Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Another SearchOnMe Thread


  • Please log in to reply
15 replies to this topic

#1 SearchOnKILLYOURSELF

SearchOnKILLYOURSELF

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:05:10 AM

Posted 13 October 2012 - 09:02 AM

I've read through the other threads regarding this, however my issue seems different and I don't want to take any action without your advice.

Other threads of reference:
http://www.bleepingcomputer.com/forums/topic471095.html
http://www.bleepingcomputer.com/forums/topic471630.html

Unlike those two people, I only have an issue when I open up Chrome from my desktop (if I choose it from the start menu this doesn't happen, oddly). All that happens is that my Chrome's default homepage always ends up as SearchOnMe - other than that I have no issues with it whatsoever. However, with what I've been reading about it, I'd rather get rid of it.

I have TDSkiller, ADWcleaner, and SecurityCheck downloaded and am ready to post logs upon request.

Edited by SearchOnKILLYOURSELF, 13 October 2012 - 09:05 AM.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:10 AM

Posted 13 October 2012 - 09:16 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 SearchOnKILLYOURSELF

SearchOnKILLYOURSELF
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:05:10 AM

Posted 13 October 2012 - 09:22 AM

Getting them all ready - even though TDSSkiller didn't find anything would you still like me to post it?

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:10 AM

Posted 13 October 2012 - 09:22 AM

Yes :thumbup2:

#5 SearchOnKILLYOURSELF

SearchOnKILLYOURSELF
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:05:10 AM

Posted 13 October 2012 - 09:40 AM

I lost track of time so I gotta get to work now, but here's the results for all but ESET:

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-10-13 10:20:37
-----------------------------
10:20:37.655 OS Version: Windows x64 6.1.7601 Service Pack 1
10:20:37.655 Number of processors: 8 586 0x2A07
10:20:37.656 ComputerName: BEAUTY UserName: Mike
10:20:39.020 Initialize success
10:26:17.046 AVAST engine defs: 12101300
10:27:17.284 Disk 0 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
10:27:17.289 Disk 0 Vendor: ST9500423AS 0002SDM1 Size: 476940MB BusType: 11
10:27:17.294 Disk 1 (boot) \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP1T0L0-1
10:27:17.299 Disk 1 Vendor: ST9500423AS 0002SDM1 Size: 476940MB BusType: 11
10:27:17.350 Disk 1 MBR read successfully
10:27:17.357 Disk 1 MBR scan
10:27:17.368 Disk 1 unknown MBR code
10:27:17.375 Disk 1 Partition 1 00 07 HPFS/NTFS NTFS 128687 MB offset 2048
10:27:17.428 Disk 1 Partition - 00 05 Extended 109772 MB offset 263555070
10:27:17.451 Disk 1 Partition 2 00 07 HPFS/NTFS NTFS 238477 MB offset 488368128
10:27:17.501 Disk 1 Partition 3 00 83 Linux 101603 MB offset 263555072
10:27:17.507 Disk 1 Partition - 00 05 Extended 8169 MB offset 471638016
10:27:17.555 Disk 1 scanning C:\Windows\system32\drivers
10:27:32.701 Service scanning
10:28:03.173 Modules scanning
10:28:03.193 Disk 1 trace - called modules:
10:28:03.302 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
10:28:03.309 1 nt!IofCallDriver -> \Device\Harddisk1\DR1[0xfffffa800781b790]
10:28:03.316 3 CLASSPNP.SYS[fffff880019c543f] -> nt!IofCallDriver -> [0xfffffa800725b4e0]
10:28:03.326 5 ACPI.sys[fffff88000f637a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T0L0-1[0xfffffa800724b060]
10:28:04.064 AVAST engine scan C:\Windows
10:28:06.393 AVAST engine scan C:\Windows\system32
10:32:40.472 AVAST engine scan C:\Windows\system32\drivers
10:32:57.966 AVAST engine scan C:\Users\Mike
10:37:54.638 AVAST engine scan C:\ProgramData
10:39:23.373 Scan finished successfully
10:40:13.740 Disk 1 MBR has been saved successfully to "C:\Users\Mike\Desktop\MBR.dat"
10:40:13.750 The log file has been saved successfully to "C:\Users\Mike\Desktop\aswMBR.txt"




