Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows Firewall will not start!


  • Please log in to reply
16 replies to this topic

#1 Incredulous

Incredulous

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:03:22 PM

Posted 23 October 2012 - 10:33 PM

Greetings honored wizards of computer fixery!

I am a first time poster that is having an issue with Windows Firewall.

Until today I was also having an issue with Microsoft Security Essentials, but I believe to have that problem resolved. Let me preface with that I have already dug deeply to find associated issues and I am now just stumped. Windows Firewall will not start from the control panel and I am not able to start the service. I receive error 0x8007042c when I try to start it from control panel and error 1068 when trying to start the service. I traced the problem down the service dependencies and found that BFE was not running. I found a solution on the forums for resolving the BFE service issue.

Afterwards I discovered that my BITS service is not running and appears to be missing entirely.

So I probably have several problems, but my end goal is to get my firewall running again.

Where do we start?

-incredulous

Edited by Orange Blossom, 23 October 2012 - 11:04 PM.
Moved to AII. ~ OB


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:22 PM

Posted 23 October 2012 - 10:35 PM

Lets check for malware before fixing firewall

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 Incredulous

Incredulous
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:03:22 PM

Posted 23 October 2012 - 11:54 PM

Sorry it took me so long to get back to this. My ISP was having issues with DNS, but it appears to have resolved now and I have began to run the scans. Here is the first scan, looks clean, but I don't know what to look for :). I will post up the next one after it finishes. It might take a while!

