Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Cannot turn on my Windows Firewall


  • Please log in to reply
9 replies to this topic

#1 makavelian360

makavelian360

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:10:07 AM

Posted 11 October 2012 - 06:53 AM

When I chose to "Turn Windows Firewall on or off" I get a button "Use recommended settings". By clicking it I get the following error message "Windows Firewall can't change some of your settings. Error code 0x80070424"

When I go to Advanced settings I get the message "There was an error opening the Windows Firewall with Advanced Security snap-in. The Windows Firewall with Advanced Security snap-in failed to load. Restart the Windows Firewall service on the computer that you are managing. Error code: 0x6D9"

For how long has this been happening to my Firewall I cannot say as I discovered the issue 2 days ago. My computer didn't report anything not working.

-My firewall is not listed in the services list at all.

-I have the Advanced SystemCare program and I do system sweeps in every two weeks or so (I have read that Anti Viruses or programs such as Advanced SystemCare can cause the topic issue)

-My anti virus is ESET Smart Security 4.0 (I haven't been changing it)

-I have tried the method with BFE.reg files but it didn't work

-I've tried some debuging methods in "cmd" which didn't work as well

I don't know what to try anymore, so if anybody could help or something I'd really appreciate

Thank you in advance.

Edited by hamluis, 11 October 2012 - 07:39 AM.
Moved from AV, Firewall to Am i Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:07 AM

Posted 11 October 2012 - 07:37 AM

Lets check if system is infected before fixing firewall

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 makavelian360

makavelian360
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:10:07 AM

Posted 12 October 2012 - 07:43 AM

TDSSkiller report:

