Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Win Update, Firewall, Defender not working, and CPU spikes


  • Please log in to reply
17 replies to this topic

#1 mewikime

mewikime

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:09:57 AM

Posted 24 October 2012 - 05:38 PM

Hello.

I've recently noticed I've been having spikes in my CPU usage. I narrowed it down to ServiioService.exe, which is my DLNA server so I can watch downloaded video files on my Sony Media Box on my TV. Here are screenshots of it happening three times in Task Manager: http://i.imgur.com/kaDMa.png and here's a screenshot of Process Explorer, with normal activity on the Left hand Side, and CPU topped out at 100% on the right hand side: http://i.imgur.com/nqcH4.png. Having read stuff around the Internet, it appeared it might be because it's trying to get metadata for each file, so I unchecked every option in the Metadata tab in the Serviio Console, but I am still having issues of the CPU spiking and my computer pausing. This happens every 5-10 minutes or so and lasts around a second. It's extremely annoying, especially when I'm typing or watching a video on the computer.

At Serviio, the developer told me "It might be caused by Java's garbage collection (freeing memory tht is not needed any more)." I don't know what this means, or how to fix it, so that's where I'm at with that.

Before I had figured this out, however, I wondered if the CPU spikes were caused by some form of Malware. I downloaded Malwarebyes and performed a scan, but nothing was found. I tried seeing if Windows Defender would find it, but it wasn't turned on. When I tried to turn it on, I got an "error code 5" and saw that it hadn't run since July. I went to Windows Update and that hadn't been updated since July either. When I tried to check for updates, I got another error code, 800-something-2424.. or thereabouts (sorry, I didn't write it down). After talking with some people on IRC, I discovered that Windows Firewall, Update and Defender were not listed in services.msc, and that BITS and BFE also had errors and wouldn't start.

We managed to get BITS and BFE restarted by searching through the forums at Microsoft and Sevenforums.com, got Firewall, Updates and Defender listed in Services.msc, but they still wouldn't start.

So then I downloaded "Tweaking.com Windows Repair", ran it with every option checked, and it seemed to fix everything, because I got Updates to work and downloaded a bunch of updates, and I was also able to turn on Firewall and Defender.

Then it was suggested to me that because I don't have any virus software (I uninstalled Malwarebytes after the scan was finished), I should install Microsoft Security Essentials. So I did, ran a scan, and nothing was found.

So after all this, I remembered that about 3 or 4 months ago, my wife told me something popped up saying I had a virus.. I'm not sure if she clicked anything or closed it, but I knew it was odd because I didn't have any virus protection installed. Anyways, each subsequent attempt to open a browser forwarded me to some weird webpage. I was able to do a search online on another computer and manage to completely remove what was doing this and everything related to it, and thought nothing of it until now, when I've realised that everything stopped working at around the same time as this virus popup happened.

So right now I don't have any malware or viruses as far as I know. But I want to make sure at this point that I haven't missed anything. How do I make sure, with absolute certainty, that I'm no longer infected with anything?

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:57 PM

Posted 24 October 2012 - 05:47 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 mewikime

mewikime
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:09:57 AM

Posted 25 October 2012 - 05:11 PM

Hi. Thanks.. Here are the logs for each of the scans.

TDSSkiller:

