Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Computer Infected with Ads on webpages (roll over words) Adaware


  • Please log in to reply
17 replies to this topic

#1 bayar3a

bayar3a

  • Members
  • 61 posts
  • OFFLINE
  •  
  • Local time:01:19 AM

Posted 22 October 2012 - 12:17 PM

Hello,

My computer has been infected with ads when I web browse. I use Google Chrome and put an Ad stop and they disappear but leave a space on the webpages, sometimes blocking other options to the website. I have used MalwareBytes (finds nothing), Superantispyware Pro (finds around 22-178 depending how often I use it, does not work) Search and Destory (finds, icrossrider and Babylon Toolbar) does not erase anything. ESET online scanner, finds nothing. Hitman Pro, finds nothing.

I use windows 7 and Google Chrome to web surf.

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:19 AM

Posted 22 October 2012 - 01:49 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 bayar3a

bayar3a
  • Topic Starter

  • Members
  • 61 posts
  • OFFLINE
  •  
  • Local time:01:19 AM

Posted 22 October 2012 - 04:41 PM

TDSK Scan Results


14:38:18.0801 2780 TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
14:38:20.0202 2780 ============================================================
14:38:20.0202 2780 Current date / time: 2012/10/22 14:38:20.0202
14:38:20.0202 2780 SystemInfo:
14:38:20.0202 2780
14:38:20.0202 2780 OS Version: 6.1.7601 ServicePack: 1.0
14:38:20.0202 2780 Product type: Workstation
14:38:20.0203 2780 ComputerName: DAVID-PC
14:38:20.0203 2780 UserName: david
14:38:20.0203 2780 Windows directory: C:\windows
14:38:20.0203 2780 System windows directory: C:\windows
14:38:20.0203 2780 Running under WOW64
14:38:20.0203 2780 Processor architecture: Intel x64
14:38:20.0203 2780 Number of processors: 2
14:38:20.0203 2780 Page size: 0x1000
14:38:20.0203 2780 Boot type: Normal boot
14:38:20.0203 2780 ============================================================
14:38:20.0939 2780 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:38:20.0948 2780 ============================================================
14:38:20.0948 2780 \Device\Harddisk0\DR0:
14:38:20.0948 2780 MBR partitions:
14:38:20.0948 2780 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x235CB000
14:38:20.0948 2780 ============================================================
14:38:21.0001 2780 C: <-> \Device\Harddisk0\DR0\Partition1
14:38:21.0001 2780 ============================================================
14:38:21.0001 2780 Initialize success
14:38:21.0001 2780 ============================================================
14:38:49.0290 6092 ============================================================
14:38:49.0290 6092 Scan started
14:38:49.0291 6092 Mode: Manual; TDLFS;
14:38:49.0291 6092 ============================================================
14:38:50.0857 6092 ================ Scan system memory ========================
14:38:50.0857 6092 System memory - ok
14:38:50.0858 6092 ================ Scan services =============================
14:38:50.0985 6092 [ 581D88B25C4D4121824FED2CA38E562F ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
14:38:50.0988 6092 !SASCORE - ok
14:38:51.0288 6092 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
14:38:51.0296 6092 1394ohci - ok
14:38:51.0344 6092 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\windows\system32\drivers\ACPI.sys
14:38:51.0352 6092 ACPI - ok
14:38:51.0387 6092 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
14:38:51.0390 6092 AcpiPmi - ok
14:38:51.0527 6092 [ 62B7936F9036DD6ED36E6A7EFA805DC0 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:38:51.0530 6092 AdobeARMservice - ok
14:38:51.0715 6092 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:38:51.0722 6092 AdobeFlashPlayerUpdateSvc - ok
14:38:51.0794 6092 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\drivers\adp94xx.sys
14:38:51.0806 6092 adp94xx - ok
14:38:51.0834 6092 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\drivers\adpahci.sys
14:38:51.0843 6092 adpahci - ok
14:38:51.0880 6092 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\drivers\adpu320.sys
14:38:51.0886 6092 adpu320 - ok
14:38:51.0925 6092 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
14:38:51.0928 6092 AeLookupSvc - ok
14:38:51.0987 6092 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\windows\system32\drivers\afd.sys
14:38:51.0998 6092 AFD - ok
14:38:52.0046 6092 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\drivers\agp440.sys
14:38:52.0050 6092 agp440 - ok
14:38:52.0107 6092 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe
14:38:52.0111 6092 ALG - ok
14:38:52.0173 6092 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\drivers\aliide.sys
14:38:52.0176 6092 aliide - ok
14:38:52.0190 6092 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\drivers\amdide.sys
14:38:52.0193 6092 amdide - ok
14:38:52.0230 6092 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\drivers\amdk8.sys
14:38:52.0234 6092 AmdK8 - ok
14:38:52.0256 6092 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\drivers\amdppm.sys
14:38:52.0261 6092 AmdPPM - ok
14:38:52.0314 6092 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\windows\system32\drivers\amdsata.sys
14:38:52.0319 6092 amdsata - ok
14:38:52.0376 6092 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\drivers\amdsbs.sys
14:38:52.0382 6092 amdsbs - ok
14:38:52.0417 6092 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\windows\system32\drivers\amdxata.sys
14:38:52.0420 6092 amdxata - ok
14:38:52.0474 6092 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\windows\system32\drivers\appid.sys
14:38:52.0478 6092 AppID - ok
14:38:52.0516 6092 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll
14:38:52.0519 6092 AppIDSvc - ok
14:38:52.0564 6092 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\windows\System32\appinfo.dll
14:38:52.0568 6092 Appinfo - ok
14:38:52.0677 6092 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
14:38:52.0681 6092 Apple Mobile Device - ok
14:38:52.0757 6092 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\drivers\arc.sys
14:38:52.0761 6092 arc - ok
14:38:52.0770 6092 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\drivers\arcsas.sys
14:38:52.0774 6092 arcsas - ok
14:38:52.0928 6092 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
14:38:52.0947 6092 aspnet_state - ok
14:38:52.0991 6092 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
14:38:52.0994 6092 AsyncMac - ok
14:38:53.0014 6092 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\drivers\atapi.sys
14:38:53.0017 6092 atapi - ok
14:38:53.0098 6092 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
14:38:53.0112 6092 AudioEndpointBuilder - ok
14:38:53.0131 6092 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\windows\System32\Audiosrv.dll
14:38:53.0143 6092 AudioSrv - ok
14:38:53.0413 6092 [ F6A528DE535396C2FB1A4E3C6F00CEC4 ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe
14:38:53.0561 6092 AVGIDSAgent - ok
14:38:53.0648 6092 [ 1B2E9FCDC26DC7C81D4131430E2DC936 ] AVGIDSDriver C:\windows\system32\DRIVERS\avgidsdrivera.sys
14:38:53.0653 6092 AVGIDSDriver - ok
14:38:53.0696 6092 [ 0F293406F64B48D5D2F0D3A1117F3A83 ] AVGIDSFilter C:\windows\system32\DRIVERS\avgidsfiltera.sys
14:38:53.0699 6092 AVGIDSFilter - ok
14:38:53.0725 6092 [ CFFC3A4A638F462E0561CB368B9A7A3A ] AVGIDSHA C:\windows\system32\DRIVERS\avgidsha.sys
14:38:53.0729 6092 AVGIDSHA - ok
14:38:53.0795 6092 [ 221FEBAB02D6C97C95558348CC354A85 ] Avgldx64 C:\windows\system32\DRIVERS\avgldx64.sys
14:38:53.0803 6092 Avgldx64 - ok
14:38:53.0856 6092 [ A6AEC362AAE5E2DDA7445E7690CB0F33 ] Avgmfx64 C:\windows\system32\DRIVERS\avgmfx64.sys
14:38:53.0859 6092 Avgmfx64 - ok
14:38:53.0905 6092 [ 645C7F0A0E39758A0024A9B1748273C0 ] Avgrkx64 C:\windows\system32\DRIVERS\avgrkx64.sys
14:38:53.0908 6092 Avgrkx64 - ok
14:38:53.0960 6092 [ F8C3C7ED612A41B05C66358FC9786BFD ] Avgtdia C:\windows\system32\DRIVERS\avgtdia.sys
14:38:53.0971 6092 Avgtdia - ok
14:38:54.0033 6092 [ A313C4AE276E3C975A1BC27170AA23C6 ] avgtp C:\windows\system32\drivers\avgtpx64.sys
14:38:54.0037 6092 avgtp - ok
14:38:54.0066 6092 [ EA1145DEBCD508FD25BD1E95C4346929 ] avgwd C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
14:38:54.0072 6092 avgwd - ok
14:38:54.0129 6092 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\windows\System32\AxInstSV.dll
14:38:54.0134 6092 AxInstSV - ok
14:38:54.0195 6092 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\drivers\bxvbda.sys
14:38:54.0207 6092 b06bdrv - ok
14:38:54.0228 6092 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
14:38:54.0236 6092 b57nd60a - ok
14:38:54.0297 6092 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll
14:38:54.0302 6092 BDESVC - ok
14:38:54.0327 6092 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys
14:38:54.0330 6092 Beep - ok
14:38:54.0411 6092 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\windows\System32\bfe.dll
14:38:54.0426 6092 BFE - ok
14:38:54.0481 6092 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\windows\system32\qmgr.dll
14:38:54.0500 6092 BITS - ok
14:38:54.0538 6092 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
14:38:54.0542 6092 blbdrive - ok
14:38:54.0632 6092 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
14:38:54.0640 6092 Bonjour Service - ok
14:38:54.0688 6092 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\windows\system32\DRIVERS\bowser.sys
14:38:54.0692 6092 bowser - ok
14:38:54.0733 6092 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\drivers\BrFiltLo.sys
14:38:54.0736 6092 BrFiltLo - ok
14:38:54.0751 6092 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\drivers\BrFiltUp.sys
14:38:54.0755 6092 BrFiltUp - ok
14:38:54.0816 6092 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\windows\system32\DRIVERS\bridge.sys
14:38:54.0821 6092 BridgeMP - ok
14:38:54.0869 6092 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\windows\System32\browser.dll
14:38:54.0874 6092 Browser - ok
14:38:54.0904 6092 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys
14:38:54.0913 6092 Brserid - ok
14:38:54.0946 6092 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
14:38:54.0949 6092 BrSerWdm - ok
14:38:54.0993 6092 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
14:38:54.0996 6092 BrUsbMdm - ok
14:38:55.0011 6092 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
14:38:55.0013 6092 BrUsbSer - ok
14:38:55.0172 6092 [ 233F834C71F1EF95D266F86D0860D4D3 ] BstHdAndroidSvc C:\Program Files (x86)\BlueStacks\HD-Service.exe
14:38:55.0179 6092 BstHdAndroidSvc - ok
14:38:55.0261 6092 [ BCA794E1A1B55A926773AE741DEE93A1 ] BstHdDrv C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys
14:38:55.0264 6092 BstHdDrv - ok
14:38:55.0296 6092 [ 6736C5C64313909CD8126B253A7AEE0F ] BstHdLogRotatorSvc C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
14:38:55.0303 6092 BstHdLogRotatorSvc - ok
14:38:55.0340 6092 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\drivers\bthmodem.sys
14:38:55.0344 6092 BTHMODEM - ok
14:38:55.0389 6092 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll
14:38:55.0393 6092 bthserv - ok
14:38:55.0420 6092 catchme - ok
14:38:55.0462 6092 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
14:38:55.0466 6092 cdfs - ok
14:38:55.0507 6092 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
14:38:55.0512 6092 cdrom - ok
14:38:55.0556 6092 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\windows\System32\certprop.dll
14:38:55.0560 6092 CertPropSvc - ok
14:38:55.0597 6092 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\drivers\circlass.sys
14:38:55.0601 6092 circlass - ok
14:38:55.0633 6092 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys
14:38:55.0641 6092 CLFS - ok
14:38:55.0708 6092 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:38:55.0712 6092 clr_optimization_v2.0.50727_32 - ok
14:38:55.0761 6092 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:38:55.0766 6092 clr_optimization_v2.0.50727_64 - ok
14:38:55.0893 6092 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:38:55.0929 6092 clr_optimization_v4.0.30319_32 - ok
14:38:55.0979 6092 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:38:55.0999 6092 clr_optimization_v4.0.30319_64 - ok
14:38:56.0033 6092 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
14:38:56.0036 6092 CmBatt - ok
14:38:56.0072 6092 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\drivers\cmdide.sys
14:38:56.0075 6092 cmdide - ok
14:38:56.0151 6092 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\windows\system32\Drivers\cng.sys
14:38:56.0162 6092 CNG - ok
14:38:56.0258 6092 [ 66847C979893A11CFCC2280E772D7EA1 ] CnxtHdAudService C:\windows\system32\drivers\CHDRT64.sys
14:38:56.0290 6092 CnxtHdAudService - ok
14:38:56.0350 6092 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\drivers\compbatt.sys
14:38:56.0353 6092 Compbatt - ok
14:38:56.0364 6092 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\windows\system32\DRIVERS\CompositeBus.sys
14:38:56.0367 6092 CompositeBus - ok
14:38:56.0385 6092 COMSysApp - ok
14:38:56.0407 6092 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\drivers\crcdisk.sys
14:38:56.0411 6092 crcdisk - ok
14:38:56.0472 6092 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\windows\system32\cryptsvc.dll
14:38:56.0478 6092 CryptSvc - ok
14:38:56.0607 6092 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
14:38:56.0620 6092 cvhsvc - ok
14:38:56.0694 6092 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\windows\system32\rpcss.dll
14:38:56.0708 6092 DcomLaunch - ok
14:38:56.0732 6092 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\windows\system32\Drivers\dfsc.sys
14:38:56.0736 6092 DfsC - ok
14:38:56.0790 6092 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\windows\system32\dhcpcore.dll
14:38:56.0798 6092 Dhcp - ok
14:38:56.0834 6092 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys
14:38:56.0836 6092 discache - ok
14:38:56.0879 6092 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\drivers\disk.sys
14:38:56.0883 6092 Disk - ok
14:38:56.0908 6092 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\windows\System32\dnsrslvr.dll
14:38:56.0915 6092 Dnscache - ok
14:38:56.0974 6092 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\windows\System32\dot3svc.dll
14:38:56.0981 6092 dot3svc - ok
14:38:57.0012 6092 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\windows\system32\dps.dll
14:38:57.0017 6092 DPS - ok
14:38:57.0085 6092 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
14:38:57.0088 6092 drmkaud - ok
14:38:57.0151 6092 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
14:38:57.0172 6092 DXGKrnl - ok
14:38:57.0224 6092 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll
14:38:57.0228 6092 EapHost - ok
14:38:57.0370 6092 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\drivers\evbda.sys
14:38:57.0460 6092 ebdrv - ok
14:38:57.0499 6092 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\windows\System32\lsass.exe
14:38:57.0501 6092 EFS - ok
14:38:57.0593 6092 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\windows\ehome\ehRecvr.exe
14:38:57.0609 6092 ehRecvr - ok
14:38:57.0625 6092 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe
14:38:57.0629 6092 ehSched - ok