10:30:20.0518 1096 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
10:30:20.0782 1096 ============================================================
10:30:20.0782 1096 Current date / time: 2012/10/13 10:30:20.0782
10:30:20.0782 1096 SystemInfo:
10:30:20.0782 1096
10:30:20.0782 1096 OS Version: 6.1.7601 ServicePack: 1.0
10:30:20.0782 1096 Product type: Workstation
10:30:20.0783 1096 ComputerName: BEAUTY
10:30:20.0783 1096 UserName: Mike
10:30:20.0783 1096 Windows directory: C:\Windows
10:30:20.0783 1096 System windows directory: C:\Windows
10:30:20.0783 1096 Running under WOW64
10:30:20.0783 1096 Processor architecture: Intel x64
10:30:20.0783 1096 Number of processors: 8
10:30:20.0783 1096 Page size: 0x1000
10:30:20.0783 1096 Boot type: Normal boot
10:30:20.0783 1096 ============================================================
10:30:23.0890 1096 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:30:23.0921 1096 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:30:23.0932 1096 ============================================================
10:30:23.0932 1096 \Device\Harddisk0\DR0:
10:30:23.0933 1096 MBR partitions:
10:30:23.0933 1096 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x39390800
10:30:23.0933 1096 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x39391800, BlocksNum 0x32000
10:30:23.0933 1096 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x393C3800, BlocksNum 0xFC1800
10:30:23.0933 1096 \Device\Harddisk1\DR1:
10:30:23.0934 1096 MBR partitions:
10:30:23.0934 1096 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xFB57800
10:30:24.0001 1096 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x1D1BE800, BlocksNum 0x1D1C6800
10:30:24.0001 1096 ============================================================
10:30:24.0043 1096 C: <-> \Device\Harddisk1\DR1\Partition1
10:30:24.0060 1096 D: <-> \Device\Harddisk0\DR0\Partition1
10:30:24.0204 1096 G: <-> \Device\Harddisk1\DR1\Partition2
10:30:24.0245 1096 H: <-> \Device\Harddisk0\DR0\Partition3
10:30:24.0245 1096 ============================================================
10:30:24.0245 1096 Initialize success
10:30:24.0245 1096 ============================================================
10:30:32.0445 3824 ============================================================
10:30:32.0445 3824 Scan started
10:30:32.0445 3824 Mode: Manual; TDLFS;
10:30:32.0445 3824 ============================================================
10:30:34.0070 3824 ================ Scan system memory ========================
10:30:34.0070 3824 System memory - ok
10:30:34.0070 3824 ================ Scan services =============================
10:30:34.0526 3824 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
10:30:34.0529 3824 1394ohci - ok
10:30:34.0565 3824 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
10:30:34.0567 3824 ACPI - ok
10:30:34.0615 3824 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
10:30:34.0615 3824 AcpiPmi - ok
10:30:34.0714 3824 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
10:30:34.0715 3824 AdobeARMservice - ok
10:30:34.0986 3824 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
10:30:34.0988 3824 AdobeFlashPlayerUpdateSvc - ok
10:30:35.0080 3824 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
10:30:35.0083 3824 adp94xx - ok
10:30:35.0112 3824 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
10:30:35.0114 3824 adpahci - ok
10:30:35.0145 3824 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
10:30:35.0146 3824 adpu320 - ok
10:30:35.0174 3824 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
10:30:35.0175 3824 AeLookupSvc - ok
10:30:35.0260 3824 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
10:30:35.0262 3824 AFD - ok
10:30:35.0309 3824 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
10:30:35.0310 3824 agp440 - ok
10:30:35.0335 3824 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
10:30:35.0335 3824 ALG - ok
10:30:35.0361 3824 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
10:30:35.0362 3824 aliide - ok
10:30:35.0385 3824 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
10:30:35.0386 3824 amdide - ok
10:30:35.0406 3824 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
10:30:35.0406 3824 AmdK8 - ok
10:30:35.0410 3824 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
10:30:35.0410 3824 AmdPPM - ok
10:30:35.0438 3824 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
10:30:35.0439 3824 amdsata - ok
10:30:35.0477 3824 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
10:30:35.0478 3824 amdsbs - ok
10:30:35.0499 3824 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
10:30:35.0499 3824 amdxata - ok
10:30:35.0594 3824 [ 1C591C1A0CB8ABE215FF66F9A1D8E955 ] AMPPAL C:\Windows\system32\DRIVERS\AMPPAL.sys
10:30:35.0595 3824 AMPPAL - ok
10:30:35.0600 3824 [ 1C591C1A0CB8ABE215FF66F9A1D8E955 ] AMPPALP C:\Windows\system32\DRIVERS\amppal.sys
10:30:35.0601 3824 AMPPALP - ok
10:30:35.0705 3824 [ E1841818278F2A9D66F834451D608AEA ] AMPPALR3 C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
10:30:35.0708 3824 AMPPALR3 - ok
10:30:35.0757 3824 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
10:30:35.0757 3824 AppID - ok
10:30:35.0835 3824 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
10:30:35.0835 3824 AppIDSvc - ok
10:30:35.0913 3824 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
10:30:35.0914 3824 Appinfo - ok
10:30:35.0955 3824 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
10:30:35.0957 3824 AppMgmt - ok
10:30:35.0984 3824 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
10:30:35.0985 3824 arc - ok
10:30:36.0057 3824 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
10:30:36.0057 3824 arcsas - ok
10:30:36.0095 3824 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
10:30:36.0096 3824 AsyncMac - ok
10:30:36.0152 3824 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
10:30:36.0152 3824 atapi - ok
10:30:36.0227 3824 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:30:36.0231 3824 AudioEndpointBuilder - ok
10:30:36.0245 3824 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
10:30:36.0249 3824 AudioSrv - ok
10:30:36.0270 3824 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
10:30:36.0271 3824 AxInstSV - ok
10:30:36.0335 3824 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
10:30:36.0337 3824 b06bdrv - ok
10:30:36.0364 3824 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
10:30:36.0365 3824 b57nd60a - ok
10:30:36.0422 3824 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
10:30:36.0423 3824 BDESVC - ok
10:30:36.0461 3824 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
10:30:36.0461 3824 Beep - ok
10:30:36.0568 3824 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
10:30:36.0572 3824 BFE - ok
10:30:36.0700 3824 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
10:30:36.0709 3824 BITS - ok
10:30:36.0740 3824 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
10:30:36.0741 3824 blbdrive - ok
10:30:36.0810 3824 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
10:30:36.0810 3824 bowser - ok
10:30:36.0938 3824 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
10:30:36.0938 3824 BrFiltLo - ok
10:30:36.0941 3824 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
10:30:36.0941 3824 BrFiltUp - ok
10:30:36.0983 3824 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
10:30:36.0984 3824 Browser - ok
10:30:37.0054 3824 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
10:30:37.0055 3824 Brserid - ok
10:30:37.0059 3824 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
10:30:37.0060 3824 BrSerWdm - ok
10:30:37.0062 3824 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
10:30:37.0063 3824 BrUsbMdm - ok
10:30:37.0066 3824 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
10:30:37.0066 3824 BrUsbSer - ok
10:30:37.0070 3824 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
10:30:37.0070 3824 BTHMODEM - ok
10:30:37.0136 3824 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
10:30:37.0138 3824 bthserv - ok
10:30:37.0181 3824 [ 618AFD0072F4A672977484BFF6FE4FE2 ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
10:30:37.0182 3824 BTHSSecurityMgr - ok
10:30:37.0212 3824 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
10:30:37.0213 3824 cdfs - ok
10:30:37.0303 3824 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
10:30:37.0304 3824 cdrom - ok
10:30:37.0364 3824 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
10:30:37.0364 3824 CertPropSvc - ok
10:30:37.0423 3824 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
10:30:37.0423 3824 circlass - ok
10:30:37.0558 3824 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
10:30:37.0560 3824 CLFS - ok
10:30:37.0808 3824 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:30:37.0809 3824 clr_optimization_v2.0.50727_32 - ok
10:30:37.0894 3824 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:30:37.0896 3824 clr_optimization_v2.0.50727_64 - ok
10:30:38.0085 3824 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:30:38.0086 3824 clr_optimization_v4.0.30319_32 - ok
10:30:38.0171 3824 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:30:38.0172 3824 clr_optimization_v4.0.30319_64 - ok
10:30:38.0202 3824 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
10:30:38.0203 3824 CmBatt - ok
10:30:38.0246 3824 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
10:30:38.0246 3824 cmdide - ok
10:30:38.0296 3824 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
10:30:38.0298 3824 CNG - ok
10:30:38.0359 3824 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
10:30:38.0359 3824 Compbatt - ok
10:30:38.0396 3824 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
10:30:38.0397 3824 CompositeBus - ok
10:30:38.0413 3824 COMSysApp - ok
10:30:38.0433 3824 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
10:30:38.0433 3824 crcdisk - ok
10:30:38.0482 3824 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
10:30:38.0483 3824 CryptSvc - ok
10:30:38.0524 3824 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
10:30:38.0526 3824 CSC - ok
10:30:38.0561 3824 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
10:30:38.0565 3824 CscService - ok
10:30:38.0619 3824 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
10:30:38.0622 3824 DcomLaunch - ok
10:30:38.0664 3824 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
10:30:38.0666 3824 defragsvc - ok
10:30:38.0697 3824 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
10:30:38.0698 3824 DfsC - ok
10:30:38.0747 3824 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
10:30:38.0749 3824 Dhcp - ok
10:30:38.0770 3824 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
10:30:38.0770 3824 discache - ok
10:30:38.0818 3824 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
10:30:38.0819 3824 Disk - ok
10:30:38.0860 3824 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
10:30:38.0861 3824 Dnscache - ok
10:30:38.0921 3824 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
10:30:38.0923 3824 dot3svc - ok
10:30:38.0990 3824 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
10:30:38.0991 3824 DPS - ok
10:30:39.0044 3824 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
10:30:39.0045 3824 drmkaud - ok
10:30:39.0075 3824 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
10:30:39.0080 3824 DXGKrnl - ok
10:30:39.0093 3824 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
10:30:39.0094 3824 EapHost - ok
10:30:39.0198 3824 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
10:30:39.0214 3824 ebdrv - ok
10:30:39.0237 3824 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
10:30:39.0238 3824 EFS - ok
10:30:39.0303 3824 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
10:30:39.0306 3824 ehRecvr - ok
10:30:39.0324 3824 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
10:30:39.0325 3824 ehSched - ok
10:30:39.0368 3824 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
10:30:39.0370 3824 elxstor - ok
10:30:39.0400 3824 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
10:30:39.0400 3824 ErrDev - ok
10:30:39.0466 3824 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
10:30:39.0469 3824 EventSystem - ok
10:30:39.0611 3824 [ 64D25284A4E9D11CA0722AF3F30FD970 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
10:30:39.0615 3824 EvtEng - ok
10:30:39.0643 3824 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
10:30:39.0644 3824 exfat - ok
10:30:39.0672 3824 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
10:30:39.0673 3824 fastfat - ok
10:30:39.0859 3824 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
10:30:39.0868 3824 Fax - ok
10:30:39.0871 3824 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
10:30:39.0872 3824 fdc - ok
10:30:39.0911 3824 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
10:30:39.0912 3824 fdPHost - ok
10:30:39.0923 3824 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
10:30:39.0924 3824 FDResPub - ok
10:30:39.0931 3824 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
10:30:39.0932 3824 FileInfo - ok
10:30:39.0942 3824 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
10:30:39.0942 3824 Filetrace - ok
10:30:39.0951 3824 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
10:30:39.0951 3824 flpydisk - ok
10:30:39.0993 3824 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
10:30:39.0995 3824 FltMgr - ok
10:30:40.0033 3824 [ 7DE8A770487FC4B5E3A168AD97E1D370 ] FLxHCIc C:\Windows\system32\DRIVERS\FLxHCIc.sys
10:30:40.0034 3824 FLxHCIc - ok
10:30:40.0065 3824 [ 2D54A3319FC955029E4B371CDC088FF4 ] FLxHCIh C:\Windows\system32\DRIVERS\FLxHCIh.sys
10:30:40.0065 3824 FLxHCIh - ok
10:30:40.0193 3824 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
10:30:40.0199 3824 FontCache - ok
10:30:40.0251 3824 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:30:40.0252 3824 FontCache3.0.0.0 - ok
10:30:40.0278 3824 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
10:30:40.0279 3824 FsDepends - ok
10:30:40.0338 3824 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
10:30:40.0338 3824 Fs_Rec - ok
10:30:40.0372 3824 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
10:30:40.0373 3824 fvevol - ok
10:30:40.0395 3824 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
10:30:40.0396 3824 gagp30kx - ok
10:30:40.0635 3824 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
10:30:40.0648 3824 gpsvc - ok
10:30:40.0652 3824 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
10:30:40.0653 3824 hcw85cir - ok
10:30:40.0803 3824 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
10:30:40.0805 3824 HdAudAddService - ok
10:30:40.0845 3824 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
10:30:40.0846 3824 HDAudBus - ok
10:30:40.0867 3824 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
10:30:40.0868 3824 HidBatt - ok
10:30:40.0871 3824 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
10:30:40.0872 3824 HidBth - ok
10:30:40.0897 3824 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
10:30:40.0897 3824 HidIr - ok
10:30:40.0918 3824 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
10:30:40.0919 3824 hidserv - ok
10:30:40.0941 3824 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
10:30:40.0941 3824 HidUsb - ok
10:30:41.0006 3824 [ 82B2A78BCA8CA0B63BF09005783C6548 ] HiPatchService C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
10:30:41.0006 3824 HiPatchService - ok
10:30:41.0045 3824 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
10:30:41.0047 3824 hkmsvc - ok
10:30:41.0085 3824 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
10:30:41.0087 3824 HomeGroupListener - ok
10:30:41.0127 3824 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
10:30:41.0129 3824 HomeGroupProvider - ok
10:30:41.0171 3824 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
10:30:41.0171 3824 HpSAMD - ok
10:30:41.0232 3824 [ BBC89DA4065BDCE34257BE95B2F636EE ] HssDRV6 C:\Windows\system32\DRIVERS\hssdrv6.sys
10:30:41.0233 3824 HssDRV6 - ok
10:30:41.0361 3824 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
10:30:41.0365 3824 HTTP - ok
10:30:41.0404 3824 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
10:30:41.0405 3824 hwpolicy - ok
10:30:41.0445 3824 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
10:30:41.0446 3824 i8042prt - ok
10:30:41.0505 3824 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
10:30:41.0507 3824 iaStorV - ok
10:30:41.0634 3824 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:30:41.0638 3824 idsvc - ok
