Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

firewall error 0x6d9 and cannot download files


  • Please log in to reply
16 replies to this topic

#1 irish94

irish94

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:05:11 PM

Posted 26 October 2012 - 10:45 PM

With malwarebytes and AVG free 2013, I have removed some bad stuff from the computer, but Windows Firewall gives error code 0x6d9 when I open it to turn it on. I also am unable to download files. Firefox simply cancels the downloads. IE will not download either. Says security settings do not allow it (or such). Thoughts on remedying or seeing if anything else is on the computer? Malwarebytes shows nothing else. Thank you.

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:11 PM

Posted 27 October 2012 - 12:52 AM

Copy the files to infected PC

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 irish94

irish94
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:05:11 PM

Posted 27 October 2012 - 01:51 PM

TDS file:
11:53:34.0139 1556 TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
11:53:34.0482 1556 ============================================================
11:53:34.0482 1556 Current date / time: 2012/10/27 11:53:34.0482
11:53:34.0482 1556 SystemInfo:
11:53:34.0482 1556
11:53:34.0482 1556 OS Version: 6.0.6002 ServicePack: 2.0
11:53:34.0482 1556 Product type: Workstation
11:53:34.0482 1556 ComputerName: MJMLAPTOP
11:53:34.0482 1556 UserName: Matthew
11:53:34.0482 1556 Windows directory: C:\Windows
11:53:34.0482 1556 System windows directory: C:\Windows
11:53:34.0482 1556 Processor architecture: Intel x86
11:53:34.0482 1556 Number of processors: 2
11:53:34.0482 1556 Page size: 0x1000
11:53:34.0482 1556 Boot type: Normal boot
11:53:34.0482 1556 ============================================================
11:53:35.0901 1556 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
11:53:35.0917 1556 Drive \Device\Harddisk1\DR1 - Size: 0x3CF00000 (0.95 Gb), SectorSize: 0x200, Cylinders: 0x7C, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
11:53:35.0917 1556 ============================================================
11:53:35.0917 1556 \Device\Harddisk0\DR0:
11:53:35.0917 1556 MBR partitions:
11:53:35.0917 1556 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x23E68FC1
11:53:35.0917 1556 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x23E69000, BlocksNum 0x15C4000
11:53:35.0917 1556 \Device\Harddisk1\DR1:
11:53:35.0917 1556 MBR partitions:
11:53:35.0917 1556 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x6, StartLBA 0x20, BlocksNum 0x1E77E0
11:53:35.0917 1556 ============================================================
11:53:35.0917 1556 C: <-> \Device\Harddisk0\DR0\Partition1
11:53:35.0979 1556 D: <-> \Device\Harddisk0\DR0\Partition2
11:53:35.0979 1556 ============================================================
11:53:35.0979 1556 Initialize success
11:53:35.0979 1556 ============================================================
11:53:55.0308 2588 ============================================================
11:53:55.0308 2588 Scan started
11:53:55.0308 2588 Mode: Manual; TDLFS;
11:53:55.0308 2588 ============================================================
11:53:56.0306 2588 ================ Scan system memory ========================
11:53:56.0306 2588 System memory - ok
11:53:56.0306 2588 ================ Scan services =============================
11:53:56.0462 2588 33bdbb30 - ok
11:53:56.0603 2588 3comtftp - ok
11:53:56.0681 2588 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
11:53:56.0681 2588 ACPI - ok
11:53:56.0696 2588 AcronisOSSReinstallSvc - ok
11:53:56.0696 2588 ADIDTSFiltService - ok
11:53:56.0790 2588 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
11:53:56.0790 2588 AdobeARMservice - ok
11:53:56.0899 2588 [ B2B64AF436FACCFA854DD397027C5360 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
11:53:56.0899 2588 AdobeFlashPlayerUpdateSvc - ok
11:53:56.0961 2588 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
11:53:56.0977 2588 adp94xx - ok
11:53:57.0008 2588 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys
11:53:57.0024 2588 adpahci - ok
11:53:57.0024 2588 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
11:53:57.0024 2588 adpu160m - ok
11:53:57.0039 2588 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
11:53:57.0055 2588 adpu320 - ok
11:53:57.0102 2588 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
11:53:57.0102 2588 AeLookupSvc - ok
11:53:57.0149 2588 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
11:53:57.0149 2588 AFD - ok
11:53:57.0180 2588 AFGMp50 - ok
11:53:57.0211 2588 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys
11:53:57.0211 2588 agp440 - ok
11:53:57.0227 2588 agpcpq - ok
11:53:57.0227 2588 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
11:53:57.0227 2588 aic78xx - ok
11:53:57.0242 2588 aksusb - ok
11:53:57.0258 2588 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
11:53:57.0258 2588 ALG - ok
11:53:57.0273 2588 [ 3D76FDA1A10ACC3DC84728F55C29B6D4 ] aliide C:\Windows\system32\drivers\aliide.sys
11:53:57.0273 2588 aliide - ok
11:53:57.0305 2588 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys
11:53:57.0320 2588 amdagp - ok
11:53:57.0351 2588 [ 5B92E7839F5A1FBC1B39DE67758AD6F8 ] amdide C:\Windows\system32\drivers\amdide.sys
11:53:57.0351 2588 amdide - ok
11:53:57.0367 2588 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
11:53:57.0398 2588 AmdK7 - ok
11:53:57.0414 2588 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
11:53:57.0429 2588 AmdK8 - ok
11:53:57.0445 2588 antivirservice - ok
11:53:57.0461 2588 Anydlc - ok
11:53:57.0492 2588 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
11:53:57.0507 2588 Appinfo - ok
11:53:57.0570 2588 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
11:53:57.0570 2588 Apple Mobile Device - ok
11:53:57.0632 2588 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys
11:53:57.0648 2588 arc - ok
11:53:57.0648 2588 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys
11:53:57.0648 2588 arcsas - ok
11:53:57.0663 2588 artdhcp - ok
11:53:57.0663 2588 artourservice - ok
11:53:57.0710 2588 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
11:53:57.0710 2588 AsyncMac - ok
11:53:57.0757 2588 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys
11:53:57.0757 2588 atapi - ok
11:53:57.0819 2588 [ 600EFE56F37ADBD65A0FB076B50D1B8D ] athr C:\Windows\system32\DRIVERS\athr.sys
11:53:57.0882 2588 athr - ok
11:53:57.0897 2588 ati - ok
11:53:57.0913 2588 atkdisplf - ok
11:53:57.0960 2588 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:53:57.0975 2588 AudioEndpointBuilder - ok
11:53:57.0991 2588 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
11:53:57.0991 2588 Audiosrv - ok
11:53:58.0256 2588 [ B41F0E54105801538D56623271A0AE49 ] AVGIDSAgent C:\Program Files\AVG\AVG2013\avgidsagent.exe
11:53:58.0412 2588 AVGIDSAgent - ok
11:53:58.0459 2588 [ 2F47851015D8837976E481F6DAA46A67 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdriverx.sys
11:53:58.0475 2588 AVGIDSDriver - ok
11:53:58.0506 2588 [ 303BDE0DCDC04CE597C6C1CD06C6F186 ] AVGIDSHX C:\Windows\system32\DRIVERS\avgidshx.sys
11:53:58.0506 2588 AVGIDSHX - ok
11:53:58.0568 2588 [ A8DE230CC8536790CA07D37FBCD87A74 ] AVGIDSShim C:\Windows\system32\DRIVERS\avgidsshimx.sys
11:53:58.0584 2588 AVGIDSShim - ok
11:53:58.0599 2588 [ D53D35031365A0ECCB1DC1BC1B15B18E ] Avgldx86 C:\Windows\system32\DRIVERS\avgldx86.sys
11:53:58.0615 2588 Avgldx86 - ok
11:53:58.0662 2588 [ 95889A9D23F3133250FA8AD13C982D58 ] Avglogx C:\Windows\system32\DRIVERS\avglogx.sys
11:53:58.0677 2588 Avglogx - ok
11:53:58.0693 2588 [ 6DF7236D3A16C8417FF72F2EB2ADD244 ] Avgmfx86 C:\Windows\system32\DRIVERS\avgmfx86.sys
11:53:58.0693 2588 Avgmfx86 - ok
11:53:58.0724 2588 [ F3D57358DE0B8B3491013C615754A7C7 ] Avgrkx86 C:\Windows\system32\DRIVERS\avgrkx86.sys
11:53:58.0724 2588 Avgrkx86 - ok
11:53:58.0740 2588 [ BA73B38E9033FC6018DB736B635706AE ] Avgtdix C:\Windows\system32\DRIVERS\avgtdix.sys
11:53:58.0771 2588 Avgtdix - ok
11:53:58.0802 2588 [ 0D2EB149AFF89A307E5D82D0A2B78439 ] avgwd C:\Program Files\AVG\AVG2013\avgwdsvc.exe
11:53:58.0802 2588 avgwd - ok
11:53:58.0818 2588 avp - ok
11:53:58.0833 2588 AVRec - ok
11:53:58.0833 2588 awhost32 - ok
11:53:58.0849 2588 bb-run - ok
11:53:58.0896 2588 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
11:53:58.0896 2588 Beep - ok
11:53:58.0943 2588 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
11:53:58.0958 2588 blbdrive - ok
11:53:59.0021 2588 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
11:53:59.0021 2588 bowser - ok
11:53:59.0052 2588 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
11:53:59.0067 2588 BrFiltLo - ok
11:53:59.0083 2588 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
11:53:59.0099 2588 BrFiltUp - ok
11:53:59.0130 2588 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
11:53:59.0130 2588 Browser - ok
11:53:59.0145 2588 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
11:53:59.0177 2588 Brserid - ok
11:53:59.0192 2588 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
11:53:59.0208 2588 BrSerWdm - ok
11:53:59.0223 2588 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
11:53:59.0239 2588 BrUsbMdm - ok
11:53:59.0255 2588 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
11:53:59.0270 2588 BrUsbSer - ok
11:53:59.0333 2588 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
11:53:59.0348 2588 BTHMODEM - ok
11:53:59.0348 2588 btnetfilter - ok
11:53:59.0364 2588 cccredmgr - ok
11:53:59.0395 2588 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
11:53:59.0395 2588 cdfs - ok
11:53:59.0442 2588 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
11:53:59.0442 2588 cdrom - ok
11:53:59.0457 2588 CE3 - ok
11:53:59.0520 2588 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
11:53:59.0520 2588 CertPropSvc - ok
11:53:59.0535 2588 cidaemon - ok
11:53:59.0551 2588 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\drivers\circlass.sys
11:53:59.0582 2588 circlass - ok
11:53:59.0629 2588 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
11:53:59.0629 2588 CLFS - ok
11:53:59.0660 2588 ClntMgmt.sys - ok
11:53:59.0832 2588 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:53:59.0832 2588 clr_optimization_v2.0.50727_32 - ok
11:53:59.0879 2588 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:53:59.0894 2588 clr_optimization_v4.0.30319_32 - ok
11:53:59.0941 2588 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
11:53:59.0941 2588 CmBatt - ok
11:53:59.0957 2588 [ D36372A6EA6805EFBE8884D10772313F ] cmdide C:\Windows\system32\drivers\cmdide.sys
11:53:59.0957 2588 cmdide - ok
11:54:00.0003 2588 [ 1ADF6F4852E7D7E2E8AC481BDB970586 ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT32.sys
11:54:00.0019 2588 CnxtHdAudService - ok
11:54:00.0081 2588 [ 7795F8CEBC284A426B53F541E538695F ] Com4QLBEx C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
11:54:00.0097 2588 Com4QLBEx - ok
11:54:00.0113 2588 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
11:54:00.0113 2588 Compbatt - ok
11:54:00.0128 2588 COMSysApp - ok
11:54:00.0144 2588 CoolerXPDriver - ok
11:54:00.0144 2588 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
11:54:00.0144 2588 crcdisk - ok
11:54:00.0159 2588 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys
11:54:00.0175 2588 Crusoe - ok
11:54:00.0253 2588 [ FB27772BEAF8E1D28CCD825C09DA939B ] CryptSvc C:\Windows\system32\cryptsvc.dll
11:54:00.0253 2588 CryptSvc - ok
11:54:00.0253 2588 ctsfm2k - ok
11:54:00.0269 2588 cwcspud - ok
11:54:00.0331 2588 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
11:54:00.0331 2588 DcomLaunch - ok
11:54:00.0331 2588 Defrag32 - ok
11:54:00.0440 2588 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
11:54:00.0503 2588 DFSR - ok
11:54:00.0549 2588 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
11:54:00.0549 2588 Dhcp - ok
11:54:00.0581 2588 dirms_defragmentation - ok
11:54:00.0627 2588 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
11:54:00.0627 2588 disk - ok
11:54:00.0627 2588 diskeeper - ok
11:54:00.0643 2588 dklogger - ok
11:54:00.0643 2588 dm1service - ok
11:54:00.0705 2588 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
11:54:00.0705 2588 Dnscache - ok
11:54:00.0768 2588 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
11:54:00.0768 2588 dot3svc - ok
11:54:00.0830 2588 [ 4F59C172C094E1A1D46463A8DC061CBD ] dot4 C:\Windows\system32\DRIVERS\Dot4.sys
11:54:00.0830 2588 dot4 - ok
11:54:00.0846 2588 [ 80BF3BA09F6F2523C8F6B7CC6DBF7BD5 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
11:54:00.0861 2588 Dot4Print - ok
11:54:00.0908 2588 [ C55004CA6B419B6695970DFE849B122F ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
11:54:00.0924 2588 dot4usb - ok
11:54:00.0986 2588 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
11:54:00.0986 2588 DPS - ok
11:54:01.0017 2588 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
11:54:01.0017 2588 drmkaud - ok
11:54:01.0017 2588 DXEC02 - ok
11:54:01.0080 2588 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
11:54:01.0095 2588 DXGKrnl - ok
11:54:01.0158 2588 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
11:54:01.0173 2588 E1G60 - ok
11:54:01.0205 2588 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
11:54:01.0205 2588 EapHost - ok
11:54:01.0267 2588 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
11:54:01.0267 2588 Ecache - ok
11:54:01.0314 2588 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
11:54:01.0314 2588 ehRecvr - ok
11:54:01.0329 2588 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
11:54:01.0329 2588 ehSched - ok
11:54:01.0345 2588 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
11:54:01.0345 2588 ehstart - ok
11:54:01.0361 2588 elnkfwppservice - ok
11:54:01.0407 2588 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys
11:54:01.0407 2588 elxstor - ok
11:54:01.0470 2588 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
11:54:01.0485 2588 EMDMgmt - ok
11:54:01.0641 2588 [ B78436CA173FF723A1EACE5CD4900375 ] EpsonCustomerParticipation C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
11:54:01.0688 2588 EpsonCustomerParticipation - ok
11:54:01.0719 2588 [ 3DB974F3935483555D7148663F726C61 ] ErrDev C:\Windows\system32\drivers\errdev.sys
11:54:01.0735 2588 ErrDev - ok
11:54:01.0751 2588 ESDCR - ok
11:54:01.0782 2588 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
11:54:01.0782 2588 EventSystem - ok
11:54:01.0860 2588 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
11:54:01.0860 2588 exfat - ok
11:54:01.0891 2588 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
11:54:01.0891 2588 fastfat - ok
11:54:01.0922 2588 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
11:54:01.0938 2588 fdc - ok
11:54:01.0953 2588 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
11:54:01.0969 2588 fdPHost - ok
11:54:01.0969 2588 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
11:54:01.0969 2588 FDResPub - ok
11:54:02.0000 2588 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
11:54:02.0000 2588 FileInfo - ok
11:54:02.0016 2588 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
11:54:02.0031 2588 Filetrace - ok
11:54:02.0031 2588 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
11:54:02.0047 2588 flpydisk - ok
11:54:02.0109 2588 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
11:54:02.0109 2588 FltMgr - ok
11:54:02.0203 2588 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
11:54:02.0219 2588 FontCache - ok
11:54:02.0281 2588 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
11:54:02.0281 2588 FontCache3.0.0.0 - ok
11:54:02.0297 2588 forcewarewebinterface - ok
11:54:02.0297 2588 fsma - ok
11:54:02.0343 2588 [ D909075FA72C090F27AA926C32CB4612 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
11:54:02.0359 2588 fssfltr - ok
11:54:02.0484 2588 [ 40CDFAD174B3D5E80F95DDA003C0B97F ] fsssvc C:\Program Files\Windows Live\Family Safety\fsssvc.exe
11:54:02.0531 2588 fsssvc - ok
11:54:02.0562 2588 [ 65EA8B77B5851854F0C55C43FA51A198 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
11:54:02.0562 2588 Fs_Rec - ok
11:54:02.0593 2588 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
11:54:02.0609 2588 gagp30kx - ok
11:54:02.0671 2588 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
11:54:02.0687 2588 GEARAspiWDM - ok
11:54:02.0796 2588 [ 0879DC7444A201DF84E69C5DD5083D61 ] getPlusHelper C:\Program Files\NOS\bin\getPlus_Helper.dll
11:54:02.0811 2588 getPlusHelper - ok
11:54:02.0811 2588 GoToAssist - ok
11:54:02.0889 2588 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
11:54:02.0889 2588 gpsvc - ok
11:54:02.0967 2588 [ 626A24ED1228580B9518C01930936DF9 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
11:54:02.0967 2588 gupdate - ok
11:54:02.0999 2588 [ 626A24ED1228580B9518C01930936DF9 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
11:54:02.0999 2588 gupdatem - ok
11:54:03.0045 2588 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
11:54:03.0045 2588 gusvc - ok
11:54:03.0061 2588 gv3 - ok
11:54:03.0092 2588 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
11:54:03.0108 2588 HdAudAddService - ok
11:54:03.0170 2588 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
11:54:03.0186 2588 HDAudBus - ok
11:54:03.0217 2588 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
11:54:03.0217 2588 HidBth - ok
11:54:03.0248 2588 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
11:54:03.0264 2588 HidIr - ok
11:54:03.0311 2588 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\System32\hidserv.dll
11:54:03.0311 2588 hidserv - ok
11:54:03.0357 2588 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
11:54:03.0357 2588 HidUsb - ok
11:54:03.0389 2588 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
11:54:03.0389 2588 hkmsvc - ok
11:54:03.0482 2588 [ 45A12CACB97B4F15858FCFD59355A1E9 ] HP Health Check Service C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
11:54:03.0482 2588 HP Health Check Service - ok
11:54:03.0513 2588 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
11:54:03.0513 2588 HpCISSs - ok
11:54:03.0560 2588 [ F55442690A70A0278A7EED4FAAEBF576 ] HPDrvMntSvc.exe C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe
11:54:03.0560 2588 HPDrvMntSvc.exe - ok
11:54:03.0623 2588 [ 35956140E686D53BF676CF0C778880FC ] HpqKbFiltr C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
11:54:03.0638 2588 HpqKbFiltr - ok
11:54:03.0669 2588 [ 640E51DB253265C3EAC075866B3D2B33 ] hpqwmiex C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
11:54:03.0701 2588 hpqwmiex - ok
11:54:03.0857 2588 [ 56FC98F1014EA8DC51B92839C32759EC ] HPSLPSVC C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL
11:54:03.0888 2588 HPSLPSVC - ok
11:54:03.0950 2588 [ CC267848CB3508E72762BE65734E764D ] HSF_DPV C:\Windows\system32\DRIVERS\HSX_DPV.sys
11:54:04.0028 2588 HSF_DPV - ok
11:54:04.0044 2588 [ A2882945CC4B6E3E4E9E825590438888 ] HSXHWAZL C:\Windows\system32\DRIVERS\HSXHWAZL.sys
11:54:04.0059 2588 HSXHWAZL - ok
11:54:04.0075 2588 HSXHWBS2 - ok
11:54:04.0122 2588 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys
11:54:04.0153 2588 HTTP - ok
11:54:04.0184 2588 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys
11:54:04.0184 2588 i2omp - ok
11:54:04.0231 2588 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
11:54:04.0231 2588 i8042prt - ok
11:54:04.0278 2588 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
11:54:04.0293 2588 iaStorV - ok
11:54:04.0371 2588 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
11:54:04.0371 2588 IDriverT - ok
11:54:04.0449 2588 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
11:54:04.0496 2588 idsvc - ok
11:54:04.0512 2588 igateway - ok
11:54:04.0777 2588 [ 8266AE06DF974E5BA047B3E9E9E70B3F ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
11:54:05.0058 2588 igfx - ok
11:54:05.0198 2588 [ C135BFF15563592B8EA070EA109967F7 ] IHA_MessageCenter C:\Program Files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe
11:54:05.0198 2588 IHA_MessageCenter - ok
11:54:05.0214 2588 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
11:54:05.0214 2588 iirsp - ok
11:54:05.0276 2588 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
11:54:05.0307 2588 IKEEXT - ok
11:54:05.0307 2588 imapi - ok
11:54:05.0354 2588 [ E63CD0D9AA8D406CABDE5AA718936F40 ] IntcHdmiAddService C:\Windows\system32\drivers\IntcHdmi.sys
11:54:05.0370 2588 IntcHdmiAddService - ok
11:54:05.0417 2588 [ DD512A049BD7B4BCE8A83554C5EFF2C1 ] intelide C:\Windows\system32\drivers\intelide.sys
11:54:05.0417 2588 intelide - ok
11:54:05.0448 2588 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
11:54:05.0448 2588 intelppm - ok
11:54:05.0448 2588 intelroam - ok
11:54:05.0463 2588 iolo_srv - ok
11:54:05.0479 2588 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
11:54:05.0479 2588 IPBusEnum - ok
11:54:05.0510 2588 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:54:05.0510 2588 IpFilterDriver - ok
11:54:05.0510 2588 IpInIp - ok
11:54:05.0541 2588 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
11:54:05.0541 2588 IPMIDRV - ok
11:54:05.0573 2588 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
11:54:05.0573 2588 IPNAT - ok
11:54:05.0651 2588 [ E6BE7A41A28D8F2DB174957454D32448 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
11:54:05.0666 2588 iPod Service - ok
11:54:05.0682 2588 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
11:54:05.0682 2588 IRENUM - ok
11:54:05.0713 2588 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys
11:54:05.0713 2588 isapnp - ok
11:54:05.0775 2588 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
11:54:05.0791 2588 iScsiPrt - ok
11:54:05.0791 2588 issvc - ok
11:54:05.0807 2588 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
11:54:05.0807 2588 iteatapi - ok
11:54:05.0838 2588 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
11:54:05.0838 2588 iteraid - ok
11:54:05.0853 2588 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
11:54:05.0869 2588 kbdclass - ok
11:54:05.0931 2588 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
11:54:05.0931 2588 kbdhid - ok
11:54:05.0963 2588 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
11:54:05.0963 2588 KeyIso - ok
11:54:06.0056 2588 [ 2B2F1638466E8CB091400C9019CC730E ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
11:54:06.0087 2588 KSecDD - ok
11:54:06.0165 2588 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
11:54:06.0197 2588 KtmRm - ok
11:54:06.0243 2588 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\System32\srvsvc.dll
11:54:06.0243 2588 LanmanServer - ok
11:54:06.0306 2588 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:54:06.0306 2588 LanmanWorkstation - ok
11:54:06.0571 2588 [ 3C879D04BB6466E2853C3155B635CC45 ] LeapFrog Connect Device Service C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe
11:54:06.0743 2588 LeapFrog Connect Device Service - ok
11:54:06.0789 2588 [ 9188D073CD14F886790D6037D1986063 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
11:54:06.0805 2588 LightScribeService - ok
11:54:06.0836 2588 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
11:54:06.0836 2588 lltdio - ok
11:54:06.0867 2588 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
11:54:06.0867 2588 lltdsvc - ok
11:54:06.0899 2588 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
11:54:06.0899 2588 lmhosts - ok
11:54:06.0930 2588 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
11:54:06.0930 2588 LSI_FC - ok
11:54:06.0961 2588 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
11:54:06.0961 2588 LSI_SAS - ok
11:54:06.0977 2588 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
11:54:06.0977 2588 LSI_SCSI - ok
11:54:07.0008 2588 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
11:54:07.0023 2588 luafv - ok
11:54:07.0023 2588 LUsbKbd - ok
11:54:07.0055 2588 lvhidsvc - ok
11:54:07.0055 2588 LVRS - ok
11:54:07.0242 2588 mbr - ok
11:54:07.0273 2588 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2svc.dll
11:54:07.0273 2588 Mcx2Svc - ok
11:54:07.0304 2588 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys
11:54:07.0304 2588 mdmxsdk - ok
11:54:07.0335 2588 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys
11:54:07.0335 2588 megasas - ok
11:54:07.0367 2588 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys
11:54:07.0382 2588 MegaSR - ok
11:54:07.0398 2588 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
11:54:07.0413 2588 MMCSS - ok
11:54:07.0413 2588 mnsframework - ok
11:54:07.0445 2588 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
11:54:07.0445 2588 Modem - ok
11:54:07.0476 2588 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
11:54:07.0476 2588 monitor - ok
11:54:07.0491 2588 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
11:54:07.0507 2588 mouclass - ok
11:54:07.0523 2588 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
11:54:07.0523 2588 mouhid - ok
11:54:07.0538 2588 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
11:54:07.0538 2588 MountMgr - ok
11:54:07.0554 2588 [ 4D7F2682D29B92A6251B17957AA0B985 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
11:54:07.0569 2588 MozillaMaintenance - ok
11:54:07.0601 2588 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys
11:54:07.0601 2588 mpio - ok
11:54:07.0632 2588 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
11:54:07.0632 2588 mpsdrv - ok
11:54:07.0647 2588 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
11:54:07.0647 2588 Mraid35x - ok
11:54:07.0694 2588 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
11:54:07.0710 2588 MRxDAV - ok
11:54:07.0757 2588 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
11:54:07.0757 2588 mrxsmb - ok
11:54:07.0803 2588 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:54:07.0803 2588 mrxsmb10 - ok
11:54:07.0835 2588 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:54:07.0850 2588 mrxsmb20 - ok
11:54:07.0913 2588 [ 5457DCFA7C0DA43522F4D9D4049C1472 ] msahci C:\Windows\system32\drivers\msahci.sys
11:54:07.0913 2588 msahci - ok
11:54:07.0928 2588 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys
11:54:07.0928 2588 msdsm - ok
11:54:07.0959 2588 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
11:54:07.0959 2588 MSDTC - ok
11:54:07.0975 2588 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
11:54:07.0975 2588 Msfs - ok
11:54:08.0006 2588 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
11:54:08.0006 2588 msisadrv - ok
11:54:08.0037 2588 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
11:54:08.0037 2588 MSiSCSI - ok
11:54:08.0053 2588 msiserver - ok
11:54:08.0084 2588 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
11:54:08.0084 2588 MSKSSRV - ok
11:54:08.0100 2588 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
11:54:08.0100 2588 MSPCLOCK - ok
11:54:08.0131 2588 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
11:54:08.0131 2588 MSPQM - ok
11:54:08.0178 2588 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
11:54:08.0178 2588 MsRPC - ok
11:54:08.0193 2588 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
11:54:08.0193 2588 mssmbios - ok
11:54:08.0225 2588 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
11:54:08.0225 2588 MSTEE - ok
11:54:08.0240 2588 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
11:54:08.0240 2588 Mup - ok
11:54:08.0240 2588 mwagent - ok
