30:09.0264 3552 [ 2CE1703C27196094FB6E4C6E439F2C21 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:30:09.0265 3552 RasPppoe - ok
19:30:09.0276 3552 [ FCD04FA67E8B40FA0AD361DD38593942 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:30:09.0277 3552 RasSstp - ok
19:30:09.0322 3552 [ 33FA5B6136D92EE0F53F021C79091300 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:30:09.0347 3552 rdbss - ok
19:30:09.0364 3552 [ 603900CC05F6BE65CCBF373800AF3716 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:30:09.0365 3552 RDPCDD - ok
19:30:09.0459 3552 [ C045D1FB111C28DF0D1BE8D4BDA22C06 ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
19:30:09.0462 3552 rdpdr - ok
19:30:09.0467 3552 [ CAB9421DAF3D97B33D0D055858E2C3AB ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:30:09.0467 3552 RDPENCDD - ok
19:30:09.0498 3552 [ 7747082F672AA2846235C9CEA42E2E72 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:30:09.0500 3552 RDPWD - ok
19:30:09.0509 3552 [ C612B9557DA73F70D41F8A6FBC8E5344 ] RemoteAccess C:\Windows\System32\mprdim.dll
19:30:09.0512 3552 RemoteAccess - ok
19:30:09.0529 3552 [ 416C611369CBE49074B89CEE2F83ABEF ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:30:09.0533 3552 RemoteRegistry - ok
19:30:09.0542 3552 [ F46C457840D4B7A4DAAFEE739CE04102 ] RpcLocator C:\Windows\system32\locator.exe
19:30:09.0544 3552 RpcLocator - ok
19:30:09.0626 3552 [ 52CDADE8289FF21F1F2215FF51A5F36C ] RpcSs C:\Windows\system32\rpcss.dll
19:30:09.0633 3552 RpcSs - ok
19:30:09.0648 3552 [ 22A9CB08B1A6707C1550C6BF099AAE73 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:30:09.0650 3552 rspndr - ok
19:30:09.0691 3552 [ 82B66ABF055611024E5DBB9FA556C11D ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh64.sys
19:30:09.0693 3552 RTL8169 - ok
19:30:09.0697 3552 [ 80F4593E92FF960E4763380D3168E498 ] SamSs C:\Windows\system32\lsass.exe
19:30:09.0699 3552 SamSs - ok
19:30:09.0725 3552 [ CD9C693589C60AD59BBBCFB0E524E01B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
19:30:09.0727 3552 sbp2port - ok
19:30:09.0833 3552 [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
19:30:09.0833 3552 SBSDWSCService - ok
19:30:09.0864 3552 [ F024D560FEA06F8B56D673849EB89AE6 ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:30:09.0864 3552 SCardSvr - ok
19:30:09.0973 3552 [ CE75D26E0A1106129F4D156851E298ED ] Schedule C:\Windows\system32\schedsvc.dll
19:30:09.0989 3552 Schedule - ok
19:30:10.0020 3552 [ EDFFFC8B6AFB609BF33DBE0A900426B6 ] SCPolicySvc C:\Windows\System32\certprop.dll
19:30:10.0020 3552 SCPolicySvc - ok
19:30:10.0036 3552 [ 4FF71B076A7760FE75EA5AE2D0EE0018 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:30:10.0036 3552 SDRSVC - ok
19:30:10.0082 3552 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:30:10.0082 3552 secdrv - ok
19:30:10.0129 3552 [ 5ACDCBC67FCF894A1815B9F96D704490 ] seclogon C:\Windows\system32\seclogon.dll
19:30:10.0129 3552 seclogon - ok
19:30:10.0176 3552 [ 90973A64B96CD647FF81C79443618EED ] SENS C:\Windows\System32\sens.dll
19:30:10.0176 3552 SENS - ok
19:30:10.0192 3552 [ F71BFE7AC6C52273B7C82CBF1BB2A222 ] Serenum C:\Windows\system32\drivers\serenum.sys
19:30:10.0207 3552 Serenum - ok
19:30:10.0223 3552 [ E62FAC91EE288DB29A9696A9D279929C ] Serial C:\Windows\system32\drivers\serial.sys
19:30:10.0223 3552 Serial - ok
19:30:10.0394 3552 [ A842F04833684BCEEA7336211BE478DF ] sermouse C:\Windows\system32\drivers\sermouse.sys
19:30:10.0394 3552 sermouse - ok
19:30:10.0410 3552 [ A8E4A4407A09F35DCCC3771AF590B0C4 ] SessionEnv C:\Windows\system32\sessenv.dll
19:30:10.0410 3552 SessionEnv - ok
19:30:10.0441 3552 [ 14D4B4465193A87C127933978E8C4106 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
19:30:10.0441 3552 sffdisk - ok
19:30:10.0457 3552 [ 7073AEE3F82F3D598E3825962AA98AB2 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
19:30:10.0457 3552 sffp_mmc - ok
19:30:10.0472 3552 [ 35E59EBE4A01A0532ED67975161C7B82 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
19:30:10.0472 3552 sffp_sd - ok
19:30:10.0535 3552 [ 6B7838C94135768BD455CBDC23E39E5F ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
19:30:10.0535 3552 sfloppy - ok
19:30:10.0597 3552 [ 4C5AEE179DA7E1EE9A9CCB9DA289AF34 ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:30:10.0597 3552 SharedAccess - ok
19:30:10.0644 3552 [ 9235EC680D3DB17464B39C7C7DECB4DD ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:30:10.0660 3552 ShellHWDetection - ok
19:30:10.0675 3552 [ 7A5DE502AEB719D4594C6471060A78B3 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
19:30:10.0675 3552 SiSRaid2 - ok
19:30:10.0706 3552 [ 3A2F769FAB9582BC720E11EA1DFB184D ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
19:30:10.0706 3552 SiSRaid4 - ok
19:30:10.0769 3552 [ A301D2CEFB4747DFE0C24425DCBE0B78 ] slsvc C:\Windows\system32\SLsvc.exe
19:30:10.0784 3552 slsvc - ok
19:30:10.0816 3552 [ F5DDF7C0AF85EB72CB295171F8C3CB35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
19:30:10.0816 3552 SLUINotify - ok
19:30:10.0878 3552 [ 41EB2E8E005FEEDCAFCE301983EFF932 ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:30:10.0878 3552 Smb - ok
19:30:10.0894 3552 [ F8F47F38909823B1AF28D60B96340CFF ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:30:10.0909 3552 SNMPTRAP - ok
19:30:10.0909 3552 [ F9CB0672162F7F04248E2B82C1FF4617 ] spldr C:\Windows\system32\drivers\spldr.sys
19:30:10.0925 3552 spldr - ok
19:30:10.0972 3552 [ 92E6738D25C2123BE9515C0EAC0776CD ] Spooler C:\Windows\System32\spoolsv.exe
19:30:10.0972 3552 Spooler - ok
19:30:11.0018 3552 [ A8ABD7D0D907B45CF3831F4DD8644349 ] srv C:\Windows\system32\DRIVERS\srv.sys
19:30:11.0018 3552 srv - ok
19:30:11.0050 3552 [ 6C72EEA39E1C37B436A6D1532999F9EC ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:30:11.0050 3552 srv2 - ok
19:30:11.0096 3552 [ 7F69BCF9E6FA3D93C82EE6B87812666D ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:30:11.0096 3552 srvnet - ok
19:30:11.0128 3552 [ 192C74646EC5725AEF3F80D19FF75F6A ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:30:11.0128 3552 SSDPSRV - ok
19:30:11.0143 3552 [ 2EE3FA0308E6185BA64A9A7F2E74332B ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:30:11.0143 3552 SstpSvc - ok
19:30:11.0174 3552 [ F14F7D7D68A66777FB999D5D0F21138D ] stisvc C:\Windows\System32\wiaservc.dll
19:30:11.0174 3552 stisvc - ok
19:30:11.0190 3552 [ 8A851CA908B8B974F89C50D2E18D4F0C ] swenum C:\Windows\system32\DRIVERS\swenum.sys
19:30:11.0190 3552 swenum - ok