08:00:25.0454 0688 TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
08:00:26.0592 0688 ============================================================
08:00:26.0593 0688 Current date / time: 2012/10/25 08:00:26.0592
08:00:26.0593 0688 SystemInfo:
08:00:26.0593 0688
08:00:26.0593 0688 OS Version: 6.1.7601 ServicePack: 1.0
08:00:26.0593 0688 Product type: Workstation
08:00:26.0593 0688 ComputerName: MATTHEWEDWARDS
08:00:26.0594 0688 UserName: Matthew Edwards
08:00:26.0594 0688 Windows directory: C:\Windows
08:00:26.0594 0688 System windows directory: C:\Windows
08:00:26.0594 0688 Running under WOW64
08:00:26.0594 0688 Processor architecture: Intel x64
08:00:26.0594 0688 Number of processors: 1
08:00:26.0594 0688 Page size: 0x1000
08:00:26.0594 0688 Boot type: Normal boot
08:00:26.0594 0688 ============================================================
08:00:31.0057 0688 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
08:00:39.0102 0688 Drive \Device\Harddisk1\DR1 - Size: 0xE8B6F00000 (930.86 Gb), SectorSize: 0x200, Cylinders: 0x1DAAB, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
08:00:46.0089 0688 Drive \Device\Harddisk2\DR2 - Size: 0xE8B6F00000 (930.86 Gb), SectorSize: 0x200, Cylinders: 0x1DAAB, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
08:00:54.0362 0688 Drive \Device\Harddisk3\DR3 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
08:01:00.0725 0688 Drive \Device\Harddisk4\DR4 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
08:01:00.0727 0688 ============================================================
08:01:00.0727 0688 \Device\Harddisk0\DR0:
08:01:00.0732 0688 MBR partitions:
08:01:00.0732 0688 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
08:01:00.0732 0688 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x38C5B000
08:01:00.0732 0688 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x38C8D800, BlocksNum 0x16F8000
08:01:00.0732 0688 \Device\Harddisk1\DR1:
08:01:00.0733 0688 MBR partitions:
08:01:00.0733 0688 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x745B77C0
08:01:00.0733 0688 \Device\Harddisk2\DR2:
08:01:00.0733 0688 MBR partitions:
08:01:00.0733 0688 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x745B7000
08:01:00.0733 0688 \Device\Harddisk3\DR3:
08:01:00.0734 0688 MBR partitions:
08:01:00.0734 0688 \Device\Harddisk3\DR3\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x747065B0
08:01:00.0734 0688 \Device\Harddisk4\DR4:
08:01:00.0734 0688 MBR partitions:
08:01:00.0734 0688 \Device\Harddisk4\DR4\Partition1: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x254297C1
08:01:00.0734 0688 ============================================================
08:01:00.0755 0688 C: <-> \Device\Harddisk0\DR0\Partition2
08:01:00.0787 0688 D: <-> \Device\Harddisk0\DR0\Partition3
08:01:00.0827 0688 F: <-> \Device\Harddisk1\DR1\Partition1
08:01:01.0348 0688 G: <-> \Device\Harddisk2\DR2\Partition1
08:01:01.0350 0688 H: <-> \Device\Harddisk4\DR4\Partition1
08:01:01.0404 0688 I: <-> \Device\Harddisk3\DR3\Partition1
08:01:01.0404 0688 ============================================================
08:01:01.0404 0688 Initialize success
08:01:01.0404 0688 ============================================================
08:01:56.0973 5664 ============================================================
08:01:56.0973 5664 Scan started
08:01:56.0973 5664 Mode: Manual; TDLFS;
08:01:56.0973 5664 ============================================================
08:01:57.0457 5664 ================ Scan system memory ========================
08:01:57.0457 5664 System memory - ok
08:01:57.0457 5664 ================ Scan services =============================
08:01:57.0628 5664 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
08:01:57.0628 5664 1394ohci - ok
08:01:57.0691 5664 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
08:01:57.0691 5664 ACPI - ok
08:01:57.0738 5664 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
08:01:57.0738 5664 AcpiPmi - ok
08:01:57.0909 5664 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
08:01:57.0909 5664 AdobeARMservice - ok
08:01:58.0034 5664 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
08:01:58.0050 5664 AdobeFlashPlayerUpdateSvc - ok
08:01:58.0096 5664 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
08:01:58.0096 5664 adp94xx - ok
08:01:58.0112 5664 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
08:01:58.0128 5664 adpahci - ok
08:01:58.0128 5664 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
08:01:58.0143 5664 adpu320 - ok
08:01:58.0174 5664 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
08:01:58.0174 5664 AeLookupSvc - ok
08:01:58.0221 5664 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
08:01:58.0268 5664 AFD - ok
08:01:58.0315 5664 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
08:01:58.0315 5664 agp440 - ok
08:01:58.0346 5664 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
08:01:58.0408 5664 ALG - ok
08:01:58.0486 5664 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
08:01:58.0486 5664 aliide - ok
08:01:58.0533 5664 [ CA0D6C1390F4B3BAF2A0A69D1A7F8332 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
08:01:58.0549 5664 AMD External Events Utility - ok
08:01:58.0580 5664 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
08:01:58.0580 5664 amdide - ok
08:01:58.0611 5664 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
08:01:58.0611 5664 AmdK8 - ok
08:01:58.0752 5664 [ 75E4BACA583AE02C11E9AC8747E2ABE0 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
08:01:58.0892 5664 amdkmdag - ok
08:01:58.0908 5664 [ B765CF4B32F347BE747B21AE22641025 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
08:01:58.0908 5664 amdkmdap - ok
08:01:58.0923 5664 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
08:01:58.0923 5664 AmdPPM - ok
08:01:58.0970 5664 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
08:01:58.0970 5664 amdsata - ok
08:01:58.0986 5664 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
08:01:59.0001 5664 amdsbs - ok
08:01:59.0017 5664 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
08:01:59.0017 5664 amdxata - ok
08:01:59.0032 5664 [ 8A2B4818215D8A6FF54DC3F0D63CBB2D ] amd_sata C:\Windows\system32\DRIVERS\amd_sata.sys
08:01:59.0032 5664 amd_sata - ok
08:01:59.0048 5664 [ A2D8977623E13591B15F6370C6CC37B0 ] amd_xata C:\Windows\system32\DRIVERS\amd_xata.sys
08:01:59.0048 5664 amd_xata - ok
08:01:59.0110 5664 [ 60257F0A7ED9781719A6B7B6F661A5B6 ] Andbus C:\Windows\system32\DRIVERS\lgandbus64.sys
08:01:59.0110 5664 Andbus - ok
08:01:59.0142 5664 [ 6487376CBBF73C7F72BA4F48162C7501 ] AndDiag C:\Windows\system32\DRIVERS\lganddiag64.sys
08:01:59.0142 5664 AndDiag - ok
08:01:59.0173 5664 [ 31C0B1139F5C893084C15B2436C9ACD5 ] AndGps C:\Windows\system32\DRIVERS\lgandgps64.sys
08:01:59.0173 5664 AndGps - ok
08:01:59.0204 5664 [ 3927A2B72FCBCD05B38AE3A6F69203EB ] ANDModem C:\Windows\system32\DRIVERS\lgandmodem64.sys
08:01:59.0204 5664 ANDModem - ok
08:01:59.0251 5664 [ 0FEC5BA0041E02860B00FCA0C5150066 ] andnetadb C:\Windows\system32\Drivers\lgandnetadb.sys
08:01:59.0251 5664 andnetadb - ok
08:01:59.0282 5664 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
08:01:59.0329 5664 AppID - ok
08:01:59.0376 5664 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
08:01:59.0391 5664 AppIDSvc - ok
08:01:59.0422 5664 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
08:01:59.0422 5664 Appinfo - ok
08:01:59.0532 5664 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
08:01:59.0532 5664 Apple Mobile Device - ok
08:01:59.0578 5664 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
08:01:59.0578 5664 arc - ok
08:01:59.0594 5664 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
08:01:59.0594 5664 arcsas - ok
08:01:59.0625 5664 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
08:01:59.0688 5664 AsyncMac - ok
08:01:59.0734 5664 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
08:01:59.0734 5664 atapi - ok
08:01:59.0812 5664 [ E82E61F46D1336447F4DEFF8C074F13E ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie64.sys
08:01:59.0812 5664 AtiPcie - ok
08:01:59.0875 5664 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
08:01:59.0937 5664 AudioEndpointBuilder - ok
08:01:59.0953 5664 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
08:01:59.0953 5664 AudioSrv - ok
08:02:00.0000 5664 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
08:02:00.0031 5664 AxInstSV - ok
08:02:00.0093 5664 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
08:02:00.0109 5664 b06bdrv - ok
08:02:00.0156 5664 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
08:02:00.0171 5664 b57nd60a - ok
08:02:00.0202 5664 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
08:02:00.0234 5664 BDESVC - ok
08:02:00.0249 5664 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
08:02:00.0249 5664 Beep - ok
08:02:00.0343 5664 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
08:02:00.0358 5664 BFE - ok
08:02:00.0436 5664 [ 1B63F2B7CA6B5290CC124CDD07520BC9 ] BingDesktopUpdate C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
08:02:00.0436 5664 BingDesktopUpdate - ok
08:02:00.0499 5664 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
08:02:00.0546 5664 BITS - ok
08:02:00.0592 5664 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
08:02:00.0592 5664 blbdrive - ok
08:02:00.0670 5664 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
08:02:00.0686 5664 Bonjour Service - ok
08:02:00.0717 5664 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
08:02:00.0717 5664 bowser - ok
08:02:00.0748 5664 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
08:02:00.0748 5664 BrFiltLo - ok
08:02:00.0764 5664 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
08:02:00.0764 5664 BrFiltUp - ok
08:02:00.0811 5664 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
08:02:00.0811 5664 Browser - ok
08:02:00.0842 5664 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
08:02:00.0842 5664 Brserid - ok
08:02:00.0842 5664 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
08:02:00.0842 5664 BrSerWdm - ok
08:02:00.0858 5664 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
08:02:00.0858 5664 BrUsbMdm - ok
08:02:00.0873 5664 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
08:02:00.0873 5664 BrUsbSer - ok
08:02:00.0873 5664 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
08:02:00.0873 5664 BTHMODEM - ok
08:02:00.0920 5664 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
08:02:00.0967 5664 bthserv - ok
08:02:00.0998 5664 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
08:02:01.0029 5664 cdfs - ok
08:02:01.0076 5664 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
08:02:01.0076 5664 cdrom - ok
08:02:01.0123 5664 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
08:02:01.0170 5664 CertPropSvc - ok
08:02:01.0185 5664 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
08:02:01.0185 5664 circlass - ok
08:02:01.0216 5664 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
08:02:01.0216 5664 CLFS - ok
08:02:01.0279 5664 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:02:01.0341 5664 clr_optimization_v2.0.50727_32 - ok
08:02:01.0404 5664 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
08:02:01.0419 5664 clr_optimization_v2.0.50727_64 - ok
08:02:01.0482 5664 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
08:02:01.0497 5664 clr_optimization_v4.0.30319_32 - ok
08:02:01.0544 5664 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
08:02:01.0544 5664 clr_optimization_v4.0.30319_64 - ok
08:02:01.0575 5664 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
08:02:01.0575 5664 CmBatt - ok
08:02:01.0591 5664 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
08:02:01.0606 5664 cmdide - ok
08:02:01.0653 5664 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
08:02:01.0684 5664 CNG - ok
08:02:01.0716 5664 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
08:02:01.0716 5664 Compbatt - ok
08:02:01.0762 5664 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
08:02:01.0762 5664 CompositeBus - ok
08:02:01.0778 5664 COMSysApp - ok
08:02:01.0794 5664 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
08:02:01.0794 5664 crcdisk - ok
08:02:01.0872 5664 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
08:02:01.0872 5664 CryptSvc - ok
08:02:01.0981 5664 [ 5228B7A738DC90A06AE4F4A7412CB1E9 ] CrystalSysInfo C:\Program Files\MediaCoder\SysInfoX64.sys
08:02:02.0012 5664 CrystalSysInfo - ok
08:02:02.0121 5664 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
08:02:02.0137 5664 cvhsvc - ok
08:02:02.0215 5664 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
08:02:02.0215 5664 DcomLaunch - ok
08:02:02.0262 5664 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
08:02:02.0293 5664 defragsvc - ok
08:02:02.0340 5664 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
08:02:02.0371 5664 DfsC - ok
08:02:02.0418 5664 [ B9430166FEB246F6070A62B3554932C9 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
08:02:02.0433 5664 dg_ssudbus - ok
08:02:02.0464 5664 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
08:02:02.0464 5664 Dhcp - ok
08:02:02.0496 5664 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
08:02:02.0511 5664 discache - ok
08:02:02.0527 5664 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
08:02:02.0542 5664 Disk - ok
08:02:02.0558 5664 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
08:02:02.0574 5664 Dnscache - ok
08:02:02.0620 5664 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
08:02:02.0667 5664 dot3svc - ok
08:02:02.0698 5664 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
08:02:02.0698 5664 DPS - ok
08:02:02.0745 5664 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
08:02:02.0745 5664 drmkaud - ok
08:02:02.0823 5664 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
08:02:02.0854 5664 DXGKrnl - ok
08:02:02.0886 5664 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
08:02:02.0886 5664 EapHost - ok
08:02:02.0917 5664 [ 1E8D0E318D3F17B2EAAF993DB20C76F0 ] easytether C:\Windows\system32\DRIVERS\easytthr.sys
08:02:02.0932 5664 easytether - ok
08:02:02.0995 5664 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
08:02:03.0073 5664 ebdrv - ok
08:02:03.0120 5664 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
08:02:03.0135 5664 EFS - ok
08:02:03.0213 5664 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
08:02:03.0229 5664 ehRecvr - ok
08:02:03.0260 5664 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
08:02:03.0260 5664 ehSched - ok
08:02:03.0307 5664 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
08:02:03.0307 5664 elxstor - ok
08:02:03.0354 5664 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
08:02:03.0354 5664 ErrDev - ok
08:02:03.0400 5664 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
08:02:03.0400 5664 EventSystem - ok
08:02:03.0416 5664 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
08:02:03.0432 5664 exfat - ok
08:02:03.0525 5664 [ 6C5B729C5934E2D8EC0BD6762AAE9251 ] ExpatShieldService C:\Program Files (x86)\Expat Shield\bin\openvpnas.exe
08:02:03.0541 5664 ExpatShieldService - ok
08:02:03.0572 5664 [ 2CFEA9C337B699ACA38487E8A7438F35 ] ExpatSrv C:\Program Files (x86)\Expat Shield\HssWPR\hsssrv.exe
08:02:03.0588 5664 ExpatSrv - ok
08:02:03.0634 5664 [ C73830C0AA60BD62CBD16B45DA7D87FD ] ExpatTrayService C:\Program Files (x86)\Expat Shield\bin\ExpatTrayService.EXE
08:02:03.0712 5664 ExpatTrayService - ok
08:02:03.0728 5664 ExpatWd - ok
08:02:03.0744 5664 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
08:02:03.0775 5664 fastfat - ok
08:02:03.0822 5664 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
08:02:03.0837 5664 Fax - ok
08:02:03.0868 5664 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
08:02:03.0868 5664 fdc - ok
08:02:03.0900 5664 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
08:02:03.0900 5664 fdPHost - ok
08:02:03.0915 5664 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
08:02:03.0915 5664 FDResPub - ok
08:02:03.0931 5664 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
08:02:03.0962 5664 FileInfo - ok
08:02:03.0993 5664 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
08:02:04.0024 5664 Filetrace - ok
08:02:04.0040 5664 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
08:02:04.0040 5664 flpydisk - ok
08:02:04.0056 5664 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
08:02:04.0087 5664 FltMgr - ok
08:02:04.0134 5664 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
08:02:04.0149 5664 FontCache - ok
08:02:04.0196 5664 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
08:02:04.0243 5664 FontCache3.0.0.0 - ok
08:02:04.0274 5664 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
08:02:04.0321 5664 FsDepends - ok
08:02:04.0383 5664 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
08:02:04.0399 5664 Fs_Rec - ok
08:02:04.0430 5664 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
08:02:04.0446 5664 fvevol - ok
08:02:04.0461 5664 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
08:02:04.0477 5664 gagp30kx - ok
08:02:04.0539 5664 [ D154305DE6090E6E84E525F84BB08A06 ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
08:02:04.0617 5664 GameConsoleService - ok
08:02:04.0648 5664 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
08:02:04.0648 5664 GEARAspiWDM - ok
08:02:04.0711 5664 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
08:02:04.0773 5664 gpsvc - ok
08:02:04.0898 5664 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:02:04.0898 5664 gupdate - ok
08:02:04.0914 5664 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:02:04.0914 5664 gupdatem - ok
08:02:04.0945 5664 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
08:02:04.0945 5664 hcw85cir - ok
08:02:04.0992 5664 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
08:02:04.0992 5664 HdAudAddService - ok
08:02:05.0023 5664 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
08:02:05.0023 5664 HDAudBus - ok
08:02:05.0054 5664 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
08:02:05.0054 5664 HidBatt - ok
08:02:05.0070 5664 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
08:02:05.0070 5664 HidBth - ok
08:02:05.0085 5664 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
08:02:05.0085 5664 HidIr - ok
08:02:05.0101 5664 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
08:02:05.0101 5664 hidserv - ok
08:02:05.0132 5664 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
08:02:05.0132 5664 HidUsb - ok
08:02:05.0179 5664 [ 44F92C1F913E582BEF9CAC66443C6230 ] hitmanpro36 C:\Windows\system32\drivers\hitmanpro36.sys
08:02:05.0179 5664 hitmanpro36 - ok
08:02:05.0210 5664 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
08:02:05.0241 5664 hkmsvc - ok
08:02:05.0288 5664 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
08:02:05.0304 5664 HomeGroupListener - ok
08:02:05.0350 5664 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
08:02:05.0350 5664 HomeGroupProvider - ok
08:02:05.0444 5664 [ 13BB1114451C63BFB41BA7DAA4D70A29 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
08:02:05.0444 5664 HP Support Assistant Service - ok
08:02:05.0506 5664 [ DA075126F867727810EE9B98B3041C4C ] HPAuto C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe
08:02:05.0522 5664 HPAuto - ok
08:02:05.0538 5664 [ 3DC11A802353401332D49C3CBFBBE5FC ] HPClientSvc C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
08:02:05.0553 5664 HPClientSvc - ok
08:02:05.0616 5664 [ BCC4A8B2E2E902F52E7F2E7D8E125765 ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
08:02:05.0616 5664 HPDrvMntSvc.exe - ok
08:02:05.0662 5664 [ EC9739A46F1F83C6E52A7A4697F44A65 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
08:02:05.0803 5664 hpqwmiex - ok
08:02:05.0865 5664 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
08:02:05.0865 5664 HpSAMD - ok
08:02:05.0912 5664 [ 80B0C0D39178E80905E30FA92C0F6D43 ] HssDrv C:\Windows\system32\DRIVERS\HssDrv.sys
08:02:05.0928 5664 HssDrv - ok
08:02:05.0990 5664 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
08:02:06.0006 5664 HTTP - ok
08:02:06.0052 5664 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
08:02:06.0068 5664 hwpolicy - ok
08:02:06.0115 5664 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
08:02:06.0115 5664 i8042prt - ok
08:02:06.0162 5664 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
08:02:06.0162 5664 iaStorV - ok
08:02:06.0240 5664 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
08:02:06.0318 5664 idsvc - ok
08:02:06.0349 5664 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
08:02:06.0349 5664 iirsp - ok
08:02:06.0411 5664 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
08:02:06.0427 5664 IKEEXT - ok
08:02:06.0520 5664 [ 3C4B4EE54FEBB09F7E9F58776DE96DCA ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
08:02:06.0567 5664 IntcAzAudAddService - ok
08:02:06.0598 5664 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
08:02:06.0614 5664 intelide - ok
08:02:06.0645 5664 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
08:02:06.0645 5664 intelppm - ok
08:02:06.0676 5664 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
08:02:06.0723 5664 IPBusEnum - ok
08:02:06.0770 5664 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
08:02:06.0786 5664 IpFilterDriver - ok
08:02:06.0801 5664 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
08:02:06.0801 5664 IPMIDRV - ok
08:02:06.0832 5664 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
08:02:06.0879 5664 IPNAT - ok
08:02:06.0957 5664 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
08:02:06.0973 5664 iPod Service - ok
08:02:07.0004 5664 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
08:02:07.0020 5664 IRENUM - ok
08:02:07.0035 5664 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
08:02:07.0035 5664 isapnp - ok
08:02:07.0082 5664 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
08:02:07.0082 5664 iScsiPrt - ok
08:02:07.0113 5664 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
08:02:07.0113 5664 kbdclass - ok
08:02:07.0129 5664 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
08:02:07.0144 5664 kbdhid - ok
08:02:07.0160 5664 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
08:02:07.0160 5664 KeyIso - ok
08:02:07.0191 5664 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
08:02:07.0238 5664 KSecDD - ok
08:02:07.0269 5664 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
08:02:07.0332 5664 KSecPkg - ok
08:02:07.0378 5664 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
08:02:07.0394 5664 ksthunk - ok
08:02:07.0456 5664 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
08:02:07.0503 5664 KtmRm - ok
08:02:07.0566 5664 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
08:02:07.0581 5664 LanmanServer - ok
08:02:07.0628 5664 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
08:02:07.0628 5664 LanmanWorkstation - ok
08:02:07.0675 5664 [ FA4A45C179AB0E0F1A31B9751D4B18D7 ] LightScribeService c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
08:02:07.0675 5664 LightScribeService - ok
08:02:07.0706 5664 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
08:02:07.0706 5664 lltdio - ok
08:02:07.0753 5664 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
08:02:07.0784 5664 lltdsvc - ok
08:02:07.0800 5664 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
08:02:07.0815 5664 lmhosts - ok
08:02:07.0846 5664 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
08:02:07.0846 5664 LSI_FC - ok
08:02:07.0862 5664 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
08:02:07.0862 5664 LSI_SAS - ok
08:02:07.0878 5664 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
08:02:07.0878 5664 LSI_SAS2 - ok
08:02:07.0924 5664 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
08:02:07.0924 5664 LSI_SCSI - ok
08:02:07.0940 5664 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
08:02:07.0956 5664 luafv - ok
08:02:08.0034 5664 [ BF7EDCC7F904A0432A0E8925A2AFFD76 ] lvpopf64 C:\Windows\system32\DRIVERS\lvpopf64.sys
08:02:08.0034 5664 lvpopf64 - ok
08:02:08.0080 5664 [ B3944D06EB4B64D57BD7E5FE89415F58 ] LVPr2M64 C:\Windows\system32\DRIVERS\LVPr2M64.sys
08:02:08.0096 5664 LVPr2M64 - ok
08:02:08.0112 5664 [ B3944D06EB4B64D57BD7E5FE89415F58 ] LVPr2Mon C:\Windows\system32\DRIVERS\LVPr2M64.sys
08:02:08.0112 5664 LVPr2Mon - ok
08:02:08.0159 5664 [ 0C85B2B6FB74B36A251792D45E0EF860 ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys
08:02:08.0159 5664 LVRS64 - ok
08:02:08.0299 5664 [ FF3A488924B0032B1A9CA6948C1FA9E8 ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys
08:02:08.0377 5664 LVUVC64 - ok
08:02:08.0424 5664 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
08:02:08.0455 5664 Mcx2Svc - ok
08:02:08.0486 5664 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
08:02:08.0486 5664 megasas - ok
08:02:08.0502 5664 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
08:02:08.0502 5664 MegaSR - ok
08:02:08.0533 5664 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
08:02:08.0533 5664 MMCSS - ok
08:02:08.0549 5664 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
08:02:08.0564 5664 Modem - ok
08:02:08.0595 5664 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
08:02:08.0595 5664 monitor - ok
08:02:08.0627 5664 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
08:02:08.0627 5664 mouclass - ok
08:02:08.0642 5664 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
08:02:08.0642 5664 mouhid - ok
08:02:08.0673 5664 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
08:02:08.0720 5664 mountmgr - ok
08:02:08.0783 5664 [ 4D7F2682D29B92A6251B17957AA0B985 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
08:02:08.0845 5664 MozillaMaintenance - ok
08:02:08.0923 5664 [ 05BF204EC0E82CC4A054DB189C8A3D84 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
08:02:08.0923 5664 MpFilter - ok
08:02:08.0954 5664 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
08:02:08.0970 5664 mpio - ok
08:02:08.0985 5664 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
08:02:08.0985 5664 mpsdrv - ok
08:02:09.0079 5664 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
08:02:09.0095 5664 MpsSvc - ok
08:02:09.0141 5664 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
08:02:09.0157 5664 MRxDAV - ok
08:02:09.0188 5664 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
08:02:09.0204 5664 mrxsmb - ok
08:02:09.0235 5664 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
08:02:09.0251 5664 mrxsmb10 - ok
08:02:09.0266 5664 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
08:02:09.0266 5664 mrxsmb20 - ok
08:02:09.0282 5664 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
08:02:09.0282 5664 msahci - ok
08:02:09.0313 5664 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
08:02:09.0313 5664 msdsm - ok
08:02:09.0344 5664 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
08:02:09.0407 5664 MSDTC - ok
08:02:09.0438 5664 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
08:02:09.0453 5664 Msfs - ok
08:02:09.0469 5664 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
08:02:09.0516 5664 mshidkmdf - ok
08:02:09.0547 5664 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
08:02:09.0547 5664 msisadrv - ok
08:02:09.0594 5664 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
08:02:09.0609 5664 MSiSCSI - ok
08:02:09.0625 5664 msiserver - ok
08:02:09.0641 5664 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
08:02:09.0656 5664 MSKSSRV - ok
08:02:09.0750 5664 [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
08:02:09.0750 5664 MsMpSvc - ok
08:02:09.0781 5664 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
08:02:09.0797 5664 MSPCLOCK - ok
08:02:09.0797 5664 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
08:02:09.0812 5664 MSPQM - ok
08:02:09.0875 5664 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
08:02:14.0913 5664 MsRPC - ok
08:02:15.0007 5664 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
08:02:15.0054 5664 mssmbios - ok
08:02:15.0085 5664 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
08:02:15.0147 5664 MSTEE - ok
08:02:15.0147 5664 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
08:02:15.0147 5664 MTConfig - ok
08:02:15.0179 5664 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