00:48:44.0151 13560 TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
00:48:44.0552 13560 ============================================================
00:48:44.0552 13560 Current date / time: 2012/10/24 00:48:44.0552
00:48:44.0552 13560 SystemInfo:
00:48:44.0552 13560
00:48:44.0552 13560 OS Version: 6.1.7601 ServicePack: 1.0
00:48:44.0552 13560 Product type: Workstation
00:48:44.0552 13560 ComputerName: INCREDULOUS-PC
00:48:44.0552 13560 UserName: Incredulous
00:48:44.0552 13560 Windows directory: C:\Windows
00:48:44.0552 13560 System windows directory: C:\Windows
00:48:44.0552 13560 Running under WOW64
00:48:44.0552 13560 Processor architecture: Intel x64
00:48:44.0552 13560 Number of processors: 6
00:48:44.0552 13560 Page size: 0x1000
00:48:44.0552 13560 Boot type: Normal boot
00:48:44.0552 13560 ============================================================
00:48:50.0406 13560 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
00:48:50.0420 13560 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1F8B1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
00:48:50.0421 13560 Drive \Device\Harddisk2\DR2 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
00:48:50.0444 13560 ============================================================
00:48:50.0444 13560 \Device\Harddisk0\DR0:
00:48:50.0547 13560 MBR partitions:
00:48:50.0547 13560 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x61A7927
00:48:50.0547 13560 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x61A8000, BlocksNum 0x1388800
00:48:50.0547 13560 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x7530800, BlocksNum 0x6D1D5800
00:48:50.0547 13560 \Device\Harddisk1\DR1:
00:48:50.0548 13560 MBR partitions:
00:48:50.0548 13560 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
00:48:50.0548 13560 \Device\Harddisk2\DR2:
00:48:50.0548 13560 MBR partitions:
00:48:50.0548 13560 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xDF93800
00:48:50.0548 13560 ============================================================
00:48:50.0565 13560 C: <-> \Device\Harddisk1\DR1\Partition1
00:48:50.0588 13560 D: <-> \Device\Harddisk0\DR0\Partition1
00:48:50.0588 13560 E: <-> \Device\Harddisk2\DR2\Partition1
00:48:50.0611 13560 F: <-> \Device\Harddisk0\DR0\Partition2
00:48:50.0635 13560 J: <-> \Device\Harddisk0\DR0\Partition3
00:48:50.0635 13560 ============================================================
00:48:50.0635 13560 Initialize success
00:48:50.0635 13560 ============================================================
00:49:22.0664 6804 ============================================================
00:49:22.0664 6804 Scan started
00:49:22.0664 6804 Mode: Manual; TDLFS;
00:49:22.0664 6804 ============================================================
00:49:22.0960 6804 ================ Scan system memory ========================
00:49:22.0960 6804 System memory - ok
00:49:22.0960 6804 ================ Scan services =============================
00:49:23.0040 6804 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
00:49:23.0042 6804 1394ohci - ok
00:49:23.0065 6804 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
00:49:23.0067 6804 ACPI - ok
00:49:23.0092 6804 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
00:49:23.0092 6804 AcpiPmi - ok
00:49:23.0118 6804 [ 2F0683FD2DF1D92E891CACA14B45A8C1 ] adfs C:\Windows\system32\drivers\adfs.sys
00:49:23.0119 6804 adfs - ok
00:49:23.0216 6804 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
00:49:23.0219 6804 AdobeFlashPlayerUpdateSvc - ok
00:49:23.0242 6804 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
00:49:23.0245 6804 adp94xx - ok
00:49:23.0255 6804 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
00:49:23.0257 6804 adpahci - ok
00:49:23.0271 6804 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
00:49:23.0272 6804 adpu320 - ok
00:49:23.0295 6804 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
00:49:23.0296 6804 AeLookupSvc - ok
00:49:23.0342 6804 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
00:49:23.0346 6804 AFD - ok
00:49:23.0376 6804 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
00:49:23.0377 6804 agp440 - ok
00:49:23.0389 6804 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
00:49:23.0390 6804 ALG - ok
00:49:23.0405 6804 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
00:49:23.0406 6804 aliide - ok
00:49:23.0449 6804 [ A5A5573C6718A570AA481D956DAF71AA ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
00:49:23.0451 6804 AMD External Events Utility - ok
00:49:23.0504 6804 AMD FUEL Service - ok
00:49:23.0517 6804 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
00:49:23.0518 6804 amdide - ok
00:49:23.0534 6804 [ 6A2EEB0C4133B20773BB3DD0B7B377B4 ] amdiox64 C:\Windows\system32\DRIVERS\amdiox64.sys
00:49:23.0534 6804 amdiox64 - ok
00:49:23.0560 6804 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
00:49:23.0561 6804 AmdK8 - ok
00:49:23.0702 6804 [ 31AA494A9C6AC84EB5269E3CD7F7C97C ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
00:49:23.0831 6804 amdkmdag - ok
00:49:23.0871 6804 [ E51A6E189F1AAA87776690D71A803418 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
00:49:23.0874 6804 amdkmdap - ok
00:49:23.0889 6804 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
00:49:23.0890 6804 AmdPPM - ok
00:49:23.0912 6804 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
00:49:23.0913 6804 amdsata - ok
00:49:23.0937 6804 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
00:49:23.0939 6804 amdsbs - ok
00:49:23.0963 6804 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
00:49:23.0963 6804 amdxata - ok
00:49:23.0982 6804 [ 5B25D1A753CC3A3EDB909BB759AC1098 ] AODDriver4.01 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
00:49:23.0982 6804 AODDriver4.01 - ok
00:49:23.0985 6804 [ 5B25D1A753CC3A3EDB909BB759AC1098 ] AODDriver4.1 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
00:49:23.0986 6804 AODDriver4.1 - ok
00:49:24.0008 6804 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
00:49:24.0008 6804 AppID - ok
00:49:24.0021 6804 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
00:49:24.0022 6804 AppIDSvc - ok
00:49:24.0053 6804 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
00:49:24.0054 6804 Appinfo - ok
00:49:24.0072 6804 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
00:49:24.0074 6804 AppMgmt - ok
00:49:24.0095 6804 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
00:49:24.0096 6804 arc - ok
00:49:24.0104 6804 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
00:49:24.0104 6804 arcsas - ok
00:49:24.0177 6804 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
00:49:24.0190 6804 aspnet_state - ok
00:49:24.0229 6804 [ 912A215CE180A6E7C923C662D7EC777D ] AsrAppCharger C:\Windows\system32\DRIVERS\AsrAppCharger.sys
00:49:24.0230 6804 AsrAppCharger - ok
00:49:24.0253 6804 [ EDC0C73FA41DF1C8B1FEA3852AED2848 ] AsrHidFilter C:\Windows\system32\DRIVERS\AsrHidFilter.sys
00:49:24.0254 6804 AsrHidFilter - ok
00:49:24.0266 6804 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
00:49:24.0267 6804 AsyncMac - ok
00:49:24.0280 6804 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
00:49:24.0281 6804 atapi - ok
00:49:24.0327 6804 [ 24464B908E143D2561E9E452FEE97309 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
00:49:24.0328 6804 AtiHDAudioService - ok
00:49:24.0360 6804 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
00:49:24.0366 6804 AudioEndpointBuilder - ok
00:49:24.0374 6804 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
00:49:24.0377 6804 AudioSrv - ok
00:49:24.0403 6804 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
00:49:24.0404 6804 AxInstSV - ok
00:49:24.0431 6804 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
00:49:24.0435 6804 b06bdrv - ok
00:49:24.0454 6804 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
00:49:24.0456 6804 b57nd60a - ok
00:49:24.0471 6804 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
00:49:24.0472 6804 BDESVC - ok
00:49:24.0486 6804 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
00:49:24.0487 6804 Beep - ok
00:49:24.0538 6804 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
00:49:24.0542 6804 BFE - ok
00:49:24.0554 6804 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
00:49:24.0555 6804 blbdrive - ok
00:49:24.0595 6804 [ 73686FE0B2E0469F89FD2075BE724704 ] Bonjour Service C:\Program Files (x86)\Bonjour\mDNSResponder.exe
00:49:24.0596 6804 Bonjour Service - ok
00:49:24.0623 6804 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
00:49:24.0624 6804 bowser - ok
00:49:24.0628 6804 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
00:49:24.0628 6804 BrFiltLo - ok
00:49:24.0631 6804 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
00:49:24.0632 6804 BrFiltUp - ok
00:49:24.0659 6804 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
00:49:24.0660 6804 Browser - ok
00:49:24.0667 6804 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
00:49:24.0669 6804 Brserid - ok
00:49:24.0679 6804 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
00:49:24.0680 6804 BrSerWdm - ok
00:49:24.0684 6804 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
00:49:24.0685 6804 BrUsbMdm - ok
00:49:24.0689 6804 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
00:49:24.0690 6804 BrUsbSer - ok
00:49:24.0693 6804 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
00:49:24.0694 6804 BTHMODEM - ok
00:49:24.0718 6804 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
00:49:24.0719 6804 bthserv - ok
00:49:24.0734 6804 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
00:49:24.0735 6804 cdfs - ok
00:49:24.0758 6804 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
00:49:24.0760 6804 cdrom - ok
00:49:24.0778 6804 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
00:49:24.0779 6804 CertPropSvc - ok
00:49:24.0831 6804 [ 33B82CF69E41B38A2EC0C3CABDE80D6E ] cFosSpeed C:\Windows\system32\DRIVERS\cfosspeed6.sys
00:49:24.0850 6804 cFosSpeed - ok
00:49:24.0908 6804 [ 760085908644D2988F1B504C3FCA6959 ] cFosSpeedS C:\Program Files\ASRock\XFast LAN\spd.exe
00:49:24.0911 6804 cFosSpeedS - ok
00:49:24.0929 6804 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
00:49:24.0930 6804 circlass - ok
00:49:24.0949 6804 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
00:49:24.0952 6804 CLFS - ok
00:49:24.0981 6804 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
00:49:24.0983 6804 clr_optimization_v2.0.50727_32 - ok
00:49:25.0005 6804 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
00:49:25.0006 6804 clr_optimization_v2.0.50727_64 - ok
00:49:25.0054 6804 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
00:49:25.0082 6804 clr_optimization_v4.0.30319_32 - ok
00:49:25.0097 6804 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
00:49:25.0122 6804 clr_optimization_v4.0.30319_64 - ok
00:49:25.0126 6804 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
00:49:25.0126 6804 CmBatt - ok
00:49:25.0142 6804 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
00:49:25.0142 6804 cmdide - ok
00:49:25.0165 6804 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
00:49:25.0168 6804 CNG - ok
00:49:25.0172 6804 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
00:49:25.0172 6804 Compbatt - ok
00:49:25.0198 6804 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
00:49:25.0199 6804 CompositeBus - ok
00:49:25.0203 6804 COMSysApp - ok
00:49:25.0211 6804 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
00:49:25.0212 6804 crcdisk - ok
00:49:25.0243 6804 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
00:49:25.0244 6804 CryptSvc - ok
00:49:25.0262 6804 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
00:49:25.0266 6804 CSC - ok
00:49:25.0297 6804 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
00:49:25.0302 6804 CscService - ok
00:49:25.0342 6804 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
00:49:25.0346 6804 DcomLaunch - ok
00:49:25.0361 6804 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
00:49:25.0362 6804 defragsvc - ok
00:49:25.0394 6804 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
00:49:25.0395 6804 DfsC - ok
00:49:25.0426 6804 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
00:49:25.0429 6804 Dhcp - ok
00:49:25.0440 6804 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
00:49:25.0441 6804 discache - ok
00:49:25.0455 6804 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
00:49:25.0456 6804 Disk - ok
00:49:25.0476 6804 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
00:49:25.0479 6804 Dnscache - ok
00:49:25.0514 6804 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
00:49:25.0516 6804 dot3svc - ok
00:49:25.0541 6804 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
00:49:25.0543 6804 DPS - ok
00:49:25.0562 6804 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
00:49:25.0562 6804 drmkaud - ok
00:49:25.0592 6804 [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
00:49:25.0594 6804 dtsoftbus01 - ok
00:49:25.0613 6804 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
00:49:25.0619 6804 DXGKrnl - ok
00:49:25.0632 6804 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
00:49:25.0634 6804 EapHost - ok
00:49:25.0684 6804 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
00:49:25.0726 6804 ebdrv - ok
00:49:25.0749 6804 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
00:49:25.0750 6804 EFS - ok
00:49:25.0778 6804 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
00:49:25.0783 6804 ehRecvr - ok
00:49:25.0809 6804 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
00:49:25.0811 6804 ehSched - ok
00:49:25.0834 6804 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
00:49:25.0838 6804 elxstor - ok
00:49:25.0851 6804 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
00:49:25.0852 6804 ErrDev - ok
00:49:25.0897 6804 [ DF2F6C1E55F6E81CFC7F688380D85816 ] EtronHub3 C:\Windows\system32\Drivers\EtronHub3.sys
00:49:25.0898 6804 EtronHub3 - ok
00:49:25.0923 6804 [ E093ABFB67A4B9D94F80611A7D0A8BB9 ] EtronXHCI C:\Windows\system32\Drivers\EtronXHCI.sys
00:49:25.0923 6804 EtronXHCI - ok
00:49:25.0939 6804 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
00:49:25.0941 6804 EventSystem - ok
00:49:25.0947 6804 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
00:49:25.0948 6804 exfat - ok
00:49:25.0960 6804 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
00:49:25.0962 6804 fastfat - ok
00:49:25.0996 6804 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
00:49:26.0003 6804 Fax - ok
00:49:26.0006 6804 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
00:49:26.0007 6804 fdc - ok
00:49:26.0010 6804 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
00:49:26.0011 6804 fdPHost - ok
00:49:26.0024 6804 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
00:49:26.0026 6804 FDResPub - ok
00:49:26.0039 6804 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
00:49:26.0040 6804 FileInfo - ok
00:49:26.0043 6804 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
00:49:26.0044 6804 Filetrace - ok
00:49:26.0092 6804 [ 1F63900E2EB00101B9ACA2B7A870704E ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
00:49:26.0098 6804 FLEXnet Licensing Service - ok
00:49:26.0156 6804 [ 5CEE6CD43AE5844C49300EA0B1E557EE ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
00:49:26.0167 6804 FLEXnet Licensing Service 64 - ok
00:49:26.0170 6804 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
00:49:26.0171 6804 flpydisk - ok
00:49:26.0196 6804 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
00:49:26.0198 6804 FltMgr - ok
00:49:26.0224 6804 [ 508401A63E6B1CBF0B9C9A011498731F ] FNETTBOH_305 C:\Windows\system32\drivers\FNETTBOH_305.SYS
00:49:26.0236 6804 FNETTBOH_305 - ok
00:49:26.0260 6804 [ 7C3C4B4C951EC1BDFD4F769D05E2CC68 ] FNETURPX C:\Windows\system32\drivers\FNETURPX.SYS
00:49:26.0271 6804 FNETURPX - ok
00:49:26.0308 6804 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
00:49:26.0318 6804 FontCache - ok
00:49:26.0364 6804 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
00:49:26.0365 6804 FontCache3.0.0.0 - ok
00:49:26.0369 6804 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
00:49:26.0369 6804 FsDepends - ok
00:49:26.0398 6804 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
00:49:26.0399 6804 Fs_Rec - ok
00:49:26.0426 6804 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
00:49:26.0428 6804 fvevol - ok
00:49:26.0450 6804 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
00:49:26.0451 6804 gagp30kx - ok
00:49:26.0485 6804 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
00:49:26.0492 6804 gpsvc - ok
00:49:26.0527 6804 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
00:49:26.0528 6804 gusvc - ok
00:49:26.0553 6804 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
00:49:26.0554 6804 hamachi - ok
00:49:26.0633 6804 [ F10C3F2E002100BF8B797DCF283FEA7D ] Hamachi2Svc C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
00:49:26.0664 6804 Hamachi2Svc - ok
00:49:26.0679 6804 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
00:49:26.0680 6804 hcw85cir - ok
00:49:26.0726 6804 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
00:49:26.0728 6804 HdAudAddService - ok
00:49:26.0745 6804 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
00:49:26.0747 6804 HDAudBus - ok
00:49:26.0756 6804 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
00:49:26.0757 6804 HidBatt - ok
00:49:26.0761 6804 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
00:49:26.0763 6804 HidBth - ok
00:49:26.0781 6804 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
00:49:26.0782 6804 HidIr - ok
00:49:26.0796 6804 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
00:49:26.0797 6804 hidserv - ok
00:49:26.0834 6804 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
00:49:26.0835 6804 HidUsb - ok
00:49:26.0861 6804 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
00:49:26.0863 6804 hkmsvc - ok
00:49:26.0888 6804 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
00:49:26.0891 6804 HomeGroupListener - ok
00:49:26.0909 6804 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
00:49:26.0912 6804 HomeGroupProvider - ok
00:49:26.0930 6804 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
00:49:26.0931 6804 HpSAMD - ok
00:49:26.0963 6804 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
00:49:26.0968 6804 HTTP - ok
00:49:26.0995 6804 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
00:49:26.0995 6804 hwpolicy - ok
00:49:27.0009 6804 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
00:49:27.0010 6804 i8042prt - ok
00:49:27.0032 6804 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
00:49:27.0036 6804 iaStorV - ok
00:49:27.0076 6804 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
00:49:27.0084 6804 idsvc - ok
00:49:27.0096 6804 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
00:49:27.0096 6804 iirsp - ok
00:49:27.0122 6804 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
00:49:27.0129 6804 IKEEXT - ok
00:49:27.0200 6804 [ C7124DA48E557D8F88D0D7F1254557F4 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
00:49:27.0244 6804 IntcAzAudAddService - ok
00:49:27.0268 6804 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
00:49:27.0268 6804 intelide - ok
00:49:27.0278 6804 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
00:49:27.0279 6804 intelppm - ok
00:49:27.0302 6804 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
00:49:27.0304 6804 IPBusEnum - ok
00:49:27.0322 6804 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
00:49:27.0323 6804 IpFilterDriver - ok
00:49:27.0335 6804 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
00:49:27.0336 6804 IPMIDRV - ok
00:49:27.0340 6804 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
00:49:27.0341 6804 IPNAT - ok
00:49:27.0345 6804 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
00:49:27.0345 6804 IRENUM - ok
00:49:27.0360 6804 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
00:49:27.0360 6804 isapnp - ok
00:49:27.0373 6804 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
00:49:27.0375 6804 iScsiPrt - ok
00:49:27.0412 6804 [ 455B75C19BF3F1F2EE3AC10E1169826C ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
00:49:27.0415 6804 k57nd60a - ok
00:49:27.0426 6804 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
00:49:27.0427 6804 kbdclass - ok
00:49:27.0447 6804 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
00:49:27.0448 6804 kbdhid - ok
00:49:27.0457 6804 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
00:49:27.0458 6804 KeyIso - ok
00:49:27.0480 6804 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
00:49:27.0481 6804 KSecDD - ok
00:49:27.0513 6804 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
00:49:27.0514 6804 KSecPkg - ok
00:49:27.0528 6804 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
00:49:27.0529 6804 ksthunk - ok
00:49:27.0556 6804 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
00:49:27.0560 6804 KtmRm - ok
00:49:27.0586 6804 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
00:49:27.0589 6804 LanmanServer - ok
00:49:27.0614 6804 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
00:49:27.0616 6804 LanmanWorkstation - ok
00:49:27.0637 6804 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
00:49:27.0638 6804 lltdio - ok
00:49:27.0658 6804 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
00:49:27.0662 6804 lltdsvc - ok
00:49:27.0671 6804 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
00:49:27.0672 6804 lmhosts - ok
00:49:27.0710 6804 LMIInfo - ok
00:49:27.0735 6804 [ 413ECDCFAD9A82804D3674C8D7EEC24E ] lmimirr C:\Windows\system32\DRIVERS\lmimirr.sys
00:49:27.0735 6804 lmimirr - ok
00:49:27.0744 6804 LMIRfsClientNP - ok
00:49:27.0756 6804 [ C57D3FAA50E6F395759FFB7C709BD944 ] LMIRfsDriver C:\Windows\system32\drivers\LMIRfsDriver.sys
00:49:27.0757 6804 LMIRfsDriver - ok
00:49:27.0774 6804 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
00:49:27.0776 6804 LSI_FC - ok
00:49:27.0783 6804 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
00:49:27.0784 6804 LSI_SAS - ok
00:49:27.0788 6804 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
00:49:27.0789 6804 LSI_SAS2 - ok
00:49:27.0800 6804 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
00:49:27.0800 6804 LSI_SCSI - ok
00:49:27.0817 6804 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
00:49:27.0818 6804 luafv - ok
00:49:27.0839 6804 [ 8FF2D95CBA49B405C5DE27039FF0BF35 ] MBfilt C:\Windows\system32\drivers\MBfilt64.sys
00:49:27.0840 6804 MBfilt - ok
00:49:27.0864 6804 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
00:49:27.0866 6804 Mcx2Svc - ok
00:49:27.0879 6804 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
00:49:27.0879 6804 megasas - ok
00:49:27.0894 6804 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
00:49:27.0896 6804 MegaSR - ok
00:49:27.0965 6804 [ 0AF89452A8CE3928168F4E5B2208C68B ] mi-raysat_3dsmax2012_64 C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe
00:49:27.0966 6804 mi-raysat_3dsmax2012_64 - ok
00:49:27.0976 6804 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
00:49:27.0977 6804 MMCSS - ok
00:49:27.0990 6804 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
00:49:27.0991 6804 Modem - ok
00:49:28.0018 6804 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
00:49:28.0019 6804 monitor - ok
00:49:28.0042 6804 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
00:49:28.0043 6804 mouclass - ok
00:49:28.0065 6804 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
00:49:28.0066 6804 mouhid - ok
00:49:28.0087 6804 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
00:49:28.0088 6804 mountmgr - ok
00:49:28.0123 6804 [ 4D7F2682D29B92A6251B17957AA0B985 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
00:49:28.0125 6804 MozillaMaintenance - ok
00:49:28.0150 6804 [ 94C66EDEDCDB6A126880472F9A704D8E ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
00:49:28.0151 6804 MpFilter - ok
00:49:28.0163 6804 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
00:49:28.0163 6804 mpio - ok
00:49:28.0167 6804 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
00:49:28.0168 6804 mpsdrv - ok
00:49:28.0229 6804 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
00:49:28.0234 6804 MpsSvc - ok
00:49:28.0265 6804 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
00:49:28.0267 6804 MRxDAV - ok
00:49:28.0293 6804 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
00:49:28.0295 6804 mrxsmb - ok
00:49:28.0311 6804 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
00:49:28.0314 6804 mrxsmb10 - ok
00:49:28.0345 6804 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
00:49:28.0346 6804 mrxsmb20 - ok
00:49:28.0360 6804 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
00:49:28.0361 6804 msahci - ok
00:49:28.0371 6804 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
00:49:28.0373 6804 msdsm - ok
00:49:28.0384 6804 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
00:49:28.0386 6804 MSDTC - ok
00:49:28.0401 6804 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
00:49:28.0401 6804 Msfs - ok
00:49:28.0408 6804 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
00:49:28.0409 6804 mshidkmdf - ok
00:49:28.0428 6804 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
00:49:28.0428 6804 msisadrv - ok
00:49:28.0448 6804 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
00:49:28.0450 6804 MSiSCSI - ok
00:49:28.0453 6804 msiserver - ok
00:49:28.0468 6804 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
00:49:28.0468 6804 MSKSSRV - ok
00:49:28.0515 6804 [ 59FAAF2C83C8169EA20F9E335E418907 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
00:49:28.0515 6804 MsMpSvc - ok
00:49:28.0537 6804 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
00:49:28.0537 6804 MSPCLOCK - ok
00:49:28.0550 6804 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
00:49:28.0551 6804 MSPQM - ok
00:49:28.0587 6804 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
00:49:28.0589 6804 MsRPC - ok
00:49:28.0601 6804 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
00:49:28.0602 6804 mssmbios - ok
00:49:28.0614 6804 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
00:49:28.0615 6804 MSTEE - ok
00:49:28.0623 6804 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
00:49:28.0623 6804 MTConfig - ok
