Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

privitize vpn


  • Please log in to reply
15 replies to this topic

#1 rickp

rickp

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:09:10 PM

Posted 27 October 2012 - 01:42 PM

Hello,

About a month ago my daughter installed Privitize VPN (without my knowledge!). I thought I had successfully removed all traces of this annoying "bad"-ware. It's not in my registry, it doesn't show up under add/remove programs, and it dosn't show up under add-ons for Firefox, Chrome, or IE.

This morning, however, when I came out to the computer, there was a login box for Privitize vpn in the middle of a Firefox window -- with some unknown user's name in the user name box. I closed out Firefox, started it back up, and the same login appeared. This time I x-ed out the login window, and then tried to access google.com to search for more info on Privitize VPN. I was unable to access the internet. I fired up Chrome, and the same thing happened. I then rebooted my computer and was able to access google.com, etc.

I found one item mentioning looking at Network Connections under Control Panel, and, sure enough, there was an entry for Privitize VPN under VPN connections. It was disabled, but I deleted it anyway. I rebooted again. The entry in Network Connections in still gone, and things seem to be working normally again. However, I want to make darn sure this thing is gone.

FYI I use McAfee Security Center and run weekly scans. Nothing was reported for the last scan.

What I want to do is make sure Privitize VPN won't come back and that there's no "back door" in my computer due to Privitze VPN.

Thanks
Rick

Edited by hamluis, 27 October 2012 - 04:33 PM.
Moved from XP to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 cjohnson1110

cjohnson1110

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:11:10 PM

Posted 28 October 2012 - 07:21 PM

I have the same problem, and cannot find the silly thing to remove it. Privitize VPN still shows up.

#3 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:10 PM

Posted 28 October 2012 - 07:24 PM

cjohnson1110

Create a new topic.

@rickp

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#4 23172

23172

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:11:10 PM

Posted 06 December 2012 - 07:30 PM

narenxp - I'm not having any problems yet, but I'd also like to get rid of this program. Here is the log from step 1.

