Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Am I infected further?


  • Please log in to reply
6 replies to this topic

#1 Mortada

Mortada

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:09:22 AM

Posted 15 October 2012 - 02:33 AM

Hi guys,

I've recent went stupid and downloaded what I thought was a decent gaming addon (WoW) from a link posted in a youtube video. Trendmico had a OKAY to visit site in the search results (I hate TrendMicro to death, can't wait till subscription expires).

So, I've proceeded to to scan with malwarebytes trail version and the results are scary (screen shot below). I just want a PRO to help me diagnose my PC further to see if I'm infected further.

http://imageshack.us/f/99/91224035.png/

I really appreciate your help with this.

Mortada

BC AdBot (Login to Remove)

 


#2 Quote

Quote

  • Banned
  • 173 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:22 PM

Posted 15 October 2012 - 02:08 PM

Hello Mortada,

Can you pleas post the logfile of MBAM here? Only a screen won't help.

#3 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:22 AM

Posted 15 October 2012 - 02:25 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#4 Mortada

Mortada
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:09:22 AM

Posted 16 October 2012 - 12:28 AM

Hi,

thanks for the replies.

Log files:

TDSSKiller log:

16:56:00.0224 2124 TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
16:56:00.0833 2124 ============================================================
16:56:00.0833 2124 Current date / time: 2012/10/16 16:56:00.0833
16:56:00.0833 2124 SystemInfo:
16:56:00.0833 2124
16:56:00.0833 2124 OS Version: 6.1.7601 ServicePack: 1.0
16:56:00.0833 2124 Product type: Workstation
16:56:00.0833 2124 ComputerName: OEM-PC
16:56:00.0833 2124 UserName: OEM
16:56:00.0833 2124 Windows directory: C:\Windows
16:56:00.0833 2124 System windows directory: C:\Windows
16:56:00.0833 2124 Running under WOW64
16:56:00.0833 2124 Processor architecture: Intel x64
16:56:00.0833 2124 Number of processors: 8
16:56:00.0833 2124 Page size: 0x1000
16:56:00.0833 2124 Boot type: Normal boot
16:56:00.0833 2124 ============================================================
16:56:01.0176 2124 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0CADE00 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:56:01.0176 2124 ============================================================
16:56:01.0176 2124 \Device\Harddisk0\DR0:
16:56:01.0176 2124 MBR partitions:
16:56:01.0176 2124 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x74705982
16:56:01.0176 2124 ============================================================
16:56:01.0176 2124 C: <-> \Device\Harddisk0\DR0\Partition1
16:56:01.0176 2124 ============================================================
16:56:01.0176 2124 Initialize success
16:56:01.0176 2124 ============================================================
16:56:35.0894 1632 ============================================================
16:56:35.0894 1632 Scan started
16:56:35.0894 1632 Mode: Manual; TDLFS;
16:56:35.0894 1632 ============================================================
16:56:36.0331 1632 ================ Scan system memory ========================
16:56:36.0331 1632 System memory - ok
16:56:36.0331 1632 ================ Scan services =============================
16:56:39.0217 1632 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
16:56:39.0232 1632 1394ohci - ok
16:56:39.0264 1632 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
16:56:39.0264 1632 ACPI - ok
16:56:39.0279 1632 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
16:56:39.0279 1632 AcpiPmi - ok
16:56:39.0388 1632 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:56:39.0388 1632 AdobeFlashPlayerUpdateSvc - ok
16:56:39.0420 1632 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
16:56:39.0420 1632 adp94xx - ok
16:56:39.0451 1632 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
16:56:39.0466 1632 adpahci - ok
16:56:39.0482 1632 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
16:56:39.0482 1632 adpu320 - ok
16:56:39.0513 1632 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
16:56:39.0513 1632 AeLookupSvc - ok
16:56:39.0560 1632 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
16:56:39.0560 1632 AFD - ok
16:56:39.0591 1632 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
16:56:39.0591 1632 agp440 - ok
16:56:39.0622 1632 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
16:56:39.0622 1632 ALG - ok
16:56:39.0685 1632 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
16:56:39.0685 1632 aliide - ok
16:56:39.0841 1632 ALSysIO - ok
16:56:40.0090 1632 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
16:56:40.0090 1632 amdide - ok
16:56:40.0168 1632 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
16:56:40.0168 1632 AmdK8 - ok
16:56:40.0215 1632 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
16:56:40.0215 1632 AmdPPM - ok
16:56:40.0340 1632 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
16:56:40.0340 1632 amdsata - ok
16:56:40.0434 1632 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
16:56:40.0434 1632 amdsbs - ok
16:56:40.0434 1632 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
16:56:40.0434 1632 amdxata - ok
16:56:40.0761 1632 [ 1B7D1F0A0DFADBC797C16364792A7AA5 ] Amsp C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
16:56:40.0761 1632 Amsp - ok
16:56:40.0792 1632 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
16:56:41.0104 1632 AppID - ok
16:56:41.0120 1632 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
16:56:41.0120 1632 AppIDSvc - ok
16:56:41.0136 1632 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
16:56:41.0136 1632 Appinfo - ok
16:56:41.0198 1632 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:56:41.0198 1632 Apple Mobile Device - ok
16:56:41.0245 1632 [ 6BE11AD81D4527D299F0CB5F3731AABC ] AppleCharger C:\Windows\system32\DRIVERS\AppleCharger.sys
16:56:41.0245 1632 AppleCharger - ok
16:56:41.0307 1632 [ 95EF7247C50C7241FDAE39A9B3AFF4AE ] AppleChargerSrv C:\Windows\system32\AppleChargerSrv.exe
16:56:41.0323 1632 AppleChargerSrv - ok
16:56:41.0370 1632 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
16:56:41.0370 1632 arc - ok
16:56:41.0463 1632 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
16:56:41.0479 1632 arcsas - ok
16:56:41.0557 1632 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
16:56:41.0557 1632 AsyncMac - ok
16:56:41.0635 1632 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
16:56:41.0635 1632 atapi - ok
16:56:41.0760 1632 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:56:41.0775 1632 AudioEndpointBuilder - ok
16:56:41.0775 1632 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
16:56:41.0775 1632 AudioSrv - ok
16:56:41.0869 1632 [ DE24B2CA078FC6A7EAA53B1DFD3F61CF ] avgtp C:\Windows\system32\drivers\avgtpx64.sys
16:56:41.0884 1632 avgtp - ok
16:56:41.0962 1632 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
16:56:41.0978 1632 AxInstSV - ok
16:56:41.0994 1632 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
16:56:42.0009 1632 b06bdrv - ok
16:56:42.0040 1632 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
16:56:42.0040 1632 b57nd60a - ok
16:56:42.0056 1632 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
16:56:42.0056 1632 BDESVC - ok
16:56:42.0072 1632 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
16:56:42.0072 1632 Beep - ok
16:56:42.0103 1632 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
16:56:42.0103 1632 BFE - ok
16:56:42.0150 1632 [ 1B63F2B7CA6B5290CC124CDD07520BC9 ] BingDesktopUpdate C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
16:56:42.0150 1632 BingDesktopUpdate - ok
16:56:42.0181 1632 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
16:56:42.0181 1632 BITS - ok
16:56:42.0196 1632 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
16:56:42.0196 1632 blbdrive - ok
16:56:42.0228 1632 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
16:56:42.0228 1632 Bonjour Service - ok
16:56:42.0243 1632 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
16:56:42.0243 1632 bowser - ok
16:56:42.0259 1632 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
16:56:42.0259 1632 BrFiltLo - ok
16:56:42.0274 1632 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
16:56:42.0274 1632 BrFiltUp - ok
16:56:42.0306 1632 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
16:56:42.0306 1632 Browser - ok
16:56:42.0321 1632 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
16:56:42.0321 1632 Brserid - ok
16:56:42.0337 1632 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
16:56:42.0337 1632 BrSerWdm - ok
16:56:42.0352 1632 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
16:56:42.0352 1632 BrUsbMdm - ok
16:56:42.0368 1632 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
16:56:42.0368 1632 BrUsbSer - ok
16:56:42.0384 1632 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
16:56:42.0384 1632 BTHMODEM - ok
16:56:42.0430 1632 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
16:56:42.0430 1632 bthserv - ok
16:56:42.0462 1632 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
16:56:42.0462 1632 cdfs - ok
16:56:42.0477 1632 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
16:56:42.0493 1632 cdrom - ok
16:56:42.0555 1632 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
16:56:42.0555 1632 CertPropSvc - ok
16:56:42.0571 1632 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
16:56:42.0571 1632 circlass - ok
16:56:42.0602 1632 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
16:56:42.0602 1632 CLFS - ok
16:56:42.0742 1632 [ FE1C81A049E5C5D67C4AB7C31C899F6F ] CLKMSVC10_9EC60124 C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe
16:56:42.0742 1632 CLKMSVC10_9EC60124 - ok
16:56:42.0805 1632 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:56:42.0805 1632 clr_optimization_v2.0.50727_32 - ok
16:56:42.0836 1632 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:56:42.0836 1632 clr_optimization_v2.0.50727_64 - ok
16:56:42.0883 1632 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:56:42.0898 1632 clr_optimization_v4.0.30319_32 - ok
16:56:42.0930 1632 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:56:42.0930 1632 clr_optimization_v4.0.30319_64 - ok
16:56:42.0961 1632 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
16:56:42.0961 1632 CmBatt - ok
16:56:42.0976 1632 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
16:56:42.0976 1632 cmdide - ok
16:56:43.0039 1632 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
16:56:43.0054 1632 CNG - ok
16:56:43.0070 1632 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
16:56:43.0086 1632 Compbatt - ok
16:56:43.0101 1632 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
16:56:43.0117 1632 CompositeBus - ok
16:56:43.0132 1632 COMSysApp - ok
16:56:43.0351 1632 [ F08C6020E57F5E5BF2FD034DB10BEDFB ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
16:56:43.0366 1632 cphs - ok
16:56:43.0382 1632 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
16:56:43.0382 1632 crcdisk - ok
16:56:43.0413 1632 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
16:56:43.0413 1632 CryptSvc - ok
16:56:43.0476 1632 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
16:56:43.0476 1632 cvhsvc - ok
16:56:43.0507 1632 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
16:56:43.0522 1632 DcomLaunch - ok
16:56:43.0538 1632 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
16:56:43.0538 1632 defragsvc - ok
16:56:43.0569 1632 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
16:56:43.0569 1632 DfsC - ok
16:56:43.0585 1632 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
16:56:43.0585 1632 Dhcp - ok
16:56:43.0616 1632 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
16:56:43.0616 1632 discache - ok
16:56:43.0632 1632 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
16:56:43.0632 1632 Disk - ok
16:56:43.0663 1632 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
16:56:43.0663 1632 Dnscache - ok
16:56:43.0678 1632 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
16:56:43.0678 1632 dot3svc - ok
16:56:43.0710 1632 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
16:56:43.0710 1632 DPS - ok
16:56:43.0725 1632 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
16:56:43.0725 1632 drmkaud - ok
16:56:43.0741 1632 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
16:56:43.0756 1632 DXGKrnl - ok
16:56:43.0756 1632 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
16:56:43.0756 1632 EapHost - ok
16:56:43.0803 1632 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
16:56:43.0850 1632 ebdrv - ok
16:56:43.0881 1632 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
16:56:43.0881 1632 EFS - ok
16:56:44.0193 1632 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
16:56:44.0193 1632 ehRecvr - ok
16:56:44.0240 1632 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
16:56:44.0240 1632 ehSched - ok
16:56:44.0302 1632 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
16:56:44.0302 1632 elxstor - ok
16:56:44.0334 1632 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
16:56:44.0334 1632 ErrDev - ok
16:56:44.0365 1632 [ 3663291D0D26001A2BB67678AB61D14C ] EtronHub3 C:\Windows\system32\Drivers\EtronHub3.sys
16:56:44.0365 1632 EtronHub3 - ok
16:56:44.0380 1632 [ 744420D6C062C38F7361870F010D6D4B ] EtronXHCI C:\Windows\system32\Drivers\EtronXHCI.sys
16:56:44.0380 1632 EtronXHCI - ok
16:56:44.0474 1632 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
16:56:44.0474 1632 EventSystem - ok
16:56:44.0505 1632 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
16:56:44.0505 1632 exfat - ok
16:56:44.0521 1632 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
16:56:44.0521 1632 fastfat - ok
16:56:44.0552 1632 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
16:56:44.0552 1632 Fax - ok
16:56:44.0552 1632 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
16:56:44.0552 1632 fdc - ok
16:56:44.0568 1632 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
16:56:44.0568 1632 fdPHost - ok
16:56:44.0583 1632 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
16:56:44.0583 1632 FDResPub - ok
16:56:44.0583 1632 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
16:56:44.0599 1632 FileInfo - ok
16:56:44.0599 1632 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
16:56:44.0599 1632 Filetrace - ok
16:56:44.0614 1632 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
16:56:44.0614 1632 flpydisk - ok
16:56:44.0630 1632 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
16:56:44.0646 1632 FltMgr - ok
16:56:44.0677 1632 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
16:56:44.0677 1632 FontCache - ok
16:56:44.0724 1632 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:56:44.0724 1632 FontCache3.0.0.0 - ok
16:56:44.0755 1632 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
16:56:44.0755 1632 FsDepends - ok
16:56:44.0786 1632 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
16:56:44.0786 1632 Fs_Rec - ok
16:56:44.0880 1632 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
16:56:44.0880 1632 fvevol - ok
16:56:44.0926 1632 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
16:56:44.0926 1632 gagp30kx - ok
16:56:44.0942 1632 gdrv - ok
16:56:44.0958 1632 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:56:44.0958 1632 GEARAspiWDM - ok
16:56:44.0989 1632 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
16:56:44.0989 1632 gpsvc - ok
16:56:45.0036 1632 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:56:45.0036 1632 gupdate - ok
16:56:45.0036 1632 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:56:45.0036 1632 gupdatem - ok
16:56:45.0051 1632 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
16:56:45.0051 1632 hcw85cir - ok
16:56:45.0082 1632 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:56:45.0082 1632 HdAudAddService - ok
16:56:45.0145 1632 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
16:56:45.0145 1632 HDAudBus - ok
16:56:45.0160 1632 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
16:56:45.0160 1632 HidBatt - ok
16:56:45.0176 1632 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
16:56:45.0176 1632 HidBth - ok
16:56:45.0207 1632 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
16:56:45.0207 1632 HidIr - ok
16:56:45.0223 1632 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
16:56:45.0223 1632 hidserv - ok
16:56:45.0270 1632 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
16:56:45.0270 1632 HidUsb - ok
16:56:45.0316 1632 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
16:56:45.0316 1632 hkmsvc - ok
16:56:45.0379 1632 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:56:45.0394 1632 HomeGroupListener - ok
16:56:45.0426 1632 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:56:45.0441 1632 HomeGroupProvider - ok
16:56:45.0457 1632 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
16:56:45.0457 1632 HpSAMD - ok