12:42:10.0779 2420 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
12:42:11.0383 2420 ============================================================
12:42:11.0383 2420 Current date / time: 2012/10/12 12:42:11.0383
12:42:11.0383 2420 SystemInfo:
12:42:11.0383 2420
12:42:11.0383 2420 OS Version: 6.1.7601 ServicePack: 1.0
12:42:11.0383 2420 Product type: Workstation
12:42:11.0383 2420 ComputerName: VIDAN-PC
12:42:11.0385 2420 UserName: Vidan
12:42:11.0385 2420 Windows directory: C:\Windows
12:42:11.0385 2420 System windows directory: C:\Windows
12:42:11.0385 2420 Processor architecture: Intel x86
12:42:11.0385 2420 Number of processors: 4
12:42:11.0385 2420 Page size: 0x1000
12:42:11.0385 2420 Boot type: Normal boot
12:42:11.0385 2420 ============================================================
12:42:13.0616 2420 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
12:42:13.0617 2420 ============================================================
12:42:13.0617 2420 \Device\Harddisk0\DR0:
12:42:13.0617 2420 MBR partitions:
12:42:13.0617 2420 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xEE6C00B
12:42:13.0627 2420 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xEE6C089, BlocksNum 0x15A9A160
12:42:13.0656 2420 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x24906228, BlocksNum 0x15A7EA19
12:42:13.0656 2420 ============================================================
12:42:13.0722 2420 C: <-> \Device\Harddisk0\DR0\Partition1
12:42:13.0754 2420 D: <-> \Device\Harddisk0\DR0\Partition2
12:42:13.0844 2420 E: <-> \Device\Harddisk0\DR0\Partition3
12:42:13.0844 2420 ============================================================
12:42:13.0844 2420 Initialize success
12:42:13.0844 2420 ============================================================
12:42:25.0335 2520 ============================================================
12:42:25.0335 2520 Scan started
12:42:25.0335 2520 Mode: Manual; TDLFS;
12:42:25.0335 2520 ============================================================
12:42:26.0882 2520 ================ Scan system memory ========================
12:42:26.0882 2520 System memory - ok
12:42:26.0883 2520 ================ Scan services =============================
12:42:27.0014 2520 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
12:42:27.0033 2520 1394ohci - ok
12:42:27.0082 2520 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
12:42:27.0085 2520 ACPI - ok
12:42:27.0094 2520 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
12:42:27.0105 2520 AcpiPmi - ok
12:42:27.0203 2520 [ D9881575C4166AE3A92118ECC217B079 ] ADExchange C:\Program Files\Common Files\ArcSoft\esinter\Bin\eservutil.exe
12:42:27.0205 2520 ADExchange - ok
12:42:27.0265 2520 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
12:42:27.0268 2520 AdobeARMservice - ok
12:42:27.0369 2520 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
12:42:27.0405 2520 adp94xx - ok
12:42:27.0427 2520 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
12:42:27.0438 2520 adpahci - ok
12:42:27.0458 2520 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
12:42:27.0468 2520 adpu320 - ok
12:42:27.0526 2520 [ B11C71B29FA69E4586F9B65560E6604D ] AdvancedSystemCareService5 C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
12:42:27.0533 2520 AdvancedSystemCareService5 - ok
12:42:27.0584 2520 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
12:42:27.0602 2520 AeLookupSvc - ok
12:42:27.0633 2520 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
12:42:27.0635 2520 AFD - ok
12:42:27.0694 2520 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
12:42:27.0711 2520 agp440 - ok
12:42:27.0752 2520 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
12:42:27.0767 2520 aic78xx - ok
12:42:27.0816 2520 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
12:42:27.0818 2520 ALG - ok
12:42:27.0860 2520 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
12:42:27.0875 2520 aliide - ok
12:42:27.0927 2520 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
12:42:27.0945 2520 amdagp - ok
12:42:27.0973 2520 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
12:42:27.0989 2520 amdide - ok
12:42:28.0014 2520 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
12:42:28.0030 2520 AmdK8 - ok
12:42:28.0047 2520 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
12:42:28.0065 2520 AmdPPM - ok
12:42:28.0127 2520 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
12:42:28.0145 2520 amdsata - ok
12:42:28.0175 2520 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
12:42:28.0184 2520 amdsbs - ok
12:42:28.0205 2520 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
12:42:28.0215 2520 amdxata - ok
12:42:28.0237 2520 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
12:42:28.0254 2520 AppID - ok
12:42:28.0273 2520 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
12:42:28.0274 2520 AppIDSvc - ok
12:42:28.0332 2520 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
12:42:28.0333 2520 Appinfo - ok
12:42:28.0381 2520 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
12:42:28.0384 2520 AppMgmt - ok
12:42:28.0407 2520 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
12:42:28.0423 2520 arc - ok
12:42:28.0447 2520 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
12:42:28.0463 2520 arcsas - ok
12:42:28.0635 2520 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
12:42:28.0675 2520 aspnet_state - ok
12:42:28.0691 2520 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
12:42:28.0708 2520 AsyncMac - ok
12:42:28.0732 2520 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
12:42:28.0732 2520 atapi - ok
12:42:28.0780 2520 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:42:28.0784 2520 AudioEndpointBuilder - ok
12:42:28.0791 2520 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
12:42:28.0795 2520 Audiosrv - ok
12:42:28.0816 2520 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
12:42:28.0818 2520 AxInstSV - ok
12:42:28.0891 2520 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
12:42:28.0898 2520 b06bdrv - ok
12:42:28.0917 2520 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
12:42:28.0946 2520 b57nd60x - ok
12:42:28.0965 2520 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
12:42:28.0967 2520 BDESVC - ok
12:42:28.0969 2520 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
12:42:28.0979 2520 Beep - ok
12:42:29.0008 2520 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
12:42:29.0012 2520 BFE - ok
12:42:29.0025 2520 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll
12:42:29.0031 2520 BITS - ok
12:42:29.0043 2520 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
12:42:29.0053 2520 blbdrive - ok
12:42:29.0070 2520 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
12:42:29.0082 2520 bowser - ok
12:42:29.0097 2520 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
12:42:29.0098 2520 BrFiltLo - ok
12:42:29.0110 2520 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
12:42:29.0111 2520 BrFiltUp - ok
12:42:29.0151 2520 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
12:42:29.0152 2520 Browser - ok
12:42:29.0175 2520 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
12:42:29.0180 2520 Brserid - ok
12:42:29.0193 2520 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
12:42:29.0196 2520 BrSerWdm - ok
12:42:29.0210 2520 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
12:42:29.0212 2520 BrUsbMdm - ok
12:42:29.0253 2520 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
12:42:29.0255 2520 BrUsbSer - ok
12:42:29.0274 2520 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
12:42:29.0291 2520 BTHMODEM - ok
12:42:29.0344 2520 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
12:42:29.0347 2520 bthserv - ok
12:42:29.0362 2520 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
12:42:29.0381 2520 cdfs - ok
12:42:29.0409 2520 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\drivers\cdrom.sys
12:42:29.0426 2520 cdrom - ok
12:42:29.0450 2520 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
12:42:29.0450 2520 CertPropSvc - ok
12:42:29.0467 2520 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
12:42:29.0469 2520 circlass - ok
12:42:29.0498 2520 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
12:42:29.0511 2520 CLFS - ok
12:42:29.0548 2520 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:42:29.0559 2520 clr_optimization_v2.0.50727_32 - ok
12:42:29.0587 2520 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:42:29.0667 2520 clr_optimization_v4.0.30319_32 - ok
12:42:29.0678 2520 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
12:42:29.0694 2520 CmBatt - ok
12:42:29.0763 2520 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
12:42:29.0781 2520 cmdide - ok
12:42:29.0830 2520 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\Windows\system32\Drivers\cng.sys
12:42:29.0837 2520 CNG - ok
12:42:29.0841 2520 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
12:42:29.0856 2520 Compbatt - ok
12:42:29.0875 2520 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
12:42:29.0876 2520 CompositeBus - ok
12:42:29.0879 2520 COMSysApp - ok
12:42:29.0902 2520 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
12:42:29.0911 2520 crcdisk - ok
12:42:29.0945 2520 [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\Windows\system32\cryptsvc.dll
12:42:29.0946 2520 CryptSvc - ok
12:42:29.0996 2520 [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC C:\Windows\system32\drivers\csc.sys
12:42:30.0039 2520 CSC - ok
12:42:30.0077 2520 [ 15F93B37F6801943360D9EB42485D5D3 ] CscService C:\Windows\System32\cscsvc.dll
12:42:30.0083 2520 CscService - ok
12:42:30.0102 2520 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
12:42:30.0106 2520 DcomLaunch - ok
12:42:30.0127 2520 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
12:42:30.0130 2520 defragsvc - ok
12:42:30.0163 2520 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
12:42:30.0201 2520 DfsC - ok
12:42:30.0217 2520 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
12:42:30.0220 2520 Dhcp - ok
12:42:30.0230 2520 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
12:42:30.0231 2520 discache - ok
12:42:30.0247 2520 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
12:42:30.0263 2520 Disk - ok
12:42:30.0313 2520 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
12:42:30.0315 2520 Dnscache - ok
12:42:30.0374 2520 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
12:42:30.0377 2520 dot3svc - ok
12:42:30.0405 2520 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
12:42:30.0407 2520 DPS - ok
12:42:30.0431 2520 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
12:42:30.0447 2520 drmkaud - ok
12:42:30.0522 2520 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
12:42:30.0601 2520 DXGKrnl - ok
12:42:30.0628 2520 [ 30372BCC67D63BEE538CDFECA755D81C ] eamon C:\Windows\system32\DRIVERS\eamon.sys
12:42:30.0632 2520 eamon - ok
12:42:30.0646 2520 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
12:42:30.0647 2520 EapHost - ok
12:42:30.0730 2520 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
12:42:30.0791 2520 ebdrv - ok
12:42:30.0809 2520 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
12:42:30.0810 2520 EFS - ok
12:42:30.0824 2520 [ 6504D6AFB75FEF830DD99E8C4235D54D ] ehdrv C:\Windows\system32\DRIVERS\ehdrv.sys
12:42:30.0835 2520 ehdrv - ok
12:42:30.0917 2520 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
12:42:30.0925 2520 ehRecvr - ok
12:42:30.0953 2520 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
12:42:30.0956 2520 ehSched - ok
12:42:31.0046 2520 [ 7E5C9009D28FE0F2CDE2B8DF47472A06 ] EhttpSrv C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
12:42:31.0049 2520 EhttpSrv - ok
12:42:31.0073 2520 [ FDDAD27E9A20D0DAC04FACBF67AFBFC1 ] ekrn C:\Program Files\ESET\ESET Smart Security\ekrn.exe
12:42:31.0080 2520 ekrn - ok
12:42:31.0104 2520 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
12:42:31.0126 2520 elxstor - ok
12:42:31.0139 2520 [ 86895D4413316BECC2D7944D2749586C ] epfw C:\Windows\system32\DRIVERS\epfw.sys
12:42:31.0147 2520 epfw - ok
12:42:31.0162 2520 [ 3B47010B2425B69826004767E59045BA ] Epfwndis C:\Windows\system32\DRIVERS\Epfwndis.sys
12:42:31.0180 2520 Epfwndis - ok
12:42:31.0199 2520 [ 396CE762D1650387A2FE184E245FBBA1 ] epfwwfp C:\Windows\system32\DRIVERS\epfwwfp.sys
12:42:31.0200 2520 epfwwfp - ok
12:42:31.0226 2520 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
12:42:31.0235 2520 ErrDev - ok
12:42:31.0268 2520 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
12:42:31.0270 2520 EventSystem - ok
12:42:31.0284 2520 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
12:42:31.0294 2520 exfat - ok
12:42:31.0305 2520 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
12:42:31.0315 2520 fastfat - ok
12:42:31.0378 2520 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
12:42:31.0381 2520 Fax - ok
12:42:31.0397 2520 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
12:42:31.0415 2520 fdc - ok
12:42:31.0430 2520 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
12:42:31.0431 2520 fdPHost - ok
12:42:31.0470 2520 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
12:42:31.0472 2520 FDResPub - ok
12:42:31.0478 2520 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
12:42:31.0488 2520 FileInfo - ok
12:42:31.0496 2520 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
12:42:31.0505 2520 Filetrace - ok
12:42:31.0517 2520 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
12:42:31.0527 2520 flpydisk - ok
12:42:31.0544 2520 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
12:42:31.0556 2520 FltMgr - ok
12:42:31.0630 2520 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\Windows\system32\FntCache.dll
12:42:31.0635 2520 FontCache - ok
12:42:31.0743 2520 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
12:42:31.0745 2520 FontCache3.0.0.0 - ok
12:42:31.0797 2520 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
12:42:31.0816 2520 FsDepends - ok
12:42:31.0837 2520 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
12:42:31.0858 2520 Fs_Rec - ok
12:42:31.0893 2520 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
12:42:31.0904 2520 fvevol - ok
12:42:31.0920 2520 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
12:42:31.0932 2520 gagp30kx - ok
12:42:31.0949 2520 GGSAFERDriver - ok
12:42:32.0023 2520 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
12:42:32.0040 2520 gpsvc - ok
12:42:32.0056 2520 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
12:42:32.0074 2520 hcw85cir - ok
12:42:32.0122 2520 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:42:32.0161 2520 HdAudAddService - ok
12:42:32.0178 2520 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
12:42:32.0178 2520 HDAudBus - ok
12:42:32.0206 2520 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
12:42:32.0215 2520 HidBatt - ok
12:42:32.0226 2520 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
12:42:32.0236 2520 HidBth - ok
12:42:32.0267 2520 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
12:42:32.0283 2520 HidIr - ok
12:42:32.0319 2520 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
12:42:32.0321 2520 hidserv - ok
12:42:32.0345 2520 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\drivers\hidusb.sys
12:42:32.0363 2520 HidUsb - ok
12:42:32.0386 2520 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
12:42:32.0388 2520 hkmsvc - ok
12:42:32.0398 2520 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:42:32.0402 2520 HomeGroupListener - ok
12:42:32.0435 2520 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:42:32.0439 2520 HomeGroupProvider - ok
12:42:32.0470 2520 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
12:42:32.0504 2520 HpSAMD - ok
12:42:32.0532 2520 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
12:42:32.0536 2520 HTTP - ok
12:42:32.0548 2520 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
12:42:32.0558 2520 hwpolicy - ok
12:42:32.0591 2520 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
12:42:32.0602 2520 i8042prt - ok
12:42:32.0634 2520 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
12:42:32.0654 2520 iaStorV - ok
12:42:32.0745 2520 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
12:42:32.0775 2520 idsvc - ok
12:42:32.0793 2520 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
12:42:32.0812 2520 iirsp - ok
12:42:32.0859 2520 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
12:42:32.0865 2520 IKEEXT - ok
12:42:32.0914 2520 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
12:42:32.0931 2520 intelide - ok
12:42:32.0941 2520 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
12:42:32.0942 2520 intelppm - ok
12:42:32.0962 2520 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
12:42:32.0965 2520 IPBusEnum - ok
12:42:32.0997 2520 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:42:33.0015 2520 IpFilterDriver - ok
12:42:33.0038 2520 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
12:42:33.0050 2520 IPMIDRV - ok
12:42:33.0067 2520 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
12:42:33.0090 2520 IPNAT - ok
12:42:33.0099 2520 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
12:42:33.0111 2520 IRENUM - ok
12:42:33.0119 2520 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
12:42:33.0136 2520 isapnp - ok
12:42:33.0158 2520 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
12:42:33.0169 2520 iScsiPrt - ok
12:42:33.0192 2520 [ A1C01AA8B8A9A3D71E7495E8AC6EB2EF ] iusb3hcs C:\Windows\system32\DRIVERS\iusb3hcs.sys
12:42:33.0201 2520 iusb3hcs - ok
12:42:33.0216 2520 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
12:42:33.0226 2520 kbdclass - ok
12:42:33.0248 2520 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
12:42:33.0258 2520 kbdhid - ok
12:42:33.0276 2520 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
12:42:33.0277 2520 KeyIso - ok
12:42:33.0297 2520 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
12:42:33.0299 2520 KSecDD - ok
12:42:33.0317 2520 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
12:42:33.0335 2520 KSecPkg - ok
12:42:33.0381 2520 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
12:42:33.0385 2520 KtmRm - ok
12:42:33.0416 2520 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\system32\srvsvc.dll
12:42:33.0418 2520 LanmanServer - ok
12:42:33.0423 2520 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:42:33.0425 2520 LanmanWorkstation - ok
12:42:33.0441 2520 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
12:42:33.0452 2520 lltdio - ok
12:42:33.0462 2520 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
12:42:33.0464 2520 lltdsvc - ok
12:42:33.0476 2520 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
12:42:33.0478 2520 lmhosts - ok
12:42:33.0492 2520 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
12:42:33.0502 2520 LSI_FC - ok
12:42:33.0514 2520 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
12:42:33.0524 2520 LSI_SAS - ok
12:42:33.0562 2520 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
12:42:33.0593 2520 LSI_SAS2 - ok
12:42:33.0630 2520 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
12:42:33.0652 2520 LSI_SCSI - ok
12:42:33.0666 2520 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
12:42:33.0680 2520 luafv - ok
12:42:33.0727 2520 [ 8E17D513D8011B0EE03C355EAAB0E0CC ] ManyCam C:\Windows\system32\DRIVERS\mcvidrv.sys
12:42:33.0756 2520 ManyCam - ok
12:42:33.0784 2520 [ 562D95E00E14A944DEBE655DECBD3F5B ] mcaudrv_simple C:\Windows\system32\drivers\mcaudrv.sys
12:42:33.0791 2520 mcaudrv_simple - ok
12:42:33.0813 2520 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
12:42:33.0816 2520 Mcx2Svc - ok
12:42:33.0842 2520 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
12:42:33.0871 2520 megasas - ok
12:42:33.0927 2520 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
12:42:33.0945 2520 MegaSR - ok
12:42:33.0961 2520 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
12:42:33.0962 2520 MMCSS - ok
12:42:33.0975 2520 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
12:42:33.0985 2520 Modem - ok
12:42:33.0998 2520 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
12:42:33.0999 2520 monitor - ok
12:42:34.0009 2520 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\drivers\mouclass.sys
12:42:34.0019 2520 mouclass - ok
12:42:34.0054 2520 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
12:42:34.0065 2520 mouhid - ok
12:42:34.0086 2520 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
12:42:34.0087 2520 mountmgr - ok
12:42:34.0119 2520 [ 96AA8BA23142CC8E2B30F3CAE0C80254 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
12:42:34.0123 2520 MozillaMaintenance - ok
12:42:34.0157 2520 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
12:42:34.0190 2520 mpio - ok
12:42:34.0222 2520 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
12:42:34.0253 2520 mpsdrv - ok
12:42:34.0272 2520 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
12:42:34.0287 2520 MRxDAV - ok
12:42:34.0329 2520 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
12:42:34.0368 2520 mrxsmb - ok
12:42:34.0382 2520 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:42:34.0394 2520 mrxsmb10 - ok
12:42:34.0402 2520 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:42:34.0412 2520 mrxsmb20 - ok
12:42:34.0421 2520 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
12:42:34.0431 2520 msahci - ok
12:42:34.0443 2520 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
12:42:34.0454 2520 msdsm - ok
12:42:34.0471 2520 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
12:42:34.0473 2520 MSDTC - ok
12:42:34.0488 2520 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
12:42:34.0497 2520 Msfs - ok
12:42:34.0502 2520 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
12:42:34.0511 2520 mshidkmdf - ok
12:42:34.0539 2520 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
12:42:34.0548 2520 msisadrv - ok
12:42:34.0583 2520 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
12:42:34.0585 2520 MSiSCSI - ok
12:42:34.0587 2520 msiserver - ok
12:42:34.0608 2520 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
12:42:34.0634 2520 MSKSSRV - ok
12:42:34.0641 2520 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
12:42:34.0651 2520 MSPCLOCK - ok
12:42:34.0655 2520 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
12:42:34.0657 2520 MSPQM - ok
12:42:34.0665 2520 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
12:42:34.0667 2520 MsRPC - ok
12:42:34.0688 2520 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
12:42:34.0698 2520 mssmbios - ok
12:42:34.0712 2520 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
12:42:34.0731 2520 MSTEE - ok
12:42:34.0741 2520 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
12:42:34.0750 2520 MTConfig - ok
12:42:34.0769 2520 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
12:42:34.0770 2520 Mup - ok
12:42:34.0818 2520 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
12:42:34.0822 2520 napagent - ok
12:42:34.0849 2520 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
12:42:34.0865 2520 NativeWifiP - ok
12:42:34.0905 2520 [ E4534BCCDD1EA7A7A256BB9D6688A5FC ] NAUpdate C:\Program Files\Nero\Update\NASvc.exe
12:42:34.0908 2520 NAUpdate - ok
12:42:34.0962 2520 [ E7C54812A2AAF43316EB6930C1FFA108 ] NDIS C:\Windows\system32\drivers\ndis.sys
12:42:34.0976 2520 NDIS - ok
12:42:35.0003 2520 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
12:42:35.0029 2520 NdisCap - ok
12:42:35.0046 2520 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
12:42:35.0048 2520 NdisTapi - ok
12:42:35.0073 2520 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
12:42:35.0090 2520 Ndisuio - ok
12:42:35.0126 2520 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
12:42:35.0151 2520 NdisWan - ok
12:42:35.0178 2520 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
12:42:35.0209 2520 NDProxy - ok
12:42:35.0235 2520 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
12:42:35.0251 2520 NetBIOS - ok
12:42:35.0262 2520 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
12:42:35.0263 2520 NetBT - ok
12:42:35.0276 2520 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
12:42:35.0277 2520 Netlogon - ok
12:42:35.0302 2520 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
12:42:35.0306 2520 Netman - ok
12:42:35.0345 2520 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
12:42:35.0359 2520 NetMsmqActivator - ok
12:42:35.0363 2520 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
12:42:35.0365 2520 NetPipeActivator - ok
12:42:35.0388 2520 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
12:42:35.0393 2520 netprofm - ok
12:42:35.0419 2520 [ 27EE4B406E2F26F6117A9A420BD4CB65 ] netr28u C:\Windows\system32\DRIVERS\netr28u.sys
12:42:35.0454 2520 netr28u - ok
12:42:35.0459 2520 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
12:42:35.0460 2520 NetTcpActivator - ok
12:42:35.0466 2520 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