11:54:08.0303 2588 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
11:54:08.0303 2588 napagent - ok
11:54:08.0381 2588 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
11:54:08.0381 2588 NativeWifiP - ok
11:54:08.0412 2588 NAVENG - ok
11:54:08.0427 2588 NAVEX15 - ok
11:54:08.0459 2588 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
11:54:08.0474 2588 NDIS - ok
11:54:08.0474 2588 NdisFilt - ok
11:54:08.0505 2588 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
11:54:08.0505 2588 NdisTapi - ok
11:54:08.0521 2588 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
11:54:08.0537 2588 Ndisuio - ok
11:54:08.0568 2588 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
11:54:08.0583 2588 NdisWan - ok
11:54:08.0599 2588 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
11:54:08.0599 2588 NDProxy - ok
11:54:08.0661 2588 [ 69C503C004F49AEE8B8E3067CC047BA7 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
11:54:08.0661 2588 Net Driver HPZ12 - ok
11:54:08.0677 2588 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
11:54:08.0677 2588 NetBIOS - ok
11:54:08.0755 2588 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
11:54:08.0755 2588 netbt - ok
11:54:08.0755 2588 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
11:54:08.0755 2588 Netlogon - ok
11:54:08.0786 2588 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
11:54:08.0802 2588 Netman - ok
11:54:08.0817 2588 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
11:54:08.0817 2588 netprofm - ok
11:54:08.0880 2588 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:54:08.0880 2588 NetTcpPortSharing - ok
11:54:08.0989 2588 [ 35D5458D9A1B26B2005ABFFBF4C1C5E7 ] NETw3v32 C:\Windows\system32\DRIVERS\NETw3v32.sys
11:54:09.0098 2588 NETw3v32 - ok
11:54:09.0098 2588 nfmservice - ok
11:54:09.0129 2588 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
11:54:09.0129 2588 nfrd960 - ok
11:54:09.0129 2588 nisum - ok
11:54:09.0161 2588 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
11:54:09.0161 2588 NlaSvc - ok
11:54:09.0176 2588 NOWMEMDF - ok
11:54:09.0223 2588 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
11:54:09.0223 2588 Npfs - ok
11:54:09.0239 2588 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
11:54:09.0239 2588 nsi - ok
11:54:09.0270 2588 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
11:54:09.0270 2588 nsiproxy - ok
11:54:09.0270 2588 nsm1mdm - ok
11:54:09.0363 2588 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
11:54:09.0395 2588 Ntfs - ok
11:54:09.0426 2588 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
11:54:09.0441 2588 ntrigdigi - ok
11:54:09.0441 2588 ntsecure - ok
11:54:09.0504 2588 [ CF7E041663119E09D2E118521ADA9300 ] NuidFltr C:\Windows\system32\DRIVERS\NuidFltr.sys
11:54:09.0519 2588 NuidFltr - ok
11:54:09.0535 2588 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
11:54:09.0535 2588 Null - ok
11:54:09.0551 2588 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys
11:54:09.0551 2588 nvraid - ok
11:54:09.0566 2588 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys
11:54:09.0566 2588 nvstor - ok
11:54:09.0582 2588 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
11:54:09.0597 2588 nv_agp - ok
11:54:09.0613 2588 NwlnkFlt - ok
11:54:09.0613 2588 NwlnkFwd - ok
11:54:09.0707 2588 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
11:54:09.0738 2588 odserv - ok
11:54:09.0769 2588 [ 790E27C3DB53410B40FF9EF2FD10A1D9 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
11:54:09.0800 2588 ohci1394 - ok
11:54:09.0800 2588 openldap-slapd - ok
11:54:09.0816 2588 orbpvr - ok
11:54:09.0831 2588 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:54:09.0831 2588 ose - ok
11:54:09.0863 2588 outpostfirewall - ok
11:54:09.0863 2588 owstimer - ok
11:54:09.0878 2588 p2pgasvc - ok
11:54:09.0956 2588 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
11:54:09.0956 2588 p2pimsvc - ok
11:54:09.0987 2588 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
11:54:09.0987 2588 p2psvc - ok
11:54:10.0019 2588 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
11:54:10.0019 2588 Parport - ok
11:54:10.0065 2588 [ 57389FA59A36D96B3EB09D0CB91E9CDC ] partmgr C:\Windows\system32\drivers\partmgr.sys
11:54:10.0065 2588 partmgr - ok
11:54:10.0081 2588 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
11:54:10.0097 2588 Parvdm - ok
11:54:10.0128 2588 passthru - ok
11:54:10.0159 2588 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
11:54:10.0159 2588 PcaSvc - ok
11:54:10.0206 2588 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
11:54:10.0206 2588 pci - ok
11:54:10.0221 2588 [ 1D8B3D8DF8EB7FCF2F0AC02F9F947802 ] pciide C:\Windows\system32\drivers\pciide.sys
11:54:10.0221 2588 pciide - ok
11:54:10.0253 2588 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
11:54:10.0268 2588 pcmcia - ok
11:54:10.0299 2588 [ 5B6C11DE7E839C05248CED8825470FEF ] pcouffin C:\Windows\system32\Drivers\pcouffin.sys
11:54:10.0315 2588 pcouffin - ok
11:54:10.0393 2588 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
11:54:10.0424 2588 PEAUTH - ok
11:54:10.0455 2588 pinnaclesys.mediaserver - ok
11:54:10.0502 2588 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
11:54:10.0518 2588 pla - ok
11:54:10.0565 2588 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
11:54:10.0580 2588 PlugPlay - ok
11:54:10.0611 2588 [ 12B4549D515CB26BB8D375038017CA65 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
11:54:10.0627 2588 Pml Driver HPZ12 - ok
11:54:10.0643 2588 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
11:54:10.0658 2588 PNRPAutoReg - ok
11:54:10.0689 2588 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
11:54:10.0689 2588 PNRPsvc - ok
11:54:10.0721 2588 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
11:54:10.0736 2588 PolicyAgent - ok
11:54:10.0767 2588 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
11:54:10.0767 2588 PptpMiniport - ok
11:54:10.0783 2588 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\drivers\processr.sys
11:54:10.0799 2588 Processor - ok
11:54:10.0814 2588 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
11:54:10.0830 2588 ProfSvc - ok
11:54:10.0830 2588 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
11:54:10.0830 2588 ProtectedStorage - ok
11:54:10.0877 2588 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
11:54:10.0877 2588 PSched - ok
11:54:10.0892 2588 PSDNServ - ok
11:54:10.0908 2588 psdvdisk - ok
11:54:10.0939 2588 [ 49452BFCEC22F36A7A9B9C2181BC3042 ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
11:54:10.0939 2588 PxHelp20 - ok
11:54:11.0017 2588 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
11:54:11.0048 2588 ql2300 - ok
11:54:11.0064 2588 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
11:54:11.0064 2588 ql40xx - ok
11:54:11.0095 2588 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
11:54:11.0095 2588 QWAVE - ok
11:54:11.0111 2588 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
11:54:11.0111 2588 QWAVEdrv - ok
11:54:11.0126 2588 RAPIProtocol - ok
11:54:11.0142 2588 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
11:54:11.0142 2588 RasAcd - ok
11:54:11.0157 2588 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
11:54:11.0157 2588 RasAuto - ok
11:54:11.0189 2588 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
11:54:11.0189 2588 Rasl2tp - ok
11:54:11.0235 2588 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
11:54:11.0251 2588 RasMan - ok
11:54:11.0298 2588 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
11:54:11.0298 2588 RasPppoe - ok
11:54:11.0345 2588 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
11:54:11.0345 2588 RasSstp - ok
11:54:11.0407 2588 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
11:54:11.0407 2588 rdbss - ok
11:54:11.0423 2588 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
11:54:11.0423 2588 RDPCDD - ok
11:54:11.0454 2588 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
11:54:11.0485 2588 rdpdr - ok
11:54:11.0485 2588 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
11:54:11.0485 2588 RDPENCDD - ok
11:54:11.0547 2588 [ 79C6DF8477250F5C54F7C5AE1D6B814E ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
11:54:11.0563 2588 RDPWD - ok
11:54:11.0625 2588 [ 0D362785BEF9BDF5A6E1F4628D06716D ] Recovery Service for Windows C:\Program Files\SMINST\BLService.exe
11:54:11.0625 2588 Recovery Service for Windows - ok
11:54:11.0657 2588 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
11:54:11.0657 2588 RemoteAccess - ok
11:54:11.0703 2588 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
11:54:11.0703 2588 RemoteRegistry - ok
11:54:11.0750 2588 [ 805AE1F90C64758D19AAA001CF8CBA12 ] RichVideo C:\Program Files\CyberLink\Shared files\RichVideo.exe
11:54:11.0766 2588 RichVideo - ok
11:54:11.0781 2588 RimUsb - ok
11:54:11.0828 2588 [ 2C4FB2E9F039287767C384E46EE91030 ] RimVSerPort C:\Windows\system32\DRIVERS\RimSerial.sys
11:54:11.0828 2588 RimVSerPort - ok
11:54:11.0875 2588 [ 75E8A6BFA7374ABA833AE92BF41AE4E6 ] ROOTMODEM C:\Windows\system32\Drivers\RootMdm.sys
11:54:11.0891 2588 ROOTMODEM - ok
11:54:11.0906 2588 RoxLiveShare9 - ok
11:54:11.0922 2588 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
11:54:11.0922 2588 RpcLocator - ok
11:54:11.0984 2588 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
11:54:11.0984 2588 RpcSs - ok
11:54:12.0015 2588 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
11:54:12.0015 2588 rspndr - ok
11:54:12.0062 2588 [ 125C504A34D0A2E152517E342E7E432C ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh86.sys
11:54:12.0062 2588 RTL8169 - ok
11:54:12.0093 2588 [ 08C3394391AB0AFF65D75AE65D4207E1 ] RTSTOR C:\Windows\system32\drivers\RTSTOR.SYS
11:54:12.0109 2588 RTSTOR - ok
11:54:12.0140 2588 s217unic - ok
11:54:12.0156 2588 s716nd5 - ok
11:54:12.0156 2588 SaiNtBus - ok
11:54:12.0171 2588 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
11:54:12.0187 2588 SamSs - ok
11:54:12.0187 2588 SbieDrv - ok
11:54:12.0203 2588 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
11:54:12.0203 2588 sbp2port - ok
11:54:12.0249 2588 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
11:54:12.0265 2588 SCardSvr - ok
11:54:12.0327 2588 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
11:54:12.0327 2588 Schedule - ok
11:54:12.0359 2588 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
11:54:12.0359 2588 SCPolicySvc - ok
11:54:12.0390 2588 [ 126EA89BCC413EE45E3004FB0764888F ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
11:54:12.0405 2588 sdbus - ok
11:54:12.0452 2588 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
11:54:12.0452 2588 SDRSVC - ok
11:54:12.0468 2588 se45bus - ok
11:54:12.0483 2588 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
11:54:12.0483 2588 secdrv - ok
11:54:12.0499 2588 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
11:54:12.0515 2588 seclogon - ok
11:54:12.0530 2588 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\system32\sens.dll
11:54:12.0530 2588 SENS - ok
11:54:12.0561 2588 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
11:54:12.0577 2588 Serenum - ok
11:54:12.0593 2588 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
11:54:12.0608 2588 Serial - ok
11:54:12.0608 2588 serialkeys - ok
11:54:12.0639 2588 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
11:54:12.0639 2588 sermouse - ok
11:54:12.0671 2588 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
11:54:12.0671 2588 SessionEnv - ok
11:54:12.0686 2588 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
11:54:12.0702 2588 sffdisk - ok
11:54:12.0717 2588 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
11:54:12.0733 2588 sffp_mmc - ok
11:54:12.0749 2588 [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
11:54:12.0764 2588 sffp_sd - ok
11:54:12.0780 2588 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
11:54:12.0795 2588 sfloppy - ok
11:54:12.0795 2588 sfman - ok
11:54:12.0842 2588 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:54:12.0842 2588 ShellHWDetection - ok
11:54:12.0873 2588 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys
11:54:12.0889 2588 sisagp - ok
11:54:12.0920 2588 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
11:54:12.0920 2588 SiSRaid2 - ok
11:54:12.0920 2588 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
11:54:12.0936 2588 SiSRaid4 - ok
11:54:13.0014 2588 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
11:54:13.0029 2588 SkypeUpdate - ok
11:54:13.0154 2588 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
11:54:13.0248 2588 slsvc - ok
11:54:13.0310 2588 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
11:54:13.0326 2588 SLUINotify - ok
11:54:13.0373 2588 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
11:54:13.0388 2588 Smb - ok
11:54:13.0404 2588 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
11:54:13.0404 2588 SNMPTRAP - ok
11:54:13.0419 2588 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
11:54:13.0419 2588 spldr - ok
11:54:13.0482 2588 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
11:54:13.0482 2588 Spooler - ok
11:54:13.0482 2588 SRTSP - ok
11:54:13.0497 2588 SRTSPX - ok
11:54:13.0544 2588 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
11:54:13.0560 2588 srv - ok
11:54:13.0622 2588 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
11:54:13.0638 2588 srv2 - ok
11:54:13.0638 2588 srvdpi - ok
11:54:13.0653 2588 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
11:54:13.0653 2588 srvnet - ok
11:54:13.0686 2588 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
11:54:13.0686 2588 SSDPSRV - ok
11:54:13.0717 2588 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
11:54:13.0732 2588 SstpSvc - ok
11:54:13.0779 2588 [ EF70B3D22B4BFFDA6EA851ECB063EFAA ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
11:54:13.0779 2588 StillCam - ok
11:54:13.0842 2588 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
11:54:13.0857 2588 stisvc - ok
11:54:13.0857 2588 Stltrk2k - ok
11:54:13.0888 2588 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
11:54:13.0904 2588 swenum - ok
11:54:13.0966 2588 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
11:54:13.0966 2588 swprv - ok
11:54:13.0982 2588 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
11:54:13.0982 2588 Symc8xx - ok
11:54:13.0998 2588 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
11:54:13.0998 2588 Sym_hi - ok
11:54:14.0013 2588 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
11:54:14.0013 2588 Sym_u3 - ok
11:54:14.0044 2588 [ 00B19F27858F56181EDB58B71A7C67A0 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
11:54:14.0076 2588 SynTP - ok
11:54:14.0138 2588 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
11:54:14.0138 2588 SysMain - ok
11:54:14.0169 2588 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
11:54:14.0169 2588 TabletInputService - ok
11:54:14.0232 2588 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
11:54:14.0232 2588 TapiSrv - ok
11:54:14.0247 2588 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
11:54:14.0247 2588 TBS - ok
11:54:14.0310 2588 [ 814A1C66FBD4E1B310A517221F1456BF ] Tcpip C:\Windows\system32\drivers\tcpip.sys
11:54:14.0356 2588 Tcpip - ok
11:54:14.0388 2588 [ 814A1C66FBD4E1B310A517221F1456BF ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
11:54:14.0388 2588 Tcpip6 - ok
11:54:14.0434 2588 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
11:54:14.0434 2588 tcpipreg - ok
11:54:14.0466 2588 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
11:54:14.0466 2588 TDPIPE - ok
11:54:14.0481 2588 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
11:54:14.0481 2588 TDTCP - ok
11:54:14.0512 2588 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
11:54:14.0512 2588 tdx - ok
11:54:14.0559 2588 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
11:54:14.0559 2588 TermDD - ok
11:54:14.0622 2588 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
11:54:14.0622 2588 TermService - ok
11:54:14.0637 2588 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
11:54:14.0653 2588 Themes - ok
11:54:14.0668 2588 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
11:54:14.0668 2588 THREADORDER - ok
11:54:14.0668 2588 tosrfbd - ok
11:54:14.0701 2588 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
11:54:14.0701 2588 TrkWks - ok
11:54:14.0716 2588 trufos - ok
11:54:14.0779 2588 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:54:14.0779 2588 TrustedInstaller - ok
11:54:14.0825 2588 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
11:54:14.0825 2588 tssecsrv - ok
11:54:14.0857 2588 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
11:54:14.0857 2588 tunmp - ok
11:54:14.0919 2588 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
11:54:14.0919 2588 tunnel - ok
11:54:14.0935 2588 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys
11:54:14.0950 2588 uagp35 - ok
11:54:14.0966 2588 UDFReadr - ok
11:54:14.0981 2588 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
11:54:14.0997 2588 udfs - ok
11:54:15.0028 2588 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
11:54:15.0028 2588 UI0Detect - ok
11:54:15.0044 2588 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
11:54:15.0059 2588 uliagpkx - ok
11:54:15.0075 2588 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys
11:54:15.0091 2588 uliahci - ok
11:54:15.0106 2588 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
11:54:15.0106 2588 UlSata - ok
11:54:15.0122 2588 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
11:54:15.0122 2588 ulsata2 - ok
11:54:15.0137 2588 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
11:54:15.0153 2588 umbus - ok
11:54:15.0169 2588 UPATC - ok
11:54:15.0247 2588 [ B19880D991AB53278DA091B4B974B780 ] Updater Service for AMZN C:\Program Files\Amazon Browser Bar\ToolbarUpdaterService.exe
11:54:15.0278 2588 Updater Service for AMZN - ok
11:54:15.0309 2588 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
11:54:15.0325 2588 upnphost - ok
11:54:15.0371 2588 [ 83CAFCB53201BBAC04D822F32438E244 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
11:54:15.0387 2588 USBAAPL - ok
11:54:15.0387 2588 usbbus - ok
11:54:15.0418 2588 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
11:54:15.0434 2588 usbccgp - ok
11:54:15.0449 2588 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
11:54:15.0465 2588 usbcir - ok
11:54:15.0527 2588 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
11:54:15.0527 2588 usbehci - ok
11:54:15.0543 2588 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
11:54:15.0559 2588 usbhub - ok
11:54:15.0574 2588 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
11:54:15.0590 2588 usbohci - ok
11:54:15.0621 2588 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
11:54:15.0637 2588 usbprint - ok
11:54:15.0684 2588 [ A508C9BD8724980512136B039BBA65E9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
11:54:15.0716 2588 usbscan - ok
11:54:15.0731 2588 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:54:15.0731 2588 USBSTOR - ok
11:54:15.0747 2588 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
11:54:15.0747 2588 usbuhci - ok
11:54:15.0809 2588 [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
11:54:15.0809 2588 usbvideo - ok
11:54:15.0856 2588 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
11:54:15.0872 2588 UxSms - ok
11:54:15.0872 2588 vaiomediaplatform-photoserver-appserver - ok
11:54:15.0887 2588 VC6SecS - ok
11:54:15.0934 2588 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
11:54:15.0950 2588 vds - ok
11:54:15.0981 2588 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
11:54:15.0981 2588 vga - ok
11:54:15.0996 2588 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
11:54:15.0996 2588 VgaSave - ok
11:54:16.0028 2588 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys
11:54:16.0043 2588 viaagp - ok
11:54:16.0059 2588 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys
11:54:16.0074 2588 ViaC7 - ok
11:54:16.0090 2588 [ EA1AA6E3ABB3C194FEBA12A46DE8CF2C ] viaide C:\Windows\system32\drivers\viaide.sys
11:54:16.0106 2588 viaide - ok
11:54:16.0106 2588 viaudio - ok
11:54:16.0137 2588 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
11:54:16.0137 2588 volmgr - ok
11:54:16.0184 2588 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
11:54:16.0184 2588 volmgrx - ok
11:54:16.0230 2588 [ 147281C01FCB1DF9252DE2A10D5E7093 ] volsnap C:\Windows\system32\drivers\volsnap.sys
11:54:16.0230 2588 volsnap - ok
11:54:16.0262 2588 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
11:54:16.0262 2588 vsmraid - ok
11:54:16.0308 2588 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
11:54:16.0340 2588 VSS - ok
11:54:16.0418 2588 [ 3080F1F093869A19FB3D1F0226C73809 ] vToolbarUpdater10.2.0 C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe
11:54:16.0433 2588 vToolbarUpdater10.2.0 - ok
11:54:16.0449 2588 vvoice - ok
11:54:16.0449 2588 vwkernel - ok
11:54:16.0480 2588 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
11:54:16.0496 2588 W32Time - ok
11:54:16.0511 2588 w550mdm - ok
11:54:16.0511 2588 W700mdm - ok
11:54:16.0527 2588 W700mgmt - ok
11:54:16.0542 2588 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
11:54:16.0558 2588 WacomPen - ok
11:54:16.0574 2588 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
11:54:16.0574 2588 Wanarp - ok
11:54:16.0589 2588 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
11:54:16.0589 2588 Wanarpv6 - ok
11:54:16.0636 2588 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
11:54:16.0652 2588 wcncsvc - ok
11:54:16.0667 2588 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:54:16.0683 2588 WcsPlugInService - ok
11:54:16.0698 2588 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys
11:54:16.0698 2588 Wd - ok
11:54:16.0731 2588 [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
11:54:16.0762 2588 Wdf01000 - ok
11:54:16.0777 2588 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
11:54:16.0777 2588 WdiServiceHost - ok
11:54:16.0777 2588 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
11:54:16.0793 2588 WdiSystemHost - ok
11:54:16.0855 2588 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
11:54:16.0855 2588 WebClient - ok
11:54:16.0902 2588 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
11:54:16.0902 2588 Wecsvc - ok
11:54:16.0933 2588 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
11:54:16.0933 2588 wercplsupport - ok
11:54:16.0996 2588 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
11:54:16.0996 2588 WerSvc - ok
11:54:17.0043 2588 [ 0ACD399F5DB3DF1B58903CF4949AB5A8 ] winachsf C:\Windows\system32\DRIVERS\HSX_CNXT.sys
11:54:17.0089 2588 winachsf - ok
11:54:17.0105 2588 WinHttpAutoProxySvc - ok
11:54:17.0199 2588 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
11:54:17.0199 2588 Winmgmt - ok
11:54:17.0277 2588 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
11:54:17.0323 2588 WinRM - ok
11:54:17.0339 2588 wlancig - ok
11:54:17.0401 2588 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
11:54:17.0401 2588 Wlansvc - ok
11:54:17.0542 2588 [ FB01D4AE207B9EFDBABFC55DC95C7E31 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
11:54:17.0589 2588 wlidsvc - ok
11:54:17.0635 2588 [ 1ABFD1399436E81C9D857F5FC76EAF98 ] WmBEnum C:\Windows\system32\drivers\WmBEnum.sys
11:54:17.0651 2588 WmBEnum - ok
11:54:17.0651 2588 wmconnectcds - ok
11:54:17.0698 2588 [ B3CFCBCC91FF61EF82FC693B8B57E7F0 ] WmFilter C:\Windows\system32\drivers\WmFilter.sys
11:54:17.0713 2588 WmFilter - ok
11:54:17.0746 2588 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
11:54:17.0746 2588 WmiAcpi - ok
11:54:17.0808 2588 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
11:54:17.0808 2588 wmiApSrv - ok
11:54:17.0870 2588 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
11:54:17.0870 2588 WMPNetworkSvc - ok
11:54:17.0902 2588 [ A40D2DD0F019423EF6C363F1295EB38D ] WmVirHid C:\Windows\system32\drivers\WmVirHid.sys
11:54:17.0917 2588 WmVirHid - ok
11:54:17.0933 2588 [ 2BF505424F469155CD90D7B3301D7ADC ] WmXlCore C:\Windows\system32\drivers\WmXlCore.sys
11:54:17.0948 2588 WmXlCore - ok
11:54:17.0964 2588 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
11:54:17.0964 2588 WPCSvc - ok
11:54:18.0011 2588 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
11:54:18.0011 2588 WPDBusEnum - ok
11:54:18.0058 2588 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
11:54:18.0058 2588 WpdUsb - ok
11:54:18.0151 2588 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
11:54:18.0182 2588 WPFFontCache_v0400 - ok
11:54:18.0198 2588 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
11:54:18.0198 2588 ws2ifsl - ok
11:54:18.0245 2588 [ 4422AC5ED8D4C2F0DB63E71D4C069DD7 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
11:54:18.0260 2588 WSDPrintDevice - ok
11:54:18.0260 2588 WSearch - ok
11:54:18.0292 2588 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
11:54:18.0292 2588 WUDFRd - ok
11:54:18.0323 2588 [ 575A4190D989F64732119E4114045A4F ] wudfsvc C:\Windows\System32\WUDFSvc.dll
11:54:18.0323 2588 wudfsvc - ok
11:54:18.0354 2588 [ DAB33CFA9DD24251AAA389FF36B64D4B ] XAudio C:\Windows\system32\DRIVERS\xaudio.sys
11:54:18.0354 2588 XAudio - ok
11:54:18.0385 2588 [ CD5F291A1161F15896D1A4D63DAFF5DF ] XAudioService C:\Windows\system32\DRIVERS\xaudio.exe
11:54:18.0416 2588 XAudioService - ok
11:54:18.0432 2588 [ 7D1F3B131D503EF43EE594B5A2B9B427 ] yukonwlh C:\Windows\system32\DRIVERS\yk60x86.sys
11:54:18.0463 2588 yukonwlh - ok
11:54:18.0494 2588 {eda5f5d3-9e0f-4f4d-8a13-1d1cf469c9cc} - ok
11:54:18.0494 2588 ================ Scan global ===============================
11:54:18.0526 2588 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
11:54:18.0588 2588 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
11:54:18.0619 2588 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
11:54:18.0666 2588 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
11:54:18.0682 2588 [Global] - ok
11:54:18.0682 2588 ================ Scan MBR ==================================
11:54:18.0697 2588 [ 588AE8F0C685C02BA11F30D9CD7E61A0 ] \Device\Harddisk0\DR0
11:54:19.0118 2588 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
11:54:19.0118 2588 \Device\Harddisk0\DR0 - detected TDSS File System (1)
11:54:19.0118 2588 [ E5FA06ACA0D60BA9C870D0EF3D9898C9 ] \Device\Harddisk1\DR1
11:54:21.0739 2588 \Device\Harddisk1\DR1 - ok
11:54:21.0739 2588 ================ Scan VBR ==================================
11:54:21.0770 2588 [ 9DCDAF7F471265C30D24DFCFE84401FC ] \Device\Harddisk0\DR0\Partition1
11:54:21.0770 2588 \Device\Harddisk0\DR0\Partition1 - ok
11:54:21.0786 2588 [ A4E83531E7BF87EDD281C544693EE6AE ] \Device\Harddisk0\DR0\Partition2
11:54:21.0786 2588 \Device\Harddisk0\DR0\Partition2 - ok
11:54:21.0786 2588 [ 516C192D8DAAE781F96F80ED2C8A0BE8 ] \Device\Harddisk1\DR1\Partition1
11:54:21.0786 2588 \Device\Harddisk1\DR1\Partition1 - ok
11:54:21.0786 2588 ============================================================
11:54:21.0786 2588 Scan finished
11:54:21.0786 2588 ============================================================
11:54:21.0802 5348 Detected object count: 1
11:54:21.0802 5348 Actual detected object count: 1
11:54:54.0343 5348 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
11:54:54.0343 5348 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
11:54:58.0462 2576 Deinitialize success