16:56:45.0504 1632 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
16:56:45.0519 1632 HTTP - ok
16:56:45.0535 1632 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
16:56:45.0535 1632 hwpolicy - ok
16:56:45.0566 1632 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
16:56:45.0566 1632 i8042prt - ok
16:56:45.0597 1632 [ 26CF4275034214ECEDD8EC17B0A18A99 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
16:56:45.0597 1632 iaStor - ok
16:56:45.0660 1632 [ E79A8E33BD136D14BAE1FA20EB2EF124 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
16:56:45.0660 1632 IAStorDataMgrSvc - ok
16:56:45.0691 1632 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
16:56:45.0691 1632 iaStorV - ok
16:56:45.0738 1632 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:56:45.0753 1632 idsvc - ok
16:56:45.0956 1632 [ 371D7F91C0D2314EB984A4A6CBEABC92 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
16:56:46.0143 1632 igfx - ok
16:56:46.0159 1632 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
16:56:46.0159 1632 iirsp - ok
16:56:46.0252 1632 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
16:56:46.0252 1632 IKEEXT - ok
16:56:46.0330 1632 [ 2CC2F7C5990BB76767038F4B16D17A56 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
16:56:46.0362 1632 IntcAzAudAddService - ok
16:56:46.0393 1632 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
16:56:46.0393 1632 IntcDAud - ok
16:56:46.0408 1632 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
16:56:46.0424 1632 intelide - ok
16:56:46.0440 1632 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
16:56:46.0440 1632 intelppm - ok
16:56:46.0455 1632 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
16:56:46.0455 1632 IPBusEnum - ok
16:56:46.0486 1632 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:56:46.0486 1632 IpFilterDriver - ok
16:56:46.0533 1632 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
16:56:46.0533 1632 iphlpsvc - ok
16:56:46.0549 1632 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
16:56:46.0549 1632 IPMIDRV - ok
16:56:46.0564 1632 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
16:56:46.0564 1632 IPNAT - ok
16:56:46.0736 1632 [ A9AB99EE7D39725EAFEC82732D2B3271 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
16:56:46.0736 1632 iPod Service - ok
16:56:46.0767 1632 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
16:56:46.0767 1632 IRENUM - ok
16:56:46.0783 1632 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
16:56:46.0783 1632 isapnp - ok
16:56:46.0814 1632 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
16:56:46.0830 1632 iScsiPrt - ok
16:56:46.0830 1632 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
16:56:46.0830 1632 kbdclass - ok
16:56:46.0861 1632 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
16:56:46.0861 1632 kbdhid - ok
16:56:46.0892 1632 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
16:56:46.0892 1632 KeyIso - ok
16:56:46.0908 1632 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
16:56:46.0908 1632 KSecDD - ok
16:56:46.0939 1632 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
16:56:46.0939 1632 KSecPkg - ok
16:56:46.0939 1632 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
16:56:46.0939 1632 ksthunk - ok
16:56:46.0970 1632 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
16:56:46.0970 1632 KtmRm - ok
16:56:46.0986 1632 [ 033B4AED2C5519072C0D81E00804D003 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
16:56:46.0986 1632 L1C - ok
16:56:47.0017 1632 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
16:56:47.0017 1632 LanmanServer - ok
16:56:47.0032 1632 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:56:47.0048 1632 LanmanWorkstation - ok
16:56:47.0079 1632 [ 17203D81A68D9162DB9022A1FC601778 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
16:56:47.0095 1632 LightScribeService - ok
16:56:47.0126 1632 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
16:56:47.0126 1632 lltdio - ok
16:56:47.0142 1632 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
16:56:47.0142 1632 lltdsvc - ok
16:56:47.0157 1632 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
16:56:47.0173 1632 lmhosts - ok
16:56:47.0188 1632 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
16:56:47.0188 1632 LSI_FC - ok
16:56:47.0204 1632 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
16:56:47.0204 1632 LSI_SAS - ok
16:56:47.0220 1632 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
16:56:47.0220 1632 LSI_SAS2 - ok
16:56:47.0235 1632 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
16:56:47.0235 1632 LSI_SCSI - ok
16:56:47.0235 1632 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
16:56:47.0235 1632 luafv - ok
16:56:47.0298 1632 [ 22A7776C5D8EB5930EDF9C8DD0884259 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe
16:56:47.0298 1632 McComponentHostService - ok
16:56:47.0329 1632 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
16:56:47.0329 1632 Mcx2Svc - ok
16:56:47.0344 1632 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
16:56:47.0344 1632 megasas - ok
16:56:47.0360 1632 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
16:56:47.0360 1632 MegaSR - ok
16:56:47.0391 1632 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
16:56:47.0391 1632 MEIx64 - ok
16:56:47.0407 1632 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
16:56:47.0407 1632 MMCSS - ok
16:56:47.0422 1632 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
16:56:47.0422 1632 Modem - ok
16:56:47.0454 1632 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
16:56:47.0454 1632 monitor - ok
16:56:47.0469 1632 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
16:56:47.0469 1632 mouclass - ok
16:56:47.0469 1632 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
16:56:47.0469 1632 mouhid - ok
16:56:47.0500 1632 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
16:56:47.0500 1632 mountmgr - ok
16:56:47.0563 1632 [ 4D7F2682D29B92A6251B17957AA0B985 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:56:47.0563 1632 MozillaMaintenance - ok
16:56:47.0578 1632 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
16:56:47.0594 1632 mpio - ok
16:56:47.0610 1632 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
16:56:47.0610 1632 mpsdrv - ok
16:56:47.0625 1632 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
16:56:47.0641 1632 MpsSvc - ok
16:56:47.0656 1632 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
16:56:47.0656 1632 MRxDAV - ok
16:56:47.0688 1632 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
16:56:47.0688 1632 mrxsmb - ok
16:56:47.0703 1632 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:56:47.0719 1632 mrxsmb10 - ok
16:56:47.0719 1632 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:56:47.0734 1632 mrxsmb20 - ok
16:56:47.0734 1632 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
16:56:47.0734 1632 msahci - ok
16:56:47.0750 1632 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
16:56:47.0750 1632 msdsm - ok
16:56:47.0766 1632 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
16:56:47.0781 1632 MSDTC - ok
16:56:47.0781 1632 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
16:56:47.0781 1632 Msfs - ok
16:56:47.0797 1632 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
16:56:47.0797 1632 mshidkmdf - ok
16:56:47.0812 1632 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
16:56:47.0812 1632 msisadrv - ok
16:56:47.0828 1632 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
16:56:47.0844 1632 MSiSCSI - ok
16:56:47.0844 1632 msiserver - ok
16:56:47.0859 1632 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
16:56:47.0859 1632 MSKSSRV - ok
16:56:47.0859 1632 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
16:56:47.0859 1632 MSPCLOCK - ok
16:56:47.0875 1632 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
16:56:47.0875 1632 MSPQM - ok
16:56:47.0890 1632 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
16:56:47.0890 1632 MsRPC - ok
16:56:47.0906 1632 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
16:56:47.0906 1632 mssmbios - ok
16:56:47.0906 1632 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
16:56:47.0906 1632 MSTEE - ok
16:56:47.0922 1632 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
16:56:47.0922 1632 MTConfig - ok
16:56:47.0937 1632 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
16:56:47.0937 1632 Mup - ok
16:56:47.0968 1632 [ A986DC81534582FA478C286E8F57A877 ] mvs91xx C:\Windows\system32\DRIVERS\mvs91xx.sys
16:56:47.0968 1632 mvs91xx - ok
16:56:47.0984 1632 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
16:56:48.0000 1632 napagent - ok
16:56:48.0015 1632 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
16:56:48.0015 1632 NativeWifiP - ok
16:56:48.0046 1632 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
16:56:48.0046 1632 NDIS - ok
16:56:48.0062 1632 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
16:56:48.0062 1632 NdisCap - ok
16:56:48.0078 1632 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
16:56:48.0078 1632 NdisTapi - ok
16:56:48.0109 1632 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
16:56:48.0109 1632 Ndisuio - ok
16:56:48.0124 1632 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
16:56:48.0124 1632 NdisWan - ok
16:56:48.0140 1632 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
16:56:48.0140 1632 NDProxy - ok
16:56:48.0156 1632 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
16:56:48.0156 1632 NetBIOS - ok
16:56:48.0156 1632 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
16:56:48.0156 1632 NetBT - ok
16:56:48.0171 1632 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
16:56:48.0171 1632 Netlogon - ok
16:56:48.0202 1632 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
16:56:48.0202 1632 Netman - ok
16:56:48.0218 1632 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
16:56:48.0218 1632 netprofm - ok
16:56:48.0249 1632 [ D66596DB0A0739A89C25B590CE36D628 ] netr28x C:\Windows\system32\DRIVERS\netr28x.sys
16:56:48.0265 1632 netr28x - ok
16:56:48.0296 1632 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:56:48.0296 1632 NetTcpPortSharing - ok
16:56:48.0327 1632 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
16:56:48.0327 1632 nfrd960 - ok
16:56:48.0343 1632 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
16:56:48.0343 1632 NlaSvc - ok
16:56:48.0358 1632 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
16:56:48.0358 1632 Npfs - ok
16:56:48.0358 1632 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
16:56:48.0358 1632 nsi - ok
16:56:48.0358 1632 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
16:56:48.0358 1632 nsiproxy - ok
16:56:48.0405 1632 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
16:56:48.0421 1632 Ntfs - ok
16:56:48.0436 1632 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
16:56:48.0436 1632 Null - ok
16:56:48.0468 1632 [ A85B4F2EF3A7304A5399EF0526423040 ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x64.sys
16:56:48.0468 1632 NVENETFD - ok
16:56:48.0499 1632 [ 1F07B814C0BB5AABA703ABFF1F31F2E8 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
16:56:48.0499 1632 NVHDA - ok
16:56:48.0686 1632 [ 5104BAC2DA2A5BDD86AC6B0708B00F06 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
16:56:48.0717 1632 nvlddmkm - ok
16:56:48.0748 1632 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
16:56:48.0748 1632 nvraid - ok
16:56:48.0780 1632 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
16:56:48.0780 1632 nvstor - ok
16:56:48.0842 1632 [ DDFAFCE89A5C93D04712B86F94E9FCBA ] NVSvc C:\Windows\system32\nvvsvc.exe
16:56:48.0842 1632 NVSvc - ok
16:56:48.0904 1632 [ 84E035225474E48CD3A6A3CE52332095 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
16:56:48.0904 1632 nvUpdatusService - ok
16:56:48.0920 1632 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
16:56:48.0920 1632 nv_agp - ok
16:56:48.0936 1632 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
16:56:48.0936 1632 ohci1394 - ok
16:56:48.0967 1632 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:56:48.0967 1632 ose - ok
16:56:49.0154 1632 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:56:49.0185 1632 osppsvc - ok
16:56:49.0216 1632 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
16:56:49.0216 1632 p2pimsvc - ok
16:56:49.0232 1632 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
16:56:49.0248 1632 p2psvc - ok
16:56:49.0263 1632 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
16:56:49.0263 1632 Parport - ok
16:56:49.0279 1632 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
16:56:49.0279 1632 partmgr - ok
16:56:49.0294 1632 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
16:56:49.0310 1632 PcaSvc - ok
16:56:49.0326 1632 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
16:56:49.0326 1632 pci - ok
16:56:49.0341 1632 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
16:56:49.0341 1632 pciide - ok
16:56:49.0372 1632 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
16:56:49.0372 1632 pcmcia - ok
16:56:49.0388 1632 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
16:56:49.0388 1632 pcw - ok
16:56:49.0419 1632 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
16:56:49.0419 1632 PEAUTH - ok
16:56:49.0513 1632 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
16:56:49.0513 1632 PerfHost - ok
16:56:49.0575 1632 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
16:56:49.0591 1632 pla - ok
16:56:49.0622 1632 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
16:56:49.0638 1632 PlugPlay - ok
16:56:49.0669 1632 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
16:56:49.0669 1632 PNRPAutoReg - ok
16:56:49.0669 1632 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
16:56:49.0684 1632 PNRPsvc - ok
16:56:49.0700 1632 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
16:56:49.0700 1632 PolicyAgent - ok
16:56:49.0747 1632 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
16:56:49.0747 1632 Power - ok
16:56:49.0762 1632 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
16:56:49.0778 1632 PptpMiniport - ok
16:56:49.0778 1632 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
16:56:49.0778 1632 Processor - ok
16:56:49.0809 1632 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
16:56:49.0809 1632 ProfSvc - ok
16:56:49.0809 1632 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
16:56:49.0809 1632 ProtectedStorage - ok
16:56:49.0825 1632 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
16:56:49.0825 1632 Psched - ok
16:56:49.0872 1632 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
16:56:49.0903 1632 ql2300 - ok
16:56:49.0918 1632 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
16:56:49.0918 1632 ql40xx - ok
16:56:49.0934 1632 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
16:56:49.0934 1632 QWAVE - ok
16:56:49.0950 1632 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
16:56:49.0965 1632 QWAVEdrv - ok
16:56:49.0965 1632 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
16:56:49.0965 1632 RasAcd - ok
16:56:49.0981 1632 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
16:56:49.0981 1632 RasAgileVpn - ok
16:56:49.0996 1632 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
16:56:49.0996 1632 RasAuto - ok
16:56:50.0028 1632 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
16:56:50.0028 1632 Rasl2tp - ok
16:56:50.0059 1632 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
16:56:50.0074 1632 RasMan - ok
16:56:50.0090 1632 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
16:56:50.0090 1632 RasPppoe - ok
16:56:50.0106 1632 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
16:56:50.0106 1632 RasSstp - ok
16:56:50.0121 1632 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
16:56:50.0137 1632 rdbss - ok
16:56:50.0137 1632 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
16:56:50.0137 1632 rdpbus - ok
16:56:50.0168 1632 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
16:56:50.0168 1632 RDPCDD - ok
16:56:50.0168 1632 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
16:56:50.0168 1632 RDPENCDD - ok
16:56:50.0168 1632 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
16:56:50.0168 1632 RDPREFMP - ok
16:56:50.0199 1632 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
16:56:50.0199 1632 RDPWD - ok
16:56:50.0215 1632 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
16:56:50.0215 1632 rdyboost - ok
16:56:50.0230 1632 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
16:56:50.0246 1632 RemoteAccess - ok
16:56:50.0246 1632 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
16:56:50.0246 1632 RemoteRegistry - ok
16:56:50.0262 1632 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
16:56:50.0277 1632 RpcEptMapper - ok
16:56:50.0293 1632 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
16:56:50.0293 1632 RpcLocator - ok
16:56:50.0308 1632 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
16:56:50.0324 1632 RpcSs - ok
16:56:50.0324 1632 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