14:38:57.0695 6092 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\drivers\elxstor.sys
14:38:57.0707 6092 elxstor - ok
14:38:57.0727 6092 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\drivers\errdev.sys
14:38:57.0730 6092 ErrDev - ok
14:38:57.0813 6092 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll
14:38:57.0823 6092 EventSystem - ok
14:38:57.0861 6092 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys
14:38:57.0868 6092 exfat - ok
14:38:57.0912 6092 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys
14:38:57.0919 6092 fastfat - ok
14:38:57.0990 6092 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\windows\system32\fxssvc.exe
14:38:58.0005 6092 Fax - ok
14:38:58.0034 6092 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\drivers\fdc.sys
14:38:58.0038 6092 fdc - ok
14:38:58.0069 6092 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll
14:38:58.0072 6092 fdPHost - ok
14:38:58.0086 6092 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll
14:38:58.0089 6092 FDResPub - ok
14:38:58.0138 6092 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
14:38:58.0142 6092 FileInfo - ok
14:38:58.0174 6092 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys
14:38:58.0177 6092 Filetrace - ok
14:38:58.0220 6092 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\drivers\flpydisk.sys
14:38:58.0223 6092 flpydisk - ok
14:38:58.0279 6092 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
14:38:58.0285 6092 FltMgr - ok
14:38:58.0340 6092 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\windows\system32\FntCache.dll
14:38:58.0359 6092 FontCache - ok
14:38:58.0413 6092 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:38:58.0416 6092 FontCache3.0.0.0 - ok
14:38:58.0433 6092 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys
14:38:58.0437 6092 FsDepends - ok
14:38:58.0480 6092 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
14:38:58.0482 6092 Fs_Rec - ok
14:38:58.0545 6092 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
14:38:58.0551 6092 fvevol - ok
14:38:58.0605 6092 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys
14:38:58.0609 6092 gagp30kx - ok
14:38:58.0661 6092 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\windows\system32\drivers\gearaspiwdm.sys
14:38:58.0664 6092 GEARAspiWDM - ok
14:38:58.0726 6092 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\windows\System32\gpsvc.dll
14:38:58.0743 6092 gpsvc - ok
14:38:58.0806 6092 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:38:58.0810 6092 gupdate - ok
14:38:58.0838 6092 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:38:58.0843 6092 gupdatem - ok
14:38:58.0875 6092 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
14:38:58.0878 6092 hcw85cir - ok
14:38:58.0924 6092 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
14:38:58.0933 6092 HdAudAddService - ok
14:38:58.0959 6092 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys
14:38:58.0963 6092 HDAudBus - ok
14:38:58.0989 6092 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\drivers\HidBatt.sys
14:38:58.0992 6092 HidBatt - ok
14:38:59.0030 6092 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\drivers\hidbth.sys
14:38:59.0035 6092 HidBth - ok
14:38:59.0087 6092 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\drivers\hidir.sys
14:38:59.0091 6092 HidIr - ok
14:38:59.0126 6092 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\System32\hidserv.dll
14:38:59.0130 6092 hidserv - ok
14:38:59.0192 6092 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
14:38:59.0195 6092 HidUsb - ok
14:38:59.0269 6092 [ 44F92C1F913E582BEF9CAC66443C6230 ] hitmanpro36 C:\windows\system32\drivers\hitmanpro36.sys
14:38:59.0273 6092 hitmanpro36 - ok
14:38:59.0336 6092 [ 5EB1A8F4CCB6C2860C0967113AA83C86 ] HitmanProScheduler C:\Program Files\HitmanPro\hmpsched.exe
14:38:59.0339 6092 HitmanProScheduler - ok
14:38:59.0381 6092 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\windows\system32\kmsvc.dll
14:38:59.0386 6092 hkmsvc - ok
14:38:59.0402 6092 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll
14:38:59.0410 6092 HomeGroupListener - ok
14:38:59.0440 6092 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll
14:38:59.0448 6092 HomeGroupProvider - ok
14:38:59.0480 6092 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
14:38:59.0484 6092 HpSAMD - ok
14:38:59.0535 6092 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\windows\system32\drivers\HTTP.sys
14:38:59.0551 6092 HTTP - ok
14:38:59.0580 6092 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
14:38:59.0581 6092 hwpolicy - ok
14:38:59.0627 6092 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys
14:38:59.0632 6092 i8042prt - ok
14:38:59.0688 6092 [ D469B77687E12FE43E344806740B624D ] iaStor C:\windows\system32\DRIVERS\iaStor.sys
14:38:59.0697 6092 iaStor - ok
14:38:59.0753 6092 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
14:38:59.0764 6092 iaStorV - ok
14:38:59.0842 6092 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
14:38:59.0847 6092 IDriverT - ok
14:38:59.0904 6092 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:38:59.0923 6092 idsvc - ok
14:39:00.0296 6092 [ 370C2A8629B30F910F740387795DDC6F ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys
14:39:00.0580 6092 igfx - ok
14:39:00.0645 6092 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\drivers\iirsp.sys
14:39:00.0648 6092 iirsp - ok
14:39:00.0816 6092 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\windows\System32\ikeext.dll
14:39:00.0845 6092 IKEEXT - ok
14:39:00.0906 6092 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\windows\system32\DRIVERS\IntcDAud.sys
14:39:00.0914 6092 IntcDAud - ok
14:39:00.0950 6092 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\drivers\intelide.sys
14:39:00.0953 6092 intelide - ok
14:39:00.0995 6092 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
14:39:00.0998 6092 intelppm - ok
14:39:01.0028 6092 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll
14:39:01.0033 6092 IPBusEnum - ok
14:39:01.0093 6092 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
14:39:01.0097 6092 IpFilterDriver - ok
14:39:01.0143 6092 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\windows\System32\iphlpsvc.dll
14:39:01.0157 6092 iphlpsvc - ok
14:39:01.0185 6092 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
14:39:01.0189 6092 IPMIDRV - ok
14:39:01.0198 6092 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys
14:39:01.0203 6092 IPNAT - ok
14:39:01.0285 6092 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
14:39:01.0300 6092 iPod Service - ok
14:39:01.0345 6092 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys
14:39:01.0348 6092 IRENUM - ok
14:39:01.0369 6092 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\drivers\isapnp.sys
14:39:01.0372 6092 isapnp - ok
14:39:01.0402 6092 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
14:39:01.0414 6092 iScsiPrt - ok
14:39:01.0451 6092 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
14:39:01.0454 6092 kbdclass - ok
14:39:01.0502 6092 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\windows\system32\drivers\kbdhid.sys
14:39:01.0504 6092 kbdhid - ok
14:39:01.0521 6092 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\windows\system32\lsass.exe
14:39:01.0523 6092 KeyIso - ok
14:39:01.0553 6092 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
14:39:01.0557 6092 KSecDD - ok
14:39:01.0586 6092 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
14:39:01.0591 6092 KSecPkg - ok
14:39:01.0635 6092 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
14:39:01.0638 6092 ksthunk - ok
14:39:01.0667 6092 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll
14:39:01.0678 6092 KtmRm - ok
14:39:01.0723 6092 [ EBED8B3FF4A823C1A6EEBEED7B29353F ] L1C C:\windows\system32\DRIVERS\L1C62x64.sys
14:39:01.0727 6092 L1C - ok
14:39:01.0775 6092 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\windows\System32\srvsvc.dll
14:39:01.0782 6092 LanmanServer - ok
14:39:01.0809 6092 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
14:39:01.0815 6092 LanmanWorkstation - ok
14:39:01.0875 6092 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
14:39:01.0878 6092 lltdio - ok
14:39:01.0917 6092 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll
14:39:01.0926 6092 lltdsvc - ok
14:39:01.0959 6092 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll
14:39:01.0962 6092 lmhosts - ok
14:39:02.0052 6092 [ 2ED1786B7542CDA261029F6B526EDF44 ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
14:39:02.0059 6092 LMS - ok
14:39:02.0103 6092 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\drivers\lsi_fc.sys
14:39:02.0109 6092 LSI_FC - ok
14:39:02.0125 6092 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys
14:39:02.0129 6092 LSI_SAS - ok
14:39:02.0149 6092 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\drivers\lsi_sas2.sys
14:39:02.0152 6092 LSI_SAS2 - ok
14:39:02.0161 6092 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\drivers\lsi_scsi.sys
14:39:02.0165 6092 LSI_SCSI - ok
14:39:02.0195 6092 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys
14:39:02.0199 6092 luafv - ok
14:39:02.0267 6092 [ A8FE8F2783B2929B56F5370A89356CE9 ] MBAMProtector C:\windows\system32\drivers\mbam.sys
14:39:02.0270 6092 MBAMProtector - ok
14:39:02.0359 6092 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
14:39:02.0368 6092 MBAMScheduler - ok
14:39:02.0444 6092 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
14:39:02.0456 6092 MBAMService - ok
14:39:02.0502 6092 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
14:39:02.0507 6092 Mcx2Svc - ok
14:39:02.0542 6092 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\drivers\megasas.sys
14:39:02.0545 6092 megasas - ok
14:39:02.0574 6092 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\drivers\MegaSR.sys
14:39:02.0582 6092 MegaSR - ok
14:39:02.0629 6092 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\windows\system32\DRIVERS\HECIx64.sys
14:39:02.0633 6092 MEIx64 - ok
14:39:02.0689 6092 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll
14:39:02.0693 6092 MMCSS - ok
14:39:02.0723 6092 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys
14:39:02.0726 6092 Modem - ok
14:39:02.0771 6092 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys
14:39:02.0773 6092 monitor - ok
14:39:02.0823 6092 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
14:39:02.0827 6092 mouclass - ok
14:39:02.0876 6092 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\drivers\mouhid.sys
14:39:02.0879 6092 mouhid - ok
14:39:02.0921 6092 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\windows\system32\drivers\mountmgr.sys
14:39:02.0925 6092 mountmgr - ok
14:39:03.0013 6092 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
14:39:03.0016 6092 MozillaMaintenance - ok
14:39:03.0041 6092 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\windows\system32\drivers\mpio.sys
14:39:03.0046 6092 mpio - ok
14:39:03.0083 6092 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
14:39:03.0087 6092 mpsdrv - ok
14:39:03.0155 6092 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\windows\system32\mpssvc.dll
14:39:03.0174 6092 MpsSvc - ok
14:39:03.0197 6092 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
14:39:03.0201 6092 MRxDAV - ok
14:39:03.0229 6092 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
14:39:03.0233 6092 mrxsmb - ok
14:39:03.0257 6092 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
14:39:03.0263 6092 mrxsmb10 - ok
14:39:03.0273 6092 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
14:39:03.0277 6092 mrxsmb20 - ok
14:39:03.0300 6092 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\windows\system32\DRIVERS\msahci.sys
14:39:03.0302 6092 msahci - ok
14:39:03.0315 6092 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\windows\system32\drivers\msdsm.sys
14:39:03.0319 6092 msdsm - ok
14:39:03.0340 6092 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe
14:39:03.0344 6092 MSDTC - ok
14:39:03.0386 6092 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys
14:39:03.0388 6092 Msfs - ok
14:39:03.0396 6092 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
14:39:03.0398 6092 mshidkmdf - ok
14:39:03.0406 6092 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\drivers\msisadrv.sys
14:39:03.0408 6092 msisadrv - ok
14:39:03.0469 6092 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll
14:39:03.0472 6092 MSiSCSI - ok
14:39:03.0475 6092 msiserver - ok
14:39:03.0516 6092 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
14:39:03.0517 6092 MSKSSRV - ok
14:39:03.0529 6092 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
14:39:03.0530 6092 MSPCLOCK - ok
14:39:03.0544 6092 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
14:39:03.0546 6092 MSPQM - ok
14:39:03.0572 6092 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\windows\system32\drivers\MsRPC.sys
14:39:03.0577 6092 MsRPC - ok
14:39:03.0598 6092 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\DRIVERS\mssmbios.sys
14:39:03.0599 6092 mssmbios - ok
14:39:03.0637 6092 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
14:39:03.0640 6092 MSTEE - ok
14:39:03.0661 6092 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\drivers\MTConfig.sys
14:39:03.0664 6092 MTConfig - ok
14:39:03.0700 6092 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys
14:39:03.0704 6092 Mup - ok
14:39:03.0745 6092 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\windows\system32\qagentRT.dll
14:39:03.0757 6092 napagent - ok
14:39:03.0819 6092 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
14:39:03.0828 6092 NativeWifiP - ok
14:39:03.0910 6092 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\windows\system32\drivers\ndis.sys
14:39:03.0929 6092 NDIS - ok
14:39:03.0984 6092 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
14:39:03.0988 6092 NdisCap - ok
14:39:04.0031 6092 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
14:39:04.0034 6092 NdisTapi - ok
14:39:04.0082 6092 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
14:39:04.0086 6092 Ndisuio - ok
14:39:04.0103 6092 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
14:39:04.0109 6092 NdisWan - ok
14:39:04.0154 6092 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
14:39:04.0158 6092 NDProxy - ok
14:39:04.0201 6092 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
14:39:04.0205 6092 NetBIOS - ok
14:39:04.0229 6092 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
14:39:04.0237 6092 NetBT - ok
14:39:04.0276 6092 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\windows\system32\lsass.exe
14:39:04.0278 6092 Netlogon - ok
14:39:04.0328 6092 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll
14:39:04.0334 6092 Netman - ok
14:39:04.0410 6092 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:39:04.0414 6092 NetMsmqActivator - ok
14:39:04.0444 6092 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:39:04.0447 6092 NetPipeActivator - ok
14:39:04.0492 6092 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll
14:39:04.0503 6092 netprofm - ok
14:39:04.0543 6092 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:39:04.0547 6092 NetTcpActivator - ok
14:39:04.0558 6092 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:39:04.0561 6092 NetTcpPortSharing - ok