ASW file:
aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-10-27 11:55:21
-----------------------------
11:55:21.097 OS Version: Windows 6.0.6002 Service Pack 2
11:55:21.097 Number of processors: 2 586 0x170A
11:55:21.097 ComputerName: MJMLAPTOP UserName: Matthew
11:55:39.788 Initialize success
11:58:38.795 AVAST engine defs: 12102700
12:01:59.614 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
12:01:59.614 Disk 0 Vendor: FUJITSU_MHZ2320BH_G2 8909 Size: 305245MB BusType: 3
12:01:59.630 Disk 0 MBR read successfully
12:01:59.645 Disk 0 MBR scan
12:01:59.692 Disk 0 unknown MBR code
12:01:59.692 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 294097 MB offset 63
12:01:59.739 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 11144 MB offset 602312704
12:01:59.739 Disk 0 scanning sectors +625135616
12:01:59.801 Disk 0 scanning C:\Windows\system32\drivers
12:02:12.937 Service scanning
12:02:46.305 Modules scanning
12:02:55.665 Disk 0 trace - called modules:
12:02:55.712 ntkrnlpa.exe CLASSPNP.SYS disk.sys ataport.SYS hal.dll PCIIDEX.SYS msahci.sys
12:02:56.211 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86751ac8]
12:02:56.211 3 CLASSPNP.SYS[8a6058b3] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x85e9eb98]
12:02:57.755 AVAST engine scan C:\Windows
12:03:02.858 AVAST engine scan C:\Windows\system32
12:08:56.767 AVAST engine scan C:\Windows\system32\drivers
12:09:26.716 AVAST engine scan C:\Users\Matthew
12:38:24.209 Disk 0 MBR has been saved successfully to "C:\Users\Matthew\Desktop\Cleanup Tools\MBR.dat"
12:38:24.209 The log file has been saved successfully to "C:\Users\Matthew\Desktop\Cleanup Tools\aswMBR log.txt"