00:49:28.0631 6804 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
00:49:28.0632 6804 Mup - ok
00:49:28.0661 6804 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
00:49:28.0666 6804 napagent - ok
00:49:28.0685 6804 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
00:49:28.0687 6804 NativeWifiP - ok
00:49:28.0721 6804 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
00:49:28.0728 6804 NDIS - ok
00:49:28.0735 6804 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
00:49:28.0736 6804 NdisCap - ok
00:49:28.0739 6804 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
00:49:28.0739 6804 NdisTapi - ok
00:49:28.0756 6804 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
00:49:28.0757 6804 Ndisuio - ok
00:49:28.0783 6804 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
00:49:28.0785 6804 NdisWan - ok
00:49:28.0808 6804 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
00:49:28.0808 6804 NDProxy - ok
00:49:28.0818 6804 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
00:49:28.0819 6804 NetBIOS - ok
00:49:28.0843 6804 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
00:49:28.0846 6804 NetBT - ok
00:49:28.0858 6804 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
00:49:28.0859 6804 Netlogon - ok
00:49:28.0883 6804 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
00:49:28.0886 6804 Netman - ok
00:49:28.0918 6804 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:49:28.0919 6804 NetMsmqActivator - ok
00:49:28.0923 6804 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:49:28.0924 6804 NetPipeActivator - ok
00:49:28.0941 6804 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
00:49:28.0946 6804 netprofm - ok
00:49:28.0950 6804 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:49:28.0951 6804 NetTcpActivator - ok
00:49:28.0954 6804 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:49:28.0955 6804 NetTcpPortSharing - ok
00:49:28.0976 6804 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
00:49:28.0976 6804 nfrd960 - ok
00:49:29.0003 6804 [ 91B4E0273D2F6C24EF845F2B41311289 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
00:49:29.0004 6804 NisDrv - ok
00:49:29.0029 6804 [ 10A43829A9E606AF3EEF25A1C1665923 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
00:49:29.0032 6804 NisSrv - ok
00:49:29.0063 6804 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
00:49:29.0067 6804 NlaSvc - ok
00:49:29.0077 6804 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
00:49:29.0078 6804 Npfs - ok
00:49:29.0089 6804 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
00:49:29.0090 6804 nsi - ok
00:49:29.0094 6804 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
00:49:29.0094 6804 nsiproxy - ok
00:49:29.0144 6804 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
00:49:29.0230 6804 Ntfs - ok
00:49:29.0251 6804 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
00:49:29.0251 6804 Null - ok
00:49:29.0296 6804 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
00:49:29.0296 6804 nvraid - ok
00:49:29.0338 6804 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
00:49:29.0339 6804 nvstor - ok
00:49:29.0347 6804 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
00:49:29.0348 6804 nv_agp - ok
00:49:29.0359 6804 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
00:49:29.0360 6804 ohci1394 - ok
00:49:29.0414 6804 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
00:49:29.0415 6804 ose - ok
00:49:29.0435 6804 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
00:49:29.0438 6804 p2pimsvc - ok
00:49:29.0455 6804 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
00:49:29.0460 6804 p2psvc - ok
00:49:29.0484 6804 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
00:49:29.0485 6804 Parport - ok
00:49:29.0510 6804 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
00:49:29.0511 6804 partmgr - ok
00:49:29.0520 6804 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
00:49:29.0523 6804 PcaSvc - ok
00:49:29.0534 6804 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
00:49:29.0536 6804 pci - ok
00:49:29.0556 6804 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
00:49:29.0557 6804 pciide - ok
00:49:29.0568 6804 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
00:49:29.0570 6804 pcmcia - ok
00:49:29.0582 6804 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
00:49:29.0582 6804 pcw - ok
00:49:29.0604 6804 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
00:49:29.0609 6804 PEAUTH - ok
00:49:29.0649 6804 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
00:49:29.0660 6804 PeerDistSvc - ok
00:49:29.0712 6804 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
00:49:29.0714 6804 PerfHost - ok
00:49:29.0761 6804 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
00:49:29.0780 6804 pla - ok
00:49:29.0827 6804 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
00:49:29.0831 6804 PlugPlay - ok
00:49:29.0841 6804 PnkBstrA - ok
00:49:29.0852 6804 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
00:49:29.0853 6804 PNRPAutoReg - ok
00:49:29.0859 6804 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
00:49:29.0861 6804 PNRPsvc - ok
00:49:29.0883 6804 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
00:49:29.0888 6804 PolicyAgent - ok
00:49:29.0908 6804 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
00:49:29.0910 6804 Power - ok
00:49:29.0944 6804 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
00:49:29.0945 6804 PptpMiniport - ok
00:49:29.0960 6804 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
00:49:29.0960 6804 Processor - ok
00:49:29.0983 6804 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
00:49:29.0986 6804 ProfSvc - ok
00:49:29.0999 6804 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
00:49:30.0000 6804 ProtectedStorage - ok
00:49:30.0029 6804 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
00:49:30.0030 6804 Psched - ok
00:49:30.0060 6804 [ 901DBA98359966A62A6548596988E931 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
00:49:30.0061 6804 PxHlpa64 - ok
00:49:30.0094 6804 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
00:49:30.0106 6804 ql2300 - ok
00:49:30.0119 6804 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
00:49:30.0120 6804 ql40xx - ok
00:49:30.0137 6804 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
00:49:30.0140 6804 QWAVE - ok
00:49:30.0150 6804 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
00:49:30.0152 6804 QWAVEdrv - ok
00:49:30.0155 6804 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
00:49:30.0156 6804 RasAcd - ok
00:49:30.0166 6804 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
00:49:30.0167 6804 RasAgileVpn - ok
00:49:30.0176 6804 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
00:49:30.0178 6804 RasAuto - ok
00:49:30.0203 6804 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
00:49:30.0205 6804 Rasl2tp - ok
00:49:30.0240 6804 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
00:49:30.0243 6804 RasMan - ok
00:49:30.0253 6804 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
00:49:30.0254 6804 RasPppoe - ok
00:49:30.0271 6804 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
00:49:30.0272 6804 RasSstp - ok
00:49:30.0298 6804 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
00:49:30.0300 6804 rdbss - ok
00:49:30.0313 6804 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
00:49:30.0313 6804 rdpbus - ok
00:49:30.0327 6804 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
00:49:30.0327 6804 RDPCDD - ok
00:49:30.0355 6804 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
00:49:30.0356 6804 RDPDR - ok
00:49:30.0372 6804 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
00:49:30.0373 6804 RDPENCDD - ok
00:49:30.0378 6804 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
00:49:30.0379 6804 RDPREFMP - ok
00:49:30.0407 6804 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
00:49:30.0409 6804 RDPWD - ok
00:49:30.0432 6804 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
00:49:30.0433 6804 rdyboost - ok
00:49:30.0455 6804 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
00:49:30.0457 6804 RemoteAccess - ok
00:49:30.0468 6804 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
00:49:30.0471 6804 RemoteRegistry - ok
00:49:30.0480 6804 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
00:49:30.0482 6804 RpcEptMapper - ok
00:49:30.0505 6804 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
00:49:30.0506 6804 RpcLocator - ok
00:49:30.0543 6804 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
00:49:30.0547 6804 RpcSs - ok
00:49:30.0556 6804 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
00:49:30.0557 6804 rspndr - ok
00:49:30.0585 6804 [ ABCB5A38A0D85BDF69B7877E1AD1EED5 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
00:49:30.0587 6804 RTL8167 - ok
00:49:30.0623 6804 [ 602FCF9D91BD47721B248B81F816C267 ] rzendpt C:\Windows\system32\DRIVERS\rzendpt.sys
00:49:30.0624 6804 rzendpt - ok
00:49:30.0649 6804 [ 672CA863751E96F0A800215C11FD496F ] rzudd C:\Windows\system32\DRIVERS\rzudd.sys
00:49:30.0650 6804 rzudd - ok
00:49:30.0673 6804 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
00:49:30.0674 6804 s3cap - ok
00:49:30.0678 6804 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
00:49:30.0679 6804 SamSs - ok
00:49:30.0703 6804 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
00:49:30.0704 6804 sbp2port - ok
00:49:30.0709 6804 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
00:49:30.0712 6804 SCardSvr - ok
00:49:30.0733 6804 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
00:49:30.0734 6804 scfilter - ok
00:49:30.0777 6804 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
00:49:30.0787 6804 Schedule - ok
00:49:30.0811 6804 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
00:49:30.0812 6804 SCPolicySvc - ok
00:49:30.0835 6804 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
00:49:30.0837 6804 SDRSVC - ok
00:49:30.0853 6804 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
00:49:30.0854 6804 secdrv - ok
00:49:30.0882 6804 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
00:49:30.0884 6804 seclogon - ok
00:49:30.0903 6804 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
00:49:30.0905 6804 SENS - ok
00:49:30.0914 6804 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
00:49:30.0916 6804 SensrSvc - ok
00:49:30.0935 6804 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
00:49:30.0936 6804 Serenum - ok
00:49:30.0960 6804 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
00:49:30.0961 6804 Serial - ok
00:49:30.0976 6804 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
00:49:30.0977 6804 sermouse - ok
00:49:31.0005 6804 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
00:49:31.0007 6804 SessionEnv - ok
00:49:31.0029 6804 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
00:49:31.0030 6804 sffdisk - ok
00:49:31.0044 6804 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
00:49:31.0044 6804 sffp_mmc - ok
00:49:31.0055 6804 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
00:49:31.0055 6804 sffp_sd - ok
00:49:31.0069 6804 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
00:49:31.0070 6804 sfloppy - ok
00:49:31.0088 6804 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
00:49:31.0092 6804 ShellHWDetection - ok
00:49:31.0114 6804 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
00:49:31.0115 6804 SiSRaid2 - ok
00:49:31.0119 6804 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
00:49:31.0119 6804 SiSRaid4 - ok
00:49:31.0251 6804 [ 753D254205E0A62100A050BD8B458D06 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
00:49:31.0293 6804 Skype C2C Service - ok
00:49:31.0327 6804 [ A37740568718F245E818D0C5575B9AA9 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
00:49:31.0328 6804 SkypeUpdate - ok
00:49:31.0538 6804 [ C337738BA4BD745E0983EC6EF262798D ] SmartViewService C:\Program Files (x86)\DeviceVM\SmartView\SmartViewService.exe
00:49:31.0548 6804 SmartViewService - ok
00:49:31.0561 6804 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
00:49:31.0562 6804 Smb - ok
00:49:31.0584 6804 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
00:49:31.0586 6804 SNMPTRAP - ok
00:49:31.0606 6804 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
00:49:31.0606 6804 spldr - ok
00:49:31.0640 6804 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe
00:49:31.0645 6804 Spooler - ok
00:49:31.0700 6804 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
00:49:31.0751 6804 sppsvc - ok
00:49:31.0766 6804 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
00:49:31.0767 6804 sppuinotify - ok
00:49:31.0802 6804 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
00:49:31.0807 6804 srv - ok
00:49:31.0830 6804 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
00:49:31.0834 6804 srv2 - ok
00:49:31.0864 6804 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
00:49:31.0866 6804 srvnet - ok
00:49:31.0882 6804 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
00:49:31.0885 6804 SSDPSRV - ok
00:49:31.0899 6804 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
00:49:31.0902 6804 SstpSvc - ok
00:49:31.0915 6804 Steam Client Service - ok
00:49:31.0926 6804 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
00:49:31.0926 6804 stexstor - ok
00:49:31.0950 6804 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
00:49:31.0951 6804 StillCam - ok
00:49:31.0982 6804 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
00:49:31.0988 6804 stisvc - ok
00:49:32.0000 6804 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
00:49:32.0001 6804 storflt - ok
00:49:32.0019 6804 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
00:49:32.0021 6804 StorSvc - ok
00:49:32.0045 6804 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
00:49:32.0045 6804 storvsc - ok
00:49:32.0053 6804 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
00:49:32.0054 6804 swenum - ok
00:49:32.0073 6804 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
00:49:32.0078 6804 swprv - ok
00:49:32.0128 6804 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
00:49:32.0149 6804 SysMain - ok
00:49:32.0170 6804 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
00:49:32.0172 6804 TabletInputService - ok
00:49:32.0198 6804 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
00:49:32.0202 6804 TapiSrv - ok
00:49:32.0211 6804 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
00:49:32.0213 6804 TBS - ok
00:49:32.0260 6804 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
00:49:32.0281 6804 Tcpip - ok
00:49:32.0301 6804 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
00:49:32.0310 6804 TCPIP6 - ok
00:49:32.0340 6804 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
00:49:32.0341 6804 tcpipreg - ok
00:49:32.0355 6804 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
00:49:32.0356 6804 TDPIPE - ok
00:49:32.0369 6804 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
00:49:32.0370 6804 TDTCP - ok
00:49:32.0391 6804 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
00:49:32.0392 6804 tdx - ok
00:49:32.0421 6804 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
00:49:32.0422 6804 TermDD - ok
00:49:32.0446 6804 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
00:49:32.0452 6804 TermService - ok
00:49:32.0468 6804 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
00:49:32.0470 6804 Themes - ok
00:49:32.0485 6804 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
00:49:32.0486 6804 THREADORDER - ok
00:49:32.0493 6804 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
00:49:32.0495 6804 TrkWks - ok
00:49:32.0526 6804 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
00:49:32.0527 6804 TrustedInstaller - ok
00:49:32.0555 6804 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
00:49:32.0556 6804 tssecsrv - ok
00:49:32.0586 6804 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
00:49:32.0587 6804 TsUsbFlt - ok
00:49:32.0626 6804 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
00:49:32.0627 6804 tunnel - ok
00:49:32.0636 6804 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
00:49:32.0637 6804 uagp35 - ok
00:49:32.0668 6804 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
00:49:32.0672 6804 udfs - ok
00:49:32.0688 6804 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
00:49:32.0690 6804 UI0Detect - ok
00:49:32.0707 6804 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
00:49:32.0708 6804 uliagpkx - ok
00:49:32.0725 6804 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
00:49:32.0726 6804 umbus - ok
00:49:32.0735 6804 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
00:49:32.0735 6804 UmPass - ok
00:49:32.0753 6804 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
00:49:32.0755 6804 UmRdpService - ok
00:49:32.0778 6804 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
00:49:32.0782 6804 upnphost - ok
00:49:32.0803 6804 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
00:49:32.0804 6804 usbccgp - ok
00:49:32.0845 6804 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
00:49:32.0847 6804 usbcir - ok
00:49:32.0864 6804 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
00:49:32.0865 6804 usbehci - ok
00:49:32.0896 6804 [ 858BE9C0E498C8E505E198E17EECE0D9 ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys
00:49:32.0896 6804 usbfilter - ok
00:49:32.0925 6804 [ 68BAD03835873D4BBBDE95CBB135A395 ] UsbFltr C:\Windows\system32\Drivers\UsbFltr.sys
00:49:32.0926 6804 UsbFltr - ok
00:49:32.0959 6804 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
00:49:32.0962 6804 usbhub - ok
00:49:32.0977 6804 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
00:49:32.0978 6804 usbohci - ok
00:49:32.0993 6804 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
00:49:32.0994 6804 usbprint - ok
00:49:33.0009 6804 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
00:49:33.0010 6804 USBSTOR - ok
00:49:33.0025 6804 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
00:49:33.0026 6804 usbuhci - ok
00:49:33.0042 6804 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
00:49:33.0044 6804 UxSms - ok
00:49:33.0049 6804 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
00:49:33.0050 6804 VaultSvc - ok
00:49:33.0055 6804 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
00:49:33.0056 6804 vdrvroot - ok
00:49:33.0087 6804 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
00:49:33.0093 6804 vds - ok
00:49:33.0097 6804 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
00:49:33.0098 6804 vga - ok
00:49:33.0108 6804 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
00:49:33.0109 6804 VgaSave - ok
00:49:33.0122 6804 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
00:49:33.0123 6804 vhdmp - ok
00:49:33.0137 6804 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
00:49:33.0137 6804 viaide - ok
00:49:33.0168 6804 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
00:49:33.0170 6804 vmbus - ok
00:49:33.0195 6804 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
00:49:33.0196 6804 VMBusHID - ok
00:49:33.0200 6804 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
00:49:33.0201 6804 volmgr - ok
00:49:33.0222 6804 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
00:49:33.0224 6804 volmgrx - ok
00:49:33.0237 6804 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
00:49:33.0238 6804 volsnap - ok
00:49:33.0271 6804 [ B4A73CA4EF9A02B9738CEA9AD5FE5917 ] vpcbus C:\Windows\system32\DRIVERS\vpchbus.sys
00:49:33.0273 6804 vpcbus - ok
00:49:33.0296 6804 [ E675FB2B48C54F09895482E2253B289C ] vpcnfltr C:\Windows\system32\DRIVERS\vpcnfltr.sys
00:49:33.0297 6804 vpcnfltr - ok
00:49:33.0314 6804 [ 5FB42082B0D19A0268705F1DD343DF20 ] vpcusb C:\Windows\system32\DRIVERS\vpcusb.sys
00:49:33.0315 6804 vpcusb - ok
00:49:33.0351 6804 [ 207B6539799CC1C112661A9B620DD233 ] vpcvmm C:\Windows\system32\drivers\vpcvmm.sys
00:49:33.0354 6804 vpcvmm - ok
00:49:33.0370 6804 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
00:49:33.0371 6804 vsmraid - ok
00:49:33.0403 6804 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
00:49:33.0424 6804 VSS - ok
00:49:33.0433 6804 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
00:49:33.0433 6804 vwifibus - ok
00:49:33.0455 6804 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
00:49:33.0459 6804 W32Time - ok
00:49:33.0464 6804 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
00:49:33.0465 6804 WacomPen - ok
00:49:33.0489 6804 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
00:49:33.0490 6804 WANARP - ok
00:49:33.0497 6804 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
00:49:33.0498 6804 Wanarpv6 - ok
00:49:33.0542 6804 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
00:49:33.0553 6804 WatAdminSvc - ok
00:49:33.0580 6804 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
00:49:33.0599 6804 wbengine - ok
00:49:33.0616 6804 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
00:49:33.0618 6804 WbioSrvc - ok
00:49:33.0648 6804 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
00:49:33.0652 6804 wcncsvc - ok
00:49:33.0667 6804 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
00:49:33.0669 6804 WcsPlugInService - ok
00:49:33.0710 6804 [ 147C60622CB53E901EFD8BB6D44A4C46 ] WCUService_STC_IE C:\Program Files (x86)\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe
00:49:33.0714 6804 WCUService_STC_IE - ok
00:49:33.0727 6804 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
00:49:33.0728 6804 Wd - ok
00:49:33.0752 6804 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
00:49:33.0758 6804 Wdf01000 - ok
00:49:33.0772 6804 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
00:49:33.0774 6804 WdiServiceHost - ok
00:49:33.0778 6804 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
00:49:33.0779 6804 WdiSystemHost - ok
00:49:33.0813 6804 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
00:49:33.0817 6804 WebClient - ok
00:49:33.0835 6804 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
00:49:33.0838 6804 Wecsvc - ok
00:49:33.0852 6804 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
00:49:33.0854 6804 wercplsupport - ok
00:49:33.0864 6804 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
00:49:33.0867 6804 WerSvc - ok
00:49:33.0879 6804 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
00:49:33.0880 6804 WfpLwf - ok
00:49:33.0892 6804 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
00:49:33.0893 6804 WIMMount - ok
00:49:33.0899 6804 WinHttpAutoProxySvc - ok
00:49:33.0934 6804 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
00:49:33.0936 6804 Winmgmt - ok
00:49:33.0985 6804 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
00:49:34.0020 6804 WinRM - ok
00:49:34.0069 6804 [ FE88B288356E7B47B74B13372ADD906D ] WinUSB C:\Windows\system32\DRIVERS\WinUSB.sys
00:49:34.0070 6804 WinUSB - ok
00:49:34.0090 6804 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
00:49:34.0099 6804 Wlansvc - ok
00:49:34.0132 6804 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
00:49:34.0133 6804 WmiAcpi - ok
00:49:34.0151 6804 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
00:49:34.0152 6804 wmiApSrv - ok
00:49:34.0170 6804 WMPNetworkSvc - ok
00:49:34.0176 6804 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
00:49:34.0178 6804 WPCSvc - ok
00:49:34.0187 6804 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
00:49:34.0189 6804 WPDBusEnum - ok
00:49:34.0201 6804 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
00:49:34.0203 6804 ws2ifsl - ok
00:49:34.0252 6804 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
00:49:34.0254 6804 wscsvc - ok
00:49:34.0257 6804 WSearch - ok
00:49:34.0313 6804 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
00:49:34.0333 6804 wuauserv - ok
00:49:34.0353 6804 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
00:49:34.0355 6804 WudfPf - ok
00:49:34.0370 6804 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
00:49:34.0372 6804 WUDFRd - ok
00:49:34.0402 6804 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
00:49:34.0405 6804 wudfsvc - ok
00:49:34.0423 6804 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
00:49:34.0426 6804 WwanSvc - ok
00:49:34.0476 6804 [ 2EE48CFCE7CA8E0DB4C44C7476C0943B ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys
00:49:34.0477 6804 xusb21 - ok
00:49:34.0500 6804 ================ Scan global ===============================
00:49:34.0518 6804 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
00:49:34.0545 6804 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
00:49:34.0552 6804 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
00:49:34.0568 6804 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
00:49:34.0592 6804 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
00:49:34.0596 6804 [Global] - ok
00:49:34.0596 6804 ================ Scan MBR ==================================
00:49:34.0599 6804 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
00:49:34.0790 6804 \Device\Harddisk0\DR0 - ok
00:49:34.0795 6804 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
00:49:35.0003 6804 \Device\Harddisk1\DR1 - ok
00:49:35.0006 6804 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
00:49:35.0019 6804 \Device\Harddisk2\DR2 - ok
00:49:35.0020 6804 ================ Scan VBR ==================================
00:49:35.0022 6804 [ C3A848D9A430285570D32BC73115C833 ] \Device\Harddisk0\DR0\Partition1
00:49:35.0023 6804 \Device\Harddisk0\DR0\Partition1 - ok
00:49:35.0025 6804 [ F8FE796F0C12BD6BD0FFAE423865B6E7 ] \Device\Harddisk0\DR0\Partition2
00:49:35.0026 6804 \Device\Harddisk0\DR0\Partition2 - ok
00:49:35.0029 6804 [ 9EACBDC656511B738337CB0BB1B6FC83 ] \Device\Harddisk0\DR0\Partition3
00:49:35.0030 6804 \Device\Harddisk0\DR0\Partition3 - ok
00:49:35.0033 6804 [ 36BE410BFA81F1ED6A2EBC2FC707828B ] \Device\Harddisk1\DR1\Partition1
00:49:35.0034 6804 \Device\Harddisk1\DR1\Partition1 - ok
00:49:35.0036 6804 [ 6FC7EA12DE930841FECD134B242F9671 ] \Device\Harddisk2\DR2\Partition1
00:49:35.0038 6804 \Device\Harddisk2\DR2\Partition1 - ok
00:49:35.0038 6804 ============================================================
00:49:35.0038 6804 Scan finished
00:49:35.0038 6804 ============================================================
00:49:35.0045 15556 Detected object count: 0
00:49:35.0045 15556 Actual detected object count: 0