19:18:04.0647 4404 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
19:18:05.0099 4404 ============================================================
19:18:05.0099 4404 Current date / time: 2012/12/06 19:18:05.0099
19:18:05.0099 4404 SystemInfo:
19:18:05.0099 4404
19:18:05.0099 4404 OS Version: 6.1.7601 ServicePack: 1.0
19:18:05.0099 4404 Product type: Workstation
19:18:05.0099 4404 ComputerName: WINNING-HP
19:18:05.0115 4404 UserName: winning
19:18:05.0115 4404 Windows directory: C:\Windows
19:18:05.0115 4404 System windows directory: C:\Windows
19:18:05.0115 4404 Running under WOW64
19:18:05.0115 4404 Processor architecture: Intel x64
19:18:05.0115 4404 Number of processors: 2
19:18:05.0115 4404 Page size: 0x1000
19:18:05.0115 4404 Boot type: Normal boot
19:18:05.0115 4404 ============================================================
19:18:06.0004 4404 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:18:06.0035 4404 ============================================================
19:18:06.0035 4404 \Device\Harddisk0\DR0:
19:18:06.0035 4404 MBR partitions:
19:18:06.0035 4404 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
19:18:06.0035 4404 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x7305E000
19:18:06.0035 4404 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x73090800, BlocksNum 0x1675800
19:18:06.0035 4404 ============================================================
19:18:06.0067 4404 C: <-> \Device\Harddisk0\DR0\Partition2
19:18:06.0098 4404 D: <-> \Device\Harddisk0\DR0\Partition3
19:18:06.0098 4404 ============================================================
19:18:06.0098 4404 Initialize success
19:18:06.0098 4404 ============================================================
19:18:21.0947 21848 ============================================================
19:18:21.0947 21848 Scan started
19:18:21.0947 21848 Mode: Manual; TDLFS;
19:18:21.0947 21848 ============================================================
19:18:22.0852 21848 ================ Scan system memory ========================
19:18:22.0852 21848 System memory - ok
19:18:22.0852 21848 ================ Scan services =============================
19:18:22.0993 21848 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
19:18:22.0993 21848 1394ohci - ok
19:18:23.0024 21848 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
19:18:23.0039 21848 ACPI - ok
19:18:23.0055 21848 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
19:18:23.0055 21848 AcpiPmi - ok
19:18:23.0180 21848 [ 0CB0AA071C7B86A64F361DCFDF357329 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:18:23.0180 21848 AdobeFlashPlayerUpdateSvc - ok
19:18:23.0211 21848 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
19:18:23.0227 21848 adp94xx - ok
19:18:23.0242 21848 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
19:18:23.0242 21848 adpahci - ok
19:18:23.0258 21848 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
19:18:23.0258 21848 adpu320 - ok
19:18:23.0289 21848 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:18:23.0289 21848 AeLookupSvc - ok
19:18:23.0336 21848 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
19:18:23.0336 21848 AFD - ok
19:18:23.0367 21848 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
19:18:23.0367 21848 agp440 - ok
19:18:23.0383 21848 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
19:18:23.0383 21848 ALG - ok
19:18:23.0398 21848 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
19:18:23.0398 21848 aliide - ok
19:18:23.0429 21848 [ CA0D6C1390F4B3BAF2A0A69D1A7F8332 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
19:18:23.0429 21848 AMD External Events Utility - ok
19:18:23.0445 21848 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
19:18:23.0445 21848 amdide - ok
19:18:23.0461 21848 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
19:18:23.0461 21848 AmdK8 - ok
19:18:23.0570 21848 [ 75E4BACA583AE02C11E9AC8747E2ABE0 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
19:18:23.0601 21848 amdkmdag - ok
19:18:23.0632 21848 [ B765CF4B32F347BE747B21AE22641025 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
19:18:23.0632 21848 amdkmdap - ok
19:18:23.0648 21848 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
19:18:23.0648 21848 AmdPPM - ok
19:18:23.0679 21848 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
19:18:23.0679 21848 amdsata - ok
19:18:23.0710 21848 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
19:18:23.0710 21848 amdsbs - ok
19:18:23.0726 21848 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
19:18:23.0726 21848 amdxata - ok
19:18:23.0741 21848 [ CAEE7C1AFC9F1C9EE8DD11ACD18D22E7 ] amd_sata C:\Windows\system32\drivers\amd_sata.sys
19:18:23.0741 21848 amd_sata - ok
19:18:23.0741 21848 [ 23726116B4FBCC84FC45B95157C08F5F ] amd_xata C:\Windows\system32\drivers\amd_xata.sys
19:18:23.0757 21848 amd_xata - ok
19:18:23.0773 21848 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
19:18:23.0773 21848 AppID - ok
19:18:23.0788 21848 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
19:18:23.0788 21848 AppIDSvc - ok
19:18:23.0788 21848 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
19:18:23.0788 21848 Appinfo - ok