14:39:04.0610 6092 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\drivers\nfrd960.sys
14:39:04.0614 6092 nfrd960 - ok
14:39:04.0666 6092 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\windows\System32\nlasvc.dll
14:39:04.0675 6092 NlaSvc - ok
14:39:04.0693 6092 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys
14:39:04.0697 6092 Npfs - ok
14:39:04.0720 6092 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll
14:39:04.0724 6092 nsi - ok
14:39:04.0753 6092 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
14:39:04.0756 6092 nsiproxy - ok
14:39:04.0834 6092 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
14:39:04.0867 6092 Ntfs - ok
14:39:04.0904 6092 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys
14:39:04.0907 6092 Null - ok
14:39:04.0952 6092 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\windows\system32\drivers\nvraid.sys
14:39:04.0960 6092 nvraid - ok
14:39:04.0997 6092 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\windows\system32\drivers\nvstor.sys
14:39:05.0002 6092 nvstor - ok
14:39:05.0046 6092 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
14:39:05.0050 6092 nv_agp - ok
14:39:05.0085 6092 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
14:39:05.0089 6092 ohci1394 - ok
14:39:05.0134 6092 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:39:05.0139 6092 ose - ok
14:39:05.0369 6092 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
14:39:05.0506 6092 osppsvc - ok
14:39:05.0536 6092 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll
14:39:05.0541 6092 p2pimsvc - ok
14:39:05.0568 6092 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll
14:39:05.0576 6092 p2psvc - ok
14:39:05.0609 6092 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\drivers\parport.sys
14:39:05.0612 6092 Parport - ok
14:39:05.0643 6092 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\windows\system32\drivers\partmgr.sys
14:39:05.0647 6092 partmgr - ok
14:39:05.0685 6092 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll
14:39:05.0692 6092 PcaSvc - ok
14:39:05.0725 6092 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\windows\system32\drivers\pci.sys
14:39:05.0731 6092 pci - ok
14:39:05.0746 6092 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\DRIVERS\pciide.sys
14:39:05.0749 6092 pciide - ok
14:39:05.0784 6092 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\drivers\pcmcia.sys
14:39:05.0791 6092 pcmcia - ok
14:39:05.0906 6092 [ 82EC1531BC74ADC34E0342C12958C55A ] PCToolsSSDMonitorSvc C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
14:39:05.0923 6092 PCToolsSSDMonitorSvc - ok
14:39:05.0939 6092 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys
14:39:05.0943 6092 pcw - ok
14:39:05.0979 6092 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys
14:39:05.0994 6092 PEAUTH - ok
14:39:06.0106 6092 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe
14:39:06.0111 6092 PerfHost - ok
14:39:06.0183 6092 [ 91111CEBBDE8015E822C46120ED9537C ] PGEffect C:\windows\system32\DRIVERS\pgeffect.sys
14:39:06.0187 6092 PGEffect - ok
14:39:06.0246 6092 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\windows\system32\pla.dll
14:39:06.0276 6092 pla - ok
14:39:06.0339 6092 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\windows\system32\umpnpmgr.dll
14:39:06.0350 6092 PlugPlay - ok
14:39:06.0384 6092 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
14:39:06.0389 6092 PNRPAutoReg - ok
14:39:06.0416 6092 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll
14:39:06.0424 6092 PNRPsvc - ok
14:39:06.0462 6092 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
14:39:06.0474 6092 PolicyAgent - ok
14:39:06.0512 6092 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\windows\system32\umpo.dll
14:39:06.0519 6092 Power - ok
14:39:06.0577 6092 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
14:39:06.0582 6092 PptpMiniport - ok
14:39:06.0601 6092 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\drivers\processr.sys
14:39:06.0604 6092 Processor - ok
14:39:06.0660 6092 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\windows\system32\profsvc.dll
14:39:06.0667 6092 ProfSvc - ok
14:39:06.0688 6092 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe
14:39:06.0691 6092 ProtectedStorage - ok
14:39:06.0742 6092 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\windows\system32\DRIVERS\pacer.sys
14:39:06.0746 6092 Psched - ok
14:39:06.0825 6092 [ 4712CC14E720ECCCC0AA16949D18AAF1 ] PxHlpa64 C:\windows\system32\Drivers\PxHlpa64.sys
14:39:06.0828 6092 PxHlpa64 - ok
14:39:06.0877 6092 [ C8FCB4899F8B70CC34E0D9876A80963C ] QIOMem C:\windows\system32\DRIVERS\QIOMem.sys
14:39:06.0880 6092 QIOMem - ok
14:39:06.0970 6092 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\drivers\ql2300.sys
14:39:07.0002 6092 ql2300 - ok
14:39:07.0054 6092 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\drivers\ql40xx.sys
14:39:07.0059 6092 ql40xx - ok
14:39:07.0097 6092 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll
14:39:07.0106 6092 QWAVE - ok
14:39:07.0118 6092 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
14:39:07.0121 6092 QWAVEdrv - ok
14:39:07.0177 6092 [ A55CAB3FDB6C13E5499399A1070BB08B ] RaneSixtyEightUsb C:\windows\system32\Drivers\RaneSixtyEightUsb.sys
14:39:07.0181 6092 RaneSixtyEightUsb - ok
14:39:07.0238 6092 [ A55CAB3FDB6C13E5499399A1070BB08B ] RaneSixtyEightUsbNoSSL C:\windows\system32\Drivers\RaneSixtyEightUsbNoSSL.sys
14:39:07.0242 6092 RaneSixtyEightUsbNoSSL - ok
14:39:07.0288 6092 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
14:39:07.0291 6092 RasAcd - ok
14:39:07.0328 6092 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
14:39:07.0332 6092 RasAgileVpn - ok
14:39:07.0357 6092 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll
14:39:07.0364 6092 RasAuto - ok
14:39:07.0373 6092 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
14:39:07.0378 6092 Rasl2tp - ok
14:39:07.0401 6092 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\windows\System32\rasmans.dll
14:39:07.0412 6092 RasMan - ok
14:39:07.0455 6092 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
14:39:07.0459 6092 RasPppoe - ok
14:39:07.0492 6092 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
14:39:07.0496 6092 RasSstp - ok
14:39:07.0522 6092 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
14:39:07.0530 6092 rdbss - ok
14:39:07.0553 6092 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\drivers\rdpbus.sys
14:39:07.0556 6092 rdpbus - ok
14:39:07.0596 6092 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
14:39:07.0597 6092 RDPCDD - ok
14:39:07.0620 6092 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
14:39:07.0622 6092 RDPENCDD - ok
14:39:07.0633 6092 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
14:39:07.0635 6092 RDPREFMP - ok
14:39:07.0682 6092 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\windows\system32\drivers\RDPWD.sys
14:39:07.0689 6092 RDPWD - ok
14:39:07.0748 6092 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
14:39:07.0755 6092 rdyboost - ok
14:39:07.0800 6092 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll
14:39:07.0806 6092 RemoteAccess - ok
14:39:07.0842 6092 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll
14:39:07.0850 6092 RemoteRegistry - ok
14:39:07.0890 6092 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
14:39:07.0895 6092 RpcEptMapper - ok
14:39:07.0931 6092 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe
14:39:07.0936 6092 RpcLocator - ok
14:39:07.0974 6092 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\windows\system32\rpcss.dll
14:39:07.0985 6092 RpcSs - ok
14:39:08.0043 6092 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
14:39:08.0047 6092 rspndr - ok
14:39:08.0104 6092 [ 135A64530D7699AD48F29D73A658DD11 ] RSUSBSTOR C:\windows\system32\Drivers\RtsUStor.sys
14:39:08.0111 6092 RSUSBSTOR - ok
14:39:08.0139 6092 [ E54A5586A28D0630A79A68BBAB84BFCF ] RSUSBVSTOR C:\windows\system32\Drivers\RTSUVSTOR.sys
14:39:08.0148 6092 RSUSBVSTOR - ok
14:39:08.0220 6092 [ 64FDF4FE366CA42DA2B7D9D424B6E39B ] RTL8192Ce C:\windows\system32\DRIVERS\rtl8192Ce.sys
14:39:08.0244 6092 RTL8192Ce - ok
14:39:08.0266 6092 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\windows\system32\lsass.exe
14:39:08.0270 6092 SamSs - ok
14:39:08.0357 6092 [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
14:39:08.0358 6092 SASDIFSV - ok
14:39:08.0406 6092 [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
14:39:08.0408 6092 SASKUTIL - ok
14:39:08.0439 6092 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\windows\system32\drivers\sbp2port.sys
14:39:08.0444 6092 sbp2port - ok
14:39:08.0552 6092 [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
14:39:08.0573 6092 SBSDWSCService - ok
14:39:08.0606 6092 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll
14:39:08.0614 6092 SCardSvr - ok
14:39:08.0636 6092 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
14:39:08.0639 6092 scfilter - ok
14:39:08.0683 6092 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\windows\system32\schedsvc.dll
14:39:08.0708 6092 Schedule - ok
14:39:08.0768 6092 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\windows\System32\certprop.dll
14:39:08.0770 6092 SCPolicySvc - ok
14:39:08.0814 6092 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys
14:39:08.0818 6092 secdrv - ok
14:39:08.0852 6092 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\windows\system32\seclogon.dll
14:39:08.0857 6092 seclogon - ok
14:39:08.0879 6092 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\system32\sens.dll
14:39:08.0884 6092 SENS - ok
14:39:08.0933 6092 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll
14:39:08.0938 6092 SensrSvc - ok
14:39:08.0993 6092 [ 37D531579FEC9E7B6123816D47918D53 ] SeratoUsb C:\windows\system32\Drivers\SeratoUsb.sys
14:39:08.0996 6092 SeratoUsb - ok
14:39:09.0056 6092 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\drivers\serenum.sys
14:39:09.0059 6092 Serenum - ok
14:39:09.0107 6092 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\drivers\serial.sys
14:39:09.0112 6092 Serial - ok
14:39:09.0157 6092 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\drivers\sermouse.sys
14:39:09.0161 6092 sermouse - ok
14:39:09.0214 6092 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\windows\system32\sessenv.dll
14:39:09.0220 6092 SessionEnv - ok
14:39:09.0240 6092 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\drivers\sffdisk.sys
14:39:09.0244 6092 sffdisk - ok
14:39:09.0276 6092 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
14:39:09.0280 6092 sffp_mmc - ok
14:39:09.0292 6092 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
14:39:09.0296 6092 sffp_sd - ok
14:39:09.0319 6092 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\drivers\sfloppy.sys
14:39:09.0340 6092 sfloppy - ok
14:39:09.0411 6092 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\windows\system32\DRIVERS\Sftfslh.sys
14:39:09.0428 6092 Sftfs - ok
14:39:09.0506 6092 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
14:39:09.0515 6092 sftlist - ok
14:39:09.0541 6092 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\windows\system32\DRIVERS\Sftplaylh.sys
14:39:09.0547 6092 Sftplay - ok
14:39:09.0561 6092 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\windows\system32\DRIVERS\Sftredirlh.sys
14:39:09.0562 6092 Sftredir - ok
14:39:09.0610 6092 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\windows\system32\DRIVERS\Sftvollh.sys
14:39:09.0612 6092 Sftvol - ok
14:39:09.0685 6092 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
14:39:09.0689 6092 sftvsa - ok
14:39:09.0735 6092 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\windows\System32\ipnathlp.dll
14:39:09.0745 6092 SharedAccess - ok
14:39:09.0799 6092 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll
14:39:09.0810 6092 ShellHWDetection - ok
14:39:09.0847 6092 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys
14:39:09.0850 6092 SiSRaid2 - ok
14:39:09.0887 6092 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys
14:39:09.0891 6092 SiSRaid4 - ok
14:39:09.0940 6092 [ BBF7895E6F8B50724CB22C71CCD392A5 ] SixtyTwoUsb C:\windows\system32\Drivers\SixtyTwoUsb.sys
14:39:09.0943 6092 SixtyTwoUsb - ok
14:39:09.0972 6092 [ A6FEDC2A8A19BD8B6DFBFE387FE71C16 ] SixtyTwoUsbNoSSL C:\windows\system32\Drivers\SixtyTwoUsbNoSSL.sys
14:39:09.0976 6092 SixtyTwoUsbNoSSL - ok
14:39:10.0367 6092 [ 0F97E7A47A52F4A36969F0FC319654C2 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
14:39:10.0488 6092 Skype C2C Service - ok
14:39:10.0608 6092 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
14:39:10.0613 6092 SkypeUpdate - ok
14:39:10.0660 6092 [ 315D3998C7D5A66C2BF13B4CEA1FEEEE ] SL2Usb C:\windows\system32\Drivers\SL2Usb.sys
14:39:10.0664 6092 SL2Usb - ok
14:39:10.0710 6092 [ 6F6252CD0AEE8280D4ADC801A209B5A1 ] SL2UsbNoSSL C:\windows\system32\Drivers\SL2UsbNoSSL.sys
14:39:10.0713 6092 SL2UsbNoSSL - ok
14:39:10.0760 6092 [ 3915CDDE704D7A3D3A85EBB59F09D028 ] SL4Usb C:\windows\system32\Drivers\SL4Usb.sys
14:39:10.0764 6092 SL4Usb - ok
14:39:10.0813 6092 [ E5BC8B7BA0FA810AC8429BE9A0BFBE37 ] SL4UsbNoSSL C:\windows\system32\Drivers\SL4UsbNoSSL.sys
14:39:10.0817 6092 SL4UsbNoSSL - ok
14:39:10.0834 6092 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys
14:39:10.0838 6092 Smb - ok
14:39:10.0895 6092 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe
14:39:10.0902 6092 SNMPTRAP - ok
14:39:10.0932 6092 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys
14:39:10.0935 6092 spldr - ok
14:39:10.0978 6092 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\windows\System32\spoolsv.exe
14:39:10.0992 6092 Spooler - ok
14:39:11.0239 6092 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\windows\system32\sppsvc.exe
14:39:11.0270 6092 sppsvc - ok
14:39:11.0283 6092 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll
14:39:11.0285 6092 sppuinotify - ok
14:39:11.0318 6092 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\windows\system32\DRIVERS\srv.sys
14:39:11.0324 6092 srv - ok
14:39:11.0345 6092 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
14:39:11.0351 6092 srv2 - ok
14:39:11.0418 6092 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\windows\system32\DRIVERS\VSTAZL6.SYS
14:39:11.0427 6092 SrvHsfHDA - ok
14:39:11.0519 6092 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\windows\system32\DRIVERS\VSTDPV6.SYS
14:39:11.0545 6092 SrvHsfV92 - ok
14:39:11.0589 6092 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\windows\system32\DRIVERS\VSTCNXT6.SYS
14:39:11.0601 6092 SrvHsfWinac - ok
14:39:11.0627 6092 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
14:39:11.0631 6092 srvnet - ok
14:39:11.0693 6092 [ F4F1E1FF6986FE8914525AF751EA3EAC ] sscdbus C:\windows\system32\DRIVERS\sscdbus.sys
14:39:11.0698 6092 sscdbus - ok
14:39:11.0718 6092 [ 5447690D2CFE1BDE1BE3A5A5A3E2F796 ] sscdmdfl C:\windows\system32\DRIVERS\sscdmdfl.sys
14:39:11.0720 6092 sscdmdfl - ok
14:39:11.0776 6092 [ BFDA292053AEB76A0C1D63B2279D5138 ] sscdmdm C:\windows\system32\DRIVERS\sscdmdm.sys
14:39:11.0782 6092 sscdmdm - ok
14:39:11.0807 6092 [ 208731A751357DD71C5A0345C77AFD0A ] sscdserd C:\windows\system32\DRIVERS\sscdserd.sys
14:39:11.0810 6092 sscdserd - ok
14:39:11.0861 6092 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
14:39:11.0867 6092 SSDPSRV - ok