12:42:35.0467 2520 NetTcpPortSharing - ok
12:42:35.0486 2520 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
12:42:35.0496 2520 nfrd960 - ok
12:42:35.0535 2520 [ 912084381D30D8B89EC4E293053F4710 ] NlaSvc C:\Windows\System32\nlasvc.dll
12:42:35.0537 2520 NlaSvc - ok
12:42:35.0547 2520 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
12:42:35.0556 2520 Npfs - ok
12:42:35.0608 2520 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
12:42:35.0612 2520 nsi - ok
12:42:35.0634 2520 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
12:42:35.0634 2520 nsiproxy - ok
12:42:35.0731 2520 [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
12:42:35.0755 2520 Ntfs - ok
12:42:35.0808 2520 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
12:42:35.0824 2520 Null - ok
12:42:35.0868 2520 [ BAD636EE7FF5BF539854BBA33868EFC2 ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
12:42:35.0879 2520 nusb3hub - ok
12:42:35.0921 2520 [ DFAFDC3051E04FFAFDDC4872394C1FC8 ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
12:42:35.0926 2520 nusb3xhc - ok
12:42:35.0952 2520 [ A0A9E53B4AAC3C6534A063ABA69BC19F ] NVHDA C:\Windows\system32\drivers\nvhda32v.sys
12:42:35.0969 2520 NVHDA - ok
12:42:36.0248 2520 [ AFB33A823AABC112FC7BD62AFBCDB0CD ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
12:42:36.0305 2520 nvlddmkm - ok
12:42:36.0339 2520 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
12:42:36.0349 2520 nvraid - ok
12:42:36.0357 2520 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
12:42:36.0375 2520 nvstor - ok
12:42:36.0452 2520 [ 782945716AD010AC3D41758E8E52C735 ] nvsvc C:\Windows\system32\nvvsvc.exe
12:42:36.0459 2520 nvsvc - ok
12:42:36.0599 2520 [ A974E5C310B9B00894070CEB055D467F ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
12:42:36.0609 2520 nvUpdatusService - ok
12:42:36.0628 2520 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
12:42:36.0638 2520 nv_agp - ok
12:42:36.0681 2520 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
12:42:36.0684 2520 ohci1394 - ok
12:42:36.0726 2520 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:42:36.0729 2520 ose - ok
12:42:36.0755 2520 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
12:42:36.0761 2520 p2pimsvc - ok
12:42:36.0782 2520 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
12:42:36.0786 2520 p2psvc - ok
12:42:36.0809 2520 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
12:42:36.0821 2520 Parport - ok
12:42:36.0849 2520 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
12:42:36.0867 2520 partmgr - ok
12:42:36.0894 2520 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
12:42:36.0903 2520 Parvdm - ok
12:42:36.0915 2520 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
12:42:36.0917 2520 PcaSvc - ok
12:42:36.0943 2520 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
12:42:36.0955 2520 pci - ok
12:42:36.0958 2520 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
12:42:36.0967 2520 pciide - ok
12:42:36.0982 2520 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
12:42:36.0993 2520 pcmcia - ok
12:42:37.0005 2520 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
12:42:37.0014 2520 pcw - ok
12:42:37.0029 2520 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
12:42:37.0037 2520 PEAUTH - ok
12:42:37.0071 2520 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
12:42:37.0084 2520 PeerDistSvc - ok
12:42:37.0144 2520 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
12:42:37.0159 2520 pla - ok
12:42:37.0195 2520 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
12:42:37.0200 2520 PlugPlay - ok
12:42:37.0230 2520 [ 3A2E85F7D90D15460C337CE80C2E3B29 ] PnkBstrA C:\Windows\system32\PnkBstrA.exe
12:42:37.0233 2520 PnkBstrA - ok
12:42:37.0241 2520 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
12:42:37.0243 2520 PNRPAutoReg - ok
12:42:37.0281 2520 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
12:42:37.0284 2520 PNRPsvc - ok
12:42:37.0339 2520 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
12:42:37.0345 2520 PolicyAgent - ok
12:42:37.0361 2520 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
12:42:37.0364 2520 Power - ok
12:42:37.0392 2520 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
12:42:37.0416 2520 PptpMiniport - ok
12:42:37.0431 2520 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
12:42:37.0441 2520 Processor - ok
12:42:37.0483 2520 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
12:42:37.0484 2520 ProfSvc - ok
12:42:37.0500 2520 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
12:42:37.0501 2520 ProtectedStorage - ok
12:42:37.0532 2520 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
12:42:37.0533 2520 Psched - ok
12:42:37.0636 2520 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
12:42:37.0685 2520 ql2300 - ok
12:42:37.0709 2520 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
12:42:37.0727 2520 ql40xx - ok
12:42:37.0828 2520 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
12:42:37.0847 2520 QWAVE - ok
12:42:37.0865 2520 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
12:42:37.0880 2520 QWAVEdrv - ok
12:42:37.0896 2520 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
12:42:37.0944 2520 RasAcd - ok
12:42:37.0969 2520 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
12:42:38.0036 2520 RasAgileVpn - ok
12:42:38.0055 2520 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
12:42:38.0059 2520 RasAuto - ok
12:42:38.0075 2520 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
12:42:38.0093 2520 Rasl2tp - ok
12:42:38.0120 2520 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
12:42:38.0125 2520 RasMan - ok
12:42:38.0133 2520 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
12:42:38.0149 2520 RasPppoe - ok
12:42:38.0157 2520 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
12:42:38.0168 2520 RasSstp - ok
12:42:38.0194 2520 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
12:42:38.0213 2520 rdbss - ok
12:42:38.0220 2520 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
12:42:38.0229 2520 rdpbus - ok
12:42:38.0254 2520 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
12:42:38.0255 2520 RDPCDD - ok
12:42:38.0297 2520 [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
12:42:38.0307 2520 RDPDR - ok
12:42:38.0322 2520 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
12:42:38.0323 2520 RDPENCDD - ok
12:42:38.0331 2520 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
12:42:38.0332 2520 RDPREFMP - ok
12:42:38.0389 2520 [ 68A0387F58E226DEEE23D9715955572A ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
12:42:38.0407 2520 RdpVideoMiniport - ok
12:42:38.0443 2520 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
12:42:38.0462 2520 RDPWD - ok
12:42:38.0515 2520 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
12:42:38.0545 2520 rdyboost - ok
12:42:38.0581 2520 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
12:42:38.0584 2520 RemoteAccess - ok
12:42:38.0611 2520 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
12:42:38.0616 2520 RemoteRegistry - ok
12:42:38.0629 2520 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
12:42:38.0631 2520 RpcEptMapper - ok
12:42:38.0653 2520 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
12:42:38.0657 2520 RpcLocator - ok
12:42:38.0676 2520 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
12:42:38.0681 2520 RpcSs - ok
12:42:38.0709 2520 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
12:42:38.0754 2520 rspndr - ok
12:42:38.0776 2520 [ 5283B9A27FF230F2FF70D92451FF409A ] RTL8167 C:\Windows\system32\DRIVERS\Rt86win7.sys
12:42:38.0787 2520 RTL8167 - ok
12:42:38.0850 2520 [ 815445F4676CC96BC9AEEC303C727E19 ] s116bus C:\Windows\system32\DRIVERS\s116bus.sys
12:42:38.0875 2520 s116bus - ok
12:42:38.0910 2520 [ 333D1E0743E6DE1779C3C418AC601C3A ] s116mdfl C:\Windows\system32\DRIVERS\s116mdfl.sys
12:42:38.0938 2520 s116mdfl - ok
12:42:38.0950 2520 [ 50D6E5B021E9EC7553AB8A3553CC1B6B ] s116mdm C:\Windows\system32\DRIVERS\s116mdm.sys
12:42:38.0971 2520 s116mdm - ok
12:42:38.0984 2520 [ 1589AA53E43F8D193A7D4D580D3FFA95 ] s116mgmt C:\Windows\system32\DRIVERS\s116mgmt.sys
12:42:38.0987 2520 s116mgmt - ok
12:42:39.0005 2520 [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
12:42:39.0014 2520 s3cap - ok
12:42:39.0025 2520 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
12:42:39.0026 2520 SamSs - ok
12:42:39.0052 2520 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
12:42:39.0070 2520 sbp2port - ok
12:42:39.0098 2520 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
12:42:39.0101 2520 SCardSvr - ok
12:42:39.0127 2520 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
12:42:39.0137 2520 scfilter - ok
12:42:39.0178 2520 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
12:42:39.0188 2520 Schedule - ok
12:42:39.0199 2520 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
12:42:39.0200 2520 SCPolicySvc - ok
12:42:39.0220 2520 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
12:42:39.0223 2520 SDRSVC - ok
12:42:39.0250 2520 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
12:42:39.0260 2520 secdrv - ok
12:42:39.0281 2520 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
12:42:39.0285 2520 seclogon - ok
12:42:39.0295 2520 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
12:42:39.0302 2520 SENS - ok
12:42:39.0328 2520 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
12:42:39.0330 2520 SensrSvc - ok
12:42:39.0343 2520 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
12:42:39.0352 2520 Serenum - ok
12:42:39.0385 2520 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
12:42:39.0398 2520 Serial - ok
12:42:39.0421 2520 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
12:42:39.0430 2520 sermouse - ok
12:42:39.0473 2520 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
12:42:39.0475 2520 SessionEnv - ok
12:42:39.0511 2520 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
12:42:39.0520 2520 sffdisk - ok
12:42:39.0535 2520 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
12:42:39.0545 2520 sffp_mmc - ok
12:42:39.0561 2520 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
12:42:39.0570 2520 sffp_sd - ok
12:42:39.0601 2520 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
12:42:39.0610 2520 sfloppy - ok
12:42:39.0624 2520 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:42:39.0627 2520 ShellHWDetection - ok
12:42:39.0645 2520 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
12:42:39.0655 2520 sisagp - ok
12:42:39.0672 2520 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
12:42:39.0689 2520 SiSRaid2 - ok
12:42:39.0719 2520 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
12:42:39.0736 2520 SiSRaid4 - ok
12:42:39.0859 2520 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
12:42:39.0875 2520 SkypeUpdate - ok
12:42:39.0886 2520 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
12:42:39.0905 2520 Smb - ok
12:42:39.0927 2520 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
12:42:39.0930 2520 SNMPTRAP - ok
12:42:39.0953 2520 [ 992CAAE7354663FE7CFADB6749AE9318 ] SpeechGridService C:\Program Files\SpeechGrid\SpeechGridService.exe
12:42:39.0956 2520 SpeechGridService - ok
12:42:39.0991 2520 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
12:42:39.0994 2520 spldr - ok
12:42:40.0024 2520 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
12:42:40.0031 2520 Spooler - ok
12:42:40.0341 2520 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
12:42:40.0357 2520 sppsvc - ok
12:42:40.0382 2520 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
12:42:40.0384 2520 sppuinotify - ok
12:42:40.0441 2520 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
12:42:40.0472 2520 srv - ok
12:42:40.0479 2520 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
12:42:40.0499 2520 srv2 - ok
12:42:40.0508 2520 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
12:42:40.0530 2520 srvnet - ok
12:42:40.0551 2520 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
12:42:40.0554 2520 SSDPSRV - ok
12:42:40.0565 2520 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
12:42:40.0567 2520 SstpSvc - ok
12:42:40.0591 2520 Steam Client Service - ok
12:42:40.0645 2520 [ C354621B6B94E10AE7F5CDBE745FEB86 ] Stereo Service C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
12:42:40.0651 2520 Stereo Service - ok
12:42:40.0675 2520 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
12:42:40.0693 2520 stexstor - ok
12:42:40.0826 2520 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
12:42:40.0833 2520 StiSvc - ok
12:42:40.0864 2520 [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
12:42:40.0882 2520 storflt - ok
12:42:40.0896 2520 [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc C:\Windows\system32\drivers\storvsc.sys
12:42:40.0912 2520 storvsc - ok
12:42:40.0920 2520 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
12:42:40.0922 2520 swenum - ok
12:42:40.0943 2520 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
12:42:40.0947 2520 swprv - ok
12:42:40.0996 2520 Synth3dVsc - ok
12:42:41.0039 2520 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
12:42:41.0063 2520 SysMain - ok
12:42:41.0088 2520 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:42:41.0093 2520 TabletInputService - ok
12:42:41.0129 2520 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
12:42:41.0134 2520 TapiSrv - ok
12:42:41.0159 2520 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
12:42:41.0163 2520 TBS - ok
12:42:41.0219 2520 [ A5EBB8F648000E88B7D9390B514976BF ] Tcpip C:\Windows\system32\drivers\tcpip.sys
12:42:41.0249 2520 Tcpip - ok
12:42:41.0263 2520 [ A5EBB8F648000E88B7D9390B514976BF ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
12:42:41.0269 2520 TCPIP6 - ok
12:42:41.0297 2520 [ CCA24162E055C3714CE5A88B100C64ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
12:42:41.0314 2520 tcpipreg - ok
12:42:41.0336 2520 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
12:42:41.0345 2520 TDPIPE - ok
12:42:41.0352 2520 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
12:42:41.0362 2520 TDTCP - ok
12:42:41.0381 2520 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
12:42:41.0399 2520 tdx - ok
12:42:41.0588 2520 [ FE559178000347D2CA1B7847F0379749 ] TeamViewer6 C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
12:42:41.0606 2520 TeamViewer6 - ok
12:42:41.0809 2520 [ 3E85BDD019E3DB66D9471DAD7FD6A887 ] TeamViewer7 C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
12:42:41.0824 2520 TeamViewer7 - ok
12:42:41.0847 2520 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys
12:42:41.0857 2520 TermDD - ok
12:42:41.0945 2520 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
12:42:41.0951 2520 TermService - ok
12:42:41.0970 2520 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
12:42:41.0974 2520 Themes - ok
12:42:41.0985 2520 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
12:42:41.0987 2520 THREADORDER - ok
12:42:42.0020 2520 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
12:42:42.0023 2520 TrkWks - ok
12:42:42.0086 2520 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:42:42.0087 2520 TrustedInstaller - ok
12:42:42.0098 2520 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
12:42:42.0131 2520 tssecsrv - ok
12:42:42.0167 2520 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
12:42:42.0185 2520 TsUsbFlt - ok
12:42:42.0189 2520 tsusbhub - ok
12:42:42.0220 2520 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
12:42:42.0234 2520 tunnel - ok
12:42:42.0248 2520 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
12:42:42.0264 2520 uagp35 - ok
12:42:42.0277 2520 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
12:42:42.0301 2520 udfs - ok
12:42:42.0324 2520 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
12:42:42.0326 2520 UI0Detect - ok
12:42:42.0336 2520 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
12:42:42.0346 2520 uliagpkx - ok
12:42:42.0352 2520 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\drivers\umbus.sys
12:42:42.0361 2520 umbus - ok
12:42:42.0397 2520 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
12:42:42.0406 2520 UmPass - ok
12:42:42.0431 2520 [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService C:\Windows\System32\umrdp.dll
12:42:42.0433 2520 UmRdpService - ok
12:42:42.0460 2520 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
12:42:42.0475 2520 upnphost - ok
12:42:42.0511 2520 [ 1D9F2BD026E8E2D45033A4DF3F16B78C ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
12:42:42.0514 2520 usbaudio - ok
12:42:42.0544 2520 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
12:42:42.0581 2520 usbccgp - ok
12:42:42.0592 2520 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
12:42:42.0604 2520 usbcir - ok
12:42:42.0620 2520 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\drivers\usbehci.sys
12:42:42.0629 2520 usbehci - ok
12:42:42.0634 2520 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
12:42:42.0645 2520 usbhub - ok
12:42:42.0659 2520 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\drivers\usbohci.sys
12:42:42.0669 2520 usbohci - ok
12:42:42.0693 2520 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
12:42:42.0702 2520 usbprint - ok
12:42:42.0716 2520 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\drivers\USBSTOR.SYS
12:42:42.0726 2520 USBSTOR - ok
12:42:42.0739 2520 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
12:42:42.0748 2520 usbuhci - ok
12:42:42.0790 2520 [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
12:42:42.0792 2520 usbvideo - ok
12:42:42.0812 2520 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
12:42:42.0816 2520 UxSms - ok
12:42:42.0824 2520 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
12:42:42.0826 2520 VaultSvc - ok
12:42:42.0860 2520 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
12:42:42.0878 2520 vdrvroot - ok
12:42:42.0940 2520 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
12:42:42.0948 2520 vds - ok
12:42:42.0972 2520 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
12:42:42.0991 2520 vga - ok
12:42:43.0005 2520 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
12:42:43.0027 2520 VgaSave - ok
12:42:43.0046 2520 VGPU - ok
12:42:43.0070 2520 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
12:42:43.0089 2520 vhdmp - ok
12:42:43.0103 2520 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
12:42:43.0113 2520 viaagp - ok
12:42:43.0136 2520 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
12:42:43.0146 2520 ViaC7 - ok
12:42:43.0161 2520 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
12:42:43.0171 2520 viaide - ok
12:42:43.0185 2520 [ C2F2911156FDC7817C52829C86DA494E ] vmbus C:\Windows\system32\drivers\vmbus.sys
12:42:43.0188 2520 vmbus - ok
12:42:43.0202 2520 [ D4D77455211E204F370D08F4963063CE ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
12:42:43.0204 2520 VMBusHID - ok
12:42:43.0216 2520 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
12:42:43.0234 2520 volmgr - ok
12:42:43.0244 2520 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
12:42:43.0247 2520 volmgrx - ok
12:42:43.0252 2520 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
12:42:43.0271 2520 volsnap - ok
12:42:43.0284 2520 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
12:42:43.0294 2520 vsmraid - ok
12:42:43.0385 2520 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
12:42:43.0397 2520 VSS - ok
12:42:43.0414 2520 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
12:42:43.0423 2520 vwifibus - ok
12:42:43.0433 2520 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
12:42:43.0450 2520 vwififlt - ok
12:42:43.0479 2520 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
12:42:43.0482 2520 W32Time - ok
12:42:43.0492 2520 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
12:42:43.0502 2520 WacomPen - ok
12:42:43.0526 2520 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
12:42:43.0536 2520 WANARP - ok
12:42:43.0538 2520 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
12:42:43.0539 2520 Wanarpv6 - ok
12:42:43.0596 2520 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
12:42:43.0609 2520 wbengine - ok
12:42:43.0633 2520 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
12:42:43.0635 2520 WbioSrvc - ok
12:42:43.0721 2520 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
12:42:43.0726 2520 wcncsvc - ok
12:42:43.0760 2520 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:42:43.0764 2520 WcsPlugInService - ok
12:42:43.0786 2520 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
12:42:43.0804 2520 Wd - ok
12:42:43.0825 2520 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
12:42:43.0857 2520 Wdf01000 - ok
12:42:43.0868 2520 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
12:42:43.0870 2520 WdiServiceHost - ok
12:42:43.0872 2520 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
12:42:43.0874 2520 WdiSystemHost - ok
12:42:43.0902 2520 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
12:42:43.0905 2520 WebClient - ok
12:42:43.0915 2520 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
12:42:43.0920 2520 Wecsvc - ok
12:42:43.0936 2520 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
12:42:43.0939 2520 wercplsupport - ok
12:42:43.0951 2520 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
12:42:43.0953 2520 WerSvc - ok
12:42:43.0987 2520 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
12:42:44.0001 2520 WfpLwf - ok
12:42:44.0016 2520 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
12:42:44.0029 2520 WIMMount - ok
12:42:44.0035 2520 WinHttpAutoProxySvc - ok
12:42:44.0092 2520 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
12:42:44.0096 2520 Winmgmt - ok
12:42:44.0132 2520 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
12:42:44.0143 2520 WinRM - ok
12:42:44.0177 2520 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
12:42:44.0186 2520 WinUsb - ok
12:42:44.0222 2520 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
12:42:44.0235 2520 Wlansvc - ok
12:42:44.0342 2520 [ FB01D4AE207B9EFDBABFC55DC95C7E31 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
12:42:44.0352 2520 wlidsvc - ok
12:42:44.0383 2520 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
12:42:44.0395 2520 WmiAcpi - ok
12:42:44.0423 2520 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
12:42:44.0428 2520 wmiApSrv - ok
12:42:44.0542 2520 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
12:42:44.0554 2520 WMPNetworkSvc - ok
12:42:44.0571 2520 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
12:42:44.0575 2520 WPCSvc - ok
12:42:44.0610 2520 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
12:42:44.0615 2520 WPDBusEnum - ok
12:42:44.0645 2520 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
12:42:44.0662 2520 ws2ifsl - ok
12:42:44.0668 2520 WSearch - ok
12:42:44.0734 2520 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
12:42:44.0750 2520 wuauserv - ok
12:42:44.0760 2520 [ E714A1C0354636837E20CCBF00888EE7 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
12:42:44.0770 2520 WudfPf - ok
12:42:44.0792 2520 [ 1023EE888C9B47178C5293ED5336AB69 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
12:42:44.0795 2520 WUDFRd - ok
12:42:44.0807 2520 [ 8D1E1E529A2C9E9B6A85B55A345F7629 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
12:42:44.0809 2520 wudfsvc - ok
12:42:44.0847 2520 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
12:42:44.0853 2520 WwanSvc - ok
12:42:44.0859 2520 ================ Scan global ===============================
12:42:44.0901 2520 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
12:42:44.0935 2520 [ 48CB4FDBCAAEAC7BCE2F5941545FF071 ] C:\Windows\system32\winsrv.dll
12:42:44.0943 2520 [ 48CB4FDBCAAEAC7BCE2F5941545FF071 ] C:\Windows\system32\winsrv.dll
12:42:44.0965 2520 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
12:42:45.0004 2520 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
12:42:45.0012 2520 [Global] - ok
12:42:45.0012 2520 ================ Scan MBR ==================================
12:42:45.0020 2520 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
12:42:45.0567 2520 \Device\Harddisk0\DR0 - ok
12:42:45.0568 2520 ================ Scan VBR ==================================
12:42:45.0586 2520 [ 2444E7B99DCA82EE720FA45E98946E27 ] \Device\Harddisk0\DR0\Partition1
12:42:45.0587 2520 \Device\Harddisk0\DR0\Partition1 - ok
12:42:45.0590 2520 [ 7EADC6B100FD53340D2AFC535BD87999 ] \Device\Harddisk0\DR0\Partition2
12:42:45.0592 2520 \Device\Harddisk0\DR0\Partition2 - ok
12:42:45.0610 2520 [ 9696934E0C9DB3B920BC6D2443B92257 ] \Device\Harddisk0\DR0\Partition3
12:42:45.0611 2520 \Device\Harddisk0\DR0\Partition3 - ok
12:42:45.0612 2520 ============================================================
12:42:45.0612 2520 Scan finished
12:42:45.0612 2520 ============================================================
12:42:45.0623 3752 Detected object count: 0
12:42:45.0623 3752 Actual detected object count: 0