10:30:41.0661 3824 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
10:30:41.0662 3824 iirsp - ok
10:30:41.0693 3824 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
10:30:41.0698 3824 IKEEXT - ok
10:30:41.0737 3824 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
10:30:41.0738 3824 intelide - ok
10:30:41.0772 3824 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
10:30:41.0772 3824 intelppm - ok
10:30:41.0818 3824 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
10:30:41.0819 3824 IPBusEnum - ok
10:30:41.0880 3824 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:30:41.0881 3824 IpFilterDriver - ok
10:30:41.0994 3824 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
10:30:42.0002 3824 iphlpsvc - ok
10:30:42.0019 3824 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
10:30:42.0020 3824 IPMIDRV - ok
10:30:42.0034 3824 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
10:30:42.0035 3824 IPNAT - ok
10:30:42.0062 3824 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
10:30:42.0063 3824 IRENUM - ok
10:30:42.0109 3824 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
10:30:42.0109 3824 isapnp - ok
10:30:42.0192 3824 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
10:30:42.0193 3824 iScsiPrt - ok
10:30:42.0231 3824 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
10:30:42.0232 3824 kbdclass - ok
10:30:42.0263 3824 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
10:30:42.0263 3824 kbdhid - ok
10:30:42.0300 3824 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
10:30:42.0301 3824 KeyIso - ok
10:30:42.0326 3824 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
10:30:42.0327 3824 KSecDD - ok
10:30:42.0360 3824 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
10:30:42.0363 3824 KSecPkg - ok
10:30:42.0409 3824 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
10:30:42.0410 3824 ksthunk - ok
10:30:42.0442 3824 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
10:30:42.0445 3824 KtmRm - ok
10:30:42.0484 3824 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
10:30:42.0487 3824 LanmanServer - ok
10:30:42.0517 3824 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:30:42.0519 3824 LanmanWorkstation - ok
10:30:42.0551 3824 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
10:30:42.0552 3824 lltdio - ok
10:30:42.0597 3824 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
10:30:42.0599 3824 lltdsvc - ok
10:30:42.0637 3824 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
10:30:42.0638 3824 lmhosts - ok
10:30:42.0671 3824 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
10:30:42.0672 3824 LSI_FC - ok
10:30:42.0686 3824 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
10:30:42.0687 3824 LSI_SAS - ok
10:30:42.0697 3824 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
10:30:42.0698 3824 LSI_SAS2 - ok
10:30:42.0715 3824 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
10:30:42.0716 3824 LSI_SCSI - ok
10:30:42.0732 3824 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
10:30:42.0733 3824 luafv - ok
10:30:42.0932 3824 [ 3D1516114F5B1548864D043177F992A6 ] lxeaCATSCustConnectService C:\Windows\system32\spool\DRIVERS\x64\3\\lxeaserv.exe
10:30:42.0933 3824 lxeaCATSCustConnectService - ok
10:30:42.0978 3824 lxea_device - ok
10:30:43.0013 3824 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
10:30:43.0014 3824 Mcx2Svc - ok
10:30:43.0029 3824 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
10:30:43.0029 3824 megasas - ok
10:30:43.0090 3824 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
10:30:43.0091 3824 MegaSR - ok
10:30:43.0110 3824 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
10:30:43.0111 3824 MEIx64 - ok
10:30:43.0228 3824 Microsoft SharePoint Workspace Audit Service - ok
10:30:43.0258 3824 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
10:30:43.0259 3824 MMCSS - ok
10:30:43.0274 3824 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
10:30:43.0275 3824 Modem - ok
10:30:43.0291 3824 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
10:30:43.0291 3824 monitor - ok
10:30:43.0324 3824 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
10:30:43.0326 3824 mouclass - ok
10:30:43.0343 3824 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
10:30:43.0344 3824 mouhid - ok
10:30:43.0387 3824 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
10:30:43.0388 3824 mountmgr - ok
10:30:43.0484 3824 [ 05BF204EC0E82CC4A054DB189C8A3D84 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
10:30:43.0488 3824 MpFilter - ok
10:30:43.0513 3824 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
10:30:43.0516 3824 mpio - ok
10:30:43.0547 3824 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
10:30:43.0549 3824 mpsdrv - ok
10:30:43.0707 3824 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
10:30:43.0717 3824 MpsSvc - ok
10:30:43.0786 3824 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
10:30:43.0787 3824 MRxDAV - ok
10:30:43.0825 3824 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
10:30:43.0826 3824 mrxsmb - ok
10:30:43.0834 3824 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:30:43.0836 3824 mrxsmb10 - ok
10:30:43.0841 3824 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:30:43.0842 3824 mrxsmb20 - ok
10:30:43.0868 3824 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
10:30:43.0869 3824 msahci - ok
10:30:43.0907 3824 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
10:30:43.0908 3824 msdsm - ok
10:30:43.0940 3824 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
10:30:43.0941 3824 MSDTC - ok
10:30:44.0035 3824 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
10:30:44.0036 3824 Msfs - ok
10:30:44.0101 3824 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
10:30:44.0102 3824 mshidkmdf - ok
10:30:44.0119 3824 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
10:30:44.0120 3824 msisadrv - ok
10:30:44.0180 3824 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
10:30:44.0181 3824 MSiSCSI - ok
10:30:44.0184 3824 msiserver - ok
10:30:44.0222 3824 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
10:30:44.0223 3824 MSKSSRV - ok
10:30:44.0317 3824 [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe
10:30:44.0319 3824 MsMpSvc - ok
10:30:44.0334 3824 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
10:30:44.0335 3824 MSPCLOCK - ok
10:30:44.0404 3824 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
10:30:44.0405 3824 MSPQM - ok
10:30:44.0457 3824 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
10:30:44.0462 3824 MsRPC - ok
10:30:44.0498 3824 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
10:30:44.0500 3824 mssmbios - ok
10:30:44.0515 3824 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
10:30:44.0516 3824 MSTEE - ok
10:30:44.0593 3824 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
10:30:44.0593 3824 MTConfig - ok
10:30:44.0615 3824 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
10:30:44.0616 3824 Mup - ok
10:30:44.0919 3824 [ E3B58E3011B207C5289D11173B30E298 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
10:30:44.0924 3824 MyWiFiDHCPDNS - ok
10:30:45.0087 3824 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
10:30:45.0095 3824 napagent - ok
10:30:45.0125 3824 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
10:30:45.0130 3824 NativeWifiP - ok
10:30:45.0281 3824 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
10:30:45.0294 3824 NDIS - ok
10:30:45.0320 3824 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
10:30:45.0321 3824 NdisCap - ok
10:30:45.0445 3824 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
10:30:45.0446 3824 NdisTapi - ok
10:30:45.0515 3824 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
10:30:45.0516 3824 Ndisuio - ok
10:30:45.0614 3824 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
10:30:45.0617 3824 NdisWan - ok
10:30:45.0693 3824 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
10:30:45.0695 3824 NDProxy - ok
10:30:45.0723 3824 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
10:30:45.0724 3824 NetBIOS - ok
10:30:45.0853 3824 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
10:30:45.0855 3824 NetBT - ok
10:30:45.0940 3824 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
10:30:45.0943 3824 Netlogon - ok
10:30:46.0128 3824 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
10:30:46.0136 3824 Netman - ok
10:30:46.0177 3824 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
10:30:46.0183 3824 netprofm - ok
10:30:46.0254 3824 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
10:30:46.0257 3824 NetTcpPortSharing - ok
10:30:48.0717 3824 [ 47DC062656EA661FE9175DBACAD00E9D ] NETwNs64 C:\Windows\system32\DRIVERS\NETwNs64.sys
10:30:48.0770 3824 NETwNs64 - ok
10:30:48.0876 3824 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
10:30:48.0878 3824 nfrd960 - ok
10:30:48.0918 3824 [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
10:30:48.0919 3824 NisDrv - ok
10:30:49.0035 3824 [ 79E80B10FE8F6662E0C9162A68C43444 ] NisSrv C:\Program Files\Microsoft Security Client\NisSrv.exe
10:30:49.0037 3824 NisSrv - ok
10:30:49.0185 3824 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
10:30:49.0187 3824 NlaSvc - ok
10:30:49.0216 3824 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
10:30:49.0216 3824 Npfs - ok
10:30:49.0230 3824 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
10:30:49.0231 3824 nsi - ok
10:30:49.0297 3824 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
10:30:49.0298 3824 nsiproxy - ok
10:30:49.0380 3824 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
10:30:49.0388 3824 Ntfs - ok
10:30:49.0403 3824 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
10:30:49.0403 3824 Null - ok
10:30:49.0484 3824 [ 1F07B814C0BB5AABA703ABFF1F31F2E8 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
10:30:49.0485 3824 NVHDA - ok
10:30:50.0428 3824 [ BF7A24A71E1932200D864BC1CE15E596 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
10:30:50.0489 3824 nvlddmkm - ok
10:30:50.0574 3824 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
10:30:50.0575 3824 nvraid - ok
10:30:50.0610 3824 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
10:30:50.0612 3824 nvstor - ok
10:30:50.0670 3824 [ 43F91595049DE14C4B61D1E76436164F ] nvsvc C:\Windows\system32\nvvsvc.exe
10:30:50.0675 3824 nvsvc - ok
10:30:50.0991 3824 [ 322B69422836F97B76F4AA59B47507BA ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
10:30:51.0000 3824 nvUpdatusService - ok
10:30:51.0012 3824 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
10:30:51.0013 3824 nv_agp - ok
10:30:51.0037 3824 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
10:30:51.0038 3824 ohci1394 - ok
10:30:51.0113 3824 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:30:51.0114 3824 ose - ok
10:30:51.0694 3824 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
10:30:51.0717 3824 osppsvc - ok
10:30:51.0766 3824 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
10:30:51.0768 3824 p2pimsvc - ok
10:30:51.0810 3824 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
10:30:51.0813 3824 p2psvc - ok
10:30:51.0850 3824 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
10:30:51.0851 3824 Parport - ok
10:30:51.0872 3824 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
10:30:51.0872 3824 partmgr - ok
10:30:51.0894 3824 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
10:30:51.0896 3824 PcaSvc - ok
10:30:51.0984 3824 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
10:30:51.0986 3824 pci - ok
10:30:52.0021 3824 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
10:30:52.0022 3824 pciide - ok
10:30:52.0071 3824 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
10:30:52.0072 3824 pcmcia - ok
10:30:52.0116 3824 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
10:30:52.0116 3824 pcw - ok
10:30:52.0152 3824 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
10:30:52.0155 3824 PEAUTH - ok
10:30:52.0426 3824 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
10:30:52.0434 3824 PeerDistSvc - ok
10:30:52.0529 3824 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
10:30:52.0530 3824 PerfHost - ok
10:30:52.0747 3824 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
10:30:52.0754 3824 pla - ok
10:30:52.0845 3824 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
10:30:52.0848 3824 PlugPlay - ok
10:30:52.0883 3824 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
10:30:52.0884 3824 PNRPAutoReg - ok
10:30:52.0902 3824 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
10:30:52.0905 3824 PNRPsvc - ok
10:30:52.0990 3824 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
10:30:52.0993 3824 PolicyAgent - ok
10:30:53.0032 3824 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
10:30:53.0034 3824 Power - ok
10:30:53.0101 3824 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
10:30:53.0102 3824 PptpMiniport - ok
10:30:53.0131 3824 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
10:30:53.0131 3824 Processor - ok
10:30:53.0196 3824 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
10:30:53.0198 3824 ProfSvc - ok
10:30:53.0227 3824 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
10:30:53.0228 3824 ProtectedStorage - ok
10:30:53.0309 3824 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
10:30:53.0311 3824 Psched - ok
10:30:53.0590 3824 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
10:30:53.0598 3824 ql2300 - ok
10:30:53.0615 3824 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
10:30:53.0616 3824 ql40xx - ok
10:30:53.0684 3824 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
10:30:53.0686 3824 QWAVE - ok
10:30:53.0714 3824 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
10:30:53.0715 3824 QWAVEdrv - ok
10:30:53.0717 3824 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
10:30:53.0718 3824 RasAcd - ok
10:30:53.0824 3824 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
10:30:53.0824 3824 RasAgileVpn - ok
10:30:53.0838 3824 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
10:30:53.0839 3824 RasAuto - ok
10:30:53.0882 3824 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
10:30:53.0883 3824 Rasl2tp - ok
10:30:53.0934 3824 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
10:30:53.0937 3824 RasMan - ok
10:30:53.0949 3824 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
10:30:53.0950 3824 RasPppoe - ok
10:30:53.0967 3824 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
10:30:53.0968 3824 RasSstp - ok
10:30:54.0029 3824 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
10:30:54.0031 3824 rdbss - ok
10:30:54.0048 3824 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
10:30:54.0048 3824 rdpbus - ok
10:30:54.0101 3824 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
10:30:54.0101 3824 RDPCDD - ok
10:30:54.0153 3824 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
10:30:54.0154 3824 RDPDR - ok
10:30:54.0195 3824 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
10:30:54.0195 3824 RDPENCDD - ok
10:30:54.0205 3824 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
10:30:54.0205 3824 RDPREFMP - ok
10:30:54.0325 3824 [ 70CBA1A0C98600A2AA1863479B35CB90 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
10:30:54.0325 3824 RdpVideoMiniport - ok
10:30:54.0377 3824 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
10:30:54.0378 3824 RDPWD - ok
10:30:54.0434 3824 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
10:30:54.0435 3824 rdyboost - ok
10:30:54.0539 3824 [ F3AF2B43F35DBB3A0EB9FEEEC7D62217 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
10:30:54.0540 3824 RegSrvc - ok
10:30:54.0561 3824 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
10:30:54.0562 3824 RemoteAccess - ok
10:30:54.0601 3824 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
10:30:54.0602 3824 RemoteRegistry - ok
10:30:54.0672 3824 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
10:30:54.0673 3824 RpcEptMapper - ok
10:30:54.0695 3824 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
10:30:54.0696 3824 RpcLocator - ok
10:30:54.0767 3824 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
10:30:54.0771 3824 RpcSs - ok
10:30:54.0825 3824 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
10:30:54.0826 3824 rspndr - ok
10:30:54.0875 3824 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
10:30:54.0875 3824 s3cap - ok
10:30:54.0892 3824 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