16:56:50.0324 1632 rspndr - ok
16:56:50.0355 1632 [ 6D3C7E7D82D3DC92DC2A8B0DF9F20F8A ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
16:56:50.0355 1632 RTL8167 - ok
16:56:50.0355 1632 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
16:56:50.0371 1632 SamSs - ok
16:56:50.0371 1632 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
16:56:50.0371 1632 sbp2port - ok
16:56:50.0386 1632 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
16:56:50.0386 1632 SCardSvr - ok
16:56:50.0402 1632 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
16:56:50.0402 1632 scfilter - ok
16:56:50.0433 1632 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
16:56:50.0449 1632 Schedule - ok
16:56:50.0464 1632 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
16:56:50.0464 1632 SCPolicySvc - ok
16:56:50.0480 1632 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
16:56:50.0480 1632 SDRSVC - ok
16:56:50.0496 1632 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
16:56:50.0496 1632 secdrv - ok
16:56:50.0511 1632 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
16:56:50.0511 1632 seclogon - ok
16:56:50.0511 1632 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
16:56:50.0527 1632 SENS - ok
16:56:50.0527 1632 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
16:56:50.0527 1632 SensrSvc - ok
16:56:50.0558 1632 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
16:56:50.0558 1632 Serenum - ok
16:56:50.0574 1632 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
16:56:50.0574 1632 Serial - ok
16:56:50.0589 1632 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
16:56:50.0589 1632 sermouse - ok
16:56:50.0605 1632 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
16:56:50.0605 1632 SessionEnv - ok
16:56:50.0620 1632 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
16:56:50.0620 1632 sffdisk - ok
16:56:50.0620 1632 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
16:56:50.0620 1632 sffp_mmc - ok
16:56:50.0620 1632 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
16:56:50.0620 1632 sffp_sd - ok
16:56:50.0636 1632 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
16:56:50.0636 1632 sfloppy - ok
16:56:50.0683 1632 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
16:56:50.0683 1632 Sftfs - ok
16:56:50.0730 1632 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
16:56:50.0730 1632 sftlist - ok
16:56:50.0730 1632 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
16:56:50.0745 1632 Sftplay - ok
16:56:50.0745 1632 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
16:56:50.0745 1632 Sftredir - ok
16:56:50.0761 1632 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
16:56:50.0761 1632 Sftvol - ok
16:56:50.0761 1632 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
16:56:50.0776 1632 sftvsa - ok
16:56:50.0792 1632 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
16:56:50.0792 1632 SharedAccess - ok
16:56:50.0823 1632 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:56:50.0823 1632 ShellHWDetection - ok
16:56:50.0823 1632 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
16:56:50.0823 1632 SiSRaid2 - ok
16:56:50.0839 1632 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
16:56:50.0854 1632 SiSRaid4 - ok
16:56:50.0979 1632 [ 753D254205E0A62100A050BD8B458D06 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
16:56:51.0182 1632 Skype C2C Service - ok
16:56:51.0244 1632 [ DDAA5F4A6B958FC313EBD02DD925752F ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
16:56:51.0244 1632 SkypeUpdate - ok
16:56:51.0276 1632 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
16:56:51.0276 1632 Smb - ok
16:56:51.0291 1632 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
16:56:51.0291 1632 SNMPTRAP - ok
16:56:51.0307 1632 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
16:56:51.0307 1632 spldr - ok
16:56:51.0338 1632 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
16:56:51.0354 1632 Spooler - ok
16:56:51.0478 1632 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
16:56:51.0494 1632 sppsvc - ok
16:56:51.0510 1632 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
16:56:51.0510 1632 sppuinotify - ok
16:56:51.0525 1632 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
16:56:51.0525 1632 srv - ok
16:56:51.0556 1632 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
16:56:51.0556 1632 srv2 - ok
16:56:51.0556 1632 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
16:56:51.0556 1632 srvnet - ok
16:56:51.0588 1632 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
16:56:51.0588 1632 SSDPSRV - ok
16:56:51.0619 1632 [ D1E083D50F354A1840C9DF1C62437BC9 ] SSMO3v2Filter C:\Windows\system32\drivers\MO3v2Driver.sys
16:56:51.0619 1632 SSMO3v2Filter - ok
16:56:51.0634 1632 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
16:56:51.0634 1632 SstpSvc - ok
16:56:51.0666 1632 Steam Client Service - ok
16:56:51.0728 1632 [ F0359F7CE712D69ACEF0886BDB4792ED ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
16:56:51.0728 1632 Stereo Service - ok
16:56:51.0759 1632 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
16:56:51.0759 1632 stexstor - ok
16:56:51.0790 1632 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
16:56:51.0790 1632 stisvc - ok
16:56:51.0806 1632 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
16:56:51.0806 1632 swenum - ok
16:56:51.0822 1632 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
16:56:51.0837 1632 swprv - ok
16:56:51.0868 1632 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
16:56:51.0884 1632 SysMain - ok
16:56:51.0900 1632 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:56:51.0900 1632 TabletInputService - ok
16:56:51.0931 1632 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
16:56:51.0931 1632 TapiSrv - ok
16:56:51.0946 1632 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
16:56:51.0946 1632 TBS - ok
16:56:51.0993 1632 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
16:56:52.0009 1632 Tcpip - ok
16:56:52.0024 1632 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
16:56:52.0040 1632 TCPIP6 - ok
16:56:52.0056 1632 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
16:56:52.0056 1632 tcpipreg - ok
16:56:52.0071 1632 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
16:56:52.0071 1632 TDPIPE - ok
16:56:52.0087 1632 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
16:56:52.0087 1632 TDTCP - ok
16:56:52.0102 1632 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
16:56:52.0102 1632 tdx - ok
16:56:52.0118 1632 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
16:56:52.0118 1632 TermDD - ok
16:56:52.0149 1632 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
16:56:52.0149 1632 TermService - ok
16:56:52.0180 1632 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
16:56:52.0196 1632 Themes - ok
16:56:52.0227 1632 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
16:56:52.0227 1632 THREADORDER - ok
16:56:52.0243 1632 [ E386DD8EC68C67CA3E2A3ABDC1DF5C56 ] tmactmon C:\Windows\system32\DRIVERS\tmactmon.sys
16:56:52.0243 1632 tmactmon - ok
16:56:52.0258 1632 [ AB011C569487FD65C8944DDF8CBB2572 ] tmcomm C:\Windows\system32\DRIVERS\tmcomm.sys
16:56:52.0258 1632 tmcomm - ok
16:56:52.0290 1632 [ 1161F882B3CFA8076870A09924E0ADC2 ] tmeevw C:\Windows\system32\DRIVERS\tmeevw.sys
16:56:52.0290 1632 tmeevw - ok
16:56:52.0305 1632 [ 8870A3D7305455B47ADCCD226F8E51BC ] tmevtmgr C:\Windows\system32\DRIVERS\tmevtmgr.sys
16:56:52.0305 1632 tmevtmgr - ok
16:56:52.0321 1632 [ F0AE672EE91E7F1EF24644621B57CA7F ] tmnciesc C:\Windows\system32\DRIVERS\tmnciesc.sys
16:56:52.0321 1632 tmnciesc - ok
16:56:52.0336 1632 [ 065CB7D9278D778FB9EF62CEAD01433F ] tmtdi C:\Windows\system32\DRIVERS\tmtdi.sys
16:56:52.0336 1632 tmtdi - ok
16:56:52.0336 1632 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
16:56:52.0336 1632 TrkWks - ok
16:56:52.0368 1632 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:56:52.0368 1632 TrustedInstaller - ok
16:56:52.0383 1632 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
16:56:52.0383 1632 tssecsrv - ok
16:56:52.0399 1632 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
16:56:52.0399 1632 TsUsbFlt - ok
16:56:52.0399 1632 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
16:56:52.0399 1632 TsUsbGD - ok
16:56:52.0414 1632 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
16:56:52.0414 1632 tunnel - ok
16:56:52.0430 1632 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
16:56:52.0430 1632 uagp35 - ok
16:56:52.0446 1632 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
16:56:52.0446 1632 udfs - ok
16:56:52.0492 1632 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
16:56:52.0492 1632 UI0Detect - ok
16:56:52.0492 1632 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
16:56:52.0492 1632 uliagpkx - ok
16:56:52.0508 1632 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
16:56:52.0508 1632 umbus - ok
16:56:52.0508 1632 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
16:56:52.0508 1632 UmPass - ok
16:56:52.0539 1632 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
16:56:52.0539 1632 upnphost - ok
16:56:52.0555 1632 [ AA33FC47ED58C34E6E9261E4F850B7EB ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
16:56:52.0570 1632 USBAAPL64 - ok
16:56:52.0602 1632 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
16:56:52.0602 1632 usbaudio - ok
16:56:52.0617 1632 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
16:56:52.0617 1632 usbccgp - ok
16:56:52.0617 1632 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
16:56:52.0617 1632 usbcir - ok
16:56:52.0633 1632 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
16:56:52.0633 1632 usbehci - ok
16:56:52.0633 1632 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
16:56:52.0648 1632 usbhub - ok
16:56:52.0664 1632 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
16:56:52.0664 1632 usbohci - ok
16:56:52.0680 1632 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
16:56:52.0680 1632 usbprint - ok
16:56:52.0695 1632 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:56:52.0695 1632 USBSTOR - ok
16:56:52.0695 1632 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
16:56:52.0695 1632 usbuhci - ok
16:56:52.0695 1632 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
16:56:52.0695 1632 UxSms - ok
16:56:52.0711 1632 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
16:56:52.0711 1632 VaultSvc - ok
16:56:52.0711 1632 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
16:56:52.0711 1632 vdrvroot - ok
16:56:52.0742 1632 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
16:56:52.0758 1632 vds - ok
16:56:52.0773 1632 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
16:56:52.0773 1632 vga - ok
16:56:52.0773 1632 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
16:56:52.0789 1632 VgaSave - ok
16:56:52.0804 1632 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
16:56:52.0804 1632 vhdmp - ok
16:56:52.0804 1632 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
16:56:52.0804 1632 viaide - ok
16:56:52.0820 1632 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
16:56:52.0820 1632 volmgr - ok
16:56:52.0836 1632 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
16:56:52.0836 1632 volmgrx - ok
16:56:52.0851 1632 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
16:56:52.0851 1632 volsnap - ok
16:56:52.0867 1632 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
16:56:52.0867 1632 vsmraid - ok
16:56:52.0898 1632 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
16:56:52.0929 1632 VSS - ok
16:56:52.0976 1632 [ 40DBA03782BCC10685A8C200C5EBDCD0 ] vToolbarUpdater12.2.6 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe
16:56:53.0023 1632 vToolbarUpdater12.2.6 - ok
16:56:53.0038 1632 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
16:56:53.0038 1632 vwifibus - ok
16:56:53.0038 1632 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
16:56:53.0038 1632 vwififlt - ok
16:56:53.0054 1632 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
16:56:53.0070 1632 W32Time - ok
16:56:53.0070 1632 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
16:56:53.0070 1632 WacomPen - ok
16:56:53.0085 1632 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
16:56:53.0085 1632 WANARP - ok
16:56:53.0085 1632 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
16:56:53.0085 1632 Wanarpv6 - ok
16:56:53.0116 1632 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
16:56:53.0132 1632 WatAdminSvc - ok
16:56:53.0179 1632 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
16:56:53.0194 1632 wbengine - ok
16:56:53.0210 1632 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
16:56:53.0210 1632 WbioSrvc - ok
16:56:53.0241 1632 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
16:56:53.0241 1632 wcncsvc - ok
16:56:53.0257 1632 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:56:53.0257 1632 WcsPlugInService - ok
16:56:53.0272 1632 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
16:56:53.0272 1632 Wd - ok
16:56:53.0288 1632 [ A3D04EBF5227886029B4532F20D026F7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam64.sys
16:56:53.0288 1632 WDC_SAM - ok
16:56:53.0304 1632 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
16:56:53.0304 1632 Wdf01000 - ok
16:56:53.0319 1632 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
16:56:53.0319 1632 WdiServiceHost - ok
16:56:53.0319 1632 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
16:56:53.0319 1632 WdiSystemHost - ok
16:56:53.0350 1632 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
16:56:53.0350 1632 WebClient - ok
16:56:53.0366 1632 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
16:56:53.0382 1632 Wecsvc - ok
16:56:53.0382 1632 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
16:56:53.0397 1632 wercplsupport - ok
16:56:53.0397 1632 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
16:56:53.0397 1632 WerSvc - ok
16:56:53.0397 1632 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
16:56:53.0397 1632 WfpLwf - ok
16:56:53.0397 1632 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
16:56:53.0397 1632 WIMMount - ok
16:56:53.0413 1632 WinDefend - ok
16:56:53.0413 1632 WinHttpAutoProxySvc - ok
16:56:53.0460 1632 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
16:56:53.0460 1632 Winmgmt - ok
16:56:53.0834 1632 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
16:56:53.0865 1632 WinRM - ok
16:56:53.0881 1632 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
16:56:53.0881 1632 WinUsb - ok
16:56:53.0943 1632 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
16:56:53.0943 1632 Wlansvc - ok
16:56:53.0959 1632 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
16:56:53.0959 1632 WmiAcpi - ok
16:56:54.0006 1632 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
16:56:54.0006 1632 wmiApSrv - ok
16:56:54.0037 1632 WMPNetworkSvc - ok
16:56:54.0068 1632 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
16:56:54.0068 1632 WPCSvc - ok
16:56:54.0084 1632 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
16:56:54.0084 1632 WPDBusEnum - ok
16:56:54.0084 1632 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
16:56:54.0084 1632 ws2ifsl - ok
16:56:54.0099 1632 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
16:56:54.0099 1632 wscsvc - ok
16:56:54.0099 1632 WSearch - ok
16:56:54.0162 1632 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
16:56:54.0193 1632 wuauserv - ok
16:56:54.0208 1632 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
16:56:54.0208 1632 WudfPf - ok
16:56:54.0224 1632 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
16:56:54.0240 1632 WUDFRd - ok
16:56:54.0240 1632 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
16:56:54.0240 1632 wudfsvc - ok
16:56:54.0271 1632 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
16:56:54.0271 1632 WwanSvc - ok
16:56:54.0271 1632 ================ Scan global ===============================
16:56:54.0286 1632 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
16:56:54.0318 1632 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
16:56:54.0333 1632 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
16:56:54.0349 1632 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
16:56:54.0380 1632 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
16:56:54.0380 1632 [Global] - ok
16:56:54.0380 1632 ================ Scan MBR ==================================
16:56:54.0380 1632 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:56:54.0614 1632 \Device\Harddisk0\DR0 - ok
16:56:54.0614 1632 ================ Scan VBR ==================================
16:56:54.0614 1632 [ A43E579E20FEC132B1F3C116A260B2DD ] \Device\Harddisk0\DR0\Partition1
16:56:54.0614 1632 \Device\Harddisk0\DR0\Partition1 - ok
16:56:54.0614 1632 ============================================================
16:56:54.0614 1632 Scan finished
16:56:54.0614 1632 ============================================================
16:56:54.0630 1188 Detected object count: 0
16:56:54.0630 1188 Actual detected object count: 0