ESET result:
C:\Documents and Settings\Matthew\Downloads\Downloader.exe a variant of Win32/InstallCore.T application cleaned by deleting - quarantined


Thank you for your help.

#4 irish94

irish94
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:05:11 PM

Posted 27 October 2012 - 03:49 PM

I was not sure that the log on ASW was complete, so I re-ran it. Here is the log that shows completed successfully.

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-10-27 15:11:48
-----------------------------
15:11:48.559 OS Version: Windows 6.0.6002 Service Pack 2
15:11:48.559 Number of processors: 2 586 0x170A
15:11:48.559 ComputerName: MJMLAPTOP UserName: Matthew
15:11:49.900 Initialize success
15:11:58.090 AVAST engine defs: 12102700
15:12:04.798 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
15:12:04.798 Disk 0 Vendor: FUJITSU_MHZ2320BH_G2 8909 Size: 305245MB BusType: 3
15:12:04.798 Disk 0 MBR read successfully
15:12:04.814 Disk 0 MBR scan
15:12:04.814 Disk 0 unknown MBR code
15:12:04.814 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 294097 MB offset 63
15:12:04.845 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 11144 MB offset 602312704
15:12:04.845 Disk 0 scanning sectors +625135616
15:12:04.908 Disk 0 scanning C:\Windows\system32\drivers
15:12:15.874 Service scanning
15:12:43.564 Modules scanning
15:12:50.070 Disk 0 trace - called modules:
15:12:50.085 ntkrnlpa.exe CLASSPNP.SYS disk.sys ataport.SYS hal.dll PCIIDEX.SYS msahci.sys
15:12:50.101 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86060030]
15:12:50.101 3 CLASSPNP.SYS[805d88b3] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x85ea0b98]
15:12:51.583 AVAST engine scan C:\Windows
15:12:55.108 AVAST engine scan C:\Windows\system32
15:16:38.500 AVAST engine scan C:\Windows\system32\drivers
15:17:02.166 AVAST engine scan C:\Users\Matthew
15:56:31.930 AVAST engine scan C:\ProgramData
16:01:18.814 Scan finished successfully
16:48:23.335 Disk 0 MBR has been saved successfully to "C:\Users\Matthew\Desktop\Cleanup Tools\MBR.dat"
16:48:23.335 The log file has been saved successfully to "C:\Users\Matthew\Desktop\Cleanup Tools\aswMBR log2.txt"

#5 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:11 PM

Posted 27 October 2012 - 05:18 PM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.

#6 irish94

irish94
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:05:11 PM

Posted 28 October 2012 - 08:42 PM

Thank you for your help...

Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Database version: v2012.10.26.02

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Matthew :: MJMLAPTOP [administrator]

10/27/2012 11:33:49 PM
mbam-log-2012-10-27 (23-33-49).txt

Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 442742
Time elapsed: 4 hour(s), 38 minute(s), 23 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


MiniToolBox by Farbar Version: 23-07-2012
Ran by Matthew (administrator) on 28-10-2012 at 20:58:21
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

::1 localhost

127.0.0.1 localhost

========================= IP Configuration: ================================

Atheros AR5009 802.11a/g/n WiFi Adapter = Wireless Network Connection (Connected)
Realtek RTL8102E Family PCI-E Fast Ethernet NIC (NDIS 6.0) = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : MJMLaptop
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : home

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : home
Description . . . . . . . . . . . : Atheros AR5009 802.11a/g/n WiFi Adapter
Physical Address. . . . . . . . . : 00-24-2C-07-A2-D5
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::993d:fca8:f93:3031%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.2(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Saturday, October 27, 2012 4:51:58 PM
Lease Expires . . . . . . . . . . : Monday, October 29, 2012 8:17:26 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 234890284
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-11-5B-DD-15-00-24-2C-07-A2-D5
DNS Servers . . . . . . . . . . . : 192.168.1.1
71.252.0.12
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : home
Description . . . . . . . . . . . : Realtek RTL8102E Family PCI-E Fast Ethernet NIC (NDIS 6.0)
Physical Address. . . . . . . . . : 00-1F-16-75-CD-D7
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 6:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 7:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.home
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{87AF5F96-767B-40E5-A33E-FA85D1E50B4F}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: Wireless_Broadband_Router.home
Address: 192.168.1.1

Name: google.com
Addresses: 2607:f8b0:4004:801::1005
74.125.228.41
74.125.228.40
74.125.228.37
74.125.228.46
74.125.228.39
74.125.228.33
74.125.228.34
74.125.228.35
74.125.228.36
74.125.228.32
74.125.228.38



Pinging google.com [74.125.228.97] with 32 bytes of data:

Reply from 74.125.228.97: bytes=32 time=30ms TTL=55

Reply from 74.125.228.97: bytes=32 time=164ms TTL=55



Ping statistics for 74.125.228.97:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 30ms, Maximum = 164ms, Average = 97ms

Server: Wireless_Broadband_Router.home
Address: 192.168.1.1

Name: yahoo.com
Addresses: 72.30.38.140
98.139.183.24
98.138.253.109



Pinging yahoo.com [98.138.253.109] with 32 bytes of data:

Reply from 98.138.253.109: bytes=32 time=98ms TTL=51

Reply from 98.138.253.109: bytes=32 time=336ms TTL=50



Ping statistics for 98.138.253.109:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 98ms, Maximum = 336ms, Average = 217ms

Server: Wireless_Broadband_Router.home
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:

Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),



Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
11 ...00 24 2c 07 a2 d5 ...... Atheros AR5009 802.11a/g/n WiFi Adapter
10 ...00 1f 16 75 cd d7 ...... Realtek RTL8102E Family PCI-E Fast Ethernet NIC (NDIS 6.0)
1 ........................... Software Loopback Interface 1
13 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
12 ...00 00 00 00 00 00 00 e0 isatap.home
14 ...00 00 00 00 00 00 00 e0 isatap.{87AF5F96-767B-40E5-A33E-FA85D1E50B4F}
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.2 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.2 281
192.168.1.2 255.255.255.255 On-link 192.168.1.2 281
192.168.1.255 255.255.255.255 On-link 192.168.1.2 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.2 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.2 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
11 281 fe80::/64 On-link
11 281 fe80::993d:fca8:f93:3031/128
On-link
1 306 ff00::/8 On-link
11 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

Catalog5 06 C:\Windows\System32\winrnr.dll [19968] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Catalog9 09 mswsock.dll [File Not found] ()
Catalog9 10 mswsock.dll [File Not found] ()
Catalog9 11 mswsock.dll [File Not found] ()
Catalog9 12 mswsock.dll [File Not found] ()
Catalog9 13 mswsock.dll [File Not found] ()
Catalog9 14 mswsock.dll [File Not found] ()
Catalog9 15 mswsock.dll [File Not found] ()
Catalog9 16 mswsock.dll [File Not found] ()
Catalog9 17 mswsock.dll [File Not found] ()
Catalog9 18 mswsock.dll [File Not found] ()
Catalog9 19 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Catalog9 20 mswsock.dll [File Not found] ()
Catalog9 21 mswsock.dll [File Not found] ()
Catalog9 22 mswsock.dll [File Not found] ()
Catalog9 23 mswsock.dll [File Not found] ()
Catalog9 24 mswsock.dll [File Not found] ()
Catalog9 25 mswsock.dll [File Not found] ()
Catalog9 26 mswsock.dll [File Not found] ()
Catalog9 27 mswsock.dll [File Not found] ()
Catalog9 28 mswsock.dll [File Not found] ()
Catalog9 29 mswsock.dll [File Not found] ()
Catalog9 30 mswsock.dll [File Not found] ()
Catalog9 31 mswsock.dll [File Not found] ()

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/28/2012 06:12:47 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\MATTHEW\APPDATA\ROAMING\.MINECRAFT\STATS\STATS_BROCK5000_UNSENT.OLD> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (10/28/2012 06:04:54 PM) (Source: Application Hang) (User: )
Description: The program javaw.exe version 6.0.310.5 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel.
Process ID: 1868
Start Time: 01cdb558001fc520
Termination Time: 44

Error: (10/28/2012 02:21:15 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\MATTHEW\DOCUMENTS\PERSONAL\MB STUFF\GENNA\DEBATE 2012 TRANSCRIPT.DOCX> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (10/28/2012 02:21:15 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\MATTHEW\DOCUMENTS\PERSONAL\MB STUFF\GENNA\DEBATE 2012 TRANSCRIPT.DOCX> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (10/27/2012 04:53:18 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/27/2012 00:50:13 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/27/2012 00:49:54 PM) (Source: EventSystem) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (10/27/2012 00:44:52 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/27/2012 09:00:04 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/26/2012 10:01:45 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (10/27/2012 04:53:19 PM) (Source: Service Control Manager) (User: )
Description: SRTSP
SRTSPX

Error: (10/27/2012 04:53:19 PM) (Source: Service Control Manager) (User: )
Description: Pwisvc%%126

Error: (10/27/2012 04:53:19 PM) (Source: Service Control Manager) (User: )
Description: ZD1211BU(ZyDAS)%%126

Error: (10/27/2012 04:53:19 PM) (Source: Service Control Manager) (User: )
Description: Winmtsrv%%126

Error: (10/27/2012 04:53:19 PM) (Source: Service Control Manager) (User: )
Description: Roxliveshare%%126

Error: (10/27/2012 04:53:19 PM) (Source: Service Control Manager) (User: )
Description: Vulfntrs%%126

Error: (10/27/2012 04:53:19 PM) (Source: Service Control Manager) (User: )
Description: F700ius%%126

Error: (10/27/2012 04:53:19 PM) (Source: Service Control Manager) (User: )
Description: Servicemgr%%126

Error: (10/27/2012 04:53:19 PM) (Source: Service Control Manager) (User: )
Description: Brmfrmps%%126

Error: (10/27/2012 04:53:19 PM) (Source: Service Control Manager) (User: )
Description: Ahcix86s%%126


Microsoft Office Sessions:
=========================
Error: (10/25/2012 08:50:46 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 21 seconds with 0 seconds of active time. This session ended with a crash.