10:30:54.0893 3824 SamSs - ok
10:30:54.0926 3824 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
10:30:54.0927 3824 sbp2port - ok
10:30:54.0989 3824 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
10:30:54.0991 3824 SCardSvr - ok
10:30:55.0074 3824 [ 6CE6F98EA3D07A9C2CE3CD0A5A86352D ] SCDEmu C:\Windows\system32\drivers\SCDEmu.sys
10:30:55.0075 3824 SCDEmu - ok
10:30:55.0114 3824 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
10:30:55.0115 3824 scfilter - ok
10:30:55.0316 3824 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
10:30:55.0322 3824 Schedule - ok
10:30:55.0348 3824 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
10:30:55.0349 3824 SCPolicySvc - ok
10:30:55.0422 3824 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
10:30:55.0424 3824 SDRSVC - ok
10:30:55.0498 3824 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
10:30:55.0498 3824 secdrv - ok
10:30:55.0544 3824 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
10:30:55.0546 3824 seclogon - ok
10:30:55.0588 3824 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
10:30:55.0589 3824 SENS - ok
10:30:55.0602 3824 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
10:30:55.0603 3824 SensrSvc - ok
10:30:55.0649 3824 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
10:30:55.0650 3824 Serenum - ok
10:30:55.0672 3824 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
10:30:55.0672 3824 Serial - ok
10:30:55.0694 3824 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
10:30:55.0694 3824 sermouse - ok
10:30:55.0740 3824 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
10:30:55.0742 3824 SessionEnv - ok
10:30:55.0779 3824 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
10:30:55.0780 3824 sffdisk - ok
10:30:55.0793 3824 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
10:30:55.0793 3824 sffp_mmc - ok
10:30:55.0805 3824 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
10:30:55.0805 3824 sffp_sd - ok
10:30:55.0826 3824 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
10:30:55.0826 3824 sfloppy - ok
10:30:55.0862 3824 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
10:30:55.0864 3824 SharedAccess - ok
10:30:55.0960 3824 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:30:55.0963 3824 ShellHWDetection - ok
10:30:56.0020 3824 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
10:30:56.0020 3824 SiSRaid2 - ok
10:30:56.0054 3824 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
10:30:56.0055 3824 SiSRaid4 - ok
10:30:56.0088 3824 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
10:30:56.0089 3824 Smb - ok
10:30:56.0137 3824 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
10:30:56.0138 3824 SNMPTRAP - ok
10:30:56.0167 3824 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
10:30:56.0168 3824 spldr - ok
10:30:56.0224 3824 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
10:30:56.0227 3824 Spooler - ok
10:30:56.0731 3824 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
10:30:56.0748 3824 sppsvc - ok
10:30:56.0784 3824 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
10:30:56.0785 3824 sppuinotify - ok
10:30:56.0846 3824 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
10:30:56.0848 3824 srv - ok
10:30:56.0864 3824 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
10:30:56.0866 3824 srv2 - ok
10:30:56.0881 3824 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
10:30:56.0882 3824 srvnet - ok
10:30:56.0941 3824 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
10:30:56.0943 3824 SSDPSRV - ok
10:30:56.0959 3824 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
10:30:56.0961 3824 SstpSvc - ok
10:30:57.0151 3824 [ A766CCAD980235FF34E7F8089D3175A3 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
10:30:57.0158 3824 Stereo Service - ok
10:30:57.0211 3824 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
10:30:57.0212 3824 stexstor - ok
10:30:57.0311 3824 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
10:30:57.0315 3824 stisvc - ok
10:30:57.0372 3824 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
10:30:57.0373 3824 storflt - ok
10:30:57.0386 3824 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
10:30:57.0387 3824 storvsc - ok
10:30:57.0416 3824 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
10:30:57.0416 3824 swenum - ok
10:30:57.0477 3824 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
10:30:57.0480 3824 swprv - ok
10:30:57.0490 3824 Synth3dVsc - ok
10:30:57.0587 3824 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
10:30:57.0596 3824 SysMain - ok
10:30:57.0625 3824 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:30:57.0627 3824 TabletInputService - ok
10:30:57.0675 3824 [ B70DF208E97536CA9F29289E609F5B16 ] taphss C:\Windows\system32\DRIVERS\taphss.sys
10:30:57.0675 3824 taphss - ok
10:30:57.0746 3824 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
10:30:57.0748 3824 TapiSrv - ok
10:30:57.0770 3824 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
10:30:57.0771 3824 TBS - ok
10:30:57.0985 3824 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
10:30:57.0999 3824 Tcpip - ok
10:30:58.0331 3824 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
10:30:58.0340 3824 TCPIP6 - ok
10:30:58.0397 3824 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
10:30:58.0398 3824 tcpipreg - ok
10:30:58.0431 3824 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
10:30:58.0431 3824 TDPIPE - ok
10:30:58.0467 3824 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
10:30:58.0467 3824 TDTCP - ok
10:30:58.0490 3824 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
10:30:58.0491 3824 tdx - ok
10:30:58.0502 3824 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
10:30:58.0503 3824 TermDD - ok
10:30:58.0727 3824 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
10:30:58.0733 3824 TermService - ok
10:30:58.0763 3824 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
10:30:58.0765 3824 Themes - ok
10:30:58.0781 3824 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
10:30:58.0785 3824 THREADORDER - ok
10:30:58.0832 3824 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
10:30:58.0836 3824 TrkWks - ok
10:30:58.0970 3824 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:30:58.0972 3824 TrustedInstaller - ok
10:30:59.0062 3824 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
10:30:59.0062 3824 tssecsrv - ok
10:30:59.0104 3824 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
10:30:59.0104 3824 TsUsbFlt - ok
10:30:59.0107 3824 tsusbhub - ok
10:30:59.0184 3824 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
10:30:59.0186 3824 tunnel - ok
10:30:59.0254 3824 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
10:30:59.0256 3824 uagp35 - ok
10:30:59.0324 3824 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
10:30:59.0328 3824 udfs - ok
10:30:59.0351 3824 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
10:30:59.0354 3824 UI0Detect - ok
10:30:59.0378 3824 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
10:30:59.0380 3824 uliagpkx - ok
10:30:59.0439 3824 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
10:30:59.0440 3824 umbus - ok
10:30:59.0485 3824 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
10:30:59.0485 3824 UmPass - ok
10:30:59.0575 3824 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
10:30:59.0578 3824 UmRdpService - ok
10:30:59.0732 3824 [ 8F387A1CC015A3F5020700C657A0FC85 ] UnsignedThemes C:\Windows\UnsignedThemesSvc.exe
10:30:59.0733 3824 UnsignedThemes - ok
10:30:59.0775 3824 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
10:30:59.0778 3824 upnphost - ok
10:30:59.0801 3824 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
10:30:59.0802 3824 usbccgp - ok
10:30:59.0828 3824 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
10:30:59.0829 3824 usbcir - ok
10:30:59.0863 3824 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
10:30:59.0863 3824 usbehci - ok
10:30:59.0919 3824 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
10:30:59.0921 3824 usbhub - ok
10:30:59.0928 3824 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
10:30:59.0929 3824 usbohci - ok
10:30:59.0948 3824 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
10:30:59.0949 3824 usbprint - ok
10:31:00.0004 3824 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
10:31:00.0004 3824 usbscan - ok
10:31:00.0015 3824 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:31:00.0016 3824 USBSTOR - ok
10:31:00.0030 3824 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
10:31:00.0031 3824 usbuhci - ok
10:31:00.0095 3824 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
10:31:00.0096 3824 usbvideo - ok
10:31:00.0185 3824 [ 297EE9C666FC8BB96A232DB0DDBA1E49 ] uxpatch C:\Windows\system32\drivers\uxpatch.sys
10:31:00.0186 3824 uxpatch - ok
10:31:00.0198 3824 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
10:31:00.0200 3824 UxSms - ok
10:31:00.0236 3824 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
10:31:00.0237 3824 VaultSvc - ok
10:31:00.0266 3824 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
10:31:00.0266 3824 vdrvroot - ok
10:31:00.0297 3824 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
10:31:00.0301 3824 vds - ok
10:31:00.0331 3824 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
10:31:00.0331 3824 vga - ok
10:31:00.0338 3824 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
10:31:00.0339 3824 VgaSave - ok
10:31:00.0351 3824 VGPU - ok
10:31:00.0368 3824 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
10:31:00.0369 3824 vhdmp - ok
10:31:00.0384 3824 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
10:31:00.0384 3824 viaide - ok
10:31:00.0450 3824 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
10:31:00.0451 3824 vmbus - ok
10:31:00.0466 3824 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
10:31:00.0466 3824 VMBusHID - ok
10:31:00.0480 3824 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
10:31:00.0480 3824 volmgr - ok
10:31:00.0535 3824 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
10:31:00.0537 3824 volmgrx - ok
10:31:00.0561 3824 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
10:31:00.0563 3824 volsnap - ok
10:31:00.0592 3824 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
10:31:00.0594 3824 vsmraid - ok
10:31:00.0633 3824 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
10:31:00.0642 3824 VSS - ok
10:31:00.0700 3824 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
10:31:00.0700 3824 vwifibus - ok
10:31:00.0733 3824 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
10:31:00.0734 3824 vwififlt - ok
10:31:00.0839 3824 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
10:31:00.0839 3824 vwifimp - ok
10:31:01.0003 3824 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
10:31:01.0006 3824 W32Time - ok
10:31:01.0027 3824 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
10:31:01.0028 3824 WacomPen - ok
10:31:01.0073 3824 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
10:31:01.0074 3824 WANARP - ok
10:31:01.0078 3824 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
10:31:01.0079 3824 Wanarpv6 - ok
10:31:01.0277 3824 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
10:31:01.0283 3824 WatAdminSvc - ok
10:31:01.0549 3824 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
10:31:01.0557 3824 wbengine - ok
10:31:01.0599 3824 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
10:31:01.0601 3824 WbioSrvc - ok
10:31:01.0656 3824 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
10:31:01.0659 3824 wcncsvc - ok
10:31:01.0670 3824 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:31:01.0672 3824 WcsPlugInService - ok
10:31:01.0684 3824 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
10:31:01.0685 3824 Wd - ok
10:31:01.0727 3824 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
10:31:01.0730 3824 Wdf01000 - ok
10:31:01.0738 3824 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
10:31:01.0740 3824 WdiServiceHost - ok
10:31:01.0743 3824 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
10:31:01.0745 3824 WdiSystemHost - ok
10:31:01.0768 3824 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
10:31:01.0771 3824 WebClient - ok
10:31:01.0784 3824 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
10:31:01.0786 3824 Wecsvc - ok
10:31:01.0797 3824 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
10:31:01.0799 3824 wercplsupport - ok
10:31:01.0827 3824 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
10:31:01.0828 3824 WerSvc - ok
10:31:01.0846 3824 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
10:31:01.0846 3824 WfpLwf - ok
10:31:01.0857 3824 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
10:31:01.0857 3824 WIMMount - ok
10:31:01.0867 3824 WinDefend - ok
10:31:01.0870 3824 WinHttpAutoProxySvc - ok
10:31:02.0024 3824 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
10:31:02.0026 3824 Winmgmt - ok
10:31:02.0189 3824 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
10:31:02.0200 3824 WinRM - ok
10:31:02.0237 3824 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
10:31:02.0242 3824 Wlansvc - ok
10:31:02.0265 3824 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
10:31:02.0266 3824 WmiAcpi - ok
10:31:02.0306 3824 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
10:31:02.0307 3824 wmiApSrv - ok
10:31:02.0359 3824 WMPNetworkSvc - ok
10:31:02.0382 3824 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
10:31:02.0383 3824 WPCSvc - ok
10:31:02.0433 3824 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
10:31:02.0435 3824 WPDBusEnum - ok
10:31:02.0468 3824 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
10:31:02.0469 3824 ws2ifsl - ok
10:31:02.0481 3824 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
10:31:02.0483 3824 wscsvc - ok
10:31:02.0486 3824 WSearch - ok
10:31:02.0619 3824 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
10:31:02.0631 3824 wuauserv - ok
10:31:02.0646 3824 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
10:31:02.0647 3824 WudfPf - ok
10:31:02.0707 3824 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
10:31:02.0708 3824 WUDFRd - ok
10:31:02.0733 3824 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
10:31:02.0734 3824 wudfsvc - ok
10:31:02.0800 3824 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
10:31:02.0802 3824 WwanSvc - ok
10:31:02.0884 3824 [ 74713CB32792F9C7632DAA7DA22CA974 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
10:31:02.0888 3824 ZeroConfigService - ok
10:31:02.0908 3824 ================ Scan global ===============================
10:31:02.0948 3824 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
10:31:02.0986 3824 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
10:31:02.0992 3824 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
10:31:03.0035 3824 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
10:31:03.0100 3824 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
10:31:03.0103 3824 [Global] - ok
10:31:03.0103 3824 ================ Scan MBR ==================================
10:31:03.0185 3824 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
10:31:03.0710 3824 \Device\Harddisk0\DR0 - ok
10:31:03.0720 3824 [ FF1761EF7140665743A6D636F95DFD81 ] \Device\Harddisk1\DR1
10:31:04.0033 3824 \Device\Harddisk1\DR1 - ok
10:31:04.0033 3824 ================ Scan VBR ==================================
10:31:04.0114 3824 [ 58102CA137844A937B55E14E192CB12A ] \Device\Harddisk0\DR0\Partition1
10:31:04.0115 3824 \Device\Harddisk0\DR0\Partition1 - ok
10:31:04.0118 3824 [ C80236E9B95C24F081BE7847DD25BDAE ] \Device\Harddisk0\DR0\Partition2
10:31:04.0119 3824 \Device\Harddisk0\DR0\Partition2 - ok
10:31:04.0149 3824 [ 10D836E9E7191DB3893235B4FBED2974 ] \Device\Harddisk0\DR0\Partition3
10:31:04.0151 3824 \Device\Harddisk0\DR0\Partition3 - ok
10:31:04.0164 3824 [ DFDE89A1AD974A4AC8A1E59FFE9686BE ] \Device\Harddisk1\DR1\Partition1
10:31:04.0166 3824 \Device\Harddisk1\DR1\Partition1 - ok
10:31:04.0182 3824 [ 1805FC4FC9AE12ABB9DB8809B8BED57D ] \Device\Harddisk1\DR1\Partition2
10:31:04.0190 3824 \Device\Harddisk1\DR1\Partition2 - ok
10:31:04.0190 3824 ============================================================
10:31:04.0190 3824 Scan finished
10:31:04.0190 3824 ============================================================
10:31:04.0198 0456 Detected object count: 0
10:31:04.0198 0456 Actual detected object count: 0