14:39:11.0886 6092 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll
14:39:11.0892 6092 SstpSvc - ok
14:39:11.0915 6092 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\drivers\stexstor.sys
14:39:11.0919 6092 stexstor - ok
14:39:11.0986 6092 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\windows\System32\wiaservc.dll
14:39:12.0001 6092 stisvc - ok
14:39:12.0028 6092 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\DRIVERS\swenum.sys
14:39:12.0031 6092 swenum - ok
14:39:12.0134 6092 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
14:39:12.0168 6092 SwitchBoard - ok
14:39:12.0245 6092 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll
14:39:12.0259 6092 swprv - ok
14:39:12.0394 6092 [ F5B46DF59FEAA48A442AED7EEB754D4B ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
14:39:12.0424 6092 SynTP - ok
14:39:12.0553 6092 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\windows\system32\sysmain.dll
14:39:12.0589 6092 SysMain - ok
14:39:12.0658 6092 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll
14:39:12.0664 6092 TabletInputService - ok
14:39:12.0689 6092 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\windows\System32\tapisrv.dll
14:39:12.0697 6092 TapiSrv - ok
14:39:12.0733 6092 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll
14:39:12.0738 6092 TBS - ok
14:39:12.0830 6092 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\windows\system32\drivers\tcpip.sys
14:39:12.0870 6092 Tcpip - ok
14:39:12.0966 6092 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
14:39:12.0995 6092 TCPIP6 - ok
14:39:13.0051 6092 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
14:39:13.0055 6092 tcpipreg - ok
14:39:13.0114 6092 [ FD542B661BD22FA69CA789AD0AC58C29 ] tdcmdpst C:\windows\system32\DRIVERS\tdcmdpst.sys
14:39:13.0117 6092 tdcmdpst - ok
14:39:13.0153 6092 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
14:39:13.0157 6092 TDPIPE - ok
14:39:13.0203 6092 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
14:39:13.0206 6092 TDTCP - ok
14:39:13.0242 6092 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\windows\system32\DRIVERS\tdx.sys
14:39:13.0247 6092 tdx - ok
14:39:13.0282 6092 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\windows\system32\DRIVERS\termdd.sys
14:39:13.0286 6092 TermDD - ok
14:39:13.0342 6092 [ 2E648163254233755035B46DD7B89123 ] TermService C:\windows\System32\termsrv.dll
14:39:13.0359 6092 TermService - ok
14:39:13.0411 6092 [ 48D9D00C2E0E72C3D4F52772C80355F6 ] TFsExDisk C:\windows\System32\Drivers\TFsExDisk.sys
14:39:13.0414 6092 TFsExDisk - ok
14:39:13.0439 6092 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll
14:39:13.0444 6092 Themes - ok
14:39:13.0478 6092 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll
14:39:13.0482 6092 THREADORDER - ok
14:39:13.0558 6092 [ 83E91963C4452BE6899503CF9EBFD3ED ] TMachInfo C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
14:39:13.0560 6092 TMachInfo - ok
14:39:13.0599 6092 [ 8E2C799D3476EAC32C3BA0DF7CE6AF19 ] TODDSrv C:\Windows\system32\TODDSrv.exe
14:39:13.0605 6092 TODDSrv - ok
14:39:13.0692 6092 [ CDC97FA5C42B07FB0D4600E17C32F582 ] TosCoSrv C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
14:39:13.0703 6092 TosCoSrv - ok
14:39:13.0766 6092 [ D0F868A67CB4D817A3F7ABEF8C42F49C ] TOSHIBA eco Utility Service C:\Program Files\TOSHIBA\TECO\TecoService.exe
14:39:13.0773 6092 TOSHIBA eco Utility Service - ok
14:39:13.0824 6092 [ EDB4B432DB13EA3D1EB2356310D33263 ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
14:39:13.0828 6092 TOSHIBA HDD SSD Alert Service - ok
14:39:13.0892 6092 [ 09FF7B0B1B5C3D225495CB6F5A9B39F8 ] tos_sps64 C:\windows\system32\DRIVERS\tos_sps64.sys
14:39:13.0903 6092 tos_sps64 - ok
14:39:13.0965 6092 [ D65C6B0C070534336B72005391B6168A ] TPCHSrv C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
14:39:13.0978 6092 TPCHSrv - ok
14:39:14.0033 6092 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll
14:39:14.0039 6092 TrkWks - ok
14:39:14.0087 6092 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
14:39:14.0092 6092 TrustedInstaller - ok
14:39:14.0108 6092 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
14:39:14.0111 6092 tssecsrv - ok
14:39:14.0160 6092 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
14:39:14.0164 6092 TsUsbFlt - ok
14:39:14.0179 6092 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\windows\system32\drivers\TsUsbGD.sys
14:39:14.0183 6092 TsUsbGD - ok
14:39:14.0234 6092 [ 2169892C15C769E190E70510980D43C0 ] TTM57SLUsb C:\windows\system32\Drivers\TTM57SLUsb.sys
14:39:14.0238 6092 TTM57SLUsb - ok
14:39:14.0301 6092 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
14:39:14.0306 6092 tunnel - ok
14:39:14.0358 6092 [ 550B567F9364D8F7684C3FB3EA665A72 ] TVALZ C:\windows\system32\DRIVERS\TVALZ_O.SYS
14:39:14.0362 6092 TVALZ - ok
14:39:14.0391 6092 [ 9C7191F4B2E49BFF47A6C1144B5923FA ] TVALZFL C:\windows\system32\DRIVERS\TVALZFL.sys
14:39:14.0394 6092 TVALZFL - ok
14:39:14.0413 6092 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\drivers\uagp35.sys
14:39:14.0417 6092 uagp35 - ok
14:39:14.0460 6092 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\windows\system32\DRIVERS\udfs.sys
14:39:14.0470 6092 udfs - ok
14:39:14.0506 6092 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe
14:39:14.0512 6092 UI0Detect - ok
14:39:14.0555 6092 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
14:39:14.0559 6092 uliagpkx - ok
14:39:14.0606 6092 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\windows\system32\DRIVERS\umbus.sys
14:39:14.0609 6092 umbus - ok
14:39:14.0632 6092 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\drivers\umpass.sys
14:39:14.0635 6092 UmPass - ok
14:39:14.0876 6092 [ 7E5E1603D0FF2D240AE70295C5C3FEFC ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
14:39:14.0908 6092 UNS - ok
14:39:14.0940 6092 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll
14:39:14.0948 6092 upnphost - ok
14:39:14.0989 6092 [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64 C:\windows\system32\Drivers\usbaapl64.sys
14:39:14.0992 6092 USBAAPL64 - ok
14:39:15.0049 6092 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\windows\system32\drivers\usbaudio.sys
14:39:15.0053 6092 usbaudio - ok
14:39:15.0077 6092 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
14:39:15.0080 6092 usbccgp - ok
14:39:15.0145 6092 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\drivers\usbcir.sys
14:39:15.0148 6092 usbcir - ok
14:39:15.0177 6092 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\windows\system32\drivers\usbehci.sys
14:39:15.0180 6092 usbehci - ok
14:39:15.0205 6092 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
14:39:15.0211 6092 usbhub - ok
14:39:15.0241 6092 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\windows\system32\drivers\usbohci.sys
14:39:15.0243 6092 usbohci - ok
14:39:15.0268 6092 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\drivers\usbprint.sys
14:39:15.0271 6092 usbprint - ok
14:39:15.0301 6092 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
14:39:15.0305 6092 USBSTOR - ok
14:39:15.0339 6092 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\windows\system32\drivers\usbuhci.sys
14:39:15.0341 6092 usbuhci - ok
14:39:15.0384 6092 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\windows\system32\Drivers\usbvideo.sys
14:39:15.0388 6092 usbvideo - ok
14:39:15.0412 6092 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll
14:39:15.0414 6092 UxSms - ok
14:39:15.0443 6092 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\windows\system32\lsass.exe
14:39:15.0444 6092 VaultSvc - ok
14:39:15.0479 6092 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
14:39:15.0481 6092 vdrvroot - ok
14:39:15.0542 6092 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\windows\System32\vds.exe
14:39:15.0549 6092 vds - ok
14:39:15.0569 6092 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys
14:39:15.0570 6092 vga - ok
14:39:15.0584 6092 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys
14:39:15.0586 6092 VgaSave - ok
14:39:15.0605 6092 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\windows\system32\drivers\vhdmp.sys
14:39:15.0609 6092 vhdmp - ok
14:39:15.0622 6092 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\drivers\viaide.sys
14:39:15.0624 6092 viaide - ok
14:39:15.0653 6092 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\windows\system32\drivers\volmgr.sys
14:39:15.0655 6092 volmgr - ok
14:39:15.0669 6092 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\windows\system32\drivers\volmgrx.sys
14:39:15.0674 6092 volmgrx - ok
14:39:15.0687 6092 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\windows\system32\drivers\volsnap.sys
14:39:15.0691 6092 volsnap - ok
14:39:15.0731 6092 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\drivers\vsmraid.sys
14:39:15.0734 6092 vsmraid - ok
14:39:15.0790 6092 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\windows\system32\vssvc.exe
14:39:15.0809 6092 VSS - ok
14:39:15.0946 6092 [ CBA3F6EF1E70167DB376B4013F71A62B ] vToolbarUpdater12.2.6 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe
14:39:15.0962 6092 vToolbarUpdater12.2.6 - ok
14:39:15.0995 6092 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
14:39:15.0998 6092 vwifibus - ok
14:39:16.0038 6092 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
14:39:16.0042 6092 vwififlt - ok
14:39:16.0110 6092 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll
14:39:16.0121 6092 W32Time - ok
14:39:16.0150 6092 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\drivers\wacompen.sys
14:39:16.0154 6092 WacomPen - ok
14:39:16.0196 6092 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
14:39:16.0201 6092 WANARP - ok
14:39:16.0209 6092 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
14:39:16.0213 6092 Wanarpv6 - ok
14:39:16.0284 6092 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
14:39:16.0310 6092 WatAdminSvc - ok
14:39:16.0387 6092 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\windows\system32\wbengine.exe
14:39:16.0420 6092 wbengine - ok
14:39:16.0458 6092 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
14:39:16.0467 6092 WbioSrvc - ok
14:39:16.0489 6092 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\windows\System32\wcncsvc.dll
14:39:16.0501 6092 wcncsvc - ok
14:39:16.0516 6092 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
14:39:16.0521 6092 WcsPlugInService - ok
14:39:16.0552 6092 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\drivers\wd.sys
14:39:16.0555 6092 Wd - ok
14:39:16.0589 6092 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
14:39:16.0604 6092 Wdf01000 - ok
14:39:16.0637 6092 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll
14:39:16.0643 6092 WdiServiceHost - ok
14:39:16.0651 6092 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll
14:39:16.0656 6092 WdiSystemHost - ok
14:39:16.0686 6092 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\windows\System32\webclnt.dll
14:39:16.0697 6092 WebClient - ok
14:39:16.0742 6092 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll
14:39:16.0752 6092 Wecsvc - ok
14:39:16.0772 6092 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll
14:39:16.0779 6092 wercplsupport - ok
14:39:16.0835 6092 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll
14:39:16.0839 6092 WerSvc - ok
14:39:16.0874 6092 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
14:39:16.0876 6092 WfpLwf - ok
14:39:16.0896 6092 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys
14:39:16.0898 6092 WIMMount - ok
14:39:16.0932 6092 WinDefend - ok
14:39:16.0967 6092 WinHttpAutoProxySvc - ok
14:39:17.0034 6092 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
14:39:17.0041 6092 Winmgmt - ok
14:39:17.0124 6092 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\windows\system32\WsmSvc.dll
14:39:17.0166 6092 WinRM - ok
14:39:17.0226 6092 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
14:39:17.0229 6092 WinUsb - ok
14:39:17.0266 6092 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll
14:39:17.0280 6092 Wlansvc - ok
14:39:17.0356 6092 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
14:39:17.0359 6092 wlcrasvc - ok
14:39:17.0514 6092 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:39:17.0559 6092 wlidsvc - ok
14:39:17.0629 6092 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\DRIVERS\wmiacpi.sys
14:39:17.0631 6092 WmiAcpi - ok
14:39:17.0667 6092 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] WmiApSrv C:\windows\System32\Wbem\WmiApSrv.exe
14:39:17.0674 6092 WmiApSrv - ok
14:39:17.0723 6092 WMPNetworkSvc - ok
14:39:17.0753 6092 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll
14:39:17.0757 6092 WPCSvc - ok
14:39:17.0771 6092 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
14:39:17.0776 6092 WPDBusEnum - ok
14:39:17.0802 6092 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
14:39:17.0804 6092 ws2ifsl - ok
14:39:17.0840 6092 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\windows\system32\wscsvc.dll
14:39:17.0846 6092 wscsvc - ok
14:39:17.0853 6092 WSearch - ok
14:39:17.0956 6092 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\windows\system32\wuaueng.dll
14:39:17.0998 6092 wuauserv - ok
14:39:18.0027 6092 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\windows\system32\drivers\WudfPf.sys
14:39:18.0030 6092 WudfPf - ok
14:39:18.0056 6092 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
14:39:18.0060 6092 WUDFRd - ok
14:39:18.0107 6092 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\windows\System32\WUDFSvc.dll
14:39:18.0113 6092 wudfsvc - ok
14:39:18.0173 6092 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\windows\System32\wwansvc.dll
14:39:18.0182 6092 WwanSvc - ok
14:39:18.0281 6092 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
14:39:18.0294 6092 YahooAUService - ok
14:39:18.0322 6092 ================ Scan global ===============================
14:39:18.0362 6092 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
14:39:18.0410 6092 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\windows\system32\winsrv.dll
14:39:18.0427 6092 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\windows\system32\winsrv.dll
14:39:18.0470 6092 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
14:39:18.0499 6092 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe
14:39:18.0509 6092 [Global] - ok
14:39:18.0510 6092 ================ Scan MBR ==================================
14:39:18.0529 6092 [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR0
14:39:19.0178 6092 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
14:39:19.0179 6092 \Device\Harddisk0\DR0 - detected TDSS File System (1)
14:39:19.0180 6092 ================ Scan VBR ==================================
14:39:19.0215 6092 [ A33F24941161D842FBB88A41471599DF ] \Device\Harddisk0\DR0\Partition1
14:39:19.0218 6092 \Device\Harddisk0\DR0\Partition1 - ok
14:39:19.0219 6092 ============================================================
14:39:19.0219 6092 Scan finished
14:39:19.0219 6092 ============================================================
14:39:19.0238 1844 Detected object count: 1
14:39:19.0238 1844 Actual detected object count: 1
14:39:48.0930 1844 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
14:39:48.0930 1844 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