#4 Incredulous

Incredulous
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:03:22 PM

Posted 24 October 2012 - 02:26 AM

Here is the second log, this one took a while.

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-10-24 01:08:57
-----------------------------
01:08:57.296 OS Version: Windows x64 6.1.7601 Service Pack 1
01:08:57.296 Number of processors: 6 586 0xA00
01:08:57.297 ComputerName: INCREDULOUS-PC UserName: Incredulous
01:08:58.993 Initialize success
01:09:07.122 AVAST engine defs: 12102302
01:09:11.324 Disk 0 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-2
01:09:11.326 Disk 0 Vendor: WDC_WD1001FAES-55W7A0 05.01D05 Size: 953869MB BusType: 3
01:09:11.328 Disk 1 (boot) \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP2T1L0-4
01:09:11.330 Disk 1 Vendor: WDC_WD1002FAEX-00Z3A0 05.01D05 Size: 953869MB BusType: 3
01:09:11.332 Disk 2 \Device\Harddisk2\DR2 -> \Device\Ide\IdeDeviceP4T0L0-5
01:09:11.334 Disk 2 Vendor: INTEL_SSDSA2CW120G3 4PC10362 Size: 114473MB BusType: 3
01:09:11.360 Disk 1 MBR read successfully
01:09:11.363 Disk 1 MBR scan
01:09:11.412 Disk 1 Windows 7 default MBR code
01:09:11.425 Disk 1 Partition 1 80 (A) 07 HPFS/NTFS NTFS 953867 MB offset 2048
01:09:11.480 Disk 1 scanning C:\Windows\system32\drivers
01:09:23.419 Service scanning
01:09:45.924 Modules scanning
01:09:46.258 Disk 1 trace - called modules:
01:09:46.276 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
01:09:46.282 1 nt!IofCallDriver -> \Device\Harddisk1\DR1[0xfffffa8008137060]
01:09:46.286 3 CLASSPNP.SYS[fffff8800196843f] -> nt!IofCallDriver -> [0xfffffa8007e379b0]
01:09:46.290 5 ACPI.sys[fffff88000f0f7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T1L0-4[0xfffffa8007e6a060]
01:09:48.168 AVAST engine scan C:\Windows
01:09:51.409 AVAST engine scan C:\Windows\system32
01:12:54.766 AVAST engine scan C:\Windows\system32\drivers
01:13:13.807 AVAST engine scan C:\Users\Incredulous
01:45:48.335 AVAST engine scan C:\ProgramData
01:51:40.973 Scan finished successfully
02:30:09.518 Disk 1 MBR has been saved successfully to "C:\Users\Incredulous\Downloads\MBR.dat"
02:30:09.568 The log file has been saved successfully to "C:\Users\Incredulous\Downloads\aswMBR.txt"

#5 Incredulous

Incredulous
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:03:22 PM

Posted 24 October 2012 - 11:28 AM

I let this last scan run over the night because it was taking forever. Here is the log.

C:\Users\Incredulous\AppData\Local\Temp\is349140818\IWantThis_IC_V3_US.exe Win32/Toolbar.CrossRider application cleaned by deleting - quarantined
C:\Users\Incredulous\AppData\Local\Temp\is349140818\MyBabylonTB.exe Win32/Toolbar.Babylon application cleaned by deleting - quarantined
C:\Users\Incredulous\Downloads\hamachi setup.exe a variant of Win32/Soft32Downloader.B application cleaned by deleting - quarantined
C:\Users\Incredulous\Downloads\installer_adobe_dreamweaver_cs3.exe multiple threats cleaned by deleting - quarantined
C:\Users\Incredulous\Downloads\installer_easy_slider_script_English (1).exe Win32/Toolbar.Babylon application cleaned by deleting - quarantined
C:\Users\Incredulous\Downloads\installer_easy_slider_script_English.exe Win32/Toolbar.Babylon application cleaned by deleting - quarantined
C:\Users\Incredulous\Downloads\WECPSetup.exe a variant of Win32/InstallCore.H application deleted - quarantined
J:\BACKUP13112\Downloads\SoftonicDownloader_for_league-of-legends.exe a variant of Win32/SoftonicDownloader.A application cleaned by deleting - quarantined
J:\BACKUP13112\Downloads\Adobe_Dreamweaver_CS5\Adobe Dreamweaver CS5.exe Win32/TrojanDownloader.Agent.QKC trojan cleaned by deleting - quarantined

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:22 PM

Posted 24 October 2012 - 03:17 PM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.

#7 Incredulous

Incredulous
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:03:22 PM

Posted 24 October 2012 - 07:22 PM

First 2 logs

Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Database version: v2012.10.24.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Incredulous :: INCREDULOUS-PC [administrator]

10/24/2012 4:37:57 PM
mbam-log-2012-10-24 (20-11-16).txt

Scan type: Full scan (C:\|D:\|E:\|F:\|J:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 969884
Time elapsed: 1 hour(s), 38 minute(s), 30 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 7
J:\BACKUP13112\DESKTOP\d2loader_v1.10\Diablo II.exe (Trojan.Meredrop) -> No action taken.
J:\BACKUP13112\Documents\keygen\CORE10k.EXE (Dont.Steal.Our.Software) -> No action taken.
J:\BACKUP13112\Documents\keygen\keygen.exe (Trojan.Agent.CK) -> No action taken.
J:\BACKUP13112\Downloads\Google.Sketchup.Pro.v8.0.3117.Incl.Keygen-MESMERiZE\keygen.exe (RiskWare.Tool.CK) -> No action taken.
J:\BACKUP13112\Downloads\NewLoader\NewLoader.exe (Trojan.Meredrop) -> No action taken.
J:\BACKUP13112\Rich's Documents\Diablo II - Copy\NewLoader.exe (Trojan.Meredrop) -> No action taken.
J:\Programs\3dsmax2012\Crack\xf-a2012-64bits\xf-adesk2012x64.exe (Trojan.Agent.ck) -> No action taken.

(end)

-------------------------------------------------------------------------------------------------------------------------------

fuMiniToolBox by Farbar Version: 23-07-2012
Ran by Incredulous (administrator) on 24-10-2012 at 20:13:52
Microsoft Windows 7 Professional Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1 hl2rcv.adobe.com
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 adobe.activate.com
127.0.0.1 adobeereg.com
127.0.0.1 www.adobeereg.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 125.252.224.90

There are 1 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================

Broadcom NetLink ™ Gigabit Ethernet = Local Area Connection 4 (Connected)
Hamachi Network Interface = Hamachi (Connected)
Broadcom NetLink ™ Gigabit Ethernet = Local Area Connection 3 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
add route prefix=0.0.0.0/0 interface="Hamachi" nexthop=5.0.0.1 publish=Yes
set interface interface="Hamachi" forwarding=disabled advertise=disabled metric=9000 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Incredulous-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : home

Ethernet adapter Local Area Connection 4:

Connection-specific DNS Suffix . : home
Description . . . . . . . . . . . : Broadcom NetLink ™ Gigabit Ethernet #2
Physical Address. . . . . . . . . : BC-5F-F4-1A-73-CE
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::7d77:ce0d:403f:d543%16(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.10(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Sunday, October 14, 2012 3:09:02 PM
Lease Expires . . . . . . . . . . : Thursday, October 25, 2012 3:09:02 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 381444084
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-BA-65-B5-6C-F0-49-ED-80-7C
DNS Servers . . . . . . . . . . . : 192.168.1.1
184.16.4.22
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection 3:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom NetLink ™ Gigabit Ethernet
Physical Address. . . . . . . . . : BC-5F-F4-1A-73-CC
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Hamachi:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Hamachi Network Interface
Physical Address. . . . . . . . . : 7A-79-05-E8-F8-39
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2620:9b::5e8:f839(Preferred)
Link-local IPv6 Address . . . . . : fe80::5c8a:a218:7ae1:5079%18(Preferred)
IPv4 Address. . . . . . . . . . . : 5.232.248.57(Preferred)
Subnet Mask . . . . . . . . . . . : 255.0.0.0
Lease Obtained. . . . . . . . . . : Sunday, October 14, 2012 3:09:02 PM
Lease Expires . . . . . . . . . . : Monday, October 14, 2013 3:10:55 PM
Default Gateway . . . . . . . . . : 5.0.0.1
DHCP Server . . . . . . . . . . . : 5.0.0.1
DHCPv6 IAID . . . . . . . . . . . : 544897495
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-BA-65-B5-6C-F0-49-ED-80-7C
DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
fec0:0:0:ffff::3%1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.home:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{34A0085F-18B9-4C45-BF51-6D9366BABCA8}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{EC610C9B-64FE-4AB1-B84A-D0CA38C7349A}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: Wireless_Broadband_Router.home
Address: 192.168.1.1

Name: google.com
Addresses: 2607:f8b0:4004:801::1007
74.125.228.33
74.125.228.34
74.125.228.35
74.125.228.36
74.125.228.37
74.125.228.38
74.125.228.39
74.125.228.40
74.125.228.41
74.125.228.46
74.125.228.32


Pinging google.com [74.125.228.34] with 32 bytes of data:
Reply from 74.125.228.34: bytes=32 time=26ms TTL=56
Reply from 74.125.228.34: bytes=32 time=26ms TTL=56

Ping statistics for 74.125.228.34:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 26ms, Maximum = 26ms, Average = 26ms
Server: Wireless_Broadband_Router.home
Address: 192.168.1.1

Name: yahoo.com
Addresses: 72.30.38.140
98.138.253.109
98.139.183.24


Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=28ms TTL=52
Reply from 98.138.253.109: bytes=32 time=27ms TTL=52

Ping statistics for 98.138.253.109:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 27ms, Maximum = 28ms, Average = 27ms
Server: Wireless_Broadband_Router.home
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
16...bc 5f f4 1a 73 ce ......Broadcom NetLink ™ Gigabit Ethernet #2
15...bc 5f f4 1a 73 cc ......Broadcom NetLink ™ Gigabit Ethernet
18...7a 79 05 e8 f8 39 ......Hamachi Network Interface
1...........................Software Loopback Interface 1
11...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
13...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
14...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 5.0.0.1 5.232.248.57 9256
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.10 20
5.0.0.0 255.0.0.0 On-link 5.232.248.57 9256
5.232.248.57 255.255.255.255 On-link 5.232.248.57 9256
5.255.255.255 255.255.255.255 On-link 5.232.248.57 9256
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
169.254.0.0 255.255.0.0 On-link 192.168.1.10 30
169.254.255.255 255.255.255.255 On-link 192.168.1.10 276
192.168.1.0 255.255.255.0 On-link 192.168.1.10 276
192.168.1.10 255.255.255.255 On-link 192.168.1.10 276
192.168.1.255 255.255.255.255 On-link 192.168.1.10 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.10 276
224.0.0.0 240.0.0.0 On-link 5.232.248.57 9256
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.10 276
255.255.255.255 255.255.255.255 On-link 5.232.248.57 9256
===========================================================================
Persistent Routes:
Network Address Netmask Gateway Address Metric
0.0.0.0 0.0.0.0 5.0.0.1 Default
===========================================================================

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
18 276 2620:9b::/96 On-link
18 276 2620:9b::5e8:f839/128 On-link
16 276 fe80::/64 On-link
18 276 fe80::/64 On-link
18 276 fe80::5c8a:a218:7ae1:5079/128
On-link
16 276 fe80::7d77:ce0d:403f:d543/128
On-link
1 306 ff00::/8 On-link
16 276 ff00::/8 On-link
18 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
If Metric Network Destination Gateway
0 4294967295 2620:9b::/96 On-link
===========================================================================
========================= Winsock entries =====================================

Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [94208] (Apple Computer, Inc.)
Catalog9 01 mswsock.dll [File Not found] ()
Catalog9 02 mswsock.dll [File Not found] ()
Catalog9 03 mswsock.dll [File Not found] ()
Catalog9 04 mswsock.dll [File Not found] ()
Catalog9 05 mswsock.dll [File Not found] ()
Catalog9 06 mswsock.dll [File Not found] ()
Catalog9 07 mswsock.dll [File Not found] ()
Catalog9 08 mswsock.dll [File Not found] ()
Catalog9 09 mswsock.dll [File Not found] ()
Catalog9 10 mswsock.dll [File Not found] ()
x64-Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 mswsock.dll [File Not found] ()
x64-Catalog9 02 mswsock.dll [File Not found] ()
x64-Catalog9 03 mswsock.dll [File Not found] ()
x64-Catalog9 04 mswsock.dll [File Not found] ()
x64-Catalog9 05 mswsock.dll [File Not found] ()
x64-Catalog9 06 mswsock.dll [File Not found] ()
x64-Catalog9 07 mswsock.dll [File Not found] ()
x64-Catalog9 08 mswsock.dll [File Not found] ()
x64-Catalog9 09 mswsock.dll [File Not found] ()
x64-Catalog9 10 mswsock.dll [File Not found] ()

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/24/2012 11:10:30 AM) (Source: System Restore) (User: )
Description: Failed to create restore point (Process = c:\Program Files\Microsoft Security Client\MsMpEng.exe Files\Microsoft Security Client\MsMpEng.exe"; Description = Microsoft Antimalware Checkpoint; Error = 0x80042302).