08:02:15.0194 5664 Mup - ok
08:02:15.0225 5664 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
08:02:15.0225 5664 napagent - ok
08:02:15.0257 5664 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
08:02:15.0257 5664 NativeWifiP - ok
08:02:15.0319 5664 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
08:02:15.0319 5664 NDIS - ok
08:02:15.0335 5664 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
08:02:15.0366 5664 NdisCap - ok
08:02:15.0413 5664 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
08:02:15.0428 5664 NdisTapi - ok
08:02:15.0475 5664 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
08:02:15.0475 5664 Ndisuio - ok
08:02:15.0506 5664 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
08:02:15.0553 5664 NdisWan - ok
08:02:15.0584 5664 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
08:02:15.0631 5664 NDProxy - ok
08:02:15.0662 5664 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
08:02:15.0678 5664 NetBIOS - ok
08:02:15.0709 5664 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
08:02:15.0725 5664 NetBT - ok
08:02:15.0740 5664 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
08:02:15.0740 5664 Netlogon - ok
08:02:15.0787 5664 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
08:02:15.0787 5664 Netman - ok
08:02:15.0818 5664 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
08:02:15.0818 5664 netprofm - ok
08:02:15.0881 5664 [ EED1FBDE98CF5F6D5C0C5B27AB1F68EC ] netr28ux C:\Windows\system32\DRIVERS\netr28ux.sys
08:02:15.0896 5664 netr28ux - ok
08:02:15.0912 5664 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
08:02:15.0943 5664 NetTcpPortSharing - ok
08:02:15.0974 5664 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
08:02:15.0974 5664 nfrd960 - ok
08:02:16.0068 5664 [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
08:02:16.0068 5664 NisDrv - ok
08:02:16.0115 5664 [ 79E80B10FE8F6662E0C9162A68C43444 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
08:02:16.0161 5664 NisSrv - ok
08:02:16.0208 5664 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
08:02:16.0224 5664 NlaSvc - ok
08:02:16.0239 5664 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
08:02:16.0255 5664 Npfs - ok
08:02:16.0286 5664 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
08:02:16.0286 5664 nsi - ok
08:02:16.0302 5664 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
08:02:16.0317 5664 nsiproxy - ok
08:02:16.0380 5664 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
08:02:16.0473 5664 Ntfs - ok
08:02:16.0489 5664 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
08:02:16.0520 5664 Null - ok
08:02:16.0536 5664 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
08:02:16.0551 5664 nvraid - ok
08:02:16.0567 5664 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
08:02:16.0583 5664 nvstor - ok
08:02:16.0614 5664 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
08:02:16.0614 5664 nv_agp - ok
08:02:16.0629 5664 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
08:02:16.0645 5664 ohci1394 - ok
08:02:16.0692 5664 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
08:02:16.0785 5664 ose - ok
08:02:16.0957 5664 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
08:02:17.0432 5664 osppsvc - ok
08:02:17.0488 5664 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
08:02:17.0493 5664 p2pimsvc - ok
08:02:17.0513 5664 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
08:02:17.0519 5664 p2psvc - ok
08:02:17.0539 5664 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
08:02:17.0541 5664 Parport - ok
08:02:17.0589 5664 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
08:02:17.0619 5664 partmgr - ok
08:02:17.0652 5664 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
08:02:17.0655 5664 PcaSvc - ok
08:02:17.0700 5664 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
08:02:17.0703 5664 pci - ok
08:02:17.0723 5664 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
08:02:17.0724 5664 pciide - ok
08:02:17.0748 5664 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
08:02:17.0751 5664 pcmcia - ok
08:02:17.0766 5664 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
08:02:17.0781 5664 pcw - ok
08:02:17.0804 5664 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
08:02:17.0811 5664 PEAUTH - ok
08:02:17.0908 5664 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
08:02:17.0933 5664 PerfHost - ok
08:02:18.0008 5664 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
08:02:18.0059 5664 pla - ok
08:02:18.0093 5664 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
08:02:18.0127 5664 PlugPlay - ok
08:02:18.0153 5664 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
08:02:18.0178 5664 PNRPAutoReg - ok
08:02:18.0195 5664 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
08:02:18.0198 5664 PNRPsvc - ok
08:02:18.0224 5664 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
08:02:18.0231 5664 PolicyAgent - ok
08:02:18.0255 5664 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
08:02:18.0292 5664 Power - ok
08:02:18.0321 5664 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
08:02:18.0337 5664 PptpMiniport - ok
08:02:18.0390 5664 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
08:02:18.0392 5664 Processor - ok
08:02:18.0440 5664 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
08:02:18.0491 5664 ProfSvc - ok
08:02:18.0523 5664 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
08:02:18.0524 5664 ProtectedStorage - ok
08:02:18.0569 5664 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
08:02:18.0585 5664 Psched - ok
08:02:18.0621 5664 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
08:02:18.0655 5664 ql2300 - ok
08:02:18.0668 5664 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
08:02:18.0670 5664 ql40xx - ok
08:02:18.0693 5664 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
08:02:18.0750 5664 QWAVE - ok
08:02:18.0780 5664 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
08:02:18.0796 5664 QWAVEdrv - ok
08:02:18.0805 5664 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
08:02:18.0818 5664 RasAcd - ok
08:02:18.0838 5664 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
08:02:18.0852 5664 RasAgileVpn - ok
08:02:18.0869 5664 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
08:02:18.0897 5664 RasAuto - ok
08:02:18.0943 5664 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
08:02:18.0975 5664 Rasl2tp - ok
08:02:19.0002 5664 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
08:02:19.0035 5664 RasMan - ok
08:02:19.0052 5664 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
08:02:19.0067 5664 RasPppoe - ok
08:02:19.0079 5664 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
08:02:19.0095 5664 RasSstp - ok
08:02:19.0143 5664 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
08:02:19.0167 5664 rdbss - ok
08:02:19.0184 5664 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
08:02:19.0185 5664 rdpbus - ok
08:02:19.0205 5664 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
08:02:19.0217 5664 RDPCDD - ok
08:02:19.0232 5664 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
08:02:19.0243 5664 RDPENCDD - ok
08:02:19.0261 5664 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
08:02:19.0272 5664 RDPREFMP - ok
08:02:19.0311 5664 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
08:02:19.0330 5664 RDPWD - ok
08:02:19.0377 5664 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
08:02:19.0397 5664 rdyboost - ok
08:02:19.0432 5664 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
08:02:19.0476 5664 RemoteAccess - ok
08:02:19.0517 5664 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
08:02:19.0567 5664 RemoteRegistry - ok
08:02:19.0660 5664 [ C1568E17039B2EC2B73A4F880DDD51E5 ] RoxioNow Service C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
08:02:19.0669 5664 RoxioNow Service - ok
08:02:19.0706 5664 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
08:02:19.0731 5664 RpcEptMapper - ok
08:02:19.0756 5664 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
08:02:19.0772 5664 RpcLocator - ok
08:02:19.0817 5664 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
08:02:19.0822 5664 RpcSs - ok
08:02:19.0851 5664 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
08:02:19.0853 5664 rspndr - ok
08:02:19.0911 5664 [ AFC12DFA4C7B089673AD67402CA19EDB ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
08:02:19.0921 5664 RTL8167 - ok
08:02:19.0946 5664 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
08:02:19.0948 5664 SamSs - ok
08:02:19.0980 5664 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
08:02:19.0982 5664 sbp2port - ok
08:02:20.0023 5664 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
08:02:20.0078 5664 SCardSvr - ok
08:02:20.0115 5664 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
08:02:20.0127 5664 scfilter - ok
08:02:20.0191 5664 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
08:02:20.0221 5664 Schedule - ok
08:02:20.0267 5664 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
08:02:20.0269 5664 SCPolicySvc - ok
08:02:20.0288 5664 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
08:02:20.0326 5664 SDRSVC - ok
08:02:20.0354 5664 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
08:02:20.0356 5664 secdrv - ok
08:02:20.0372 5664 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
08:02:20.0396 5664 seclogon - ok
08:02:20.0418 5664 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
08:02:20.0421 5664 SENS - ok
08:02:20.0439 5664 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
08:02:20.0470 5664 SensrSvc - ok
08:02:20.0496 5664 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
08:02:20.0497 5664 Serenum - ok
08:02:20.0514 5664 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
08:02:20.0516 5664 Serial - ok
08:02:20.0555 5664 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
08:02:20.0557 5664 sermouse - ok
08:02:20.0680 5664 [ 91E844F7E8AAAF72FFEAD7C13452EDE3 ] Serviio C:\Program Files\Serviio\bin\ServiioService.exe
08:02:20.0685 5664 Serviio - ok
08:02:20.0737 5664 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
08:02:20.0785 5664 SessionEnv - ok
08:02:20.0811 5664 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
08:02:20.0812 5664 sffdisk - ok
08:02:20.0832 5664 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
08:02:20.0833 5664 sffp_mmc - ok
08:02:20.0851 5664 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
08:02:20.0852 5664 sffp_sd - ok
08:02:20.0891 5664 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
08:02:20.0892 5664 sfloppy - ok
08:02:20.0945 5664 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
08:02:20.0954 5664 Sftfs - ok
08:02:21.0035 5664 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
08:02:21.0042 5664 sftlist - ok
08:02:21.0070 5664 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
08:02:21.0074 5664 Sftplay - ok
08:02:21.0114 5664 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
08:02:21.0115 5664 Sftredir - ok
08:02:21.0129 5664 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
08:02:21.0130 5664 Sftvol - ok
08:02:21.0149 5664 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
08:02:21.0153 5664 sftvsa - ok
08:02:21.0178 5664 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
08:02:21.0210 5664 SharedAccess - ok
08:02:21.0263 5664 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
08:02:21.0269 5664 ShellHWDetection - ok
08:02:21.0299 5664 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
08:02:21.0301 5664 SiSRaid2 - ok
08:02:21.0334 5664 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
08:02:21.0336 5664 SiSRaid4 - ok
08:02:21.0503 5664 [ 753D254205E0A62100A050BD8B458D06 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
08:02:21.0549 5664 Skype C2C Service - ok
08:02:21.0595 5664 [ E62ABB10E4E6C2563C8311B7B75E3431 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
08:02:21.0598 5664 SkypeUpdate - ok
08:02:21.0619 5664 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
08:02:21.0636 5664 Smb - ok
08:02:21.0666 5664 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
08:02:21.0688 5664 SNMPTRAP - ok
08:02:21.0715 5664 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
08:02:21.0727 5664 spldr - ok
08:02:21.0762 5664 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
08:02:21.0770 5664 Spooler - ok
08:02:21.0862 5664 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
08:02:21.0922 5664 sppsvc - ok
08:02:21.0936 5664 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
08:02:21.0962 5664 sppuinotify - ok
08:02:22.0078 5664 [ D519AD2DE7968CD2B47FEA807C5B29B2 ] sptd C:\Windows\System32\Drivers\sptd.sys
08:02:22.0079 5664 Suspicious file (NoAccess): C:\Windows\System32\Drivers\sptd.sys. md5: D519AD2DE7968CD2B47FEA807C5B29B2
08:02:22.0083 5664 sptd ( LockedFile.Multi.Generic ) - warning
08:02:22.0083 5664 sptd - detected LockedFile.Multi.Generic (1)
08:02:22.0111 5664 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
08:02:22.0117 5664 srv - ok
08:02:22.0137 5664 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
08:02:22.0142 5664 srv2 - ok
08:02:22.0162 5664 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
08:02:22.0165 5664 srvnet - ok
08:02:22.0191 5664 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
08:02:22.0195 5664 SSDPSRV - ok
08:02:22.0210 5664 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
08:02:22.0236 5664 SstpSvc - ok
08:02:22.0312 5664 [ C692C94FE55CAD0633440236022C27B3 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
08:02:22.0318 5664 ssudmdm - ok
08:02:22.0350 5664 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
08:02:22.0352 5664 stexstor - ok
08:02:22.0420 5664 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
08:02:22.0436 5664 stisvc - ok
08:02:22.0477 5664 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
08:02:22.0478 5664 swenum - ok
08:02:22.0499 5664 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
08:02:22.0542 5664 swprv - ok
08:02:22.0623 5664 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
08:02:22.0662 5664 SysMain - ok
08:02:22.0715 5664 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
08:02:22.0741 5664 TabletInputService - ok
08:02:22.0803 5664 [ F33FDC72298DF4BF9813A55D21F4EB31 ] taphss C:\Windows\system32\DRIVERS\taphss.sys
08:02:22.0807 5664 taphss - ok
08:02:22.0852 5664 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
08:02:22.0884 5664 TapiSrv - ok
08:02:22.0899 5664 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
08:02:22.0930 5664 TBS - ok
08:02:22.0980 5664 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
08:02:23.0037 5664 Tcpip - ok
08:02:23.0089 5664 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
08:02:23.0102 5664 TCPIP6 - ok
08:02:23.0148 5664 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
08:02:23.0150 5664 tcpipreg - ok
08:02:23.0181 5664 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
08:02:23.0196 5664 TDPIPE - ok
08:02:23.0236 5664 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
08:02:23.0247 5664 TDTCP - ok
08:02:23.0292 5664 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
08:02:23.0326 5664 tdx - ok
08:02:23.0363 5664 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
08:02:23.0365 5664 TermDD - ok
08:02:23.0390 5664 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
08:02:23.0427 5664 TermService - ok
08:02:23.0452 5664 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
08:02:23.0478 5664 Themes - ok
08:02:23.0503 5664 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
08:02:23.0505 5664 THREADORDER - ok
08:02:23.0523 5664 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
08:02:23.0526 5664 TrkWks - ok
08:02:23.0592 5664 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
08:02:23.0638 5664 TrustedInstaller - ok
08:02:23.0683 5664 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
08:02:23.0695 5664 tssecsrv - ok
08:02:23.0754 5664 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
08:02:23.0786 5664 TsUsbFlt - ok
08:02:23.0844 5664 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
08:02:23.0883 5664 tunnel - ok
08:02:23.0923 5664 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
08:02:23.0925 5664 uagp35 - ok
08:02:23.0952 5664 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
08:02:23.0957 5664 udfs - ok
08:02:23.0990 5664 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
08:02:24.0012 5664 UI0Detect - ok
08:02:24.0042 5664 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
08:02:24.0044 5664 uliagpkx - ok
08:02:24.0095 5664 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
08:02:24.0097 5664 umbus - ok
08:02:24.0117 5664 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
08:02:24.0119 5664 UmPass - ok
08:02:24.0215 5664 [ 67A95B9D129ED5399E7965CD09CF30E7 ] UMVPFSrv C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
08:02:24.0224 5664 UMVPFSrv - ok
08:02:24.0254 5664 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
08:02:24.0260 5664 upnphost - ok
08:02:24.0282 5664 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
08:02:24.0285 5664 usbaudio - ok
08:02:24.0323 5664 [ 1F9863697DF570D371C49DDAF4BC0AD8 ] usbbus C:\Windows\system32\DRIVERS\lgx64bus.sys
08:02:24.0325 5664 usbbus - ok
08:02:24.0375 5664 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
08:02:24.0392 5664 usbccgp - ok
08:02:24.0457 5664 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
08:02:24.0461 5664 usbcir - ok
08:02:24.0506 5664 [ E82F1B8DFC1DEF412B749C685041D8D5 ] UsbDiag C:\Windows\system32\DRIVERS\lgx64diag.sys
08:02:24.0508 5664 UsbDiag - ok
08:02:24.0531 5664 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
08:02:24.0533 5664 usbehci - ok
08:02:24.0557 5664 [ 2C780746DC44A28FE67004DC58173F05 ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys
08:02:24.0558 5664 usbfilter - ok
08:02:24.0577 5664 [ 9211BC0F0EB4B4D599D84CA54512622B ] UsbGps C:\Windows\system32\DRIVERS\lgx64gps.sys
08:02:24.0578 5664 UsbGps - ok
08:02:24.0604 5664 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
08:02:24.0608 5664 usbhub - ok
08:02:24.0629 5664 [ 1FFAD96D8F6519728F0C4708AA9637DF ] USBModem C:\Windows\system32\DRIVERS\lgx64modem.sys
08:02:24.0630 5664 USBModem - ok
08:02:24.0644 5664 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
08:02:24.0646 5664 usbohci - ok
08:02:24.0674 5664 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
08:02:24.0675 5664 usbprint - ok
08:02:24.0716 5664 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
08:02:24.0718 5664 usbscan - ok
08:02:24.0732 5664 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
08:02:24.0735 5664 USBSTOR - ok
08:02:24.0753 5664 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
08:02:24.0755 5664 usbuhci - ok
08:02:24.0772 5664 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
08:02:24.0774 5664 usbvideo - ok
08:02:24.0798 5664 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
08:02:24.0801 5664 UxSms - ok
08:02:24.0810 5664 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
08:02:24.0811 5664 VaultSvc - ok
08:02:24.0835 5664 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
08:02:24.0837 5664 vdrvroot - ok
08:02:24.0890 5664 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
08:02:24.0919 5664 vds - ok
08:02:24.0937 5664 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
08:02:24.0939 5664 vga - ok
08:02:24.0954 5664 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
08:02:24.0966 5664 VgaSave - ok
08:02:24.0989 5664 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
08:02:24.0992 5664 vhdmp - ok
08:02:25.0013 5664 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
08:02:25.0015 5664 viaide - ok
08:02:25.0073 5664 [ 1EC5AB44218A40A2125C83F1B995BBA0 ] VNWUND6V C:\Windows\system32\DRIVERS\VW7UX64V.SYS
08:02:25.0079 5664 VNWUND6V - ok
08:02:25.0096 5664 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
08:02:25.0102 5664 volmgr - ok
08:02:25.0148 5664 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
08:02:25.0193 5664 volmgrx - ok
08:02:25.0215 5664 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
08:02:25.0219 5664 volsnap - ok
08:02:25.0257 5664 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
08:02:25.0260 5664 vsmraid - ok
08:02:25.0329 5664 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
08:02:25.0448 5664 VSS - ok
08:02:25.0463 5664 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
08:02:25.0478 5664 vwifibus - ok
08:02:25.0501 5664 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
08:02:25.0524 5664 vwififlt - ok
08:02:25.0573 5664 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
08:02:25.0623 5664 W32Time - ok
08:02:25.0637 5664 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
08:02:25.0638 5664 WacomPen - ok
08:02:25.0690 5664 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
08:02:25.0709 5664 WANARP - ok
08:02:25.0718 5664 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
08:02:25.0719 5664 Wanarpv6 - ok
08:02:25.0771 5664 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
08:02:25.0797 5664 WatAdminSvc - ok
08:02:25.0905 5664 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
08:02:26.0086 5664 wbengine - ok
08:02:26.0138 5664 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
08:02:26.0165 5664 WbioSrvc - ok
08:02:26.0204 5664 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
08:02:26.0415 5664 wcncsvc - ok
08:02:26.0430 5664 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
08:02:26.0546 5664 WcsPlugInService - ok
08:02:26.0576 5664 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
08:02:26.0590 5664 Wd - ok
08:02:26.0628 5664 [ A3D04EBF5227886029B4532F20D026F7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam64.sys
08:02:26.0636 5664 WDC_SAM - ok
08:02:26.0685 5664 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
08:02:26.0693 5664 Wdf01000 - ok
08:02:26.0714 5664 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
08:02:26.0717 5664 WdiServiceHost - ok
08:02:26.0726 5664 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
08:02:26.0729 5664 WdiSystemHost - ok
08:02:26.0778 5664 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
08:02:26.0956 5664 WebClient - ok
08:02:26.0983 5664 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
08:02:27.0081 5664 Wecsvc - ok
08:02:27.0097 5664 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
08:02:27.0100 5664 wercplsupport - ok
08:02:27.0116 5664 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
08:02:27.0120 5664 WerSvc - ok
08:02:27.0135 5664 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
08:02:27.0145 5664 WfpLwf - ok
08:02:27.0172 5664 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
08:02:27.0186 5664 WIMMount - ok
08:02:27.0225 5664 WinDefend - ok
08:02:27.0238 5664 WinHttpAutoProxySvc - ok
08:02:27.0287 5664 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
08:02:27.0293 5664 Winmgmt - ok
08:02:27.0396 5664 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
08:02:27.0463 5664 WinRM - ok
08:02:27.0529 5664 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
08:02:27.0531 5664 WinUsb - ok
08:02:27.0570 5664 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
08:02:27.0581 5664 Wlansvc - ok
08:02:27.0676 5664 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
08:02:27.0722 5664 wlidsvc - ok
08:02:27.0747 5664 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
08:02:27.0748 5664 WmiAcpi - ok
08:02:27.0780 5664 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
08:02:27.0805 5664 wmiApSrv - ok
08:02:27.0831 5664 WMPNetworkSvc - ok
08:02:27.0849 5664 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
08:02:27.0873 5664 WPCSvc - ok
08:02:27.0912 5664 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
08:02:27.0915 5664 WPDBusEnum - ok
08:02:27.0927 5664 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
08:02:27.0941 5664 ws2ifsl - ok
08:02:27.0995 5664 [ AD12F5C7251BB8D575D560894E73CBBA ] WsAudio_DeviceS(1) C:\Windows\system32\drivers\WsAudio_DeviceS(1).sys
08:02:28.0025 5664 WsAudio_DeviceS(1) - ok
08:02:28.0064 5664 [ AD12F5C7251BB8D575D560894E73CBBA ] WsAudio_DeviceS(2) C:\Windows\system32\drivers\WsAudio_DeviceS(2).sys
08:02:28.0078 5664 WsAudio_DeviceS(2) - ok
08:02:28.0123 5664 [ AD12F5C7251BB8D575D560894E73CBBA ] WsAudio_DeviceS(3) C:\Windows\system32\drivers\WsAudio_DeviceS(3).sys
08:02:28.0138 5664 WsAudio_DeviceS(3) - ok
08:02:28.0168 5664 [ AD12F5C7251BB8D575D560894E73CBBA ] WsAudio_DeviceS(4) C:\Windows\system32\drivers\WsAudio_DeviceS(4).sys
08:02:28.0183 5664 WsAudio_DeviceS(4) - ok
08:02:28.0203 5664 [ AD12F5C7251BB8D575D560894E73CBBA ] WsAudio_DeviceS(5) C:\Windows\system32\drivers\WsAudio_DeviceS(5).sys
08:02:28.0218 5664 WsAudio_DeviceS(5) - ok
08:02:28.0248 5664 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
08:02:28.0252 5664 wscsvc - ok
08:02:28.0261 5664 WSearch - ok
08:02:28.0361 5664 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
08:02:28.0402 5664 wuauserv - ok
08:02:28.0438 5664 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
08:02:28.0457 5664 WudfPf - ok
08:02:28.0481 5664 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
08:02:28.0485 5664 WUDFRd - ok
08:02:28.0522 5664 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
08:02:28.0526 5664 wudfsvc - ok
08:02:28.0546 5664 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
08:02:28.0582 5664 WwanSvc - ok
08:02:28.0633 5664 ================ Scan global ===============================
08:02:28.0645 5664 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
08:02:28.0736 5664 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
08:02:28.0776 5664 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
08:02:28.0794 5664 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
08:02:28.0856 5664 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
08:02:28.0861 5664 [Global] - ok
08:02:28.0864 5664 ================ Scan MBR ==================================
08:02:28.0869 5664 [ 302263095AAE667DFC05A3DDBF231A84 ] \Device\Harddisk0\DR0
08:02:29.0099 5664 \Device\Harddisk0\DR0 - ok
08:02:29.0114 5664 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
08:02:29.0276 5664 \Device\Harddisk1\DR1 - ok
08:02:29.0284 5664 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk2\DR2
08:02:29.0459 5664 \Device\Harddisk2\DR2 - ok
08:02:29.0467 5664 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk3\DR3
08:02:29.0661 5664 \Device\Harddisk3\DR3 - ok
08:02:29.0685 5664 [ 31CFC50FBD443DAEEC9A5C7AE8DA8F6D ] \Device\Harddisk4\DR4
08:02:39.0274 5664 \Device\Harddisk4\DR4 - ok
08:02:39.0280 5664 ================ Scan VBR ==================================
08:02:39.0299 5664 [ 6863BF879D1D7041AB31FD820FB1F46E ] \Device\Harddisk0\DR0\Partition1
08:02:39.0304 5664 \Device\Harddisk0\DR0\Partition1 - ok
08:02:39.0325 5664 [ 9288CD940D0EE18BEAE72B629260DAD6 ] \Device\Harddisk0\DR0\Partition2
08:02:39.0328 5664 \Device\Harddisk0\DR0\Partition2 - ok
08:02:39.0361 5664 [ 77BB49DA708BAF7F56EB905CCA881B12 ] \Device\Harddisk0\DR0\Partition3
08:02:39.0363 5664 \Device\Harddisk0\DR0\Partition3 - ok
08:02:39.0372 5664 [ 2B943EA0D531A246CBE1D16D793BF588 ] \Device\Harddisk1\DR1\Partition1
08:02:39.0376 5664 \Device\Harddisk1\DR1\Partition1 - ok
08:02:39.0384 5664 [ EE3DC49BBC7BDFB67117D318E9B51AA1 ] \Device\Harddisk2\DR2\Partition1
08:02:39.0387 5664 \Device\Harddisk2\DR2\Partition1 - ok
08:02:39.0395 5664 [ 9B54094B0A5423783D7A6E1ACCEC24AD ] \Device\Harddisk3\DR3\Partition1
08:02:39.0399 5664 \Device\Harddisk3\DR3\Partition1 - ok
08:02:39.0407 5664 [ 21FF2B586E4DD41563512246C3ED0744 ] \Device\Harddisk4\DR4\Partition1
08:02:39.0409 5664 \Device\Harddisk4\DR4\Partition1 - ok
08:02:39.0412 5664 ============================================================
08:02:39.0412 5664 Scan finished
08:02:39.0412 5664 ============================================================
08:02:39.0426 0244 Detected object count: 1
08:02:39.0426 0244 Actual detected object count: 1
08:02:51.0079 0244 sptd ( LockedFile.Multi.Generic ) - skipped by user
08:02:51.0079 0244 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
10:51:40.0596 5428 Deinitialize success