#4 bayar3a

bayar3a
  • Topic Starter

  • Members
  • 61 posts
  • OFFLINE
  •  
  • Local time:01:19 AM

Posted 22 October 2012 - 04:53 PM

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-10-22 14:41:48
-----------------------------
14:41:48.179 OS Version: Windows x64 6.1.7601 Service Pack 1
14:41:48.179 Number of processors: 2 586 0x2A07
14:41:48.182 ComputerName: DAVID-PC UserName: david
14:41:49.401 Initialize success
14:45:43.023 AVAST engine defs: 12102201
14:46:25.024 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
14:46:25.029 Disk 0 Vendor: TOSHIBA_ GH10 Size: 305245MB BusType: 3
14:46:25.054 Disk 0 MBR read successfully
14:46:25.060 Disk 0 MBR scan
14:46:25.070 Disk 0 Windows VISTA default MBR code
14:46:25.096 Disk 0 Partition 1 80 (A) 27 Hidden NTFS WinRE NTFS 1500 MB offset 2048
14:46:25.117 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 289686 MB offset 3074048
14:46:25.150 Disk 0 Partition 3 00 17 Hidd HPFS/NTFS NTFS 14058 MB offset 596350976
14:46:25.197 Disk 0 scanning C:\windows\system32\drivers
14:46:39.014 Service scanning
14:47:39.272 Modules scanning
14:47:39.291 Disk 0 trace - called modules:
14:47:39.342 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
14:47:39.688 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80067cb060]
14:47:39.699 3 CLASSPNP.SYS[fffff88001b0b43f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80049bf050]
14:47:40.758 AVAST engine scan C:\windows
14:47:44.058 AVAST engine scan C:\windows\system32
14:51:20.050 AVAST engine scan C:\windows\system32\drivers
14:51:42.449 AVAST engine scan C:\Users\david
14:52:34.660 Disk 0 MBR has been saved successfully to "C:\Users\david\Desktop\MBR.dat"
14:52:34.667 The log file has been saved successfully to "C:\Users\david\Desktop\aswMBR.txt"

#5 bayar3a

bayar3a
  • Topic Starter

  • Members
  • 61 posts
  • OFFLINE
  •  
  • Local time:01:19 AM

Posted 23 October 2012 - 02:45 AM

no esets log file says no threats

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:19 AM

Posted 23 October 2012 - 03:30 AM

Run TDSSkiller again and select DELETE

01:59:21.0207 2876 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.

#7 bayar3a

bayar3a
  • Topic Starter

  • Members
  • 61 posts
  • OFFLINE
  •  
  • Local time:01:19 AM

Posted 23 October 2012 - 03:10 PM

Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Database version: v2012.10.23.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
david :: DAVID-PC [administrator]

10/23/2012 7:57:12 AM
mbam-log-2012-10-23 (07-57-12).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 497999
Time elapsed: 3 hour(s), 31 minute(s), 20 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

MiniToolBox by Farbar Version: 23-07-2012
Ran by david (administrator) on 23-10-2012 at 13:08:42
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.no_proxies_on", "localho,t,127.0.0.1,*.local"
"network.proxy.type", 0

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

Realtek RTL8188CE Wireless LAN 802.11n PCI-E NIC = Wireless Network Connection (Connected)
Atheros AR8152/8158 PCI-E Fast Ethernet Controller (NDIS 6.20) = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : david-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Peer-Peer
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : Belkin

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Atheros AR8152/8158 PCI-E Fast Ethernet Controller (NDIS 6.20)
Physical Address. . . . . . . . . : E8-9A-8F-69-69-63
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : Belkin
Description . . . . . . . . . . . : Realtek RTL8188CE Wireless LAN 802.11n PCI-E NIC
Physical Address. . . . . . . . . : D0-DF-9A-26-AE-4A
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::500d:5ed:fc27:aeb6%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.2.6(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Tuesday, October 23, 2012 3:31:18 AM
Lease Expires . . . . . . . . . . : Friday, November 29, 2148 7:37:07 PM
Default Gateway . . . . . . . . . : 192.168.2.1
DHCP Server . . . . . . . . . . . : 192.168.2.1
DHCPv6 IAID . . . . . . . . . . . : 248569754
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-93-E0-2A-D0-DF-9A-26-AE-4A
DNS Servers . . . . . . . . . . . : 192.168.2.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.Belkin:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : Belkin
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:14a8:1d48:3f57:fdf9(Preferred)
Link-local IPv6 Address . . . . . : fe80::14a8:1d48:3f57:fdf9%14(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{F380E65C-B8B4-4FDE-A07D-F9A3644406F8}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: router.belkin
Address: 192.168.2.1

Name: google.com
Addresses: 2001:4860:4001:802::1002
74.125.224.65
74.125.224.66
74.125.224.67
74.125.224.68
74.125.224.69
74.125.224.70
74.125.224.71
74.125.224.72
74.125.224.73
74.125.224.78
74.125.224.64


Pinging google.com [74.125.224.65] with 32 bytes of data:
Reply from 74.125.224.65: bytes=32 time=15ms TTL=53
Reply from 74.125.224.65: bytes=32 time=14ms TTL=53

Ping statistics for 74.125.224.65:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 14ms, Maximum = 15ms, Average = 14ms
Server: router.belkin
Address: 192.168.2.1

Name: yahoo.com
Addresses: 72.30.38.140
98.138.253.109
98.139.183.24


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=977ms TTL=52
Reply from 72.30.38.140: bytes=32 time=1100ms TTL=52

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 977ms, Maximum = 1100ms, Average = 1038ms
Server: router.belkin
Address: 192.168.2.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
12...e8 9a 8f 69 69 63 ......Atheros AR8152/8158 PCI-E Fast Ethernet Controller (NDIS 6.20)
11...d0 df 9a 26 ae 4a ......Realtek RTL8188CE Wireless LAN 802.11n PCI-E NIC
1...........................Software Loopback Interface 1
15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
14...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.2.1 192.168.2.6 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.2.0 255.255.255.0 On-link 192.168.2.6 281
192.168.2.6 255.255.255.255 On-link 192.168.2.6 281
192.168.2.255 255.255.255.255 On-link 192.168.2.6 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.2.6 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.2.6 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
14 58 ::/0 On-link
1 306 ::1/128 On-link
14 58 2001::/32 On-link
14 306 2001:0:4137:9e76:14a8:1d48:3f57:fdf9/128
On-link
11 281 fe80::/64 On-link
14 306 fe80::/64 On-link
14 306 fe80::14a8:1d48:3f57:fdf9/128
On-link
11 281 fe80::500d:5ed:fc27:aeb6/128
On-link
1 306 ff00::/8 On-link
14 306 ff00::/8 On-link
11 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/23/2012 06:00:20 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 27300

Error: (10/23/2012 06:00:20 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 27300

Error: (10/23/2012 06:00:20 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/23/2012 06:00:18 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 25678

Error: (10/23/2012 06:00:18 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 25678

Error: (10/23/2012 06:00:18 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/23/2012 06:00:17 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 24336

Error: (10/23/2012 06:00:17 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 24336

Error: (10/23/2012 06:00:17 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/23/2012 06:00:16 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 23307


System errors:
=============
Error: (10/23/2012 07:48:36 AM) (Source: Service Control Manager) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140993535

Error: (10/23/2012 07:48:36 AM) (Source: Service Control Manager) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%-2140993535

Error: (10/23/2012 07:48:36 AM) (Source: PNRPSvc) (User: )
Description: 0x80630801

Error: (10/23/2012 07:48:33 AM) (Source: Service Control Manager) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%-2140993535

Error: (10/23/2012 07:48:33 AM) (Source: Service Control Manager) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140993535

Error: (10/23/2012 07:48:33 AM) (Source: PNRPSvc) (User: )
Description: 0x80630801

Error: (10/23/2012 07:48:28 AM) (Source: Service Control Manager) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140993535

Error: (10/23/2012 07:48:28 AM) (Source: Service Control Manager) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%-2140993535

Error: (10/23/2012 07:48:28 AM) (Source: PNRPSvc) (User: )
Description: 0x80630801

Error: (10/23/2012 03:31:20 AM) (Source: Service Control Manager) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%-2140993535


Microsoft Office Sessions:
=========================
Error: (10/23/2012 06:00:20 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 27300

Error: (10/23/2012 06:00:20 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 27300

Error: (10/23/2012 06:00:20 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/23/2012 06:00:18 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 25678

Error: (10/23/2012 06:00:18 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 25678

Error: (10/23/2012 06:00:18 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/23/2012 06:00:17 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 24336

Error: (10/23/2012 06:00:17 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 24336

Error: (10/23/2012 06:00:17 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/23/2012 06:00:16 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 23307


=========================== Installed Programs ============================

Adobe Community Help (Version: 3.4.980)
Adobe Download Assistant (Version: 1.0.6)
Adobe Flash Player 11 ActiveX (Version: 11.4.402.287)
Adobe Flash Player 11 Plugin (Version: 11.4.402.287)
Adobe Premiere Pro CS5.5 (Version: 5.5)
Adobe Reader X (10.1.2) MUI (Version: 10.1.2)
Adobe Shockwave Player 11.6 (Version: 11.6.3.633)
Apple Application Support (Version: 2.2.2)
Apple Mobile Device Support (Version: 6.0.0.59)
Apple Software Update (Version: 2.1.3.127)
ASIO4ALL (Version: 2.10)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (Version: 1.0.0.36)
Audacity 1.3.13 (Unicode)
AudioMulch Interactive Music Studio 2.1.1
AVG 2012 (Version: 12.0.2221)
AVG 2012 (Version: 12.0.2441)
AVG 2012 (Version: 2012.0.2221)
Best Buy pc app (Version: 3.2.0.0)
BlueStacks (Version: 0.7.2.751)
Bonjour (Version: 3.0.0.10)
Camtasia Studio 7 (Version: 7.1.1)
Cisco EAP-FAST Module (Version: 2.2.14)
Cisco LEAP Module (Version: 1.0.19)
Cisco PEAP Module (Version: 1.1.6)
Conexant HD Audio (Version: 8.51.1.0)
D3DX10 (Version: 15.4.2368.0902)
Disney Toontown Online (Version: )
Dropbox (Version: 1.4.9)
ESET Online Scanner v3
Facebook Video Calling 1.2.0.159 (Version: 1.2.159)
FL Studio 10
GEAR driver installer for AMD64 and Intel EM64T (Version: 2.003.1)
Google Chrome (Version: 22.0.1229.94)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Update Helper (Version: 1.3.21.123)
HitmanPro 3.6 (Version: 3.6.2.171)
IL Download Manager
Intel® Management Engine Components (Version: 7.0.0.1144)
Intel® Processor Graphics (Version: 8.15.10.2353)
Intel® Rapid Storage Technology (Version: 10.1.2.1004)
ITCH (Version: 2.2.0)
iTunes (Version: 10.7.0.21)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 31 (64-bit) (Version: 6.0.310)
Java™ 6 Update 31 (Version: 6.0.310)
Java™ 6 Update 32 (64-bit) (Version: 6.0.320)
Java™ 7 Update 4 (64-bit) (Version: 7.0.40)
Junk Mail filter update (Version: 15.4.3502.0922)
Label@Once 1.0 (Version: 1.0)
LAME v3.99.3 (for Windows)
Malwarebytes Anti-Malware version 1.65.1.1000 (Version: 1.65.1.1000)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office Starter 2010 - English (Version: 14.0.4763.1000)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86 (Version: 1.00.0000)
MixMeister CD-R Drivers (Version: 3.54.26.1)
MixMeister Express 6.1.8
MixMeister Express 7.0.9
MixMeister Fusion + Video 7.0.5
Mozilla Firefox 15.0 (x86 en-US) (Version: 15.0)
Mozilla Firefox 15.0.1 (x86 en-US) (Version: 15.0.1)
Mozilla Maintenance Service (Version: 15.0.1)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Paltalk Messenger (Version: 10.0)
PlayReady PC Runtime amd64 (Version: 1.3.0)
PlayReady PC Runtime x86 (Version: 1.3.0)
PxMergeModule (Version: 1.00.0000)
Realtek USB 2.0 Reader Driver (Version: 1.0.0.12)
Realtek WLAN Driver (Version: 2.00.0013)
Samsung New PC Studio (Version: 1.00.0000)
SAMSUNG USB Driver for Mobile Phones (Version: 1.3.650.0)
Scratch Live 2.4.2 (20) (Version: 2.4.2)
Skype Click to Call (Version: 6.1.10441)
Skype™ 5.10 (Version: 5.10.116)
Sophos Virus Removal Tool (Version: 2.0)
Spybot - Search & Destroy (Version: 1.6.2)
Star Wars: The Old Republic (Version: 1.00)
SUPERAntiSpyware (Version: 5.0.1150)
swMSM (Version: 12.0.0.1)
Synaptics Pointing Device Driver (Version: 15.2.11.1)
TOSHIBA Application Installer (Version: 9.0.1.1)
TOSHIBA Assist (Version: 4.02.02)
Toshiba Book Place (Version: 2.2.6775)
TOSHIBA Bulletin Board (Version: 1.6.08.64)
TOSHIBA Disc Creator (Version: 2.1.0.6 for x64)
TOSHIBA eco Utility (Version: 1.2.25.64)
TOSHIBA Face Recognition (Version: 3.1.8.64)
TOSHIBA Hardware Setup (Version: 4.08.06.00)
TOSHIBA HDD/SSD Alert (Version: 3.1.64.7)
TOSHIBA Media Controller (Version: 1.0.86.2)
TOSHIBA Media Controller Plug-in (Version: 1.0.6.1)
TOSHIBA PC Health Monitor (Version: 1.7.4.64)
TOSHIBA Quality Application (Version: 1.0.3)
TOSHIBA Recovery Media Creator (Version: 2.1.3.5109)
TOSHIBA ReelTime (Version: 1.7.17.64)
TOSHIBA Resolution+ Plug-in for Windows Media Player (Version: 1.1.0)
TOSHIBA Service Station (Version: 2.1.52)
TOSHIBA Sleep Utility (Version: 1.4.2.7)
TOSHIBA Supervisor Password (Version: 4.08.06.00)
TOSHIBA Value Added Package (Version: 1.5.4.64)
TOSHIBA Web Camera Application (Version: 2.0.0.19)
TOSHIBA Wireless LAN Indicator (Version: 1.0.3)
ToshibaRegistration (Version: 1.0.4)
Unity Web Player (Version: )
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3508.1109)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WinRAR 4.10 beta 2 (32-bit) (Version: 4.10.2)
World of Warcraft (Version: 4.3.0.15050)
Yahoo! Messenger
Yahoo! Software Update

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 64%
Total physical RAM: 4043.86 MB
Available physical RAM: 1423.2 MB
Total Pagefile: 8085.91 MB
Available Pagefile: 4980.49 MB
Total Virtual: 4095.88 MB
Available Virtual: 3973.05 MB

========================= Partitions: =====================================

1 Drive c: (TI106139W0E) (Fixed) (Total:282.9 GB) (Free:135.08 GB) NTFS

========================= Users: ========================================

User accounts for \\DAVID-PC

Administrator david Girls
Guest

========================= Restore Points ==================================

22-09-2012 02:03:35 Device Driver Package Install: Serato Audio Research Universal Serial Bus controllers
22-09-2012 02:04:39 Device Driver Package Install: Serato Audio Research Universal Serial Bus controllers
22-09-2012 10:00:12 Windows Update
26-09-2012 13:45:08 Windows Update
05-10-2012 01:22:07 Installed DirectX 9.0
07-10-2012 00:38:38 Installed iTunes
07-10-2012 07:59:06 Removed Skype Click to Call
11-10-2012 14:06:05 Windows Update

**** End of log ****

#8 bayar3a

bayar3a
  • Topic Starter

  • Members
  • 61 posts
  • OFFLINE
  •  
  • Local time:01:19 AM

Posted 23 October 2012 - 03:12 PM

i sFarbar Service Scanner Version: 19-10-2012
Ran by david (administrator) on 23-10-2012 at 13:11:48
Running from "C:\Users\david\Documents\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============
SDRSVC Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open SDRSVC registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open SDRSVC registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open SDRSVC registry key. The service key does not exist.