aswMBR Log:

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-10-16 16:59:24
-----------------------------
16:59:24.672 OS Version: Windows x64 6.1.7601 Service Pack 1
16:59:24.672 Number of processors: 8 586 0x2A07
16:59:24.672 ComputerName: OEM-PC UserName: OEM
16:59:28.275 Initialize success
17:09:38.885 AVAST engine defs: 12101501
17:10:28.224 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
17:10:28.226 Disk 0 Vendor: WDC_WD10 05.0 Size: 953868MB BusType: 3
17:10:28.245 Disk 0 MBR read successfully
17:10:28.248 Disk 0 MBR scan
17:10:28.255 Disk 0 Windows 7 default MBR code
17:10:28.260 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 953867 MB offset 63
17:10:28.290 Disk 0 scanning C:\Windows\system32\drivers
17:10:35.101 Service scanning
17:10:50.303 Modules scanning
17:10:50.310 Disk 0 trace - called modules:
17:10:50.326 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
17:10:50.330 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8011ff4790]
17:10:50.333 3 CLASSPNP.SYS[fffff8800185143f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa800d4dd050]
17:10:53.310 AVAST engine scan C:\Windows
17:10:56.188 AVAST engine scan C:\Windows\system32
17:13:21.923 AVAST engine scan C:\Windows\system32\drivers
17:13:31.451 AVAST engine scan C:\Users\OEM
17:21:55.853 AVAST engine scan C:\ProgramData
17:24:43.342 Scan finished successfully
17:26:16.029 Disk 0 MBR has been saved successfully to "C:\Users\OEM\Desktop\MBR.dat"
17:26:16.033 The log file has been saved successfully to "C:\Users\OEM\Desktop\aswMBR.txt"


ESET online scanner

No threats found (:D)


And Malwarebytes code from the screen printout!

Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org

Database version: v2012.10.15.02

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
OEM :: OEM-PC [administrator]

15/10/2012 7:37:12 p.m.
mbam-log-2012-10-15 (19-37-12).txt

Scan type: Full scan (C:\|Q:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 419785
Time elapsed: 41 minute(s), 41 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 2
C:\Users\OEM\Downloads\FastDownload.exe (Affiliate.Downloader) -> Quarantined and deleted successfully.
C:\Users\OEM\Downloads\InstallRARFileOpenKnife.exe (PUP.BundleInstaller.BI) -> Quarantined and deleted successfully.

(end)

#5 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:22 AM

Posted 16 October 2012 - 12:39 AM

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.

Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#6 Mortada

Mortada
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:09:22 AM

Posted 16 October 2012 - 01:07 AM

MiniToolBox by Farbar Version: 23-07-2012
Ran by OEM (administrator) on 16-10-2012 at 18:48:07
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Local Area Connection (Connected)
ASUS 802.11n Wireless LAN Card = Wireless Network Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : OEM-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : lan

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : lan
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 1C-6F-65-F9-65-C2
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::18ef:a9de:c141:8fb4%14(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.66(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Tuesday, 16 October 2012 4:53:40 p.m.
Lease Expires . . . . . . . . . . : Wednesday, 17 October 2012 4:53:40 p.m.
Default Gateway . . . . . . . . . : 192.168.1.254
DHCP Server . . . . . . . . . . . : 192.168.1.254
DHCPv6 IAID . . . . . . . . . . . : 354185061
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-09-7F-8E-E0-69-95-8A-61-4A
DNS Servers . . . . . . . . . . . : 192.168.1.254
NetBIOS over Tcpip. . . . . . . . : Enabled

Wireless LAN adapter Wireless Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : lan
Description . . . . . . . . . . . : ASUS 802.11n Wireless LAN Card
Physical Address. . . . . . . . . : E0-69-95-8A-61-4A
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.lan:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : lan
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Teredo Tunneling Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:14f8:15a4:3f57:febd(Preferred)
Link-local IPv6 Address . . . . . : fe80::14f8:15a4:3f57:febd%10(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: dsldevice.lan
Address: 192.168.1.254

Name: google.com
Addresses: 2404:6800:4006:804::1004
122.56.115.156
122.56.115.160
122.56.115.163
122.56.115.167
122.56.115.184
122.56.115.177
122.56.115.146
122.56.115.170
122.56.115.149
122.56.115.153
122.56.115.174
122.56.115.181


Pinging google.com [122.56.115.177] with 32 bytes of data:
Reply from 122.56.115.177: bytes=32 time=7ms TTL=57
Reply from 122.56.115.177: bytes=32 time=7ms TTL=57

Ping statistics for 122.56.115.177:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 7ms, Maximum = 7ms, Average = 7ms
Server: dsldevice.lan
Address: 192.168.1.254

Name: yahoo.com
Addresses: 98.138.253.109
72.30.38.140
98.139.183.24


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=298ms TTL=48
Reply from 98.139.183.24: bytes=32 time=281ms TTL=48

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 281ms, Maximum = 298ms, Average = 289ms
Server: dsldevice.lan
Address: 192.168.1.254

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
14...1c 6f 65 f9 65 c2 ......Realtek PCIe GBE Family Controller
12...e0 69 95 8a 61 4a ......ASUS 802.11n Wireless LAN Card
1...........................Software Loopback Interface 1
13...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
10...00 00 00 00 00 00 00 e0 Microsoft Teredo Tunneling Adapter
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.254 192.168.1.66 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.66 276
192.168.1.66 255.255.255.255 On-link 192.168.1.66 276
192.168.1.255 255.255.255.255 On-link 192.168.1.66 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.66 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.66 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
10 58 ::/0 On-link
1 306 ::1/128 On-link
10 58 2001::/32 On-link
10 306 2001:0:9d38:6ab8:14f8:15a4:3f57:febd/128
On-link
14 276 fe80::/64 On-link
10 306 fe80::/64 On-link
10 306 fe80::14f8:15a4:3f57:febd/128
On-link
14 276 fe80::18ef:a9de:c141:8fb4/128
On-link
1 306 ff00::/8 On-link
10 306 ff00::/8 On-link
14 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/16/2012 05:27:12 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/16/2012 05:27:07 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/14/2012 05:21:59 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/14/2012 10:37:30 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/14/2012 03:01:54 AM) (Source: Application Hang) (User: )
Description: The program Wow-64.exe version 5.0.5.16135 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1708

Start Time: 01cda936647f4093

Termination Time: 290

Application Path: C:\Users\OEM\Desktop\Mortada Games and Music\World of Warcraft\Wow-64.exe

Report Id: 525bc94e-153e-11e2-8219-1c6f65f965c2

Error: (10/13/2012 05:06:16 PM) (Source: Windows Search Service) (User: )
Description: The index cannot be initialized.

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (10/13/2012 05:06:16 PM) (Source: Windows Search Service) (User: )
Description: The application cannot be initialized.

Context: Windows Application

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (10/13/2012 05:06:16 PM) (Source: Windows Search Service) (User: )
Description: The gatherer object cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (10/13/2012 05:06:16 PM) (Source: Windows Search Service) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
Element not found. (HRESULT : 0x80070490) (0x80070490)

Error: (10/13/2012 05:06:16 PM) (Source: Windows Search Service) (User: )
Description: The plug-in in <Search.JetPropStore> cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)


System errors:
=============
Error: (10/15/2012 10:59:24 PM) (Source: bowser) (User: )
Description: The master browser has received a server announcement from the computer ALI-HP
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{2ABB15CD-178A-40F8-A7A7-C10213526A2E}.
The master browser is stopping or an election is being forced.

Error: (10/15/2012 06:40:28 PM) (Source: NetBT) (User: )
Description: A duplicate name has been detected on the TCP network. The IP address of
the computer that sent the message is in the data. Use nbtstat -n in a
command window to see which name is in the Conflict state.

Error: (10/14/2012 11:34:43 PM) (Source: NetBT) (User: )
Description: A duplicate name has been detected on the TCP network. The IP address of
the computer that sent the message is in the data. Use nbtstat -n in a
command window to see which name is in the Conflict state.

Error: (10/14/2012 11:02:43 PM) (Source: NetBT) (User: )
Description: A duplicate name has been detected on the TCP network. The IP address of
the computer that sent the message is in the data. Use nbtstat -n in a
command window to see which name is in the Conflict state.

Error: (10/14/2012 10:30:43 PM) (Source: NetBT) (User: )
Description: A duplicate name has been detected on the TCP network. The IP address of
the computer that sent the message is in the data. Use nbtstat -n in a
command window to see which name is in the Conflict state.

Error: (10/14/2012 08:54:34 PM) (Source: NetBT) (User: )
Description: A duplicate name has been detected on the TCP network. The IP address of
the computer that sent the message is in the data. Use nbtstat -n in a
command window to see which name is in the Conflict state.

Error: (10/14/2012 08:22:34 PM) (Source: NetBT) (User: )
Description: A duplicate name has been detected on the TCP network. The IP address of
the computer that sent the message is in the data. Use nbtstat -n in a
command window to see which name is in the Conflict state.

Error: (10/14/2012 07:50:34 PM) (Source: NetBT) (User: )
Description: A duplicate name has been detected on the TCP network. The IP address of
the computer that sent the message is in the data. Use nbtstat -n in a
command window to see which name is in the Conflict state.

Error: (10/14/2012 07:18:34 PM) (Source: NetBT) (User: )
Description: A duplicate name has been detected on the TCP network. The IP address of
the computer that sent the message is in the data. Use nbtstat -n in a
command window to see which name is in the Conflict state.

Error: (10/13/2012 05:06:16 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.


Microsoft Office Sessions:
=========================
Error: (10/16/2012 05:27:12 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\OEM\Downloads\esetsmartinstaller_enu(1).exe

Error: (10/16/2012 05:27:07 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\OEM\Downloads\esetsmartinstaller_enu(1).exe

Error: (10/14/2012 05:21:59 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (10/14/2012 10:37:30 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (10/14/2012 03:01:54 AM) (Source: Application Hang)(User: )
Description: Wow-64.exe5.0.5.16135170801cda936647f4093290C:\Users\OEM\Desktop\Mortada Games and Music\World of Warcraft\Wow-64.exe525bc94e-153e-11e2-8219-1c6f65f965c2

Error: (10/13/2012 05:06:16 PM) (Source: Windows Search Service)(User: )
Description: Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (10/13/2012 05:06:16 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (10/13/2012 05:06:16 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (10/13/2012 05:06:16 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
Element not found. (HRESULT : 0x80070490) (0x80070490)
Search.TripoliIndexer

Error: (10/13/2012 05:06:16 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
Search.JetPropStore


=========================== Installed Programs ============================

Able2Extract 7.0 (Version: 7.0)
Acrobat.com (Version: 0.0.0)
Acrobat.com (Version: 1.1.377)
Adobe AIR (Version: 3.1.0.4880)
Adobe Flash Player 11 ActiveX (Version: 11.4.402.287)
Adobe Flash Player 11 Plugin (Version: 11.4.402.287)
Adobe Reader 9.5.2 (Version: 9.5.2)
Apple Application Support (Version: 2.1.9)
Apple Mobile Device Support (Version: 5.2.0.6)
Apple Software Update (Version: 2.1.3.127)
AVG Security Toolbar (Version: 12.2.5.34)
Bing Desktop (Version: 1.0.45.0)
Bonjour (Version: 3.0.0.10)
CCleaner (Version: 3.22)
CodeBlocks (Version: 10.05)
CyberLink Blu-ray Disc Suite (Version: 6.0.3226)
CyberLink LabelPrint (Version: 2.5.1916)
CyberLink LG Burning Tool (Version: 6.2.3714)
CyberLink PowerDVD 9 (Version: 9.0.2919.52)
CyberLink PowerProducer (Version: 5.0.1.1520)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Diablo III (Version: 1.0.3.10485)
Dota 2
Etron USB3.0 Host Controller (Version: 0.98)
Facebook Video Calling 1.2.0.159 (Version: 1.2.159)
GOM Player (Version: 2.1.43.5119)
GOMTV Streamer (Version: 1.0.0.26)
Google Chrome (Version: 22.0.1229.94)
Google Update Helper (Version: 1.3.21.123)
Guild Wars 2
Heroes of Newerth (Version: 2.3.0)
iCloud (Version: 1.1.0.40)
Intel® Control Center (Version: 1.2.1.1007)
Intel® Management Engine Components (Version: 7.0.0.1118)
Intel® Processor Graphics (Version: 8.15.10.2361)
Intel® Rapid Storage Technology (Version: 10.5.0.1026)
Internet Explorer (Enable DEP)
iTunes (Version: 10.6.3.25)
League of Legends (Version: 1.3)
LightScribe System Software (Version: 1.18.14.1)
Logitech GamePanel Software 3.03.133 (Version: 3.03.133)
Malwarebytes Anti-Malware version 1.65.0.1400 (Version: 1.65.0.1400)
marvell 91xx driver (Version: 1.1.0.6)
McAfee Security Scan Plus (Version: 3.0.207.4)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Home and Business 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Starter 2010 - English (Version: 14.0.5139.5005)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Mozilla Firefox 15.0 (x86 en-US) (Version: 15.0)
Mozilla Firefox 16.0.1 (x86 en-US) (Version: 16.0.1)
Mozilla Maintenance Service (Version: 16.0.1)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
neroxml (Version: 1.0.0)
NVIDIA 3D Vision Controller Driver (Version: 280.19)
NVIDIA 3D Vision Controller Driver 306.97 (Version: 306.97)
NVIDIA 3D Vision Driver 306.97 (Version: 306.97)
NVIDIA Control Panel 306.97 (Version: 306.97)
NVIDIA Graphics Driver 306.97 (Version: 306.97)
NVIDIA HD Audio Driver 1.3.18.0 (Version: 1.3.18.0)
NVIDIA Install Application (Version: 2.1002.85.551)
NVIDIA PhysX (Version: 9.12.0604)
NVIDIA PhysX System Software 9.12.0604 (Version: 9.12.0604)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.0697)
NVIDIA Update 1.10.8 (Version: 1.10.8)
NVIDIA Update Components (Version: 1.10.8)
ON_OFF Charge B11.0110.1 (Version: 1.00.0001)
QuickTime (Version: 7.72.80.56)
Realtek Ethernet Controller Driver (Version: 7.38.113.2011)
Realtek High Definition Audio Driver (Version: 6.0.1.6307)
Samsung SyncMaster 3D Game Launcher (TriDef 3D) 1.0.15 (Version: 1.0.15)
Samsung_MonSetup (Version: 1.00.0000)
Skype Click to Call (Version: 6.2.10687)
Skype™ 5.10 (Version: 5.10.116)
Spotify (Version: 0.8.4.124.ga3559d86)
StarCraft II (Version: 1.5.2.22875)
Steam (Version: 1.0.0.0)
Trend Micro Titanium (Version: 5.00)
Trend Micro Titanium Maximum Security 2012 (Version: 5.2)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553272) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598289) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
VCRedistSetup (Version: 1.0.0)
Ventrilo Client for Windows x64 (Version: 3.0.8.0)
Warcraft III
World of Warcraft (Version: 5.0.5.16135)