Error: (10/24/2012 11:10:30 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x80080005, Server execution failed
.

Error: (10/24/2012 11:10:30 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {0b5a2c52-3eb9-470a-96e2-6c6d4570e40f} and name Coordinator cannot be started.
Most likely the CPU is under heavy load. [0x80080005, Server execution failed
]

Error: (10/24/2012 11:03:43 AM) (Source: System Restore) (User: )
Description: Failed to create restore point (Process = c:\Program Files\Microsoft Security Client\MsMpEng.exe Files\Microsoft Security Client\MsMpEng.exe"; Description = Microsoft Antimalware Checkpoint; Error = 0x80042302).

Error: (10/24/2012 11:03:43 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x80080005, Server execution failed
.

Error: (10/24/2012 11:03:43 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {0b5a2c52-3eb9-470a-96e2-6c6d4570e40f} and name Coordinator cannot be started.
Most likely the CPU is under heavy load. [0x80080005, Server execution failed
]

Error: (10/24/2012 08:53:27 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x80080005, Server execution failed
.


Operation:
Instantiating VSS server

Error: (10/24/2012 08:53:27 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {e579ab5f-1cc4-44b4-bed9-de0991ff0623} and name IVssCoordinatorEx2 cannot be started.
Most likely the CPU is under heavy load. [0x80080005, Server execution failed
]


Operation:
Instantiating VSS server

Error: (10/24/2012 08:46:46 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x80080005, Server execution failed
.


Operation:
Instantiating VSS server

Error: (10/24/2012 08:46:46 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {e579ab5f-1cc4-44b4-bed9-de0991ff0623} and name IVssCoordinatorEx2 cannot be started.
Most likely the CPU is under heavy load. [0x80080005, Server execution failed
]


Operation:
Instantiating VSS server


System errors:
=============
Error: (10/24/2012 05:32:42 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk7\DR16.

Error: (10/24/2012 05:32:40 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk7\DR16.

Error: (10/24/2012 08:33:47 AM) (Source: DCOM) (User: )
Description: {E579AB5F-1CC4-44B4-BED9-DE0991FF0623}

Error: (10/24/2012 01:30:49 AM) (Source: DCOM) (User: )
Description: {0B5A2C52-3EB9-470A-96E2-6C6D4570E40F}

Error: (10/23/2012 11:24:53 PM) (Source: Service Control Manager) (User: )
Description: The BFE service terminated with the following error:
%%5

Error: (10/23/2012 11:24:53 PM) (Source: Service Control Manager) (User: )
Description: The Windows Firewall service depends on the BFE service which failed to start because of the following error:
%%5

Error: (10/23/2012 11:20:46 PM) (Source: Service Control Manager) (User: )
Description: The Windows Firewall service depends on the BFE service which failed to start because of the following error:
%%5

Error: (10/23/2012 11:20:46 PM) (Source: Service Control Manager) (User: )
Description: The BFE service terminated with the following error:
%%5

Error: (10/23/2012 11:08:10 PM) (Source: Service Control Manager) (User: )
Description: The BFE service terminated with the following error:
%%5

Error: (10/23/2012 11:08:10 PM) (Source: Service Control Manager) (User: )
Description: The Windows Firewall service depends on the BFE service which failed to start because of the following error:
%%5


Microsoft Office Sessions:
=========================
Error: (10/24/2012 11:10:30 AM) (Source: System Restore)(User: )
Description: c:\Program Files\Microsoft Security Client\MsMpEng.exe Files\Microsoft Security Client\MsMpEng.exe"Microsoft Antimalware Checkpoint0x80042302

Error: (10/24/2012 11:10:30 AM) (Source: VSS)(User: )
Description: CoCreateInstance0x80080005, Server execution failed

Error: (10/24/2012 11:10:30 AM) (Source: VSS)(User: )
Description: {0b5a2c52-3eb9-470a-96e2-6c6d4570e40f}Coordinator0x80080005, Server execution failed

Error: (10/24/2012 11:03:43 AM) (Source: System Restore)(User: )
Description: c:\Program Files\Microsoft Security Client\MsMpEng.exe Files\Microsoft Security Client\MsMpEng.exe"Microsoft Antimalware Checkpoint0x80042302

Error: (10/24/2012 11:03:43 AM) (Source: VSS)(User: )
Description: CoCreateInstance0x80080005, Server execution failed

Error: (10/24/2012 11:03:43 AM) (Source: VSS)(User: )
Description: {0b5a2c52-3eb9-470a-96e2-6c6d4570e40f}Coordinator0x80080005, Server execution failed

Error: (10/24/2012 08:53:27 AM) (Source: VSS)(User: )
Description: CoCreateInstance0x80080005, Server execution failed


Operation:
Instantiating VSS server

Error: (10/24/2012 08:53:27 AM) (Source: VSS)(User: )
Description: {e579ab5f-1cc4-44b4-bed9-de0991ff0623}IVssCoordinatorEx20x80080005, Server execution failed


Operation:
Instantiating VSS server

Error: (10/24/2012 08:46:46 AM) (Source: VSS)(User: )
Description: CoCreateInstance0x80080005, Server execution failed


Operation:
Instantiating VSS server

Error: (10/24/2012 08:46:46 AM) (Source: VSS)(User: )
Description: {e579ab5f-1cc4-44b4-bed9-de0991ff0623}IVssCoordinatorEx20x80080005, Server execution failed


Operation:
Instantiating VSS server


=========================== Installed Programs ============================

µTorrent (Version: 3.2.0)
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
Acrobat.com (Version: 0.0.0)
Acrobat.com (Version: 1.1.377)
Adobe Acrobat 9 Pro - English, Français, Deutsch (Version: 9.0.0)
Adobe After Effects CS4 (Version: 9)
Adobe After Effects CS4 Presets (Version: 9)
Adobe After Effects CS4 Third Party Content (Version: 9)
Adobe AIR (Version: 1.1.0.5790)
Adobe Anchor Service CS3 (Version: 1.0)
Adobe Anchor Service CS4 (Version: 2.0)
Adobe Anchor Service x64 CS4 (Version: 2.0)
Adobe Asset Services CS3 (Version: 3)
Adobe Bridge CS3 (Version: 2)
Adobe Bridge CS4 (Version: 3)
Adobe Bridge Start Meeting (Version: 1.0)
Adobe Camera Raw 4.0 (Version: 4.0)
Adobe CMaps CS4 (Version: 2.0)
Adobe CMaps x64 CS4 (Version: 2.0)
Adobe Color - Photoshop Specific CS4 (Version: 2.0)
Adobe Color EU Recommended Settings CS4 (Version: 2.0)
Adobe Color JA Extra Settings CS4 (Version: 2.0)
Adobe Color NA Extra Settings CS4 (Version: 2.0)
Adobe Color Video Profiles AE CS4 (Version: 2.0)
Adobe Color Video Profiles CS CS4 (Version: 2.0)
Adobe Contribute CS4 (Version: 5.0)
Adobe Creative Suite 4 Master Collection (Version: 4.0)
Adobe CS4 American English Speech Analysis Models (Version: 1)
Adobe CSI CS4 (Version: 1)
Adobe CSI CS4 x64 (Version: 1)
Adobe Default Language CS4 (Version: 2.0)
Adobe Device Central CS3 (Version: 1.0)
Adobe Device Central CS4 (Version: 2)
Adobe Dreamweaver CS3 (Version: 9)
Adobe Dreamweaver CS3 (Version: 9.0)
Adobe Dreamweaver CS4 (Version: 10.0)
Adobe Drive CS4 (Version: 1)
Adobe Drive CS4 x64 (Version: 1)
Adobe Dynamiclink Support (Version: 1)
Adobe Encore CS4 (Version: 4)
Adobe Encore CS4 Codecs (Version: 4)
Adobe ExtendScript Toolkit 2 (Version: 2.0)
Adobe ExtendScript Toolkit CS4 (Version: 3.0.0)
Adobe Extension Manager CS3 (Version: 1.8)
Adobe Extension Manager CS4 (Version: 2.0)
Adobe Fireworks CS4 (Version: 10.0)
Adobe Flash CS4 (Version: 10.0)
Adobe Flash CS4 Extension - Flash Lite STI en (Version: 3.0)
Adobe Flash CS4 STI-en (Version: 10.0)
Adobe Flash Player 11 ActiveX (Version: 11.4.402.287)
Adobe Flash Player 11 Plugin (Version: 11.4.402.287)
Adobe Fonts All (Version: 2.0)
Adobe Fonts All x64 (Version: 2.0)
Adobe Help Viewer CS3 (Version: 1)
Adobe Illustrator CS4 (Version: 14.0)
Adobe InDesign CS4 (Version: 6.0)
Adobe InDesign CS4 Application Feature Set Files (Roman) (Version: 6.0)
Adobe InDesign CS4 Common Base Files (Version: 6.0)
Adobe InDesign CS4 Icon Handler (Version: 6.0)
Adobe InDesign CS4 Icon Handler x64 (Version: 6.0)
Adobe Linguistics CS4 (Version: 4.0.0)
Adobe Linguistics CS4 x64 (Version: 4.0.0)
Adobe Media Encoder CS4 (Version: 1.0)
Adobe Media Encoder CS4 Additional Exporter (Version: 1.0)
Adobe Media Encoder CS4 Dolby (Version: 1.0)
Adobe Media Encoder CS4 Exporter (Version: 1.0)
Adobe Media Encoder CS4 Importer (Version: 1.0)
Adobe Media Player (Version: 0.0.0)
Adobe Media Player (Version: 1.1)
Adobe MotionPicture Color Files CS4 (Version: 2.0)
Adobe OnLocation CS4 (Version: 4)
Adobe Output Module (Version: 2.0)
Adobe PDF Library Files CS4 (Version: 9.0)
Adobe PDF Library Files x64 CS4 (Version: 9.0)
Adobe Photoshop CS4 (64 Bit) (Version: 11.0)
Adobe Photoshop CS4 (Version: 11.0)
Adobe Photoshop CS4 Support (Version: 11.0)
Adobe Premiere Pro CS4 (Version: 4)
Adobe Premiere Pro CS4 Functional Content (Version: 4)
Adobe Premiere Pro CS4 Third Party Content (Version: 4)
Adobe Reader 9 (Version: 9.0.0)
Adobe Search for Help (Version: 1.0)
Adobe Service Manager Extension (Version: 1.0)
Adobe Setup (Version: 1.0)
Adobe Setup (Version: 2.0)
Adobe SGM CS4 (Version: 3.0)
Adobe SING CS4 (Version: 2.0)
Adobe Soundbooth CS4 (Version: 2)
Adobe Soundbooth CS4 Codecs (Version: 2)
Adobe Type Support CS4 (Version: 9.0)
Adobe Type Support x64 CS4 (Version: 9.0)
Adobe Update Manager CS3 (Version: 5.1.0)
Adobe Update Manager CS4 (Version: 6.0.0)
Adobe Version Cue CS3 Client (Version: 3)
Adobe WinSoft Linguistics Plugin (Version: 1.1)
Adobe WinSoft Linguistics Plugin x64 (Version: 1.1)
Adobe XMP Panels CS4 (Version: 2.0)
AdobeColorCommonSetCMYK (Version: 2.0)
AdobeColorCommonSetRGB (Version: 2.0)
AMD Accelerated Video Transcoding (Version: 2.00.0002)
AMD APP SDK Runtime (Version: 10.0.938.1)
AMD Catalyst Install Manager (Version: 8.0.881.0)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Fuel (Version: 2012.0522.2128.36590)
AMD Media Foundation Decoders (Version: 1.0.70522.2212)
AMD USB Filter Driver (Version: 1.0.14.91)
AMD VISION Engine Control Center (Version: 2012.0522.2128.36590)
Amnesia: The Dark Descent
Android SDK Tools (Version: 1.16)
Anno 2070
Application Profiles (Version: 2.0.4532.34673)
ARMA 2
ARMA 2: Operation Arrowhead
ASRock App Charger v1.0.4
Audacity 2.0.2 (Version: 2.0.2)
Autodesk 3ds Max 2012 64-bit - English (Version: 14.0)
Autodesk Backburner 2012.0.0 (Version: 2012.0.0)
Autodesk FBX Plug-in 2012.0 - 3ds Max 2012 64-bit
Autodesk Material Library 2012 (Version: 2.5.0.8)
Autodesk Material Library Base Resolution Image Library 2012 (Version: 2.5.0.8)
Autodesk Material Library Medium Resolution Image Library 2012 (Version: 2.5.0.8)
Baldur's Gate & Tales of the Sword Coast
Baldur's Gate™ II - Throne of Bhaal ™
Bastion
BattlEye for OA Uninstall
BattlEye Uninstall
BIT.TRIP RUNNER
Blacklight: Retribution
Blockscape Phase 1 (beta)
Bloodline Champions
Braid
Broadcom NetLink Controller (Version: 14.8.5.1)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (Version: 2012.0522.2128.36590)
Catalyst Control Center InstallProxy (Version: 2012.0522.2128.36590)
Catalyst Control Center Localization All (Version: 2012.0522.2128.36590)
ccc-utility64 (Version: 2012.0522.2128.36590)
CCC Help Chinese Standard (Version: 2012.0522.2127.36590)
CCC Help Chinese Traditional (Version: 2012.0522.2127.36590)
CCC Help Czech (Version: 2012.0522.2127.36590)
CCC Help Danish (Version: 2012.0522.2127.36590)
CCC Help Dutch (Version: 2012.0522.2127.36590)
CCC Help English (Version: 2012.0522.2127.36590)
CCC Help Finnish (Version: 2012.0522.2127.36590)
CCC Help French (Version: 2012.0522.2127.36590)
CCC Help German (Version: 2012.0522.2127.36590)
CCC Help Greek (Version: 2012.0522.2127.36590)
CCC Help Hungarian (Version: 2012.0522.2127.36590)
CCC Help Italian (Version: 2012.0522.2127.36590)
CCC Help Japanese (Version: 2012.0522.2127.36590)
CCC Help Korean (Version: 2012.0522.2127.36590)
CCC Help Norwegian (Version: 2012.0522.2127.36590)
CCC Help Polish (Version: 2012.0522.2127.36590)
CCC Help Portuguese (Version: 2012.0522.2127.36590)
CCC Help Russian (Version: 2012.0522.2127.36590)
CCC Help Spanish (Version: 2012.0522.2127.36590)
CCC Help Swedish (Version: 2012.0522.2127.36590)
CCC Help Thai (Version: 2012.0522.2127.36590)
CCC Help Turkish (Version: 2012.0522.2127.36590)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Composite 2012 64-bit (Version: 7.0.0)
Connect (Version: 1.0.0.1)
CyberLink MediaEspresso (Version: 6.5.1611_37043)
DAEMON Tools Lite (Version: 4.45.4.0315)
Deus Ex: Human Revolution
Diablo III (Version: 1.0.5.12480)
DIRECTV Player (Version: 4.00)
DivX Setup (Version: 2.6.1.8)
Dota 2
Dropbox (Version: 1.4.17)
Dustforce
ESET Online Scanner v3
Etron USB3.0 Host Controller (Version: 0.96)
F-Stream Tuning v0.1.73.8
FileZilla Client 3.5.3 (Version: 3.5.3)
GameMaker: Studio
Google Chrome (Version: 22.0.1229.94)
Gratuitous Space Battles
Guild Wars
Guild Wars 2
HP Photosmart 5510 series Basic Device Software (Version: 25.0.621.0)
InstantBoot
Jamestown
Java 7 Update 7 (Version: 7.0.70)
Java Auto Updater (Version: 2.1.9.0)
Java™ 7 Update 5 (64-bit) (Version: 7.0.50)
JavaFX 2.1.1 (Version: 2.1.1)
Just Cause 2
kuler (Version: 2.0)
LAME v3.99.3 (for Windows)
League of Legends (Version: 1.3)
LIMBO
LogMeIn Hamachi (Version: 2.1.0.215)
LOLReplay (Version: 0.7.9.44)
Lone Survivor
Magicka
Malwarebytes Anti-Malware version 1.65.1.1000 (Version: 1.65.1.1000)
Metro 2033
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Office Word Viewer 2003 (Version: 11.0.8173.0)
Microsoft PowerPoint Viewer (Version: 14.0.6029.1000)
Microsoft Security Client (Version: 4.0.1526.0)
Microsoft Security Essentials (Version: 4.0.1526.0)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (Version: 9.0.30411)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Xbox 360 Accessories 1.2 (Version: 1.20.146.0)
Microsoft XNA Framework Redistributable 3.1 (Version: 3.1.10527.0)
Microsoft XNA Framework Redistributable 4.0 (Version: 4.0.20823.0)
Mozilla Firefox 16.0.1 (x86 en-US) (Version: 16.0.1)
Mozilla Maintenance Service (Version: 16.0.1)
Mumble 1.2.3 (Version: 1.2.3)
Norton Security Scan (Version: 3.7.4.10)
Notepad++ (Version: 6.1.2)
NVIDIA PhysX (Version: 9.10.0513)
OpenAL
OpenOffice.org 3.4 (Version: 3.4.9590)
Pando Media Booster (Version: 2.6.0.2)
Path of Exile (Version: 0.9.12.19198)
PDF Settings CS4 (Version: 9.0)
Photoshop Camera Raw (Version: 5.0)
Photoshop Camera Raw_x64 (Version: 5.0)
Picasa 3 (Version: 3.8)
Pixel Bender Toolkit (Version: 1.0)
Psychonauts
PunkBuster Services (Version: 0.992)
Razer Mamba (Version: 2.01.05)
Razer Synapse 2.0 (Version: 1.5.18)
Realtek High Definition Audio Driver (Version: 6.0.1.6378)
Rochard
Shatter
Sins of a Solar Empire: Rebellion
Sins of a Solar Empire: Trinity
Six Updater (Version: 2.09.7006)
SketchUp 8 (Version: 3.0.15158)
Skype Click to Call (Version: 6.2.10687)
Skype™ 5.10 (Version: 5.10.116)
SmartView for IE (Version: 1.0.4.1)
Source SDK Base 2007
Space Pirates and Zombies
Spotify (Version: 0.8.4.124.ga3559d86)
Star Wars: The Old Republic (Version: 1.00)
StarCraft II (Version: 1.5.3.23260)
Steam (Version: 1.0.0.0)
Stellar Impact
Suite Shared Configuration CS4 (Version: 1.0)
Super Meat Boy
Super Meat Boy Editor
Superbrothers: Sword & Sworcery EP
Team Fortress 2
Terraria
THX TruStudio (Version: 1.00.01)
Torchlight Editor
Torchlight II
Torchlight II Demo
Ubisoft Game Launcher (Version: 1.0.0.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
uTorrentControl2 Toolbar (Version: 6.8.9.0)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
Ventrilo Server (Version: 3.0.3)
Vessel
VLC media player 2.0.3 (Version: 2.0.3)
Windows Essentials Media Codec Pack 4.0 [64-Bit] (Version: 4.0)
Windows XP Mode (Version: 1.3.7600.16423)
Wizorb
XFast LAN v6.61 (Version: 6.61)
XFast USB