19:30:11.0206 3552 [ DA34D6EB4A3154C0BEBAEB0A2483EF3E ] swprv C:\Windows\System32\swprv.dll
19:30:11.0221 3552 swprv - ok
19:30:11.0237 3552 [ 2F26A2C6FC96B29BEFF5D8ED74E6625B ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
19:30:11.0237 3552 Symc8xx - ok
19:30:11.0252 3552 [ A909667976D3BCCD1DF813FED517D837 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
19:30:11.0252 3552 Sym_hi - ok
19:30:11.0284 3552 [ 36887B56EC2D98B9C362F6AE4DE5B7B0 ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
19:30:11.0284 3552 Sym_u3 - ok
19:30:11.0315 3552 [ BEA0D5521ED21DF8F6FFEED86DAEDE7B ] SysMain C:\Windows\system32\sysmain.dll
19:30:11.0330 3552 SysMain - ok
19:30:11.0346 3552 [ 005CE42567F9113A3BCCB3B20073B029 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:30:11.0346 3552 TabletInputService - ok
19:30:11.0362 3552 [ 52091001CAF20AE84CF47023EE21B4BB ] TapiSrv C:\Windows\System32\tapisrv.dll
19:30:11.0377 3552 TapiSrv - ok
19:30:11.0377 3552 [ CDBE8D7C1E201B911CDC346D06617FB5 ] TBS C:\Windows\System32\tbssvc.dll
19:30:11.0377 3552 TBS - ok
19:30:11.0424 3552 [ 7D86275FB640011B372FD566C0EAFA8D ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:30:11.0440 3552 Tcpip - ok
19:30:11.0471 3552 [ 7D86275FB640011B372FD566C0EAFA8D ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
19:30:11.0486 3552 Tcpip6 - ok
19:30:11.0533 3552 [ C29D4B3B08AD0B7E8564814E4FF6A57B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:30:11.0533 3552 tcpipreg - ok
19:30:11.0549 3552 [ 1D8BF4AAA5FB7A2761475781DC1195BC ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:30:11.0549 3552 TDPIPE - ok
19:30:11.0580 3552 [ 7F7E00CDF609DF657F4CDA02DD1C9BB1 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:30:11.0580 3552 TDTCP - ok
19:30:11.0580 3552 [ 8C39C72E0E853DE04748C0337D9B9216 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:30:11.0580 3552 tdx - ok
19:30:11.0596 3552 [ 3F0EBF6EE609F2A276C0D5FAF244EC90 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
19:30:11.0596 3552 TermDD - ok
19:30:11.0611 3552 [ F870A5589D6A94B426EFB13689023946 ] TermService C:\Windows\System32\termsrv.dll
19:30:11.0627 3552 TermService - ok
19:30:11.0642 3552 [ 9235EC680D3DB17464B39C7C7DECB4DD ] Themes C:\Windows\system32\shsvcs.dll
19:30:11.0658 3552 Themes - ok
19:30:11.0658 3552 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] THREADORDER C:\Windows\system32\mmcss.dll
19:30:11.0658 3552 THREADORDER - ok
19:30:11.0658 3552 [ F4689F05AF472A651A7B1B7B02D200E7 ] TrkWks C:\Windows\System32\trkwks.dll
19:30:11.0674 3552 TrkWks - ok
19:30:11.0736 3552 [ AC6FF1DF22ED90BAD6417EE5A4C6E2F0 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:30:11.0736 3552 TrustedInstaller - ok
19:30:11.0752 3552 [ 9E5409CD17C8BEF193AAD498F3BC2CB8 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:30:11.0752 3552 tssecsrv - ok
19:30:11.0783 3552 [ 89EC74A9E602D16A75A4170511029B3C ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
19:30:11.0783 3552 tunmp - ok
19:30:11.0830 3552 [ 2DC2C423572946E9A3131425BDA73CB6 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:30:11.0830 3552 tunnel - ok
19:30:11.0845 3552 [ FEC266EF401966311744BD0F359F7F56 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
19:30:11.0845 3552 uagp35 - ok
19:30:11.0861 3552 [ ECA6629E33F122AFFF18A2AB7C3EB033 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:30:11.0876 3552 udfs - ok
19:30:11.0876 3552 [ 060507C4113391394478F6953A79EEDC ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:30:11.0876 3552 UI0Detect - ok
19:30:11.0908 3552 [ 4EC9447AC3AB462647F60E547208CA00 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:30:11.0908 3552 uliagpkx - ok
19:30:11.0923 3552 [ 697F0446134CDC8F99E69306184FBBB4 ] uliahci C:\Windows\system32\drivers\uliahci.sys
19:30:11.0939 3552 uliahci - ok
19:30:11.0954 3552 [ 31707F09846056651EA2C37858F5DDB0 ] UlSata C:\Windows\system32\drivers\ulsata.sys
19:30:11.0954 3552 UlSata - ok
19:30:11.0986 3552 [ 85E5E43ED5B48C8376281BAB519271B7 ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
19:30:11.0986 3552 ulsata2 - ok
19:30:12.0001 3552 [ 46E9A994C4FED537DD951F60B86AD3F4 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
19:30:12.0001 3552 umbus - ok
19:30:12.0017 3552 [ 7093799FF80E9DECA0680D2E3535BE60 ] upnphost C:\Windows\System32\upnphost.dll
19:30:12.0017 3552 upnphost - ok
19:30:12.0048 3552 [ 07E3498FC60834219D2356293DA0FECC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
19:30:12.0048 3552 usbccgp - ok
19:30:12.0064 3552 [ 8C39D53E1A343F4C47EE8F3C052126D8 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
19:30:12.0064 3552 usbcir - ok
19:30:12.0079 3552 [ DA6D8D8ED0A53C63AC6F4BD40FE83FBE ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
19:30:12.0079 3552 usbehci - ok
19:30:12.0095 3552 [ 99045369AE3216216573D0775FD7ED56 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
19:30:12.0110 3552 usbhub - ok
19:30:12.0110 3552 [ EBA14EF0C07CEC233F1529C698D0D154 ] usbohci C:\Windows\system32\drivers\usbohci.sys
19:30:12.0126 3552 usbohci - ok
19:30:12.0173 3552 [ 28B693B6D31E7B9332C1BDCEFEF228C1 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
19:30:12.0173 3552 usbprint - ok
19:30:12.0220 3552 [ EA0BF666868964FBE8CB10E50C97B9F1 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
19:30:12.0220 3552 usbscan - ok
19:30:12.0282 3552 [ 586D9876A4945779C8EEA926C0D16889 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:30:12.0282 3552 USBSTOR - ok
19:30:12.0298 3552 [ B2872CBF9F47316ABD0E0C74A1ABA507 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
19:30:12.0298 3552 usbuhci - ok
19:30:12.0313 3552 [ 9190F03C82547AFA87367F1CECA88F3B ] UxSms C:\Windows\System32\uxsms.dll
19:30:12.0313 3552 UxSms - ok
19:30:12.0329 3552 [ C15A4A550CBA7B9F1F68B72528E04CE1 ] vds C:\Windows\System32\vds.exe
19:30:12.0344 3552 vds - ok
19:30:12.0360 3552 [ 916B94BCF1E09873FFF2D5FB11767BBC ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:30:12.0360 3552 vga - ok
19:30:12.0376 3552 [ B83AB16B51FEDA65DD81B8C59D114D63 ] VgaSave C:\Windows\System32\drivers\vga.sys
19:30:12.0376 3552 VgaSave - ok
19:30:12.0391 3552 [ 8294B6C3FDB6C33F24E150DE647ECDAA ] viaide C:\Windows\system32\drivers\viaide.sys
19:30:12.0391 3552 viaide - ok
19:30:12.0422 3552 [ 793D9B32A1C462C91F6F70358283AC97 ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:30:12.0422 3552 volmgr - ok