========================= Memory info: ===================================

Percentage of memory in use: 20%
Total physical RAM: 16301.11 MB
Available physical RAM: 12959.39 MB
Total Pagefile: 32600.41 MB
Available Pagefile: 28817.35 MB
Total Virtual: 4095.88 MB
Available Virtual: 3960.18 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:931.51 GB) (Free:761.87 GB) NTFS

========================= Users: ========================================

User accounts for \\OEM-PC

Administrator Guest OEM
UpdatusUser

========================= Restore Points ==================================

30-09-2012 03:24:03 Scheduled Checkpoint
07-10-2012 05:23:33 Scheduled Checkpoint
10-10-2012 10:55:28 Windows Update

**** End of log ****




Farbar Service Scanner Version: 07-10-2012
Ran by OEM (administrator) on 16-10-2012 at 18:49:56
Running from "C:\Users\OEM\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll
[2012-10-10 21:24] - [2012-06-02 18:41] - 0184320 ____A (Microsoft Corporation) 9C01375BE382E834CC26D1B7EAF2C4FE

C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****




# AdwCleaner v2.005 - Logfile created 10/16/2012 at 18:51:11
# Updated 14/10/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : OEM - OEM-PC
# Boot Mode : Normal
# Running from : C:\Users\OEM\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Deleted on reboot : C:\Program Files (x86)\Common Files\AVG Secure Search
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml
Folder Deleted : C:\Program Files (x86)\AVG Secure Search
Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\Users\OEM\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\OEM\AppData\LocalLow\AVG Secure Search

***** [Registry] *****

Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\IGearSettings
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\Software\Freeze.com
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxps://isearch.avg.com/?cid={5DD750A9-A2DF-490D-85F9-5EAE0F722774}&mid=a4e41f77c9e747d0b9b6cd26231d8c31-ae4626a34a819c2f679134494e172388894669b5&lang=en&ds=gm011&pr=sa&d=2012-09-15 21:36:21&v=12.2.5.34&sap=hp --> hxxp://www.google.com

-\\ Mozilla Firefox v15.0 (en-US)

Profile name : default
File : C:\Users\OEM\AppData\Roaming\Mozilla\Firefox\Profiles\ehetwcok.default\prefs.js

Deleted : user_pref("browser.search.defaultenginename", "AVG Secure Search");
Deleted : user_pref("browser.search.selectedEngine", "AVG Secure Search");
Deleted : user_pref("keyword.URL", "hxxps://isearch.avg.com/search?cid=%7B57420885-3016-4961-bb31-5989eb73ac1d[...]

-\\ Google Chrome v [Unable to get version]

File : C:\Users\OEM\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted [l.1] : icon_url ={"backup":{"_signature":"ixq3UIxug2t7qXfB7UJ4YqTcdcp8wNnE+1AZLEU9pyA=","_version":4,"browser":{"show_home_button":false},"extensions":{"ids":["ahfgeienlihckogmohjhadlkjgocpleb","bdgpjclefcppbhifgmbncakhhphkggdb","heoldelcflnigdllmlopiefhkkobendj","lifbcibllhkdhoafpjfnlhfpfgnpldfl"]},"homepage":true,"homepage_is_newtabpage":false,"session":{"restore_on_startup":4,"urls_to_restore_on_startup":["hxxps://isearch.avg.com/?cid={5DD750A9-A2DF-490D-85F9-5EAE0F722774}&mid=a4e41f77c9e747d0b9b6cd26231d8c31-ae4626a34a819c2f679134494e172388894669b5&lang=en&ds=gm011&pr=sa&d=2012-09-15 21:36:21&v=12.2.5.34&sap=hp"]}},"browser":{"last_known_google_url":"hxxp://www.google.co.nz/","last_prompted_google_url":"hxxp://www.google.co.nz/","window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":1040,"work_area_left":0,"work_area_right":1920,"work_area_top":0}},"countryid_at_install":20058,"default_apps_install_state":2,"default_search_provider":{"enabled":true,"encodings":"UTF-8","hxxp://www.google.com/favicon.ico","id":"2","instant_url":"{google:baseURL}webhp?{google:RLZ}sourceid=chrome-instant&{google:instantFieldTrialGroupParameter}ie={inputEncoding}&ion=1{searchTerms}","keyword":"google.co.nz","name":"Google","prepopulate_id":"1","search_url":"{google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}","suggest_url":"{google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}"},"disable_video_chat":true,"distribution":{"create_all_shortcuts":true,"do_not_launch_chrome":true,"import_history":false,"import_search_engine":false,"make_chrome_default":true,"show_welcome_page":true,"skip_first_run_ui":true,"verbose_logging":false},"dns_prefetching":{"host_referral_list":[2,["hxxp://0.231.channel.facebook.com/",["hxxp://0.231.channel.facebook.com/",1.061937028709073]],["hxxp://apps.facebook.com/",["hxxp://0.231.channel.facebook.com/",1.857229544077419,"hxxp://apps.facebook.com/",6.504113105899840,"hxxp://check4.facebook.com/",1.495625364469866,"hxxp://check6.facebook.com/",1.673728915619855,"hxxp://creative.ak.fbcdn.net/",2.208039569069820,"hxxp://profile.ak.fbcdn.net/",4.097445635887768,"hxxp://static.ak.connect.facebook.com/",1.225771499091096,"hxxp://static.ak.fbcdn.net/",4.282963516504042,"hxxp://thesmurfsco.ubi.com/",3.798398501164794,"hxxp://www.facebook.com/",1.302134234280934]],["hxxp://dsldevice.lan/",["hxxp://dsldevice.lan/",3.026519823738891]],["hxxp://platform.twitter.com/",["hxxp://platform.twitter.com/",1.640176035866175]],["hxxp://static11.cdn.ubi.com/",["hxxp://profile.ak.fbcdn.net/",8.710525576192689,"hxxp://static11.cdn.ubi.com/",135.1593018058411,"hxxp://thesmurfsco.ubi.com/",15.35191965915975,"hxxps://fbcdn-profile-a.akamaihd.net/",2.666791140213729]],["hxxp://thesmurfsco.ubi.com/",["hxxp://connect.facebook.net/",0.1388692840957033,"hxxp://static.ak.facebook.com/",1.284724932876399,"hxxp://static.ak.fbcdn.net/",0.1571769703705417,"hxxp://static11.cdn.ubi.com/",1.514845183557733,"hxxp://thesmurfsco.ubi.com/",1.087921891822784,"hxxp://www.adobe.com/",0.1388692840957033,"hxxp://www.facebook.com/",0.8392134804283026,"hxxp://www.google-analytics.com/",0.4655830008611512,"hxxps://api-read.facebook.com/",0.4097473616629127]],["hxxp://tools.google.com/",["hxxp://fonts.googleapis.com/",1.640176035866175,"hxxp://themes.googleusercontent.com/",1.640176035866175,"hxxp://tools.google.com/",2.472504173469907,"hxxp://www.google-analytics.com/",1.640176035866175,"hxxp://www.google.com/",2.056340104668041]],["hxxp://www.cyberlink.com/",["hxxp://a.analytics.yahoo.com/",1.373806956394454,"hxxp://d.yimg.com/",1.228305919172056,"hxxp://static.ak.fbcdn.net/",1.600723384094714,"hxxp://www.cyberlink.com/",14.99042237757704,"hxxp://www.google-analytics.com/",1.746224421317110]],["hxxp://www.facebook.com/",["hxxp://static.ak.fbcdn.net/",0.9630948261874084]],["hxxp://www.google.co.nz/",["hxxp://id.google.co.nz/",1.225771499091096,"hxxp://news.google.co.nz/",1.225771499091096,"hxxp://ssl.gstatic.com/",0.7184470171047320,"hxxp://www.google.co.nz/",3.906494267342915]],["hxxp://www.google.com/",["hxxp://www.google.co.nz/",0.8378136104334886]],["hxxp://www.piriform.com/",["hxxp://ajax.googleapis.com/",0.3808619651721814,"hxxp://connect.facebook.net/",0.4256490883968425,"hxxp://ping.chartbeat.net/",0.09026055415408384,"hxxp://static.ak.facebook.com/",1.669518212743920,"hxxp://static.chartbeat.com/",0.09026055415408384,"hxxp://static.piriform.com/",2.203159119517659,"hxxp://www.facebook.com/",0.7162504994149399,"hxxp://www.google-analytics.com/",1.059903065710961,"hxxp://www.piriform.com/",0.7962556705345960,"hxxps://s-static.ak.facebook.com/",1.669518212743920]],["hxxp://www.skype.com/",["hxxp://connect.facebook.net/",1.266098024873061,"hxxp://metrics.skype.com/",1.724348151483676,"hxxp://platform.twitter.com/",1.082516183671676,"hxxp://static.ak.facebook.com/",3.1714050174240,"hxxp://survey.122.2o7.net/",2.045264135389675,"hxxp://www.facebook.com/",10.02050708175721,"hxxp://www.google-analytics.com/",1.724348151483676,"hxxp://www.skype.com/",1.724348151483676,"hxxp://www.skypeassets.com/",20.83351932642491,"hxxps://s-static.ak.facebook.com/",2.5295730496120]],["hxxps://isearch.avg.com/",["hxxps://ajax.googleapis.com/",2.2086570657060,"hxxps://isearch.avg.com/",6.059648872577998,"hxxps://sb.scorecardresearch.com/",2.8504890335180,"hxxps://ssl.google-analytics.com/",2.2086570657060,"hxxps://stats.avg.com/",2.2086570657060]],["hxxps://www.facebook.com/",["hxxps://fbcdn-photos-a.akamaihd.net/",1.752984254343814,"hxxps://s-static.ak.facebook.com/",1.393790108015317,"hxxps://s-static.ak.fbcdn.net/",1.079082503576604,"hxxps://www.facebook.com/",1.105126303511172]]],"startup_list":[1,"hxxp://www.piriform.com/"]},"download":{"directory_upgrade":true,"extensions_to_open":""},"extensions":{"alerts":{"initialized":true},"autoupdate":{"last_check":"12963398015957820","next_check":"12991044917918037"},"blacklistupdate":{"lastpingday":"12963394798448820","version":"0.0.0.6"},"chrome_url_overrides":{"bookmarks":["chrome-extension://eemcgdkfndhakfknompkggombfjjjeno/main.html"],"newtab":["chrome-extension://bdgpjclefcppbhifgmbncakhhphkggdb/redirect.html"]},"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["appNotifications","management","webstorePrivate"]},"app_launcher_ordinal":"n","page_ordinal":"n"},"bdgpjclefcppbhifgmbncakhhphkggdb":{"active_permissions":{"api":["plugin","tabs"],"scriptable_host":["hxxp://toolbar.avg.com/*"]},"events":["runtime.onInstalled"],"from_bookmark":false,"from_webstore":false,"install_time":"12990081823952585","location":3,"manifest":{"background_page":"background.html","chrome_url_overrides":{"newtab":"redirect.html"},"content_scripts":[{"js":["ntinject.js"],"matches":["hxxp://toolbar.avg.com/*"]}],"description":"AVG Secure Search","icons":{"128":"icons/128-AVG-logo.png","16":"icons/16-AVG-logo.png","48":"icons/48-AVG-logo.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC6KF5SkWaPPAqr9ETTvQuTN2AuiQgnVLRX3pxyf1J+Kb1O52x83zuT8+tLbNPRuy/FupO2zQ3n6BDX5mVEJ0Yu/JCkGTXLJvj7Tw71UNycjJtP727ZdO5S3cvDPhxfCaVSEj9k1jDseA9ufme19KjDucL/TO1d//6vIs84UZ8GNQIDAQAB","name":"AVG Secure Search","permissions":["tabs","plugin"],"version":"12.1.0.21"},"path":"bdgpjclefcppbhifgmbncakhhphkggdb\\12.1.0.21_0","state":1},"heoldelcflnigdllmlopiefhkkobendj":{"ack_external":true,"active_permissions":{"api":["plugin","tabs"],"explicit_host":["file:///*","hxxp://*/*","hxxps://*/*"],"scriptable_host":["hxxp://*/*","hxxps://*/*"]},"events":["runtime.onInstalled"],"from_bookmark":false,"from_webstore":false,"install_time":"12990081825104585","location":3,"manifest":{"background_page":"background.html","browser_action":{"default_icon":"_locales/en/img/logo_icon16.png","default_title":"TrendMicro Toolbar","popup":"popup.html"},"content_scripts":[{"all_frames":false,"js":["toolbarConstant.js","toolbarLib.js","toolbarCSLib.js","_locales/en/TISProToolbarLocalization.js","CRPattern/TMTBContentRatingUrlMatching.js","tmtoolbar_loader.js"],"matches":["hxxp://*/*","hxxps://*/*"],"run_at":"document_end"}],"current_locale":"en_US","default_locale":"en","description":"Checks the safety of websites before you click the links to open them","icons":{"16":"_locales/en/img/logo_icon16.png","48":"_locales/en/img/logo_icon48.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCgss12W9mLcae+mRrgG+/B7Xm1L5YicpUwI1dE+0AjgarZGjIyDmIAIc0MAZfoCgT6kkEaj+zFiR/5eMosq2bAaWTXIfG3ocdeOfVXAvV25ZQExeGTTQYNrf0YDOQiZ9xs1J/0lpBhvd41QG7Kg+Jshm4VLrGIYTYSlb3TIYfBzQIDAQAB","name":"TrendMicro Toolbar","permissions":["hxxp://*/*","hxxps://*/*","file://*/*","tabs"],"plugins":[{"path":"npToolbarChrome.dll","public":true}],"version":"5.2.0.1035"},"path":"heoldelcflnigdllmlopiefhkkobendj\\5.2.0.1035_0","state":1},"hpibmhghjndideebpackbdlpncgkcppp":{"blacklist":true},"lifbcibllhkdhoafpjfnlhfpfgnpldfl":{"active_permissions":{"api":["plugin","tabs"],"explicit_host":["hxxp://*/*","hxxps://*/*"],"scriptable_host":["file:///*","hxxp://*/*","hxxps://*/*"]},"events":["runtime.onInstalled"],"from_bookmark":false,"from_webstore":false,"install_time":"12990081824078585","location":3,"manifest":{"background_page":"background.html","browser_action":{"default_icon":"skype.png","default_title":"Options"},"content_scripts":[{"all_frames":true,"js":["contentscript.js"],"matches":["hxxp://*/*","file://*/*","hxxps://*/*"],"run_at":"document_end"}],"description":"Skype Click to Call","key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDMxFysW3wPKWRPPe3xuJQz3m1ZDLX1hN8EYdP37tRPf7lp8vIhG4xirlXHGK748qcLPc4Lm8WsHDhvS5okN54Kwcnw4T2tBXSCZJxMmlu14HZ5yc/t969QLTPLIbAsasq4NVo40YuP2B7umxV9BlcxZEB9TEKPEQq8DRoKhj9jBQIDAQAB","name":"Skype Click to Call","permissions":["tabs","hxxp://*/*","hxxps://*/*"],"plugins":[{"path":"npSkypeChromePlugin.dll","public":true}],"version":"6.1.0.10441"},"path":"lifbcibllhkdhoafpjfnlhfpfgnpldfl\\6.1.0.10441_0","state":1},"lncjcfkpannmofmpgdfoonkniofdnaba":{"blacklist":true},"pbglijbamgmlcpnnpbfjkbdeheejjloj":{"blacklist":true}},"toolbar":["heoldelcflnigdllmlopiefhkkobendj","lifbcibllhkdhoafpjfnlhfpfgnpldfl"],"toolbarsize":-1},"homepage":"hxxps://isearch.avg.com/?cid={5DD750A9-A2DF-490D-85F9-5EAE0F722774}&mid=a4e41f77c9e747d0b9b6cd26231d8c31-ae4626a34a819c2f679134494e172388894669b5&lang=en&ds=gm011&pr=sa&d=2012-09-15 21:36:21&v=12.2.5.34&sap=hp","homepage_is_newtabpage":false,"hxxp_throttling":{"enabled":true},"instant":{"enabled_time":"12970966934858070"},"ntp":{"gplus_required":false,"pref_version":3,"promo_closed":false,"promo_end":1344945600.0,"promo_group":811,"promo_group_max":1,"promo_group_timeslice":0,"promo_increment":1,"promo_initial_segment":4,"promo_line":"What do you think of Chrome? <a href=\"hxxp://survey.googleratings.com/wix/p5963862.aspx\">Take the survey</a>","promo_num_groups":1000,"promo_resource_cache_update":"1345608226.381585","promo_start":1344427200.0,"promo_views":0,"promo_views_max":15},"plugins":{"enabled_internal_pdf3":true,"enabled_nacl":true,"last_internal_directory":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\21.0.1180.83","plugins_list":[{"enabled":true,"name":"Shockwave Flash","path":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\21.0.1180.83\\gcswf32.dll","version":"10,3,183,10"},{"enabled":true,"name":"Shockwave Flash","path":"C:\\Windows\\system32\\Macromed\\Flash\\NPSWF32.dll","version":"10,0,12,36"},{"enabled":true,"name":"Microsoft Office 2010","path":"C:\\PROGRA~2\\MICROS~1\\Office14\\NPSPWRAP.DLL","version":"14.0.4761.1000"},{"enabled":true,"name":"Remoting Viewer","path":"internal-remoting-viewer","version":""},{"enabled":true,"name":"Native Client","path":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\21.0.1180.83\\ppGoogleNaClPluginChrome.dll","version":""},{"enabled":true,"name":"Chrome PDF Viewer","path":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\21.0.1180.83\\pdf.dll","version":""},{"enabled":true,"name":"Skype Toolbars","path":"C:\\Users\\OEM\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\lifbcibllhkdhoafpjfnlhfpfgnpldfl\\5.6.0.8153_0\\npSkypeChromePlugin.dll","version":"5.6.0.8153"},{"enabled":false,"name":"Adobe Acrobat","path":"C:\\Program Files (x86)\\Adobe\\Reader 9.0\\Reader\\Browser\\nppdf32.dll","version":"9.0.0.2008061100"},{"enabled":true,"name":"Google Update","path":"C:\\Program Files (x86)\\Google\\Update\\1.3.21.65\\npGoogleUpdate3.dll","version":"1.3.21.65"},{"enabled":true,"name":"NVIDIA 3D Vision","path":"C:\\Program Files (x86)\\NVIDIA Corporation\\3D Vision\\npnv3dv.dll","version":"7.17.12.8026"},{"enabled":true,"name":"NVIDIA 3D VISION","path":"C:\\Program Files (x86)\\NVIDIA Corporation\\3D Vision\\npnv3dvstreaming.dll","version":"7.17.12.8026"},{"enabled":true,"name":"Pando Web Plugin","path":"C:\\Program Files (x86)\\Pando Networks\\Media Booster\\npPandoWebPlugin.dll","version":"2.3.3.8"},{"enabled":true,"name":"Default Plug-in","path":"default_plugin","version":"1"},{"enabled":true,"name":"Flash"},{"enabled":true,"name":"Microsoft Office"},{"enabled":true,"name":"Remoting Viewer"},{"enabled":true,"name":"Native Client"},{"enabled":true,"name":"Chrome PDF Viewer"},{"enabled":true,"name":"Skype Toolbars"},{"enabled":false,"name":"Adobe Acrobat"},{"enabled":true,"name":"Google Update"},{"enabled":true,"name":"NVIDIA 3D Vision"},{"enabled":true,"name":"NVIDIA 3D VISION"},{"enabled":true,"name":"Pando Web Plugin"},{"enabled":true,"name":"Default Plug-in"}]},"profile":{"avatar_index":0,"content_settings":{"clear_on_exit_migrated":true,"pattern_pairs":{"*,*":{"per_plugin":{"npsitesafety.dll":1}}},"plugin_whitelist":{"npsitesafety":{"dll":true}},"pref_version":1},"exited_cleanly":true,"name":"Default Profile"},"session":{"restore_on_startup":4,"restore_on_startup_migrated":true,"urls_to_restore_on_startup":["hxxps://isearch.avg.com/?cid={5DD750A9-A2DF-490D-85F9-5EAE0F722774}&mid=a4e41f77c9e747d0b9b6cd26231d8c31-ae4626a34a819c2f679134494e172388894669b5&lang=en&ds=gm011&pr=sa&d=2012-09-15 21:36:21&v=12.2.5.34&sap=hp"]},"tabs":{"use_compact_navigation_bar":false,"use_vertical_tabs":false}}