aswMBR:

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-10-25 08:04:01
-----------------------------
08:04:01.405 OS Version: Windows x64 6.1.7601 Service Pack 1
08:04:01.405 Number of processors: 1 586 0x603
08:04:01.406 ComputerName: MATTHEWEDWARDS UserName:
08:04:03.006 Initialize success
08:05:36.850 AVAST engine defs: 12102501
08:06:28.866 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000005e
08:06:28.868 Disk 0 Vendor: ST350041 HP35 Size: 476940MB BusType: 11
08:06:28.870 Disk 1 \Device\Harddisk1\DR1 -> \Device\00000079
08:06:28.872 Disk 1 Vendor: Size: 476940MB BusType: 0
08:06:28.875 Disk 2 \Device\Harddisk2\DR2 -> \Device\00000086
08:06:28.877 Disk 2 Vendor: Size: 476940MB BusType: 0
08:06:28.881 Disk 3 \Device\Harddisk3\DR3 -> \Device\00000089
08:06:28.884 Disk 3 Vendor: Size: 476940MB BusType: 0
08:06:28.888 Disk 4 \Device\Harddisk4\DR4 -> \Device\00000096
08:06:28.891 Disk 4 Vendor: Size: 476940MB BusType: 0
08:06:28.907 Disk 0 MBR read successfully
08:06:28.911 Disk 0 MBR scan
08:06:29.004 Disk 0 unknown MBR code
08:06:29.014 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
08:06:29.062 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 465078 MB offset 206848
08:06:29.126 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 11760 MB offset 952686592
08:06:29.216 Disk 0 scanning C:\Windows\system32\drivers
08:06:55.549 Service scanning
08:07:38.627 Modules scanning
08:07:38.642 Disk 0 trace - called modules:
08:07:38.655 ntoskrnl.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0xfffffa800369e2c0]<<sptd.sys amd_xata.sys storport.sys hal.dll amd_sata.sys
08:07:38.662 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80042c2060]
08:07:38.670 3 CLASSPNP.SYS[fffff8800127543f] -> nt!IofCallDriver -> [0xfffffa80040d5ac0]
08:07:38.677 \Driver\amd_xata[0xfffffa8004075930] -> IRP_MJ_CREATE -> 0xfffffa800369e2c0
08:07:38.682 5 amd_xata.sys[fffff880011698b4] -> nt!IofCallDriver -> \Device\0000005e[0xfffffa80040d1960]
08:07:38.688 \Driver\amd_sata[0xfffffa8004075060] -> IRP_MJ_CREATE -> 0xfffffa800369c2c0
08:07:43.478 AVAST engine scan C:\Windows
08:07:55.694 AVAST engine scan C:\Windows\system32
08:15:26.359 AVAST engine scan C:\Windows\system32\drivers
08:15:53.964 AVAST engine scan C:\Users\Matthew Edwards
08:52:52.840 AVAST engine scan C:\ProgramData
09:00:57.008 Scan finished successfully
09:41:58.931 Disk 0 MBR has been saved successfully to "C:\Users\Matthew Edwards\Desktop\MBR.dat"
09:41:58.954 The log file has been saved successfully to "C:\Users\Matthew Edwards\Desktop\aswMBR.txt"


ESET Online Scanner:

G:\DEXTER_S1D4\bonus\startup.exe probably a variant of Win32/Agent.BTLJLJY trojan cleaned by deleting - quarantined


Thank you :)

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:57 PM

Posted 25 October 2012 - 06:39 PM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.

#5 mewikime

mewikime
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:09:57 AM

Posted 25 October 2012 - 10:26 PM

Thanks again. Here are the logs from the next set of scans:

Malwarebytes:

Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Database version: v2012.10.25.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Matthew Edwards :: MATTHEWEDWARDS [administrator]

10/25/2012 7:31:34 PM
mbam-log-2012-10-25 (19-31-34).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 202811
Time elapsed: 4 minute(s), 52 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


Minitoolbox:

MiniToolBox by Farbar Version: 23-07-2012
Ran by Matthew Edwards (administrator) on 25-10-2012 at 19:38:14
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================




127.0.0.1 localhost

========================= IP Configuration: ================================

Realtek PCIe FE Family Controller = Local Area Connection (Connected)
EasyTether Network Adapter = Local Area Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
add route prefix=0.0.0.0/0 interface="Local Area Connection" nexthop=192.168.0.1 publish=Yes
add address name="Local Area Connection" address=192.168.0.18 mask=255.255.255.0


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : MatthewEdwards
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection* 19:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Anchorfree HSS Adapter
Physical Address. . . . . . . . . : 00-FF-1B-12-89-70
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : EasyTether Network Adapter
Physical Address. . . . . . . . . : 02-00-54-74-68-72
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
Physical Address. . . . . . . . . : 78-AC-C0-A1-70-ED
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::3114:4586:4903:9ec8%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.18(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.0.1
DHCPv6 IAID . . . . . . . . . . . : 259566784
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-2C-94-E7-78-AC-C0-A7-47-48
DNS Servers . . . . . . . . . . . : 209.18.47.61
209.18.47.62
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Reusable ISATAP Interface {BD6C2222-503E-48F3-91F2-829D6EA3A481}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{C63FF253-0628-4142-92D7-E93D60655951}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: dns-cac-lb-01.rr.com
Address: 209.18.47.61

Name: google.com
Addresses: 2001:4860:4007:801::1009
74.125.224.224
74.125.224.225
74.125.224.226
74.125.224.227
74.125.224.228
74.125.224.229
74.125.224.230
74.125.224.231
74.125.224.232
74.125.224.233
74.125.224.238


Pinging google.com [74.125.224.169] with 32 bytes of data:
Reply from 74.125.224.169: bytes=32 time=1643ms TTL=55
Reply from 74.125.224.169: bytes=32 time=1764ms TTL=55

Ping statistics for 74.125.224.169:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 1643ms, Maximum = 1764ms, Average = 1703ms
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 209.18.47.61

Name: yahoo.com
Addresses: 72.30.38.140
98.138.253.109
98.139.183.24


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=1756ms TTL=47
Reply from 98.139.183.24: bytes=32 time=1630ms TTL=47

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 1630ms, Maximum = 1756ms, Average = 1693ms
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 209.18.47.61

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
28...00 ff 1b 12 89 70 ......Anchorfree HSS Adapter
11...02 00 54 74 68 72 ......EasyTether Network Adapter
10...78 ac c0 a1 70 ed ......Realtek PCIe FE Family Controller
1...........................Software Loopback Interface 1
18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
19...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.18 286
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.0.0 255.255.255.0 On-link 192.168.0.18 286
192.168.0.18 255.255.255.255 On-link 192.168.0.18 286
192.168.0.255 255.255.255.255 On-link 192.168.0.18 286
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.0.18 286
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.0.18 286
===========================================================================
Persistent Routes:
Network Address Netmask Gateway Address Metric
0.0.0.0 0.0.0.0 192.168.0.1 Default
===========================================================================

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
10 286 fe80::/64 On-link
10 286 fe80::3114:4586:4903:9ec8/128
On-link
1 306 ff00::/8 On-link
10 286 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 08 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 08 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/25/2012 05:34:41 PM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 9.0.8112.16450 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 770

Start Time: 01cdb310b6e05b5f

Termination Time: 20

Application Path: C:\Program Files (x86)\Internet Explorer\iexplore.exe

Report Id:

Error: (10/25/2012 05:32:49 PM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 9.0.8112.16450 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: e9c

Start Time: 01cdb30b10319524

Termination Time: 10013

Application Path: C:\Program Files (x86)\Internet Explorer\iexplore.exe

Report Id:

Error: (10/25/2012 03:48:57 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/25/2012 02:36:22 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/25/2012 02:36:20 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/25/2012 02:36:19 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/25/2012 02:34:19 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/25/2012 11:01:23 AM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)NT AUTHORITY
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

Error: (10/25/2012 11:01:23 AM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)NT AUTHORITY
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (10/25/2012 10:57:31 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============
Error: (10/25/2012 11:04:22 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Windows Defender - KB915597 (Definition 1.139.385.0).

Error: (10/25/2012 11:04:01 AM) (Source: Service Control Manager) (User: )
Description: The Windows Defender service terminated with the following error:
%%126

Error: (10/25/2012 10:54:43 AM) (Source: Service Control Manager) (User: )
Description: The HP Auto service terminated unexpectedly. It has done this 1 time(s).

Error: (10/25/2012 10:53:59 AM) (Source: Service Control Manager) (User: )
Description: The Windows Defender service terminated with the following error:
%%126

Error: (10/24/2012 08:06:13 PM) (Source: volsnap) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (10/24/2012 02:47:03 PM) (Source: Service Control Manager) (User: )
Description: The Windows Defender service terminated with the following error:
%%126

Error: (10/24/2012 02:47:00 PM) (Source: Service Control Manager) (User: )
Description: The Windows Defender service terminated with the following error:
%%126

Error: (10/24/2012 02:46:57 PM) (Source: Service Control Manager) (User: )
Description: The Windows Defender service terminated with the following error:
%%126

Error: (10/24/2012 02:46:54 PM) (Source: Service Control Manager) (User: )
Description: The Windows Defender service terminated with the following error:
%%126

Error: (10/24/2012 02:46:51 PM) (Source: Service Control Manager) (User: )
Description: The Windows Defender service terminated with the following error:
%%126


Microsoft Office Sessions:
=========================
Error: (10/25/2012 05:34:41 PM) (Source: Application Hang)(User: )
Description: iexplore.exe9.0.8112.1645077001cdb310b6e05b5f20C:\Program Files (x86)\Internet Explorer\iexplore.exe

Error: (10/25/2012 05:32:49 PM) (Source: Application Hang)(User: )
Description: iexplore.exe9.0.8112.16450e9c01cdb30b1031952410013C:\Program Files (x86)\Internet Explorer\iexplore.exe

Error: (10/25/2012 03:48:57 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Matthew Edwards\Downloads\esetsmartinstaller_enu.exe

Error: (10/25/2012 02:36:22 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\Users\matthew edwards\downloads\esetsmartinstaller_enu.exe

Error: (10/25/2012 02:36:20 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\Users\matthew edwards\downloads\esetsmartinstaller_enu.exe

Error: (10/25/2012 02:36:19 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\Users\matthew edwards\downloads\esetsmartinstaller_enu.exe

Error: (10/25/2012 02:34:19 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (10/25/2012 11:01:23 AM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)NT AUTHORITY
Description: WmiApRplWmiApRpl8F20300004D070000

Error: (10/25/2012 11:01:23 AM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)NT AUTHORITY
Description: Performance1637070000000000000000000009030000

Error: (10/25/2012 10:57:31 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Matthew Edwards\Downloads\esetsmartinstaller_enu.exe


=========================== Installed Programs ============================

µTorrent (Version: 1.8.2)
3dem (Version: 20.7)
Adobe AIR (Version: 3.0.0.4080)
Adobe Community Help (Version: 3.0.0)
Adobe Community Help (Version: 3.0.0.400)
Adobe Digital Editions 2.0 (Version: 2.0)
Adobe Flash Player 11 ActiveX (Version: 11.4.402.287)
Adobe Flash Player 11 Plugin (Version: 11.4.402.287)
Adobe Media Player (Version: 1.8)
Adobe Reader X (10.1.4) (Version: 10.1.4)
Agatha Christie - Peril at End House (Version: 2.2.0.95)
Alt.Binz 0.25.0 (Version: 0.25.0)
Amazon Add to Wish List IE Extension 1.1 (Version: 1.1)
Android SDK Tools (Version: 1.14)
Apple Application Support (Version: 2.2.2)
Apple Mobile Device Support (Version: 6.0.0.59)
Apple Software Update (Version: 2.1.3.127)
ATI Catalyst Install Manager (Version: 3.0.774.0)
Auto Gordian Knot 2.55 (Version: 2.55)
AVI Joiner
Avidemux 2.6 (Version: 2.6.0.8179)
AviSynth 2.5
Bejeweled 2 Deluxe (Version: 2.2.0.95)
Bing Desktop (Version: 1.0.45.0)
Blackhawk Striker 2 (Version: 2.2.0.95)
Blasterball 3 (Version: 2.2.0.95)
Bonjour (Version: 3.0.0.10)
Bounce Symphony (Version: 2.2.0.95)
Build-a-lot 2 (Version: 2.2.0.95)
Cake Mania (Version: 2.2.0.95)
CameraHelperMsi (Version: 13.50.854.0)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Core Implementation (Version: 2010.0511.2153.37435)
Catalyst Control Center Graphics Full Existing (Version: 2010.0511.2153.37435)
Catalyst Control Center Graphics Full New (Version: 2010.0511.2153.37435)
Catalyst Control Center Graphics Light (Version: 2010.0511.2153.37435)
Catalyst Control Center Graphics Previews Vista (Version: 2010.0511.2153.37435)
Catalyst Control Center InstallProxy (Version: 2010.0511.2153.37435)
Catalyst Control Center Localization All (Version: 2010.0511.2153.37435)
ccc-core-static (Version: 2010.0511.2153.37435)
ccc-utility64 (Version: 2010.0511.2153.37435)
CCC Help Chinese Standard (Version: 2010.0511.2152.37435)
CCC Help Chinese Traditional (Version: 2010.0511.2152.37435)
CCC Help Czech (Version: 2010.0511.2152.37435)
CCC Help Danish (Version: 2010.0511.2152.37435)
CCC Help Dutch (Version: 2010.0511.2152.37435)
CCC Help English (Version: 2010.0511.2152.37435)
CCC Help Finnish (Version: 2010.0511.2152.37435)
CCC Help French (Version: 2010.0511.2152.37435)
CCC Help German (Version: 2010.0511.2152.37435)
CCC Help Greek (Version: 2010.0511.2152.37435)
CCC Help Hungarian (Version: 2010.0511.2152.37435)
CCC Help Italian (Version: 2010.0511.2152.37435)
CCC Help Japanese (Version: 2010.0511.2152.37435)
CCC Help Korean (Version: 2010.0511.2152.37435)
CCC Help Norwegian (Version: 2010.0511.2152.37435)
CCC Help Polish (Version: 2010.0511.2152.37435)
CCC Help Portuguese (Version: 2010.0511.2152.37435)
CCC Help Russian (Version: 2010.0511.2152.37435)
CCC Help Spanish (Version: 2010.0511.2152.37435)
CCC Help Swedish (Version: 2010.0511.2152.37435)
CCC Help Thai (Version: 2010.0511.2152.37435)
CCC Help Turkish (Version: 2010.0511.2152.37435)
CCleaner (Version: 3.21)
Chuzzle Deluxe (Version: 2.2.0.95)
Compaq Setup Manager (Version: 1.0.12844.3519)
CyberLink DVD Suite Deluxe (Version: 7.0.3210)
D3DX10 (Version: 15.4.2368.0902)
Demis MapControl.Net
Demis MapControl.Net (Version: 1.0.0.0)
Demis Mapper.NET (Version: 1.0.1)
Desktop Icon Position Saver (64-bit)
Diner Dash 2 Restaurant Rescue (Version: 2.2.0.95)
Dora's World Adventure (Version: 2.2.0.95)
DVD Decrypter (Remove Only)
DVD Shrink 3.2
DVDFab 8.1.7.8 (17/04/2012) Qt
EasyTether (Version: 1.1.14)
erLT (Version: 1.20.138.34)
Escape Rosecliff Island (Version: 2.2.0.95)
ESET Online Scanner v3
Expat Shield 2.25 (Version: 2.25)
Expat Shield Toolbar (Version: 6.9.0.16)
Farm Frenzy (Version: 2.2.0.95)
FATE (Version: 2.2.0.95)
FileZilla Client 3.5.3 (Version: 3.5.3)
Final Drive Nitro (Version: 2.2.0.95)
FoxyTunes for Firefox
Free Studio version 5.4.7 (Version: 5.4.7)
Free YouTube Download version 3.1.31.706 (Version: 3.1.31.706)
GIMP 2.6.11 (Version: 2.6.11)
GoldWave v5.58
Google Earth Plug-in (Version: 6.1.0.5001)
Google Talk Plugin (Version: 3.3.2.8436)
Google Update Helper (Version: 1.3.21.123)
Gordian Knot Rip Pack 0.35.0 (Version: 0.35.0)
GrabIt 1.7.2 Beta 6 (build 1008)
Heroes of Hellas 2 - Olympia (Version: 2.2.0.95)
Hewlett-Packard ACLM.NET v1.1.2.0 (Version: 1.00.0000)
HP Auto (Version: 1.0.12494.3472)
HP Client Services (Version: 1.0.12656.3472)
HP Customer Experience Enhancements (Version: 6.0.1.7)
HP Deskjet 3050 J610 series Basic Device Software (Version: 22.50.231.0)
HP Deskjet 3050 J610 series Help (Version: 140.0.63.63)
HP Deskjet 3050 J610 series Product Improvement Study (Version: 22.50.231.0)
HP Game Console
HP Games (Version: 1.0.1.5)
HP MovieStore (Version: 1.0.027)
HP MovieStore (Version: 2.0.2)
HP Odometer (Version: 2.10.0000)
HP Photo Creations (Version: 1.0.0.3781)
HP Product Detection (Version: 11.14.0003)
HP Setup (Version: 8.4.4400.3525)
HP Support Assistant (Version: 6.1.12.1)
HP Support Information (Version: 10.1.1000)
HP Update (Version: 5.002.006.003)
HP Vision Hardware Diagnostics (Version: 2.1.6.0)
Hulu Desktop (Version: 0.9.14)
iCloud (Version: 2.0.2.187)
ImgBurn (Version: 2.5.7.0)
Inkscape 0.48.1 (Version: 0.48.1)
InstallVC90Support (Version: 1.01.0000)
iTunes (Version: 10.7.0.21)
Java Auto Updater (Version: 2.0.7.2)
Java™ 6 Update 37 (Version: 6.0.370)
Java™ 7 Update 2 (64-bit) (Version: 7.0.20)
Java™ SE Development Kit 7 Update 2 (64-bit) (Version: 1.7.0.20)
JavaFX 2.0.2 (64-bit) (Version: 2.0.2)
JavaFX 2.0.2 SDK (64-bit) (Version: 2.0.2)
Jewel Quest Solitaire 2 (Version: 2.2.0.95)
Jing (Version: 2.6.12032.1)
Junk Mail filter update (Version: 15.4.3502.0922)
Kobo (Version: 1.6)
LabelPrint (Version: 2.5.3130)
LG SP USB Driver (Version: 1.0)
LG United Mobile Driver (Version: 2.1)
LG USB WML Modem Driver (Version: 1.0)
LightScribe System Software (Version: 1.18.20.1)
Logitech Vid HD (Version: 7.2 (7259))
Logitech Webcam Software (Version: 2.30)
LWS Facebook (Version: 13.50.854.0)
LWS Gallery (Version: 13.50.854.0)
LWS Help_main (Version: 13.50.862.0)
LWS Launcher (Version: 13.50.859.0)
LWS Motion Detection (Version: 13.30.1395.0)
LWS Pictures And Video (Version: 13.50.861.0)
LWS Twitter (Version: 13.30.1346.0)
LWS Video Mask Maker (Version: 13.30.1379.0)
LWS VideoEffects (Version: 13.30.1379.0)
LWS Webcam Software (Version: 13.31.1038.0)
LWS WLM Plugin (Version: 1.30.1201.0)
LWS YouTube Plugin (Version: 13.31.1038.0)
Malwarebytes Anti-Malware version 1.65.1.1000 (Version: 1.65.1.1000)
MediaCoder x64 0.8.12 (Version: 0.8.12)
MediaInfo 0.7.61 (Version: 0.7.61)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office Starter 2010 - English (Version: 14.0.4763.1000)
Microsoft Security Client (Version: 4.1.0522.0)
Microsoft Security Essentials (Version: 4.1.522.0)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
MobileMe Control Panel (Version: 3.1.8.0)
Mozilla Firefox 16.0.1 (x86 en-US) (Version: 16.0.1)
Mozilla Maintenance Service (Version: 16.0.1)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Mystery P.I. - The London Caper (Version: 2.2.0.95)
OpenOffice.org 3.3 (Version: 3.3.9567)
OverDrive Media Console (Version: 3.2.20)
Penguins! (Version: 2.2.0.95)
PhotoNow! (Version: 1.1.7717)
PictureMover (Version: 3.5.0.33)
Plants vs. Zombies (Version: 2.2.0.95)
PlayReady PC Runtime amd64 (Version: 1.3.0)
PlayReady PC Runtime x86 (Version: 1.3.0)
Poker Superstars III (Version: 2.2.0.95)
Polar Bowler (Version: 2.2.0.95)
Polar Golfer (Version: 2.2.0.95)
Power2Go (Version: 6.1.4329)
PowerDirector (Version: 8.0.3129)
PressReader (Version: 5.10.1102.0)
PuTTY version 0.62 (Version: 0.62)
QPST
Quantum GIS Wroclaw 1.7.0 Wroclaw (Version: 1.7.0-rb55a00e73-1)
QuickPar 0.9 (Version: 0.9)
QuickTime (Version: 7.72.80.56)
Realtek High Definition Audio Driver (Version: 6.0.1.6196)
Recovery Manager (Version: 5.5.3219)
RoxioNow Player (Version: 1.9.5.101)
Safari (Version: 5.34.57.2)
Samsung Kies (Version: 2.5.0.12094_28)
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.15.0)
Serviio
Shutterfly Express Uploader (Version: 1.0.0)
Shutterfly Express Uploader (Version: 1.0.0.4)
Skype Click to Call (Version: 6.2.10687)
Skype™ 5.10 (Version: 5.10.116)
Star Trek Online
TerraGo Toolbar (Version: 6.0.0090)
Time Adjuster STANDARD 3.1
Tweaking.com - Windows Repair (All in One) (Version: 1.9.1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
VIA Technologies USB Wireless LAN Adapter
VideoReDo TVSuite Version 4.20.7.635
Virtual Families (Version: 2.2.0.95)
Virtual Villagers 4 - The Tree of Life (Version: 2.2.0.95)
VLC media player 2.0.3 (Version: 2.0.3)
VobSub v2.23 (Remove Only)
Wheel of Fortune 2 (Version: 2.2.0.95)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3502.0922)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WinRAR 4.01 (64-bit) (Version: 4.01.0)
XviD MPEG4 Video Codec (remove only)
Zinio Reader 4 (Version: 4.0.3184)
Zuma Deluxe (Version: 2.2.0.95)