#6 SearchOnKILLYOURSELF

SearchOnKILLYOURSELF
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:05:10 AM

Posted 13 October 2012 - 09:16 PM

ESET found no threats, so I can't post a list here.

:s

#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:10 AM

Posted 13 October 2012 - 09:54 PM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.

#8 SearchOnKILLYOURSELF

SearchOnKILLYOURSELF
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:05:10 AM

Posted 14 October 2012 - 08:57 AM

For ADW I didn't use Delete since I'm still running JRT and don't want it to close. I can post JRT after work if it doesn't finish before I leave....

# AdwCleaner v2.004 - Logfile created 10/14/2012 at 09:55:05
# Updated 06/10/2012 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (64 bits)
# User : Mike - BEAUTY
# Boot Mode : Normal
# Running from : C:\Users\Mike\Desktop\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

Folder Found : C:\Program Files (x86)\Conduit

***** [Registry] *****

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3072253
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Found : HKU\S-1-5-21-551687664-901412642-1586971836-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Found : HKU\S-1-5-21-551687664-901412642-1586971836-1000\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Google Chrome v22.0.1229.94

File : C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [2469 octets] - [13/10/2012 09:49:00]
AdwCleaner[R2].txt - [2213 octets] - [14/10/2012 09:54:25]
AdwCleaner[R3].txt - [2154 octets] - [14/10/2012 09:55:05]

########## EOF - C:\AdwCleaner[R3].txt - [2214 octets] ##########

MiniToolBox by Farbar Version: 23-07-2012
Ran by Mike (administrator) on 14-10-2012 at 08:43:23
Microsoft Windows 7 Ultimate Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================



127.0.0.1 65.52.240.48
127.0.0.1 activation.cloud.techsmith.com

========================= IP Configuration: ================================

Intel® Centrino® Wireless-N 6150 = Wireless Network Connection (Connected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 3 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Beauty
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : hsd1.nh.comcast.net.

Wireless LAN adapter Wireless Network Connection 3:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter #2
Physical Address. . . . . . . . . : 40-25-C2-3D-30-35
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 40-25-C2-3D-30-35
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : hsd1.nh.comcast.net.
Description . . . . . . . . . . . : Intel® Centrino® Wireless-N 6150
Physical Address. . . . . . . . . : 40-25-C2-3D-30-34
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::2943:55b8:819e:7d4d%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.33.105(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Sunday, October 14, 2012 8:35:15 AM
Lease Expires . . . . . . . . . . : Monday, October 15, 2012 8:35:21 AM
Default Gateway . . . . . . . . . : 192.168.33.1
DHCP Server . . . . . . . . . . . : 192.168.33.1
DHCPv6 IAID . . . . . . . . . . . : 239084994
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-17-69-11-D5-40-25-C2-3D-30-34
DNS Servers . . . . . . . . . . . : 75.75.75.75
75.75.76.76
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Local Area Connection* 9:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:18c8:12ef:e7c1:b0f(Preferred)
Link-local IPv6 Address . . . . . : fe80::18c8:12ef:e7c1:b0f%14(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.hsd1.nh.comcast.net.:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : hsd1.nh.comcast.net.
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: cdns01.comcast.net
Address: 75.75.75.75

Name: google.com
Addresses: 2607:f8b0:4006:803::1001
74.125.226.226
74.125.226.229
74.125.226.227
74.125.226.238
74.125.226.231
74.125.226.224
74.125.226.228
74.125.226.225
74.125.226.233
74.125.226.230
74.125.226.232


Pinging google.com [173.194.43.38] with 32 bytes of data:
Reply from 173.194.43.38: bytes=32 time=17ms TTL=55
Reply from 173.194.43.38: bytes=32 time=18ms TTL=55

Ping statistics for 173.194.43.38:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 17ms, Maximum = 18ms, Average = 17ms
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 75.75.75.75

Name: yahoo.com
Addresses: 72.30.38.140
98.139.183.24
98.138.253.109


Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=64ms TTL=50
Reply from 98.138.253.109: bytes=32 time=69ms TTL=50

Ping statistics for 98.138.253.109:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 64ms, Maximum = 69ms, Average = 66ms
Server: cdns01.comcast.net
Address: 75.75.75.75

DNS request timed out.
timeout was 2 seconds.
Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
12...40 25 c2 3d 30 35 ......Microsoft Virtual WiFi Miniport Adapter #2
11...40 25 c2 3d 30 35 ......Microsoft Virtual WiFi Miniport Adapter
10...40 25 c2 3d 30 34 ......Intel® Centrino® Wireless-N 6150
1...........................Software Loopback Interface 1
14...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.33.1 192.168.33.105 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.33.0 255.255.255.0 On-link 192.168.33.105 281
192.168.33.105 255.255.255.255 On-link 192.168.33.105 281
192.168.33.255 255.255.255.255 On-link 192.168.33.105 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.33.105 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.33.105 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
14 58 ::/0 On-link
1 306 ::1/128 On-link
14 58 2001::/32 On-link
14 306 2001:0:4137:9e76:18c8:12ef:e7c1:b0f/128
On-link
10 281 fe80::/64 On-link
14 306 fe80::/64 On-link
14 306 fe80::18c8:12ef:e7c1:b0f/128
On-link
10 281 fe80::2943:55b8:819e:7d4d/128
On-link
1 306 ff00::/8 On-link
14 306 ff00::/8 On-link
10 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/14/2012 08:37:11 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/13/2012 08:12:39 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/13/2012 08:12:35 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/13/2012 08:12:35 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/13/2012 10:22:24 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/13/2012 10:22:20 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/13/2012 10:22:20 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/13/2012 10:17:51 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/13/2012 10:17:43 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/12/2012 07:13:52 PM) (Source: Application Hang) (User: )
Description: The program TribesAscend.exe version 1.0.1121.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1288

Start Time: 01cda8c72961679c

Termination Time: 152

Application Path: C:\Program Files (x86)\Hi-Rez Studios\HiRezGames\tribes\binaries\Win32\TribesAscend.exe

Report Id:


System errors:
=============
Error: (10/14/2012 08:35:14 AM) (Source: Service Control Manager) (User: )
Description: The lxeaCATSCustConnectService service failed to start due to the following error:
%%1053

Error: (10/14/2012 08:35:14 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the lxeaCATSCustConnectService service to connect.

Error: (10/13/2012 07:35:40 AM) (Source: Service Control Manager) (User: )
Description: The lxeaCATSCustConnectService service failed to start due to the following error:
%%1053

Error: (10/13/2012 07:35:40 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the lxeaCATSCustConnectService service to connect.