-\\ Opera v [Unable to get version]

File : C:\Users\OEM\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [20738 octets] - [16/10/2012 18:51:11]

########## EOF - C:\AdwCleaner[S1].txt - [20799 octets] ##########




Junkware Removal Tool (JRT) by Thisisu
Version: 1.6.6 (10.16.2012)
OS: Windows 7 Home Premium x64
Ran by OEM on Tue 16/10/2012 at 18:53:54.34
Blog: http://thisisudax.blogspot.com
**************************************************************




*** Services: 0 Detections



*** Registry Values: 0 Detections



*** Registry Keys: 0 Detections



*** Files: 0 Detections



*** Folders: 0 Detections



*** FireFox detected and repaired



*** Event Viewer Logs - Cleared





**************************************************************
Scan was completed on Tue 16/10/2012 at 19:01:54.91
End of Report







Rkill 2.4.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 10/16/2012 07:03:01 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* Explorer Policy Removed: NoActiveDesktopChanges [HKLM]

Backup Registry file created at:
C:\Users\OEM\Desktop\rkill\rkill-10-16-2012-07-03-09.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity:

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Manual

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 10/16/2012 07:03:16 PM
Execution time: 0 hours(s), 0 minute(s), and 14 seconds(s)





"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" ""
+ "rdpclip" "" "" "File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "HotKeysCmds" "hkcmd Module" "Intel Corporation" "c:\windows\system32\hkcmd.exe"
+ "IgfxTray" "igfxTray Module" "Intel Corporation" "c:\windows\system32\igfxtray.exe"
+ "Launch LGDCore" "Logitech G-series Profiler" "Logitech Inc." "c:\program files\logitech\gamepanel software\g-series software\lgdcore.exe"
+ "Launch LgDeviceAgent" "Logitech GamePanel Agent" "Logitech Inc." "c:\program files\logitech\gamepanel software\lgdevagt.exe"
+ "Persistence" "persistence Module" "Intel Corporation" "c:\windows\system32\igfxpers.exe"
+ "RtHDVCpl" "Realtek HD Audio Manager" "Realtek Semiconductor" "c:\program files\realtek\audio\hda\ravcpl64.exe"
+ "Trend Micro Client Framework" "Trend Micro Client Session Agent Monitor" "Trend Micro Inc." "c:\program files\trend micro\uniclient\uifrmwrk\uiwatchdog.exe"
+ "Trend Micro Titanium" "Trend Micro Client Main Console" "Trend Micro Inc." "c:\program files\trend micro\titanium\uiframework\uiwinmgr.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe"
+ "Adobe Reader Speed Launcher" "Adobe Acrobat SpeedLauncher" "Adobe Systems Incorporated" "c:\program files (x86)\adobe\reader 9.0\reader\reader_sl.exe"
+ "APSDaemon" "Apple Push" "Apple Inc." "c:\program files (x86)\common files\apple\apple application support\apsdaemon.exe"
+ "BDRegion" "brs" "cyberlink" "c:\program files (x86)\cyberlink\shared files\brs.exe"
+ "BingDesktop" "Bing Desktop application" "Microsoft Corp." "c:\program files (x86)\microsoft\bingdesktop\bingdesktop.exe"
+ "CLMLServer" "CyberLink MediaLibray Service" "CyberLink" "c:\program files (x86)\cyberlink\power2go\clmlsvc.exe"
+ "IAStorIcon" "IAStorIcon" "Intel Corporation" "c:\program files (x86)\intel\intel® rapid storage technology\iastoricon.exe"
+ "iTunesHelper" "iTunesHelper" "Apple Inc." "c:\program files (x86)\itunes\ituneshelper.exe"
+ "QuickTime Plugin Install" "" "" "c:\program files (x86)\quicktime\plugins\deleteme1.exe"
+ "QuickTime Task" "QuickTime Task" "Apple Inc." "c:\program files (x86)\quicktime\qttask.exe"
+ "RemoteControl9" "PowerDVD RC Service" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd9\pdvd9serv.exe"
+ "ROC_ROC_NT" "" "" "File not found: C:\Program Files (x86)\AVG Secure Search\ROC_ROC_NT.exe"
+ "UpdateLBPShortCut" "MUI StartMenu Application" "CyberLink Corp." "c:\program files (x86)\cyberlink\labelprint\muitransfer\muistartmenu.exe"
+ "UpdateP2GoShortCut" "MUI StartMenu Application" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\muitransfer\muistartmenu.exe"
+ "UpdatePPShortCut" "MUI StartMenu Application" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerproducer\muitransfer\muistartmenu.exe"
+ "UpdatePSTShortCut" "MUI StartMenu Application" "CyberLink Corp." "c:\program files (x86)\cyberlink\blu-ray disc suite\muitransfer\muistartmenu.exe"
+ "vProt" "" "" "File not found: C:\Program Files (x86)\AVG Secure Search\vprot.exe"
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "McAfee Security Scan Plus.lnk" "McAfee Security Scanner Scheduler" "McAfee, Inc." "c:\program files (x86)\mcafee security scan\3.0.207\ssscheduler.exe"
"C:\Users\OEM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "OneNote 2010 Screen Clipper and Launcher.lnk" "Microsoft OneNote Quick Launcher" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\onenotem.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "LightScribe Control Panel" "" "Hewlett-Packard Company" "c:\program files (x86)\common files\lightscribe\lsrunonce.exe"
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Facebook Update" "Facebook Installer" "Facebook Inc." "c:\users\oem\appdata\local\facebook\update\facebookupdate.exe"
+ "LightScribe Control Panel" "" "Hewlett-Packard Company" "c:\program files (x86)\common files\lightscribe\lightscribecontrolpanel.exe"
+ "MobileDocuments" "ubd.exe" "Apple Inc." "c:\program files (x86)\common files\apple\internet services\ubd.exe"
+ "Spotify Web Helper" "" "" "c:\users\oem\appdata\roaming\spotify\data\spotifywebhelper.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office14\msoxmlmf.dll"
"HKLM\SOFTWARE\Classes\Protocols\Handler" "" "" ""
+ "skype-ie-addon-data" "Skype Click to Call for Internet Explorer" "Skype Technologies S.A." "c:\program files (x86)\skype\toolbars\internet explorer x64\skypeieplugin.dll"
+ "tmbp" "Trend Micro Browser Plug-In (IE)" "Trend Micro Inc." "c:\program files\trend micro\amsp\module\20002\7.1.1102\7.1.1102\tmbpie64.dll"
+ "tmpx" "Trend Micro NSC IE Plug-In" "Trend Micro Inc." "c:\program files\trend micro\amsp\module\20004\2.0.1313\6.8.1078\tmieplg.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "TmdshellExt Class" "Trend Micro Client Shell Extension" "Trend Micro Inc." "c:\program files\trend micro\uniclient\uifrmwrk\tmdshell.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
+ "igfxcui" "igfxpph Module" "Intel Corporation" "c:\windows\system32\igfxpph.dll"
+ "NvCplDesktopContext" "" "NVIDIA Corporation" "c:\windows\system32\nvshext.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "TmdshellExt Class" "Trend Micro Client Shell Extension" "Trend Micro Inc." "c:\program files\trend micro\uniclient\uifrmwrk\tmdshell.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files\microsoft office\office14\urlredir.dll"
+ "Skype add-on for Internet Explorer" "Skype Click to Call for Internet Explorer" "Skype Technologies S.A." "c:\program files (x86)\skype\toolbars\internet explorer x64\skypeieplugin.dll"
+ "TmBpIeBHO Class" "Trend Micro Browser Plug-In (IE)" "Trend Micro Inc." "c:\program files\trend micro\amsp\module\20002\7.1.1102\7.1.1102\tmbpie64.dll"
+ "TmIEPlugInBHO Class" "Trend Micro NSC IE Plug-In" "Trend Micro Inc." "c:\program files\trend micro\amsp\module\20004\2.0.1313\6.8.1078\tmieplg.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\urlredir.dll"
+ "Skype Browser Helper" "Skype Click to Call for Internet Explorer" "Skype Technologies S.A." "c:\program files (x86)\skype\toolbars\internet explorer\skypeieplugin.dll"
+ "TmBpIeBHO Class" "Trend Micro Browser Plug-In (IE)" "Trend Micro Inc." "c:\program files\trend micro\amsp\module\20002\7.1.1102\7.1.1102\tmbpie32.dll"
+ "TmIEPlugInBHO Class" "Trend Micro NSC IE Plug-In" "Trend Micro Inc." "c:\program files\trend micro\amsp\module\20004\2.0.1313\6.8.1078\tmieplg32.dll"
+ "TSToolbarBHO" "Trend Micro TrendSecure" "Trend Micro Inc." "c:\program files\trend micro\titanium\uiframework\toolbarie.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "Trend Micro Toolbar" "Trend Micro TrendSecure" "Trend Micro Inc." "c:\program files\trend micro\titanium\uiframework\toolbarie.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "OneNote Lin&ked Notes" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office14\onbttnielinkednotes.dll"
+ "Se&nd to OneNote" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office14\onbttnie.dll"
+ "Skype Click to Call" "Skype Click to Call for Internet Explorer" "Skype Technologies S.A." "c:\program files (x86)\skype\toolbars\internet explorer x64\skypeieplugin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "OneNote Lin&ked Notes" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\onbttnielinkednotes.dll"
+ "Se&nd to OneNote" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\onbttnie.dll"
+ "Skype Click to Call" "Skype Click to Call for Internet Explorer" "Skype Technologies S.A." "c:\program files (x86)\skype\toolbars\internet explorer\skypeieplugin.dll"
"Task Scheduler" "" "" ""
+ "\Apple\AppleSoftwareUpdate" "Apple Software Update" "Apple Inc." "c:\program files (x86)\apple software update\softwareupdate.exe"
+ "\CCleanerSkipUAC" "CCleaner" "Piriform Ltd" "c:\program files\ccleaner\ccleaner.exe"
+ "\FacebookUpdateTaskUserS-1-5-21-4282963075-921404004-1524790246-1000Core" "Facebook Installer" "Facebook Inc." "c:\users\oem\appdata\local\facebook\update\facebookupdate.exe"
+ "\FacebookUpdateTaskUserS-1-5-21-4282963075-921404004-1524790246-1000UA" "Facebook Installer" "Facebook Inc." "c:\users\oem\appdata\local\facebook\update\facebookupdate.exe"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "Amsp" "Manages Trend Micro security modules" "Trend Micro Inc." "c:\program files\trend micro\amsp\coreserviceshell.exe"
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files (x86)\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "AppleChargerSrv" "Apple mobile devices charging service" "" "c:\windows\system32\applechargersrv.exe"
+ "BingDesktopUpdate" "Bing Desktop Update Service" "Microsoft Corp." "c:\program files (x86)\microsoft\bingdesktop\bingdesktopupdater.exe"
+ "Bonjour Service" "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence." "Apple Inc." "c:\program files\bonjour\mdnsresponder.exe"
+ "CLKMSVC10_9EC60124" "CyberLink KM Service" "CyberLink" "c:\program files (x86)\cyberlink\powerdvd9\navfilter\kmsvc.exe"
+ "cphs" "Intel® Content Protection HECI Service - enables communication with the Content Protection FW" "Intel Corporation" "c:\windows\syswow64\intelcphecisvc.exe"
+ "cvhsvc" "Client Virtualization Handler Service (unlocalized description)" "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\virtualization handler\cvhsvc.exe"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "IAStorDataMgrSvc" "Provides storage event notification and manages communication between the storage driver and user space applications." "Intel Corporation" "c:\program files (x86)\intel\intel® rapid storage technology\iastordatamgrsvc.exe"
+ "iPod Service" "iPod hardware management services" "Apple Inc." "c:\program files\ipod\bin\ipodservice.exe"
+ "LightScribeService" "Used by the LightScribe software components to support 3rd party disc labeling applications using the LightScribe COM Application Programming Interface (LSCAPI). This service needs to run for LightScribe direct disc labeling to work." "Hewlett-Packard Company" "c:\program files (x86)\common files\lightscribe\lssrvc.exe"
+ "McComponentHostService" "McAfee Security Scan Component Host Service" "McAfee, Inc." "c:\program files (x86)\mcafee security scan\3.0.207\mcchsvc.exe"