========================= Memory info: ===================================

Percentage of memory in use: 54%
Total physical RAM: 3839.29 MB
Available physical RAM: 1748.46 MB
Total Pagefile: 7676.76 MB
Available Pagefile: 5117.23 MB
Total Virtual: 4095.88 MB
Available Virtual: 3964.21 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:454.18 GB) (Free:67.06 GB) NTFS
2 Drive d: (HP_RECOVERY) (Fixed) (Total:11.48 GB) (Free:1.4 GB) NTFS
3 Drive f: (My Book) (Fixed) (Total:930.86 GB) (Free:16.1 GB) NTFS
4 Drive g: (My Book) (Fixed) (Total:930.86 GB) (Free:33.84 GB) NTFS
5 Drive h: (My Book) (Fixed) (Total:298.01 GB) (Free:14.17 GB) FAT32
6 Drive i: (Elements) (Fixed) (Total:931.51 GB) (Free:28 GB) NTFS

========================= Users: ========================================

User accounts for \\MATTHEWEDWARDS

Administrator Guest Matthew Edwards

========================= Restore Points ==================================

25-10-2012 21:36:26 Scheduled Checkpoint

**** End of log ****


Farbar Service Scanner:

Farbar Service Scanner Version: 19-10-2012
Ran by Matthew Edwards (administrator) on 25-10-2012 at 19:41:58
Running from "C:\Users\Matthew Edwards\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is OK.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend: "%ProgramFiles(x86)%\Windows Defender\mpsvc.dll".


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****


ADWcleaner:

# AdwCleaner v2.005 - Logfile created 10/25/2012 at 19:44:41
# Updated 14/10/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Matthew Edwards - MATTHEWEDWARDS
# Boot Mode : Normal
# Running from : C:\Users\Matthew Edwards\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Deleted on reboot : C:\Program Files (x86)\Expat Shield
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml
File Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
File Deleted : C:\Users\Matthew Edwards\AppData\Roaming\Mozilla\Firefox\Profiles\2u094lb6.default\searchplugins\Conduit.xml
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\Expat_Shield
Folder Deleted : C:\Program Files (x86)\Mozilla Firefox\Extensions\afurladvisor@anchorfree.com
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Expat Shield
Folder Deleted : C:\Users\Matthew Edwards\AppData\Local\Conduit
Folder Deleted : C:\Users\Matthew Edwards\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Matthew Edwards\AppData\LocalLow\Expat_Shield
Folder Deleted : C:\Users\Matthew Edwards\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Matthew Edwards\AppData\Roaming\Mozilla\Firefox\Profiles\2u094lb6.default\CT2549263
Folder Deleted : C:\Users\Matthew Edwards\AppData\Roaming\Mozilla\Firefox\Profiles\2u094lb6.default\extensions\{a060276a-53be-45ec-8ebe-b94b1e803179}
Folder Deleted : C:\Users\Matthew Edwards\AppData\Roaming\Mozilla\Firefox\Profiles\2u094lb6.default\Smartbar

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\Expat_Shield
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\IGearSettings
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A060276A-53BE-45EC-8EBE-B94B1E803179}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A060276A-53BE-45EC-8EBE-B94B1E803179}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D859F3EB-B5F1-47D0-9839-6DF8B311E450}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2549263
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\Expat_Shield
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D859F3EB-B5F1-47D0-9839-6DF8B311E450}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A060276A-53BE-45EC-8EBE-B94B1E803179}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D859F3EB-B5F1-47D0-9839-6DF8B311E450}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{500B5887-C466-41B4-9076-7FFBC98176BB}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9092BD3E-88E2-4FF9-9EED-A1C2B4467D17}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A060276A-53BE-45EC-8EBE-B94B1E803179}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Expat_Shield Toolbar
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{A060276A-53BE-45EC-8EBE-B94B1E803179}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{A060276A-53BE-45EC-8EBE-B94B1E803179}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{A060276A-53BE-45EC-8EBE-B94B1E803179}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{A060276A-53BE-45EC-8EBE-B94B1E803179}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v16.0.1 (en-US)

Profile name : default
File : C:\Users\Matthew Edwards\AppData\Roaming\Mozilla\Firefox\Profiles\2u094lb6.default\prefs.js

Deleted : user_pref("CT2549263.1000082.isPlayDisplay", "true");
Deleted : user_pref("CT2549263.1000082.state", "{\"state\":\"stopped\",\"text\":\"Radio Hip...\",\"description[...]
Deleted : user_pref("CT2549263.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT2549263.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...]
Deleted : user_pref("CT2549263.FirstTime", "true");
Deleted : user_pref("CT2549263.FirstTimeFF3", "true");
Deleted : user_pref("CT2549263.GK_HSSELITE_NOTIF_SENT", "sent");
Deleted : user_pref("CT2549263.InstallationDate0.2690270998198123", "1350707687083");
Deleted : user_pref("CT2549263.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT254[...]
Deleted : user_pref("CT2549263.UserID", "UN99325403713716880");
Deleted : user_pref("CT2549263.addressBarTakeOverEnabledInHidden", "true");
Deleted : user_pref("CT2549263.browser.search.defaultthis.engineName", true);
Deleted : user_pref("CT2549263.cb_experience_000", "10");
Deleted : user_pref("CT2549263.cb_firstuse0100", "1");
Deleted : user_pref("CT2549263.cbcountry_001", "US");
Deleted : user_pref("CT2549263.cbfirsttime", "Fri Oct 19 2012 21:34:56 GMT-0700 (Pacific Daylight Time)");
Deleted : user_pref("CT2549263.embeddedsData", "[{\"appId\":\"129118270998586956\",\"apiPermissions\":{\"cross[...]
Deleted : user_pref("CT2549263.enableAlerts", "always");
Deleted : user_pref("CT2549263.firstTimeDialogOpened", "true");
Deleted : user_pref("CT2549263.fixPageNotFoundError", "false");
Deleted : user_pref("CT2549263.fixPageNotFoundErrorInHidden", "true");
Deleted : user_pref("CT2549263.fixUrls", true);
Deleted : user_pref("CT2549263.hxxp___www_socialgrowthtechnologies_com_couponbuddy_v001.APP_WIN_FEATURES", "op[...]
Deleted : user_pref("CT2549263.installId", "ConduitStubGeneric");
Deleted : user_pref("CT2549263.installType", "ConduitStubIntegration");
Deleted : user_pref("CT2549263.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT2549263.isNewTabEnabled", false);
Deleted : user_pref("CT2549263.isPerformedSmartBarTransition", "true");
Deleted : user_pref("CT2549263.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Deleted : user_pref("CT2549263.keyword", true);
Deleted : user_pref("CT2549263.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"Boleyn Girl\",\"EB_MAIN_FRAME_UR[...]
Deleted : user_pref("CT2549263.newSettings", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Deleted : user_pref("CT2549263.openThankYouPage", "FALSE");
Deleted : user_pref("CT2549263.search.searchAppId", "129118270998586956");
Deleted : user_pref("CT2549263.search.searchCount", "0");
Deleted : user_pref("CT2549263.searchInNewTabEnabled", "false");
Deleted : user_pref("CT2549263.searchInNewTabEnabledInHidden", "true");
Deleted : user_pref("CT2549263.searchProtector.notifyChanges", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT2549263.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT2549263.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...]
Deleted : user_pref("CT2549263.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\[...]
Deleted : user_pref("CT2549263.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...]
Deleted : user_pref("CT2549263.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...]
Deleted : user_pref("CT2549263.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...]
Deleted : user_pref("CT2549263.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...]
Deleted : user_pref("CT2549263.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data[...]
Deleted : user_pref("CT2549263.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1350707677758");
Deleted : user_pref("CT2549263.serviceLayer_services_appsMetadata_lastUpdate", "1350766477995");
Deleted : user_pref("CT2549263.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1350707680116");
Deleted : user_pref("CT2549263.serviceLayer_services_login_10.10.27.6_lastUpdate", "1350911574468");
Deleted : user_pref("CT2549263.serviceLayer_services_optimizer_lastUpdate", "1350766480721");
Deleted : user_pref("CT2549263.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1350707680069");
Deleted : user_pref("CT2549263.serviceLayer_services_searchAPI_lastUpdate", "1350707671690");
Deleted : user_pref("CT2549263.serviceLayer_services_serviceMap_lastUpdate", "1350890486263");
Deleted : user_pref("CT2549263.serviceLayer_services_toolbarContextMenu_lastUpdate", "1350707680020");
Deleted : user_pref("CT2549263.serviceLayer_services_toolbarSettings_lastUpdate", "1350918813748");
Deleted : user_pref("CT2549263.serviceLayer_services_translation_lastUpdate", "1350890492822");
Deleted : user_pref("CT2549263.settingsINI", true);
Deleted : user_pref("CT2549263.shouldFirstTimeDialog", "FALSE");
Deleted : user_pref("CT2549263.smartbar.CTID", "CT2549263");
Deleted : user_pref("CT2549263.smartbar.Uninstall", "0");
Deleted : user_pref("CT2549263.smartbar.homepage", true);
Deleted : user_pref("CT2549263.smartbar.isHidden", true);
Deleted : user_pref("CT2549263.smartbar.toolbarName", "Expat Shield ");
Deleted : user_pref("CT2549263.startPage", "userChanged");
Deleted : user_pref("CT2549263.toolbarAppHeartbeat", "{\"129766356251385434\":1350707687075}");
Deleted : user_pref("CT2549263.toolbarBornServerTime", "20-10-2012");
Deleted : user_pref("CT2549263.toolbarCurrentServerTime", "22-10-2012");
Deleted : user_pref("CT2549263.toolbarDisabled", "true");
Deleted : user_pref("CT2549263.toolbarNotificationQueue", "[{\"app\":0.2690270998198123,\"args\":{\"id\":0.269[...]
Deleted : user_pref("CT2549263.toolbarNotificationSettings", "{\"sendNotifications\":{\"all\":true,\"apps\":{\[...]
Deleted : user_pref("CT2549263.toolbarNotificationUserId", "24243185282");
Deleted : user_pref("CT2549263.url_history0001", "hxxp://forum.serviio.org/viewtopic.php?f=5&t=7:::clickhandle[...]
Deleted : user_pref("Smartbar.ConduitHomepagesList", "");
Deleted : user_pref("Smartbar.ConduitSearchEngineList", "");
Deleted : user_pref("Smartbar.ConduitSearchUrlList", "");
Deleted : user_pref("browser.search.defaultenginename", "AVG Secure Search");

Profile name : default
File : C:\Users\Matthew Edwards\AppData\Roaming\Mozilla\Firefox\Profiles\2u094lb6.default\prefs.js

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [12626 octets] - [25/10/2012 19:44:41]

########## EOF - C:\AdwCleaner[S1].txt - [12687 octets] ##########


JRT:

Junkware Removal Tool (JRT) by Thisisu
Version: 2.1.8 (10.25.2012)
OS: Windows 7 Home Premium x64
Ran by Matthew Edwards on Thu 10/25/2012 at 19:53:41.60
Blog: http://thisisudax.blogspot.com
**************************************************************




*** Services: 0 Detections



*** Registry Values: 0 Detections



*** Registry Keys:

Successfully deleted: [KEY] hkey_classes_root\clsid\{3c471948-f874-49f5-b338-4f214a2ee0b1}



*** Files: 0 Detections



*** Folders:

Successfully deleted: [FOLDER] "C:\Program Files (x86)\Common Files\dvdvideosoft"
Successfully deleted: [FOLDER] "C:\Users\Matthew Edwards\appdata\locallow\conduit"
Failed to delete: [FOLDER-LOCKED!] "C:\Program Files (x86)\dvdvideosoft"



*** FireFox detected and repaired

Successfully deleted: [bing-zugo.xml] from "C:\Program Files (x86)\mozilla firefox\searchplugins"
Removed the following from [prefs.js] :

user_pref("Smartbar.SearchFromAddressBarSavedUrl", "http://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=");
user_pref("Smartbar.keywordURLSelectedCTID", "");


*** Event Viewer Logs - Cleared





**************************************************************
Scan was completed on Thu 10/25/2012 at 20:20:28.90
End of Report


Once again, thanks for helping me :)

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:57 PM

Posted 25 October 2012 - 10:29 PM

Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

What are your current issues?

#7 mewikime

mewikime
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:09:57 AM

Posted 25 October 2012 - 10:58 PM

Well as I said in my first post, the issues with Windows Update, Firewall and Defender were fixed, but it was stressed to me that I should post here and make sure that my system was completely clean.

I don't know what the log results mean, so hopefully you can tell me if my system is infected or not.

So right now the only issue I'm having right now is spikes in CPU. I most often notice this when I'm watching a video in Windows Media Player, because the image freezes for a moment before playing at hyper speed to catch up.