Error: (10/12/2012 05:02:19 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.137.1597.0

Update Source: %NT AUTHORITY59

Update Stage: 4.1.0522.00

Source Path: 4.1.0522.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\SYSTEM

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (10/12/2012 05:02:19 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.137.1597.0

Update Source: %NT AUTHORITY59

Update Stage: 4.1.0522.00

Source Path: 4.1.0522.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\SYSTEM

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (10/12/2012 03:02:58 PM) (Source: Service Control Manager) (User: )
Description: The lxeaCATSCustConnectService service failed to start due to the following error:
%%1053

Error: (10/12/2012 03:02:58 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the lxeaCATSCustConnectService service to connect.

Error: (10/12/2012 06:42:43 AM) (Source: Service Control Manager) (User: )
Description: The lxeaCATSCustConnectService service failed to start due to the following error:
%%1053

Error: (10/12/2012 06:42:43 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the lxeaCATSCustConnectService service to connect.


Microsoft Office Sessions:
=========================
Error: (10/14/2012 08:37:11 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\$Recycle.Bin\S-1-5-21-551687664-901412642-1586971836-1000\$R7XDNUN.exe

Error: (10/13/2012 08:12:39 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Mike\Desktop\esetsmartinstaller_enu.exe

Error: (10/13/2012 08:12:35 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Mike\Desktop\esetsmartinstaller_enu.exe

Error: (10/13/2012 08:12:35 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Mike\Desktop\esetsmartinstaller_enu.exe

Error: (10/13/2012 10:22:24 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Mike\Desktop\esetsmartinstaller_enu.exe

Error: (10/13/2012 10:22:20 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Mike\Desktop\esetsmartinstaller_enu.exe

Error: (10/13/2012 10:22:20 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Mike\Desktop\esetsmartinstaller_enu.exe

Error: (10/13/2012 10:17:51 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Mike\Desktop\esetsmartinstaller_enu.exe

Error: (10/13/2012 10:17:43 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Mike\Downloads\esetsmartinstaller_enu.exe

Error: (10/12/2012 07:13:52 PM) (Source: Application Hang)(User: )
Description: TribesAscend.exe1.0.1121.0128801cda8c72961679c152C:\Program Files (x86)\Hi-Rez Studios\HiRezGames\tribes\binaries\Win32\TribesAscend.exe


=========================== Installed Programs ============================

µTorrent (Version: 3.1.3)
ABBYY FineReader 6.0 Sprint (Version: 6.00.2146.41621)
Adobe Flash Player 11 ActiveX (Version: 11.4.402.287)
Adobe Flash Player 11 Plugin (Version: 11.4.402.287)
Adobe Reader X (10.1.4) (Version: 10.1.4)
Camtasia Studio 8 (Version: 8.0.0.878)
CCleaner Professional (Version: v3.19.1721)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dishonored
DivX Setup (Version: 2.6.1.9)
Fallout 3 (Version: 1.00.0000)
Fresco Logic USB3.0 Host Controller (Version: 3.0.119.1)
Google Chrome (Version: 22.0.1229.94)
Hi-Rez Studios Authenticate and Update Service (Version: 3.0.0.0)
Intel PROSet Wireless
Intel® PROSet/Wireless for Bluetooth® + High Speed (Version: 15.0.0.0083)
Intel® PROSet/Wireless WiFi Software (Version: 15.00.0000.0708)
Java 7 Update 7 (64-bit) (Version: 7.0.70)
Java 7 Update 7 (Version: 7.0.70)
Java Auto Updater (Version: 2.1.9.0)
Java SE Development Kit 7 Update 7 (64-bit) (Version: 1.7.0.70)
JavaFX 2.1.1 (Version: 2.1.1)
K-Lite Mega Codec Pack 8.8.0 (Version: 8.8.0)
Lexmark Printable Web (Version: 1.0.0.0)
Lexmark S300-S400 Series
Malwarebytes Anti-Malware version 1.65.0.1400 (Version: 1.65.0.1400)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Games for Windows - LIVE Redistributable (Version: 1.2.0241)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.4734.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.4734.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.4734.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.4734.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Security Client (Version: 4.1.0522.0)
Microsoft Security Essentials (Version: 4.1.522.0)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
NetBeans IDE 7.2 (Version: 7.2)
NVIDIA 3D Vision Driver 306.23 (Version: 306.23)
NVIDIA Control Panel 306.23 (Version: 306.23)
NVIDIA Graphics Driver 306.23 (Version: 306.23)
NVIDIA HD Audio Driver 1.3.18.0 (Version: 1.3.18.0)
NVIDIA Install Application (Version: 2.1002.85.551)
NVIDIA PhysX (Version: 9.12.0604)
NVIDIA PhysX System Software 9.12.0604 (Version: 9.12.0604)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.0623)
NVIDIA Update 1.10.8 (Version: 1.10.8)
NVIDIA Update Components (Version: 1.10.8)
PowerISO (Version: 4.7)
Sleeping Dogs version 1.4 (Version: 1.4)
sprotector 1.62
Tribes Ascend (Version: 1.0.1121.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553092)
UxStyle Core Beta (Version: 0.2.1.1)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
VLC media player 2.0.2 (Version: 2.0.2)
WinRAR 4.11 (64-bit) (Version: 4.11.0)

========================= Memory info: ===================================

Percentage of memory in use: 26%
Total physical RAM: 8169.16 MB
Available physical RAM: 5994.36 MB
Total Pagefile: 16336.52 MB
Available Pagefile: 13806.76 MB
Total Virtual: 4095.88 MB
Available Virtual: 3972.3 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:125.67 GB) (Free:51.46 GB) NTFS
2 Drive d: (450GB) (Fixed) (Total:457.78 GB) (Free:417.73 GB) NTFS
5 Drive g: (Other) (Fixed) (Total:232.89 GB) (Free:232.79 GB) NTFS
6 Drive h: (Little) (Fixed) (Total:7.88 GB) (Free:7.81 GB) NTFS

========================= Users: ========================================

User accounts for \\BEAUTY

Administrator Guest Mike
UpdatusUser

========================= Restore Points ==================================

04-10-2012 20:59:56 Windows Update
09-10-2012 02:13:06 Windows Update
09-10-2012 21:57:48 Windows Update
13-10-2012 23:47:09 Windows Update

**** End of log ****


Farbar Service Scanner Version: 07-10-2012
Ran by Mike (administrator) on 14-10-2012 at 08:45:53
Running from "C:\Users\Mike\Desktop"
Microsoft Windows 7 Ultimate Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll
[2012-10-09 17:55] - [2012-06-02 01:41] - 0184320 ____A (Microsoft Corporation) 9C01375BE382E834CC26D1B7EAF2C4FE

C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****


Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org

Database version: v2012.10.14.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Mike :: BEAUTY [administrator]

10/14/2012 8:41:03 AM
mbam-log-2012-10-14 (09-38-15).txt

Scan type: Full scan (C:\|D:\|E:\|F:\|G:\|H:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 340360
Time elapsed: 56 minute(s), 43 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Program Files (x86)\DAEMON Tools Pro\autoloader_dt_loader_0.4.exe (Trojan.Swisyn) -> No action taken.

(end)

#9 SearchOnKILLYOURSELF

SearchOnKILLYOURSELF
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:05:10 AM

Posted 14 October 2012 - 09:15 AM

Here's JRT...

Junkware Removal Tool (JRT) by Thisisu
Version: 1.5.6 (10.14.2012)
OS: Windows 7 Ultimate x64
Ran by Mike on Sun 10/14/2012 at 8:51:46.18
Blog: http://thisisudax.blogspot.com
**************************************************************




*** Services: 0 Detections



*** Registry Values:

Successfully deleted: [VALUE] hkey_current_user\software\microsoft\internet explorer\urlsearchhooks\\{687578b9-7132-4a7a-80e4-30ee31099e03}



*** Registry Keys:

Successfully deleted: [KEY] "hkey_current_user\software\appdatalow\software\smartbar"
Successfully deleted: [KEY] "hkey_current_user\software\softonic"
Successfully deleted: [KEY] "hkey_local_machine\software\conduit"
Successfully deleted: [KEY] hkey_classes_root\clsid\{3c471948-f874-49f5-b338-4f214a2ee0b1}
Successfully deleted: [KEY] hkey_current_user\software\microsoft\windows\currentversion\ext\stats\{f9e4a054-e9b1-4bc3-83a3-76a1ae736170}



*** Files: 0 Detections



*** Folders:

Successfully deleted: [FOLDER] "C:\ProgramData\installmate"
Successfully deleted: [FOLDER] "C:\ProgramData\premium"
Successfully deleted: [FOLDER] "C:\Users\Mike\appdata\local\conduit"
Successfully deleted: [FOLDER] "C:\Users\Mike\appdata\locallow\conduit"
Failed to delete: [FOLDER-LOCKED!] "C:\Program Files (x86)\conduit"



*** Event Viewer Logs - Cleared





**************************************************************
Scan was completed on Sun 10/14/2012 at 10:13:56.18
End of Report

#10 SearchOnKILLYOURSELF

SearchOnKILLYOURSELF
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:05:10 AM

Posted 14 October 2012 - 09:17 AM

Also I'm not sure if the SearchOnMe was doing that for IE before (probably though), but I just opened IE now and it's not there. If there's another version of that JRT program for Chrome that would be perfect.

Edited by SearchOnKILLYOURSELF, 14 October 2012 - 09:17 AM.


#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:10 AM

Posted 14 October 2012 - 09:30 AM

Can you try reinstalling google chrome and let me know if it works.

Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#12 SearchOnKILLYOURSELF

SearchOnKILLYOURSELF
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:05:10 AM

Posted 14 October 2012 - 06:28 PM

I read about it here and it is supposed to be undetected by scans and re-installing your browser doesn't work. It puts itself in my registry, which is why the JRT program was so effective for IE.

Rkill 2.4.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 10/14/2012 07:26:38 PM in x64 mode.
Windows Version: Windows 7 Ultimate Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Possibly Patched Files.