System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

#9 bayar3a

bayar3a
  • Topic Starter

  • Members
  • 61 posts
  • OFFLINE
  •  
  • Local time:01:19 AM

Posted 23 October 2012 - 04:36 PM

Junkware Removal Tool (JRT) by Thisisu
Version: 1.2.1 (10.23.2012)
OS: Windows 7 Home Premium x64
Ran by david on Tue 10/23/2012 at 13:12:46.96
Blog: http://thisisudax.blogspot.com
**************************************************************




*** Services: 0 Detections



*** Registry Values: 0 Detections



*** Registry Keys:

Successfully deleted: [KEY] "hkey_current_user\software\appdatalow\software\crossrider"
Successfully deleted: [KEY] "hkey_current_user\software\appdatalow\software\searchqutoolbar"
Successfully deleted: [KEY] "hkey_current_user\software\appdatalow\software\smartbar"
Successfully deleted: [KEY] "hkey_current_user\software\conduit"
Successfully deleted: [KEY] "hkey_current_user\software\mediafinder"
Successfully deleted: [KEY] "hkey_local_machine\software\conduit"
Successfully deleted: [KEY] "hkey_local_machine\software\microsoft\tracing\searchqumediabar_rasapi32"
Successfully deleted: [KEY] "hkey_local_machine\software\microsoft\tracing\searchqumediabar_rasmancs"
Successfully deleted: [KEY] "hkey_local_machine\software\microsoft\tracing\setupdatamngr_searchqu_rasapi32"
Successfully deleted: [KEY] "hkey_local_machine\software\microsoft\tracing\setupdatamngr_searchqu_rasmancs"
Successfully deleted: [KEY] "hkey_local_machine\software\wow6432node\microsoft\tracing\mybabylontb_rasapi32"
Successfully deleted: [KEY] "hkey_local_machine\software\wow6432node\microsoft\tracing\mybabylontb_rasmancs"
Successfully deleted: [KEY] hkey_classes_root\appid\{35c1605e-438b-4d64-aab1-8885f097a9b1}
Successfully deleted: [KEY] hkey_classes_root\clsid\{3c471948-f874-49f5-b338-4f214a2ee0b1}



*** Files:

Successfully deleted: [FILE] C:\ProgramData\best buy pc app\Best Buy pc app Launcher.exe
Successfully deleted: [FILE] C:\ProgramData\best buy pc app\Best Buy pc app.application
Successfully deleted: [FILE] C:\ProgramData\best buy pc app\Best Buy pc app.lnk
Successfully deleted: [FILE] C:\ProgramData\best buy pc app\BestBuyPcAppDetector.ocx
Successfully deleted: [FILE] C:\ProgramData\best buy pc app\ClickOnceSetup.exe
Successfully deleted: [FILE] C:\ProgramData\best buy pc app\ClickOnceUninstaller.exe
Successfully deleted: [FILE] C:\ProgramData\best buy pc app\npBestBuyPcAppDetector.dll
Successfully deleted: [FILE] C:\Users\david\appdata\local\ilivid player\script.qscript



*** Folders:

Successfully deleted: [FOLDER] "C:\ProgramData\best buy pc app"
Successfully deleted: [FOLDER] "C:\Users\david\AppData\Roaming\media finder"
Successfully deleted: [FOLDER] "C:\Users\david\appdata\local\conduit"
Successfully deleted: [FOLDER] "C:\Users\david\appdata\local\ilivid player"
Successfully deleted: [FOLDER] "C:\Users\david\appdata\locallow\babylontoolbar"
Successfully deleted: [FOLDER] "C:\Users\david\appdata\locallow\conduit"
Successfully deleted: [FOLDER] "C:\Users\david\appdata\locallow\searchquband"
Successfully deleted: [FOLDER] "C:\Program Files (x86)\conduit"



*** Ask Toolbar Cleanup:

Successfully deleted: [KEY] hkey_current_user\software\microsoft\windows\currentversion\ext\settings\{00000000-6e41-4fd3-8538-502f5495e5fc}
Successfully deleted: [KEY] hkey_current_user\software\microsoft\windows\currentversion\ext\stats\{00000000-6e41-4fd3-8538-502f5495e5fc}



*** FireFox detected and repaired

Successfully deleted: [user.js] from C:\Users\david\AppData\Roaming\Mozilla\Firefox\Profiles\zeyy3f51.default
Successfully deleted: [conduit.xml] from C:\Users\david\AppData\Roaming\Mozilla\Firefox\Profiles\zeyy3f51.default\searchplugins
Removed the following from [prefs.js] :

user_pref("Smartbar.ConduitHomepagesList", "");
user_pref("Smartbar.ConduitSearchEngineList", "");
user_pref("Smartbar.ConduitSearchUrlList", "");
user_pref("Smartbar.SearchFromAddressBarSavedUrl", "https://isearch.avg.com/search?cid=%7Bdbce8343-e23d-49e4-9532-95e40154d593%7D&mid=3f6504c6a40a47d0b5f939d3c98d8090-eac4f29c2cacc41ff59b5e26adf33d33e365b58e&ds=AVG&v=12.2.5.32&lang=en&pr=pr&d=2012-06-05%2019%3A43%3A36&sap=ku&q=");
user_pref("Smartbar.keywordURLSelectedCTID", "CT3220468");
user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");
user_pref("browser.search.order.1", "Search the web (Babylon)");
user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
user_pref("extensions.BabylonToolbar_i.babExt", "");
user_pref("extensions.BabylonToolbar_i.babTrack", "affID=109935");
user_pref("extensions.BabylonToolbar_i.hardId", "f04f7068000000000000e89a8f696963");
user_pref("extensions.BabylonToolbar_i.id", "f04f7068000000000000e89a8f696963");
user_pref("extensions.BabylonToolbar_i.instlDay", "15455");
user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
user_pref("extensions.BabylonToolbar_i.newTab", true);
user_pref("extensions.BabylonToolbar_i.newTabUrl", "http://search.babylon.com/?affID=109935&babsrc=NT_ss&mntrId=f04f7068000000000000e89a8f696963");
user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
user_pref("extensions.BabylonToolbar_i.tlbrId", "tb9");
user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1714:25:35");
user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
user_pref("extensions.mywebsearch.prevKwdURL", "http://search.babylon.com/?affID=109935&babsrc=KW_ss&mntrId=f04f7068000000000000e89a8f696963&q=");
user_pref("extensions.toolbar.mindspark._5qMembers_.homepage", "http://home.mywebsearch.com/index.jhtml?ptb=680FFE82-0FE5-4737-9D76-14C4F00D0C2A&n=77ed77dc&ptnrS=ZJxdm050CUus");


*** Event Viewer Logs - Cleared





**************************************************************
Scan was completed on Tue 10/23/2012 at 13:39:16.75
End of Report

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:19 AM

Posted 23 October 2012 - 07:54 PM

Adware cleaner log?

#11 bayar3a

bayar3a
  • Topic Starter

  • Members
  • 61 posts
  • OFFLINE
  •  
  • Local time:01:19 AM

Posted 23 October 2012 - 08:41 PM

# AdwCleaner v2.005 - Logfile created 10/23/2012 at 18:35:04
# Updated 14/10/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : david - DAVID-PC
# Boot Mode : Normal
# Running from : C:\Users\david\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Deleted on reboot : C:\Program Files (x86)\Common Files\AVG Secure Search
Deleted on reboot : C:\ProgramData\AVG Secure Search
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml
File Deleted : C:\Users\david\AppData\Roaming\Mozilla\Firefox\Profiles\zeyy3f51.default\searchplugins\my-web-search.xml
Folder Deleted : C:\Users\david\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\david\AppData\LocalLow\AVG Secure Search
Folder Deleted : C:\Users\david\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com
Folder Deleted : C:\Users\david\AppData\Roaming\Mozilla\Firefox\Profiles\zeyy3f51.default\extensions\wecarereminder@bryan
Folder Deleted : C:\Users\Girls\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\Girls\AppData\LocalLow\AVG Secure Search
Folder Deleted : C:\Users\Girls\AppData\LocalLow\searchquband
Folder Deleted : C:\Users\Girls\AppData\LocalLow\Searchqutoolbar

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\I Want This
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\IGearSettings
Key Deleted : HKCU\Software\ilivid
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\wecarereminder
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4FBBF769-ECEB-420A-B536-133B1D505C36}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\IEHelperv2.5.0.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\b
Key Deleted : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
Key Deleted : HKLM\SOFTWARE\Classes\IEHelperv250.WeCareReminder
Key Deleted : HKLM\SOFTWARE\Classes\IEHelperv250.WeCareReminder.1
Key Deleted : HKLM\SOFTWARE\Classes\MF
Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3220468
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B12920CF-BE13-4C09-890D-1B6EFFFE2FBE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F464A68D-1CF2-4991-93AB-A84351D7F676}
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F773BB94-6C19-4643-A570-0E429103D1C3}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F773BB94-6C19-4643-A570-0E429103D1C3}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lpmkgpnbiojfaoklbkpfneikocaobfai
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AC5B6CDA-8F90-4740-9A8C-28AC5D3C73FE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v15.0 (en-US)

Profile name : default
File : C:\Users\david\AppData\Roaming\Mozilla\Firefox\Profiles\zeyy3f51.default\prefs.js

Deleted : user_pref("avg.install.installDirPath", "C:\\ProgramData\\AVG Secure Search\\12.2.5.32");
Deleted : user_pref("browser.search.defaultenginename", "AVG Secure Search");
Deleted : user_pref("extensions.mywebsearch.prevKwdEnabled", true);
Deleted : user_pref("extensions.wecarereminder.merchHash", "{\"AFFILIATES\":{\"1-Sale-A-Day\":{\"name\":\"1 Sa[...]
Deleted : user_pref("keyword.URL", "hxxps://isearch.avg.com/search?cid=%7Bdbce8343-e23d-49e4-9532-95e40154d593[...]

Profile name : default
File : C:\Users\Girls\AppData\Roaming\Mozilla\Firefox\Profiles\y6lfde96.default\prefs.js

Deleted : user_pref("avg.install.installDirPath", "C:\\ProgramData\\AVG Secure Search\\11.1.0.7");
Deleted : user_pref("browser.search.defaultenginename", "AVG Secure Search");
Deleted : user_pref("browser.search.selectedEngine", "AVG Secure Search");
Deleted : user_pref("keyword.URL", "hxxps://isearch.avg.com/search?cid={D9454ABE-285B-45E6-B1F2-E90F32986EBA}&[...]

-\\ Google Chrome v [Unable to get version]

File : C:\Users\david\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

File : C:\Users\Girls\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted [l.41] : icon_url = "hxxp://isearch.avg.com/favicon.ico",
Deleted [l.44] : keyword = "isearch.avg.com",
Deleted [l.47] : search_url = "hxxp://isearch.avg.com/search?cid={D9454ABE-285B-45E6-B1F2-E90F32986EBA}&mid=3f6504c6a40a47d0b5f939d3c98d8090-eac4f29c2cacc41ff59b5e26adf33d33e365b58e&lang=en&ds=AVG&pr=pr&d=2012-06-05 19:43:36&v=11.1.0.12&sap=dsp&q={searchTerms}",

*************************

AdwCleaner[S1].txt - [353 octets] - [23/10/2012 18:28:44]
AdwCleaner[S3].txt - [9326 octets] - [23/10/2012 18:35:04]

########## EOF - C:\AdwCleaner[S3].txt - [9386 octets] ##########

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:19 AM

Posted 23 October 2012 - 08:43 PM

Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

Any current issues?

#13 bayar3a

bayar3a
  • Topic Starter

  • Members
  • 61 posts
  • OFFLINE
  •  
  • Local time:01:19 AM

Posted 23 October 2012 - 08:43 PM

Looks so far like that adcleaner worked. SO far...