19:30:12.0438 3552 [ 5AA217DA5DC4FF5B9AC9AB86563B3223 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:30:12.0438 3552 volmgrx - ok
19:30:12.0485 3552 [ DE4307412D98050239026E56A7DFF3C0 ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:30:12.0485 3552 volsnap - ok
19:30:12.0516 3552 [ A68F455ED2673835209318DD61BFBB0E ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
19:30:12.0516 3552 vsmraid - ok
19:30:12.0641 3552 [ 186BD53F8A408AD20F5A056C05678629 ] VSS C:\Windows\system32\vssvc.exe
19:30:12.0656 3552 VSS - ok
19:30:12.0688 3552 [ BA29F34A61CB55C0DEE29E787542EDF4 ] W32Time C:\Windows\system32\w32time.dll
19:30:12.0734 3552 W32Time - ok
19:30:12.0781 3552 [ FEF8FE5923FEAD2CEE4DFABFCE3393A7 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
19:30:12.0781 3552 WacomPen - ok
19:30:12.0875 3552 [ D70A492306861004A0DB1024CE634837 ] wampapache c:\wamp\bin\apache\apache2.2.17\bin\httpd.exe
19:30:12.0875 3552 wampapache - ok
19:30:12.0937 3552 wampmysqld - ok
19:30:12.0984 3552 [ AEA75207E443C8623C36B8D03596F84F ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
19:30:12.0984 3552 Wanarp - ok
19:30:12.0984 3552 [ AEA75207E443C8623C36B8D03596F84F ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:30:12.0984 3552 Wanarpv6 - ok
19:30:13.0000 3552 [ 055449247C490E24B968B44FE8A969EB ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:30:13.0015 3552 wcncsvc - ok
19:30:13.0046 3552 [ EA4B369560E986F19D93F45A881484AC ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:30:13.0062 3552 WcsPlugInService - ok
19:30:13.0093 3552 [ 0C17A0816F65B89E362E682AD5E7266E ] Wd C:\Windows\system32\drivers\wd.sys
19:30:13.0093 3552 Wd - ok
19:30:13.0093 3552 [ D02E7E4567DA1E7582FBF6A91144B0DF ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:30:13.0109 3552 Wdf01000 - ok
19:30:13.0171 3552 [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:30:13.0171 3552 WdiServiceHost - ok
19:30:13.0171 3552 [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:30:13.0187 3552 WdiSystemHost - ok
19:30:13.0187 3552 [ 3D4AB55F8178FD0CD3CA45CD0EC9CF5B ] WebClient C:\Windows\System32\webclnt.dll
19:30:13.0202 3552 WebClient - ok
19:30:13.0234 3552 [ 8D40BC587993F876658BF9FB0F7D3462 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:30:13.0234 3552 Wecsvc - ok
19:30:13.0249 3552 [ 9C980351D7E96288EA0C23AE232BD065 ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:30:13.0249 3552 wercplsupport - ok
19:30:13.0280 3552 [ FC25242B3BCAF7E84D9184082274AE08 ] WerSvc C:\Windows\System32\WerSvc.dll
19:30:13.0280 3552 WerSvc - ok
19:30:13.0296 3552 WinDefend - ok
19:30:13.0296 3552 WinHttpAutoProxySvc - ok
19:30:13.0468 3552 [ AC98F38FEAB066A8F983D54FF3F4FD4C ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:30:13.0468 3552 Winmgmt - ok
19:30:13.0514 3552 [ 6CBB0C68F13B9C2EC1B16F5FA5E7C869 ] WinRM C:\Windows\system32\WsmSvc.dll
19:30:13.0624 3552 WinRM - ok
19:30:13.0764 3552 [ 2215B7B794B3B7E5CC9FC423E985E2AA ] WinUSB C:\Windows\system32\DRIVERS\WinUSB.sys
19:30:13.0764 3552 WinUSB - ok
19:30:13.0967 3552 [ 0A69955261C1B54206ADC9BEB89517DE ] Wlansvc C:\Windows\System32\wlansvc.dll
19:30:13.0982 3552 Wlansvc - ok
19:30:13.0998 3552 [ E18AEBAAA5A773FE11AA2C70F65320F5 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
19:30:13.0998 3552 WmiAcpi - ok
19:30:14.0014 3552 [ D303322DD577C3DEDA1251ED2E7A496C ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:30:14.0014 3552 wmiApSrv - ok
19:30:14.0029 3552 WMPNetworkSvc - ok
19:30:14.0045 3552 [ CBC156C913F099E6680D1DF9307DB7A8 ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:30:14.0060 3552 WPCSvc - ok
19:30:14.0060 3552 [ A27C8F92D84E2DDC151978E4692C978E ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:30:14.0060 3552 WPDBusEnum - ok
19:30:14.0232 3552 [ 991E2C2CF3BC204C2BB2EE1476149E4E ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
19:30:14.0279 3552 WPFFontCache_v0400 - ok
19:30:14.0341 3552 [ 8A900348370E359B6BFF6A550E4649E1 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:30:14.0341 3552 ws2ifsl - ok
19:30:14.0435 3552 [ CB8EA6D95949384925CCFCA21CC6DFD8 ] wscsvc C:\Windows\System32\wscsvc.dll
19:30:14.0450 3552 wscsvc - ok
19:30:14.0450 3552 WSearch - ok
19:30:14.0575 3552 [ FB3796754FE00F0BDC87A36F164A5F4D ] wuauserv C:\Windows\system32\wuaueng.dll
19:30:14.0638 3552 wuauserv - ok
19:30:14.0669 3552 [ 501A65252617B495C0F1832F908D54D8 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:30:14.0669 3552 WUDFRd - ok
19:30:14.0684 3552 [ 6CBD51FF913C851D56ED9DC7F2A27DDE ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:30:14.0700 3552 wudfsvc - ok
19:30:14.0716 3552 [ F22E443518BC599D12888DAF292A56D8 ] XAudio C:\Windows\system32\DRIVERS\xaudio64.sys
19:30:14.0716 3552 XAudio - ok
19:30:14.0747 3552 [ 963C27034BBA4AC52A13F7A3C657C708 ] XAudioService C:\Windows\system32\DRIVERS\xaudio64.exe
19:30:14.0747 3552 XAudioService - ok
19:30:14.0778 3552 ================ Scan global ===============================
19:30:14.0794 3552 [ 060DC3A7A9A2626031EB23D90151428D ] C:\Windows\system32\basesrv.dll
19:30:14.0840 3552 [ 2D94E4CE322F12061D3FA7DBE65E9AC5 ] C:\Windows\system32\winsrv.dll
19:30:14.0856 3552 [ 2D94E4CE322F12061D3FA7DBE65E9AC5 ] C:\Windows\system32\winsrv.dll
19:30:14.0918 3552 [ DFAC660F0F139276CC9299812DE42719 ] C:\Windows\system32\services.exe
19:30:14.0918 3552 [Global] - ok
19:30:14.0918 3552 ================ Scan MBR ==================================
19:30:14.0934 3552 [ 81CD5EC01DB0CE57EDD853F82462EF27 ] \Device\Harddisk0\DR0
19:30:15.0386 3552 \Device\Harddisk0\DR0 - ok
19:30:15.0402 3552 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
19:30:15.0418 3552 \Device\Harddisk1\DR1 - ok
19:30:15.0418 3552 ================ Scan VBR ==================================
19:30:15.0464 3552 [ 73E41A4BB20CA91EBE7BA93B8BB1F644 ] \Device\Harddisk0\DR0\Partition1
19:30:15.0464 3552 \Device\Harddisk0\DR0\Partition1 - ok
19:30:15.0464 3552 [ 6866367F1759C887C7E9840DAB249E59 ] \Device\Harddisk0\DR0\Partition2
19:30:15.0480 3552 \Device\Harddisk0\DR0\Partition2 - ok
19:30:15.0480 3552 [ 181EFC0222B36B24131684E8F807451D ] \Device\Harddisk1\DR1\Partition1
19:30:15.0480 3552 \Device\Harddisk1\DR1\Partition1 - ok
19:30:15.0480 3552 ============================================================
19:30:15.0480 3552 Scan finished
19:30:15.0480 3552 ============================================================
19:30:15.0496 4564 Detected object count: 0
19:30:15.0496 4564 Actual detected object count: 0