Error: (10/24/2012 00:59:59 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 5264 seconds with 3360 seconds of active time. This session ended with a crash.

Error: (01/11/2012 04:22:25 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 23323 seconds with 60 seconds of active time. This session ended with a crash.

Error: (11/07/2011 11:46:59 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 26876 seconds with 420 seconds of active time. This session ended with a crash.

Error: (10/27/2011 07:22:07 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 172329 seconds with 8160 seconds of active time. This session ended with a crash.

Error: (04/28/2011 06:37:12 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 362 seconds with 120 seconds of active time. This session ended with a crash.

Error: (03/30/2011 03:43:24 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 27707 seconds with 0 seconds of active time. This session ended with a crash.

Error: (05/20/2010 09:54:50 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 8455 seconds with 300 seconds of active time. This session ended with a crash.

Error: (05/17/2010 05:19:28 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6524.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 11916 seconds with 2220 seconds of active time. This session ended with a crash.

Error: (04/28/2010 10:12:56 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 4515 seconds with 480 seconds of active time. This session ended with a crash.


=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
32 Bit HP CIO Components Installer (Version: 6.1.2)
Acrobat.com (Version: 0.0.0)
Acrobat.com (Version: 1.1.377)
Activation Assistant for the 2007 Microsoft Office suites
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0)
ActiveCheck component for HP Active Support Library (Version: 3.0.0.3)
Adobe AIR (Version: 1.5.3.9130)
Adobe Download Manager (Version: 1.6.2.63)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.257)
Adobe Flash Player 11 Plugin (Version: 11.4.402.265)
Adobe Reader X (10.1.4) (Version: 10.1.4)
Adobe Shockwave Player (Version: 11.0)
Amazon Browser Bar (Version: 3.0.2012.0126)
Amazon Kindle
Amazon MP3 Downloader 1.0.17 (Version: 1.0.17)
Apple Application Support (Version: 2.1.9)
Apple Mobile Device Support (Version: 5.2.0.6)
Apple Software Update (Version: 2.1.3.127)
Atheros Driver Installation Program (Version: 5.2)
Audible Download Manager (Version: 6.6.0.15)
Avery Template (Version: 2.0.0.0)
AVG 2013 (Version: 13.0.2617)
AVG 2013 (Version: 13.0.2742)
AVG 2013 (Version: 2013.0.2742)
bpd_scan (Version: 3.00.0000)
CCleaner (Version: 3.17)
Chuzzle Deluxe 1.01 (Version: 1.01)
Cisco EAP-FAST Module (Version: 2.1.6)
Cisco LEAP Module (Version: 1.0.12)
Cisco PEAP Module (Version: 1.0.13)
Coby Media Manager (Version: 1.0.4717)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Conexant HD Audio (Version: 4.58.0.0)
CutePDF Writer 2.8
CyberLink DVD Suite (Version: 6.0.2203)
CyberLink YouCam (Version: 2.0.2519)
D3DX10 (Version: 15.4.2368.0902)
Epson Connect
Epson Customer Participation (Version: 1.0.0.0)
Epson Download Navigator (Version: 1.0.1)
Epson Event Manager (Version: 2.50.0001)
Epson FAX Utility (Version: 1.20.00)
Epson PC-FAX Driver
EPSON Scan
EPSON WorkForce 845 Series Printer Uninstall
EpsonNet Print (Version: 2.4j)
ESET Online Scanner v3
ESU for Microsoft Vista (Version: 1.0.0)
Foxit Reader 5.1 (Version: 5.1.4.104)
Google Talk Plugin (Version: 2.5.7.4933)
Google Update Helper (Version: 1.3.21.123)
HDAUDIO Soft Data Fax Modem with SmartCP
HP Customer Experience Enhancements (Version: 6.0.1.3)
HP Doc Viewer (Version: 1.03.0001)
HP DVD Play 3.7 (Version: 3.7.0.6310)
HP Games (Version: 1.0.2.5)
HP Product Detection (Version: 10.7.9.0)
HP Quick Launch Buttons 6.40 H2 (Version: 6.40 H2)
HP Total Care Advisor (Version: 2.4.4941.2798)
HP Update (Version: 5.003.001.001)
HP User Guides 0118 (Version: 1.00.0000)
HP Wireless Assistant (Version: 3.00 K2)
HP_Network_UserGuide (Version: 1.00.0000)
HPAsset component for HP Active Support Library (Version: 3.0.0.7)
HPTCSSetup (Version: 1.1.1963.2799)
I SPY Spooky Mansion (Version: 2.2.0.97)
IHA_MessageCenter (Version: 1.6.0)
Intel® Graphics Media Accelerator Driver
Intel® TV Wizard
iTunes (Version: 10.6.3.25)
Java™ 6 Update 31 (Version: 6.0.310)
Junk Mail filter update (Version: 15.4.3502.0922)
LeapFrog Connect (Version: 3.2.19.13664)
LeapFrog Didj Plugin (Version: 3.2.19.13664)
LEGO Star Wars II (Version: 1.00.0000)
LEGO Universe
LEGO® Batman™ (Version: 1.00.0000)
LEGO® Indiana Jones™ 2 (Version: 1.00.0000)
LEGO® Indiana Jones™ 2: The Adventure Continues (Version: 1.00.0000)
LightScribe System Software (Version: 1.18.1.1)
Logitech Gaming Software (Version: 4.60)
Magic Life (Version: 2.2.0.97)
Malwarebytes Anti-Malware version 1.65.1.1000 (Version: 1.65.1.1000)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Live Add-in 1.5 (Version: 2.0.4024.1)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook Connector (Version: 14.0.5118.5000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Office Professional Plus 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 4.1.10111.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Mozilla Firefox 16.0.2 (x86 en-US) (Version: 16.0.2)
Mozilla Maintenance Service (Version: 16.0.2)
MSVCRT (Version: 15.4.2862.0708)
MSVCSetup (Version: 1.00.0000)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0)
NetWaiting (Version: 2.5.52)
Norton Internet Security (Version: 16.0.0.125)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
OverDrive Media Console (Version: 3.2.20)
Picasa 3 (Version: 3.8)
Power2Go (Version: 6.0.2202)
PowerDirector (Version: 7.0.2201)
QuickTime (Version: 7.72.80.56)
Realtek 8169 8168 8101E 8102E Ethernet Driver (Version: 1.00.0000)
Realtek USB 2.0 Card Reader (Version: 6.0.6000.20133)
Revo Uninstaller 1.94 (Version: 1.94)
Scratch (Version: 1.4.0.0)
Segoe UI (Version: 15.4.2271.0615)
Skype™ 5.10 (Version: 5.10.116)
SpongeBob SquarePants 3D Obstacle Odyssey (Version: 2.2.0.95)
SupportSoft Assisted Service (Version: 15)
Synaptics Pointing Device Driver (Version: 11.1.3.0)
Unity Web Player (Version: )
Unity Web Player (Version: 2.5.4b3_944)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2597970) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Use the entry named LeapFrog Connect to uninstall (LeapFrog Didj Plugin)
Visual C++ 8.0 ATL (x86) WinSXS MSM (Version: 8.0.50727.762)
Visual C++ 8.0 CRT (x86) WinSXS MSM (Version: 8.0.50727.762)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live Family Safety (Version: 15.4.3538.0513)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)

========================= Memory info: ===================================

Percentage of memory in use: 42%
Total physical RAM: 3002.44 MB
Available physical RAM: 1724.38 MB
Total Pagefile: 6241.14 MB
Available Pagefile: 4649.8 MB
Total Virtual: 2047.88 MB
Available Virtual: 1950.23 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:287.21 GB) (Free:213.36 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:10.88 GB) (Free:1.54 GB) NTFS
4 Drive f: () (Removable) (Total:0.95 GB) (Free:0.79 GB) FAT

========================= Users: ========================================

User accounts for \\MJMLAPTOP

Administrator Guest Kiddos
Matthew

========================= Restore Points ==================================

28-10-2012 02:03:38 Scheduled Checkpoint

**** End of log ****


Farbar Service Scanner Version: 27-10-2012
Ran by Matthew (administrator) on 28-10-2012 at 21:13:05
Running from "C:\Users\Matthew\Desktop\Cleanup Tools"
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.

bfe Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.

BITS Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.


Other Services:
==============
Checking Start type of SharedAccess: ATTENTION!=====> Unable to retrieve start type of SharedAccess. The value does not exist.
Checking ImagePath of SharedAccess: ATTENTION!=====> Unable to retrieve ImagePath of SharedAccess. The value does not exist.
Checking ServiceDll of SharedAccess: ATTENTION!=====> Unable to open SharedAccess registry key. The service key does not exist.


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcsvc.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\ipnathlp.dll
[2008-01-20 22:24] - [2008-01-20 22:24] - 0288256 ____A (Microsoft Corporation) E1499BD0FF76B1B2FBBF1AF339D91165

C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****


# AdwCleaner v2.005 - Logfile created 10/28/2012 at 21:22:34
# Updated 14/10/2012 by Xplode
# Operating system : Windows Vista ™ Home Premium Service Pack 2 (32 bits)
# User : Matthew - MJMLAPTOP
# Boot Mode : Safe mode with networking
# Running from : C:\Users\Matthew\Desktop\Cleanup Tools\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml
File Deleted : C:\Program Files\Mozilla FireFox\searchplugins\Search_Results.xml
File Deleted : C:\user.js
Folder Deleted : C:\Users\Matthew\AppData\LocalLow\Bandoo
Folder Deleted : C:\Users\Matthew\AppData\LocalLow\FunWebProducts
Folder Deleted : C:\Users\Matthew\AppData\LocalLow\searchquband
Folder Deleted : C:\Users\Matthew\AppData\Roaming\Babylon
Folder Deleted : C:\Users\Matthew\AppData\Roaming\Bandoo
Folder Deleted : C:\Users\Matthew\AppData\Roaming\iWin

***** [Registry] *****

Key Deleted : HKCU\Software\Alexa Internet
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\Fun Web Products
Key Deleted : HKCU\Software\AppDataLow\Software\FunWebProducts
Key Deleted : HKCU\Software\AppDataLow\Software\MyWebSearch
Key Deleted : HKCU\Software\AppDataLow\Software\searchqutoolbar
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\BrowserCompanion
Key Deleted : HKCU\Software\IGearSettings
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EA582743-9076-4178-9AA6-7393FDF4D5CE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EA582743-9076-4178-9AA6-7393FDF4D5CE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\Bandoo
Key Deleted : HKLM\SOFTWARE\Classes\AlxSSB.AlxTBSSB
Key Deleted : HKLM\SOFTWARE\Classes\AlxSSB.AlxTBSSB.1
Key Deleted : HKLM\SOFTWARE\Classes\AlxTB2.ToolBarProxy
Key Deleted : HKLM\SOFTWARE\Classes\AlxTB2.ToolBarProxy.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1F02FB61-2BE5-4C16-8199-AEAA16EB0342}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\BandooCore.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.BandooCore
Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.BandooCore.1
Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.ResourcesMngr
Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.ResourcesMngr.1
Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.SettingsMngr
Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.SettingsMngr.1
Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.StatisticMngr
Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.StatisticMngr.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69A72A8A-84ED-4a75-8CE7-263DBEF3E5D3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{761F6A83-F007-49E4-8EAC-CDB6808EF06F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{97D69524-BB57-4185-9C7F-5F05593B771A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B3EAD50C-ECB0-459A-9EDA-F505AB99675B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E57091A7-B5F0-4C42-9329-72ED3E59ED31}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EA582743-9076-4178-9AA6-7393FDF4D5CE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{06DE5702-44CF-4B79-B4EF-3DDF653358F5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0923E315-2D8B-48CE-A37C-AE9A42F9711C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1A1BBE49-C6F1-40EA-9D2F-262F0AF6DDE3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2022154E-7E3E-4809-871E-1B45A6FC7058}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{292ECB89-350E-45D2-816F-52C15305B144}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{36CC2180-B6BF-4951-9578-6B0C40044AAA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{44A36944-22C6-4A08-BC7C-161F3E540DBF}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{51F04BD6-3888-4849-864C-617FAE709CE0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6247DD2C-8CF9-4041-A235-93691D71B8B4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{835BED79-DF7E-4096-B355-ED43FA2EA87B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8C953EC4-8CFA-44FB-B32E-1249E5505091}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8E863BD6-50DE-47D0-A6F1-3C1F6DB72451}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9DD36F1E-5111-41C5-ADED-A2A11A2FF3E4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A2FB8217-E320-434E-BA79-513E357AD54F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A9CEBBF4-9129-479A-9231-E833ED3D3A8F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AFD4D1F9-167C-4884-95AE-B5A9797B0D16}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B3EAD50C-ECB0-459A-9EDA-F505AB99675B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C47788B1-9604-4D7A-A684-F4D450F2D7D2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CA3B41D0-D4C1-4808-B248-75DA27238828}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D4A2FF6C-087F-4D40-8DFE-92AAD484BFB8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D88B9D5C-A9CF-4C69-906D-1CCA5D85A2EF}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E4E394E0-D331-431F-B76D-E3A19193D5F6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F83AF01C-AA2F-469F-8BE7-D178FB15FD07}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32}
Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{33D0AD98-3347-4A54-8929-5163EBEB9F72}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{8F5F1CB6-EA9E-40AF-A5CA-C7FD63CC1971}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DA9FC525-41ED-4C00-B046-946DA7CDD305}
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\clbfjfbnelcflpgpklppgplejolacbej
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4E1D-BDD0-1E9C9B7799CC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F000001-DB8E-F89C-2FEC-49BF726F8C12}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E57091A7-B5F0-4C42-9329-72ED3E59ED31}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4FDE-B055-AE7B0F4CF080}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6087829B-114F-42A1-A72B-B4AEDCEA4E5B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Deleted : HKCU\Software\Mozilla\Firefox\Extensions [{EB132DB0-A4CA-11DF-9732-0E29E0D72085}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [m3ffxtbr@mywebsearch.com]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.startsearcher.com --> hxxp://www.google.com

-\\ Mozilla Firefox v16.0.2 (en-US)

Profile name : default
File : C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\l8gphtqr.default\prefs.js

C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\l8gphtqr.default\user.js ... Deleted !