If this isn't the correct forum for that issue though, I'll post somewhere else.

Thanks ~~Matt

And here are the two logs:

Rkill:

Rkill 2.4.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 10/25/2012 08:46:23 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
* HKLM\Software\Classes\exefile\shell\open\command\\IsolatedCommand was changed. It was reset to "%1" %*!

* HKLM\Software\Classes\exefile\shell\runas\command\\IsolatedCommand was changed. It was reset to "%1" %*!


Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* iphlpsvc [Missing Service]

* gpsvc => %windir%\system32\svchost.exe -k GPSvcGroup [Incorrect ImagePath]

* WinDefend => %ProgramFiles(x86)%\Windows Defender\mpsvc.dll [Incorrect ServiceDLL]

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 localhost

Program finished at: 10/25/2012 08:47:29 PM
Execution time: 0 hours(s), 1 minute(s), and 6 seconds(s)


Autoruns:

"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "AdobeAAMUpdater-1.0" "Adobe Updater Startup Utility" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\oobe\pdapp\uwa\updaterstartuputility.exe"
+ "hpsysdrv" "hpsysdrv" "Hewlett-Packard" "c:\program files (x86)\hewlett-packard\hp odometer\hpsysdrv.exe"
+ "MSC" "Microsoft Security Client User Interface" "Microsoft Corporation" "c:\program files\microsoft security client\msseces.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe"
+ "Aimersoft Helper Compact.exe" "AimerSoft Studio" "AimerSoft" "c:\program files (x86)\common files\aimersoft\aimersoft helper compact\ashelper.exe"
+ "AppleSyncNotifier" "AppleSyncNotifier" "Apple Inc." "c:\program files (x86)\common files\apple\mobile device support\applesyncnotifier.exe"
+ "APSDaemon" "Apple Push" "Apple Inc." "c:\program files (x86)\common files\apple\apple application support\apsdaemon.exe"
+ "BingDesktop" "Bing Desktop application" "Microsoft Corp." "c:\program files (x86)\microsoft\bingdesktop\bingdesktop.exe"
+ "HP Software Update" "hpwuSchd Application" "Hewlett-Packard" "c:\program files (x86)\hp\hp software update\hpwuschd2.exe"
+ "iTunesHelper" "iTunesHelper" "Apple Inc." "c:\program files (x86)\itunes\ituneshelper.exe"
+ "KiesTrayAgent" "Kies TrayAgent Application" "Samsung Electronics Co., Ltd." "c:\program files (x86)\samsung\kies\kiestrayagent.exe"
+ "LWS" "Logitech Webcam Software" "Logitech Inc." "c:\program files (x86)\logitech\lws\webcam software\lws.exe"
+ "QuickTime Task" "QuickTime Task" "Apple Inc." "c:\program files (x86)\quicktime\qttask.exe"
+ "StartCCC" "Catalyst® Control Center Launcher" "Advanced Micro Devices, Inc." "c:\program files (x86)\ati technologies\ati.ace\core-static\clistart.exe"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files (x86)\common files\java\java update\jusched.exe"
"C:\Users\Matthew Edwards\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "Serviio.lnk" "" "" "c:\program files\serviio\bin\serviioconsole.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "(Default)" "KiesPDLR" "Samsung" "c:\program files (x86)\samsung\kies\external\firmwareupdate\kiespdlr.exe"
+ "ApplePhotoStreams" "ApplePhotoStreams.exe" "Apple Inc." "c:\program files (x86)\common files\apple\internet services\applephotostreams.exe"
+ "EasyTether" "EasyTether Tray" "Mobile Stream" "c:\program files (x86)\mobile stream\easytether\easytthr.exe"
+ "iCloudServices" "iCloud" "Apple Inc." "c:\program files (x86)\common files\apple\internet services\icloudservices.exe"
+ "KiesAirMessage" "" "Samsung Electronics" "c:\program files (x86)\samsung\kies\kiesairmessage.exe"
+ "KiesPreload" "Kies" "Samsung" "c:\program files (x86)\samsung\kies\kies.exe"
+ "Sidebar" "Windows Desktop Gadgets" "Microsoft Corporation" "c:\program files\windows sidebar\sidebar.exe"
+ "Skype" "Skype " "Skype Technologies S.A." "c:\program files (x86)\skype\phone\skype.exe"
"HKLM\SOFTWARE\Classes\Protocols\Handler" "" "" ""
+ "skype-ie-addon-data" "Skype Click to Call for Internet Explorer" "Skype Technologies S.A." "c:\program files (x86)\skype\toolbars\internet explorer x64\skypeieplugin.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll"
+ "PhotoStreamsExt" "" "" "c:\program files\common files\apple\internet services\shellstreams64.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "PhotoStreamsExt" "ShellStreams.dll" "Apple Inc." "c:\program files (x86)\common files\apple\internet services\shellstreams.dll"
+ "WinRAR32" "" "" "c:\program files\winrar\rarext32.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "WinRAR32" "" "" "c:\program files\winrar\rarext32.dll"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "WinRAR32" "" "" "c:\program files\winrar\rarext32.dll"
"HKLM\Software\Classes\Directory\Shellex\CopyHookHandlers" "" "" ""
+ "FileZilla3CopyHook" "fzshellext Dynamic Link Library" "" "c:\program files (x86)\filezilla ftp client\fzshellext_64.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Shellex\CopyHookHandlers" "" "" ""
+ "FileZilla3CopyHook" "fzshellext Dynamic Link Library" "" "c:\program files (x86)\filezilla ftp client\fzshellext.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "ACE" "AMD Desktop Control Panel" "Advanced Micro Devices, Inc." "c:\program files (x86)\ati technologies\ati.ace\core-static\atiacm64.dll"
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll"
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" "" "OpenOffice.org" "c:\program files (x86)\openoffice.org 3\basis\program\shlxthdl\shlxthdl_x64.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
+ "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" "" "OpenOffice.org" "c:\program files (x86)\openoffice.org 3\basis\program\shlxthdl\shlxthdl.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "WinRAR32" "" "" "c:\program files\winrar\rarext32.dll"
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "WinRAR32" "" "" "c:\program files\winrar\rarext32.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Expat Shield Class" "" "" "File not found: C:\Program Files (x86)\Expat Shield\HssIE\ExpatIE_64.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files\oracle\javafx 2.0 runtime\bin\jp2ssv.dll"
+ "Skype add-on for Internet Explorer" "Skype Click to Call for Internet Explorer" "Skype Technologies S.A." "c:\program files (x86)\skype\toolbars\internet explorer x64\skypeieplugin.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "Expat Shield Class" "" "" "File not found: C:\Program Files (x86)\Expat Shield\HssIE\ExpatIE.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files (x86)\java\jre6\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files (x86)\java\jre6\bin\ssv.dll"
+ "Skype Browser Helper" "Skype Click to Call for Internet Explorer" "Skype Technologies S.A." "c:\program files (x86)\skype\toolbars\internet explorer\skypeieplugin.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "Skype Click to Call" "Skype Click to Call for Internet Explorer" "Skype Technologies S.A." "c:\program files (x86)\skype\toolbars\internet explorer x64\skypeieplugin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "&Blog This in Windows Live Writer" "Windows Live Writer Blog This Extension" "Microsoft Corporation" "c:\program files (x86)\windows live\writer\writerbrowserextension.dll"
+ "Add to Wish List" "" "" "c:\program files (x86)\amazon\add to wish list ie extension\run.htm"
+ "Skype Click to Call" "Skype Click to Call for Internet Explorer" "Skype Technologies S.A." "c:\program files (x86)\skype\toolbars\internet explorer\skypeieplugin.dll"
"Task Scheduler" "" "" ""
+ "\Adobe Flash Player Updater" "Adobe® Flash® Player Update Service 11.4 r402" "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "\Apple\AppleSoftwareUpdate" "Apple Software Update" "Apple Inc." "c:\program files (x86)\apple software update\softwareupdate.exe"
+ "\DST" "Toaster" "Microsoft" "c:\program files (x86)\hewlett-packard\setup manager\toaster.exe"
+ "\GoogleUpdateTaskMachineCore" "Google Installer" "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskMachineUA" "Google Installer" "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-675813629-1504490578-3824506977-1000Core" "" "" "File not found: C:\Users\Matthew Edwards\AppData\Local\Google\Update\GoogleUpdate.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-675813629-1504490578-3824506977-1000UA" "" "" "File not found: C:\Users\Matthew Edwards\AppData\Local\Google\Update\GoogleUpdate.exe"
+ "\HPCeeScheduleForMatthew Edwards" "HP Ceement" "Hewlett-Packard" "c:\program files (x86)\hewlett-packard\hp ceement\hpcee.exe"
+ "\HPCeeScheduleForMATTHEWEDWARDS$" "HP Ceement" "Hewlett-Packard" "c:\program files (x86)\hewlett-packard\hp ceement\hpcee.exe"
+ "\hpwebreg_CN19K414CQ05HX" "WebRegistrationApp" "Hewlett-Packard Co." "c:\program files\hp\hp deskjet 3050 j610 series\bin\hpwebreg.exe"
+ "\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\microsoft security client\mpcmdrun.exe"
+ "\Microsoft\Microsoft Antimalware\MpIdleTask" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\microsoft security client\mpcmdrun.exe"
+ "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task" "Windows Live Social Object Extractor Engine" "Microsoft Corporation" "c:\program files (x86)\windows live\soxe\wlsoxe.dll"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
+ "\SidebarExecute" "Windows Desktop Gadgets" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sidebar.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AdobeARMservice" "Adobe Acrobat Updater keeps your Adobe software up to date." "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe"
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "AMD External Events Utility" "AMD External Events Service Module" "AMD" "c:\windows\system32\atiesrxx.exe"
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files (x86)\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "BingDesktopUpdate" "Bing Desktop Update Service" "Microsoft Corp." "c:\program files (x86)\microsoft\bingdesktop\bingdesktopupdater.exe"
+ "Bonjour Service" "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence." "Apple Inc." "c:\program files\bonjour\mdnsresponder.exe"
+ "cvhsvc" "Client Virtualization Handler Service (unlocalized description)" "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\virtualization handler\cvhsvc.exe"
+ "ExpatShieldService" "" "" "c:\program files (x86)\expat shield\bin\openvpnas.exe"
+ "ExpatSrv" "" "AnchorFree Inc." "c:\program files (x86)\expat shield\hsswpr\hsssrv.exe"
+ "ExpatTrayService" "" "" "File not found: C:\Program Files (x86)\Expat Shield\bin\ExpatTrayService.EXE"
+ "ExpatWd" "" "" "c:\program files (x86)\expat shield\bin\hsswd.exe"
+ "GameConsoleService" "GameConsole management services" "WildTangent, Inc." "c:\program files (x86)\hp games\hp game console\gameconsoleservice.exe"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "HP Support Assistant Service" "HP Support Assistant Service" "Hewlett-Packard Company" "c:\program files (x86)\hewlett-packard\hp support framework\hpsa_service.exe"
+ "HPAuto" "HP Usage Improvement Tracking" "Hewlett-Packard" "c:\program files\hewlett-packard\hp auto\hpauto.exe"
+ "HPClientSvc" "HP Client Services" "Hewlett-Packard Company" "c:\program files\hewlett-packard\hp client services\hpclientservices.exe"
+ "HPDrvMntSvc.exe" "HP Quick Synchronization Service" "Hewlett-Packard Company" "c:\program files (x86)\hewlett-packard\shared\hpdrvmntsvc.exe"
+ "hpqwmiex" "hpqwmiex Module" "Hewlett-Packard Company" "c:\program files (x86)\hewlett-packard\shared\hpqwmiex.exe"
+ "iPod Service" "iPod hardware management services" "Apple Inc." "c:\program files\ipod\bin\ipodservice.exe"
+ "LightScribeService" "Used by the LightScribe software components to support 3rd party disc labeling applications using the LightScribe COM Application Programming Interface (LSCAPI). This service needs to run for LightScribe direct disc labeling to work." "Hewlett-Packard Company" "c:\program files (x86)\common files\lightscribe\lssrvc.exe"
+ "MozillaMaintenance" "The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled." "Mozilla Foundation" "c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe"
+ "MsMpSvc" "Helps protect users from malware and other potentially unwanted software" "Microsoft Corporation" "c:\program files\microsoft security client\msmpeng.exe"
+ "NisSrv" "Helps guard against intrusion attempts targeting known and newly discovered vulnerabilities in network protocols" "Microsoft Corporation" "c:\program files\microsoft security client\nissrv.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"
+ "osppsvc" "Office Software Protection Platform Service (unlocalized description)" "Microsoft Corporation" "c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe"
+ "RoxioNow Service" "Windows Service App" "Roxio" "c:\program files (x86)\roxio\roxionow player\rnowsvc.exe"
+ "Serviio" "Serviio DLNA Media Server" "" "c:\program files\serviio\bin\serviioservice.exe"
+ "sftlist" "Streams and manages applications." "Microsoft Corporation" "c:\program files (x86)\microsoft application virtualization client\sftlist.exe"
+ "sftvsa" "Monitors global service events and launches virtual services." "Microsoft Corporation" "c:\program files (x86)\microsoft application virtualization client\sftvsa.exe"
+ "Skype C2C Service" "Skype Click to Call Update Service" "Skype Technologies S.A." "c:\programdata\skype\toolbars\skype c2c service\c2c_service.exe"
+ "SkypeUpdate" "Enables the detection, download and installation of updates for Skype." "Skype Technologies" "c:\program files (x86)\skype\updater\updater.exe"
+ "UMVPFSrv" "UMVPF is a user mode Logitech driver" "Logitech Inc." "c:\program files (x86)\common files\logishrd\lvmvfm\umvpfsrv.exe"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "" "File not found: C:\Program Files (x86)\Windows Defender\mpsvc.dll"
+ "wlidsvc" "Enables Windows Live ID authentication." "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amd_sata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amd_sata.sys"
+ "amd_xata" "Stor Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amd_xata.sys"
+ "amdkmdag" "ATI Radeon Kernel Mode Driver" "ATI Technologies Inc." "c:\windows\system32\drivers\atikmdag.sys"
+ "amdkmdap" "AMD multi-vendor Miniport Driver" "Advanced Micro Devices, Inc." "c:\windows\system32\drivers\atikmpag.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "Andbus" "LGE Android Platform Driver" "LG Electronics Inc." "c:\windows\system32\drivers\lgandbus64.sys"
+ "AndDiag" "LGE Android Platform USB Serial Port" "LG Electronics Inc." "c:\windows\system32\drivers\lganddiag64.sys"
+ "AndGps" "LGE Android Platform USB GPS NMEA Port" "LG Electronics Inc." "c:\windows\system32\drivers\lgandgps64.sys"
+ "ANDModem" "LGE Android Platform Mobile Support" "LG Electronics Inc." "c:\windows\system32\drivers\lgandmodem64.sys"
+ "andnetadb" "ADB Interface" "Google Inc" "c:\windows\system32\drivers\lgandnetadb.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "AtiPcie" "AMD PCIE Filter Driver for ATI PCIE chipset" "Advanced Micro Devices Inc." "c:\windows\system32\drivers\atipcie64.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "CrystalSysInfo" "" "" "c:\program files\mediacoder\sysinfox64.sys"
+ "dg_ssudbus" "SAMSUNG USB Composite Device Driver (MSS Ver.3)" "DEVGURU Co., LTD.(www.devguru.co.kr)" "c:\windows\system32\drivers\ssudbus.sys"
+ "easytether" "EasyTether Network Driver" "Mobile Stream" "c:\windows\system32\drivers\easytthr.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "hitmanpro36" "HitmanPro 3.6 Support Driver" "" "c:\windows\system32\drivers\hitmanpro36.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "HssDrv" "Expat Shield Routing Driver" "AnchorFree Inc." "c:\windows\system32\drivers\hssdrv.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "IntcAzAudAddService" "Realtek® High Definition Audio Function Driver" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtkvhd64.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "lvpopf64" "Logitech AudioProcessing Filter Driver" "Logitech Inc." "c:\windows\system32\drivers\lvpopf64.sys"
+ "LVPr2M64" "Logitech LVPr2M64 Driver" "Logitech Inc." "c:\windows\system32\drivers\lvpr2m64.sys"
+ "LVPr2Mon" "Logitech LVPr2M64 Driver" "Logitech Inc." "c:\windows\system32\drivers\lvpr2m64.sys"
+ "LVRS64" "Logitech Kernel Audio Improvement Filter Driver" "Logitech Inc." "c:\windows\system32\drivers\lvrs64.sys"
+ "LVUVC64" "Logitech USB Video Class Driver" "Logitech Inc." "c:\windows\system32\drivers\lvuvc64.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "netr28ux" "Ralink 802.11n Wireless Adapter Driver" "Ralink Technology Corp." "c:\windows\system32\drivers\netr28ux.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "RTL8167" "Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver " "Realtek " "c:\windows\system32\drivers\rt64win7.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "sptd" "" "" "c:\windows\system32\drivers\sptd.sys"
+ "ssudmdm" "SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.)" "DEVGURU Co., LTD.(www.devguru.co.kr)" "c:\windows\system32\drivers\ssudmdm.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "taphss" "TAP-Win32 Virtual Network Driver" "AnchorFree Inc" "c:\windows\system32\drivers\taphss.sys"
+ "usbbus" "LG CDMA USB Multi function Driver" "LG Electronics Inc." "c:\windows\system32\drivers\lgx64bus.sys"
+ "UsbDiag" "LGE CDMA USB Serial Port" "LG Electronics Inc." "c:\windows\system32\drivers\lgx64diag.sys"
+ "usbfilter" "AMD USB Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\usbfilter.sys"
+ "UsbGps" "LGE CDMA USB GPS NMEA Port" "LG Electronics Inc." "c:\windows\system32\drivers\lgx64gps.sys"
+ "USBModem" "LGE CDMA Modem Support" "LG Electronics Inc." "c:\windows\system32\drivers\lgx64modem.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "VNWUND6V" "NDIS 6.20 miniport driver" "VIA Networking Technologies, Inc. " "c:\windows\system32\drivers\vw7ux64v.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
+ "WDC_SAM" "Manages WD external storage products." "Western Digital Technologies" "c:\windows\system32\drivers\wdcsam64.sys"
+ "WsAudio_DeviceS(1)" "Wondershare Virtual Audio Device" "Wondershare" "c:\windows\system32\drivers\wsaudio_devices(1).sys"
+ "WsAudio_DeviceS(2)" "Wondershare Virtual Audio Device" "Wondershare" "c:\windows\system32\drivers\wsaudio_devices(2).sys"
+ "WsAudio_DeviceS(3)" "Wondershare Virtual Audio Device" "Wondershare" "c:\windows\system32\drivers\wsaudio_devices(3).sys"
+ "WsAudio_DeviceS(4)" "Wondershare Virtual Audio Device" "Wondershare" "c:\windows\system32\drivers\wsaudio_devices(4).sys"
+ "WsAudio_DeviceS(5)" "Wondershare Virtual Audio Device" "Wondershare" "c:\windows\system32\drivers\wsaudio_devices(5).sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
+ "vidc.i420" "Video Codec" "Logitech Inc." "c:\windows\system32\lvcod64.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
+ "vidc.i420" "Video Codec" "Logitech Inc." "c:\windows\syswow64\lvcodec2.dll"
+ "vidc.XVID" "" "" "c:\windows\syswow64\xvidvfw.dll"
+ "VIDC.YV12" "" "" "c:\windows\syswow64\xvidvfw.dll"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "MS PR Source Filter" "PlayReady DirectShow Source Filter DLL" "Microsoft Corporation" "c:\program files\playready\prsource.dll"
+ "PlayReady DMO Wrapper" "PlayReady DirectShow DMO Wrapper Filter DLL" "Microsoft Corporation" "c:\program files\playready\prdmowrapper.dll"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "AC3Filter" "ac3filter" "" "c:\windows\syswow64\ac3filter.ax"
+ "Capture File Writer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "CyberLink Audio Noise Reduction" "CLAuNR" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gaunrwrapper.ax"
+ "CyberLink Audio Resampler" "CLAuRsmpl.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gaursmpl.ax"
+ "CyberLink Audio VolumeBooster" "CyberLink Audio Volume Booster Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gvb.ax"
+ "CyberLink AudioCD Filter" "CyberLink AudioCD Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gaudiocd.ax"
+ "Cyberlink Dump Dispatch Filter" "Cyberlink File Dump Dispatch Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gdumpdispatch.ax"
+ "Cyberlink Dump Filter" "Cyberlink File Dump Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gdump.ax"
+ "CyberLink Editing Service 3.0 (Source)" "CES Kernel" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gedtkrn.dll"
+ "Cyberlink File Reader (Async.)" "Cyberlink MPEG File Reader" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2greader.ax"
+ "CyberLink Load Image Filter" "CLImage" "CyberLink" "c:\program files (x86)\cyberlink\shared files\climage.ax"
+ "CyberLink M2V Writer" "CLM2VWriter" "CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gm2vwriter.ax"
+ "CyberLink MP3/WAV Wrapper" "CyberLink MP3 Wrapper" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gmp3wrap.ax"
+ "CyberLink MPEG Decoder" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gmvd.ax"
+ "CyberLink MPEG Muxer" "MpgMux" "CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gmpgmux.ax"
+ "CyberLink MPEG Video Encoder" "CyberLink MPEG Video Encoder " "CyberLink Corp. " "c:\program files (x86)\cyberlink\power2go\p2gvidenc.ax"
+ "CyberLink MPEG-1 Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gm1spliter.ax"
+ "CyberLink MPEG-2 Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gm2spliter.ax"
+ "CyberLink PCM Wrapper" "CyberLink PCM Wrapper" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gpcmenc.ax"
+ "CyberLink TimeStretch Filter (CES)" "CLAuTS.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gauts.ax"
+ "CyberLink TL MPEG Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gtlmsplter.ax"
+ "CyberLink Video Effect" "CLVidFx" "CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gvidfx.ax"
+ "CyberLink Video Regulator" "CLRGL" "Cyberlink" "c:\program files (x86)\cyberlink\power2go\p2grgl.ax"
+ "CyberLink Video Stabilizer" "CLVideoDeShaking" "CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gvideostabilizer.ax"
+ "DirectVobSub" "DirectVobSub" "Gabest" "c:\windows\syswow64\dvobsub.ax"
+ "DirectVobSub (auto-loading version)" "DirectVobSub" "Gabest" "c:\windows\syswow64\dvobsub.ax"
+ "DTSSource" "" "" "c:\windows\syswow64\dtssource.ax"
+ "MACSReaderMP3 Filter" "MACSReaderMP3 Filter" "" "c:\program files (x86)\samsung\kies\external\mediamodules\macsreaderavi.ax"
+ "MS PR Source Filter" "PlayReady DirectShow Source Filter DLL" "Microsoft Corporation" "c:\program files (x86)\playready\prsource.dll"
+ "MusicCity MPEG Splitter" "PCube MPEG Splitter Filter" "© MusicCity" "c:\windows\syswow64\muzmpgsp.ax"
+ "MusicCity OGG Splitter" "OGG Splitter" "© PeeringPortal" "c:\windows\syswow64\muzoggsp.ax"
+ "NEDFilter4Samsung Filter" "MACSReaderMP3 Filter" "L544™ Technology" "c:\program files (x86)\samsung\kies\external\mediamodules\nedfilter4samsung.ax"
+ "P2G Audio Decoder" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gaud.ax"
+ "P2G Audio Encoder" "CyberLink Audio Encoder Filter" "Cyberlink Corp." "c:\program files (x86)\cyberlink\power2go\p2gaudenc.ax"
+ "P2G Video Decoder" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gvsd.ax"
+ "P2G Video Regulator" "CyberLink Video Regulator" "CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gresample.ax"
+ "P3Audio" "PCube Audio Decoder Filter" "© MusicCity" "c:\windows\syswow64\muzdecode.ax"
+ "P3AudioEffect" "P3AudioEffect Filter" "© MUSICCITY" "c:\windows\syswow64\muzeffect.ax"
+ "P3MP4Splitter" "P3MP4Splitter Filter" "© MusicCity" "c:\windows\syswow64\muzmp4sp.ax"
+ "P3Sourcer" "AOD Sourcer Filter" "Musiccity Co.Ltd." "c:\windows\syswow64\muzaf1.dll"
+ "P3WMTSplitter" "P3WMTSplitter Filter" " © MusicCity" "c:\windows\syswow64\muzwmts.dll"
+ "PlayReady DMO Wrapper" "PlayReady DirectShow DMO Wrapper Filter DLL" "Microsoft Corporation" "c:\program files (x86)\playready\prdmowrapper.dll"
+ "Record Queue" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "SelfMusicVideo Dump Filter" "SelfMusicVideo Dump Filter (DShow)" "ENJsoft Corporation" "c:\program files (x86)\samsung\kies\external\transmodules\tg_dump0708.dll"
+ "SpatialStereo Filter" "" "" "c:\windows\syswow64\3daudio.ax"
+ "Subtitle Source" "DirectVobSub" "Gabest" "c:\windows\syswow64\dvobsub.ax"
+ "WM VIH2 Fix" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT DV Extract Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "Xvid MPEG-4 Video Decoder" "" "" "c:\windows\syswow64\xvid.ax"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" "" "" ""
+ "WLIDCredentialProvider" "Microsoft® Windows Live ID Credential Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files (x86)\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "HP 9311 Status Monitor" "Print Status Language Monitor" "Hewlett-Packard Co." "c:\windows\system32\hpinksts9311lm.dll"
+ "HP Discovery Port Monitor (HP Deskjet 3050 J610 series)" "HP Discovery Port Monitor" "Hewlett-Packard Co." "c:\windows\system32\hpdiscopm9311.dll"
"C:\Users\Matthew Edwards\AppData\Local\Microsoft\Windows Sidebar\Settings.ini" "" "" ""
+ "CPU Meter" "See the current computer CPU and system memory (RAM)." "Microsoft Corporation" "C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\en-US\Gadget.xml"
+ "Power2Go" "Create discs by burning video, photo, music and data files quickly and easily." "CyberLink" "C:\Program Files\Windows Sidebar\Gadgets\Power2Go.Gadget\en-US\Gadget.xml"