========================= Memory info: ===================================

Percentage of memory in use: 67%
Total physical RAM: 8187.63 MB
Available physical RAM: 2647 MB
Total Pagefile: 16373.44 MB
Available Pagefile: 10216.68 MB
Total Virtual: 4095.88 MB
Available Virtual: 3961.8 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:931.51 GB) (Free:693.56 GB) NTFS
2 Drive d: (Primary) (Fixed) (Total:48.83 GB) (Free:1.8 GB) NTFS
3 Drive e: (SSD_Incredulous) (Fixed) (Total:111.79 GB) (Free:65.66 GB) NTFS
4 Drive f: (Locked) (Fixed) (Total:9.77 GB) (Free:9.22 GB) NTFS
8 Drive j: (Storage) (Fixed) (Total:872.92 GB) (Free:71.84 GB) NTFS
11 Drive m: (CS4 Master Collection Disc 3) (CDROM) (Total:3.24 GB) (Free:0 GB) UDF
13 Drive o: (Lexar) (Removable) (Total:14.92 GB) (Free:13.81 GB) FAT32

========================= Users: ========================================

User accounts for \\INCREDULOUS-PC

Administrator Guest Incredulous

========================= Restore Points ==================================


**** End of log ****

#8 Incredulous

Incredulous
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:03:22 PM

Posted 24 October 2012 - 07:38 PM

Log 3 and 4
----------------------

# AdwCleaner v2.005 - Logfile created 10/24/2012 at 20:33:52
# Updated 14/10/2012 by Xplode
# Operating system : Windows 7 Professional Service Pack 1 (64 bits)
# User : Incredulous - INCREDULOUS-PC
# Boot Mode : Normal
# Running from : C:\Users\Incredulous\Downloads\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

Folder Found : C:\Program Files (x86)\splashtop
Folder Found : C:\Program Files (x86)\uTorrentControl2
Folder Found : C:\ProgramData\boost_interprocess
Folder Found : C:\ProgramData\splashtop
Folder Found : C:\Users\Incredulous\AppData\LocalLow\uTorrentControl2

***** [Registry] *****

Key Found : HKCU\Software\AppDataLow\Software\uTorrentControl2
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3072253
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D4AAF2A6-F6D1-49A5-BA1A-B20735DF1955}
Key Found : HKLM\Software\uTorrentControl2
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D4AAF2A6-F6D1-49A5-BA1A-B20735DF1955}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F33581E1-195B-4EFA-BD9C-A3DD806AF6F7}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FAB1C561-B8E2-4002-A2E6-96BFDEE7BF11}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentControl2 Toolbar
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Found : HKU\S-1-5-21-4115105419-1998430418-1097447649-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v16.0.1 (en-US)

Profile name : default
File : C:\Users\Incredulous\AppData\Roaming\Mozilla\Firefox\Profiles\5vcr74r9.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v22.0.1229.94

File : C:\Users\Incredulous\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [4696 octets] - [23/10/2012 23:21:27]
AdwCleaner[R2].txt - [4756 octets] - [24/10/2012 20:23:18]
AdwCleaner[R3].txt - [2941 octets] - [24/10/2012 20:33:52]

########## EOF - C:\AdwCleaner[R3].txt - [3001 octets] ##########

------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

Junkware Removal Tool (JRT) by Thisisu
Version: 1.2.5 (10.23.2012)
OS: Windows 7 Professional x64
Ran by Incredulous on Wed 10/24/2012 at 20:23:54.60
Blog: http://thisisudax.blogspot.com
**************************************************************




*** Services: 0 Detections



*** Registry Values:

Successfully deleted: [VALUE] hkey_current_user\software\microsoft\internet explorer\toolbar\webbrowser\\{687578b9-7132-4a7a-80e4-30ee31099e03}
Successfully deleted: [VALUE] hkey_local_machine\software\microsoft\internet explorer\toolbar\\{687578b9-7132-4a7a-80e4-30ee31099e03}
Successfully deleted: [VALUE] hkey_current_user\software\microsoft\internet explorer\urlsearchhooks\\{687578b9-7132-4a7a-80e4-30ee31099e03}
Successfully deleted: [VALUE] hkey_local_machine\software\microsoft\internet explorer\urlsearchhooks\\{687578b9-7132-4a7a-80e4-30ee31099e03}



*** Registry Keys:

Successfully deleted: [KEY] "hkey_current_user\software\appdatalow\software\conduit"
Successfully deleted: [KEY] "hkey_current_user\software\appdatalow\software\smartbar"
Successfully deleted: [KEY] "hkey_current_user\software\appdatalow\toolbar"
Successfully deleted: [KEY] "hkey_local_machine\software\conduit"
Successfully deleted: [KEY] hkey_classes_root\clsid\{3c471948-f874-49f5-b338-4f214a2ee0b1}
Successfully deleted: [KEY] hkey_classes_root\clsid\{687578b9-7132-4a7a-80e4-30ee31099e03}
Successfully deleted: [KEY] hkey_current_user\software\microsoft\windows\currentversion\ext\settings\{687578b9-7132-4a7a-80e4-30ee31099e03}
Successfully deleted: [KEY] hkey_current_user\software\microsoft\windows\currentversion\ext\stats\{687578b9-7132-4a7a-80e4-30ee31099e03}
Successfully deleted: [KEY] hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{687578b9-7132-4a7a-80e4-30ee31099e03}
Successfully deleted: [KEY] hkey_current_user\software\microsoft\internet explorer\searchscopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Successfully deleted: [KEY] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}



*** Files:

Successfully deleted: [FILE] C:\eula.1028.txt
Successfully deleted: [FILE] C:\eula.1031.txt
Successfully deleted: [FILE] C:\eula.1033.txt
Successfully deleted: [FILE] C:\eula.1036.txt
Successfully deleted: [FILE] C:\eula.1040.txt
Successfully deleted: [FILE] C:\eula.1041.txt
Successfully deleted: [FILE] C:\eula.1042.txt
Successfully deleted: [FILE] C:\eula.1049.txt
Successfully deleted: [FILE] C:\eula.2052.txt
Successfully deleted: [FILE] C:\install.res.1028.dll
Successfully deleted: [FILE] C:\install.res.1031.dll
Successfully deleted: [FILE] C:\install.res.1033.dll
Successfully deleted: [FILE] C:\install.res.1036.dll
Successfully deleted: [FILE] C:\install.res.1040.dll
Successfully deleted: [FILE] C:\install.res.1041.dll
Successfully deleted: [FILE] C:\install.res.1042.dll
Successfully deleted: [FILE] C:\install.res.1049.dll
Successfully deleted: [FILE] C:\install.res.2052.dll
Successfully deleted: [FILE] C:\install.res.3082.dll



*** Folders:

Successfully deleted: [FOLDER] "C:\Users\Incredulous\appdata\local\conduit"
Successfully deleted: [FOLDER] "C:\Users\Incredulous\appdata\locallow\conduit"
Successfully deleted: [FOLDER] "C:\Program Files (x86)\conduit"



*** FireFox detected and repaired

Removed the following from [prefs.js] :

user_pref("keyword.URL", "http://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=2&q=");


*** Event Viewer Logs - Cleared





**************************************************************
Scan was completed on Wed 10/24/2012 at 20:32:29.49
End of Report

Edited by Incredulous, 24 October 2012 - 07:39 PM.


#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:22 PM

Posted 24 October 2012 - 07:49 PM

farbar service scanner log?

#10 Incredulous

Incredulous
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:03:22 PM

Posted 24 October 2012 - 08:33 PM

My apologies. I didn't realize I missed this one.

Farbar Service Scanner Version: 19-10-2012
Ran by Incredulous (administrator) on 24-10-2012 at 21:31:11
Running from "C:\Users\Incredulous\Downloads"
Microsoft Windows 7 Professional Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
MpsSvc Service is not running. Checking service configuration:
The start type of MpsSvc service is OK.
The ImagePath of MpsSvc service is OK.
The ServiceDll of MpsSvc service is OK.

bfe Service is not running. Checking service configuration:
The start type of bfe service is OK.
The ImagePath of bfe service is OK.
The ServiceDll of bfe service is OK.


Firewall Disabled Policy:
==================


System Restore:
============
VSS Service is not running. Checking service configuration:
The start type of VSS service is OK.
The ImagePath of VSS service is OK.


System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============
BITS Service is not running. Checking service configuration:
The start type of BITS service is set to Demand. The default start type is Auto.
The ImagePath of BITS service is OK.
The ServiceDll of BITS service is OK.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is OK.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:22 PM

Posted 24 October 2012 - 09:06 PM

Run the services repair tool

http://kb.eset.com/library/ESET/KB%20Team%20Only/Malware/ServicesRepair.exe

Run Farbar service scanner again and post the new log


Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#12 Incredulous

Incredulous
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:03:22 PM

Posted 24 October 2012 - 10:01 PM

Farbar SS:
____________________________________________________________________________________________________________________________________________

Farbar Service Scanner Version: 19-10-2012
Ran by Incredulous (administrator) on 24-10-2012 at 22:51:08
Running from "C:\Users\Incredulous\Downloads"
Microsoft Windows 7 Professional Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

_______________________________________________________________________________________________________________________________________

Rkill log
_______________________________________________________________________________________________________________________________________

Rkill 2.4.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 10/24/2012 10:51:42 PM in x64 mode.
Windows Version: Windows 7 Professional Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* Explorer Policy Removed: NoActiveDesktopChanges [HKLM]

Backup Registry file created at:
C:\Users\Incredulous\Desktop\rkill\rkill-10-24-2012-10-51-45.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* ALERT: ZEROACCESS rootkit symptoms found!