Deleted : user_pref("avg.install.installDirPath", "C:\\ProgramData\\AVG Secure Search\\10.2.0.3");
Deleted : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");
Deleted : user_pref("browser.search.defaultenginename", "Search the web (Babylon)");
Deleted : user_pref("browser.search.order.1", "Search the web (Babylon)");
Deleted : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
Deleted : user_pref("extensions.BabylonToolbar_i.babExt", "");
Deleted : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=109935");
Deleted : user_pref("extensions.BabylonToolbar_i.hardId", "2228748800000000000000242c07a2d5");
Deleted : user_pref("extensions.BabylonToolbar_i.id", "2228748800000000000000242c07a2d5");
Deleted : user_pref("extensions.BabylonToolbar_i.instlDay", "15463");
Deleted : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
Deleted : user_pref("extensions.BabylonToolbar_i.newTab", true);
Deleted : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://search.babylon.com/?affID=109935&babsrc=N[...]
Deleted : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
Deleted : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
Deleted : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Deleted : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Deleted : user_pref("extensions.BabylonToolbar_i.tlbrId", "tb9");
Deleted : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
Deleted : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1718:49:59");
Deleted : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
Deleted : user_pref("extensions.funmoods.admin", false);
Deleted : user_pref("extensions.funmoods.aflt", "fmtgl");
Deleted : user_pref("extensions.funmoods.brwsrsrc", "ietlbr");
Deleted : user_pref("extensions.funmoods.cntry", "US");
Deleted : user_pref("extensions.funmoods.dfltLng", "EN");
Deleted : user_pref("extensions.funmoods.dfltSrch", true);
Deleted : user_pref("extensions.funmoods.dfltlng", "EN");
Deleted : user_pref("extensions.funmoods.dfltsrch", true);
Deleted : user_pref("extensions.funmoods.excTlbr", false);
Deleted : user_pref("extensions.funmoods.hdrMd5", "484D7F5D6DECB6220A676698C3B7B697");
Deleted : user_pref("extensions.funmoods.hmpg", true);
Deleted : user_pref("extensions.funmoods.hrdid", "0");
Deleted : user_pref("extensions.funmoods.id", "2228748800000000000000242c07a2d5");
Deleted : user_pref("extensions.funmoods.instlDay", "15381");
Deleted : user_pref("extensions.funmoods.instlRef", "");
Deleted : user_pref("extensions.funmoods.instlday", "15381");
Deleted : user_pref("extensions.funmoods.instlref", "");
Deleted : user_pref("extensions.funmoods.isDcmntCmplt", false);
Deleted : user_pref("extensions.funmoods.isdcmntcmplt", false);
Deleted : user_pref("extensions.funmoods.keywordurl", "");
Deleted : user_pref("extensions.funmoods.lastVrsnTs", "1.5.11.1616:12:51");
Deleted : user_pref("extensions.funmoods.newTab", true);
Deleted : user_pref("extensions.funmoods.newTabUrl", "hxxp://start.funmoods.com/?f=2&a=fmtgl");
Deleted : user_pref("extensions.funmoods.newtab", true);
Deleted : user_pref("extensions.funmoods.newtaburl", "hxxp://start.funmoods.com/?f=2&a=fmtgl");
Deleted : user_pref("extensions.funmoods.noFFXTlbr", false);
Deleted : user_pref("extensions.funmoods.prdct", "funmoods");
Deleted : user_pref("extensions.funmoods.propectorlck", 68678561);
Deleted : user_pref("extensions.funmoods.prtnrId", "funmoods");
Deleted : user_pref("extensions.funmoods.prtnrid", "funmoods");
Deleted : user_pref("extensions.funmoods.sg", "none");
Deleted : user_pref("extensions.funmoods.smplGrp", "none");
Deleted : user_pref("extensions.funmoods.smplgrp", "none");
Deleted : user_pref("extensions.funmoods.srch", "");
Deleted : user_pref("extensions.funmoods.srchPrvdr", "Search");
Deleted : user_pref("extensions.funmoods.srchprvdr", "Search");
Deleted : user_pref("extensions.funmoods.stAdmnPrms", true);
Deleted : user_pref("extensions.funmoods.tlbrId", "base");
Deleted : user_pref("extensions.funmoods.tlbrSrchUrl", "hxxp://start.funmoods.com/results.php?f=3&a=fmtgl&q=")[...]
Deleted : user_pref("extensions.funmoods.tlbrid", "base");
Deleted : user_pref("extensions.funmoods.tlbrsrchurl", "hxxp://start.funmoods.com/results.php?f=3&a=fmtgl&q=")[...]
Deleted : user_pref("extensions.funmoods.vrsn", "1.5.11.16");
Deleted : user_pref("extensions.funmoods.vrsnTs", "1.5.11.1616:12:51");
Deleted : user_pref("extensions.funmoods.vrsni", "1.5.11.16");
Deleted : user_pref("extensions.funmoods.vrsnts", "1.5.11.1616:12:51");
Deleted : user_pref("extensions.funmoods.xpeStat\\xpeReportData", "11-1-2012");
Deleted : user_pref("extensions.funmoods_i.aflt", "fmtgl");
Deleted : user_pref("extensions.funmoods_i.dfltLng", "");
Deleted : user_pref("extensions.funmoods_i.dfltSrch", true);
Deleted : user_pref("extensions.funmoods_i.dnsErr", true);
Deleted : user_pref("extensions.funmoods_i.excTlbr", false);
Deleted : user_pref("extensions.funmoods_i.hmpg", true);
Deleted : user_pref("extensions.funmoods_i.hmpgUrl", "hxxp://start.funmoods.com/?f=1&a=fmtgl");
Deleted : user_pref("extensions.funmoods_i.id", "2228748800000000000000242c07a2d5");
Deleted : user_pref("extensions.funmoods_i.instlDay", "15381");
Deleted : user_pref("extensions.funmoods_i.instlRef", "");
Deleted : user_pref("extensions.funmoods_i.newTab", true);
Deleted : user_pref("extensions.funmoods_i.newTabUrl", "hxxp://start.funmoods.com/?f=2&a=fmtgl");
Deleted : user_pref("extensions.funmoods_i.prdct", "funmoods");
Deleted : user_pref("extensions.funmoods_i.prtnrId", "funmoods");
Deleted : user_pref("extensions.funmoods_i.smplGrp", "none");
Deleted : user_pref("extensions.funmoods_i.srchPrvdr", "Search");
Deleted : user_pref("extensions.funmoods_i.tlbrId", "base");
Deleted : user_pref("extensions.funmoods_i.tlbrSrchUrl", "hxxp://start.funmoods.com/results.php?f=3&a=fmtgl&q=[...]
Deleted : user_pref("extensions.funmoods_i.vrsn", "1.5.11.16");
Deleted : user_pref("extensions.funmoods_i.vrsnTs", "1.5.11.1616:12:51");
Deleted : user_pref("extensions.funmoods_i.vrsni", "1.5.11.16");
Deleted : user_pref("keyword.URL", "hxxp://isearch.avg.com/search?cid=%7Bff83aeab-0077-43eb-854a-c80d1e4b3921%[...]

Profile name : default
File : C:\Users\Kiddos\AppData\Roaming\Mozilla\Firefox\Profiles\0rd30q72.default\prefs.js

Deleted : user_pref("avg.install.installDirPath", "C:\\ProgramData\\AVG Secure Search\\10.2.0.3");
Deleted : user_pref("keyword.URL", "hxxp://isearch.avg.com/search?cid=%7B3c8b0ddf-0fce-4dce-9f40-e2c242742d61%[...]

*************************

AdwCleaner[S2].txt - [381 octets] - [28/10/2012 21:15:08]
AdwCleaner[S3].txt - [17639 octets] - [28/10/2012 21:22:34]

########## EOF - C:\AdwCleaner[S3].txt - [17700 octets] ##########


Junkware Removal Tool (JRT) by Thisisu
Version: 2.2.3 (10.28.2012)
OS: Windows Vista ™ Home Premium x86
Ran by Matthew on Sun 10/28/2012 at 21:26:48.97
Blog: http://thisisudax.blogspot.com
**************************************************************




*** Services: 0 Detections



*** Registry Values: 0 Detections



*** Registry Keys: 0 Detections



*** Files: 0 Detections



*** Folders:

Successfully deleted: [FOLDER] "C:\Users\Matthew\appdata\locallow\datamngr"



*** FireFox detected and repaired



*** Event Viewer Logs - Cleared





**************************************************************
Scan was completed on Sun 10/28/2012 at 21:37:39.68
End of Report

#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:11 PM

Posted 28 October 2012 - 08:54 PM

Run the services repair tool

http://kb.eset.com/library/ESET/KB%20Team%20Only/Malware/ServicesRepair.exe

Run Farbar service scanner again and post the new log


Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#8 irish94

irish94
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:05:11 PM

Posted 29 October 2012 - 07:37 PM

Farbar Service Scanner Version: 27-10-2012
Ran by Matthew (administrator) on 29-10-2012 at 20:35:58
Running from "C:\Users\Matthew\Desktop\Cleanup Tools"
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is OK.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcsvc.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\ipnathlp.dll
[2008-01-20 22:24] - [2008-01-20 22:24] - 0288256 ____A (Microsoft Corporation) E1499BD0FF76B1B2FBBF1AF339D91165

C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****

Rkill 2.4.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 10/29/2012 08:28:31 PM in x86 mode.
Windows Version: Windows Vista ™ Home Premium Service Pack 2

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity:

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Automatic

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* Cannot edit the HOSTS file.
* Permissions Fixed. Administrators can now edit the HOSTS file.

* HOSTS file entries found:

127.0.0.1 localhost
::1 localhost

Program finished at: 10/29/2012 08:28:46 PM
Execution time: 0 hours(s), 0 minute(s), and 14 seconds(s)