#4 wired1000

wired1000
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:11:55 PM

Posted 02 October 2012 - 07:46 PM

Avast! Log


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-10-02 19:32:13
-----------------------------
19:32:13.761 OS Version: Windows x64 6.0.6001 Service Pack 1
19:32:13.761 Number of processors: 4 586 0xF0B
19:32:13.761 ComputerName: WIRED1000-PC UserName: wired1000
19:32:17.752 Initialize success
19:33:16.487 AVAST engine defs: 12100300
19:33:23.818 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
19:33:23.822 Disk 0 Vendor: WDC_WD10 50.0 Size: 953869MB BusType: 3
19:33:23.839 Disk 0 MBR read successfully
19:33:23.842 Disk 0 MBR scan
19:33:23.848 Disk 0 unknown MBR code
19:33:23.851 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 942272 MB offset 63
19:33:23.875 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 11595 MB offset 1929775104
19:33:23.937 Disk 0 scanning C:\Windows\system32\drivers
19:34:00.495 Service scanning
19:34:40.475 Modules scanning
19:34:40.475 Disk 0 trace - called modules:
19:34:40.490 ntoskrnl.exe CLASSPNP.SYS disk.sys iastor.sys hal.dll
19:34:40.506 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007fab790]
19:34:40.506 3 CLASSPNP.SYS[fffffa60011d1b3a] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8006158050]
19:34:47.034 AVAST engine scan C:\Windows
19:34:56.450 AVAST engine scan C:\Windows\system32
19:43:33.073 AVAST engine scan C:\Windows\system32\drivers
19:44:31.885 AVAST engine scan C:\Users\wired1000
19:45:09.391 Disk 0 MBR has been saved successfully to "C:\Users\wired1000\Downloads\MBR.dat"
19:45:09.391 The log file has been saved successfully to "C:\Users\wired1000\Downloads\aswMBR.txt"

#5 wired1000

wired1000
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:11:55 PM

Posted 02 October 2012 - 08:23 PM

ESET is still running... note that I have ESET antivirus on my computer and its scan didn't find anything. I disabled the installed ESET and Windows Defender in order to run the online ESET that you recommended. Will post the log when it's available.

#6 wired1000

wired1000
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:11:55 PM

Posted 03 October 2012 - 07:49 AM

C:\Users\wired1000\Downloads\Breaking Bad Season 5-Episode 8(xCrazy0328x)_secure.exe Win32/TopMedia.A application cleaned by deleting - quarantined


ESET found something. Thanks. What's next?

#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:55 AM

Posted 03 October 2012 - 09:36 AM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.

#8 wired1000

wired1000
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:11:55 PM

Posted 03 October 2012 - 09:38 AM

Thanks. Am at work now (on a different machine) but will follow these steps when I get home.

#9 wired1000

wired1000
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:11:55 PM

Posted 03 October 2012 - 09:42 PM

Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org

Database version: v2012.10.03.10

Windows Vista Service Pack 1 x64 NTFS
Internet Explorer 7.0.6001.18000
wired1000 :: WIRED1000-PC [administrator]

10/3/2012 4:48:15 PM
malwarebyteslog.txt

Scan type: Full scan (C:\|D:\|J:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 658677
Time elapsed: 1 hour(s), 54 minute(s), 33 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 2
HKCU\Software\Microsoft\Internet Explorer\New Windows\Allow|playbryte.com (PUP.PlayBryte) -> Data: -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform|playbrytetoolbar_Playbryte (PUP.PlayBryte) -> Data: -> No action taken.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 2
J:\cs4 install\Adobe CS4 Master Collection Keygen.exe (Trojan.Agent.CK) -> No action taken.
J:\Wired1002 Old\wired1002\RECYCLER\S-1-5-21-2446555566-3873337184-1932963867-1003\Dk7.MAC-EDGEISO\WOLFRAM.RESEARCH.MATHEMATICA.V6.0.WINDOWS.RETAIL.READ.NFO-EDGEISO\windows_keygen\keygen.exe (Malware.Packer.Krunchy) -> No action taken.

(end)

MiniToolBox by Farbar Version: 23-07-2012
Ran by wired1000 (administrator) on 03-10-2012 at 19:44:08
Microsoft® Windows Vista™ Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.no_proxies_on", "*.local"
"network.proxy.type", 0

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

::1 localhost

127.0.0.1 localhost
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com

There are 15275 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================

802.11n Wireless PCI Express Card LAN Adapter = Wireless Network Connection (Connected)
Realtek RTL8168C(P)/8111C(P) Family PCI-E Gigabit Ethernet NIC (NDIS 6.0) = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration

#10 wired1000

wired1000
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:11:55 PM

Posted 03 October 2012 - 09:45 PM

Farbar Service Scanner Version: 19-09-2012
Ran by wired1000 (administrator) on 03-10-2012 at 21:43:55
Running from "C:\Users\wired1000\Downloads"
Microsoft® Windows Vista™ Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcsvc.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll
[2010-10-02 16:32] - [2009-08-06 21:24] - 2424024 ____A (Microsoft Corporation) FB3796754FE00F0BDC87A36F164A5F4D

C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

#11 wired1000

wired1000
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:11:55 PM

Posted 03 October 2012 - 09:51 PM

# AdwCleaner v2.003 - Logfile created 10/03/2012 at 21:46:13
# Updated 23/09/2012 by Xplode
# Operating system : Windows ™ Vista Home Premium Service Pack 1 (64 bits)
# User : wired1000 - WIRED1000-PC
# Boot Mode : Normal
# Running from : C:\Users\wired1000\Downloads\adwcleaner (1).exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v7.0.6001.18000


-\\ Mozilla Firefox v3.6.13 (en-US)

Profile name : default
File : C:\Users\wired1000\AppData\Roaming\Mozilla\Firefox\Profiles\jibzqolu.default\prefs.js

[OK] File is clean.

Profile name : default
File : C:\Users\Not the Admin\AppData\Roaming\Mozilla\Firefox\Profiles\rhdf941c.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v22.0.1229.79

File : C:\Users\wired1000\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [2483 octets] - [02/10/2012 18:53:23]
AdwCleaner[S1].txt - [3193 octets] - [02/10/2012 18:54:01]
AdwCleaner[S2].txt - [1113 octets] - [03/10/2012 21:46:13]

########## EOF - C:\AdwCleaner[S2].txt - [1173 octets] ##########

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:55 AM

Posted 03 October 2012 - 10:15 PM

Run malwarebytes and post the clean log

Mini toolbox log is incomplete

Junkware log?

Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

Reinstall google chrome and let me know if it still redirects

#13 wired1000

wired1000
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:11:55 PM

Posted 03 October 2012 - 10:26 PM

Junkware Removal Tool (JRT) by Thisisu
Version: 1.2.3 (10.03.2012)
OS: Windows ™ Vista Home Premium x64
Ran by wired1000 on Wed 10/03/2012 at 22:03:47.74
Blog: http://thisisudax.blogspot.com
**************************************************************




*** Services: 0 Detections



*** Registry Values: 0 Detections



*** Registry Keys: 0 Detections



*** Files:

Failed to delete: [FILE-LOCKED!] C:\eula.1028.txt
Failed to delete: [FILE-LOCKED!] C:\eula.1031.txt
Failed to delete: [FILE-LOCKED!] C:\eula.1033.txt
Failed to delete: [FILE-LOCKED!] C:\eula.1036.txt
Failed to delete: [FILE-LOCKED!] C:\eula.1040.txt
Failed to delete: [FILE-LOCKED!] C:\eula.1041.txt
Failed to delete: [FILE-LOCKED!] C:\eula.1042.txt
Failed to delete: [FILE-LOCKED!] C:\eula.2052.txt
Failed to delete: [FILE-LOCKED!] C:\install.res.1028.dll
Failed to delete: [FILE-LOCKED!] C:\install.res.1031.dll
Failed to delete: [FILE-LOCKED!] C:\install.res.1033.dll
Failed to delete: [FILE-LOCKED!] C:\install.res.1036.dll
Failed to delete: [FILE-LOCKED!] C:\install.res.1040.dll
Failed to delete: [FILE-LOCKED!] C:\install.res.1041.dll
Failed to delete: [FILE-LOCKED!] C:\install.res.1042.dll
Failed to delete: [FILE-LOCKED!] C:\install.res.2052.dll
Failed to delete: [FILE-LOCKED!] C:\install.res.3082.dll



*** Folders: 0 Detections



*** FireFox detected and repaired



*** Event Viewer Logs - Cleared





**************************************************************
Scan was completed on Wed 10/03/2012 at 22:04:05.98
End of Report

Thanks, what's next?

#14 wired1000

wired1000
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:11:55 PM

Posted 03 October 2012 - 10:46 PM

Rkill 2.4.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 10/03/2012 10:45:09 PM in x64 mode.
Windows Version: Windows Vista ™ Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* Explorer Policy Removed: NoActiveDesktopChanges [HKLM]

Backup Registry file created at:
C:\Users\wired1000\Desktop\rkill\rkill-10-03-2012-10-45-13.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* Cannot edit the HOSTS file.
* Permissions Fixed. Administrators can now edit the HOSTS file.

* HOSTS file entries found:

127.0.0.1 localhost
::1 localhost
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com

20 out of 15296 HOSTS entries shown.
Please review HOSTS file for further entries.

Program finished at: 10/03/2012 10:45:26 PM
Execution time: 0 hours(s), 0 minute(s), and 16 seconds(s)