19:18:23.0882 21848 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:18:23.0882 21848 Apple Mobile Device - ok
19:18:23.0913 21848 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
19:18:23.0913 21848 arc - ok
19:18:23.0929 21848 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
19:18:23.0929 21848 arcsas - ok
19:18:24.0022 21848 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
19:18:24.0022 21848 aspnet_state - ok
19:18:24.0038 21848 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:18:24.0038 21848 AsyncMac - ok
19:18:24.0053 21848 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
19:18:24.0053 21848 atapi - ok
19:18:24.0100 21848 [ E82E61F46D1336447F4DEFF8C074F13E ] AtiPcie C:\Windows\system32\drivers\AtiPcie64.sys
19:18:24.0100 21848 AtiPcie - ok
19:18:24.0116 21848 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:18:24.0116 21848 AudioEndpointBuilder - ok
19:18:24.0131 21848 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
19:18:24.0147 21848 AudioSrv - ok
19:18:24.0194 21848 [ B2B3FCBA37671C853879DF7DDE8A839A ] AVP C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe
19:18:24.0194 21848 AVP - ok
19:18:24.0225 21848 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
19:18:24.0225 21848 AxInstSV - ok
19:18:24.0256 21848 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
19:18:24.0256 21848 b06bdrv - ok
19:18:24.0272 21848 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
19:18:24.0272 21848 b57nd60a - ok
19:18:24.0287 21848 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
19:18:24.0287 21848 BDESVC - ok
19:18:24.0303 21848 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
19:18:24.0303 21848 Beep - ok
19:18:24.0350 21848 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
19:18:24.0350 21848 BFE - ok
19:18:24.0397 21848 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
19:18:24.0397 21848 BITS - ok
19:18:24.0412 21848 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
19:18:24.0412 21848 blbdrive - ok
19:18:24.0475 21848 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:18:24.0475 21848 Bonjour Service - ok
19:18:24.0521 21848 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:18:24.0521 21848 bowser - ok
19:18:24.0537 21848 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
19:18:24.0537 21848 BrFiltLo - ok
19:18:24.0553 21848 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
19:18:24.0553 21848 BrFiltUp - ok
19:18:24.0584 21848 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
19:18:24.0584 21848 Browser - ok
19:18:24.0599 21848 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
19:18:24.0599 21848 Brserid - ok
19:18:24.0615 21848 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
19:18:24.0615 21848 BrSerWdm - ok
19:18:24.0631 21848 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
19:18:24.0631 21848 BrUsbMdm - ok
19:18:24.0646 21848 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
19:18:24.0646 21848 BrUsbSer - ok
19:18:24.0693 21848 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
19:18:24.0693 21848 BTHMODEM - ok
19:18:24.0709 21848 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
19:18:24.0709 21848 bthserv - ok
19:18:24.0755 21848 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:18:24.0755 21848 cdfs - ok
19:18:24.0787 21848 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
19:18:24.0787 21848 cdrom - ok
19:18:24.0802 21848 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
19:18:24.0802 21848 CertPropSvc - ok
19:18:24.0849 21848 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
19:18:24.0849 21848 circlass - ok
19:18:24.0865 21848 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
19:18:24.0880 21848 CLFS - ok
19:18:24.0927 21848 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:18:24.0927 21848 clr_optimization_v2.0.50727_32 - ok
19:18:24.0958 21848 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:18:24.0958 21848 clr_optimization_v2.0.50727_64 - ok
19:18:25.0021 21848 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:18:25.0021 21848 clr_optimization_v4.0.30319_32 - ok
19:18:25.0036 21848 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:18:25.0036 21848 clr_optimization_v4.0.30319_64 - ok
19:18:25.0052 21848 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
19:18:25.0052 21848 CmBatt - ok
19:18:25.0067 21848 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
19:18:25.0067 21848 cmdide - ok
19:18:25.0114 21848 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
19:18:25.0114 21848 CNG - ok
19:18:25.0145 21848 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
19:18:25.0145 21848 Compbatt - ok
19:18:25.0177 21848 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
19:18:25.0177 21848 CompositeBus - ok
19:18:25.0177 21848 COMSysApp - ok
19:18:25.0208 21848 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
19:18:25.0208 21848 crcdisk - ok
19:18:25.0255 21848 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:18:25.0255 21848 CryptSvc - ok
19:18:25.0348 21848 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
19:18:25.0348 21848 cvhsvc - ok
19:18:25.0395 21848 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