aswMBR log:

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-10-12 12:44:44
-----------------------------
12:44:44.020 OS Version: Windows 6.1.7601 Service Pack 1
12:44:44.020 Number of processors: 4 586 0x2A07
12:44:44.020 ComputerName: VIDAN-PC UserName: Vidan
12:44:59.234 Initialize success
12:46:19.144 AVAST engine defs: 12101200
12:46:25.991 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-2
12:46:25.994 Disk 0 Vendor: Hitachi_HDT721050SLA360 ST3OA3AA Size: 476940MB BusType: 3
12:46:26.003 Disk 0 MBR read successfully
12:46:26.005 Disk 0 MBR scan
12:46:26.008 Disk 0 Windows 7 default MBR code
12:46:26.012 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 122072 MB offset 63
12:46:26.016 Disk 0 Partition - 00 0F Extended LBA 354865 MB offset 250003530
12:46:26.032 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 177460 MB offset 250003593
12:46:26.037 Disk 0 Partition - 00 05 Extended 177405 MB offset 613442087
12:46:26.052 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 177405 MB offset 613442088
12:46:26.057 Disk 0 scanning sectors +976768065
12:46:26.108 Disk 0 scanning C:\Windows\system32\drivers
12:46:38.261 Service scanning
12:47:00.317 Modules scanning
12:47:07.907 Disk 0 trace - called modules:
12:47:07.921 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys
12:47:07.925 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x867c8030]
12:47:07.929 3 CLASSPNP.SYS[8b80459e] -> nt!IofCallDriver -> [0x862c7860]
12:47:07.933 5 ACPI.sys[8b4af3d4] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-2[0x867d3908]
12:47:08.658 AVAST engine scan C:\Windows
12:47:10.122 AVAST engine scan C:\Windows\system32
12:50:15.160 AVAST engine scan C:\Windows\system32\drivers
12:50:28.017 AVAST engine scan C:\Users\Vidan
12:53:02.177 Disk 0 MBR has been saved successfully to "C:\Users\Vidan\Desktop\MBR.dat"
12:53:02.186 The log file has been saved successfully to "C:\Users\Vidan\Desktop\aswMBR.txt"

ESET online scanner list of found threats:

D:\Documets\Instalacije\asc-setup.exe a variant of Win32/Toolbar.Widgi application cleaned by deleting - quarantined

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:07 AM

Posted 12 October 2012 - 10:48 AM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.

#5 makavelian360

makavelian360
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:10:07 AM

Posted 12 October 2012 - 12:48 PM

Malwarebytes Anti-Malware (Trial) 1.65.0.1400
www.malwarebytes.org

Database version: v2012.10.12.05

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Vidan :: VIDAN-PC [administrator]

Protection: Disabled

10/12/2012 6:10:22 PM
mbam-log-2012-10-12 (18-10-22).txt

Scan type: Full scan (C:\|D:\|E:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 455012
Time elapsed: 1 hour(s), 1 minute(s), 41 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A8B0DBDE-8119-48B0-8088-D12DA01C36BA} (PUP.DownloadnSave) -> Quarantined and deleted successfully.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 1
C:\ProgramData\DownloadnSave (PUP.DownloadnSave) -> Quarantined and deleted successfully.

Files Detected: 5
C:\Program Files\Total CMA Pack\plugins\wlx\17FileInfo\cadt.dll (Trojan.Constructor) -> Quarantined and deleted successfully.
D:\Documets\SonyVegasKeygen.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully.
D:\Documets\Instalacije\Sony Vegas PRO 10+Crack+Serial Key\Vegas Pro 10 Crack+Serial Key\Keygen.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully.
C:\ProgramData\DownloadnSave\content.js (PUP.DownloadnSave) -> Quarantined and deleted successfully.
C:\ProgramData\DownloadnSave\settings.ini (PUP.DownloadnSave) -> Quarantined and deleted successfully.

(end)



MiniToolBox by Farbar Version: 23-07-2012
Ran by Vidan (administrator) on 12-10-2012 at 19:36:11
Microsoft Windows 7 Ultimate Service Pack 1 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Vidan-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : sbb.rs

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : sbb.rs
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 8C-89-A5-67-B1-96
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::e4d9:408e:a0a0:f121%10(Preferred)
IPv4 Address. . . . . . . . . . . : 178.149.9.142(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.252.0
Lease Obtained. . . . . . . . . . : Friday, October 12, 2012 7:33:38 PM
Lease Expires . . . . . . . . . . : Friday, October 12, 2012 9:47:23 PM
Default Gateway . . . . . . . . . : 178.149.8.1
DHCP Server . . . . . . . . . . . : 89.216.1.18
DHCPv6 IAID . . . . . . . . . . . : 244091301
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-A1-0E-97-8C-89-A5-67-B1-96
DNS Servers . . . . . . . . . . . : 89.216.1.40
89.216.1.50
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.sbb.rs:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter 6TO4 Adapter:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 89.216.1.40

Name: google.com
Addresses: 2a00:1450:4001:c02::65
173.194.70.113
173.194.70.138
173.194.70.139
173.194.70.100
173.194.70.101
173.194.70.102


Pinging google.com [173.194.70.101] with 32 bytes of data:
Reply from 173.194.70.101: bytes=32 time=43ms TTL=51
Reply from 173.194.70.101: bytes=32 time=44ms TTL=51

Ping statistics for 173.194.70.101:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 43ms, Maximum = 44ms, Average = 43ms
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 89.216.1.40

Name: yahoo.com
Addresses: 72.30.38.140
98.138.253.109
98.139.183.24


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=296ms TTL=53
Reply from 98.139.183.24: bytes=32 time=276ms TTL=53

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 276ms, Maximum = 296ms, Average = 286ms
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 89.216.1.40

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=6ms TTL=128
Reply from 127.0.0.1: bytes=32 time=1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 1ms, Maximum = 6ms, Average = 3ms
===========================================================================
Interface List
10...8c 89 a5 67 b1 96 ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
11...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
21...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
25...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 178.149.8.1 178.149.9.142 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
178.149.8.0 255.255.252.0 On-link 178.149.9.142 276
178.149.9.142 255.255.255.255 On-link 178.149.9.142 276
178.149.11.255 255.255.255.255 On-link 178.149.9.142 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 178.149.9.142 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 178.149.9.142 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
10 276 fe80::/64 On-link
10 276 fe80::e4d9:408e:a0a0:f121/128
On-link
1 306 ff00::/8 On-link
10 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 07 C:\Windows\System32\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 08 C:\Windows\System32\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/10/2012 05:51:52 PM) (Source: Application Error) (User: )
Description: Faulting application name: winamp.exe, version: 5.6.2.3189, time stamp: 0x4ea85649
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x0b591978
Faulting process id: 0x15bc
Faulting application start time: 0xwinamp.exe0
Faulting application path: winamp.exe1
Faulting module path: winamp.exe2
Report Id: winamp.exe3

Error: (10/10/2012 03:58:29 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (10/10/2012 02:14:56 PM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to execute command from the offline queue: uninstall "napcrypt, Version=6.1.0.0, Culture=Neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=x86". The error returned was Error: The specified assembly is not installed.
.

Error: (10/10/2012 02:14:56 PM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to execute command from the offline queue: uninstall "naphlpr, Version=6.1.0.0, Culture=Neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=x86". The error returned was Error: The specified assembly is not installed.
.

Error: (10/10/2012 02:12:56 PM) (Source: ESENT) (User: )
Description: WinMail (3112) WindowsMail0: The backup has been stopped because it was halted by the client or the connection with the client failed.

Error: (10/10/2012 02:06:44 PM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to compile: napsnap, Version=6.1.0.0, Culture=Neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=msil . Error code = 0x80070020

Error: (10/10/2012 02:06:43 PM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to compile naphlpr, Version=6.1.0.0, Culture=Neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=x86 because of the following error: The process cannot access the file because it is being used by another process. (Exception from HRESULT: 0x80070020).

Error: (10/10/2012 02:06:43 PM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to compile napcrypt, Version=6.1.0.0, Culture=Neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=x86 because of the following error: The process cannot access the file because it is being used by another process. (Exception from HRESULT: 0x80070020).

Error: (10/09/2012 08:48:49 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (10/09/2012 07:59:48 PM) (Source: Application Error) (User: )
Description: Faulting application name: MaxPayne3.exe, version: 1.0.0.57, time stamp: 0x5071c176
Faulting module name: MaxPayne3.exe, version: 1.0.0.57, time stamp: 0x5071c176
Exception code: 0xc0000005
Fault offset: 0x0081c8fa
Faulting process id: 0x834
Faulting application start time: 0xMaxPayne3.exe0
Faulting application path: MaxPayne3.exe1
Faulting module path: MaxPayne3.exe2
Report Id: MaxPayne3.exe3


System errors:
=============
Error: (10/12/2012 07:33:58 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Listener service terminated with service-specific error %%-2147023143.

Error: (10/12/2012 07:33:48 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (10/12/2012 03:48:32 PM) (Source: volsnap) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage failed to grow.

Error: (10/12/2012 00:36:56 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Listener service terminated with service-specific error %%-2147023143.

Error: (10/12/2012 00:36:44 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (10/11/2012 01:07:26 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Listener service terminated with service-specific error %%-2147023143.

Error: (10/11/2012 01:07:14 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (10/10/2012 09:26:54 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Listener service terminated with service-specific error %%-2147023143.

Error: (10/10/2012 09:26:24 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (10/10/2012 09:26:24 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060


Microsoft Office Sessions:
=========================
Error: (10/10/2012 05:51:52 PM) (Source: Application Error)(User: )
Description: winamp.exe5.6.2.31894ea85649unknown0.0.0.000000000c00000050b59197815bc01cda6feae0dd410C:\Program Files\Winamp\winamp.exeunknown6873bf9e-12f2-11e2-ba19-8c89a567b196

Error: (10/10/2012 03:58:29 PM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\Vuze\Azureus64.exe

Error: (10/10/2012 02:14:56 PM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to execute command from the offline queue: uninstall "napcrypt, Version=6.1.0.0, Culture=Neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=x86". The error returned was Error: The specified assembly is not installed.
.

Error: (10/10/2012 02:14:56 PM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to execute command from the offline queue: uninstall "naphlpr, Version=6.1.0.0, Culture=Neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=x86". The error returned was Error: The specified assembly is not installed.
.