#15 wired1000

wired1000
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:11:55 PM

Posted 03 October 2012 - 10:57 PM

"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" ""
+ "rdpclip" "" "" "File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "boincmgr" "BOINC Manager for Windows" "Space Sciences Laboratory" "c:\program files\boinc\boincmgr.exe"
+ "boinctray" "BOINC System Tray for Windows" "Space Sciences Laboratory" "c:\program files\boinc\boinctray.exe"
+ "egui" "ESET GUI" "ESET" "c:\program files\eset\eset nod32 antivirus\egui.exe"
+ "HP Health Check Scheduler" "" "" "File not found: [ProgramFilesFolder]Hewlett-Packard\HP"
+ "IAAnotif" "Event Monitor User Notification Tool" "Intel Corporation" "c:\program files (x86)\intel\intel matrix storage manager\iaanotif.exe"
+ "lxdwamon" "" "" "c:\program files (x86)\lexmark 7600 series\lxdwamon.exe"
+ "lxdwmon.exe" "Printer Device Monitor" "" "c:\program files (x86)\lexmark 7600 series\lxdwmon.exe"
+ "NvCplDaemon" "NVIDIA Display Properties Extension" "NVIDIA Corporation" "c:\windows\system32\nvcpl.dll"
+ "NvMediaCenter" "NVIDIA Media Center Library" "NVIDIA Corporation" "c:\windows\system32\nvmctray.dll"
+ "RtHDVCpl" "HD Audio Control Panel" "Realtek Semiconductor" "c:\windows\ravcpl64.exe"
+ "Windows Defender" "Windows Defender User Interface" "Microsoft Corporation" "c:\program files\windows defender\msascui.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Acrobat Assistant 8.0" "AcroTray" "Adobe Systems Inc." "c:\program files (x86)\adobe\acrobat 9.0\acrobat\acrotray.exe"
+ "Adobe Acrobat Speed Launcher" "Adobe Acrobat SpeedLauncher" "Adobe Systems Incorporated" "c:\program files (x86)\adobe\acrobat 9.0\acrobat\acrobat_sl.exe"
+ "Adobe Reader Speed Launcher" "Adobe Acrobat SpeedLauncher" "Adobe Systems Incorporated" "c:\program files (x86)\adobe\reader 8.0\reader\reader_sl.exe"
+ "Adobe_ID0ENQBO" "Adobe Version Cue CS4" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\adobe version cue cs4\server\bin\versioncuecs4tray.exe"
+ "AdobeCS4ServiceManager" "Adobe CS4 Service Manager" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe"
+ "APSDaemon" "Apple Push" "Apple Inc." "c:\program files (x86)\common files\apple\apple application support\apsdaemon.exe"
+ "DivXUpdate" "DivX Update" "" "c:\program files (x86)\divx\divx update\divxupdate.exe"
+ "HP Software Update" "hpwuSchd Application" "Hewlett-Packard" "c:\program files (x86)\hp\hp software update\hpwuschd2.exe"
+ "hpsysdrv" "hpsysdrv" "Hewlett-Packard Company" "c:\hp\support\hpsysdrv.exe"
+ "iTunesHelper" "iTunesHelper" "Apple Inc." "c:\program files (x86)\itunes\ituneshelper.exe"
+ "KBD" "" "" "c:\hp\kbd\kbdstub.exe"
+ "QuickTime Task" "QuickTime Task" "Apple Inc." "c:\program files (x86)\quicktime\qttask.exe"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files (x86)\common files\java\java update\jusched.exe"
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "Microsoft Office.lnk" "Microsoft Office XP component" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office10\osa.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows Mail 7" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows Mail 7" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Google Update" "Google Installer" "Google Inc." "c:\users\wired1000\appdata\local\google\update\googleupdate.exe"
+ "SpybotSD TeaTimer" "System settings protector" "Safer-Networking Ltd." "c:\program files (x86)\spybot - search & destroy\teatimer.exe"
+ "uTorrent" "µTorrent" "BitTorrent, Inc." "c:\program files (x86)\utorrent\utorrent.exe"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "Adobe.Acrobat.ContextMenu" "Adobe Acrobat Context Menu" "Adobe Systems Inc." "c:\program files (x86)\adobe\acrobat 9.0\acrobat elements\contextmenu64.dll"
+ "ESET Smart Security - Context Menu Shell Extension" "Shell Extension" "ESET" "c:\program files\eset\eset nod32 antivirus\shellext.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\program files (x86)\7-zip\7-zip.dll"
+ "Adobe.Acrobat.ContextMenu" "Adobe Acrobat Context Menu" "Adobe Systems Inc." "c:\program files (x86)\adobe\acrobat 9.0\acrobat elements\contextmenu.dll"
+ "ESET Smart Security - Context Menu Shell Extension" "Shell Extension" "ESET" "c:\program files\eset\eset nod32 antivirus\x86\shellext.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "Adobe Drive CS4" "Adobe Drive Menu" "Adobe Systems Incorporated" "c:\program files\common files\adobe\adobe drive cs4\adfsmenu.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Wow6432Node\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "Adobe Drive CS4" "Adobe Drive Menu" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\adobe drive cs4\adfsmenu.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\program files (x86)\7-zip\7-zip.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\program files (x86)\7-zip\7-zip.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Adobe Drive CS4" "Adobe Drive Menu" "Adobe Systems Incorporated" "c:\program files\common files\adobe\adobe drive cs4\adfsmenu.dll"
+ "NvCplDesktopContext" "NVIDIA Display Properties Extension" "NVIDIA Corporation" "c:\windows\system32\nvcpl.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Adobe Drive CS4" "Adobe Drive Menu" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\adobe drive cs4\adfsmenu.dll"
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" "" "OpenOffice.org" "c:\program files (x86)\openoffice.org 3\basis\program\shlxthdl\shlxthdl_x64.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
+ "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" "" "OpenOffice.org" "c:\program files (x86)\openoffice.org 3\basis\program\shlxthdl\shlxthdl.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "Adobe.Acrobat.ContextMenu" "Adobe Acrobat Context Menu" "Adobe Systems Inc." "c:\program files (x86)\adobe\acrobat 9.0\acrobat elements\contextmenu64.dll"
+ "ESET Smart Security - Context Menu Shell Extension" "Shell Extension" "ESET" "c:\program files\eset\eset nod32 antivirus\shellext.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "Adobe.Acrobat.ContextMenu" "Adobe Acrobat Context Menu" "Adobe Systems Inc." "c:\program files (x86)\adobe\acrobat 9.0\acrobat elements\contextmenu.dll"
+ "ESET Smart Security - Context Menu Shell Extension" "Shell Extension" "ESET" "c:\program files\eset\eset nod32 antivirus\x86\shellext.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Conversion Toolbar Helper" "Adobe PDF Toolbar for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiefavclient.dll"
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "Adobe PDF Reader Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelper.dll"
+ "ContributeBHO Class" "Contribute IE Plugin" "Adobe Systems Incorporated." "c:\program files (x86)\adobe\/adobe contribute cs4/contributeieplugin.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files (x86)\java\jre6\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files (x86)\java\jre6\bin\ssv.dll"
+ "Lexmark Printable Web" "" "" "c:\program files\lexmark printable web\bho.dll"
+ "SmartSelect Class" "Adobe PDF Toolbar for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiefavclient.dll"
+ "Spybot-S&D IE Protection" "SBSD IE Protection" "Safer Networking Limited" "c:\program files (x86)\spybot - search & destroy\sdhelper.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "Adobe PDF" "Adobe PDF Toolbar for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiefavclient.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "Spybot - Search & Destroy Configuration" "SBSD IE Protection" "Safer Networking Limited" "c:\program files (x86)\spybot - search & destroy\sdhelper.dll"
"Task Scheduler" "" "" ""
+ "\Apple\AppleSoftwareUpdate" "Apple Software Update" "Apple Inc." "c:\program files (x86)\apple software update\softwareupdate.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-833776195-4070643696-854998637-1000Core" "Google Installer" "Google Inc." "c:\users\wired1000\appdata\local\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-833776195-4070643696-854998637-1000UA" "Google Installer" "Google Inc." "c:\users\wired1000\appdata\local\google\update\googleupdate.exe"
+ "\Installation App Launcher" "" "" "c:\program files (x86)\lexmark 7600 series\lxdwamon.exe"
+ "\Microsoft\Windows Defender\MP Scheduled Scan" "Windows Defender Command Line Utility" "Microsoft Corporation" "c:\program files\windows defender\mpcmdrun.exe"
+ "\Microsoft\Windows\WindowsCalendar\Reminders - wired1000" "Windows Calendar" "Microsoft Corporation" "c:\program files (x86)\windows calendar\wincal.exe"
+ "\Microsoft\Windows\Wired\GatherWiredInfo" "" "" "c:\windows\system32\gatherwiredinfo.vbs"
+ "\Microsoft\Windows\Wireless\GatherWirelessInfo" "" "" "c:\windows\system32\gatherwirelessinfo.vbs"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "Adobe Version Cue CS4" "Adobe Version Cue CS4" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\adobe version cue cs4\server\bin\versioncuecs4.exe"