19:18:25.0395 21848 DcomLaunch - ok
19:18:25.0426 21848 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
19:18:25.0426 21848 defragsvc - ok
19:18:25.0457 21848 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:18:25.0457 21848 DfsC - ok
19:18:25.0473 21848 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
19:18:25.0473 21848 Dhcp - ok
19:18:25.0473 21848 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
19:18:25.0473 21848 discache - ok
19:18:25.0489 21848 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
19:18:25.0489 21848 Disk - ok
19:18:25.0520 21848 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:18:25.0520 21848 Dnscache - ok
19:18:25.0535 21848 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
19:18:25.0535 21848 dot3svc - ok
19:18:25.0551 21848 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
19:18:25.0551 21848 DPS - ok
19:18:25.0567 21848 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:18:25.0567 21848 drmkaud - ok
19:18:25.0582 21848 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:18:25.0598 21848 DXGKrnl - ok
19:18:25.0613 21848 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
19:18:25.0613 21848 EapHost - ok
19:18:25.0660 21848 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
19:18:25.0691 21848 ebdrv - ok
19:18:25.0723 21848 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
19:18:25.0723 21848 EFS - ok
19:18:25.0785 21848 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
19:18:25.0785 21848 ehRecvr - ok
19:18:25.0801 21848 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
19:18:25.0801 21848 ehSched - ok
19:18:25.0816 21848 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
19:18:25.0832 21848 elxstor - ok
19:18:25.0863 21848 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
19:18:25.0863 21848 ErrDev - ok
19:18:25.0894 21848 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
19:18:25.0910 21848 EventSystem - ok
19:18:25.0910 21848 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
19:18:25.0925 21848 exfat - ok
19:18:25.0925 21848 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:18:25.0925 21848 fastfat - ok
19:18:25.0941 21848 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
19:18:25.0957 21848 Fax - ok
19:18:25.0957 21848 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
19:18:25.0957 21848 fdc - ok
19:18:26.0003 21848 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
19:18:26.0003 21848 fdPHost - ok
19:18:26.0003 21848 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
19:18:26.0003 21848 FDResPub - ok
19:18:26.0019 21848 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:18:26.0019 21848 FileInfo - ok
19:18:26.0019 21848 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:18:26.0019 21848 Filetrace - ok
19:18:26.0035 21848 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
19:18:26.0050 21848 flpydisk - ok
19:18:26.0050 21848 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:18:26.0050 21848 FltMgr - ok
19:18:26.0081 21848 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
19:18:26.0097 21848 FontCache - ok
19:18:26.0159 21848 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:18:26.0159 21848 FontCache3.0.0.0 - ok
19:18:26.0159 21848 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
19:18:26.0175 21848 FsDepends - ok
19:18:26.0191 21848 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:18:26.0191 21848 Fs_Rec - ok
19:18:26.0191 21848 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
19:18:26.0191 21848 fvevol - ok
19:18:26.0206 21848 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
19:18:26.0206 21848 gagp30kx - ok
19:18:26.0269 21848 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
19:18:26.0269 21848 GamesAppService - ok
19:18:26.0300 21848 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:18:26.0300 21848 GEARAspiWDM - ok
19:18:26.0347 21848 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
19:18:26.0347 21848 gpsvc - ok
19:18:26.0425 21848 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:18:26.0425 21848 gupdate - ok
19:18:26.0440 21848 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:18:26.0440 21848 gupdatem - ok
19:18:26.0503 21848 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
19:18:26.0503 21848 gusvc - ok
19:18:26.0518 21848 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
19:18:26.0518 21848 hcw85cir - ok
19:18:26.0534 21848 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:18:26.0534 21848 HdAudAddService - ok
19:18:26.0549 21848 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
19:18:26.0549 21848 HDAudBus - ok
19:18:26.0565 21848 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
19:18:26.0565 21848 HidBatt - ok
19:18:26.0581 21848 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
19:18:26.0581 21848 HidBth - ok
19:18:26.0596 21848 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
19:18:26.0596 21848 HidIr - ok
19:18:26.0612 21848 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
19:18:26.0612 21848 hidserv - ok
19:18:26.0659 21848 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
19:18:26.0659 21848 HidUsb - ok