Error: (10/10/2012 02:12:56 PM) (Source: ESENT)(User: )
Description: WinMail3112WindowsMail0:

Error: (10/10/2012 02:06:44 PM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to compile: napsnap, Version=6.1.0.0, Culture=Neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=msil . Error code = 0x80070020
napsnap, Version=6.1.0.0, Culture=Neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=msil

Error: (10/10/2012 02:06:43 PM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to compile naphlpr, Version=6.1.0.0, Culture=Neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=x86 because of the following error: The process cannot access the file because it is being used by another process. (Exception from HRESULT: 0x80070020).
naphlpr, Version=6.1.0.0, Culture=Neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=x86

Error: (10/10/2012 02:06:43 PM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to compile napcrypt, Version=6.1.0.0, Culture=Neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=x86 because of the following error: The process cannot access the file because it is being used by another process. (Exception from HRESULT: 0x80070020).
napcrypt, Version=6.1.0.0, Culture=Neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=x86

Error: (10/09/2012 08:48:49 PM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\Vuze\Azureus64.exe

Error: (10/09/2012 07:59:48 PM) (Source: Application Error)(User: )
Description: MaxPayne3.exe1.0.0.575071c176MaxPayne3.exe1.0.0.575071c176c00000050081c8fa83401cda6474de4694aE:\Igrice\Max Payne 3\MaxPayne3.exeE:\Igrice\Max Payne 3\MaxPayne3.exe1d49b32e-123b-11e2-ba25-8c89a567b196


=========================== Installed Programs ============================

µTorrent (Version: 3.1.3)
ACDSee Photo Manager 12 (Version: 12.0.342)
Adobe AIR (Version: 3.1.0.4880)
Adobe Flash Player 11 Plugin (Version: 11.4.402.287)
Adobe Reader X (10.1.4) (Version: 10.1.4)
Advanced SystemCare 5 (Version: 5.2.0)
ArcSoft PhotoStudio 6 (Version: 6.0.0.172)
Ask Toolbar (Version: 1.15.1.0)
Ask Toolbar Updater (Version: 1.2.1.22229)
Assassin's Creed Revelations 1.03 (Version: 1.03)
Battlefield 2™
Battlefield 3™ (Version: 1.3.0.0)
Battlelog Web Plugins (Version: 1.122.0)
BattlEye (A2Free) Uninstall
Call of Duty: Black Ops
Call of Duty: Black Ops - Multiplayer
D3DX10 (Version: 15.4.2368.0902)
Dictionary
Dishonored
EnRo Dictionary 1.0
ESET Online Scanner v3
ESET Smart Security (Version: 4.0.467.0)
ESN Sonar (Version: 0.70.4)
Fallout 3 (Version: 1.00.0000)
Garena 2010 (Version: 2010)
GOM Player (Version: 2.1.43.5119)
Google Chrome (Version: 22.0.1229.94)
Graboid Video 3.05 (Version: 3.05)
Guitar Pro 5.2
High-Definition Video Playback 10 (Version: 7.0.11400.29.0)
Intel® USB 3.0 eXtensible Host Controller Driver (Version: 1.0.0.121)
Java 7 Update 7 (Version: 7.0.70)
Java Auto Updater (Version: 2.1.9.0)
Java™ 6 Update 31 (Version: 6.0.310)
L.A. Noire (Version: 1.00.0000)
Last.fm 1.5.4.27091
Malwarebytes Anti-Malware version 1.65.0.1400 (Version: 1.65.0.1400)
ManyCam 3.0.68 (remove only) (Version: 3.0.68)
Messenger Companion (Version: 15.4.3502.0922)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320)
Microsoft .NET Framework 4 Extended (Version: 4.0.30320)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Games for Windows - LIVE Redistributable (Version: 3.5.92.0)
Microsoft Games for Windows Marketplace (Version: 3.5.50.0)
Microsoft Office 2000 Premium (Version: 9.00.2720)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Professional Edition 2003 (Version: 11.0.8173.0)
Microsoft Primary Interoperability Assemblies 2005 (Version: 8.0.50727.42)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Mozilla Firefox 12.0 (x86 en-US) (Version: 12.0)
Mozilla Maintenance Service (Version: 12.0)
MPEG2 Codec(libmpeg2/mad)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT Redists (Version: 1.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Need For Speed™ World (Version: 1.0.0.722)
Nero 10 Menu TemplatePack Basic (Version: 10.0.10600.6.0)
Nero 10 Movie ThemePack Basic (Version: 10.0.10600.6.0)
Nero BackItUp 10 (Version: 5.4.11600.19.100)
Nero BackItUp 10 Help (CHM) (Version: 1.0.10700)
Nero Burning ROM 10 (Version: 10.0.11100.10.100)
Nero BurningROM 10 Help (CHM) (Version: 1.0.10700)
Nero BurnRights 10 (Version: 4.0.11000.12.100)
Nero BurnRights 10 Help (CHM) (Version: 1.0.10600)
Nero Control Center 10 (Version: 10.0.12000.1.4)
Nero ControlCenter 10 Help (CHM) (Version: 1.0.10700)
Nero Core Components 10 (Version: 2.0.13700.0.1)
Nero CoverDesigner 10 (Version: 5.0.10900.11.100)
Nero CoverDesigner 10 Help (CHM) (Version: 1.0.10600)
Nero DiscCopy Gadget 10 (Version: 3.0.10700.9.100)
Nero DiscCopyGadget 10 Help (CHM) (Version: 1.0.10600)
Nero DiscSpeed 10 (Version: 6.0.10800.7.100)
Nero DiscSpeed 10 Help (CHM) (Version: 1.0.10600)
Nero Dolby Files 10 (Version: 2.0.11000.0.10)
Nero Express 10 (Version: 10.0.11000.10.100)
Nero Express 10 Help (CHM) (Version: 1.0.10700)
Nero InfoTool 10 (Version: 7.0.10800.8.100)
Nero InfoTool 10 Help (CHM) (Version: 1.0.10600)
Nero MediaHub 10 (Version: 1.0.13400.11.100)
Nero MediaHub 10 Help (CHM) (Version: 1.0.10700)
Nero Multimedia Suite 10 (Version: 10.0.13100)
Nero Recode 10 (Version: 4.6.10900.4.100)
Nero Recode 10 Help (CHM) (Version: 1.0.10600)
Nero RescueAgent 10 (Version: 3.0.10900.9.100)
Nero RescueAgent 10 Help (CHM) (Version: 1.0.10700)
Nero SoundTrax 10 (Version: 4.6.10600.2.100)
Nero SoundTrax 10 Help (CHM) (Version: 1.0.10600)
Nero StartSmart 10 (Version: 10.0.11200.12.100)
Nero StartSmart 10 Help (CHM) (Version: 1.0.10700)
Nero Update (Version: 1.0.0017)
Nero Vision 10 (Version: 7.0.11100.8.100)
Nero Vision 10 Help (CHM) (Version: 1.0.10600)
Nero WaveEditor 10 (Version: 5.6.10600.2.100)
Nero WaveEditor 10 Help (CHM) (Version: 1.0.10600)
NVIDIA 3D Vision Controller Driver 301.42 (Version: 301.42)
NVIDIA 3D Vision Driver 301.42 (Version: 301.42)
NVIDIA Control Panel 301.42 (Version: 301.42)
NVIDIA Graphics Driver 301.42 (Version: 301.42)
NVIDIA HD Audio Driver 1.3.16.0 (Version: 1.3.16.0)
NVIDIA Install Application (Version: 2.1002.75.420)
NVIDIA PhysX (Version: 9.12.0213)
NVIDIA PhysX System Software 9.12.0213 (Version: 9.12.0213)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.0142)
NVIDIA Update 1.8.15 (Version: 1.8.15)
NVIDIA Update Components (Version: 1.8.15)
Oblivion (Version: 1.00.0000)
Optimizer Pro v3.0 (Version: 3.0)
Origin (Version: 8.6.0.357)
PunkBuster Services (Version: 0.993)
Renesas Electronics USB 3.0 Host Controller Driver (Version: 2.0.34.0)
RESIDENT EVIL 5 (Version: 1.0.0.129)
Rockstar Games Social Club (Version: 1.0.9.7)
Skype Click to Call (Version: 5.9.9216)
Skype™ 5.10 (Version: 5.10.116)
Sleeping Dogs
Sniper Elite V2
Softonic toolbar on IE and Chrome
Spec Ops The Line
SpeechGrid
Steam (Version: 1.0.0.0)
Stronghold Crusader
TeamViewer 6 (Version: 6.0.10194)
TeamViewer 7 (Version: 7.0.12541)
The Walking Dead © 3 version 1 (Version: 1)
Total CMA Pack 0.52b (Version: 0.52b)
Ubisoft Game Launcher (Version: 1.0.0.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
uTorrentControl2 Toolbar (Version: 6.8.11.4)
Vegas Pro 10.0 (Version: 10.0.737)
VirtualDJ PRO Full (Version: 7.0.5)
VLC media player 1.0.1 (Version: 1.0.1)
Vuze (Version: 4.7)
Winamp (Version: 5.622 )
Winamp Detector Plug-in (Version: 1.0.0.1)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
WinRAR 4.01 (32-bit) (Version: 4.01.0)
Xilisoft Download YouTube Video (Version: 3.3.3.20120810)
Xilisoft YouTube HD Video Converter (Version: 3.2.2.20120314)
Yawcam 0.3.6

========================= Memory info: ===================================

Percentage of memory in use: 39%
Total physical RAM: 3060.85 MB
Available physical RAM: 1849.13 MB
Total Pagefile: 6119.98 MB
Available Pagefile: 4762.76 MB
Total Virtual: 2047.88 MB
Available Virtual: 1926 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:119.21 GB) (Free:33.79 GB) NTFS
2 Drive d: (Data) (Fixed) (Total:173.3 GB) (Free:12.37 GB) NTFS
3 Drive e: (Data) (Fixed) (Total:173.25 GB) (Free:14.29 GB) NTFS

========================= Users: ========================================

User accounts for \\VIDAN-PC

Administrator Guest UpdatusUser
Vidan

========================= Restore Points ==================================


**** End of log ****





Farbar Service Scanner Version: 07-10-2012
Ran by Vidan (administrator) on 12-10-2012 at 19:37:58
Running from "C:\Users\Vidan\Downloads"
Microsoft Windows 7 Ultimate Service Pack 1 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to retrieve start type of MpsSvc. The value does not exist.
Checking ImagePath: ATTENTION!=====> Unable to retrieve ImagePath of MpsSvc. The value does not exist.
Unable to retrieve ServiceDll of MpsSvc. The value does not exist.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to retrieve start type of wscsvc. The value does not exist.
Checking ImagePath: ATTENTION!=====> Unable to retrieve ImagePath of wscsvc. The value does not exist.
Unable to retrieve ServiceDll of wscsvc. The value does not exist.


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to retrieve start type of WinDefend. The value does not exist.
Checking ImagePath: ATTENTION!=====> Unable to retrieve ImagePath of WinDefend. The value does not exist.
Unable to retrieve ServiceDll of WinDefend. The value does not exist.


Other Services:
==============
Checking Start type of SharedAccess: ATTENTION!=====> Unable to retrieve start type of SharedAccess. The value does not exist.
Checking ImagePath of SharedAccess: ATTENTION!=====> Unable to retrieve ImagePath of SharedAccess. The value does not exist.
Checking ServiceDll of SharedAccess: ATTENTION!=====> Unable to retrieve ServiceDll of SharedAccess. The value does not exist.


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcore.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys
[2012-10-10 21:18] - [2012-08-22 19:16] - 1292144 ____A (Microsoft Corporation) A5EBB8F648000E88B7D9390B514976BF

C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll
[2012-10-10 13:32] - [2012-06-02 06:36] - 0140288 ____A (Microsoft Corporation) 96C0E38905CFD788313BE8E11DAE3F2F

C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\ipnathlp.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****





AdwCleaner:

# AdwCleaner v2.004 - Logfile created 10/12/2012 at 19:39:06
# Updated 06/10/2012 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (32 bits)
# User : Vidan - VIDAN-PC
# Boot Mode : Normal
# Running from : C:\Users\Vidan\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\user.js
File Deleted : C:\Users\Vidan\AppData\Roaming\Mozilla\Firefox\Profiles\ac7j8t59.default\searchplugins\Conduit.xml
Folder Deleted : C:\Program Files\Ask.com
Folder Deleted : C:\Program Files\Common Files\spigot
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Program Files\Softonic
Folder Deleted : C:\Program Files\uTorrentControl2
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\InstallMate
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DownloadnSave
Folder Deleted : C:\ProgramData\Premium
Folder Deleted : C:\Users\Vidan\AppData\Local\APN
Folder Deleted : C:\Users\Vidan\AppData\Local\Conduit
Folder Deleted : C:\Users\Vidan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
Folder Deleted : C:\Users\Vidan\AppData\Local\Temp\AskSearch
Folder Deleted : C:\Users\Vidan\AppData\Local\TempDir
Folder Deleted : C:\Users\Vidan\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\Vidan\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Vidan\AppData\LocalLow\Softonic
Folder Deleted : C:\Users\Vidan\AppData\LocalLow\uTorrentControl2
Folder Deleted : C:\Users\Vidan\AppData\Roaming\Mozilla\Firefox\Profiles\ac7j8t59.default\ConduitCommon
Folder Deleted : C:\Users\Vidan\AppData\Roaming\Mozilla\Firefox\Profiles\ac7j8t59.default\extensions\staged
Folder Deleted : C:\Users\Vidan\AppData\Roaming\Mozilla\Firefox\Profiles\ac7j8t59.default\extensions\toolbar@ask.com
Folder Deleted : C:\Users\Vidan\AppData\Roaming\OpenCandy
Folder Deleted : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