"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" ""
+ "rdpclip" "" "" "File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files\common files\adobe\arm\1.0\adobearm.exe"
+ "AVG_UI" "AVG User Interface" "AVG Technologies CZ, s.r.o." "c:\program files\avg\avg2013\avgui.exe"
+ "EEventManager" "EEventManager Application" "SEIKO EPSON CORPORATION" "c:\program files\epson software\event manager\eeventmanager.exe"
+ "FUFAXRCV" "Fax Reception" "SEIKO EPSON CORPORATION" "c:\program files\epson software\fax utility\fufaxrcv.exe"
+ "FUFAXSTM" "Fax Transmission" "SEIKO EPSON CORPORATION" "c:\program files\epson software\fax utility\fufaxstm.exe"
+ "HotKeysCmds" "hkcmd Module" "Intel Corporation" "c:\windows\system32\hkcmd.exe"
+ "hpWirelessAssistant" "HPWAMain Module" "Hewlett-Packard Development Company, L.P." "c:\program files\hewlett-packard\hp wireless assistant\hpwamain.exe"
+ "QuickTime Task" "QuickTime Task" "Apple Inc." "c:\program files\quicktime\qttask.exe"
+ "vProt" "" "" "File not found: C:\Program Files\AVG Secure Search\vprot.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "LightScribe Control Panel" "" "Hewlett-Packard Company" "c:\program files\common files\lightscribe\lsrunonce.exe"
+ "Microsoft Windows Mail 7" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "EPLTarget\P0000000000000000" "EPSON Status Monitor 3" "SEIKO EPSON CORPORATION" "c:\windows\system32\spool\drivers\w32x86\3\e_tatihsa.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office12\msoxmlmf.dll"
"HKLM\SOFTWARE\Classes\Protocols\Handler" "" "" ""
+ "linkscanner" "" "" "File not found: C:\Program Files\AVG\AVG2012\avgpp.dll"
+ "livecall" "Windows Live Messenger Protocol Handler Module" "Microsoft Corporation" "c:\program files\windows live\messenger\msgrapp.dll"
+ "ms-help" "Microsoft® Help Data Services Module" "Microsoft Corporation" "c:\program files\common files\microsoft shared\help\hxds.dll"
+ "msnim" "Windows Live Messenger Protocol Handler Module" "Microsoft Corporation" "c:\program files\windows live\messenger\msgrapp.dll"
+ "skype4com" "Skype for COM API" "Skype Technologies" "c:\program files\common files\skype\skype4com.dll"
+ "wlmailhtml" "Windows Live Mail" "Microsoft Corporation" "c:\program files\windows live\mail\mailcomm.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "AVG Shell Extension" "AVG Shell Extension" "AVG Technologies CZ, s.r.o." "c:\program files\avg\avg2013\avgse.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "igfxcui" "igfxpph Module" "Intel Corporation" "c:\windows\system32\igfxpph.dll"
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "AudibleShlExt Class" "AudibleExt Module" "Audible, Inc." "c:\program files\audible\bin\audibleext.dll"
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "AVG Shell Extension" "AVG Shell Extension" "AVG Technologies CZ, s.r.o." "c:\program files\avg\avg2013\avgse.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "AVG Safe Search" "" "" "File not found: C:\Program Files\AVG\AVG2012\avgssie.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files\java\jre6\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files\java\jre6\bin\ssv.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "S&end to OneNote" "Microsoft Office OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office12\onbttnie.dll"
"Task Scheduler" "" "" ""
+ "\Adobe Flash Player Updater" "Adobe® Flash® Player Update Service 11.4 r402" "Adobe Systems Incorporated" "c:\windows\system32\macromed\flash\flashplayerupdateservice.exe"
+ "\Apple\AppleSoftwareUpdate" "Apple Software Update" "Apple Inc." "c:\program files\apple software update\softwareupdate.exe"
+ "\GoogleUpdateTaskMachineCore" "Google Installer" "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskMachineUA" "Google Installer" "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask" "UtilTask" "Microsoft" "c:\program files\hewlett-packard\hp health check\activecheck\product_line\utiltask.exe"
+ "\Hewlett-Packard\HP Support Assistant\PC Health Analysis" "HP Support Assistant" "Hewlett-Packard Company" "c:\program files\hewlett-packard\hp support framework\hpsf.exe"
+ "\Hewlett-Packard\HP Support Assistant\PC Tuneup" "HP Support Assistant" "Hewlett-Packard Company" "c:\program files\hewlett-packard\hp support framework\hpsf.exe"
+ "\HPCeeScheduleForMatthew" "HP Ceement" "Hewlett-Packard" "c:\program files\hewlett-packard\hp ceement\hpcee.exe"
+ "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task" "Windows Live Social Object Extractor Engine" "Microsoft Corporation" "c:\program files\windows live\soxe\wlsoxe.dll"
+ "\Microsoft\Windows\Wired\GatherWiredInfo" "" "" "c:\windows\system32\gatherwiredinfo.vbs"
+ "\Microsoft\Windows\Wireless\GatherWirelessInfo" "" "" "c:\windows\system32\gatherwirelessinfo.vbs"
+ "\{29058843-5B5A-464B-B810-DFFBA41D8D7F}" "Firefox" "Mozilla Corporation" "c:\program files\mozilla firefox\firefox.exe"
+ "\{4D118B21-F320-4EF0-928D-BEB6525841C1}" "Firefox" "Mozilla Corporation" "c:\program files\mozilla firefox\firefox.exe"
+ "\{6F248918-7150-4DF1-8D81-7F8361256D51}" "Firefox" "Mozilla Corporation" "c:\program files\mozilla firefox\firefox.exe"
+ "\{89FBDF84-353E-49C1-BD6E-9155063E184A}" "Firefox" "Mozilla Corporation" "c:\program files\mozilla firefox\firefox.exe"
+ "\{A99C08A9-970D-4D3A-BCD5-D3D74D278FF4}" "Firefox" "Mozilla Corporation" "c:\program files\mozilla firefox\firefox.exe"
+ "\{B3466D0B-64B6-4591-A8E8-083FA4F7D7BD}" "Firefox" "Mozilla Corporation" "c:\program files\mozilla firefox\firefox.exe"
+ "\{C4DBF96F-E08B-469C-8033-6A8E0D68246C}" "Skype " "Skype Technologies S.A." "c:\program files\skype\phone\skype.exe"
+ "\{C88BF9B0-524E-404D-B23C-03F8ED130671}" "Firefox" "Mozilla Corporation" "c:\program files\mozilla firefox\firefox.exe"
+ "\{CE31582B-B9D5-4FA7-A54D-D704642AF119}" "Firefox" "Mozilla Corporation" "c:\program files\mozilla firefox\firefox.exe"
+ "\{E363D8D8-7511-4D19-BFB4-63330A98408A}" "Firefox" "Mozilla Corporation" "c:\program files\mozilla firefox\firefox.exe"
+ "\{ED7C84FE-04CA-4F2E-8CFC-6E7E29E72C58}" "Firefox" "Mozilla Corporation" "c:\program files\mozilla firefox\firefox.exe"
+ "\{FD593E5A-595C-476B-98D8-77881CF46728}" "Firefox" "Mozilla Corporation" "c:\program files\mozilla firefox\firefox.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "3comtftp" "Icdsptsv" "" "File not found: C:\Windows\system32\merakpop3.dll"
+ "AcronisOSSReinstallSvc" "Mqdmmdm" "" "File not found: C:\Windows\system32\pcdrndisuio.dll"
+ "ADIDTSFiltService" "Xpadminserver" "" "File not found: C:\Windows\system32\AIRPLUS.dll"
+ "AdobeARMservice" "Adobe Acrobat Updater keeps your Adobe software up to date." "Adobe Systems Incorporated" "c:\program files\common files\adobe\arm\1.0\armsvc.exe"
+ "AFGMp50" "Dladresn" "" "File not found: C:\Windows\system32\Wbutton.dll"
+ "agpcpq" "A8djavs" "" "File not found: C:\Windows\system32\ctsfm2k.dll"
+ "aksusb" "Streamip" "" "File not found: C:\Windows\system32\se45bus.dll"
+ "antivirservice" "Mskservice" "" "File not found: C:\Windows\system32\elotouchscreen.dll"
+ "Anydlc" "Eplpdx02" "" "File not found: C:\Windows\system32\symsnap.dll"
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "artdhcp" "Cacheserver" "" "File not found: C:\Windows\system32\ahcix86s.dll"
+ "artourservice" "LC7981" "" "File not found: C:\Windows\system32\wltrysvc.dll"
+ "ati" "Rdsessmgr" "" "File not found: C:\Windows\system32\asc3550.dll"
+ "atkdisplf" "FTSER2K" "" "File not found: C:\Windows\system32\lilsgt.dll"
+ "AVGIDSAgent" "Provides Identity Protection Against Cyber Crime." "AVG Technologies CZ, s.r.o." "c:\program files\avg\avg2013\avgidsagent.exe"
+ "avgwd" "AVG Watchdog Service" "AVG Technologies CZ, s.r.o." "c:\program files\avg\avg2013\avgwdsvc.exe"
+ "avp" "SQLBrowser" "" "File not found: C:\Windows\system32\tcpip6.dll"
+ "AVRec" "Aswmon2" "" "File not found: C:\Windows\system32\dvd-ram_service.dll"
+ "awhost32" "Rp_fws" "" "File not found: C:\Windows\system32\ixiaendpoint.dll"
+ "bb-run" "Tb2RCAssist" "" "File not found: C:\Windows\system32\appdrv.dll"
+ "btnetfilter" "Ha10kx2k" "" "File not found: C:\Windows\system32\elbycdfl.dll"
+ "cccredmgr" "Pcampr5" "" "File not found: C:\Windows\system32\atalk.dll"
+ "CE3" "Tangoservice" "" "File not found: C:\Windows\system32\licensemanagersocket.dll"
+ "cidaemon" "RIOXDRV" "" "File not found: C:\Windows\system32\fsaua.dll"
+ "ClntMgmt.sys" "Fs_rec" "" "File not found: C:\Windows\system32\hpci.dll"
+ "CoolerXPDriver" "Elaunidr" "" "File not found: C:\Windows\system32\as32svc.dll"
+ "ctsfm2k" "HSXHWBS2" "" "File not found: C:\Windows\system32\nwlnkflt.dll"
+ "cwcspud" "Vetmonnt" "" "File not found: C:\Windows\system32\aspi32.dll"
+ "Defrag32" "TdmService" "" "File not found: C:\Windows\system32\vpcnfltr.dll"
+ "dirms_defragmentation" "Bdrsdrv" "" "File not found: C:\Windows\system32\winvnc4.dll"
+ "diskeeper" "Abiosdsk" "" "File not found: C:\Windows\system32\WmaCDriverV32.dll"
+ "dklogger" "Pmj151la" "" "File not found: C:\Windows\system32\schedule.dll"
+ "dm1service" "Rt61" "" "File not found: C:\Windows\system32\wmccdsls.dll"
+ "DXEC02" "Tappsrv" "" "File not found: C:\Windows\system32\vetfddnt.dll"
+ "elnkfwppservice" "Vpn5000service" "" "File not found: C:\Windows\system32\apache.dll"
+ "EpsonCustomerParticipation" "Epson Customer Participation" "SEIKO EPSON CORPORATION" "c:\program files\epson\epsoncustomerparticipation\epcp.exe"
+ "ESDCR" "Usb20l" "" "File not found: C:\Windows\system32\phnxvcdservice.dll"
+ "forcewarewebinterface" "Symsnap" "" "File not found: C:\Windows\system32\backupexecagentaccelerator.dll"
+ "fsma" "Keriomailserver" "" "File not found: C:\Windows\system32\bcm43xx.dll"
+ "fsssvc" "This service enables Family Safety on the computer. If this service is not running, Family Safety will not work." "Microsoft Corporation" "c:\program files\windows live\family safety\fsssvc.exe"
+ "getPlusHelper" "getPlus® Helper" "NOS Microsystems Ltd." "c:\program files\nos\bin\getplus_helper.dll"
+ "GoToAssist" "NETGEAR_MA111" "" "File not found: C:\Windows\system32\dlcg_device.dll"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "gv3" "Aw_host" "" "File not found: C:\Windows\system32\ICM10USB.dll"
+ "HPSLPSVC" "Discovers and monitors the state and the configuration of the HP devices attached to your network. If the service is stopped, and your network devices change IP addresses, they might become unavailable" "Hewlett-Packard Co." "c:\program files\hp\digital imaging\bin\hpslpsvc32.dll"
+ "HSXHWBS2" "Acpiec" "" "File not found: C:\Windows\system32\regmon701.dll"
+ "igateway" "DMICall" "" "File not found: C:\Windows\system32\nwlnkfwd.dll"
+ "imapi" "Ms_mpu401" "" "File not found: C:\Windows\system32\VAIOMediaPlatform-VideoServer-UPnP.dll"
+ "intelroam" "Transcode360" "" "File not found: C:\Windows\system32\tvtpktfilter.dll"
+ "iolo_srv" "Kmixer" "" "File not found: C:\Windows\system32\pdreli.dll"
+ "iPod Service" "iPod hardware management services" "Apple Inc." "c:\program files\ipod\bin\ipodservice.exe"
+ "issvc" "Sleepy" "" "File not found: C:\Windows\system32\datunidr.dll"
+ "LUsbKbd" "SndTDriverV32" "" "File not found: C:\Windows\system32\w200mgmt.dll"
+ "lvhidsvc" "SPFDRV" "" "File not found: C:\Windows\system32\rfcomm.dll"
+ "LVRS" "MRESP50" "" "File not found: C:\Windows\system32\windowblinds.dll"
+ "mnsframework" "Cics.region2" "" "File not found: C:\Windows\system32\ql2100.dll"
+ "mwagent" "Gameenum" "" "File not found: C:\Windows\system32\eliservice.dll"
+ "NdisFilt" "Pdlndint" "" "File not found: C:\Windows\system32\pcandis5.dll"
+ "Net Driver HPZ12" "Dot4Net Module" "Hewlett-Packard" "c:\windows\system32\hpzinw12.dll"
+ "nfmservice" "Blueservice" "" "File not found: C:\Windows\system32\mcontrol.dll"
+ "nisum" "DFUBTUSB" "" "File not found: C:\Windows\system32\usr11g.dll"
+ "NOWMEMDF" "Nvax" "" "File not found: C:\Windows\system32\s217unic.dll"
+ "nsm1mdm" "SE2Bbus" "" "File not found: C:\Windows\system32\curtainssyssvc.dll"
+ "ntsecure" "GVCplDrv" "" "File not found: C:\Windows\system32\nwcworkstation.dll"
+ "odserv" "Run portions of Microsoft Office Diagnostics." "Microsoft Corporation" "c:\program files\common files\microsoft shared\office12\odserv.exe"
+ "openldap-slapd" "CTSBLFX.DLL" "" "File not found: C:\Windows\system32\elbycdio.dll"
+ "orbpvr" "XDva004" "" "File not found: C:\Windows\system32\icollectservice.dll"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files\common files\microsoft shared\source engine\ose.exe"
+ "outpostfirewall" "Dlabmfsm" "" "File not found: C:\Windows\system32\ntfs.dll"
+ "owstimer" "Ctprxy2k" "" "File not found: C:\Windows\system32\DSI_SiUSBXp_3_1.dll"
+ "p2pgasvc" "Ezplay" "" "File not found: C:\Windows\system32\vss.dll"
+ "passthru" "Mcproxy" "" "File not found: C:\Windows\system32\advantage.dll"
+ "pinnaclesys.mediaserver" "Hamachi" "" "File not found: C:\Windows\system32\bits.dll"
+ "Pml Driver HPZ12" "PmlDrv Module" "Hewlett-Packard" "c:\windows\system32\hpzipm12.dll"
+ "PSDNServ" "W3svc" "" "File not found: C:\Windows\system32\rt2870.dll"
+ "psdvdisk" "N558" "" "File not found: C:\Windows\system32\unlockerdriver5.dll"
+ "RAPIProtocol" "Wltwo51b" "" "File not found: C:\Windows\system32\SlWdmSup.dll"
+ "RoxLiveShare9" "Allows remote users to view through WEB browsers your authorized multimedia content managed by Roxio Media Manager9." "" "File not found: C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe"
+ "s217unic" "Diskeeper" "" "File not found: C:\Windows\system32\nuvaud2.dll"
+ "s716nd5" "Aaksrv" "" "File not found: C:\Windows\system32\idsvc.dll"
+ "SaiNtBus" "SfCtlCom" "" "File not found: C:\Windows\system32\nmap.dll"
+ "SbieDrv" "Resourcemanagermail" "" "File not found: C:\Windows\system32\symmpi.dll"
+ "se45bus" "Pdlndsdl" "" "File not found: C:\Windows\system32\merakcontrol.dll"
+ "serialkeys" "Dfs" "" "File not found: C:\Windows\system32\pdengine.dll"
+ "sfman" "Lpx" "" "File not found: C:\Windows\system32\As6frin.dll"
+ "SkypeUpdate" "Enables the detection, download and installation of updates for Skype." "Skype Technologies" "c:\program files\skype\updater\updater.exe"
+ "srvdpi" "Wudfpf" "" "File not found: C:\Windows\system32\ql1280.dll"
+ "Stltrk2k" "Sisnic" "" "File not found: C:\Windows\system32\vmusb.dll"
+ "tosrfbd" "UsbserFilt" "" "File not found: C:\Windows\system32\symantecantibotwatcher.dll"
+ "trufos" "U81xmdm" "" "File not found: C:\Windows\system32\oracleorahometnslistener.dll"
+ "UDFReadr" "Brmfrmps" "" "File not found: C:\Windows\system32\kl1.dll"
+ "UPATC" "Dtscsi" "" "File not found: C:\Windows\system32\mountmgr.dll"
+ "usbbus" "Vulfntrs" "" "File not found: C:\Windows\system32\Bcim.dll"
+ "vaiomediaplatform-photoserver-appserver" "AffinegyService" "" "File not found: C:\Windows\system32\trcboot.dll"
+ "VC6SecS" "Roxliveshare" "" "File not found: C:\Windows\system32\isapnp.dll"
+ "viaudio" "Fah@c:+fah+fah-service+fah502-console.exe" "" "File not found: C:\Windows\system32\SNMPTRAP.dll"
+ "vvoice" "Servicemgr" "" "File not found: C:\Windows\system32\nwlnkfwd.dll"
+ "vwkernel" "Uhcd" "" "File not found: C:\Windows\system32\tcsd_win32.exe.dll"
+ "w550mdm" "Ahcix86s" "" "File not found: C:\Windows\system32\epson_pm_rpcv2_02.dll"
+ "W700mdm" "Igateway" "" "File not found: C:\Windows\system32\pcx1nd5.dll"
+ "W700mgmt" "F700ius" "" "File not found: C:\Windows\system32\ziptoa.dll"
+ "WinDefend" "Scan your computer for unwanted software, schedule scans, and get the latest unwanted software definitions." "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "wlancig" "Winmtsrv" "" "File not found: C:\Windows\system32\pdlnemsg.dll"
+ "wlidsvc" "Enables Windows Live ID authentication." "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
+ "wmconnectcds" "ZD1211BU(ZyDAS)" "" "File not found: C:\Windows\system32\crystalaps.dll"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
+ "{eda5f5d3-9e0f-4f4d-8a13-1d1cf469c9cc}" "Pwisvc" "" "File not found: C:\Windows\system32\ROCKEYNT.dll"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu160m" "Adaptec LH Ultra160 Driver (x86)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu160m.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aic78xx" "Adaptec Ultra SCSI miniport" "Adaptec, Inc." "c:\windows\system32\drivers\djsvs.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "athr" "Atheros Extensible Wireless LAN device driver" "Atheros Communications, Inc." "c:\windows\system32\drivers\athr.sys"
+ "AVGIDSDriver" "AVG Technologies IDS Application Activity Monitor Driver" "AVG Technologies CZ, s.r.o. " "c:\windows\system32\drivers\avgidsdriverx.sys"
+ "AVGIDSHX" "AVG Technologies IDS Application Activity Monitor Helper Driver" "AVG Technologies CZ, s.r.o. " "c:\windows\system32\drivers\avgidshx.sys"
+ "AVGIDSShim" "AVG Technologies IDS Application Activity Monitor Shim Loader Driver" "AVG Technologies CZ, s.r.o. " "c:\windows\system32\drivers\avgidsshimx.sys"
+ "Avgldx86" "AVG AVI Loader Driver" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgldx86.sys"
+ "Avglogx" "AVG Logging Driver" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avglogx.sys"
+ "Avgmfx86" "AVG Resident Shield Minifilter Driver" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgmfx86.sys"
+ "Avgrkx86" "AVG Anti-Rootkit Driver" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgrkx86.sys"
+ "Avgtdix" "AVG Network connection watcher" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgtdix.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "CnxtHdAudService" "High Definition Audio Function Driver" "Conexant Systems Inc." "c:\windows\system32\drivers\chdrt32.sys"
+ "E1G60" "Intel® PRO/1000 Adapter NDIS 6 deserialized driver" "Intel Corporation" "c:\windows\system32\drivers\e1g60i32.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "HpCISSs" "Smart Array Storport Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpcisss.sys"
+ "HpqKbFiltr" "HpqKbFiltr Keyboard Filter Driver" "Hewlett-Packard Development Company, L.P." "c:\windows\system32\drivers\hpqkbfiltr.sys"
+ "HSF_DPV" "HSF_DP driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\hsx_dpv.sys"
+ "HSXHWAZL" "HSF_HWAZL WDM driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\hsxhwazl.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver (base)" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "igfx" "Intel Graphics Kernel Mode Driver" "Intel Corporation" "c:\windows\system32\drivers\igdkmd32.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "IntcHdmiAddService" "Intel® High Definition Audio HDMI" "Intel® Corporation" "c:\windows\system32\drivers\intchdmi.sys"
+ "IpInIp" "IP in IP Tunnel Driver" "" "File not found: system32\DRIVERS\ipinip.sys"
+ "iteatapi" "ITE IT8211 ATA/ATAPI SCSI miniport" "Integrated Technology Express, Inc." "c:\windows\system32\drivers\iteatapi.sys"
+ "iteraid" "ITE IT8212 ATA RAID SCSI miniport" "Integrated Technology Express, Inc." "c:\windows\system32\drivers\iteraid.sys"
+ "LSI_FC" "LSI Logic Fusion-MPT FC Driver (StorPort)" "LSI Logic" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Logic Fusion-MPT SAS Driver (StorPort)" "LSI Logic" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SCSI" "LSI Logic Fusion-MPT SCSI Driver (StorPort)" "LSI Logic" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "mbr" "Omniserv" "" "File not found: C:\Users\Matthew\AppData\Local\Temp\mbr.sys"
+ "mdmxsdk" "Diagnostic Interface x86 Driver" "Conexant" "c:\windows\system32\drivers\mdmxsdk.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows Vista/Longhorn for x86" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "Mraid35x" "MegaRAID RAID Controller Driver for Windows Vista/Longhorn for x86" "LSI Logic Corporation" "c:\windows\system32\drivers\mraid35x.sys"
+ "NAVENG" "" "" "File not found: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20080829.024\NAVENG.SYS"
+ "NAVEX15" "" "" "File not found: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20080829.024\NAVEX15.SYS"
+ "NETw3v32" "Intel® Wireless WiFi Link Driver" "Intel Corporation" "c:\windows\system32\drivers\netw3v32.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "ntrigdigi" "N-trig tablet digitizer in-box driver" "N-trig Innovative Technologies" "c:\windows\system32\drivers\ntrigdigi.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "NwlnkFlt" "IPX Traffic Filter Driver" "" "File not found: system32\DRIVERS\nwlnkflt.sys"
+ "NwlnkFwd" "IPX Traffic Forwarder Driver" "" "File not found: system32\DRIVERS\nwlnkfwd.sys"
+ "pcouffin" "low level access layer for CD/DVD/BD devices" "VSO Software" "c:\windows\system32\drivers\pcouffin.sys"
+ "PxHelp20" "Px Engine Device Driver for Windows 2000/XP" "Sonic Solutions" "c:\windows\system32\drivers\pxhelp20.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "RimUsb" "" "" "File not found: System32\Drivers\RimUsb.sys"
+ "RimVSerPort" "RIM Virtual Serial Driver" "Research in Motion Ltd" "c:\windows\system32\drivers\rimserial.sys"
+ "RTL8169" "Realtek 8101E/8168/8169 NDIS6 32-bit Driver " "Realtek Corporation " "c:\windows\system32\drivers\rtlh86.sys"
+ "RTSTOR" "Realtek USB Mass Storage Driver for Vista" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtstor.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "SRTSP" "" "" "File not found: C:\Windows\system32\drivers\NIS\1000000.07D\SRTSP.SYS"
+ "SRTSPX" "" "" "File not found: C:\Windows\system32\drivers\NIS\1000000.07D\SRTSPX.SYS"
+ "Sym_hi" "LSI Logic Hi-Perf SCSI Miniport Driver" "LSI Logic" "c:\windows\system32\drivers\sym_hi.sys"
+ "Sym_u3" "LSI Logic Ultra160 SCSI Miniport Driver" "LSI Logic" "c:\windows\system32\drivers\sym_u3.sys"
+ "Symc8xx" "LSI Logic 8XX SCSI Miniport Driver" "LSI Logic" "c:\windows\system32\drivers\symc8xx.sys"
+ "SynTP" "Synaptics Touchpad Driver" "Synaptics, Inc." "c:\windows\system32\drivers\syntp.sys"
+ "uliahci" "ULi SATA Controller Driver" "ULi Electronics Inc." "c:\windows\system32\drivers\uliahci.sys"
+ "UlSata" "Promise Ultra/Sata Series Driver for Win2003" "Promise Technology, Inc." "c:\windows\system32\drivers\ulsata.sys"
+ "ulsata2" "Promise SATAII150 Series Windows Drivers" "Promise Technology, Inc." "c:\windows\system32\drivers\ulsata2.sys"
+ "USBAAPL" "Apple Mobile Device USB Driver" "Apple, Inc." "c:\windows\system32\drivers\usbaapl.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
+ "winachsf" "HSF_CNXT driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\hsx_cnxt.sys"
+ "WmBEnum" "Logitech WingMan Virtual Bus Enumerator Driver " "Logitech Inc." "c:\windows\system32\drivers\wmbenum.sys"
+ "WmFilter" "Logitech WingMan Hid Filter Driver" "Logitech Inc." "c:\windows\system32\drivers\wmfilter.sys"
+ "WmVirHid" "Logitech WingMan Virtual Hid Device Driver" "Logitech Inc." "c:\windows\system32\drivers\wmvirhid.sys"
+ "WmXlCore" "Logitech WingMan Translation Driver" "Logitech Inc." "c:\windows\system32\drivers\wmxlcore.sys"
+ "XAudio" "Modem Audio Device Driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\xaudio.sys"
+ "yukonwlh" "NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller" "Marvell" "c:\windows\system32\drivers\yk60x86.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
+ "msacm.l3codecp" "MPEG Audio Layer-3 Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codecp.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\system32\iccvid.dll"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "9x8Resize" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Allocator Fix" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Audible Words Codec" "Audible Audio Files DirectShow Source Filter" "Audible, Inc." "c:\windows\system32\awrdscdc.ax"
+ "Bitmap" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Capture ASF Writer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "CyberLink Audio Decoder (HomeNetwork)" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files\hp\quickplay\kernel\dmp\claud.ax"
+ "CyberLink Audio Decoder (QP)" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files\hp\quickplay\kernel\movie\claud.ax"
+ "CyberLink Audio Noise Reduction" "CLAuNR" "CyberLink Corp." "c:\program files\cyberlink\power2go\p2gaunrwrapper.ax"
+ "CyberLink Audio Resampler" "CLAuRsmpl.ax" "CyberLink Corp." "c:\program files\cyberlink\power2go\p2gaursmpl.ax"
+ "CyberLink Audio Spectrum Analyzer (HomeNetwork)" "CLAudSpa.ax" "CyberLink Corp." "c:\program files\hp\quickplay\kernel\dmp\claudspa.ax"
+ "CyberLink Audio VolumeBooster" "CyberLink Audio Volume Booster Filter" "CyberLink Corp." "c:\program files\cyberlink\power2go\p2gvb.ax"
+ "CyberLink AudioCD Filter" "CyberLink AudioCD Filter" "CyberLink Corp." "c:\program files\cyberlink\power2go\p2gaudiocd.ax"
+ "CyberLink AudioCD Filter" "CyberLink AudioCD Filter" "CyberLink Corp." "c:\program files\hp\quickplay\kernel\movie\claudiocd.ax"
+ "CyberLink Demultiplexer(NoneScramble)" "MPEG-2 Dempltiplexer" "CyberLink Corp." "c:\program files\hp\quickplay\kernel\dmp\cldemuxer.ax"
+ "Cyberlink Dump Dispatch Filter" "Cyberlink File Dump Dispatch Filter" "CyberLink Corp." "c:\program files\cyberlink\power2go\p2gdumpdispatch.ax"
+ "Cyberlink Dump Filter" "Cyberlink File Dump Filter" "CyberLink Corp." "c:\program files\cyberlink\power2go\p2gdump.ax"
+ "CyberLink DVD Navigator (QP3)" "CyberLink DVD Navigation Filter" "CyberLink Corp." "c:\program files\hp\quickplay\kernel\movie\clnavx.ax"
+ "CyberLink Editing Service 3.0 (Source)" "CES Kernel" "CyberLink Corp." "c:\program files\cyberlink\power2go\p2gedtkrn.dll"
+ "Cyberlink File Reader (Async.)" "Cyberlink MPEG File Reader" "CyberLink Corp." "c:\program files\cyberlink\power2go\p2greader.ax"
+ "CyberLink Line21 Decoder Filter (QP)" "CyberLink Line21 Decoder Filter" "CyberLink Corp." "c:\program files\hp\quickplay\kernel\movie\clline21.ax"
+ "CyberLink Load Image Filter" "CLImage" "CyberLink" "c:\program files\cyberlink\shared files\climage.ax"
+ "CyberLink M2V Writer" "CLM2VWriter" "CyberLink" "c:\program files\cyberlink\power2go\p2gm2vwriter.ax"
+ "CyberLink MP3/WAV Wrapper" "CyberLink MP3 Wrapper" "CyberLink Corp." "c:\program files\cyberlink\power2go\p2gmp3wrap.ax"
+ "CyberLink MPEG Decoder" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files\cyberlink\power2go\p2gmvd.ax"
+ "CyberLink MPEG Muxer" "MpgMux" "CyberLink" "c:\program files\cyberlink\power2go\p2gmpgmux.ax"
+ "CyberLink MPEG Splitter(Scramble)" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files\hp\quickplay\kernel\dmp\clsplter.ax"
+ "CyberLink MPEG Video Encoder" "CyberLink MPEG Video Encoder " "CyberLink Corp. " "c:\program files\cyberlink\power2go\p2gvidenc.ax"
+ "CyberLink MPEG-1 Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files\cyberlink\power2go\p2gm1spliter.ax"
+ "CyberLink MPEG-2 Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files\cyberlink\power2go\p2gm2spliter.ax"
+ "CyberLink PCM Wrapper" "CyberLink PCM Wrapper" "CyberLink Corp." "c:\program files\cyberlink\power2go\p2gpcmenc.ax"
+ "CyberLink Push-Mode CLStream" "CLStream" "CyberLink" "c:\program files\hp\quickplay\kernel\dmp\clstream(pushmode).ax"
+ "Cyberlink Streamming Filter" "Cyberlink Streaming Source Filter(Scramble)" "CyberLink Corp." "c:\program files\hp\quickplay\kernel\dmp\clstream.ax"
+ "CyberLink TimeStretch Filter" "CLAuTS.ax" "CyberLink Corp." "c:\program files\hp\quickplay\kernel\movie\clauts.ax"
+ "CyberLink TimeStretch Filter (CES)" "CLAuTS.ax" "CyberLink Corp." "c:\program files\cyberlink\power2go\p2gauts.ax"
+ "CyberLink TL MPEG Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files\cyberlink\youcam\yctlmsplter.ax"
+ "CyberLink TL MPEG Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files\cyberlink\power2go\p2gtlmsplter.ax"
+ "Cyberlink Track Filter" "Cyberlink Track Filter" "CyberLink Corp." "c:\program files\cyberlink\youcam\yctrack.ax"
+ "CyberLink Video Effect" "CLVidFx" "CyberLink" "c:\program files\cyberlink\power2go\p2gvidfx.ax"
+ "CyberLink Video Effect" "CLVidFx" "CyberLink" "c:\program files\hp\quickplay\kernel\movie\clvidfx.ax"
+ "CyberLink Video Regulator" "CLRGL" "Cyberlink" "c:\program files\cyberlink\power2go\p2grgl.ax"
+ "CyberLink Video Regulator" "Video Regulator" "Cyberlink" "c:\program files\cyberlink\youcam\ycrgl.ax"
+ "CyberLink Video Stabilizer" "CLVideoDeShaking" "CyberLink" "c:\program files\cyberlink\power2go\p2gvideostabilizer.ax"
+ "CyberLink Video/SP Decoder" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files\hp\quickplay\kernel\dmp\clvsd.ax"
+ "CyberLink Video/SP Decoder (QP)" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files\hp\quickplay\kernel\movie\clvsd.ax"
+ "CyberLink WebCamera NULL Render" "CLWEBCAMERARENDER" "CyberLink" "c:\program files\cyberlink\youcam\ycwebcamerarender.ax"
+ "CyberLink WMV Dumper (YouCam)" "CLWMVDum Dynamic Link Library" "" "c:\program files\cyberlink\youcam\ycwmvdump.ax"
+ "CyberLink WMV/WMA Demultiplexer" "WMV/WMA Demux" "CyberLink" "c:\program files\hp\quickplay\kernel\dmp\clwmfdemux.ax"
+ "Frame Eater" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Multiple File Output" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "P2G Audio Decoder" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files\cyberlink\power2go\p2gaud.ax"
+ "P2G Audio Encoder" "CyberLink Audio Encoder Filter" "Cyberlink Corp." "c:\program files\cyberlink\power2go\p2gaudenc.ax"
+ "P2G Video Decoder" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files\cyberlink\power2go\p2gvsd.ax"
+ "P2G Video Regulator" "CyberLink Video Regulator" "CyberLink" "c:\program files\cyberlink\power2go\p2gresample.ax"
+ "Proxy Sink" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Proxy Source" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "QuickPlay Audio Wizard (HP)" "CyberLink Audio Wizard Filter" "CyberLink Corp." "c:\program files\hp\quickplay\kernel\movie\claudwizard.ax"
+ "QuickPlay Demultiplexer" "MPEG-2 Dempltiplexer" "CyberLink Corp." "c:\program files\hp\quickplay\kernel\movie\cldemuxer.ax"
+ "Record Queue" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "ShotDetect" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Stetch" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WM VIH2 Fix" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Audio Analyzer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Black Frame Generator" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT DV Extract Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT FormatConversion" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Import Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Interlacer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Log Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT MuxDeMux Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Sample Info Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Switch Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Renderer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Source" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Volume" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "YC_EVRWindow" "CLEvr" "CyberLink Corp." "c:\program files\cyberlink\youcam\ycevr.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "igfxcui" "igfxdev Module" "Intel Corporation" "c:\windows\system32\igfxdev.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "CutePDF Writer Monitor" "" "" "c:\windows\system32\cpwmon2k.dll"
+ "EPSON WorkForce 845 Series 32MonitorBA" "EPSON Bi-directional Monitor x86" "SEIKO EPSON CORPORATION" "c:\windows\system32\e_tlbhsa.dll"
+ "EpsonNet Print Port" "EpsonNet Print Port Monitor DLL" "SEIKO EPSON CORPORATION" "c:\windows\system32\enppmon.dll"
+ "HP2030LM" "Rendering" "Marvell Semiconductor India Private Limited." "c:\windows\system32\hp2030lm.dll"
+ "LIDIL hpzlllhn" "LanguageMonitor" "Hewlett-Packard Company" "c:\windows\system32\hpzlllhn.dll"
+ "PCL hpz3l5mu" "LanguageMonitor" "Hewlett-Packard Company" "c:\windows\system32\hpz3l5mu.dll"
+ "PCL hpz3l5oe" "LanguageMonitor" "Hewlett-Packard Company" "c:\windows\system32\hpz3l5oe.dll"
+ "PCL hpz3llhn" "LanguageMonitor" "Hewlett-Packard Company" "c:\windows\system32\hpz3llhn.dll"
"C:\Users\Matthew\AppData\Local\Microsoft\Windows Sidebar\Settings.ini" "" "" ""
+ "Clock" "Watch the clock in your own time zone or any city in the world." "Microsoft Corporation" "C:\Program Files\windows sidebar\gadgets\Clock.gadget\en-US\Gadget.xml"
+ "Feed Headlines" "Track the latest news, sports, and entertainment headlines." "Microsoft Corporation" "C:\Program Files\windows sidebar\gadgets\RSSFeeds.Gadget\en-US\Gadget.xml"
+ "Slide Show" "Show a continuous slide show of your pictures." "Microsoft Corporation" "C:\Program Files\windows sidebar\gadgets\SlideShow.Gadget\en-US\Gadget.xml"