#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:57 PM

Posted 25 October 2012 - 11:09 PM

So right now the only issue I'm having right now is spikes in CPU. I most often notice this when I'm watching a video in Windows Media Player, because the image freezes for a moment before playing at hyper speed to catch up.


Try a clean boot

http://www.askdrtech.com/solutions/post/How-to-perform-a-clean-startup-%28clean-boot%29-in-Windows-7.aspx

Reboot the PC.Does that help?

#9 mewikime

mewikime
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:09:57 AM

Posted 25 October 2012 - 11:43 PM

Yes, it appears it has, thanks.. But now what? The stuff that used to open at startup won't any more, including Microsoft Security Essentials, which I just downloaded, and other stuff like Skype and Easytether (to tether my android phone for internet). Is that okay?

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:57 PM

Posted 26 October 2012 - 12:05 AM

Try the STEP 2 given here

http://support.microsoft.com/kb/929135

Let me know which startup entry is causing issue.

#11 mewikime

mewikime
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:09:57 AM

Posted 26 October 2012 - 09:34 PM

Thanks. It was Serviio, as I originally suspected. Their support forum was of no help http://forum.serviio.org/viewtopic.php?f=5&t=7800. The software developer had no real answer for me so I guess I should uninstall the software and look for something else? Meanwhile, I've re-checked everything in the services and startup tabs in msconfig, except for anything Serviio-related.

Edited by mewikime, 26 October 2012 - 10:53 PM.


#12 mewikime

mewikime
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:09:57 AM

Posted 26 October 2012 - 11:25 PM

EDIT: Merged from second topic - Platypus ((Mod)

Now when my computer starts, I get two RunDLL popups, saying

There was a problem starting C:\User\Matthew Edwards\AppData\Roaming\easib.dll

The specified module cannot be found.

and another notice saying the exact same thing, but about sxrsc.dll

What are these dll files? Do I need them? If not, is there a way to shut the notices off?

The other question I have is regarding the Startup tab in MSconfig. When I check the box to hide Microsoft services, I have some startup items for programs that I don't have installed any more. The are:
  • Aimersoft Studio at C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe, and HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run
  • Norton Online Backup at C:\Program Files (x86)\Symnatec\Norton Online Backup\NOBuClient.exe, and HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run
  • PDF Complete at C:\Program Files (x86)\PDF Complete\pdfsty.exe, and HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run

and the previously mentioned

  • easib at rundll32.exe "C:\User\Matthew Edwards\AppData\Roaming\easib.dll",DoHotMailWizard and HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run
  • sxrsc at "C:\Windows\System32\rundll32.exe" "C:\User\Matthew Edwards\AppData\Roaming\sxrsc.dll",GetShaderConstantTableEx and HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run

I know I can uncheck these, but they're still there, and especially for the programs I uninstalled, isn't there a way of removing them from the list completely?

Additionally the programs mentioned in the first list are showing up all over the place in regedit even though I uninstalled them through Control Panel. Shouldn't that have removed all registry entries? I've ran CCleaner and the Tweaking.com program, but the entries are still there.

Thanks

Edited by Platypus, 27 October 2012 - 04:06 AM.


#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:57 PM

Posted 27 October 2012 - 12:58 AM

Press windows+R key and type

msconfig and click ok

Change the startup type to normal and run autoruns again and post the new log

Edited by Platypus, 27 October 2012 - 04:18 AM.


#14 mewikime

mewikime
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:09:57 AM

Posted 27 October 2012 - 02:43 AM

It's almost 1am here now, so I'll post the log tomorrow.

Edited by Platypus, 27 October 2012 - 04:18 AM.


#15 mewikime

mewikime
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:09:57 AM

Posted 27 October 2012 - 03:58 PM

Hi, sorry about before, Narenxp.. My fault.

Here's the new AutoRuns log:

"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" ""
+ "rdpclip" "" "" "File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "AdobeAAMUpdater-1.0" "Adobe Updater Startup Utility" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\oobe\pdapp\uwa\updaterstartuputility.exe"
+ "easib" "" "" "File not found: C:\Users\Matthew Edwards\AppData\Roaming\easib.dll"
+ "hpsysdrv" "hpsysdrv" "Hewlett-Packard" "c:\program files (x86)\hewlett-packard\hp odometer\hpsysdrv.exe"
+ "MSC" "Microsoft Security Client User Interface" "Microsoft Corporation" "c:\program files\microsoft security client\msseces.exe"
+ "sxrsc" "" "" "File not found: C:\Users\Matthew Edwards\AppData\Roaming\sxrsc.dll"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe"
+ "Aimersoft Helper Compact.exe" "" "" "File not found: C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe"
+ "AppleSyncNotifier" "AppleSyncNotifier" "Apple Inc." "c:\program files (x86)\common files\apple\mobile device support\applesyncnotifier.exe"
+ "APSDaemon" "Apple Push" "Apple Inc." "c:\program files (x86)\common files\apple\apple application support\apsdaemon.exe"
+ "BingDesktop" "Bing Desktop application" "Microsoft Corp." "c:\program files (x86)\microsoft\bingdesktop\bingdesktop.exe"
+ "HP Software Update" "hpwuSchd Application" "Hewlett-Packard" "c:\program files (x86)\hp\hp software update\hpwuschd2.exe"
+ "iTunesHelper" "iTunesHelper" "Apple Inc." "c:\program files (x86)\itunes\ituneshelper.exe"
+ "KiesTrayAgent" "Kies TrayAgent Application" "Samsung Electronics Co., Ltd." "c:\program files (x86)\samsung\kies\kiestrayagent.exe"
+ "LWS" "Logitech Webcam Software" "Logitech Inc." "c:\program files (x86)\logitech\lws\webcam software\lws.exe"
+ "Norton Online Backup" "" "" "File not found: C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe"
+ "PDF Complete" "" "" "File not found: C:\Program Files (x86)\PDF Complete\pdfsty.exe"
+ "QuickTime Task" "QuickTime Task" "Apple Inc." "c:\program files (x86)\quicktime\qttask.exe"
+ "StartCCC" "Catalyst® Control Center Launcher" "Advanced Micro Devices, Inc." "c:\program files (x86)\ati technologies\ati.ace\core-static\clistart.exe"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files (x86)\common files\java\java update\jusched.exe"
"C:\Users\Matthew Edwards\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "Serviio.lnk" "" "" "File not found: C:\Program Files\Serviio\bin\ServiioConsole.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "ApplePhotoStreams" "ApplePhotoStreams.exe" "Apple Inc." "c:\program files (x86)\common files\apple\internet services\applephotostreams.exe"
+ "EasyTether" "EasyTether Tray" "Mobile Stream" "c:\program files (x86)\mobile stream\easytether\easytthr.exe"
+ "iCloudServices" "iCloud" "Apple Inc." "c:\program files (x86)\common files\apple\internet services\icloudservices.exe"
+ "KiesAirMessage" "" "Samsung Electronics" "c:\program files (x86)\samsung\kies\kiesairmessage.exe"
+ "KiesPreload" "Kies" "Samsung" "c:\program files (x86)\samsung\kies\kies.exe"
+ "Sidebar" "Windows Desktop Gadgets" "Microsoft Corporation" "c:\program files\windows sidebar\sidebar.exe"
+ "Skype" "Skype " "Skype Technologies S.A." "c:\program files (x86)\skype\phone\skype.exe"
"HKLM\SOFTWARE\Classes\Protocols\Handler" "" "" ""
+ "skype-ie-addon-data" "Skype Click to Call for Internet Explorer" "Skype Technologies S.A." "c:\program files (x86)\skype\toolbars\internet explorer x64\skypeieplugin.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll"
+ "PhotoStreamsExt" "" "" "c:\program files\common files\apple\internet services\shellstreams64.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "PhotoStreamsExt" "ShellStreams.dll" "Apple Inc." "c:\program files (x86)\common files\apple\internet services\shellstreams.dll"
+ "WinRAR32" "" "" "c:\program files\winrar\rarext32.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "WinRAR32" "" "" "c:\program files\winrar\rarext32.dll"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "WinRAR32" "" "" "c:\program files\winrar\rarext32.dll"
"HKLM\Software\Classes\Directory\Shellex\CopyHookHandlers" "" "" ""
+ "FileZilla3CopyHook" "fzshellext Dynamic Link Library" "" "c:\program files (x86)\filezilla ftp client\fzshellext_64.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Shellex\CopyHookHandlers" "" "" ""
+ "FileZilla3CopyHook" "fzshellext Dynamic Link Library" "" "c:\program files (x86)\filezilla ftp client\fzshellext.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "ACE" "AMD Desktop Control Panel" "Advanced Micro Devices, Inc." "c:\program files (x86)\ati technologies\ati.ace\core-static\atiacm64.dll"
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll"
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" "" "OpenOffice.org" "c:\program files (x86)\openoffice.org 3\basis\program\shlxthdl\shlxthdl_x64.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
+ "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" "" "OpenOffice.org" "c:\program files (x86)\openoffice.org 3\basis\program\shlxthdl\shlxthdl.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "WinRAR32" "" "" "c:\program files\winrar\rarext32.dll"
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "WinRAR32" "" "" "c:\program files\winrar\rarext32.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Expat Shield Class" "" "" "File not found: C:\Program Files (x86)\Expat Shield\HssIE\ExpatIE_64.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files\oracle\javafx 2.0 runtime\bin\jp2ssv.dll"
+ "Skype add-on for Internet Explorer" "Skype Click to Call for Internet Explorer" "Skype Technologies S.A." "c:\program files (x86)\skype\toolbars\internet explorer x64\skypeieplugin.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files (x86)\java\jre6\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files (x86)\java\jre6\bin\ssv.dll"
+ "Skype Browser Helper" "Skype Click to Call for Internet Explorer" "Skype Technologies S.A." "c:\program files (x86)\skype\toolbars\internet explorer\skypeieplugin.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "Skype Click to Call" "Skype Click to Call for Internet Explorer" "Skype Technologies S.A." "c:\program files (x86)\skype\toolbars\internet explorer x64\skypeieplugin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "&Blog This in Windows Live Writer" "Windows Live Writer Blog This Extension" "Microsoft Corporation" "c:\program files (x86)\windows live\writer\writerbrowserextension.dll"
+ "Add to Wish List" "" "" "c:\program files (x86)\amazon\add to wish list ie extension\run.htm"
+ "Skype Click to Call" "Skype Click to Call for Internet Explorer" "Skype Technologies S.A." "c:\program files (x86)\skype\toolbars\internet explorer\skypeieplugin.dll"
"Task Scheduler" "" "" ""
+ "\Adobe Flash Player Updater" "Adobe® Flash® Player Update Service 11.4 r402" "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "\Apple\AppleSoftwareUpdate" "Apple Software Update" "Apple Inc." "c:\program files (x86)\apple software update\softwareupdate.exe"
+ "\DST" "Toaster" "Microsoft" "c:\program files (x86)\hewlett-packard\setup manager\toaster.exe"
+ "\GoogleUpdateTaskMachineCore" "Google Installer" "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskMachineUA" "Google Installer" "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-675813629-1504490578-3824506977-1000Core" "" "" "File not found: C:\Users\Matthew Edwards\AppData\Local\Google\Update\GoogleUpdate.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-675813629-1504490578-3824506977-1000UA" "" "" "File not found: C:\Users\Matthew Edwards\AppData\Local\Google\Update\GoogleUpdate.exe"
+ "\HPCeeScheduleForMatthew Edwards" "HP Ceement" "Hewlett-Packard" "c:\program files (x86)\hewlett-packard\hp ceement\hpcee.exe"
+ "\HPCeeScheduleForMATTHEWEDWARDS$" "HP Ceement" "Hewlett-Packard" "c:\program files (x86)\hewlett-packard\hp ceement\hpcee.exe"
+ "\hpwebreg_CN19K414CQ05HX" "WebRegistrationApp" "Hewlett-Packard Co." "c:\program files\hp\hp deskjet 3050 j610 series\bin\hpwebreg.exe"
+ "\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\microsoft security client\mpcmdrun.exe"
+ "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task" "Windows Live Social Object Extractor Engine" "Microsoft Corporation" "c:\program files (x86)\windows live\soxe\wlsoxe.dll"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
+ "\SidebarExecute" "Windows Desktop Gadgets" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sidebar.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AdobeARMservice" "Adobe Acrobat Updater keeps your Adobe software up to date." "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe"
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "AMD External Events Utility" "AMD External Events Service Module" "AMD" "c:\windows\system32\atiesrxx.exe"
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files (x86)\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "BingDesktopUpdate" "Bing Desktop Update Service" "Microsoft Corp." "c:\program files (x86)\microsoft\bingdesktop\bingdesktopupdater.exe"
+ "Bonjour Service" "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence." "Apple Inc." "c:\program files\bonjour\mdnsresponder.exe"
+ "cvhsvc" "Client Virtualization Handler Service (unlocalized description)" "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\virtualization handler\cvhsvc.exe"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "HP Support Assistant Service" "HP Support Assistant Service" "Hewlett-Packard Company" "c:\program files (x86)\hewlett-packard\hp support framework\hpsa_service.exe"
+ "HPAuto" "HP Usage Improvement Tracking" "Hewlett-Packard" "c:\program files\hewlett-packard\hp auto\hpauto.exe"
+ "HPClientSvc" "HP Client Services" "Hewlett-Packard Company" "c:\program files\hewlett-packard\hp client services\hpclientservices.exe"
+ "HPDrvMntSvc.exe" "HP Quick Synchronization Service" "Hewlett-Packard Company" "c:\program files (x86)\hewlett-packard\shared\hpdrvmntsvc.exe"
+ "hpqwmiex" "hpqwmiex Module" "Hewlett-Packard Company" "c:\program files (x86)\hewlett-packard\shared\hpqwmiex.exe"
+ "iPod Service" "iPod hardware management services" "Apple Inc." "c:\program files\ipod\bin\ipodservice.exe"
+ "LightScribeService" "Used by the LightScribe software components to support 3rd party disc labeling applications using the LightScribe COM Application Programming Interface (LSCAPI). This service needs to run for LightScribe direct disc labeling to work." "Hewlett-Packard Company" "c:\program files (x86)\common files\lightscribe\lssrvc.exe"
+ "MozillaMaintenance" "The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled." "Mozilla Foundation" "c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe"
+ "MsMpSvc" "Helps protect users from malware and other potentially unwanted software" "Microsoft Corporation" "c:\program files\microsoft security client\msmpeng.exe"
+ "NisSrv" "Helps guard against intrusion attempts targeting known and newly discovered vulnerabilities in network protocols" "Microsoft Corporation" "c:\program files\microsoft security client\nissrv.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"
+ "osppsvc" "Office Software Protection Platform Service (unlocalized description)" "Microsoft Corporation" "c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe"
+ "RoxioNow Service" "Windows Service App" "Roxio" "c:\program files (x86)\roxio\roxionow player\rnowsvc.exe"
+ "sftlist" "Streams and manages applications." "Microsoft Corporation" "c:\program files (x86)\microsoft application virtualization client\sftlist.exe"
+ "sftvsa" "Monitors global service events and launches virtual services." "Microsoft Corporation" "c:\program files (x86)\microsoft application virtualization client\sftvsa.exe"
+ "Skype C2C Service" "Skype Click to Call Update Service" "Skype Technologies S.A." "c:\programdata\skype\toolbars\skype c2c service\c2c_service.exe"
+ "SkypeUpdate" "Enables the detection, download and installation of updates for Skype." "Skype Technologies" "c:\program files (x86)\skype\updater\updater.exe"
+ "UMVPFSrv" "UMVPF is a user mode Logitech driver" "Logitech Inc." "c:\program files (x86)\common files\logishrd\lvmvfm\umvpfsrv.exe"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "" "File not found: C:\Program Files (x86)\Windows Defender\mpsvc.dll"
+ "wlidsvc" "Enables Windows Live ID authentication." "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amd_sata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amd_sata.sys"
+ "amd_xata" "Stor Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amd_xata.sys"
+ "amdkmdag" "ATI Radeon Kernel Mode Driver" "ATI Technologies Inc." "c:\windows\system32\drivers\atikmdag.sys"
+ "amdkmdap" "AMD multi-vendor Miniport Driver" "Advanced Micro Devices, Inc." "c:\windows\system32\drivers\atikmpag.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "Andbus" "LGE Android Platform Driver" "LG Electronics Inc." "c:\windows\system32\drivers\lgandbus64.sys"
+ "AndDiag" "LGE Android Platform USB Serial Port" "LG Electronics Inc." "c:\windows\system32\drivers\lganddiag64.sys"
+ "AndGps" "LGE Android Platform USB GPS NMEA Port" "LG Electronics Inc." "c:\windows\system32\drivers\lgandgps64.sys"
+ "ANDModem" "LGE Android Platform Mobile Support" "LG Electronics Inc." "c:\windows\system32\drivers\lgandmodem64.sys"
+ "andnetadb" "ADB Interface" "Google Inc" "c:\windows\system32\drivers\lgandnetadb.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "AtiPcie" "AMD PCIE Filter Driver for ATI PCIE chipset" "Advanced Micro Devices Inc." "c:\windows\system32\drivers\atipcie64.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "CrystalSysInfo" "" "" "c:\program files\mediacoder\sysinfox64.sys"
+ "dg_ssudbus" "SAMSUNG USB Composite Device Driver (MSS Ver.3)" "DEVGURU Co., LTD.(www.devguru.co.kr)" "c:\windows\system32\drivers\ssudbus.sys"
+ "easytether" "EasyTether Network Driver" "Mobile Stream" "c:\windows\system32\drivers\easytthr.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "hitmanpro36" "HitmanPro 3.6 Support Driver" "" "c:\windows\system32\drivers\hitmanpro36.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "HssDrv" "Expat Shield Routing Driver" "AnchorFree Inc." "c:\windows\system32\drivers\hssdrv.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "IntcAzAudAddService" "Realtek® High Definition Audio Function Driver" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtkvhd64.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "lvpopf64" "Logitech AudioProcessing Filter Driver" "Logitech Inc." "c:\windows\system32\drivers\lvpopf64.sys"
+ "LVPr2M64" "Logitech LVPr2M64 Driver" "Logitech Inc." "c:\windows\system32\drivers\lvpr2m64.sys"
+ "LVPr2Mon" "Logitech LVPr2M64 Driver" "Logitech Inc." "c:\windows\system32\drivers\lvpr2m64.sys"
+ "LVRS64" "Logitech Kernel Audio Improvement Filter Driver" "Logitech Inc." "c:\windows\system32\drivers\lvrs64.sys"
+ "LVUVC64" "Logitech USB Video Class Driver" "Logitech Inc." "c:\windows\system32\drivers\lvuvc64.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "netr28ux" "Ralink 802.11n Wireless Adapter Driver" "Ralink Technology Corp." "c:\windows\system32\drivers\netr28ux.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "RTL8167" "Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver " "Realtek " "c:\windows\system32\drivers\rt64win7.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "sptd" "" "" "c:\windows\system32\drivers\sptd.sys"
+ "ssudmdm" "SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.)" "DEVGURU Co., LTD.(www.devguru.co.kr)" "c:\windows\system32\drivers\ssudmdm.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "taphss" "TAP-Win32 Virtual Network Driver" "AnchorFree Inc" "c:\windows\system32\drivers\taphss.sys"
+ "usbbus" "LG CDMA USB Multi function Driver" "LG Electronics Inc." "c:\windows\system32\drivers\lgx64bus.sys"
+ "UsbDiag" "LGE CDMA USB Serial Port" "LG Electronics Inc." "c:\windows\system32\drivers\lgx64diag.sys"
+ "usbfilter" "AMD USB Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\usbfilter.sys"
+ "UsbGps" "LGE CDMA USB GPS NMEA Port" "LG Electronics Inc." "c:\windows\system32\drivers\lgx64gps.sys"
+ "USBModem" "LGE CDMA Modem Support" "LG Electronics Inc." "c:\windows\system32\drivers\lgx64modem.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "VNWUND6V" "NDIS 6.20 miniport driver" "VIA Networking Technologies, Inc. " "c:\windows\system32\drivers\vw7ux64v.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
+ "WDC_SAM" "Manages WD external storage products." "Western Digital Technologies" "c:\windows\system32\drivers\wdcsam64.sys"
+ "WsAudio_DeviceS(1)" "Wondershare Virtual Audio Device" "Wondershare" "c:\windows\system32\drivers\wsaudio_devices(1).sys"
+ "WsAudio_DeviceS(2)" "Wondershare Virtual Audio Device" "Wondershare" "c:\windows\system32\drivers\wsaudio_devices(2).sys"
+ "WsAudio_DeviceS(3)" "Wondershare Virtual Audio Device" "Wondershare" "c:\windows\system32\drivers\wsaudio_devices(3).sys"
+ "WsAudio_DeviceS(4)" "Wondershare Virtual Audio Device" "Wondershare" "c:\windows\system32\drivers\wsaudio_devices(4).sys"
+ "WsAudio_DeviceS(5)" "Wondershare Virtual Audio Device" "Wondershare" "c:\windows\system32\drivers\wsaudio_devices(5).sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
+ "vidc.i420" "Video Codec" "Logitech Inc." "c:\windows\system32\lvcod64.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
+ "vidc.i420" "Video Codec" "Logitech Inc." "c:\windows\syswow64\lvcodec2.dll"
+ "vidc.XVID" "" "" "c:\windows\syswow64\xvidvfw.dll"
+ "VIDC.YV12" "" "" "c:\windows\syswow64\xvidvfw.dll"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "MS PR Source Filter" "PlayReady DirectShow Source Filter DLL" "Microsoft Corporation" "c:\program files\playready\prsource.dll"
+ "PlayReady DMO Wrapper" "PlayReady DirectShow DMO Wrapper Filter DLL" "Microsoft Corporation" "c:\program files\playready\prdmowrapper.dll"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "AC3Filter" "ac3filter" "" "c:\windows\syswow64\ac3filter.ax"
+ "Capture File Writer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "CyberLink Audio Noise Reduction" "CLAuNR" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gaunrwrapper.ax"
+ "CyberLink Audio Resampler" "CLAuRsmpl.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gaursmpl.ax"
+ "CyberLink Audio VolumeBooster" "CyberLink Audio Volume Booster Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gvb.ax"
+ "CyberLink AudioCD Filter" "CyberLink AudioCD Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gaudiocd.ax"
+ "Cyberlink Dump Dispatch Filter" "Cyberlink File Dump Dispatch Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gdumpdispatch.ax"
+ "Cyberlink Dump Filter" "Cyberlink File Dump Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gdump.ax"
+ "CyberLink Editing Service 3.0 (Source)" "CES Kernel" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gedtkrn.dll"
+ "Cyberlink File Reader (Async.)" "Cyberlink MPEG File Reader" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2greader.ax"
+ "CyberLink Load Image Filter" "CLImage" "CyberLink" "c:\program files (x86)\cyberlink\shared files\climage.ax"
+ "CyberLink M2V Writer" "CLM2VWriter" "CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gm2vwriter.ax"
+ "CyberLink MP3/WAV Wrapper" "CyberLink MP3 Wrapper" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gmp3wrap.ax"
+ "CyberLink MPEG Decoder" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gmvd.ax"
+ "CyberLink MPEG Muxer" "MpgMux" "CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gmpgmux.ax"
+ "CyberLink MPEG Video Encoder" "CyberLink MPEG Video Encoder " "CyberLink Corp. " "c:\program files (x86)\cyberlink\power2go\p2gvidenc.ax"
+ "CyberLink MPEG-1 Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gm1spliter.ax"
+ "CyberLink MPEG-2 Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gm2spliter.ax"
+ "CyberLink PCM Wrapper" "CyberLink PCM Wrapper" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gpcmenc.ax"
+ "CyberLink TimeStretch Filter (CES)" "CLAuTS.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gauts.ax"
+ "CyberLink TL MPEG Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gtlmsplter.ax"
+ "CyberLink Video Effect" "CLVidFx" "CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gvidfx.ax"
+ "CyberLink Video Regulator" "CLRGL" "Cyberlink" "c:\program files (x86)\cyberlink\power2go\p2grgl.ax"
+ "CyberLink Video Stabilizer" "CLVideoDeShaking" "CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gvideostabilizer.ax"
+ "DirectVobSub" "DirectVobSub" "Gabest" "c:\windows\syswow64\dvobsub.ax"
+ "DirectVobSub (auto-loading version)" "DirectVobSub" "Gabest" "c:\windows\syswow64\dvobsub.ax"
+ "DTSSource" "" "" "c:\windows\syswow64\dtssource.ax"
+ "MACSReaderMP3 Filter" "MACSReaderMP3 Filter" "" "c:\program files (x86)\samsung\kies\external\mediamodules\macsreaderavi.ax"
+ "MS PR Source Filter" "PlayReady DirectShow Source Filter DLL" "Microsoft Corporation" "c:\program files (x86)\playready\prsource.dll"
+ "MusicCity MPEG Splitter" "PCube MPEG Splitter Filter" "© MusicCity" "c:\windows\syswow64\muzmpgsp.ax"
+ "MusicCity OGG Splitter" "OGG Splitter" "© PeeringPortal" "c:\windows\syswow64\muzoggsp.ax"
+ "NEDFilter4Samsung Filter" "MACSReaderMP3 Filter" "L544™ Technology" "c:\program files (x86)\samsung\kies\external\mediamodules\nedfilter4samsung.ax"
+ "P2G Audio Decoder" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gaud.ax"
+ "P2G Audio Encoder" "CyberLink Audio Encoder Filter" "Cyberlink Corp." "c:\program files (x86)\cyberlink\power2go\p2gaudenc.ax"
+ "P2G Video Decoder" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gvsd.ax"
+ "P2G Video Regulator" "CyberLink Video Regulator" "CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gresample.ax"
+ "P3Audio" "PCube Audio Decoder Filter" "© MusicCity" "c:\windows\syswow64\muzdecode.ax"
+ "P3AudioEffect" "P3AudioEffect Filter" "© MUSICCITY" "c:\windows\syswow64\muzeffect.ax"
+ "P3MP4Splitter" "P3MP4Splitter Filter" "© MusicCity" "c:\windows\syswow64\muzmp4sp.ax"
+ "P3Sourcer" "AOD Sourcer Filter" "Musiccity Co.Ltd." "c:\windows\syswow64\muzaf1.dll"
+ "P3WMTSplitter" "P3WMTSplitter Filter" " © MusicCity" "c:\windows\syswow64\muzwmts.dll"
+ "PlayReady DMO Wrapper" "PlayReady DirectShow DMO Wrapper Filter DLL" "Microsoft Corporation" "c:\program files (x86)\playready\prdmowrapper.dll"
+ "Record Queue" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "SelfMusicVideo Dump Filter" "SelfMusicVideo Dump Filter (DShow)" "ENJsoft Corporation" "c:\program files (x86)\samsung\kies\external\transmodules\tg_dump0708.dll"
+ "SpatialStereo Filter" "" "" "c:\windows\syswow64\3daudio.ax"
+ "Subtitle Source" "DirectVobSub" "Gabest" "c:\windows\syswow64\dvobsub.ax"
+ "WM VIH2 Fix" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT DV Extract Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "Xvid MPEG-4 Video Decoder" "" "" "c:\windows\syswow64\xvid.ax"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" "" "" ""
+ "WLIDCredentialProvider" "Microsoft® Windows Live ID Credential Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files (x86)\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "HP 9311 Status Monitor" "Print Status Language Monitor" "Hewlett-Packard Co." "c:\windows\system32\hpinksts9311lm.dll"
+ "HP Discovery Port Monitor (HP Deskjet 3050 J610 series)" "HP Discovery Port Monitor" "Hewlett-Packard Co." "c:\windows\system32\hpdiscopm9311.dll"
"C:\Users\Matthew Edwards\AppData\Local\Microsoft\Windows Sidebar\Settings.ini" "" "" ""
+ "CPU Meter" "See the current computer CPU and system memory (RAM)." "Microsoft Corporation" "C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\en-US\Gadget.xml"
+ "Power2Go" "Create discs by burning video, photo, music and data files quickly and easily." "CyberLink" "C:\Program Files\Windows Sidebar\Gadgets\Power2Go.Gadget\en-US\Gadget.xml"






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users