19:18:26.0674 21848 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
19:18:26.0674 21848 hkmsvc - ok
19:18:26.0690 21848 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:18:26.0690 21848 HomeGroupListener - ok
19:18:26.0721 21848 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:18:26.0721 21848 HomeGroupProvider - ok
19:18:26.0783 21848 [ BB1FC298BE53AAB1E110F6E786BD8AC5 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
19:18:26.0783 21848 HP Support Assistant Service - ok
19:18:26.0830 21848 [ 7B8C1B09C11E8DB7C4480ABD7D17E821 ] HPAuto C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe
19:18:26.0830 21848 HPAuto - ok
19:18:26.0861 21848 [ 6A181452D4E240B8ECC7614B9A19BDE9 ] HPClientSvc C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
19:18:26.0861 21848 HPClientSvc - ok
19:18:26.0908 21848 [ 9B7EDD3FE7C211C36E921D34D18A3A0A ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
19:18:26.0908 21848 hpqwmiex - ok
19:18:26.0939 21848 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
19:18:26.0939 21848 HpSAMD - ok
19:18:26.0971 21848 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:18:26.0986 21848 HTTP - ok
19:18:26.0986 21848 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
19:18:26.0986 21848 hwpolicy - ok
19:18:27.0017 21848 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
19:18:27.0017 21848 i8042prt - ok
19:18:27.0049 21848 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
19:18:27.0049 21848 iaStorV - ok
19:18:27.0095 21848 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:18:27.0095 21848 idsvc - ok
19:18:27.0189 21848 [ A87261EF1546325B559374F5689CF5BC ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
19:18:27.0220 21848 igfx - ok
19:18:27.0236 21848 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
19:18:27.0236 21848 iirsp - ok
19:18:27.0267 21848 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
19:18:27.0267 21848 IKEEXT - ok
19:18:27.0329 21848 [ 589B94A9B73A0E819FF873743A480834 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
19:18:27.0345 21848 IntcAzAudAddService - ok
19:18:27.0361 21848 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
19:18:27.0361 21848 intelide - ok
19:18:27.0376 21848 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\drivers\intelppm.sys
19:18:27.0376 21848 intelppm - ok
19:18:27.0392 21848 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:18:27.0407 21848 IPBusEnum - ok
19:18:27.0407 21848 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:18:27.0407 21848 IpFilterDriver - ok
19:18:27.0454 21848 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
19:18:27.0454 21848 iphlpsvc - ok
19:18:27.0485 21848 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
19:18:27.0485 21848 IPMIDRV - ok
19:18:27.0501 21848 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
19:18:27.0501 21848 IPNAT - ok
19:18:27.0548 21848 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
19:18:27.0563 21848 iPod Service - ok
19:18:27.0579 21848 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:18:27.0579 21848 IRENUM - ok
19:18:27.0595 21848 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:18:27.0595 21848 isapnp - ok
19:18:27.0610 21848 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
19:18:27.0610 21848 iScsiPrt - ok
19:18:27.0641 21848 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
19:18:27.0641 21848 kbdclass - ok
19:18:27.0657 21848 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
19:18:27.0657 21848 kbdhid - ok
19:18:27.0673 21848 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
19:18:27.0673 21848 KeyIso - ok
19:18:27.0735 21848 [ 8D7120743A0973CEAB548B475C9D4289 ] KL1 C:\Windows\system32\DRIVERS\kl1.sys
19:18:27.0735 21848 KL1 - ok
19:18:27.0766 21848 [ CD146D8E525D6EEBDCAF24120A8AB9CE ] kl2 C:\Windows\system32\DRIVERS\kl2.sys
19:18:27.0766 21848 kl2 - ok
19:18:27.0829 21848 [ C1786C2F8DE0F62E076F7EF8DEA4E87A ] KLIF C:\Windows\system32\DRIVERS\klif.sys
19:18:27.0844 21848 KLIF - ok
19:18:27.0860 21848 [ 2A64B3A9EED93A2E96537B67C079FC96 ] KLIM6 C:\Windows\system32\DRIVERS\klim6.sys
19:18:27.0860 21848 KLIM6 - ok
19:18:27.0891 21848 [ 9468D07E91BA136D82415F5DFC1FE168 ] klmouflt C:\Windows\system32\DRIVERS\klmouflt.sys
19:18:27.0891 21848 klmouflt - ok
19:18:27.0907 21848 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:18:27.0907 21848 KSecDD - ok
19:18:27.0953 21848 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
19:18:27.0953 21848 KSecPkg - ok
19:18:27.0969 21848 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
19:18:27.0969 21848 ksthunk - ok
19:18:28.0000 21848 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
19:18:28.0016 21848 KtmRm - ok
19:18:28.0047 21848 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
19:18:28.0047 21848 LanmanServer - ok
19:18:28.0078 21848 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:18:28.0078 21848 LanmanWorkstation - ok
19:18:28.0109 21848 [ FA4A45C179AB0E0F1A31B9751D4B18D7 ] LightScribeService c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
19:18:28.0109 21848 LightScribeService - ok
19:18:28.0125 21848 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:18:28.0125 21848 lltdio - ok