#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:11 PM

Posted 29 October 2012 - 09:24 PM

Current issues?

#10 irish94

irish94
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:05:11 PM

Posted 01 November 2012 - 07:03 AM

I thought I replied to this. The download issue still exists. PDF's will download, but EXE's (I tried a couple above) will immediately cancel in Firefox. If I click the arrow to retry the download, then it shows it downloads, but then does nothing when you double click on it. If you right click to "open the containing folder", that is grayed out. In IE, a message will pop up saying the security settings do not allow me to download these files. Thanks.

#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:11 PM

Posted 01 November 2012 - 08:18 AM

Try this

Export your bookmarks from firefox

http://support.mozilla.org/en-US/kb/export-firefox-bookmarks-to-backup-or-transfer

After exporting it

Uninstall firefox

Makesure to checkmark Remove my personal data option

Reinstall firefox and import your bookmarks

Try to download files now

#12 irish94

irish94
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:05:11 PM

Posted 01 November 2012 - 08:30 AM

I leave town later today but will try to get to this. If not, give me a few days. Note that the download problem exists in IE too. But I will start with Firefox. Thanks.

#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:11 PM

Posted 01 November 2012 - 08:44 AM

:thumbup2:

#14 irish94

irish94
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:05:11 PM

Posted 06 November 2012 - 08:32 PM

I'm back. I uninstalled firefox, restarted computer, and reinstalled. I tried downloading TDSSKiller from the link above. Again, Firefox cancels the download. IE still has a similar problem. When trying to download, a "Security Alert" box comes up saying "Your security settings do not allow this file to be downloaded." Thanks.

#15 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:11 PM

Posted 06 November 2012 - 11:15 PM

Create a new user account and see if you can download now




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users