+ "MozillaMaintenance" "The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled." "Mozilla Foundation" "c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe"
+ "NVSvc" "Provides system and desktop level support to the NVIDIA display driver" "NVIDIA Corporation" "c:\windows\system32\nvvsvc.exe"
+ "nvUpdatusService" "NVIDIA Settings Update Manager service, used to check new updates from NVIDIA server." "NVIDIA Corporation" "c:\program files (x86)\nvidia corporation\nvidia update core\daemonu.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"
+ "osppsvc" "Office Software Protection Platform Service (unlocalized description)" "Microsoft Corporation" "c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe"
+ "sftlist" "Streams and manages applications." "Microsoft Corporation" "c:\program files (x86)\microsoft application virtualization client\sftlist.exe"
+ "sftvsa" "Monitors global service events and launches virtual services." "Microsoft Corporation" "c:\program files (x86)\microsoft application virtualization client\sftvsa.exe"
+ "Skype C2C Service" "Skype Click to Call Update Service" "Skype Technologies S.A." "c:\programdata\skype\toolbars\skype c2c service\c2c_service.exe"
+ "SkypeUpdate" "Enables the detection, download and installation of updates for Skype." "Skype Technologies" "c:\program files (x86)\skype\updater\updater.exe"
+ "Steam Client Service" "Steam Client Service monitors and updates Steam content" "Valve Corporation" "c:\program files (x86)\common files\steam\steamservice.exe"
+ "Stereo Service" "Provides system support for NVIDIA Stereoscopic 3D driver" "NVIDIA Corporation" "c:\program files (x86)\nvidia corporation\3d vision\nvscpapisvr.exe"
+ "vToolbarUpdater12.2.6" "ToolbarU Application" "" "c:\program files (x86)\common files\avg secure search\vtoolbarupdater\12.2.6\toolbarupdater.exe"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "ALSysIO" "" "" "File not found: C:\Users\OEM\AppData\Local\Temp\ALSysIO64.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "AppleCharger" "Apple mobile devices charging program" "" "c:\windows\system32\drivers\applecharger.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "avgtp" "" "AVG Technologies" "c:\windows\system32\drivers\avgtpx64.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "EtronHub3" "Etron eXtensible Hub Driver." "Etron Technology Inc" "c:\windows\system32\drivers\etronhub3.sys"
+ "EtronXHCI" "Etron eXtensible Host Controller Driver." "Etron Technology Inc" "c:\windows\system32\drivers\etronxhci.sys"
+ "gdrv" "" "" "File not found: C:\Windows\gdrv.sys"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStor" "Intel Rapid Storage Technology driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastor.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "igfx" "Intel Graphics Kernel Mode Driver" "Intel Corporation" "c:\windows\system32\drivers\igdkmd64.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "IntcAzAudAddService" "Realtek® High Definition Audio Function Driver" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtkvhd64.sys"
+ "IntcDAud" "Intel® Display Audio Driver" "Intel® Corporation" "c:\windows\system32\drivers\intcdaud.sys"
+ "L1C" "Atheros L1c PCI-E Gigabit Ethernet Controller" "Atheros Communications, Inc." "c:\windows\system32\drivers\l1c62x64.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "MEIx64" "Intel® Management Engine Interface" "Intel Corporation" "c:\windows\system32\drivers\hecix64.sys"
+ "mvs91xx" "Marvell magni Windows Driver" "Marvell Semiconductor, Inc." "c:\windows\system32\drivers\mvs91xx.sys"
+ "netr28x" "Ralink 802.11 Wireless Adapter Driver" "Ralink Technology, Corp." "c:\windows\system32\drivers\netr28x.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "NVENETFD" "NVIDIA MCP Networking Function Driver." "NVIDIA Corporation" "c:\windows\system32\drivers\nvm62x64.sys"
+ "NVHDA" "NVIDIA HDMI Audio Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvhda64v.sys"
+ "nvlddmkm" "NVIDIA Windows Kernel Mode Driver, Version 306.97 " "NVIDIA Corporation" "c:\windows\system32\drivers\nvlddmkm.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "RTL8167" "Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver " "Realtek " "c:\windows\system32\drivers\rt64win7.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "Serial" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\serial.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "SSMO3v2Filter" "Developed and Built for World of Warcraft: Cataclysm MMO Gaming Mouse by SteelSeries." "Sagatek Co. Ltd." "c:\windows\system32\drivers\mo3v2driver.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "tmactmon" "Trend Micro Activity Monitor Driver" "Trend Micro Inc." "c:\windows\system32\drivers\tmactmon.sys"
+ "tmcomm" "Trend Micro Common Engine Driver" "Trend Micro Inc." "c:\windows\system32\drivers\tmcomm.sys"
+ "tmeevw" "Trend Micro EagleEye driver (VW)" "Trend Micro Inc." "c:\windows\system32\drivers\tmeevw.sys"
+ "tmevtmgr" "Trend Micro Event Manager Driver" "Trend Micro Inc." "c:\windows\system32\drivers\tmevtmgr.sys"
+ "tmnciesc" "Trend Micro NCIE scanner of EagleEye hook" "Trend Micro Inc." "c:\windows\system32\drivers\tmnciesc.sys"
+ "tmtdi" "Trend Micro TDI Driver (amd64-fre)" "Trend Micro Inc." "c:\windows\system32\drivers\tmtdi.sys"
+ "USBAAPL64" "Apple Mobile Device USB Driver" "Apple, Inc." "c:\windows\system32\drivers\usbaapl64.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
+ "WDC_SAM" "Manages WD external storage products." "Western Digital Technologies" "c:\windows\system32\drivers\wdcsam64.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "CyberLink Audio Commercial Cut Analyzer" "CLAudCM" "Cyberlink Corp." "c:\program files (x86)\cyberlink\powerproducer\claudcm.ax"
+ "CyberLink Audio Decoder" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerproducer\se_claud.ax"
+ "CyberLink Audio Decoder (PDVD9)" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd9\audiofilter\claud.ax"
+ "CyberLink Audio Decoder(PDVD9 UPnP)" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd9\upnp\claud.ax"
+ "CyberLink Audio Effect (PDVD9)" "CyberLink Audio Effect Filter" "CyberLink Corporation" "c:\program files (x86)\cyberlink\powerdvd9\audiofilter\claudfx.ax"
+ "CyberLink Audio Noise Reduction" "CLAuNR" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gaunrwrapper.ax"
+ "CyberLink Audio Resampler" "CLAuRsmpl.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gaursmpl.ax"
+ "CyberLink Audio Spectrum Analyzer (PDVD9)" "CLAudSpa.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd9\audiofilter\claudspa.ax"
+ "CyberLink Audio Spectrum Analyzer(PDVD9 UPnP)" "CLAudSpa.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd9\upnp\claudspa.ax"
+ "CyberLink Audio VolumeBooster" "CyberLink Audio Volume Booster Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gvb.ax"
+ "CyberLink Audio Wizard" "CyberLink Audio Wizard Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd9\audiofilter\claudwizard.ax"
+ "CyberLink AudioCD Filter" "CyberLink AudioCD Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gaudiocd.ax"
+ "CyberLink AudioCD Filter (PDVD9)" "CyberLink AudioCD Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd9\audiofilter\claudiocd.ax"
+ "CyberLink AVCHD Navigator" "CLBDROMNav" "cyberlink" "c:\program files (x86)\cyberlink\powerdvd9\navfilter\clavchdnav.ax"
+ "CyberLink Demultiplexer" "MPEG-2 Dempltiplexer" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerproducer\cldemuxer.ax"
+ "CyberLink Demultiplexer(PDVD9 UPnP)" "MPEG-2 Dempltiplexer" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd9\upnp\cldemuxer.ax"
+ "Cyberlink Demuxer 2.0" "CLDemuxer2" "Cyberlink" "c:\program files (x86)\cyberlink\powerdvd9\navfilter\cldemuxer2.ax"
+ "CyberLink Digest Filter (PDVD9)" "DigestFilter Dynamic Link Library" "" "c:\program files (x86)\cyberlink\powerdvd9\digestfilter.dll"
+ "Cyberlink Dump Dispatch Filter" "Cyberlink File Dump Dispatch Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gdumpdispatch.ax"
+ "Cyberlink Dump Dispatch Filter" "Cyberlink File Dump Dispatch Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerproducer\se_cldumpdispatch.ax"
+ "Cyberlink Dump Filter" "Cyberlink File Dump Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gdump.ax"
+ "CyberLink DV Buffer" "DV dump Filter" "CyberLink Corporation" "c:\program files (x86)\cyberlink\powerproducer\ppdvdump.ax"
+ "CyberLink DVD Navigator (PDVD9)" "CyberLink DVD Navigation Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd9\navfilter\clnavx.ax"
+ "CyberLink Editing Service 3.0 (Source)" "CES Kernel" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gedtkrn.dll"
+ "CyberLink Editing Service 4.5 (Source)" "CES Kernel (LT15)" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerproducer\cledtkrn.dll"
+ "Cyberlink File Reader (Async.)" "Cyberlink MPEG File Reader" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2greader.ax"
+ "CyberLink FLV Splitter (PDVD9)" "CyberLink FLV Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd9\navfilter\clflvsplitter.ax"
+ "CyberLink Frame Parser" "CLFParser" "CyberLink" "c:\program files (x86)\cyberlink\powerproducer\clfparser.ax"
+ "CyberLink H.264/AVC Decoder" "CyberLink 264 Decoder Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerproducer\cl264dec.ax"
+ "CyberLink HAM Decoder" "CyberLink 264 Decoder Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd9\videofilter\clcvd.ax"
+ "CyberLink HD/BD Mixer (PDVD9)" "CLHBMixer" " " "c:\program files (x86)\cyberlink\powerdvd9\audiofilter\clhbmixer.ax"
+ "CyberLink Line21 Decoder (PDVD9)" "CyberLink Line21 Decoder Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd9\videofilter\clline21.ax"
+ "CyberLink Load Image Filter" "CLImage (LT15)" "CyberLink" "c:\program files (x86)\cyberlink\shared files\climage.ax"
+ "CyberLink M2V Writer" "CLM2VWriter" "CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gm2vwriter.ax"
+ "CyberLink Matroska Splitter (PDVD9)" "CyberLink Matroska Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd9\navfilter\clmkvsplter.ax"
+ "CyberLink MP3/WAV Wrapper" "CyberLink MP3 Wrapper" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gmp3wrap.ax"
+ "CyberLink MPEG Decoder" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gmvd.ax"
+ "CyberLink MPEG Muxer" "MpgMux" "CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gmpgmux.ax"
+ "CyberLink MPEG Muxer" "MpgMux" "CyberLink" "c:\program files (x86)\cyberlink\powerproducer\se_mpgmux.ax"
+ "CyberLink MPEG Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd9\upnp\clsplter.ax"
+ "CyberLink MPEG Video Encoder" "CyberLink MPEG Video Encoder " "CyberLink Corp. " "c:\program files (x86)\cyberlink\power2go\p2gvidenc.ax"
+ "CyberLink MPEG-1 Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gm1spliter.ax"
+ "CyberLink MPEG-2 Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gm2spliter.ax"
+ "CyberLink MPEG-4 Muxer" "CyberLink MPEG-4 Muxer" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerproducer\se_clm4muxer.ax"
+ "CyberLink MPEG-4 Muxer" "CyberLink MPEG-4 Muxer" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerproducer\clm4muxer.ax"
+ "CyberLink MPEG-4 Splitter" "CyberLink MPEG-4 Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerproducer\se_clm4splt.ax"
+ "CyberLink MPEG-4 Splitter" "CyberLink MPEG-4 Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerproducer\clm4splt.ax"
+ "CyberLink MPEG-4 Splitter (PDVD9)" "CyberLink MPEG-4 Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd9\navfilter\clm4splt.ax"