* C:\Windows\Explorer.EXE

Checking Registry for malware related settings:

* Explorer Policy Removed: NoActiveDesktopChanges [HKLM]

Backup Registry file created at:
C:\Users\Mike\Desktop\rkill\rkill-10-14-2012-07-26-45.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* C:\Windows\explorer.exe [NoSig]
+-> C:\Windows\SysWOW64\explorer.exe : 2,616,320 : 02/25/2011 00:30 AM : 8b88ebbb05a0e56b7dcc708498c02b3e [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe : 2,868,224 : 07/13/2009 09:39 PM : c235a51cb740e45ffa0ebfb9bafcda64 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe : 2,868,224 : 08/03/2009 09:17 AM : f170b4a061c9e026437b193b4d571799 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe : 2,870,272 : 10/31/2009 09:34 AM : 9aaaec8dac27aa17b053e6352ad233ae [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe : 2,870,272 : 02/26/2011 09:23 AM : 0862495e0c825893db75ef44faea8e93 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe : 2,868,224 : 08/03/2009 09:19 AM : 700073016dac1c3d2e7e2ce4223334b6 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe : 2,870,272 : 10/31/2009 09:38 AM : b8ec4bd49ce8f6fc457721bfc210b67f [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe : 2,870,784 : 02/26/2011 09:26 AM : e38899074d4951d31b4040e994dd7c8d [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe : 2,872,320 : 11/20/2010 09:24 AM : ac4c51eb24aa95b77f705ab159189e24 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe : 2,871,808 : 02/25/2011 09:19 AM : 332feab1435662fc6c672e25beb37be3 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe : 2,871,808 : 02/26/2011 09:14 AM : 3b69712041f3d63605529bd66dc00c48 [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe : 2,613,248 : 07/13/2009 09:14 PM : 15bc38a7492befe831966adb477cf76f [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe : 2,613,248 : 08/03/2009 09:35 AM : b95eeb0f4e5efbf1038a35b3351cf047 [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe : 2,614,272 : 10/31/2009 09:45 AM : 2626fc9755be22f805d3cfa0ce3ee727 [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe : 2,614,784 : 02/26/2011 09:33 AM : 2af58d15edc06ec6fdacce1f19482bbf [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe : 2,613,248 : 08/03/2009 09:49 AM : 9ff6c4c91a3711c0a3b18f87b08b518d [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe : 2,614,272 : 10/31/2009 09:00 AM : c76153c7eca00fa852bb0c193378f917 [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe : 2,614,784 : 02/26/2011 09:51 AM : 255cf508d7cfb10e0794d6ac93280bd8 [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe : 2,616,320 : 11/20/2010 09:17 AM : 40d777b7a95e00593eb1568c68514493 [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe : 2,616,320 : 02/25/2011 09:30 AM : 8b88ebbb05a0e56b7dcc708498c02b3e [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe : 2,616,320 : 02/26/2011 09:19 AM : 0fb9c74046656d1579a64660ad67b746 [Pos Repl]

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 65.52.240.48
127.0.0.1 activation.cloud.techsmith.com

Program finished at: 10/14/2012 07:27:23 PM
Execution time: 0 hours(s), 0 minute(s), and 45 seconds(s)