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files (x86)\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "Bonjour Service" "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence." "Apple Inc." "c:\program files\bonjour\mdnsresponder.exe"
+ "ekrn" "ESET Service" "ESET" "c:\program files\eset\eset nod32 antivirus\x86\ekrn.exe"
+ "FLEXnet Licensing Service" "This service performs licensing functions on behalf of FLEXnet enabled products." "Acresso Software Inc." "c:\program files (x86)\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe"
+ "FLEXnet Licensing Service 64" "This service performs licensing functions on behalf of FLEXnet enabled products." "Acresso Software Inc." "c:\program files\common files\macrovision shared\flexnet publisher\fnplicensingservice64.exe"
+ "gusvc" "gusvc" "Google" "c:\program files (x86)\google\common\google updater\googleupdaterservice.exe"
+ "HP Health Check Service" "HP Health Check Service" "Hewlett-Packard" "c:\program files (x86)\hewlett-packard\hp health check\hphc_service.exe"
+ "HPBtnSrv" "This service provides support for HP Chasis Button." "" "c:\hp\hpezbtn\hpbtnsrv.exe"
+ "IAANTMON" "RAID Monitor" "Intel Corporation" "c:\program files (x86)\intel\intel matrix storage manager\iaantmon.exe"
+ "iPod Service" "iPod hardware management services" "Apple Inc." "c:\program files\ipod\bin\ipodservice.exe"
+ "LightScribeService" "Used by the LightScribe software components to support 3rd party disc labeling applications using the LightScribe COM Application Programming Interface (LSCAPI). This service needs to run for LightScribe direct disc labeling to work." "Hewlett-Packard Company" "c:\program files (x86)\common files\lightscribe\lssrvc.exe"
+ "lxdw_device" "Printer Communication System" " " "c:\windows\system32\lxdwcoms.exe"
+ "lxdwCATSCustConnectService" "Lexmark Connect Service Executable" "Lexmark International, Inc." "c:\windows\system32\spool\drivers\x64\3\lxdwserv.exe"
+ "nvsvc" "Provides system and desktop level support to the NVIDIA display driver" "NVIDIA Corporation" "c:\windows\system32\nvvsvc.exe"
+ "SBSDWSCService" "Spybot-S&D Security Center integration" "Safer Networking Ltd." "c:\program files (x86)\spybot - search & destroy\sdwinsec.exe"
+ "wampapache" "Apache/2.2.17 (Win32) PHP/5.3.4" "Apache Software Foundation" "c:\wamp\bin\apache\apache2.2.17\bin\httpd.exe"
+ "wampmysqld" "" "" "c:\wamp\bin\mysql\mysql5.1.53\bin\mysqld.exe"
+ "WinDefend" "Scan your computer for unwanted software, schedule scans, and get the latest unwanted software definitions." "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
+ "XAudioService" "User-mode gate for Modem Speakerphone" "Conexant Systems, Inc." "c:\windows\system32\drivers\xaudio64.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "adfs" "Adobe Drive File System Driver" "Adobe Systems, Inc." "c:\windows\system32\drivers\adfs.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "E1G60" "Intel® PRO/1000 Adapter NDIS 6 deserialized driver" "Intel Corporation" "c:\windows\system32\drivers\e1g6032e.sys"
+ "eamonm" "Eset file on-access scanner" "ESET" "c:\windows\system32\drivers\eamonm.sys"
+ "easytether" "" "" "File not found: system32\DRIVERS\easytthr.sys"
+ "ehdrv" "Eset Helper driver" "ESET" "c:\windows\system32\drivers\ehdrv.sys"
+ "epfwwfpr" "EPFW Filter Driver" "ESET" "c:\windows\system32\drivers\epfwwfpr.sys"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "HCW85BDA" "CX23885 BDA driver" "Hauppauge Computer Works" "c:\windows\system32\drivers\hcw85bda.sys"
+ "HTCAND64" "" "" "File not found: System32\Drivers\ANDROIDUSB.sys"
+ "iaStor" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastor.sys"
+ "IntcAzAudAddService" "Realtek® High Definition Audio Function Driver" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtkvhd64.sys"
+ "IpInIp" "IP in IP Tunnel Driver" "" "File not found: system32\DRIVERS\ipinip.sys"
+ "mdmxsdk" "Diagnostic Interface x64 Driver" "Conexant" "c:\windows\system32\drivers\mdmxsdk.sys"
+ "netr28x" "Ralink 802.11 Wireless Adapter Driver" "Ralink Technology, Corp." "c:\windows\system32\drivers\netr28x.sys"
+ "nvlddmkm" "NVIDIA Compatible Windows Vista Kernel Mode Driver, Version 175.78 " "NVIDIA Corporation" "c:\windows\system32\drivers\nvlddmkm.sys"
+ "NwlnkFlt" "IPX Traffic Filter Driver" "" "File not found: system32\DRIVERS\nwlnkflt.sys"
+ "NwlnkFwd" "IPX Traffic Forwarder Driver" "" "File not found: system32\DRIVERS\nwlnkfwd.sys"
+ "Ps2" "" "" "c:\windows\system32\drivers\ps2.sys"
+ "PxHlpa64" "Px Engine Device Driver for 64-bit Windows" "Sonic Solutions" "c:\windows\system32\drivers\pxhlpa64.sys"
+ "RTL8169" "Realtek 8101E/8168/8169 NDIS6 64-bit Driver " "Realtek Corporation " "c:\windows\system32\drivers\rtlh64.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "XAudio" "Modem Audio Device Driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\xaudio64.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
+ "vidc.XVID" "" "" "c:\windows\system32\xvidvfw.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Audio Layer-3 Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codecp.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
+ "vidc.DIVX" "DivX" "DivX, Inc." "c:\windows\syswow64\divx.dll"
+ "vidc.XVID" "" "" "c:\windows\syswow64\xvidvfw.dll"
+ "vidc.yv12" "DivX" "DivX, Inc." "c:\windows\syswow64\divx.dll"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "9x8Resize" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Allocator Fix" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Bitmap" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Capture ASF Writer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "DivX Decoder Filter" "DivX Decoder Filter" "DivX, Inc." "c:\program files\divx\divx codec\divxdec.ax"
+ "Frame Eater" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Multiple File Output" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Proxy Sink" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Proxy Source" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Record Queue" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "ShotDetect" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Stetch" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WM VIH2 Fix" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Audio Analyzer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Black Frame Generator" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT DV Extract Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT FormatConversion" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Import Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Interlacer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Log Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT MuxDeMux Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Sample Info Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Switch Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Renderer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Source" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Volume" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Xvid MPEG-4 Video Decoder" "" "" "c:\windows\system32\xvid.ax"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ ""MainConcept (Adobe2) AAC Decoder"" "AAC audio decoder filter" "MainConcept AG" "c:\program files (x86)\adobe\adobe premiere pro cs4\ad2daac.ax"
+ ""MainConcept (Adobe2) AAC Encoder"" "AAC audio encoder filter" "MainConcept AG" "c:\program files (x86)\adobe\adobe premiere pro cs4\ad2eaac.ax"
+ ""MainConcept (Adobe2) H.264 Encoder"" "DirectShow H.264/AVC Encoder Filter" "MainConcept AG" "c:\program files (x86)\adobe\adobe premiere pro cs4\ad2esh264.ax"
+ ""MainConcept (Adobe2) H.264/AVC Decoder"" "DirectShow H.264/AVC Decoder Filter" "MainConcept AG" "c:\program files (x86)\adobe\adobe premiere pro cs4\ad2dsh264.ax"
+ ""MainConcept (Adobe2) H.264/AVC Video Encoder"" "DirectShow H.264/AVC Video Encoder Filter" "MainConcept AG" "c:\program files (x86)\adobe\adobe premiere pro cs4\ad2evh264.ax"
+ ""MainConcept (Adobe2) MPEG Audio Decoder"" "MPEG Video and Audio Decoder" "MainConcept AG" "c:\program files (x86)\adobe\adobe premiere pro cs4\ad2mcdsmpeg.ax"
+ ""MainConcept (Adobe2) MPEG Audio Encoder"" "MPEG Audio Encoder" "MainConcept AG" "c:\program files (x86)\adobe\adobe premiere pro cs4\ad2mceampeg.ax"
+ ""MainConcept (Adobe2) MPEG Encoder"" "MPEG Encoder and Muxer" "MainConcept AG" "c:\program files (x86)\adobe\adobe premiere pro cs4\ad2mcesmpeg.ax"
+ ""MainConcept (Adobe2) MPEG Multiplexer"" "MPEG Multiplexer" "" "c:\program files (x86)\adobe\adobe premiere pro cs4\ad2mcmuxmpeg.ax"
+ ""MainConcept (Adobe2) MPEG Splitter"" "Mpeg I/II Splitter" "MainConcept AG" "c:\program files (x86)\adobe\adobe premiere pro cs4\ad2mcspmpeg.ax"