***** [Registry] *****

Key Deleted : HKCU\Software\APN
Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\uTorrentControl2
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\Google\Chrome\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{687578B9-7132-4A7A-80E4-30EE31099E03}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E87806B5-E908-45FD-AF5E-957D83E58E68}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{687578B9-7132-4A7A-80E4-30EE31099E03}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E87806B5-E908-45FD-AF5E-957D83E58E68}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKLM\Software\APN
Key Deleted : HKLM\Software\AskToolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B15F118E-AF21-45E8-A809-29FDD7362565}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{44B50C01-4993-48E2-ADEE-D812BAE2E9A2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{687578B9-7132-4A7A-80E4-30EE31099E03}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A3E2F089-DDBB-4CBF-B06C-5D44DA316ED3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A5679AB0-C59E-49E7-83C4-5289F844A6E0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CA0167C2-6295-41B8-9BDA-704B2F5E4CD9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D4AAF2A6-F6D1-49A5-BA1A-B20735DF1955}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E87806B5-E908-45FD-AF5E-957D83E58E68}
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{087CDC12-0A11-4D1D-8DCF-44185D7C3496}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{088BF3A9-6AE8-47B9-A3FB-26262F236C79}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2AC7B9EB-3881-4EB9-8DEE-0A731A309FDE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{349C0469-ACDD-49DF-9B3E-0D82E7C7DC4D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{41226591-6F7A-4082-B63A-67FE4A0CF7A6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55D69CD1-6715-4C40-BF05-9519AC4DC6E6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66C8FD57-54C4-4D4F-BC95-DCCC763B410A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{717BAE33-7061-4279-8AE5-6C13BC8AF3F9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{84F06F7A-F811-48D7-8B34-3F4145183D8F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{88F6D55F-AA3F-4003-BE69-4AC1998D6492}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A0F66203-1A86-4812-9603-A57E09A4D7A3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BC39D1B3-4471-41C1-AACA-E097FAF4B7AA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DEB85542-1311-4EC6-8A32-5372EB27FC94}
Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\SOFTWARE\Classes\Softonic.dskBnd
Key Deleted : HKLM\SOFTWARE\Classes\Softonic.dskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\Softonic.SoftonicHlpr
Key Deleted : HKLM\SOFTWARE\Classes\Softonic.SoftonicHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\SoftonicApp.appCore
Key Deleted : HKLM\SOFTWARE\Classes\SoftonicApp.appCore.1
Key Deleted : HKLM\SOFTWARE\Classes\srv.SoftonicSrvc
Key Deleted : HKLM\SOFTWARE\Classes\srv.SoftonicSrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3072253
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11D9E165-B8C1-4734-A56C-BC4FCACA966B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B15F118E-AF21-45E8-A809-29FDD7362565}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\Description
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9CF034EA-7B46-48D3-8895-8A14B32AE445}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BBBD0E37-EB1A-4F81-8241-9CE42582E3D3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F3952B07-1A62-43F9-AC5B-EE0AA820F88A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{687578B9-7132-4A7A-80E4-30EE31099E03}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E87806B5-E908-45FD-AF5E-957D83E58E68}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D4AAF2A6-F6D1-49A5-BA1A-B20735DF1955}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Softonic
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentControl2 Toolbar
Key Deleted : HKLM\Software\Softonic
Key Deleted : HKLM\Software\uTorrentControl2
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{687578B9-7132-4A7A-80E4-30EE31099E03}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{687578B9-7132-4A7A-80E4-30EE31099E03}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{5018CFD2-804D-4C99-9F81-25EAEA2769DE}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{687578B9-7132-4A7A-80E4-30EE31099E03}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{687578B9-7132-4A7A-80E4-30EE31099E03}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.softonic.com/MON00006/tb_v1?SearchSource=10&cc= --> hxxp://www.google.com

-\\ Mozilla Firefox v12.0 (en-US)

Profile name : default
File : C:\Users\Vidan\AppData\Roaming\Mozilla\Firefox\Profiles\ac7j8t59.default\prefs.js

Deleted : user_pref("CT3072253..clientLogIsEnabled", false);
Deleted : user_pref("CT3072253..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Deleted : user_pref("CT3072253..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Deleted : user_pref("CT3072253.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Deleted : user_pref("CT3072253.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Deleted : user_pref("CT3072253.AppTrackingLastCheckTime", "Tue Aug 07 2012 19:52:26 GMT+0200 (Central Europe D[...]
Deleted : user_pref("CT3072253.BrowserCompStateIsOpen_129573915102477663", true);
Deleted : user_pref("CT3072253.BrowserCompStateIsOpen_129749445881800338", true);
Deleted : user_pref("CT3072253.BrowserCompStateIsOpen_129805375651312503", true);
Deleted : user_pref("CT3072253.CTID", "CT3072253");
Deleted : user_pref("CT3072253.CurrentServerDate", "7-8-2012");
Deleted : user_pref("CT3072253.DSInstall", false);
Deleted : user_pref("CT3072253.DialogsAlignMode", "LTR");
Deleted : user_pref("CT3072253.DialogsGetterLastCheckTime", "Tue Aug 07 2012 19:18:14 GMT+0200 (Central Europe[...]
Deleted : user_pref("CT3072253.DownloadReferralCookieData", "");
Deleted : user_pref("CT3072253.FirstServerDate", "10-7-2012");
Deleted : user_pref("CT3072253.FirstTime", true);
Deleted : user_pref("CT3072253.FirstTimeFF3", true);
Deleted : user_pref("CT3072253.FirstTimeHiddenVer", true);
Deleted : user_pref("CT3072253.FixPageNotFoundErrors", true);
Deleted : user_pref("CT3072253.GroupingServerCheckInterval", 1440);
Deleted : user_pref("CT3072253.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Deleted : user_pref("CT3072253.HPInstall", false);
Deleted : user_pref("CT3072253.HasUserGlobalKeys", true);
Deleted : user_pref("CT3072253.HomePageProtectorEnabled", false);
Deleted : user_pref("CT3072253.HomepageBeforeUnload", "hxxp://www.google.rs/");
Deleted : user_pref("CT3072253.Initialize", true);
Deleted : user_pref("CT3072253.InitializeCommonPrefs", true);
Deleted : user_pref("CT3072253.InstallationAndCookieDataSentCount", 3);
Deleted : user_pref("CT3072253.InstallationId", "fft401C.tmp.exe");
Deleted : user_pref("CT3072253.InstallationType", "XPE");
Deleted : user_pref("CT3072253.InstalledDate", "Tue Jul 10 2012 16:12:23 GMT+0200 (Central Europe Daylight Tim[...]
Deleted : user_pref("CT3072253.IsAlertDBUpdated", true);
Deleted : user_pref("CT3072253.IsGrouping", false);
Deleted : user_pref("CT3072253.IsInitSetupIni", true);
Deleted : user_pref("CT3072253.IsMulticommunity", false);
Deleted : user_pref("CT3072253.IsOpenThankYouPage", true);
Deleted : user_pref("CT3072253.IsOpenUninstallPage", false);
Deleted : user_pref("CT3072253.LanguagePackLastCheckTime", "Tue Aug 07 2012 19:18:13 GMT+0200 (Central Europe [...]
Deleted : user_pref("CT3072253.LanguagePackReloadIntervalMM", 1440);
Deleted : user_pref("CT3072253.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Deleted : user_pref("CT3072253.LastLogin_3.13.0.6", "Tue Aug 07 2012 19:18:14 GMT+0200 (Central Europe Dayligh[...]
Deleted : user_pref("CT3072253.LatestVersion", "3.14.1.0");
Deleted : user_pref("CT3072253.Locale", "en");
Deleted : user_pref("CT3072253.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT3072253.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Deleted : user_pref("CT3072253.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT3072253.MyStuffEnabledAtInstallation", false);
Deleted : user_pref("CT3072253.OriginalFirstVersion", "3.13.0.6");
Deleted : user_pref("CT3072253.SearchCaption", "uTorrentControl2 Customized Web Search");
Deleted : user_pref("CT3072253.SearchEngineBeforeUnload", "chrome://browser-region/locale/region.properties");
Deleted : user_pref("CT3072253.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT3072253.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT307[...]
Deleted : user_pref("CT3072253.SearchInNewTabEnabled", true);
Deleted : user_pref("CT3072253.SearchInNewTabIntervalMM", 1440);
Deleted : user_pref("CT3072253.SearchInNewTabLastCheckTime", "Tue Aug 07 2012 19:18:13 GMT+0200 (Central Europ[...]
Deleted : user_pref("CT3072253.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Deleted : user_pref("CT3072253.SearchProtectorEnabled", false);
Deleted : user_pref("CT3072253.SearchProtectorToolbarDisabled", false);
Deleted : user_pref("CT3072253.SendProtectorDataViaLogin", true);
Deleted : user_pref("CT3072253.ServiceMapLastCheckTime", "Tue Aug 07 2012 19:18:13 GMT+0200 (Central Europe Da[...]
Deleted : user_pref("CT3072253.SettingsLastCheckTime", "Tue Aug 07 2012 19:18:13 GMT+0200 (Central Europe Dayl[...]
Deleted : user_pref("CT3072253.SettingsLastUpdate", "1342354602");
Deleted : user_pref("CT3072253.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT3072253&SearchSource=13");
Deleted : user_pref("CT3072253.ThirdPartyComponentsInterval", 504);
Deleted : user_pref("CT3072253.ThirdPartyComponentsLastCheck", "Tue Aug 07 2012 19:18:13 GMT+0200 (Central Eur[...]
Deleted : user_pref("CT3072253.ThirdPartyComponentsLastUpdate", "1331805997");
Deleted : user_pref("CT3072253.ToolbarShrinkedFromSetup", false);
Deleted : user_pref("CT3072253.TrusteLinkUrl", "hxxp://trust.conduit.com/CT3072253");
Deleted : user_pref("CT3072253.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Deleted : user_pref("CT3072253.UserID", "UN69127542378402080");
Deleted : user_pref("CT3072253.alertChannelId", "1463702");
Deleted : user_pref("CT3072253.autoDisableScopes", -1);
Deleted : user_pref("CT3072253.backendstorage.cbcountry_001", "5253");
Deleted : user_pref("CT3072253.backendstorage.cbfirsttime", "547565204A756C20313020323031322031363A31323A32362[...]
Deleted : user_pref("CT3072253.backendstorage.url_history0001", "687474703A2F2F667330356E352E73656E64737061636[...]
Deleted : user_pref("CT3072253.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Deleted : user_pref("CT3072253.globalFirstTimeInfoLastCheckTime", "Tue Aug 07 2012 19:18:14 GMT+0200 (Central [...]
Deleted : user_pref("CT3072253.homepageProtectorEnableByLogin", true);
Deleted : user_pref("CT3072253.initDone", true);
Deleted : user_pref("CT3072253.isAppTrackingManagerOn", true);
Deleted : user_pref("CT3072253.myStuffEnabled", true);
Deleted : user_pref("CT3072253.myStuffPublihserMinWidth", 400);
Deleted : user_pref("CT3072253.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Deleted : user_pref("CT3072253.myStuffServiceIntervalMM", 1440);
Deleted : user_pref("CT3072253.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Deleted : user_pref("CT3072253.navigateToUrlOnSearch", false);
Deleted : user_pref("CT3072253.oldAppsList", "129295695672325902,129571859753931591,111,129593762370823811,129[...]
Deleted : user_pref("CT3072253.revertSettingsEnabled", true);
Deleted : user_pref("CT3072253.searchProtectorDialogDelayInSec", 10);
Deleted : user_pref("CT3072253.searchProtectorEnableByLogin", true);
Deleted : user_pref("CT3072253.testingCtid", "");
Deleted : user_pref("CT3072253.toolbarAppMetaDataLastCheckTime", "Tue Aug 07 2012 19:18:13 GMT+0200 (Central E[...]
Deleted : user_pref("CT3072253.toolbarContextMenuLastCheckTime", "Tue Aug 07 2012 19:18:13 GMT+0200 (Central E[...]
Deleted : user_pref("CT3072253.usagesFlag", 1);
Deleted : user_pref("CommunityToolbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT2088752&Search[...]
Deleted : user_pref("CommunityToolbar.ConduitSearchList", "ToggleSW Customized Web Search");
Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2088752/CT2088752[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT3072253/CT3072253[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1463702/1459356/RS", "\"0\"[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/514531/510401/RS", "\"0\"")[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2088752", [...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT3072253", [...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2088752",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT3072253",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"504[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=sv", "\"4a9[...]
Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Vidan\\AppData\\Roaming\\Mozilla\\F[...]
Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.15.1.0");
Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "");
Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT3072253");
Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT3072253");
Deleted : user_pref("CommunityToolbar.ToolbarsList4", "CT3072253");
Deleted : user_pref("CommunityToolbar.globalUserId", "ef9fbaaa-98b3-4a4c-b528-91a632b24cec");
Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2088752");
Deleted : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Thu Sep 27 2012 13:06:1[...]
Deleted : user_pref("CommunityToolbar.notifications.alertEnabled", true);
Deleted : user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);
Deleted : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Fri Sep 28 2012 16:18:20 GMT+020[...]
Deleted : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.locale", "en");
Deleted : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Deleted : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Fri Sep 28 2012 16:18:11 GMT+0200 (C[...]
Deleted : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Deleted : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Deleted : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Deleted : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Deleted : user_pref("CommunityToolbar.notifications.userId", "88a64db0-b1fd-4a45-b6a9-16b0976f9c22");
Deleted : user_pref("CommunityToolbar.originalHomepage", "hxxp://www.google.rs/");
Deleted : user_pref("CommunityToolbar.originalSearchEngine", "chrome://browser-region/locale/region.properties[...]
Deleted : user_pref("browser.search.defaultthis.engineName", "ToggleSW Customized Web Search");
Deleted : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2088752&Sea[...]
Deleted : user_pref("browser.search.selectedEngine", "ToggleSW Customized Web Search");
Deleted : user_pref("extensions.4fde45d08f1e1.scode", "(function(){try{if('aol.com,mail.google.com,mystart.inc[...]
Deleted : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=2&q=[...]