* HKEY_CLASSES_ROOT\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InprocServer32 [ZA Reg Hijack]
* HKEY_CLASSES_ROOT\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InprocServer32 [ZA Reg Hijack]
* C:\$Recycle.Bin\S-1-5-18\$089adfff9a6b8307bef082879db02190\ [ZA Dir]
* C:\$Recycle.Bin\S-1-5-18\$089adfff9a6b8307bef082879db02190\L\ [ZA Dir]
* C:\$Recycle.Bin\S-1-5-18\$089adfff9a6b8307bef082879db02190\L\00000004.@ [ZA File]
* C:\$Recycle.Bin\S-1-5-18\$089adfff9a6b8307bef082879db02190\L\201d3dde [ZA File]
* C:\$Recycle.Bin\S-1-5-18\$089adfff9a6b8307bef082879db02190\U\ [ZA Dir]
* C:\$Recycle.Bin\S-1-5-21-4115105419-1998430418-1097447649-1001\$089adfff9a6b8307bef082879db02190\ [ZA Dir]
* C:\$Recycle.Bin\S-1-5-21-4115105419-1998430418-1097447649-1001\$089adfff9a6b8307bef082879db02190\L\ [ZA Dir]
* C:\$Recycle.Bin\S-1-5-21-4115105419-1998430418-1097447649-1001\$089adfff9a6b8307bef082879db02190\U\ [ZA Dir]

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 actiate.adobe.com
127.0.0.1 pracivate.adobe.com
127.0.0.1 ere.adobe.com
127.0.0.1 acivate.wip3.adobe.com
127.0.0.1 wp3.adobe.com
127.0.0.1 3ns-3.adobe.com
127.0.0.1 3ns-2.adobe.com
127.0.0.1 adbe-dns.adobe.com
127.0.0.1 adoe-dns-2.adobe.com
127.0.0.1 adob-dns-3.adobe.com
127.0.0.1 ere.wip3.adobe.com
127.0.0.1 actvate-sea.adobe.com
127.0.0.1 wwi-dubc1-vip60.adobe.com
127.0.0.1 acivate-sjc0.adobe.com
127.0.0.1 adbe.activate.com
127.0.0.1 adoeereg.com
127.0.0.1 www.adobereg.com
127.0.0.1 wwis-dub1-vip60.adobe.com
127.0.0.1 125.252.224.90
127.0.0.1 125.252.224.91

20 out of 21 HOSTS entries shown.
Please review HOSTS file for further entries.

Program finished at: 10/24/2012 10:51:52 PM
Execution time: 0 hours(s), 0 minute(s), and 10 seconds(s)

_________________________________________________________________________________________________________________________________________

Auto runs Log
_________________________________________________________________________________________________________________________________________