19:18:28.0141 21848 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:18:28.0141 21848 lltdsvc - ok
19:18:28.0156 21848 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
19:18:28.0156 21848 lmhosts - ok
19:18:28.0172 21848 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
19:18:28.0172 21848 LSI_FC - ok
19:18:28.0187 21848 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
19:18:28.0187 21848 LSI_SAS - ok
19:18:28.0203 21848 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
19:18:28.0203 21848 LSI_SAS2 - ok
19:18:28.0234 21848 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
19:18:28.0234 21848 LSI_SCSI - ok
19:18:28.0265 21848 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
19:18:28.0265 21848 luafv - ok
19:18:28.0343 21848 [ F453D1E6D881E8F8717E20CCD4199E85 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe
19:18:28.0343 21848 McComponentHostService - ok
19:18:28.0359 21848 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
19:18:28.0359 21848 Mcx2Svc - ok
19:18:28.0390 21848 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
19:18:28.0390 21848 megasas - ok
19:18:28.0406 21848 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
19:18:28.0406 21848 MegaSR - ok
19:18:28.0421 21848 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
19:18:28.0421 21848 MMCSS - ok
19:18:28.0453 21848 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
19:18:28.0453 21848 Modem - ok
19:18:28.0468 21848 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:18:28.0468 21848 monitor - ok
19:18:28.0499 21848 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
19:18:28.0499 21848 mouclass - ok
19:18:28.0531 21848 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:18:28.0531 21848 mouhid - ok
19:18:28.0531 21848 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
19:18:28.0531 21848 mountmgr - ok
19:18:28.0609 21848 [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:18:28.0609 21848 MozillaMaintenance - ok
19:18:28.0640 21848 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
19:18:28.0640 21848 mpio - ok
19:18:28.0640 21848 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:18:28.0640 21848 mpsdrv - ok
19:18:28.0655 21848 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
19:18:28.0671 21848 MpsSvc - ok
19:18:28.0671 21848 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:18:28.0671 21848 MRxDAV - ok
19:18:28.0702 21848 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:18:28.0702 21848 mrxsmb - ok
19:18:28.0733 21848 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:18:28.0733 21848 mrxsmb10 - ok
19:18:28.0749 21848 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:18:28.0749 21848 mrxsmb20 - ok
19:18:28.0765 21848 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
19:18:28.0765 21848 msahci - ok
19:18:28.0780 21848 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
19:18:28.0780 21848 msdsm - ok
19:18:28.0796 21848 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
19:18:28.0811 21848 MSDTC - ok
19:18:28.0827 21848 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:18:28.0827 21848 Msfs - ok
19:18:28.0843 21848 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
19:18:28.0843 21848 mshidkmdf - ok
19:18:28.0843 21848 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:18:28.0858 21848 msisadrv - ok
19:18:28.0874 21848 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:18:28.0874 21848 MSiSCSI - ok
19:18:28.0889 21848 msiserver - ok
19:18:28.0905 21848 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:18:28.0905 21848 MSKSSRV - ok
19:18:28.0921 21848 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:18:28.0921 21848 MSPCLOCK - ok
19:18:28.0936 21848 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:18:28.0936 21848 MSPQM - ok
19:18:28.0952 21848 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:18:28.0952 21848 MsRPC - ok
19:18:28.0983 21848 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
19:18:28.0983 21848 mssmbios - ok
19:18:28.0999 21848 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:18:28.0999 21848 MSTEE - ok
19:18:28.0999 21848 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
19:18:28.0999 21848 MTConfig - ok
19:18:29.0014 21848 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
19:18:29.0014 21848 Mup - ok
19:18:29.0045 21848 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
19:18:29.0045 21848 napagent - ok
19:18:29.0077 21848 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:18:29.0077 21848 NativeWifiP - ok
19:18:29.0123 21848 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
19:18:29.0123 21848 NDIS - ok
19:18:29.0139 21848 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
19:18:29.0139 21848 NdisCap - ok
19:18:29.0170 21848 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:18:29.0170 21848 NdisTapi - ok
19:18:29.0170 21848 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:18:29.0170 21848 Ndisuio - ok
19:18:29.0186 21848 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:18:29.0186 21848 NdisWan - ok
19:18:29.0201 21848 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:18:29.0201 21848 NDProxy - ok