+ "CyberLink MPEGV Analyzer" "CLMPEGAnalysis" "CyberLink" "c:\program files (x86)\cyberlink\powerproducer\se_clmpegvanalyzer.ax"
+ "CyberLink MPEGV Analyzer" "CLMPEGAnalysis" "CyberLink" "c:\program files (x86)\cyberlink\powerproducer\clmpegvanalyzer.ax"
+ "CyberLink Mux Push Source" "Cyberlink push-mode file source" "Cyberlink" "c:\program files (x86)\cyberlink\powerproducer\se_clmuxpushsrc.ax"
+ "CyberLink PCM Wrapper" "CyberLink PCM Wrapper" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gpcmenc.ax"
+ "CyberLink Push-Mode CLStream(PDVD9)" "CLStream" "CyberLink" "c:\program files (x86)\cyberlink\powerdvd9\upnp\clstream(pushmode).ax"
+ "CyberLink RealAudio Decoder (PDVD9)" "CyberLink RealMedia Audio Decoder" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd9\audiofilter\clrmaud.ax"
+ "CyberLink RealMedia Splitter (PDVD9)" "CyberLink RealMedia Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd9\navfilter\clrmsplitter.ax"
+ "CyberLink RealVideo Decoder (PDVD9)" "CyberLink RealMedia Video Decoder" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd9\videofilter\clrmvd.ax"
+ "CyberLink SBE Filter" "CLSBE" "CyberLink" "c:\program files (x86)\cyberlink\powerproducer\clsbe.ax"
+ "CyberLink SBE Source Filter" "CLSBESrc" "CyberLink" "c:\program files (x86)\cyberlink\powerproducer\clsbesrc.ax"
+ "Cyberlink Scene Detect Filter" "CLScnDt" "CyberLink" "c:\program files (x86)\cyberlink\powerproducer\ppscndt.ax"
+ "CyberLink Stamp Effect" "" "CyberLink corporate" "c:\program files (x86)\cyberlink\powerproducer\ppstampeffect.ax"
+ "CyberLink Streamming Filter(PDVD9)" "Cyberlink Streaming Source Filter(Scramble)" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd9\upnp\clstream.ax"
+ "Cyberlink Sub-Picture Filter" "Cyberlink Sub-Picture Filter" "Cyberlink" "c:\program files (x86)\cyberlink\powerproducer\clsubpic.ax"
+ "Cyberlink SubTitle Importor (PDVD9)" "CLSubTitle.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd9\videofilter\clsubtitle.ax"
+ "CyberLink TimeStretch Filter (CES)" "CLAuTS.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gauts.ax"
+ "CyberLink TimeStretch Filter (PDVD9)" "CLAuTS.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd9\audiofilter\clauts.ax"
+ "CyberLink TL MPEG Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerproducer\se_cltlmsplter.ax"
+ "CyberLink TL MPEG Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gtlmsplter.ax"
+ "Cyberlink TS Information" "CLTSInfo" "Cyberlink" "c:\program files (x86)\cyberlink\powerproducer\pptsinfo.ax"
+ "CyberLink Tzan Filter" "Cyberlink Tzan Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerproducer\cltzan.ax"
+ "CyberLink Tzan Filter (PDVD9)" "Cyberlink Tzan Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd9\videofilter\cltzan.ax"
+ "CyberLink UltraSpeed/SVRT Demultiplexer" "MPEG-2 Dempltiplexer" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerproducer\se_cledtdemuxer.ax"
+ "CyberLink UltraSpeed/SVRT Demultiplexer" "MPEG-2 Dempltiplexer" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerproducer\cledtdemuxer.ax"
+ "CyberLink Video Decoder (PDVD9)" "CyberLink 264 Decoder Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd9\videofilter\clcvd.ax"
+ "CyberLink Video Effect" "CLVidFx" "CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gvidfx.ax"
+ "CyberLink Video Regulator" "CLRGL" "Cyberlink" "c:\program files (x86)\cyberlink\power2go\p2grgl.ax"
+ "CyberLink Video Stabilizer" "CLVideoDeShaking" "CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gvideostabilizer.ax"
+ "CyberLink Video/SP Decoder (PDVD9)" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd9\videofilter\clvsd.ax"
+ "CyberLink Video/SP Decoder(PDVD9 UPnP)" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd9\upnp\clvsd.ax"
+ "CyberLink WMV/WMA Demux(PDVD9)" "WMV/WMA Demux" "CyberLink" "c:\program files (x86)\cyberlink\powerdvd9\upnp\clwmfdemux.ax"
+ "DivX for Blizzard Decoder Filter" "" "" "File not found: c:\users\oem\desktop\warcraft iii\blizzard.ax"
+ "DXVA Filter" "MPEG-1/2 Decoder Filter for DirectShow" "Gabest" "c:\program files (x86)\gretech\gomplayer\codecs\mpeg2decfilter.ax"
+ "GomTV Streamer Network Filter" "GomTV Streamer Nework Source Filter" "Gretech Corp." "c:\program files (x86)\gretech\gomtvstreamer\gomtvstreamernf.ax"
+ "Gretech AAC Source Filter" "" "" "c:\program files (x86)\gretech\gomplayer\gsfu.ax"
+ "Gretech ASF Source Filter" "" "" "c:\program files (x86)\gretech\gomplayer\gsfu.ax"
+ "Gretech AsfEx Source Filter" "" "" "c:\program files (x86)\gretech\gomplayer\gsfu.ax"
+ "Gretech Audio Filter" "" "" "c:\program files (x86)\gretech\gomplayer\gaf.ax"
+ "Gretech AVI Source Filter" "" "" "c:\program files (x86)\gretech\gomplayer\gsfu.ax"
+ "Gretech FLV Source Filter" "" "" "c:\program files (x86)\gretech\gomplayer\gsfu.ax"
+ "Gretech MKV Source Filter" "" "" "c:\program files (x86)\gretech\gomplayer\gsfu.ax"
+ "Gretech MP3 Source Filter" "" "" "c:\program files (x86)\gretech\gomplayer\gsfu.ax"
+ "Gretech MP4 Source Filter" "" "" "c:\program files (x86)\gretech\gomplayer\gsfu.ax"
+ "Gretech MPEG Source Filter" "" "" "c:\program files (x86)\gretech\gomplayer\gsfu.ax"
+ "Gretech MPEG Source Filter2" "" "" "c:\program files (x86)\gretech\gomplayer\gsfu.ax"
+ "Gretech Network(AVI) Filter" "" "" "c:\program files (x86)\gretech\gomplayer\gnf.ax"
+ "Gretech Network(FLV) Filter" "" "" "c:\program files (x86)\gretech\gomplayer\gnf.ax"
+ "Gretech Network(GOM) Filter" "" "" "c:\program files (x86)\gretech\gomplayer\gnf.ax"
+ "Gretech Network(MP4) Filter" "" "" "c:\program files (x86)\gretech\gomplayer\gnf.ax"
+ "Gretech Network(OGG) Filter" "" "" "c:\program files (x86)\gretech\gomplayer\gnf.ax"
+ "Gretech Network(SHOUTcast) Filter" "" "" "c:\program files (x86)\gretech\gomplayer\gnf.ax"
+ "Gretech OGG Source Filter" "" "" "c:\program files (x86)\gretech\gomplayer\gsfu.ax"
+ "Gretech OGG Source Filter2" "" "" "c:\program files (x86)\gretech\gomplayer\gsfu.ax"
+ "Gretech Video Filter" "" "" "c:\program files (x86)\gretech\gomplayer\gvf.ax"
+ "MPEG/AC3/DTS/LPCM Audio Decoder" "Mpeg Audio Decoder for DirectShow, based on libmad" "Gabest" "c:\program files (x86)\gretech\gomplayer\codecs\mpadecfilter.ax"
+ "Mpeg2Dec Filter" "MPEG-1/2 Decoder Filter for DirectShow" "Gabest" "c:\program files (x86)\gretech\gomplayer\codecs\mpeg2decfilter.ax"
+ "P2G Audio Decoder" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gaud.ax"
+ "P2G Audio Encoder" "CyberLink Audio Encoder Filter" "Cyberlink Corp." "c:\program files (x86)\cyberlink\power2go\p2gaudenc.ax"
+ "P2G Video Decoder" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gvsd.ax"
+ "P2G Video Regulator" "CyberLink Video Regulator" "CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gresample.ax"
+ "PowerProducer Double Tee" "Cyberlink Double Tee Filter" "CtberLink Corporation" "c:\program files (x86)\cyberlink\powerproducer\ppdoubletee.ax"
+ "PP Audio Decoder" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerproducer\claud.ax"
+ "PP Audio Effect" "CyberLink Audio Effect Filter" "CyberLink Corporation" "c:\program files (x86)\cyberlink\powerproducer\claudfx.ax"
+ "PP Audio Encoder" "CyberLink Audio Encoder Filter" "Cyberlink Corp." "c:\program files (x86)\cyberlink\powerproducer\claudenc.ax"
+ "PP Audio Noise Reduction (CES)" "CLAuNR" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerproducer\claunrwrapper.ax"
+ "PP Audio Resampler" "CLAuRsmpl.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerproducer\ppaursmpl.ax"
+ "PP Byte Counter" "PP Byte Counter" "CyberLink Corporation" "c:\program files (x86)\cyberlink\powerproducer\ppbytecounter.ax"
+ "PP DDR" "PP DDR" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerproducer\pprender.ax"
+ "PP Dump Dispatch Filter" "Cyberlink File Dump Dispatch Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerproducer\cldumpdispatch.ax"
+ "PP Dump Filter" "Cyberlink File Dump Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerproducer\cldump.ax"
+ "PP DV Buffer" "CLDVBuffer Filter" "CyberLink" "c:\program files (x86)\cyberlink\powerproducer\ppdvbuffer.ax"
+ "PP DV Dump Filter" "DV dump Filter" "CyberLink Corporation" "c:\program files (x86)\cyberlink\powerproducer\ppdvdump.ax"
+ "PP DV TCR" "DVTCR" "CyberLink" "c:\program files (x86)\cyberlink\powerproducer\ppdvtcr.ax"
+ "PP File Reader (Async.)" "Cyberlink MPEG File Reader" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerproducer\ppreader.ax"
+ "PP Gate Filter" "CLGate" "CyberLink" "c:\program files (x86)\cyberlink\powerproducer\ppgate.ax"
+ "PP IDM" "idmf" "Cyberlink" "c:\program files (x86)\cyberlink\powerproducer\ppidmf.ax"
+ "PP M2V Writer" "CLM2VWriter" "CyberLink" "c:\program files (x86)\cyberlink\powerproducer\ppm2vwriter.ax"
+ "PP MPEG Muxer" "MpgMux" "CyberLink" "c:\program files (x86)\cyberlink\powerproducer\mpgmux.ax"
+ "PP MPEG Splitter" "PP MPEG Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerproducer\ppsplter.ax"
+ "PP MPEG Video Encoder" "CyberLink MPEG Video Encoder " "CyberLink Corp. " "c:\program files (x86)\cyberlink\powerproducer\clvidenc.ax"
+ "PP PCM Wrapper" "PP PCM Wrapper" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerproducer\pppcmenc.ax"
+ "PP Snapshot Filter" "CLSnapShot Filter" "CyberLink" "c:\program files (x86)\cyberlink\powerproducer\ppsnapshot.ax"
+ "PP SnapShotTIP Filter" "CLSShot" "CyberLink" "c:\program files (x86)\cyberlink\powerproducer\ppsshot.ax"
+ "PP TimeStretch Filter (CES)" "CLAuTS.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerproducer\clauts.ax"
+ "PP TL MPEG Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerproducer\cltlmsplter.ax"
+ "PP TV Audio Decoder" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerproducer\claudtv.ax"
+ "PP Video Decoder" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerproducer\ppgenericvsd.ax"
+ "PP Video Effect" "CLVidFx" "CyberLink" "c:\program files (x86)\cyberlink\powerproducer\ppvidfx.ax"
+ "PP Video Regulator" "CyberLink Video Regulator" "CyberLink" "c:\program files (x86)\cyberlink\powerproducer\ppresample.ax"
+ "PP Video Regulator" "Video Regulator" "Cyberlink" "c:\program files (x86)\cyberlink\powerproducer\clrgl.ax"
+ "PP WAV Dest" "CLWavDest" "CyberLink" "c:\program files (x86)\cyberlink\powerproducer\ppwavdest.ax"
+ "PP YUY2 Deinterlace" "DitlYuY2" "CyberLink" "c:\program files (x86)\cyberlink\powerproducer\ppditlyuy2.ax"
+ "PP YUY2 Sub-Sampling" "SubYUY2 Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerproducer\ppsubyuy2.ax"
+ "Time Regulator" "TimeRegulator" "cyberlink" "c:\program files (x86)\cyberlink\powerproducer\avi_audtr.ax"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Appinit_Dlls" "" "" ""
+ "C:\Windows\system32\nvinitx.dll" "NVIDIA shim initialization dll, Version 306.97 " "NVIDIA Corporation" "c:\windows\system32\nvinitx.dll"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Windows\Appinit_Dlls" "" "" ""
+ "C:\Windows\SysWOW64\nvinit.dll" "NVIDIA shim initialization dll, Version 306.97 " "NVIDIA Corporation" "c:\windows\syswow64\nvinit.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "igfxcui" "igfxdev Module" "Intel Corporation" "c:\windows\system32\igfxdev.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files (x86)\bonjour\mdnsnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll"

#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:22 AM

Posted 16 October 2012 - 01:09 AM

That looks good

Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

XP- http://support.microsoft.com/kb/310405

Vista & windows 7- http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users