+ ""MainConcept (Adobe2) MPEG Video Decoder"" "MPEG Video and Audio Decoder" "MainConcept AG" "c:\program files (x86)\adobe\adobe premiere pro cs4\ad2mcdsmpeg.ax"
+ ""MainConcept (Adobe2) MPEG Video Encoder"" "MPEG Video Encoder" "MainConcept AG" "c:\program files (x86)\adobe\adobe premiere pro cs4\ad2mcevmpeg.ax"
+ "AC3Filter" "ac3filter" "" "c:\program files (x86)\ac3filter\ac3filter.ax"
+ "CyberLink AudAna Filter" "CLAudAna" "CyberLink" "c:\program files (x86)\cyberlink\powerdirector\pdaudana.dll"
+ "CyberLink Audio Resampler" "CLAuRsmpl.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdirector\pdaursmpl.ax"
+ "CyberLink AudioCD Filter" "CyberLink AudioCD Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdirector\pdaudiocd.ax"
+ "Cyberlink Byte Counter Filter" "Cyberlink Byte Counter Filter" "CyberLink Corporation" "c:\program files (x86)\cyberlink\powerdirector\pdbytecounter.ax"
+ "CyberLink DDR" "CyberLink DDR" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdirector\pdrender.ax"
+ "CyberLink Double Pin Tee" "Cyberlink Double Tee Filter" "CtberLink Corporation" "c:\program files (x86)\cyberlink\powerdirector\pddoubletee.ax"
+ "CyberLink DV Buffer" "CLDVBuffer Filter" "CyberLink" "c:\program files (x86)\cyberlink\powerdirector\pddvbuffer.ax"
+ "CyberLink DV Dump Filter" "DV dump Filter" "CyberLink Corporation" "c:\program files (x86)\cyberlink\powerdirector\pddvdump.ax"
+ "CyberLink DV Filter" "DVTCR" "CyberLink" "c:\program files (x86)\cyberlink\powerdirector\pddvtcr.ax"
+ "CyberLink DV Reader Filter" "DVMultReader Filter" "CyberLink" "c:\program files (x86)\cyberlink\powerdirector\pddvmrd.ax"
+ "Cyberlink DV Scene Detect Filter" "CLDVScnDt" "CyberLink" "c:\program files (x86)\cyberlink\powerdirector\pddvscndt.ax"
+ "CyberLink Editing Service 4.0 (Source)" "CES Kernel (LT15)" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdirector\cledtkrn.dll"
+ "Cyberlink Gate Filter" "CLGate" "CyberLink" "c:\program files (x86)\cyberlink\powerdirector\pdgate.ax"
+ "CyberLink HDV Source Filter" "CLImage" "CyberLink" "c:\program files (x86)\cyberlink\powerdirector\pdhdvsrc.ax"
+ "CyberLink Load Image Filter" "CLImage (LT15)" "CyberLink" "c:\program files (x86)\cyberlink\shared files\climage.ax"
+ "Cyberlink Scene Detect Filter" "CLScnDt" "CyberLink" "c:\program files (x86)\cyberlink\powerdirector\pdscndt.ax"
+ "CyberLink Scene Detect Filter 2" "CLScnDt2" "訊連科技" "c:\program files (x86)\cyberlink\powerdirector\pdscndt2.dll"
+ "CyberLink SnapShot Filter" "CLSnapShot Filter" "CyberLink" "c:\program files (x86)\cyberlink\powerdirector\pdsnapshot.ax"
+ "CyberLink Stamp Effect" "" "CyberLink corporate" "c:\program files (x86)\cyberlink\powerdirector\pdstampeffect.ax"
+ "Cyberlink Sub-Picture Filter" "Cyberlink Sub-Picture Filter" "Cyberlink" "c:\program files (x86)\cyberlink\powerdirector\pdsubpic.ax"
+ "CyberLink Transform Tee" "CyberLink Transform Tee" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdirector\pdtee.ax"
+ "CyberLink VAudAna Filter" "CLVAudAna" "CyberLink" "c:\program files (x86)\cyberlink\powerdirector\pdvaudana.dll"
+ "CyberLink VidAna Filter" "CLVidAna" "CyberLink" "c:\program files (x86)\cyberlink\powerdirector\pdvidana.dll"
+ "Cyberlink Video Regulator" "CyberLink Video Regulator" "CyberLink" "c:\program files (x86)\cyberlink\powerdirector\pdresample.ax"
+ "CyberLink YUY2 DeInterlace" "DitlYuY2" "CyberLink" "c:\program files (x86)\cyberlink\powerdirector\pdditlyuy2.ax"
+ "CyberLink YUY2 Sub-Sampling" "SubYUY2 Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdirector\pdsubyuy2.ax"
+ "DivX AAC Decoder" "AAC audio decoder filter" "DivX, Inc." "c:\program files (x86)\divx\divx plus directshow filters\daac.ax"
+ "DivX Decoder Filter" "DivX Decoder Filter" "DivX, Inc." "c:\program files (x86)\divx\divx codec\divxdec.ax"
+ "DivX Demux Filter" "DivX Plus DMF Navigator Filter" "DivX, Inc." "c:\program files (x86)\divx\divx plus directshow filters\directshowdemuxfilter.dll"
+ "DivX Demux Filter (Unrestricted Edition)" "DivX Plus DMF Navigator Filter" "DivX, Inc." "c:\program files (x86)\divx\divx plus directshow filters\directshowdemuxfilter.dll"
+ "DivX H.264 Decoder" "DivX H.264 Decoder Filter" "DivX, Inc." "c:\program files (x86)\divx\divx plus directshow filters\divxdech264.ax"
+ "Frame Drop Filter" "TODO: <File description>" "TODO: <Company name>" "c:\program files (x86)\cyberlink\powerdirector\pdframedrop.ax"
+ "IDM Filter" "idmf" "Cyberlink" "c:\program files (x86)\cyberlink\powerdirector\pdidmf.ax"
+ "PDR Audio Decoder" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdirector\pdaud.ax"
+ "PDR Audio Effect" "CyberLink Audio Effect Filter" "CyberLink Corporation" "c:\program files (x86)\cyberlink\powerdirector\pdaudfx.ax"
+ "PDR Audio Encoder" "CyberLink Audio Encoder Filter" "Cyberlink Corp." "c:\program files (x86)\cyberlink\powerdirector\pdaudenc.ax"
+ "PDR Audio Noise Reduction" "CLAuNR" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdirector\claunrwrapper.ax"
+ "PDR Demultiplexer" "MPEG-2 Dempltiplexer" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdirector\pddemuxer.ax"
+ "PDR Dump Dispatch Filter" "Cyberlink File Dump Dispatch Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdirector\pddumpdispatch.ax"
+ "PDR Dump Filter" "Cyberlink File Dump Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdirector\pddump.ax"
+ "PDR DVSD Modifier" "Cyberlink DVSD Modifier" "Cyberlink Corp." "c:\program files (x86)\cyberlink\powerdirector\dvsdmodifier.ax"
+ "PDR File Reader (Async)" "Cyberlink MPEG File Reader" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdirector\pdreader.ax"
+ "PDR H.264/AVC Decoder" "CyberLink 264 Decoder Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdirector\pd264dec.ax"
+ "PDR M2V Writer" "CLM2VWriter" "CyberLink" "c:\program files (x86)\cyberlink\powerdirector\pdm2vwriter.ax"
+ "PDR MPEG Muxer" "MpgMux" "CyberLink" "c:\program files (x86)\cyberlink\powerdirector\pdmpgmux.ax"
+ "PDR MPEG Video Encoder" "CyberLink MPEG Video Encoder " "CyberLink Corp. " "c:\program files (x86)\cyberlink\powerdirector\pdvidenc.ax"
+ "PDR MPEG-1 Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdirector\pdm1splter.ax"
+ "PDR MPEG-2 Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdirector\pdm2splter.ax"
+ "PDR MPEG-4 Muxer" "PDR MPEG-4 Muxer" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdirector\pdm4muxer.ax"
+ "PDR MPEG-4 Splitter" "PDR MPEG-4 Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdirector\pdm4splt.ax"
+ "PDR MPEG1/2 Video Decoder" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdirector\pdvsd.ax"
+ "PDR SnapShotTIP Filter" "CLSShot" "CyberLink" "c:\program files (x86)\cyberlink\powerdirector\pdsshot.ax"
+ "PDR TimeStretch Filter(CES)" "CLAuTS.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdirector\clauts.ax"
+ "PDR TL MPEG Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdirector\pdtlmsplter.ax"
+ "PDR TS Information" "CLTSInfo" "Cyberlink" "c:\program files (x86)\cyberlink\powerdirector\pdtsinfo.ax"
+ "PDR Video Effect" "CLVidFx" "CyberLink" "c:\program files (x86)\cyberlink\powerdirector\clvidfx.ax"
+ "PDR Video Regulator" "CLRGL" "Cyberlink" "c:\program files (x86)\cyberlink\powerdirector\clrgl.ax"
+ "PDR Video Stabilizer" "CLVideoDeShaking" "CyberLink" "c:\program files (x86)\cyberlink\powerdirector\clvideostabilizer.ax"
+ "PDR WAV Dest" "CLWavDest" "CyberLink" "c:\program files (x86)\cyberlink\powerdirector\pdwavdest.ax"
+ "QTSrc" "QuickTime Source Filter" "CyberLink Corp" "c:\program files (x86)\cyberlink\shared files\clqtsrc.ax"
+ "QTWriter" "CLQTFileWriter" "Cyberlink" "c:\program files (x86)\cyberlink\powerdirector\pdqtfilewriter.ax"
+ "RMWriter" "CLRMFileWriter" "Cyberlink" "c:\program files (x86)\cyberlink\powerdirector\pdrmfilewriter.ax"
+ "Time Regulator" "TimeRegulator" "cyberlink" "c:\program files (x86)\cyberlink\powerdirector\pdavi_audtr.ax"
+ "Xvid MPEG-4 Video Decoder" "" "" "c:\windows\syswow64\xvid.ax"
"HKCU\Control Panel\Desktop\Scrnsave.exe" "" "" ""
+ "boinc.scr" "BOINC Screensaver" "Space Sciences Laboratory" "c:\windows\boinc.scr"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files (x86)\bonjour\mdnsnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "7600 Series Port" "Printer Communication System" " " "c:\windows\system32\lxdwlmpm.dll"
+ "Adobe PDF Port Monitor" "Adobe PDF Port Monitor DLL" "Adobe Systems Inc" "c:\windows\system32\adobepdf.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order" "" "" ""
+ "AdobeDriveCS4_NP" "Adobe Drive CS4 Network" "Adobe Systems Incorporated" "c:\program files\common files\adobe\adobe drive cs4\adobedrivecs4_np.dll"
"C:\Users\wired1000\AppData\Local\Microsoft\Windows Sidebar\Settings.ini" "" "" ""
+ "Clock" "Watch the clock in your own time zone or any city in the world." "Microsoft Corporation" "C:\Program Files\windows sidebar\gadgets\Clock.gadget\en-US\Gadget.xml"




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users