#14 bayar3a

bayar3a
  • Topic Starter

  • Members
  • 61 posts
  • OFFLINE
  •  
  • Local time:01:19 AM

Posted 23 October 2012 - 08:45 PM

Rkill 2.4.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 10/23/2012 06:44:26 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity:

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Manual

* defragsvc [Missing Service]
* SDRSVC [Missing Service]

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 localhost

Program finished at: 10/23/2012 06:44:45 PM
Execution time: 0 hours(s), 0 minute(s), and 18 seconds(s)

#15 bayar3a

bayar3a
  • Topic Starter

  • Members
  • 61 posts
  • OFFLINE
  •  
  • Local time:01:19 AM

Posted 23 October 2012 - 08:47 PM

"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" ""
+ "rdpclip" "" "" "File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "HotKeysCmds" "hkcmd Module" "Intel Corporation" "c:\windows\system32\hkcmd.exe"
+ "HSON" "HotStartOn" "TOSHIBA Corporation" "c:\program files\toshiba\tbs\hson.exe"
+ "IgfxTray" "igfxTray Module" "Intel Corporation" "c:\windows\system32\igfxtray.exe"
+ "Persistence" "persistence Module" "Intel Corporation" "c:\windows\system32\igfxpers.exe"
+ "SmartAudio" "SmartAudio Control Panel application" "Conexant systems, Inc." "c:\program files\conexant\saii\saiicpl.exe"
+ "SynTPEnh" "Synaptics TouchPad Enhancements" "Synaptics Incorporated" "c:\program files\synaptics\syntp\syntpenh.exe"
+ "TCrdMain" "TOSHIBA Flash Cards Main Module" "TOSHIBA Corporation" "c:\program files\toshiba\flashcards\tcrdmain.exe"
+ "Teco" "TOSHIBA eco Utility" "TOSHIBA Corporation" "c:\program files\toshiba\teco\teco.exe"
+ "TosNC" "Message Center" "TOSHIBA Corporation" "c:\program files\toshiba\bulletinboard\tosnccore.exe"
+ "TosReelTimeMonitor" "Monitor of TOSHIBA ReelTime" "TOSHIBA Corporation" "c:\program files\toshiba\reeltime\tosreeltimemonitor.exe"
+ "TosSENotify" "" "TOSHIBA Corporation" "c:\program files\toshiba\toshiba hdd ssd alert\toswaitsrv.exe"
+ "TosVolRegulator" " Toshiba Volume Regulator" "TOSHIBA Corporation" "c:\program files\toshiba\tosvolregulator\tosvolregulator.exe"
+ "TosWaitSrv" "" "TOSHIBA Corporation" "c:\program files\toshiba\tphm\toswaitsrv.exe"
+ "TPwrMain" "TOSHIBA Power Saver" "TOSHIBA Corporation" "c:\program files\toshiba\power saver\tpwrmain.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "APSDaemon" "Apple Push" "Apple Inc." "c:\program files (x86)\common files\apple\apple application support\apsdaemon.exe"
+ "AVG_TRAY" "AVG Tray Monitor" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgtray.exe"
+ "iTunesHelper" "iTunesHelper" "Apple Inc." "c:\program files (x86)\itunes\ituneshelper.exe"
+ "ROC_ROC_JULY_P1" "" "" "File not found: C:\Program Files (x86)\AVG Secure Search\ROC_ROC_JULY_P1.exe"
+ "ROC_roc_ssl_v12" "" "" "File not found: C:\Program Files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files (x86)\common files\java\java update\jusched.exe"
+ "ToshibaServiceStation" "TOSHIBA Service Station" "TOSHIBA Corporation" "c:\program files (x86)\toshiba\toshiba service station\toshibaservicestation.exe"
+ "vProt" "" "" "File not found: C:\Program Files (x86)\AVG Secure Search\vprot.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Facebook Update" "" "" "File not found: C:\Users\david\AppData\Local\Facebook\Update\FacebookUpdate.exe"
+ "SpybotSD TeaTimer" "System settings protector" "Safer Networking Limited" "c:\program files (x86)\spybot - search & destroy\teatimer.exe"
+ "SUPERAntiSpyware" "SUPERAntiSpyware Application" "SUPERAntiSpyware.com" "c:\program files\superantispyware\superantispyware.exe"
"HKLM\SOFTWARE\Classes\Protocols\Handler" "" "" ""
+ "linkscanner" "Safe Search pluggable protocol" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgppa.dll"
"HKCU\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "DropboxExt" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\david\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "AVG Shell Extension" "AVG Shell Extension" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgsea.dll"
+ "SASContextMenu Class" "SUPERAntiSpyware Context Menu Extension" "SUPERAntiSpyware.com" "c:\program files\superantispyware\sasctxmn64.dll"
+ "WinRAR" "" "" "c:\program files (x86)\winrar\rarext64.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "AVG Shell Extension" "AVG Shell Extension" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgse.dll"
+ "WinRAR32" "" "" "c:\program files (x86)\winrar\rarext.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKCU\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "DropboxExt" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\david\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "SASContextMenu Class" "SUPERAntiSpyware Context Menu Extension" "SUPERAntiSpyware.com" "c:\program files\superantispyware\sasctxmn64.dll"
+ "WinRAR" "" "" "c:\program files (x86)\winrar\rarext64.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "WinRAR32" "" "" "c:\program files (x86)\winrar\rarext.dll"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "WinRAR" "" "" "c:\program files (x86)\winrar\rarext64.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "WinRAR32" "" "" "c:\program files (x86)\winrar\rarext.dll"
"HKCU\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "DropboxExt" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\david\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
+ "igfxcui" "igfxpph Module" "Intel Corporation" "c:\windows\system32\igfxpph.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "AVG Shell Extension" "AVG Shell Extension" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgsea.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "WinRAR" "" "" "c:\program files (x86)\winrar\rarext64.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "AVG Shell Extension" "AVG Shell Extension" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgse.dll"
+ "WinRAR32" "" "" "c:\program files (x86)\winrar\rarext.dll"
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "WinRAR" "" "" "c:\program files (x86)\winrar\rarext64.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "WinRAR32" "" "" "c:\program files (x86)\winrar\rarext.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "DropboxExt1" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\david\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
+ "DropboxExt2" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\david\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
+ "DropboxExt3" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\david\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
+ "DropboxExt4" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\david\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "DropboxExt1" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\david\appdata\roaming\dropbox\bin\dropboxext.14.dll"
+ "DropboxExt2" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\david\appdata\roaming\dropbox\bin\dropboxext.14.dll"
+ "DropboxExt3" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\david\appdata\roaming\dropbox\bin\dropboxext.14.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "AVG Do Not Track" "TODO: <File description>" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgdtiea.dll"
+ "AVG Safe Search" "Safe Search for Internet Explorer" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgssiea.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files\java\jre7\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files\java\jre7\bin\ssv.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "AVG Safe Search" "Safe Search for Internet Explorer" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgssie.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files (x86)\java\jre6\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files (x86)\java\jre6\bin\ssv.dll"
+ "Skype Browser Helper" "Skype Click to Call for Internet Explorer" "Skype Technologies S.A." "c:\program files (x86)\skype\toolbars\internet explorer\skypeieplugin.dll"
+ "Spybot-S&D IE Protection" "SBSD IE Protection" "Safer Networking Limited" "c:\program files (x86)\spybot - search & destroy\sdhelper.dll"
+ "TOSHIBA Media Controller Plug-in" "TOSHIBA Media Controller Plug-in " "<TOSHIBA>" "c:\program files (x86)\toshiba\toshiba media controller plug-in\toshibamediacontrollerie.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "AVG Do Not Track" "TODO: <File description>" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgdtiea.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "&Blog This in Windows Live Writer" "Windows Live Writer Blog This Extension" "Microsoft Corporation" "c:\program files (x86)\windows live\writer\writerbrowserextension.dll"
+ "PalTalk" "Paltalk Messenger" "AVM Software Inc." "c:\program files (x86)\paltalk messenger\paltalk.exe"
+ "Skype Click to Call" "Skype Click to Call for Internet Explorer" "Skype Technologies S.A." "c:\program files (x86)\skype\toolbars\internet explorer\skypeieplugin.dll"
+ "Spybot - Search && Destroy Configuration" "SBSD IE Protection" "Safer Networking Limited" "c:\program files (x86)\spybot - search & destroy\sdhelper.dll"
"Task Scheduler" "" "" ""
+ "\Apple\AppleSoftwareUpdate" "Apple Software Update" "Apple Inc." "c:\program files (x86)\apple software update\softwareupdate.exe"
+ "\AVG\PC Tuneup\Integrator\Start On david Logon" "" "" "File not found: C:\Program Files (x86)\AVG\AVG PC Tuneup\BoostSpeed.exe"
+ "\FacebookUpdateTaskUserS-1-5-21-2705429182-285292422-696687138-1001Core" "" "" "File not found: C:\Users\david\AppData\Local\Facebook\Update\FacebookUpdate.exe"
+ "\FacebookUpdateTaskUserS-1-5-21-2705429182-285292422-696687138-1001UA" "" "" "File not found: C:\Users\david\AppData\Local\Facebook\Update\FacebookUpdate.exe"
+ "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task" "Windows Live Social Object Extractor Engine" "Microsoft Corporation" "c:\program files (x86)\windows live\soxe\wlsoxe.dll"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
+ "\Norton AntiVirus\Norton Error Analyzer" "" "" "File not found: C:\Program Files (x86)\Norton AntiVirus\Engine\19.7.1.5\SymErr.exe"
+ "\SidebarExecute" "Windows Desktop Gadgets" "Microsoft Corporation" "c:\program files\windows sidebar\sidebar.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "!SASCORE" "SUPERAntiSpyware Core Service" "SUPERAntiSpyware.com" "c:\program files\superantispyware\sascore64.exe"
+ "AdobeARMservice" "Adobe Acrobat Updater keeps your Adobe software up to date." "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe"
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files (x86)\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "AVGIDSAgent" "Provides Identity Protection Against Cyber Crime." "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgidsagent.exe"
+ "avgwd" "AVG Watchdog Service" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgwdsvc.exe"
+ "Bonjour Service" "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence." "Apple Inc." "c:\program files\bonjour\mdnsresponder.exe"
+ "BstHdAndroidSvc" "BlueStacks Service" "BlueStack Systems, Inc." "c:\program files (x86)\bluestacks\hd-service.exe"
+ "BstHdLogRotatorSvc" "BlueStacks Log Rotator Service" "BlueStack Systems, Inc." "c:\program files (x86)\bluestacks\hd-logrotatorservice.exe"
+ "cvhsvc" "Client Virtualization Handler Service (unlocalized description)" "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\virtualization handler\cvhsvc.exe"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "HitmanProScheduler" "HitmanPro Scheduler controls scheduled scans" "SurfRight B.V." "c:\program files\hitmanpro\hmpsched.exe"
+ "IDriverT" "Provides support for the Running Object Table for InstallShield Drivers" "Macrovision Corporation" "c:\program files (x86)\common files\installshield\driver\1050\intel 32\idrivert.exe"
+ "iPod Service" "iPod hardware management services" "Apple Inc." "c:\program files\ipod\bin\ipodservice.exe"
+ "LMS" "Allows applications to access the local Intel® Management and Security Application using its locally-available selected network interfaces." "Intel Corporation" "c:\program files (x86)\intel\intel® management engine components\lms\lms.exe"
+ "MBAMScheduler" "Malwarebytes Anti-Malware scheduler" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamscheduler.exe"
+ "MBAMService" "Malwarebytes Anti-Malware service" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamservice.exe"
+ "MozillaMaintenance" "The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled." "Mozilla Foundation" "c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"
+ "osppsvc" "Office Software Protection Platform Service (unlocalized description)" "Microsoft Corporation" "c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe"
+ "PCToolsSSDMonitorSvc" "PC Tools Startup and Shutdown Monitor service" "PC Tools" "c:\program files (x86)\common files\pc tools\smonitor\startmansvc.exe"
+ "SBSDWSCService" "Spybot-S&D Security Center integration" "Safer Networking Ltd." "c:\program files (x86)\spybot - search & destroy\sdwinsec.exe"
+ "sftlist" "Streams and manages applications." "Microsoft Corporation" "c:\program files (x86)\microsoft application virtualization client\sftlist.exe"
+ "sftvsa" "Monitors global service events and launches virtual services." "Microsoft Corporation" "c:\program files (x86)\microsoft application virtualization client\sftvsa.exe"
+ "Skype C2C Service" "Skype Click to Call Update Service" "Skype Technologies S.A." "c:\programdata\skype\toolbars\skype c2c service\c2c_service.exe"
+ "SkypeUpdate" "Enables the detection, download and installation of updates for Skype." "Skype Technologies" "c:\program files (x86)\skype\updater\updater.exe"
+ "SwitchBoard" "Adobe SwitchBoard" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\switchboard\switchboard.exe"
+ "TMachInfo" "TOSHIBA Machine Information Service" "TOSHIBA Corporation" "c:\program files (x86)\toshiba\toshiba service station\tmachinfo.exe"
+ "TODDSrv" "TDCSrv Application" "TOSHIBA Corporation" "c:\windows\system32\toddsrv.exe"
+ "TosCoSrv" "TOSHIBA Power Saver manages power saving settings supported by TOSHIBA. These settings will not work if the service has stopped." "TOSHIBA Corporation" "c:\program files\toshiba\power saver\toscosrv.exe"
+ "TOSHIBA eco Utility Service" "TOSHIBA eco Utility Service" "TOSHIBA Corporation" "c:\program files\toshiba\teco\tecoservice.exe"
+ "TOSHIBA HDD SSD Alert Service" "TOSHIBA HDD SSD Alert" "TOSHIBA Corporation" "c:\program files\toshiba\toshiba hdd ssd alert\tossmartsrv.exe"
+ "TPCHSrv" "TOSHIBA PC Health Monitor" "TOSHIBA Corporation" "c:\program files\toshiba\tphm\tpchsrv.exe"
+ "UNS" "Intel® Management and Security Application User Notification Service - Updates the Windows Event Log with notifications of pre defined events received from the local Intel® Management and Security Application Device." "Intel Corporation" "c:\program files (x86)\intel\intel® management engine components\uns\uns.exe"
+ "vToolbarUpdater12.2.6" "ToolbarU Application" "" "c:\program files (x86)\common files\avg secure search\vtoolbarupdater\12.2.6\toolbarupdater.exe"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "wlidsvc" "Enables Windows Live ID authentication." "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