-\\ Google Chrome v22.0.1229.94

File : C:\Users\Vidan\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [24901 octets] - [12/10/2012 19:39:06]

########## EOF - C:\AdwCleaner[S1].txt - [24962 octets] ##########




Junkware Removal Tool (JRT) by Thisisu
Version: 1.4.9 (10.12.2012)
OS: Windows 7 Ultimate x86
Ran by Vidan on Fri 10/12/2012 at 19:42:41.44
Blog: http://thisisudax.blogspot.com
**************************************************************




*** Services: 0 Detections



*** Registry Values: 0 Detections



*** Registry Keys:

Successfully deleted: [KEY] hkey_classes_root\clsid\{3c471948-f874-49f5-b338-4f214a2ee0b1}



*** Files:

Successfully deleted: [FILE] C:\Program Files\optimizer pro\English.ini
Successfully deleted: [FILE] C:\Program Files\optimizer pro\file_id.diz
Successfully deleted: [FILE] C:\Program Files\optimizer pro\HomePage.url
Successfully deleted: [FILE] C:\Program Files\optimizer pro\OptimizerPro.chm
Successfully deleted: [FILE] C:\Program Files\optimizer pro\OptProGuard.exe
Successfully deleted: [FILE] C:\Program Files\optimizer pro\OptProLauncher.exe
Successfully deleted: [FILE] C:\Program Files\optimizer pro\OptProReminder.exe
Successfully deleted: [FILE] C:\Program Files\optimizer pro\OptProSchedule.exe
Successfully deleted: [FILE] C:\Program Files\optimizer pro\OptProSmartScan.exe
Successfully deleted: [FILE] C:\Program Files\optimizer pro\OptProUninstaller.exe
Successfully deleted: [FILE] C:\Program Files\optimizer pro\scan.gif
Successfully deleted: [FILE] C:\Program Files\optimizer pro\sqlite3.dll
Successfully deleted: [FILE] C:\Program Files\optimizer pro\unins000.dat
Successfully deleted: [FILE] C:\Program Files\optimizer pro\unins000.exe



*** Folders:

Successfully deleted: [FOLDER] "C:\Users\Vidan\AppData\Roaming\yourfiledownloader"



*** FireFox detected and repaired

Successfully deleted: [{acaa314b-eeba-48e4-ad47-84e31c44796c}] from C:\Users\Vidan\AppData\Roaming\Mozilla\Firefox\Profiles\ac7j8t59.default\extensions


*** Event Viewer Logs - Cleared





**************************************************************
Scan was completed on Fri 10/12/2012 at 19:44:46.46
End of Report

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:07 AM

Posted 12 October 2012 - 01:18 PM

Run malwarebytes again and post the clean log

Run the services repair tool

http://kb.eset.com/library/ESET/KB%20Team%20Only/Malware/ServicesRepair.exe

Run Farbar service scanner again and post the new log


Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#7 makavelian360

makavelian360
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:10:07 AM

Posted 13 October 2012 - 08:45 AM

Malwarebytes clean scan:

Malwarebytes Anti-Malware (Trial) 1.65.0.1400
www.malwarebytes.org

Database version: v2012.10.12.05

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Vidan :: VIDAN-PC [administrator]

Protection: Enabled

10/13/2012 2:32:51 PM
mbam-log-2012-10-13 (14-32-51).txt

Scan type: Full scan (C:\|D:\|E:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 453803
Time elapsed: 56 minute(s), 54 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

FSS:

Farbar Service Scanner Version: 07-10-2012
Ran by Vidan (administrator) on 13-10-2012 at 15:39:04
Running from "C:\Users\Vidan\Downloads"
Microsoft Windows 7 Ultimate Service Pack 1 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is OK.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is OK.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Other Services:
==============


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcore.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys
[2012-10-10 21:18] - [2012-08-22 19:16] - 1292144 ____A (Microsoft Corporation) A5EBB8F648000E88B7D9390B514976BF

C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll
[2012-10-10 13:32] - [2012-06-02 06:36] - 0140288 ____A (Microsoft Corporation) 96C0E38905CFD788313BE8E11DAE3F2F

C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\ipnathlp.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****



Rkill 2.4.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 10/13/2012 03:41:26 PM in x86 mode.
Windows Version: Windows 7 Ultimate Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\Users\Vidan\Downloads\FSS.exe (PID: 5276) [UP-HEUR]

1 proccess terminated!

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 10/13/2012 03:41:41 PM
Execution time: 0 hours(s), 0 minute(s), and 14 seconds(s)


Autoruns scan:

"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files\common files\adobe\arm\1.0\adobearm.exe"
+ "egui" "ESET GUI" "ESET" "c:\program files\eset\eset smart security\egui.exe"
+ "NBAgent" "Nero BackItUp" "Nero AG" "c:\program files\nero\nero 10\nero backitup\nbagent.exe"
+ "NUSB3MON" "USB 3.0 Monitor" "Renesas Electronics Corporation" "c:\program files\renesas electronics\usb 3.0 host controller driver\application\nusb3mon.exe"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files\common files\java\java update\jusched.exe"
+ "USB3MON" "Intel® USB 3.0 Monitor" "Intel Corporation" "c:\program files\intel\intel® usb 3.0 extensible host controller driver\apps\iusb3mon.exe"
+ "WinampAgent" "Winamp Agent" "Nullsoft, Inc." "c:\program files\winamp\winampa.exe"
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "Microsoft Office.lnk" "Microsoft Office 2000 component" "Microsoft Corporation" "c:\program files\microsoft office\office\osa9.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Advanced SystemCare 5" "Advanced SystemCare 5 Tray" "IObit" "c:\program files\iobit\advanced systemcare 5\asctray.exe"
+ "Google Update" "Google Installer" "Google Inc." "c:\users\vidan\appdata\local\google\update\googleupdate.exe"
+ "msnmsgr" "Windows Live Messenger" "Microsoft Corporation" "c:\program files\windows live\messenger\msnmsgr.exe"
+ "Optimizer Pro" "Fix, clean, optimize your PC!" "PC Utilities Pro" "c:\program files\optimizer pro\optprolauncher.exe"
+ "Sidebar" "Windows Desktop Gadgets" "Microsoft Corporation" "c:\program files\windows sidebar\sidebar.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office11\msoxmlmf.dll"
"HKLM\SOFTWARE\Classes\Protocols\Handler" "" "" ""
+ "livecall" "Windows Live Messenger Protocol Handler Module" "Microsoft Corporation" "c:\program files\windows live\messenger\msgrapp.dll"
+ "msnim" "Windows Live Messenger Protocol Handler Module" "Microsoft Corporation" "c:\program files\windows live\messenger\msgrapp.dll"
+ "mso-offdap" "Microsoft Office XP Web Components" "Microsoft Corporation" "c:\program files\common files\microsoft shared\web components\10\owc10.dll"
+ "mso-offdap11" "Microsoft Office Web Components 2003" "Microsoft Corporation" "c:\program files\common files\microsoft shared\web components\11\owc11.dll"
+ "skype-ie-addon-data" "Skype Click to Call for Internet Explorer" "Skype Technologies S.A." "c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll"
+ "skype4com" "Skype for COM API" "Skype Technologies" "c:\program files\common files\skype\skype4com.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "Advanced SystemCare" "ASCv5ExtMenu Module" "" "c:\program files\iobit\advanced systemcare 5\ascv5extmenu.dll"
+ "EditPlus 3" "" "" "c:\program files\total cma pack\tools\editplus\eppshell.dll"
+ "ESET Smart Security - Context Menu Shell Extension" "Shell Extension" "ESET" "c:\program files\eset\eset smart security\shellext.dll"
+ "NBShellHook Class" "Nero BackItUp" "Nero AG" "c:\program files\nero\nero 10\nero backitup\nbshell.dll"
+ "NeroShellExt Class" "Nero Burning ROM Shell Extension" "Nero AG" "c:\program files\common files\nero\neroshellext\neroshellext.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "Advanced SystemCare" "ASCv5ExtMenu Module" "" "c:\program files\iobit\advanced systemcare 5\ascv5extmenu.dll"
+ "NeroShellExt Class" "Nero Burning ROM Shell Extension" "Nero AG" "c:\program files\common files\nero\neroshellext\neroshellext.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
+ "NvCplDesktopContext" "" "NVIDIA Corporation" "c:\windows\system32\nvshext.dll"
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "ESET Smart Security - Context Menu Shell Extension" "Shell Extension" "ESET" "c:\program files\eset\eset smart security\shellext.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
+ "NBShellHook Class" "Nero BackItUp" "Nero AG" "c:\program files\nero\nero 10\nero backitup\nbshell.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "NBShellHook" "Nero BackItUp" "Nero AG" "c:\program files\nero\nero 10\nero backitup\nbshell.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files\java\jre7\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files\java\jre7\bin\ssv.dll"
+ "Skype Browser Helper" "Skype Click to Call for Internet Explorer" "Skype Technologies S.A." "c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
+ "Windows Live Messenger Companion Helper" "Windows Live Messenger Companion Core" "Microsoft Corporation" "c:\program files\windows live\companion\companioncore.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "Messenger Companion (Ctrl+Shift+C)" "Windows Live Messenger Companion Core" "Microsoft Corporation" "c:\program files\windows live\companion\companioncore.dll"
+ "Skype Click to Call" "Skype Click to Call for Internet Explorer" "Skype Technologies S.A." "c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll"
"Task Scheduler" "" "" ""
+ "\ASC5_PerformanceMonitor" "Advanced SystemCare Performance Monitor" "IObit" "c:\program files\iobit\advanced systemcare 5\pmonitor.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-2552033908-3731735987-925398801-1000Core" "Google Installer" "Google Inc." "c:\users\vidan\appdata\local\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-2552033908-3731735987-925398801-1000UA" "Google Installer" "Google Inc." "c:\users\vidan\appdata\local\google\update\googleupdate.exe"
+ "\Microsoft\Windows Defender\MP Scheduled Scan" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\windows defender\mpcmdrun.exe"
+ "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task" "Windows Live Social Object Extractor Engine" "Microsoft Corporation" "c:\program files\windows live\soxe\wlsoxe.dll"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
+ "\Scheduled Update for Ask Toolbar" "" "" "File not found: C:\Program Files\Ask.com\UpdateTask.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "ADExchange" "ArcSoft eservutil." "ArcSoft Inc." "c:\program files\common files\arcsoft\esinter\bin\eservutil.exe"
+ "AdobeARMservice" "Adobe Acrobat Updater keeps your Adobe software up to date." "Adobe Systems Incorporated" "c:\program files\common files\adobe\arm\1.0\armsvc.exe"
+ "AdvancedSystemCareService5" "Advanced SystemCare Service" "IObit" "c:\program files\iobit\advanced systemcare 5\ascservice.exe"
+ "EhttpSrv" "ESET HTTP Server" "ESET" "c:\program files\eset\eset smart security\ehttpsrv.exe"
+ "ekrn" "ESET Service" "ESET" "c:\program files\eset\eset smart security\ekrn.exe"
+ "MBAMScheduler" "Malwarebytes Anti-Malware scheduler" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamscheduler.exe"
+ "MBAMService" "Malwarebytes Anti-Malware service" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamservice.exe"
+ "MozillaMaintenance" "" "Mozilla Foundation" "c:\program files\mozilla maintenance service\maintenanceservice.exe"
+ "NAUpdate" "Provides access to Nero application updates and manages Nero applications." "Nero AG" "c:\program files\nero\update\nasvc.exe"
+ "nvsvc" "Provides system and desktop level support to the NVIDIA display driver" "NVIDIA Corporation" "c:\windows\system32\nvvsvc.exe"
+ "nvUpdatusService" "NVIDIA Settings Update Manager service, used to check new updates from NVIDIA server." "NVIDIA Corporation" "c:\program files\nvidia corporation\nvidia update core\daemonu.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files\common files\microsoft shared\source engine\ose.exe"
+ "PnkBstrA" "PunkBuster Service Component [v1036] http://www.evenbalance.com" "" "c:\windows\system32\pnkbstra.exe"
+ "SkypeUpdate" "Enables the detection, download and installation of updates for Skype." "Skype Technologies" "c:\program files\skype\updater\updater.exe"
+ "SpeechGridService" "Speech Grid Service maintains your installation of SpeechGrid to ensure it is always up to date." "SpeechGrid" "c:\program files\speechgrid\speechgridservice.exe"
+ "Steam Client Service" "Steam Client Service monitors and updates Steam content" "Valve Corporation" "c:\program files\common files\steam\steamservice.exe"
+ "Stereo Service" "Provides system support for NVIDIA Stereoscopic 3D driver" "NVIDIA Corporation" "c:\program files\nvidia corporation\3d vision\nvscpapisvr.exe"
+ "TeamViewer6" "TeamViewer Remote Software" "TeamViewer GmbH" "c:\program files\teamviewer\version6\teamviewer_service.exe"
+ "TeamViewer7" "TeamViewer Remote Software" "TeamViewer GmbH" "c:\program files\teamviewer\version7\teamviewer_service.exe"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "wlidsvc" "Enables Windows Live ID authentication." "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aic78xx" "Adaptec Ultra SCSI miniport" "Adaptec, Inc." "c:\windows\system32\drivers\djsvs.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows family" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbdx.sys"
+ "b57nd60x" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60x.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "eamon" "Eset file on-access scanner" "ESET" "c:\windows\system32\drivers\eamon.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbdx.sys"
+ "ehdrv" "Eset Helper driver" "ESET" "c:\windows\system32\drivers\ehdrv.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "epfw" "EPFW Filter Driver" "ESET" "c:\windows\system32\drivers\epfw.sys"
+ "Epfwndis" "ESET Personal Firewall NDIS filter" "ESET" "c:\windows\system32\drivers\epfwndis.sys"
+ "epfwwfp" "EPFW Filter Driver" "ESET" "c:\windows\system32\drivers\epfwwfp.sys"
+ "GGSAFERDriver" "GGSAFER Driver" "" "File not found: C:\Program Files\Garena\safedrv.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - ia32" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "iusb3hcs" "Intel® PCI Filter Driver for XHCI Switch" "Windows ® Win 7 DDK provider" "c:\windows\system32\drivers\iusb3hcs.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "ManyCam" "ManyCam Virtual Webcam" "ManyCam LLC" "c:\windows\system32\drivers\mcvidrv.sys"
+ "MBAMProtector" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\windows\system32\drivers\mbam.sys"
+ "mcaudrv_simple" "ManyCam Virtual Microphone" "ManyCam LLC" "c:\windows\system32\drivers\mcaudrv.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7 for x86" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "netr28u" "Ralink 802.11n Wireless Adapter Driver" "Ralink Technology Corp." "c:\windows\system32\drivers\netr28u.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "nusb3hub" "USB 3.0 Hub Driver" "Renesas Electronics Corporation" "c:\windows\system32\drivers\nusb3hub.sys"
+ "nusb3xhc" "USB 3.0 Host Controller Driver" "Renesas Electronics Corporation" "c:\windows\system32\drivers\nusb3xhc.sys"
+ "NVHDA" "NVIDIA HDMI Audio Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvhda32v.sys"
+ "nvlddmkm" "NVIDIA Windows Kernel Mode Driver, Version 301.42 " "NVIDIA Corporation" "c:\windows\system32\drivers\nvlddmkm.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "RTL8167" "Realtek 8101E/8168/8169 NDIS 6.20 32-bit Driver " "Realtek " "c:\windows\system32\drivers\rt86win7.sys"
+ "s116bus" "Sony Ericsson Device 116 Driver" "MCCI Corporation" "c:\windows\system32\drivers\s116bus.sys"
+ "s116mdfl" "Sony Ericsson Device 116 USB WMC Modem Filter" "MCCI Corporation" "c:\windows\system32\drivers\s116mdfl.sys"
+ "s116mdm" "Sony Ericsson Device 116 USB WMC Modem Driver" "MCCI Corporation" "c:\windows\system32\drivers\s116mdm.sys"
+ "s116mgmt" "Sony Ericsson Device 116 USB WMC Device Management Drivers (WDM)" "MCCI Corporation" "c:\windows\system32\drivers\s116mgmt.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "Serial" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\serial.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "Synth3dVsc" "" "" "File not found: System32\drivers\synth3dvsc.sys"
+ "tsusbhub" "@%SystemRoot%\system32\drivers\tsusbhub.sys,-2" "" "File not found: system32\drivers\tsusbhub.sys"
+ "VGPU" "" "" "File not found: System32\drivers\rdvgkmd.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
+ "VIDC.ACDV" "" "" "File not found: ACDV.dll"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\system32\iccvid.dll"
"HKLM\Software\Classes\Filter" "" "" ""
+ "Sony Amplitude Modulation" "Sony XFX 3 Plug-In Pack" "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfppack3.dll"
+ "Sony Amplitude Modulation" "Sony XFX 3 Plug-In Pack" "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfppack3.dll"
+ "Sony Chorus" "Sony XFX 1 Plug-In Pack " "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfppack1.dll"
+ "Sony Chorus" "Sony XFX 1 Plug-In Pack " "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfppack1.dll"
+ "Sony Distortion" "Sony XFX 3 Plug-In Pack" "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfppack3.dll"
+ "Sony Distortion" "Sony XFX 3 Plug-In Pack" "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfppack3.dll"
+ "Sony Dither" "Sony TrackFX 1" "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sftrkfx1.dll"
+ "Sony Dither" "Sony TrackFX 1" "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sftrkfx1.dll"
+ "Sony ExpressFX Amplitude Modulation" "Sony ExpressFX 2 " "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfxpfx2.dll"
+ "Sony ExpressFX Amplitude Modulation" "Sony ExpressFX 2 " "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfxpfx2.dll"
+ "Sony ExpressFX Audio Restoration" "Sony ExpressFX Audio Restoration" "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\xpvinyl.dll"
+ "Sony ExpressFX Audio Restoration" "Sony ExpressFX Audio Restoration" "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\xpvinyl.dll"
+ "Sony ExpressFX Chorus" "Sony ExpressFX 2 " "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfxpfx2.dll"
+ "Sony ExpressFX Chorus" "Sony ExpressFX 2 " "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfxpfx2.dll"
+ "Sony ExpressFX Delay" "Sony ExpressFX 2 " "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfxpfx2.dll"
+ "Sony ExpressFX Delay" "Sony ExpressFX 2 " "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfxpfx2.dll"
+ "Sony ExpressFX Distortion" "Sony ExpressFX 1" "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfxpfx1.dll"
+ "Sony ExpressFX Distortion" "Sony ExpressFX 1" "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfxpfx1.dll"
+ "Sony ExpressFX Dynamics" "Sony ExpressFX 3 " "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfxpfx3.dll"
+ "Sony ExpressFX Dynamics" "Sony ExpressFX 3 " "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfxpfx3.dll"
+ "Sony ExpressFX Equalization" "Sony ExpressFX 2 " "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfxpfx2.dll"
+ "Sony ExpressFX Equalization" "Sony ExpressFX 2 " "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfxpfx2.dll"
+ "Sony ExpressFX Flange/Wah-Wah" "Sony ExpressFX 1" "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfxpfx1.dll"
+ "Sony ExpressFX Flange/Wah-Wah" "Sony ExpressFX 1" "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfxpfx1.dll"
+ "Sony ExpressFX Graphic EQ" "Sony ExpressFX 3 " "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfxpfx3.dll"
+ "Sony ExpressFX Graphic EQ" "Sony ExpressFX 3 " "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfxpfx3.dll"
+ "Sony ExpressFX Noise Gate" "Sony ExpressFX 3 " "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfxpfx3.dll"
+ "Sony ExpressFX Noise Gate" "Sony ExpressFX 3 " "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfxpfx3.dll"
+ "Sony ExpressFX Reverb" "Sony ExpressFX 1" "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfxpfx1.dll"
+ "Sony ExpressFX Reverb" "Sony ExpressFX 1" "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfxpfx1.dll"
+ "Sony ExpressFX Stutter" "Sony ExpressFX 1" "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfxpfx1.dll"
+ "Sony ExpressFX Stutter" "Sony ExpressFX 1" "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfxpfx1.dll"
+ "Sony ExpressFX Time Stretch" "Sony ExpressFX 3 " "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfxpfx3.dll"
+ "Sony ExpressFX Time Stretch" "Sony ExpressFX 3 " "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfxpfx3.dll"
+ "Sony Flange/Wah-wah" "Sony XFX 3 Plug-In Pack" "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfppack3.dll"
+ "Sony Flange/Wah-wah" "Sony XFX 3 Plug-In Pack" "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfppack3.dll"
+ "Sony Gapper/Snipper" "Sony XFX 3 Plug-In Pack" "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfppack3.dll"
+ "Sony Gapper/Snipper" "Sony XFX 3 Plug-In Pack" "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfppack3.dll"
+ "Sony Graphic Dynamics" "Sony XFX 2 Plug-In Pack" "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfppack2.dll"
+ "Sony Graphic Dynamics" "Sony XFX 2 Plug-In Pack" "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfppack2.dll"
+ "Sony Graphic EQ" "Sony XFX 2 Plug-In Pack" "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfppack2.dll"
+ "Sony Graphic EQ" "Sony XFX 2 Plug-In Pack" "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfppack2.dll"
+ "Sony Multi-Band Dynamics" "Sony XFX 2 Plug-In Pack" "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfppack2.dll"
+ "Sony Multi-Band Dynamics" "Sony XFX 2 Plug-In Pack" "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfppack2.dll"
+ "Sony Multi-Tap Delay" "Sony XFX 1 Plug-In Pack " "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfppack1.dll"
+ "Sony Multi-Tap Delay" "Sony XFX 1 Plug-In Pack " "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfppack1.dll"
+ "Sony Noise Gate" "Sony XFX 2 Plug-In Pack" "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfppack2.dll"
+ "Sony Noise Gate" "Sony XFX 2 Plug-In Pack" "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfppack2.dll"
+ "Sony Pan" "Sound Forge Pro Pan and Volume 1" "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sffrgpnv.dll"
+ "Sony Pan" "Sound Forge Pro Pan and Volume 1" "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sffrgpnv.dll"
+ "Sony Paragraphic EQ" "Sony XFX 2 Plug-In Pack" "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfppack2.dll"
+ "Sony Paragraphic EQ" "Sony XFX 2 Plug-In Pack" "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfppack2.dll"
+ "Sony Parametric EQ" "Sony XFX 2 Plug-In Pack" "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfppack2.dll"
+ "Sony Parametric EQ" "Sony XFX 2 Plug-In Pack" "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfppack2.dll"
+ "Sony Pitch Shift" "Sony XFX 1 Plug-In Pack " "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfppack1.dll"
+ "Sony Pitch Shift" "Sony XFX 1 Plug-In Pack " "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfppack1.dll"
+ "Sony Resonant Filter" "Sony Resonant Filter" "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfresfilter.dll"
+ "Sony Resonant Filter" "Sony Resonant Filter" "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfresfilter.dll"
+ "Sony Reverb" "Sony XFX 1 Plug-In Pack " "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfppack1.dll"
+ "Sony Reverb" "Sony XFX 1 Plug-In Pack " "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfppack1.dll"
+ "Sony Simple Delay" "Sony XFX 1 Plug-In Pack " "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfppack1.dll"
+ "Sony Simple Delay" "Sony XFX 1 Plug-In Pack " "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfppack1.dll"
+ "Sony Smooth/Enhance" "Sony XFX 3 Plug-In Pack" "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfppack3.dll"
+ "Sony Smooth/Enhance" "Sony XFX 3 Plug-In Pack" "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfppack3.dll"
+ "Sony Time Stretch" "Sony XFX 1 Plug-In Pack " "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfppack1.dll"
+ "Sony Time Stretch" "Sony XFX 1 Plug-In Pack " "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfppack1.dll"
+ "Sony Track Compressor" "Sony TrackFX 1" "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sftrkfx1.dll"
+ "Sony Track Compressor" "Sony TrackFX 1" "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sftrkfx1.dll"
+ "Sony Track EQ" "Sony TrackFX 1" "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sftrkfx1.dll"
+ "Sony Track EQ" "Sony TrackFX 1" "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sftrkfx1.dll"
+ "Sony Track Noise Gate" "Sony TrackFX 1" "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sftrkfx1.dll"
+ "Sony Track Noise Gate" "Sony TrackFX 1" "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sftrkfx1.dll"
+ "Sony Vibrato" "Sony XFX 3 Plug-In Pack" "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfppack3.dll"
+ "Sony Vibrato" "Sony XFX 3 Plug-In Pack" "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfppack3.dll"
+ "Sony Volume" "Sound Forge Pro Pan and Volume 1" "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sffrgpnv.dll"
+ "Sony Volume" "Sound Forge Pro Pan and Volume 1" "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sffrgpnv.dll"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "ACDEncodeQT" "ACD QuickTime Encoder" "ACD Systems" "c:\program files\common files\acd systems\video\acdencodeqt.ax"
+ "CoreAAC Audio Decoder" "CoreAAC" "" "c:\windows\system32\coreaac.ax"
+ "DXVA Filter" "MPEG-1/2 Decoder Filter for DirectShow" "Gabest" "c:\program files\gretech\gomplayer\codecs\mpeg2decfilter.ax"
+ "Gretech AAC Source Filter" "" "" "c:\program files\gretech\gomplayer\gsfu.ax"
+ "Gretech ASF Source Filter" "" "" "c:\program files\gretech\gomplayer\gsfu.ax"
+ "Gretech AsfEx Source Filter" "" "" "c:\program files\gretech\gomplayer\gsfu.ax"
+ "Gretech Audio Filter" "" "" "c:\program files\gretech\gomplayer\gaf.ax"
+ "Gretech AVI Source Filter" "" "" "c:\program files\gretech\gomplayer\gsfu.ax"
+ "Gretech FLV Source Filter" "" "" "c:\program files\gretech\gomplayer\gsfu.ax"
+ "Gretech MKV Source Filter" "" "" "c:\program files\gretech\gomplayer\gsfu.ax"
+ "Gretech MP3 Source Filter" "" "" "c:\program files\gretech\gomplayer\gsfu.ax"
+ "Gretech MP4 Source Filter" "" "" "c:\program files\gretech\gomplayer\gsfu.ax"
+ "Gretech MPEG Source Filter" "" "" "c:\program files\gretech\gomplayer\gsfu.ax"
+ "Gretech MPEG Source Filter2" "" "" "c:\program files\gretech\gomplayer\gsfu.ax"
+ "Gretech Network(AVI) Filter" "" "" "c:\program files\gretech\gomplayer\gnf.ax"
+ "Gretech Network(FLV) Filter" "" "" "c:\program files\gretech\gomplayer\gnf.ax"
+ "Gretech Network(GOM) Filter" "" "" "c:\program files\gretech\gomplayer\gnf.ax"
+ "Gretech Network(MP4) Filter" "" "" "c:\program files\gretech\gomplayer\gnf.ax"
+ "Gretech Network(OGG) Filter" "" "" "c:\program files\gretech\gomplayer\gnf.ax"
+ "Gretech Network(SHOUTcast) Filter" "" "" "c:\program files\gretech\gomplayer\gnf.ax"
+ "Gretech OGG Source Filter" "" "" "c:\program files\gretech\gomplayer\gsfu.ax"
+ "Gretech OGG Source Filter2" "" "" "c:\program files\gretech\gomplayer\gsfu.ax"
+ "Gretech Video Filter" "" "" "c:\program files\gretech\gomplayer\gvf.ax"
+ "MainConcept MPEG Encoder" "MPEG Encoder and Muxer" "MainConcept AG" "c:\program files\acd systems\acdsee\12.0\mcesmpeg.ax"
+ "MPEG/AC3/DTS/LPCM Audio Decoder" "Mpeg Audio Decoder for DirectShow, based on libmad" "Gabest" "c:\program files\gretech\gomplayer\codecs\mpadecfilter.ax"
+ "Mpeg2Dec Filter" "MPEG-1/2 Decoder Filter for DirectShow" "Gabest" "c:\program files\gretech\gomplayer\codecs\mpeg2decfilter.ax"
+ "Sony Wave Hammer Surround" "Sony Wave Hammer 5.1" "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\mchammer.dll"
+ "WebM Muxer Filter" "WebM Multiplexer Filter" "Google" "c:\program files\manycam\bin\webmmux.dll"
+ "WebM Source Filter" "WebM Source Filter" "Google" "c:\program files\manycam\bin\webmsource.dll"
+ "WebM Splitter Filter" "Webm Splitter Filter" "Google" "c:\program files\manycam\bin\webmsplit.dll"
+ "WebM VP8 Decoder Filter" "WebM VP8 Decoder Filter" "Google" "c:\program files\manycam\bin\vp8decoder.dll"
+ "WebM VP8 Encoder Filter" "WebM VP8 Encoder Filter" "Google" "c:\program files\manycam\bin\vp8encoder.dll"
+ "Xiph.Org Vorbis Decoder" "" "" "c:\program files\manycam\bin\dsfvorbisdecoder.dll"
+ "Xiph.Org Vorbis Encoder" "" "" "c:\program files\manycam\bin\dsfvorbisencoder.dll"
+ "YUV Transform" "YUV-RGB Converter" "GDCL (http://www.gdcl.co.uk)" "c:\program files\manycam\bin\yuvxfm.dll"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" "" "" ""
+ "WLIDCredentialProvider" "Microsoft® Windows Live ID Credential Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
"C:\Users\Vidan\AppData\Local\Microsoft\Windows Sidebar\Settings.ini" "" "" ""
+ "Calendar" "Browse the days of the calendar." "Microsoft Corporation" "C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\Gadget.xml"
+ "CPU Meter" "See the current computer CPU and system memory (RAM)." "Microsoft Corporation" "C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\en-US\Gadget.xml"
+ "Weather" "See what the weather looks like around the world." "Microsoft Corporation" "C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\Gadget.xml"

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:07 AM

Posted 13 October 2012 - 08:46 AM

That looks good

Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

XP- http://support.microsoft.com/kb/310405

Vista & windows 7- http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing :)

#9 makavelian360

makavelian360
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:10:07 AM

Posted 13 October 2012 - 09:53 AM

Thank you so much. This helped a lot to my system security and my PC itself.

Thank you again for your time and patience :)

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:07 AM

Posted 13 October 2012 - 10:21 AM

You're welcome :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users