"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "LogMeIn GUI" "" "" "File not found: C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe"
+ "MSC" "" "" "File not found: c:\Program Files\Microsoft Security Client\mssecex.exe"
+ "RTHDVCPL" "Realtek HD Audio Manager" "Realtek Semiconductor" "c:\program files\realtek\audio\hda\ravcpl64.exe"
+ "THXCfg64" "" "Creative Technology Ltd." "c:\windows\system32\thxcfg64.dll"
+ "XboxStat" "XBoxStat.exe" "Microsoft Corporation" "c:\program files\microsoft xbox 360 accessories\xboxstat.exe"
+ "XFast LAN" "cFosSpeed Window" "cFos Software GmbH" "c:\program files\asrock\xfast lan\cfosspeed.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Acrobat Assistant 8.0" "AcroTray" "Adobe Systems Inc." "c:\program files (x86)\adobe\acrobat 9.0\acrobat\acrotray.exe"
+ "Adobe Acrobat Speed Launcher" "Adobe Acrobat SpeedLauncher" "Adobe Systems Incorporated" "c:\program files (x86)\adobe\acrobat 9.0\acrobat\acrobat_sl.exe"
+ "Adobe Reader Speed Launcher" "Adobe Acrobat SpeedLauncher" "Adobe Systems Incorporated" "c:\program files (x86)\adobe\reader 9.0\reader\reader_sl.exe"
+ "AdobeCS4ServiceManager" "Adobe CS4 Service Manager" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe"
+ "AMD AVT" "" "" "File not found: start"
+ "LogMeIn Hamachi Ui" "Hamachi Client Application" "LogMeIn Inc." "c:\program files (x86)\logmein hamachi\hamachi-2-ui.exe"
+ "Razer Mamba Elite Driver" "Razer Mamba System Tray" "Razer USA Ltd" "c:\program files (x86)\razer\mamba\razermambasystray.exe"
+ "Razer Synapse" "Razer Synapse" "Razer USA Ltd" "c:\program files (x86)\razer\synapse\rzsynapse.exe"
+ "SmartViewAgent" "" "" "c:\program files (x86)\devicevm\smartview\smartviewagent.exe"
+ "StartCCC" "Catalyst® Control Center Launcher" "Advanced Micro Devices, Inc." "c:\program files (x86)\ati technologies\ati.ace\core-static\clistart.exe"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files (x86)\common files\java\java update\jusched.exe"
+ "THX TruStudio NB Settings" "THXAudioNB" "Creative Technology Ltd" "c:\program files (x86)\creative\thx trustudio\thxnbset\thxaudnb.exe"
+ "XFast USB" "XFast USB" "FNet Co., Ltd." "c:\program files (x86)\xfast usb\xfastusb.exe"
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "LOLRecorder.lnk" "LOL Replay Recorder" "LOL Replay" "c:\program files (x86)\lolreplay\lolrecorder.exe"
"C:\Users\Incredulous\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "Dropbox.lnk" "Dropbox" "Dropbox, Inc." "c:\users\incredulous\appdata\roaming\dropbox\bin\dropbox.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "DAEMON Tools Lite" "DAEMON Tools Lite" "DT Soft Ltd" "c:\program files (x86)\daemon tools lite\dtlite.exe"
+ "Google Update" "Google Installer" "Google Inc." "c:\users\incredulous\appdata\local\google\update\googleupdate.exe"
+ "HP Photosmart 5510 series (NET)" "ScanToPCActivationApp" "Hewlett-Packard Co." "c:\program files\hp\hp photosmart 5510 series\bin\scantopcactivationapp.exe"
+ "LolMatches Client" "LolMatches Client" "LolMatches" "c:\program files (x86)\lolmatches client\lolmatches client.exe"
+ "PCShowServer" "PC Show power management wrapper" "NDS Technologies" "c:\users\incredulous\appdata\local\directv player\pcshowserverpmwrapper.exe"
+ "Skype" "Skype " "Skype Technologies S.A." "c:\program files (x86)\skype\phone\skype.exe"
+ "Spotify" "Spotify" "Spotify Ltd" "c:\users\incredulous\appdata\roaming\spotify\spotify.exe"
+ "Spotify Web Helper" "SpotifyWebHelper" "Spotify Ltd" "c:\users\incredulous\appdata\roaming\spotify\data\spotifywebhelper.exe"
+ "Steam" "Steam" "Valve Corporation" "c:\program files (x86)\steam\steam.exe"
"HKLM\SOFTWARE\Classes\Protocols\Handler" "" "" ""
+ "skype-ie-addon-data" "Skype Click to Call for Internet Explorer" "Skype Technologies S.A." "c:\program files (x86)\skype\toolbars\internet explorer x64\skypeieplugin.dll"
"HKCU\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "DropboxExt" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\incredulous\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\program files\7-zip\7-zip.dll"
+ "Adobe.Acrobat.ContextMenu" "Adobe Acrobat Context Menu" "Adobe Systems Inc." "c:\program files (x86)\adobe\acrobat 9.0\acrobat elements\contextmenu64.dll"
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll"
+ "Notepad++64" "ShellHandler for Notepad++ (64 bit)" "" "c:\program files (x86)\notepad++\nppshell_04.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "Adobe.Acrobat.ContextMenu" "Adobe Acrobat Context Menu" "Adobe Systems Inc." "c:\program files (x86)\adobe\acrobat 9.0\acrobat elements\contextmenu.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "Adobe Drive CS4" "Adobe Drive Menu" "Adobe Systems Incorporated" "c:\program files\common files\adobe\adobe drive cs4\adfsmenu.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Wow6432Node\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "Adobe Drive CS4" "Adobe Drive Menu" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\adobe drive cs4\adfsmenu.dll"
"HKCU\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "DropboxExt" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\incredulous\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\program files\7-zip\7-zip.dll"
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\program files\7-zip\7-zip.dll"
"HKLM\Software\Classes\Directory\Shellex\CopyHookHandlers" "" "" ""
+ "FileZilla3CopyHook" "fzshellext Dynamic Link Library" "" "c:\program files (x86)\filezilla ftp client\fzshellext_64.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Shellex\CopyHookHandlers" "" "" ""
+ "FileZilla3CopyHook" "fzshellext Dynamic Link Library" "" "c:\program files (x86)\filezilla ftp client\fzshellext.dll"
"HKCU\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "DropboxExt" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\incredulous\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "ACE" "AMD Desktop Control Panel" "Advanced Micro Devices, Inc." "c:\program files (x86)\ati technologies\ati.ace\core-static\atiacm64.dll"
+ "Adobe Drive CS4" "Adobe Drive Menu" "Adobe Systems Incorporated" "c:\program files\common files\adobe\adobe drive cs4\adfsmenu.dll"
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Adobe Drive CS4" "Adobe Drive Menu" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\adobe drive cs4\adfsmenu.dll"
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll"
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" "" "" "File not found: C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl_x64.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
+ "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" "" "Apache Software Foundation" "c:\program files (x86)\openoffice.org 3\basis\program\shlxthdl\shlxthdl.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "Adobe.Acrobat.ContextMenu" "Adobe Acrobat Context Menu" "Adobe Systems Inc." "c:\program files (x86)\adobe\acrobat 9.0\acrobat elements\contextmenu64.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "Adobe.Acrobat.ContextMenu" "Adobe Acrobat Context Menu" "Adobe Systems Inc." "c:\program files (x86)\adobe\acrobat 9.0\acrobat elements\contextmenu.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "DropboxExt1" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\incredulous\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
+ "DropboxExt2" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\incredulous\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
+ "DropboxExt3" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\incredulous\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
+ "DropboxExt4" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\incredulous\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "DropboxExt1" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\incredulous\appdata\roaming\dropbox\bin\dropboxext.14.dll"
+ "DropboxExt2" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\incredulous\appdata\roaming\dropbox\bin\dropboxext.14.dll"
+ "DropboxExt3" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\incredulous\appdata\roaming\dropbox\bin\dropboxext.14.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files\java\jre7\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files\java\jre7\bin\ssv.dll"
+ "Skype add-on for Internet Explorer" "Skype Click to Call for Internet Explorer" "Skype Technologies S.A." "c:\program files (x86)\skype\toolbars\internet explorer x64\skypeieplugin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Conversion Toolbar Helper" "Adobe PDF Toolbar for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiefavclient.dll"
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "ContributeBHO Class" "Contribute IE Plugin" "Adobe Systems Incorporated." "c:\program files (x86)\adobe\/adobe contribute cs4/contributeieplugin.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\java\jre7\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\java\jre7\bin\ssv.dll"
+ "Skype Browser Helper" "Skype Click to Call for Internet Explorer" "Skype Technologies S.A." "c:\program files (x86)\skype\toolbars\internet explorer\skypeieplugin.dll"
+ "SmartSelect Class" "Adobe PDF Toolbar for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiefavclient.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "Adobe PDF" "Adobe PDF Toolbar for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiefavclient.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "Skype Click to Call" "Skype Click to Call for Internet Explorer" "Skype Technologies S.A." "c:\program files (x86)\skype\toolbars\internet explorer x64\skypeieplugin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "Skype Click to Call" "Skype Click to Call for Internet Explorer" "Skype Technologies S.A." "c:\program files (x86)\skype\toolbars\internet explorer\skypeieplugin.dll"
"Task Scheduler" "" "" ""
+ "\DeviceDetector" "MediaEspresso DeviceDetector" "CyberLink" "c:\program files (x86)\cyberlink\mediaespresso\devicedetector\devicedetector.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-4115105419-1998430418-1097447649-1001Core" "Google Installer" "Google Inc." "c:\users\incredulous\appdata\local\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-4115105419-1998430418-1097447649-1001UA" "Google Installer" "Google Inc." "c:\users\incredulous\appdata\local\google\update\googleupdate.exe"
+ "\hpUrlLauncher.exe_{B2E2D1C3-2133-44FB-BF3A-B9BB19E2CEF2}" "hpUrlLauncher" "Hewlett-Packard Co." "c:\program files\hp\hp photosmart 5510 series\bin\utils\hpurllauncher.exe"
+ "\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\microsoft security client\mpcmdrun.exe"
+ "\Microsoft\Microsoft Antimalware\MpIdleTask" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\microsoft security client\mpcmdrun.exe"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
+ "\Norton Security Scan for Incredulous" "Norton Security Scan" "Symantec Corporation" "c:\program files (x86)\norton security scan\engine\3.7.4.10\nss.exe"
+ "\{EC0A6A50-AB14-451F-8ED0-BE8E2C16CDC4}" "Google Chrome" "Google Inc." "c:\users\incredulous\appdata\local\google\chrome\application\chrome.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "AMD External Events Utility" "AMD External Events Service Module" "AMD" "c:\windows\system32\atiesrxx.exe"
+ "AMD FUEL Service" "Provides FUEL Functionality" "Advanced Micro Devices, Inc." "c:\program files\ati technologies\ati.ace\fuel\fuel.service.exe"
+ "Bonjour Service" "##Id_String2.6844F930_1628_4223_B5CC_5BB94B879762##" "Apple Computer, Inc." "c:\program files (x86)\bonjour\mdnsresponder.exe"
+ "cFosSpeedS" "Performs latency measurement and privileged operations for cFosSpeed" "cFos Software GmbH" "c:\program files\asrock\xfast lan\spd.exe"
+ "FLEXnet Licensing Service" "This service performs licensing functions on behalf of FLEXnet enabled products." "Acresso Software Inc." "c:\program files (x86)\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe"
+ "FLEXnet Licensing Service 64" "This service performs licensing functions on behalf of FLEXnet enabled products." "Flexera Software, Inc." "c:\program files\common files\macrovision shared\flexnet publisher\fnplicensingservice64.exe"
+ "gusvc" "gusvc" "Google" "c:\program files (x86)\google\common\google updater\googleupdaterservice.exe"
+ "Hamachi2Svc" "Hamachi Client Tunneling Engine" "LogMeIn Inc." "c:\program files (x86)\logmein hamachi\hamachi-2.exe"
+ "mi-raysat_3dsmax2012_64" "mental ray 3.9 Satellite for Autodesk 3ds Max 2012 64-bit - English 64-bit" "" "c:\program files\autodesk\3ds max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe"
+ "MozillaMaintenance" "The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled." "Mozilla Foundation" "c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe"
+ "MsMpSvc" "Helps protect users from malware and other potentially unwanted software" "Microsoft Corporation" "c:\program files\microsoft security client\msmpeng.exe"
+ "NisSrv" "Helps guard against intrusion attempts targeting known and newly discovered vulnerabilities in network protocols" "Microsoft Corporation" "c:\program files\microsoft security client\nissrv.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"
+ "PnkBstrA" "PunkBuster Service Component [v1036] http://www.evenbalance.com" "" "c:\windows\syswow64\pnkbstra.exe"
+ "Skype C2C Service" "Skype Click to Call Update Service" "Skype Technologies S.A." "c:\programdata\skype\toolbars\skype c2c service\c2c_service.exe"
+ "SkypeUpdate" "Enables the detection, download and installation of updates for Skype." "Skype Technologies" "c:\program files (x86)\skype\updater\updater.exe"
+ "SmartViewService" "This service performs auto-recovery for SmartView." "DeviceVM, Inc." "c:\program files (x86)\devicevm\smartview\smartviewservice.exe"
+ "Steam Client Service" "Steam Client Service monitors and updates Steam content" "Valve Corporation" "c:\program files (x86)\common files\steam\steamservice.exe"
+ "WCUService_STC_IE" "Splashtop Connect software updater enables updates and enhancements to the Splashtop Connect browser extension." "Splashtop Inc." "c:\program files (x86)\splashtop\splashtop connect ie software updater\wcuservice.exe"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "adfs" "Adobe Drive File System Driver" "Adobe Systems, Inc." "c:\windows\system32\drivers\adfs.sys"
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdiox64" "AMD IO Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdiox64.sys"
+ "amdkmdag" "ATI Radeon Kernel Mode Driver" "Advanced Micro Devices, Inc." "c:\windows\system32\drivers\atikmdag.sys"
+ "amdkmdap" "AMD multi-vendor Miniport Driver" "Advanced Micro Devices, Inc." "c:\windows\system32\drivers\atikmpag.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "AODDriver4.01" "AMD OverDrive Service Driver" "Advanced Micro Devices" "c:\program files\ati technologies\ati.ace\fuel\amd64\aoddriver2.sys"
+ "AODDriver4.1" "AMD OverDrive Service Driver" "Advanced Micro Devices" "c:\program files\ati technologies\ati.ace\fuel\amd64\aoddriver2.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "AsrAppCharger" "ASRock App Charger Driver" "Windows ® Win 7 DDK provider" "c:\windows\system32\drivers\asrappcharger.sys"
+ "AsrHidFilter" "ASRock HID Filter Driver" "ASRock Inc." "c:\windows\system32\drivers\asrhidfilter.sys"
+ "AtiHDAudioService" "AMD High Definition Audio Function Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\atihdw76.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "cFosSpeed" "cFosSpeed for faster Internet connections (NDIS 6)" "cFos Software GmbH" "c:\windows\system32\drivers\cfosspeed6.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "dtsoftbus01" "DAEMON Tools Virtual Bus Driver" "DT Soft Ltd" "c:\windows\system32\drivers\dtsoftbus01.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "EtronHub3" "Etron eXtensible Hub Driver." "Etron Technology Inc" "c:\windows\system32\drivers\etronhub3.sys"
+ "EtronXHCI" "Etron eXtensible Host Controller Driver." "Etron Technology Inc" "c:\windows\system32\drivers\etronxhci.sys"
+ "FNETTBOH_305" "FNetTbos.sys" "FNet Co., Ltd." "c:\windows\system32\drivers\fnettboh_305.sys"
+ "FNETURPX" "FNetUrPx.sys" "FNet Co., Ltd." "c:\windows\system32\drivers\fneturpx.sys"
+ "hamachi" "Hamachi Virtual Network Interface Driver" "LogMeIn, Inc." "c:\windows\system32\drivers\hamachi.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "IntcAzAudAddService" "Realtek® High Definition Audio Function Driver" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtkvhd64.sys"
+ "k57nd60a" "Broadcom NetLink ™ Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\k57nd60a.sys"
+ "LMIInfo" "" "" "File not found: C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys"
+ "lmimirr" "LogMeIn Mirror Miniport Driver" "LogMeIn, Inc." "c:\windows\system32\drivers\lmimirr.sys"
+ "LMIRfsDriver" "LogMeIn Rfs Drivemap Driver" "LogMeIn, Inc." "c:\windows\system32\drivers\lmirfsdriver.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "MBfilt" "Creative Audio Driver" "Creative Technology Ltd." "c:\windows\system32\drivers\mbfilt64.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "PxHlpa64" "Px Engine Device Driver for 64-bit Windows" "Sonic Solutions" "c:\windows\system32\drivers\pxhlpa64.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "RTL8167" "Realtek 8101E/8168/8169 NDIS 6.20 64-bit Driver " "Realtek Corporation " "c:\windows\system32\drivers\rt64win7.sys"
+ "rzendpt" "Razer RzEndPt" "Razer USA Ltd" "c:\windows\system32\drivers\rzendpt.sys"
+ "rzudd" "Razer Rzudd Engine" "Razer USA Ltd" "c:\windows\system32\drivers\rzudd.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "usbfilter" "AMD USB Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\usbfilter.sys"
+ "UsbFltr" "Ortek USB Keypad Driver" "Waytech Development, Inc." "c:\windows\system32\drivers\usbfltr.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "msacm.l3codecp" "MPEG Audio Layer-3 Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codecp.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
+ "vidc.DIVX" "DivX" "DivX, Inc." "c:\windows\syswow64\divx.dll"
+ "VIDC.FFDS" "" "" "File not found: ff_vfw.dll"
+ "vidc.yv12" "DivX" "DivX, Inc." "c:\windows\syswow64\divx.dll"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "AMD MJPEG Decoder" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI MPEG Audio Encoder" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI MPEG File Writer" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI MPEG Multiplexer" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI MPEG Video Decoder" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI MPEG Video Encoder" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI Video Rotation Filter" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI Video Scaler Filter" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "LogMeIn Video Decoder" "" "" "File not found: C:\Program Files (x86)\LogMeIn\x64\racodec.ax"
+ "LogMeIn Video Encoder" "" "" "File not found: C:\Program Files (x86)\LogMeIn\x64\racodec.ax"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ ""MainConcept (Adobe2) AAC Decoder"" "AAC audio decoder filter" "MainConcept AG" "c:\program files (x86)\adobe\adobe premiere pro cs4\ad2daac.ax"
+ ""MainConcept (Adobe2) AAC Encoder"" "AAC audio encoder filter" "MainConcept AG" "c:\program files (x86)\adobe\adobe premiere pro cs4\ad2eaac.ax"
+ ""MainConcept (Adobe2) H.264 Encoder"" "DirectShow H.264/AVC Encoder Filter" "MainConcept AG" "c:\program files (x86)\adobe\adobe premiere pro cs4\ad2esh264.ax"
+ ""MainConcept (Adobe2) H.264/AVC Decoder"" "DirectShow H.264/AVC Decoder Filter" "MainConcept AG" "c:\program files (x86)\adobe\adobe premiere pro cs4\ad2dsh264.ax"
+ ""MainConcept (Adobe2) H.264/AVC Video Encoder"" "DirectShow H.264/AVC Video Encoder Filter" "MainConcept AG" "c:\program files (x86)\adobe\adobe premiere pro cs4\ad2evh264.ax"
+ ""MainConcept (Adobe2) MPEG Audio Decoder"" "MPEG Video and Audio Decoder" "MainConcept AG" "c:\program files (x86)\adobe\adobe premiere pro cs4\ad2mcdsmpeg.ax"
+ ""MainConcept (Adobe2) MPEG Audio Encoder"" "MPEG Audio Encoder" "MainConcept AG" "c:\program files (x86)\adobe\adobe premiere pro cs4\ad2mceampeg.ax"
+ ""MainConcept (Adobe2) MPEG Encoder"" "MPEG Encoder and Muxer" "MainConcept AG" "c:\program files (x86)\adobe\adobe premiere pro cs4\ad2mcesmpeg.ax"
+ ""MainConcept (Adobe2) MPEG Multiplexer"" "MPEG Multiplexer" "" "c:\program files (x86)\adobe\adobe premiere pro cs4\ad2mcmuxmpeg.ax"
+ ""MainConcept (Adobe2) MPEG Splitter"" "Mpeg I/II Splitter" "MainConcept AG" "c:\program files (x86)\adobe\adobe premiere pro cs4\ad2mcspmpeg.ax"
+ ""MainConcept (Adobe2) MPEG Video Decoder"" "MPEG Video and Audio Decoder" "MainConcept AG" "c:\program files (x86)\adobe\adobe premiere pro cs4\ad2mcdsmpeg.ax"
+ ""MainConcept (Adobe2) MPEG Video Encoder"" "MPEG Video Encoder" "MainConcept AG" "c:\program files (x86)\adobe\adobe premiere pro cs4\ad2mcevmpeg.ax"
+ "AMD MJPEG Decoder" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI MPEG Audio Encoder" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI MPEG File Writer" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI MPEG Multiplexer" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI MPEG Video Decoder" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI MPEG Video Encoder" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI Ticker" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\ticker.ax"
+ "ATI Video Rotation Filter" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI Video Scaler Filter" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll"
+ "DivX AAC Decoder" "AAC audio decoder filter" "DivX, Inc." "c:\program files (x86)\divx\divx plus directshow filters\daac.ax"
+ "DivX Decoder Filter" "DivX Decoder Filter" "DivX, Inc." "c:\program files (x86)\divx\divx codec\divxdec.ax"
+ "DivX Demux Filter" "DivX Plus DMF Navigator Filter" "DivX, Inc." "c:\program files (x86)\divx\divx plus directshow filters\directshowdemuxfilter.dll"
+ "DivX Demux Filter (Unrestricted Edition)" "DivX Plus DMF Navigator Filter" "DivX, Inc." "c:\program files (x86)\divx\divx plus directshow filters\directshowdemuxfilter.dll"
+ "DivX H.264 Decoder" "DivX H.264 Decoder Filter" "DivX, Inc." "c:\program files (x86)\divx\divx plus directshow filters\divxdech264.ax"
+ "ffdshow Audio Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\essentials codec pack\ffdshow\ffdshow.ax"
+ "ffdshow Audio Processor" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\essentials codec pack\ffdshow\ffdshow.ax"
+ "ffdshow raw video filter" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\essentials codec pack\ffdshow\ffdshow.ax"
+ "ffdshow subtitles filter" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\essentials codec pack\ffdshow\ffdshow.ax"
+ "ffdshow Video Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\essentials codec pack\ffdshow\ffdshow.ax"
+ "Haali Matroska Muxer" "Haali Media Splitter" "" "c:\program files (x86)\essentials codec pack\haali\splitter.ax"
+ "Haali Media Splitter" "Haali Media Splitter" "" "c:\program files (x86)\essentials codec pack\haali\splitter.ax"
+ "Haali Media Splitter (AR)" "Haali Media Splitter" "" "c:\program files (x86)\essentials codec pack\haali\splitter.ax"
+ "Haali Simple Media Splitter" "Haali Media Splitter" "" "c:\program files (x86)\essentials codec pack\haali\splitter.ax"
+ "Haali Video Renderer" "" "" "c:\program files (x86)\essentials codec pack\haali\dxr.dll"
+ "Haali Video Sink" "Haali Media Splitter" "" "c:\program files (x86)\essentials codec pack\haali\splitter.ax"
+ "LogMeIn Video Decoder" "" "" "File not found: C:\Program Files (x86)\LogMeIn\x86\racodec.ax"
+ "LogMeIn Video Encoder" "" "" "File not found: C:\Program Files (x86)\LogMeIn\x86\racodec.ax"
+ "MMACE Deinterlace" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "MMACE ProcAmp" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "MMACE SoftEmu" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "MPEG Video Decoder (Gabest)" "MPEG-1/2 Decoder Filter for DirectShow" "Gabest" "c:\program files (x86)\essentials codec pack\mpeg2decfilter.ax"
+ "RealAudio Decoder" "RealMedia Splitter" "Gabest" "c:\program files (x86)\essentials codec pack\realmediasplitter.ax"
+ "RealMedia Source" "RealMedia Splitter" "Gabest" "c:\program files (x86)\essentials codec pack\realmediasplitter.ax"
+ "RealMedia Splitter" "RealMedia Splitter" "Gabest" "c:\program files (x86)\essentials codec pack\realmediasplitter.ax"
+ "RealVideo Decoder" "RealMedia Splitter" "Gabest" "c:\program files (x86)\essentials codec pack\realmediasplitter.ax"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" "" "" ""
+ "LogMeInCredProv" "LogMeIn Remote Control Helper" "LogMeIn, Inc." "c:\windows\system32\lmiinit.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Computer, Inc." "c:\program files (x86)\bonjour\mdnsnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "Adobe PDF Port Monitor" "Adobe PDF Port Monitor DLL" "Adobe Systems Inc" "c:\windows\system32\adobepdf.dll"
+ "HP a111 Status Monitor" "Print Status Language Monitor" "Hewlett-Packard Co." "c:\windows\system32\hpinkstsa111lm.dll"
+ "HP Discovery Port Monitor (HP Photosmart 5510 series)" "HP Discovery Port Monitor" "Hewlett-Packard Co." "c:\windows\system32\hpdiscopma111.dll"
+ "LogMeIn Printer Port Monitor" "RemotelyAnywhere Printer Port Monitor" "LogMeIn, Inc." "c:\windows\system32\lmiport.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order" "" "" ""
+ "AdobeDriveCS4_NP" "Adobe Drive CS4 Network" "Adobe Systems Incorporated" "c:\program files\common files\adobe\adobe drive cs4\adobedrivecs4_np.dll"
+ "LMIRfsClientNP" "LogMeIn Virtual Disk Network" "LogMeIn, Inc." "c:\windows\system32\lmirfsclientnp.dll"

Thanks!

#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:22 PM

Posted 24 October 2012 - 10:04 PM

Now run RKILL given in previous instructions and post the new log

Edited by narenxp, 24 October 2012 - 11:16 PM.


#14 Incredulous

Incredulous
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:03:22 PM

Posted 24 October 2012 - 11:13 PM

Rkill log after running rougekiller


Rkill 2.4.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 10/25/2012 12:10:31 AM in x64 mode.
Windows Version: Windows 7 Professional Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\Users\Incredulous\Downloads\RogueKiller.exe (PID: 8148) [UP-HEUR]

1 proccess terminated!

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 actiate.adobe.com
127.0.0.1 pracivate.adobe.com
127.0.0.1 ere.adobe.com
127.0.0.1 acivate.wip3.adobe.com
127.0.0.1 wp3.adobe.com
127.0.0.1 3ns-3.adobe.com
127.0.0.1 3ns-2.adobe.com
127.0.0.1 adbe-dns.adobe.com
127.0.0.1 adoe-dns-2.adobe.com
127.0.0.1 adob-dns-3.adobe.com
127.0.0.1 ere.wip3.adobe.com
127.0.0.1 actvate-sea.adobe.com
127.0.0.1 wwi-dubc1-vip60.adobe.com
127.0.0.1 acivate-sjc0.adobe.com
127.0.0.1 adbe.activate.com
127.0.0.1 adoeereg.com
127.0.0.1 www.adobereg.com
127.0.0.1 wwis-dub1-vip60.adobe.com
127.0.0.1 125.252.224.90
127.0.0.1 125.252.224.91

20 out of 21 HOSTS entries shown.
Please review HOSTS file for further entries.

Program finished at: 10/25/2012 12:10:45 AM
Execution time: 0 hours(s), 0 minute(s), and 13 seconds(s)

#15 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:22 PM

Posted 24 October 2012 - 11:16 PM

That looks good

Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

XP- http://support.microsoft.com/kb/310405

Vista & windows 7- http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users