+ "YahooAUService" "Keeps your favorite Yahoo! software up-to-date with the latest features, tools, and enhancements." "Yahoo! Inc." "c:\program files (x86)\yahoo!\softwareupdate\yahooauservice.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "AVGIDSDriver" "AVG Technologies IDS Application Activity Monitor Driver" "AVG Technologies CZ, s.r.o. " "c:\windows\system32\drivers\avgidsdrivera.sys"
+ "AVGIDSFilter" "AVG Technologies IDS Application Activity Monitor Filter Driver" "AVG Technologies CZ, s.r.o. " "c:\windows\system32\drivers\avgidsfiltera.sys"
+ "AVGIDSHA" "AVG Technologies IDS Application Activity Monitor Helper Driver" "AVG Technologies CZ, s.r.o. " "c:\windows\system32\drivers\avgidsha.sys"
+ "Avgldx64" "AVG AVI Loader Driver" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgldx64.sys"
+ "Avgmfx64" "AVG Resident Shield Minifilter Driver" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgmfx64.sys"
+ "Avgrkx64" "AVG Anti-Rootkit Driver" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgrkx64.sys"
+ "Avgtdia" "AVG Network connection watcher" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgtdia.sys"
+ "avgtp" "" "AVG Technologies" "c:\windows\system32\drivers\avgtpx64.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "BstHdDrv" "BlueStacks Hypervisor for amd64" "BlueStack Systems" "c:\program files (x86)\bluestacks\hd-hypervisor-amd64.sys"
+ "catchme" "" "" "File not found: C:\ComboFix\catchme.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "CnxtHdAudService" "64-bit High Definition Audio Function Driver" "Conexant Systems Inc." "c:\windows\system32\drivers\chdrt64.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStor" "Intel Rapid Storage Technology driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastor.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "igfx" "Intel Graphics Kernel Mode Driver" "Intel Corporation" "c:\windows\system32\drivers\igdkmd64.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "IntcDAud" "Intel® Display Audio Driver" "Intel® Corporation" "c:\windows\system32\drivers\intcdaud.sys"
+ "L1C" "Atheros L1c PCI-E Gigabit Ethernet Controller" "Atheros Communications, Inc." "c:\windows\system32\drivers\l1c62x64.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "MBAMProtector" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\windows\system32\drivers\mbam.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "MEIx64" "Intel® Management Engine Interface" "Intel Corporation" "c:\windows\system32\drivers\hecix64.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "PGEffect" "TOSHIBA Universal Camera Filter Driver" "TOSHIBA Corporation" "c:\windows\system32\drivers\pgeffect.sys"
+ "PxHlpa64" "Px Engine Device Driver for 64-bit Windows" "Sonic Solutions" "c:\windows\system32\drivers\pxhlpa64.sys"
+ "QIOMem" "Generic IO & Memory Access" "TOSHIBA" "c:\windows\system32\drivers\qiomem.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "RaneSixtyEightUsb" "Red Hammer USB Device Driver" "Cristalink Ltd" "c:\windows\system32\drivers\ranesixtyeightusb.sys"
+ "RaneSixtyEightUsbNoSSL" "Red Hammer USB Device Driver" "Cristalink Ltd" "c:\windows\system32\drivers\ranesixtyeightusbnossl.sys"
+ "RSUSBSTOR" "Realtek USB Mass Storage Driver for 2K/XP/Vista/Win7" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtsustor.sys"
+ "RSUSBVSTOR" "Realtek USB Mass Storage Driver for 2K/XP/Vista/Win7" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtsuvstor.sys"
+ "RTL8192Ce" "Realtek RTL81892CE NDIS Driverr" "Realtek Semiconductor Corporation " "c:\windows\system32\drivers\rtl8192ce.sys"
+ "SASDIFSV" "SASDIFSV64.SYS" "SUPERAdBlocker.com and SUPERAntiSpyware.com" "c:\program files\superantispyware\sasdifsv64.sys"
+ "SASKUTIL" "SASKUTIL64.SYS" "SUPERAdBlocker.com and SUPERAntiSpyware.com" "c:\program files\superantispyware\saskutil64.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SeratoUsb" "Serato USB Device Driver" "Cristalink Ltd" "c:\windows\system32\drivers\seratousb.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "SixtyTwoUsb" "Sixty Two USB Device Driver" "Cristalink Ltd" "c:\windows\system32\drivers\sixtytwousb.sys"
+ "SixtyTwoUsbNoSSL" "Sixty Two USB Device Driver" "Cristalink Ltd" "c:\windows\system32\drivers\sixtytwousbnossl.sys"
+ "SL2Usb" "SL2 USB Device Driver" "Cristalink Ltd" "c:\windows\system32\drivers\sl2usb.sys"
+ "SL2UsbNoSSL" "SL2 USB Device Driver" "Cristalink Ltd" "c:\windows\system32\drivers\sl2usbnossl.sys"
+ "SL4Usb" "SL4 USB Device Driver" "Cristalink Ltd" "c:\windows\system32\drivers\sl4usb.sys"
+ "SL4UsbNoSSL" "SL4 USB Device Driver" "Cristalink Ltd" "c:\windows\system32\drivers\sl4usbnossl.sys"
+ "SrvHsfHDA" "HSF_HWAZL WDM driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\vstazl6.sys"
+ "SrvHsfV92" "HSF_DP driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\vstdpv6.sys"
+ "SrvHsfWinac" "HSF_CNXT driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\vstcnxt6.sys"
+ "sscdbus" "SAMSUNG USB Composite Device Driver" "MCCI Corporation" "c:\windows\system32\drivers\sscdbus.sys"
+ "sscdmdfl" "SAMSUNG Mobile Modem Filter" "MCCI Corporation" "c:\windows\system32\drivers\sscdmdfl.sys"
+ "sscdmdm" "SAMSUNG Mobile Modem Drivers" "MCCI Corporation" "c:\windows\system32\drivers\sscdmdm.sys"
+ "sscdserd" "SAMSUNG Mobile Modem Diagnostic Serial Port (WDM)" "MCCI Corporation" "c:\windows\system32\drivers\sscdserd.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "SynTP" "Synaptics Touchpad Driver" "Synaptics Incorporated" "c:\windows\system32\drivers\syntp.sys"
+ "tdcmdpst" "TOSHIBA ODD Writing Driver for x64." "TOSHIBA Corporation." "c:\windows\system32\drivers\tdcmdpst.sys"
+ "TFsExDisk" "TFsExDisk" "Teruten Inc" "c:\windows\system32\drivers\tfsexdisk.sys"
+ "tos_sps64" "tos_sps64" "TOSHIBA Corporation" "c:\windows\system32\drivers\tos_sps64.sys"
+ "TTM57SLUsb" "TTM 57SL USB Device Driver" "Cristalink Ltd" "c:\windows\system32\drivers\ttm57slusb.sys"
+ "TVALZ" "TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver" "TOSHIBA Corporation" "c:\windows\system32\drivers\tvalz_o.sys"
+ "TVALZFL" "TOSHIBA TVALZ Filter Driver for x64" "TOSHIBA Corporation" "c:\windows\system32\drivers\tvalzfl.sys"
+ "USBAAPL64" "Apple Mobile Device USB Driver" "Apple, Inc." "c:\windows\system32\drivers\usbaapl64.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
+ "vidc.tscc" "TechSmith Screen Capture Codec" "TechSmith Corporation" "c:\windows\syswow64\tsccvid64.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "msacm.vorbis" "Ogg Vorbis CODEC for MSACM" "HMS http://hp.vector.co.jp/authors/VA012897/" "c:\windows\syswow64\vorbis.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
+ "vidc.tscc" "TechSmith Screen Capture Codec" "TechSmith Corporation" "c:\windows\syswow64\tsccvid.dll"
"HKLM\Software\Classes\Filter" "" "" ""
+ "IL FL Studio DXi" "" "Image-Line" "c:\program files (x86)\image-line\fl studio 10\system\plugin\dxi\fl studio dxi.dll"
+ "IL Multi FL Studio DXi" "" "Image-Line" "c:\program files (x86)\image-line\fl studio 10\system\plugin\dxi\fl studio dxi (multi).dll"
+ "iZotope Consumer Restoration" "iZotope Consumer Restoration" "iZotope, Inc." "c:\program files (x86)\common files\techsmith shared\izotope\izotope_consumerrestoration.dll"
+ "iZotope Vocal Enhancement" "iZotope Vocal Enhancement" "iZotope, Inc." "c:\program files (x86)\common files\techsmith shared\izotope\izotope_vocalenhancement.dll"
+ "LAME Audio Encoder" "LAME Audio Encoder" "" "c:\program files (x86)\techsmith\camtasia studio 7\lame_dshow.ax"
+ "MainConcept MPEG Demultiplexer" "MainConcept MPEG Demultiplexer" "MainConcept AG" "c:\program files (x86)\mixmeister fusion + video\mcmpgdmx.ax"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "MS PR Source Filter" "PlayReady DirectShow Source Filter DLL" "Microsoft Corporation" "c:\program files\playready\prsource.dll"
+ "PlayReady DMO Wrapper" "PlayReady DirectShow DMO Wrapper Filter DLL" "Microsoft Corporation" "c:\program files\playready\prdmowrapper.dll"
+ "SFVCaptureFilter" "SmartFaceVCapt" "TOSHIBA Corporation" "c:\program files\toshiba\smartfacev\smartfacevcapt.dll"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "Capture File Writer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "FunUnify Async Filter" "TODO: <파일 설명>" "TODO: <회사 이름>" "c:\program files (x86)\samsung\samsung new pc studio\funcodecfilter.ax"
+ "FunUnify Audio Trnas Filter" "TODO: <파일 설명>" "TODO: <회사 이름>" "c:\program files (x86)\samsung\samsung new pc studio\funcodecfilter.ax"
+ "FunUnify Codec Filter" "TODO: <파일 설명>" "TODO: <회사 이름>" "c:\program files (x86)\samsung\samsung new pc studio\funcodecfilter.ax"
+ "FunUnify Encoder Filter" "TODO: <파일 설명>" "TODO: <회사 이름>" "c:\program files (x86)\samsung\samsung new pc studio\funcodecfilter.ax"
+ "FunUnify Video Trans Filter" "TODO: <파일 설명>" "TODO: <회사 이름>" "c:\program files (x86)\samsung\samsung new pc studio\funcodecfilter.ax"
+ "Image Effects" "TimeStam Dynamic Link Library" "TOSHIBA CORPORATION." "c:\program files (x86)\toshiba\toshiba web camera application\pgtimefilter.dll"
+ "KTF MUSIC AoD Sourcer" "KTF MUSIC AoD Sourcer" "PeeringPortal" "c:\program files (x86)\samsung\samsung new pc studio\npsasrc.dll"
+ "KTF MUSIC AoD WMT Splitter" "KTF MUSIC AoD WMT Splitter" "PeeringPortal" "c:\program files (x86)\samsung\samsung new pc studio\npsawms.dll"
+ "KTF MUSIC Audio Decoder" "KTF MUSIC Audio Decoder" "PeeringPortal" "c:\program files (x86)\samsung\samsung new pc studio\npsadec.dll"
+ "KTF MUSIC Audio Effector" "KTF MUSIC Audio Effector" "PeeringPortal" "c:\program files (x86)\samsung\samsung new pc studio\npsaef.dll"
+ "KTF MUSIC MPEG Splitter" "KTF MUSIC MPEG Splitter" "PeeringPortal" "c:\program files (x86)\samsung\samsung new pc studio\npsmpgs.dll"
+ "KTF MUSIC VoD Audio Effector" "KTF MUSIC VoD Audio Effector" "PeeringPortal" "c:\program files (x86)\samsung\samsung new pc studio\npsvae.dll"
+ "KTF MUSIC VoD Sourcer" "KTF MUSIC VoD Sourcer" "PeeringPortal" "c:\program files (x86)\samsung\samsung new pc studio\npsvsrc.dll"
+ "KTF MUSIC VoD Video Effector" "KTF MUSIC VoD Video Effector" "PeeringPortal" "c:\program files (x86)\samsung\samsung new pc studio\npsvve.dll"
+ "KTF MUSIC VoD WMT Splitter" "KTF MUSIC VoD WMT Splitter " "PeeringPortal" "c:\program files (x86)\samsung\samsung new pc studio\npsvwms.dll"
+ "LAME Audio Encoder" "LAME Audio Encoder" "" "c:\program files (x86)\techsmith\camtasia studio 7\lame_dshow.ax"
+ "MainConcept Layer II Audio Decoder" "MainConcept Layer II Audio Decoder" "MainConcept AG" "c:\program files (x86)\mixmeister fusion + video\mcl2ad.ax"
+ "MainConcept MPEG Demultiplexer" "MainConcept MPEG Demultiplexer" "MainConcept AG" "c:\program files (x86)\mixmeister fusion + video\mcmpgdmx.ax"
+ "MainConcept MPEG-2 Video Decoder" "MPEG-2 Video Decoder" "MainConcept AG" "c:\program files (x86)\mixmeister fusion + video\mcm2vd.ax"
+ "MainConcept Stream Parser" "MainConcept MPEG Demultiplexer" "MainConcept AG" "c:\program files (x86)\mixmeister fusion + video\mcmpgdmx.ax"
+ "Moto Image Decoder Filter" "image filter" "mobileleader" "c:\program files (x86)\samsung\samsung new pc studio\npsimgfilter.ax"
+ "MS PR Source Filter" "PlayReady DirectShow Source Filter DLL" "Microsoft Corporation" "c:\program files (x86)\playready\prsource.dll"
+ "PlayReady DMO Wrapper" "PlayReady DirectShow DMO Wrapper Filter DLL" "Microsoft Corporation" "c:\program files (x86)\playready\prdmowrapper.dll"
+ "Record Queue" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "SubPicture Filter" "subpicture filter" "mobileleader" "c:\program files (x86)\samsung\samsung new pc studio\npssubpicture.dll"
+ "TechSmith Camera Adjust" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith File Source" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith Floating Point Wave Filter" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith Flv Key Frame Setter" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith Force Color32A" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith ForceColor 24" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith ForceColor 32" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith ForceColor 555" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith ForceColor 565" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith ForceColor 8" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith Frame Rate Tuner" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith Frame Skip Filter" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith Image Source" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith Overlay" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith Perf Skip Filter" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith PushBitmap Source" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith PushBitmap Source" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith PushVMR Source" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "Techsmith Quicktime MOV Source" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith Simple PIP" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith SimplePushBitmap Source" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith Sound Effects Filter" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith Splitter Filter" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "Techsmith Structured Storage Writer" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith SWF Writer" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith Time Adjust" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith Title Source" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith Wave Buffer" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith Wave Dest" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith WMFSDK Writer" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith ZoomPIP Filter" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TOSHIBA Progress Monitor" "TOSHIBA Progress Monitor" "TOSHIBA Corporation" "c:\program files (x86)\toshiba\toshiba disc creator\tprogmon.ax"
+ "TOSHIBA WAV Converter" "TOSHIBA Wav Converter" "TOSHIBA Corporation" "c:\program files (x86)\toshiba\toshiba disc creator\twavconv.ax"
+ "Video Memory Render Filter" "" "" "c:\program files (x86)\image-line\fl studio 10\plugins\fruity\effects\zgameeditor visualizer\videomemoryrenderfilter.ax"
+ "Windows Media Video Decoder" "Windows Media Video Decoder" "Microsoft Corporation" "c:\program files (x86)\samsung\samsung new pc studio\wmvds32.ax"
+ "Windows Media Video Decoder" "Windows Media Video Decoder V8" "Microsoft Corporation" "c:\program files (x86)\samsung\samsung new pc studio\wmv8ds32.ax"
+ "WM VIH2 Fix" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT DV Extract Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
"HKLM\System\CurrentControlSet\Control\Session Manager\BootExecute" "" "" ""
+ "C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart" "AVG Resident Shield Service" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgrsa.exe"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" "" "" ""
+ "SmartFaceVCP" "SmartFaceVCP" "TOSHIBA Corporation" "c:\program files\toshiba\smartfacev\smartfacevcp.dll"
+ "tosWirelessLANIndicatorCP" "Credential Provider Dll for TOSHIBA Wireless LAN Indicator" "TOSHIBA CORPORATION" "c:\windows\system32\toswirelesslanindicatorcp.dll"
+ "WLIDCredentialProvider" "Microsoft® Windows Live ID Credential Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "igfxcui" "igfxdev Module" "Intel Corporation" "c:\windows\system32\igfxdev.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files (x86)\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users