"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "EzPrint" "" "" "c:\program files (x86)\lexmark s300-s400 series\ezprint.exe"
+ "lxeamon.exe" "Printer Device Monitor" "" "c:\program files (x86)\lexmark s300-s400 series\lxeamon.exe"
+ "MSC" "Microsoft Security Client User Interface" "Microsoft Corporation" "c:\program files\microsoft security client\msseces.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe"
+ "BCSSync" "Microsoft Office 2010 component" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\bcssync.exe"
+ "DivXUpdate" "DivX Update" "" "c:\program files (x86)\divx\divx update\divxupdate.exe"
+ "FLxHCIm" "Fresco Logic" "Windows ® Win 7 DDK provider" "c:\program files\fresco logic inc\fresco logic usb3.0 host controller\host\flxhcim.exe"
+ "PWRISOVM.EXE" "PowerISO Virtual Drive Manager" "PowerISO Computing, Inc." "c:\program files (x86)\poweriso\pwrisovm.exe"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files (x86)\common files\java\java update\jusched.exe"
+ "WinampAgent" "" "" "File not found: C:\Program Files (x86)\Winamp\winampa.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce" "" "" ""
+ "Malwarebytes Anti-Malware" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamgui.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Google Update" "Google Installer" "Google Inc." "c:\users\mike\appdata\local\google\update\googleupdate.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office14\msoxmlmf.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks" "" "" ""
+ "Groove GFS Stub Execution Hook" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks" "" "" ""
+ "Groove GFS Stub Execution Hook" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll"
+ "PowerISO" "PowerISOShell DLL" "PowerISO Computing, Inc." "c:\program files (x86)\poweriso\pwrisosh.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "WinRAR32" "" "" "c:\program files\winrar\rarext32.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll"
+ "PowerISO" "PowerISOShell DLL" "PowerISO Computing, Inc." "c:\program files (x86)\poweriso\pwrisosh.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "WinRAR32" "" "" "c:\program files\winrar\rarext32.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "WinRAR32" "" "" "c:\program files\winrar\rarext32.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
+ "NvCplDesktopContext" "" "NVIDIA Corporation" "c:\windows\system32\nvshext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "PowerISO" "PowerISOShell DLL" "PowerISO Computing, Inc." "c:\program files (x86)\poweriso\pwrisosh.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "WinRAR32" "" "" "c:\program files\winrar\rarext32.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "WinRAR32" "" "" "c:\program files\winrar\rarext32.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2 (GFS Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 3 (GFS Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2 (GFS Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 3 (GFS Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Groove GFS Browser Helper" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Hotspot Shield Class" "" "" "File not found: C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files\java\jre7\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files\java\jre7\bin\ssv.dll"
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files\microsoft office\office14\urlredir.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "Groove GFS Browser Helper" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\java\jre7\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\java\jre7\bin\ssv.dll"
+ "Lexmark Printable Web" "" "" "c:\program files\lexmark printable web\bho.dll"
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\urlredir.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "OneNote Lin&ked Notes" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office14\onbttnielinkednotes.dll"
+ "Se&nd to OneNote" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office14\onbttnie.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "OneNote Lin&ked Notes" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\onbttnielinkednotes.dll"
+ "Se&nd to OneNote" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\onbttnie.dll"
"Task Scheduler" "" "" ""
+ "\Adobe Flash Player Updater" "Adobe® Flash® Player Update Service 11.4 r402" "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-551687664-901412642-1586971836-1000Core" "Google Installer" "Google Inc." "c:\users\mike\appdata\local\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-551687664-901412642-1586971836-1000UA" "Google Installer" "Google Inc." "c:\users\mike\appdata\local\google\update\googleupdate.exe"
+ "\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\microsoft security client\mpcmdrun.exe"
+ "\Microsoft\Microsoft Antimalware\MpIdleTask" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\microsoft security client\mpcmdrun.exe"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AdobeARMservice" "Adobe Acrobat Updater keeps your Adobe software up to date." "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe"
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "AMPPALR3" "Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter" "Intel Corporation" "c:\program files\intel\bluetoothhs\bthsamppalservice.exe"
+ "BTHSSecurityMgr" "Manages the 802.1x security between two Bluetooth® High Speed connections." "Intel® Corporation" "c:\program files\intel\bluetoothhs\bthssecuritymgr.exe"
+ "EvtEng" "Manages the event trace messages for all the Intel® PROSet/Wireless Software components." "Intel® Corporation" "c:\program files\intel\wifi\bin\evteng.exe"
+ "HiPatchService" "HiPatchService" "Hi-Rez Studios" "c:\program files (x86)\hi-rez studios\hipatchservice.exe"
+ "lxea_device" "Printer Communication System" " " "c:\windows\system32\lxeacoms.exe"
+ "lxeaCATSCustConnectService" "Lexmark Connect Service Executable" "Lexmark International, Inc." "c:\windows\system32\spool\drivers\x64\3\lxeaserv.exe"
+ "Microsoft SharePoint Workspace Audit Service" "Microsoft SharePoint Workspace" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\groove.exe"
+ "MsMpSvc" "Helps protect users from malware and other potentially unwanted software" "Microsoft Corporation" "c:\program files\microsoft security client\msmpeng.exe"
+ "MyWiFiDHCPDNS" "Wireless PAN DHCP and DNS Server" "" "c:\program files\intel\wifi\bin\pandhcpdns.exe"
+ "NisSrv" "Helps guard against intrusion attempts targeting known and newly discovered vulnerabilities in network protocols" "Microsoft Corporation" "c:\program files\microsoft security client\nissrv.exe"
+ "nvsvc" "Provides system and desktop level support to the NVIDIA display driver" "NVIDIA Corporation" "c:\windows\system32\nvvsvc.exe"
+ "nvUpdatusService" "NVIDIA Settings Update Manager service, used to check new updates from NVIDIA server." "NVIDIA Corporation" "c:\program files (x86)\nvidia corporation\nvidia update core\daemonu.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"
+ "osppsvc" "Office Software Protection Platform Service (unlocalized description)" "Microsoft Corporation" "c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe"
+ "RegSrvc" "Provides registry access to all Intel® PROSet/Wireless Software components" "Intel® Corporation" "c:\program files\common files\intel\wirelesscommon\regsrvc.exe"
+ "Stereo Service" "Provides system support for NVIDIA Stereoscopic 3D driver" "NVIDIA Corporation" "c:\program files (x86)\nvidia corporation\3d vision\nvscpapisvr.exe"
+ "UnsignedThemes" "Enables the use of unsigned themes." "The Within Network, LLC" "c:\windows\unsignedthemessvc.exe"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
+ "ZeroConfigService" "Manages the zero configuration service for all the Intel® PROSet/Wireless Software components." "Intel® Corporation" "c:\program files\intel\wifi\bin\zeroconfigservice.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "AMPPAL" "Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter" "Windows ® Win 7 DDK provider" "c:\windows\system32\drivers\amppal.sys"
+ "AMPPALP" "Intel® Centrino® Wireless Bluetooth® + High Speed Protocol" "Windows ® Win 7 DDK provider" "c:\windows\system32\drivers\amppal.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "FLxHCIc" "xHCI Bus Driver" "Fresco Logic" "c:\windows\system32\drivers\flxhcic.sys"
+ "FLxHCIh" "xHCI Hub Driver" "Fresco Logic" "c:\windows\system32\drivers\flxhcih.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "HssDRV6" "Hotspot Shield Routing Driver 6" "AnchorFree Inc." "c:\windows\system32\drivers\hssdrv6.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "MEIx64" "Intel® Management Engine Interface" "Intel Corporation" "c:\windows\system32\drivers\hecix64.sys"
+ "NETwNs64" "Intel® Wireless WiFi Link Driver" "Intel Corporation" "c:\windows\system32\drivers\netwns64.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "NVHDA" "NVIDIA HDMI Audio Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvhda64v.sys"
+ "nvlddmkm" "NVIDIA Windows Kernel Mode Driver, Version 306.23 " "NVIDIA Corporation" "c:\windows\system32\drivers\nvlddmkm.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "SCDEmu" "PowerISO Virtual Drive" "PowerISO Computing, Inc." "c:\windows\system32\drivers\scdemu.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "Synth3dVsc" "" "" "File not found: System32\drivers\synth3dvsc.sys"
+ "taphss" "TAP-Win32 Virtual Network Driver" "AnchorFree Inc" "c:\windows\system32\drivers\taphss.sys"
+ "tsusbhub" "@%SystemRoot%\system32\drivers\tsusbhub.sys,-2" "" "File not found: system32\drivers\tsusbhub.sys"
+ "uxpatch" "" "" "c:\windows\system32\drivers\uxpatch.sys"
+ "VGPU" "" "" "File not found: System32\drivers\rdvgkmd.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
+ "vidc.tsc2" "TechSmith Screen Codec 2" "TechSmith Corporation" "c:\windows\syswow64\tsc2_codec64.dll"
+ "vidc.tscc" "TechSmith Screen Capture Codec" "TechSmith Corporation" "c:\windows\syswow64\tsccvid64.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.ac3acm" "AC-3 ACM Codec" "fccHandler" "c:\windows\syswow64\ac3acm.acm"
+ "msacm.l3acm" "MPEG Audio Layer-3 Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codecp.acm"
+ "msacm.lameacm" "Lame MP3 codec engine" "http://www.mp3dev.org/" "c:\windows\syswow64\lameacm.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
+ "vidc.DIVX" "DivX" "DivX, Inc." "c:\windows\syswow64\divx.dll"
+ "VIDC.FFDS" "ffdshow VFW" "" "c:\windows\syswow64\ff_vfw.dll"
+ "vidc.tsc2" "TechSmith Screen Codec 2" "TechSmith Corporation" "c:\windows\syswow64\tsc2_codec32.dll"
+ "vidc.tscc" "TechSmith Screen Capture Codec" "TechSmith Corporation" "c:\windows\syswow64\tsccvid.dll"
+ "VIDC.XVID" "" "" "c:\windows\syswow64\xvidvfw.dll"
+ "vidc.yv12" "DivX" "DivX, Inc." "c:\windows\syswow64\divx.dll"
"HKLM\Software\Classes\Filter" "" "" ""
+ "iZotope Consumer Restoration" "iZotope Consumer Restoration" "iZotope, Inc." "c:\program files (x86)\common files\techsmith shared\izotope\izotope_consumerrestoration.dll"
+ "iZotope Vocal Enhancement" "iZotope Vocal Enhancement" "iZotope, Inc." "c:\program files (x86)\common files\techsmith shared\izotope\izotope_vocalenhancement.dll"
+ "LAME Audio Encoder" "LAME Audio Encoder" "" "c:\program files (x86)\techsmith\camtasia studio 8\lame_dshow.ax"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "AC3File" "" "" "c:\program files (x86)\k-lite codec pack\filters\ac3file.ax"
+ "DC-Bass Source" "DirectShow™ Audio Decoder" "http://www.dsp-worx.de" "c:\program files (x86)\k-lite codec pack\filters\dcbasssource.ax"
+ "DirectVobSub" "VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth" "MPC-HC Team" "c:\program files (x86)\k-lite codec pack\filters\vsfilter.dll"
+ "DirectVobSub (auto-loading version)" "VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth" "MPC-HC Team" "c:\program files (x86)\k-lite codec pack\filters\vsfilter.dll"
+ "DivX AAC Decoder" "AAC audio decoder filter" "DivX, Inc." "c:\program files (x86)\divx\divx plus directshow filters\daac.ax"
+ "DivX Decoder Filter" "DivX Decoder Filter" "DivX, Inc." "c:\program files (x86)\divx\divx codec\divxdec.ax"
+ "DivX Demux Filter" "DivX Plus DMF Navigator Filter" "DivX, Inc." "c:\program files (x86)\divx\divx plus directshow filters\directshowdemuxfilter.dll"
+ "DivX Demux Filter (Unrestricted Edition)" "DivX Plus DMF Navigator Filter" "DivX, Inc." "c:\program files (x86)\divx\divx plus directshow filters\directshowdemuxfilter.dll"
+ "DivX H.264 Decoder" "DivX H.264 Decoder Filter" "DivX, Inc." "c:\program files (x86)\divx\divx plus directshow filters\divxdech264.ax"
+ "ffdshow Audio Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\k-lite codec pack\ffdshow\ffdshow.ax"
+ "ffdshow Audio Processor" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\k-lite codec pack\ffdshow\ffdshow.ax"
+ "ffdshow DXVA Video Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\k-lite codec pack\ffdshow\ffdshow.ax"
+ "ffdshow raw video filter" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\k-lite codec pack\ffdshow\ffdshow.ax"
+ "ffdshow subtitles filter" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\k-lite codec pack\ffdshow\ffdshow.ax"
+ "ffdshow Video Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\k-lite codec pack\ffdshow\ffdshow.ax"
+ "File Source (Monkey Audio)" "" "" "c:\program files (x86)\k-lite codec pack\filters\monkeysource.ax"
+ "Haali Matroska Muxer" "Haali Media Splitter" "" "c:\program files (x86)\k-lite codec pack\filters\haali\splitter.ax"
+ "Haali Media Splitter" "Haali Media Splitter" "" "c:\program files (x86)\k-lite codec pack\filters\haali\splitter.ax"
+ "Haali Media Splitter (AR)" "Haali Media Splitter" "" "c:\program files (x86)\k-lite codec pack\filters\haali\splitter.ax"
+ "Haali Simple Media Splitter" "Haali Media Splitter" "" "c:\program files (x86)\k-lite codec pack\filters\haali\splitter.ax"
+ "Haali Video Renderer" "" "" "c:\program files (x86)\k-lite codec pack\filters\haali\dxr.dll"
+ "Haali Video Sink" "Haali Media Splitter" "" "c:\program files (x86)\k-lite codec pack\filters\haali\splitter.ax"
+ "LAME Audio Encoder" "LAME Audio Encoder" "" "c:\program files (x86)\techsmith\camtasia studio 8\lame_dshow.ax"
+ "LAV Audio Decoder" "LAV Audio Decoder - DirectShow Audio Decoder" "1f0.de - Hendrik Leppkes" "c:\program files (x86)\k-lite codec pack\filters\lav\lavaudio.ax"
+ "LAV Splitter" "LAV Splitter - DirectShow Media Splitter" "1f0.de - Hendrik Leppkes" "c:\program files (x86)\k-lite codec pack\filters\lav\lavsplitter.ax"
+ "LAV Splitter Source" "LAV Splitter - DirectShow Media Splitter" "1f0.de - Hendrik Leppkes" "c:\program files (x86)\k-lite codec pack\filters\lav\lavsplitter.ax"
+ "LAV Video Decoder" "LAV Video Decoder - DirectShow Video Decoder" "1f0.de - Hendrik Leppkes" "c:\program files (x86)\k-lite codec pack\filters\lav\lavvideo.ax"
+ "madFlac Decoder" "DirectShow FLAC Decoder" "www.madshi.net" "c:\program files (x86)\k-lite codec pack\filters\madflac.ax"
+ "madFlac Source" "DirectShow FLAC Decoder" "www.madshi.net" "c:\program files (x86)\k-lite codec pack\filters\madflac.ax"
+ "madVR" "madshi's D3D9 based video renderer" "madshi.net" "c:\program files (x86)\k-lite codec pack\filters\madvr\madvr.ax"
+ "RadLight OptimFROG DirectShow Filter" "RLOFRDec" "RadLight" "c:\program files (x86)\k-lite codec pack\filters\rlofrdec.ax"
+ "T" "VP7 Decompression Filter" "On2.com Inc." "c:\program files (x86)\k-lite codec pack\filters\vp7dec.ax"
+ "TechSmith Camera Adjust" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 8\camtasiafilters.dll"
+ "TechSmith File Source" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 8\camtasiafilters.dll"
+ "TechSmith Floating Point Wave Filter" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 8\camtasiafilters.dll"
+ "TechSmith Flv Key Frame Setter" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 8\camtasiafilters.dll"
+ "TechSmith Force Color32A" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 8\camtasiafilters.dll"
+ "TechSmith ForceColor 24" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 8\camtasiafilters.dll"
+ "TechSmith ForceColor 32" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 8\camtasiafilters.dll"
+ "TechSmith ForceColor 555" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 8\camtasiafilters.dll"
+ "TechSmith ForceColor 565" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 8\camtasiafilters.dll"
+ "TechSmith ForceColor 8" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 8\camtasiafilters.dll"
+ "TechSmith Frame Rate Tuner" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 8\camtasiafilters.dll"
+ "TechSmith Frame Skip Filter" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 8\camtasiafilters.dll"
+ "TechSmith Grabber Sample Filter" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 8\camtasiafilters.dll"
+ "TechSmith Image Source" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 8\camtasiafilters.dll"
+ "TechSmith Overlay" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 8\camtasiafilters.dll"
+ "TechSmith Perf Skip Filter" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 8\camtasiafilters.dll"
+ "TechSmith PushBitmap Source" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 8\camtasiafilters.dll"
+ "TechSmith PushBitmap Source" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 8\camtasiafilters.dll"
+ "TechSmith PushVMR Source" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 8\camtasiafilters.dll"
+ "Techsmith Quicktime MOV Source" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 8\camtasiafilters.dll"
+ "TechSmith Simple PIP" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 8\camtasiafilters.dll"
+ "TechSmith SimplePushBitmap Source" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 8\camtasiafilters.dll"
+ "TechSmith Sound Effects Filter" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 8\camtasiafilters.dll"
+ "TechSmith Splitter Filter" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 8\camtasiafilters.dll"
+ "Techsmith Structured Storage Writer" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 8\camtasiafilters.dll"
+ "TechSmith SWF Writer" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 8\camtasiafilters.dll"
+ "TechSmith Time Adjust" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 8\camtasiafilters.dll"
+ "TechSmith Title Source" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 8\camtasiafilters.dll"
+ "TechSmith Wave Buffer" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 8\camtasiafilters.dll"
+ "TechSmith Wave Dest" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 8\camtasiafilters.dll"
+ "TechSmith WMFSDK Writer" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 8\camtasiafilters.dll"
+ "TechSmith ZoomPIP Filter" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 8\camtasiafilters.dll"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Windows\Appinit_Dlls" "" "" ""
+ "c:\progra~2\sprote~1\sprote~1.dll" "" "" "c:\program files (x86)\sprotector\sprotector.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "LIDIL hpzlllhn" "LanguageMonitor" "Hewlett-Packard Company" "c:\windows\system32\hpzlllhn.dll"
+ "S300-S400 Series Port" "Printer Communication System" " " "c:\windows\system32\lxealmpm.dll"

#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:10 AM

Posted 15 October 2012 - 12:33 AM

Click on startmenu and type

cmd

Right click on it,select run as administrator and run this command

sfc /scanfile=c:\windows\explorer.exe

After scan finishes,restart the PC and post the new RKILL log

Export google chrome bookmarks

http://support.google.com/chrome/bin/answer.py?hl=en&answer=96816

Uninstall google chrome and checkmark Also delete browsing data option

Reinstall chrome and let me know if that helps

#14 SearchOnKILLYOURSELF

SearchOnKILLYOURSELF
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:05:10 AM

Posted 16 October 2012 - 08:11 PM

Still there. I feel as if Chrome is starting to slow down too, but perhaps that is just paranoia. :blink:

Rkill 2.4.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 10/16/2012 09:09:44 PM in x64 mode.
Windows Version: Windows 7 Ultimate Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 65.52.240.48
127.0.0.1 activation.cloud.techsmith.com

Program finished at: 10/16/2012 09:10:06 PM
Execution time: 0 hours(s), 0 minute(s), and 21 seconds(s)

#15 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:10 AM

Posted 16 October 2012 - 08:38 PM

Did you make sure to check mark this option?

Uninstall google chrome and checkmark Also delete browsing data option


Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users