19:18:29.0217 21848 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:18:29.0217 21848 NetBIOS - ok
19:18:29.0217 21848 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
19:18:29.0217 21848 NetBT - ok
19:18:29.0248 21848 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
19:18:29.0248 21848 Netlogon - ok
19:18:29.0279 21848 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
19:18:29.0279 21848 Netman - ok
19:18:29.0311 21848 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:18:29.0311 21848 NetMsmqActivator - ok
19:18:29.0311 21848 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:18:29.0311 21848 NetPipeActivator - ok
19:18:29.0342 21848 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
19:18:29.0342 21848 netprofm - ok
19:18:29.0342 21848 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:18:29.0342 21848 NetTcpActivator - ok
19:18:29.0357 21848 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:18:29.0357 21848 NetTcpPortSharing - ok
19:18:29.0373 21848 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
19:18:29.0373 21848 nfrd960 - ok
19:18:29.0389 21848 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
19:18:29.0404 21848 NlaSvc - ok
19:18:29.0404 21848 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:18:29.0404 21848 Npfs - ok
19:18:29.0420 21848 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
19:18:29.0435 21848 nsi - ok
19:18:29.0435 21848 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:18:29.0435 21848 nsiproxy - ok
19:18:29.0498 21848 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:18:29.0513 21848 Ntfs - ok
19:18:29.0545 21848 [ 77EB11DA191D12D12E28D7BD8905C42C ] NuidFltr C:\Windows\system32\DRIVERS\NuidFltr.sys
19:18:29.0545 21848 NuidFltr - ok
19:18:29.0560 21848 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
19:18:29.0560 21848 Null - ok
19:18:29.0591 21848 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:18:29.0591 21848 nvraid - ok
19:18:29.0623 21848 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:18:29.0623 21848 nvstor - ok
19:18:29.0638 21848 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:18:29.0638 21848 nv_agp - ok
19:18:29.0654 21848 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
19:18:29.0654 21848 ohci1394 - ok
19:18:29.0701 21848 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:18:29.0701 21848 ose - ok
19:18:29.0841 21848 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:18:29.0857 21848 osppsvc - ok
19:18:29.0888 21848 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
19:18:29.0888 21848 p2pimsvc - ok
19:18:29.0903 21848 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
19:18:29.0903 21848 p2psvc - ok
19:18:29.0950 21848 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
19:18:29.0950 21848 Parport - ok
19:18:29.0981 21848 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:18:29.0981 21848 partmgr - ok
19:18:29.0981 21848 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
19:18:29.0981 21848 PcaSvc - ok
19:18:29.0997 21848 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
19:18:29.0997 21848 pci - ok
19:18:30.0028 21848 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
19:18:30.0028 21848 pciide - ok
19:18:30.0044 21848 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
19:18:30.0044 21848 pcmcia - ok
19:18:30.0059 21848 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
19:18:30.0059 21848 pcw - ok
19:18:30.0091 21848 pdfcDispatcher - ok
19:18:30.0106 21848 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:18:30.0106 21848 PEAUTH - ok
19:18:30.0169 21848 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
19:18:30.0169 21848 PerfHost - ok
19:18:30.0215 21848 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
19:18:30.0231 21848 pla - ok
19:18:30.0262 21848 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:18:30.0262 21848 PlugPlay - ok
19:18:30.0278 21848 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
19:18:30.0278 21848 PNRPAutoReg - ok
19:18:30.0293 21848 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
19:18:30.0293 21848 PNRPsvc - ok
19:18:30.0325 21848 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:18:30.0325 21848 PolicyAgent - ok
19:18:30.0340 21848 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
19:18:30.0340 21848 Power - ok
19:18:30.0356 21848 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:18:30.0356 21848 PptpMiniport - ok
19:18:30.0371 21848 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
19:18:30.0371 21848 Processor - ok
19:18:30.0403 21848 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
19:18:30.0418 21848 ProfSvc - ok
19:18:30.0434 21848 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:18:30.0434 21848 ProtectedStorage - ok
19:18:30.0449 21848 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
19:18:30.0449 21848 Psched - ok
19:18:30.0481 21848 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
19:18:30.0496 21848 ql2300 - ok
19:18:30.0527 21848 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
19:18:30.0527 21848 ql40xx - ok
19:18:30.0543 21848 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
19:18:30.0543 21848 QWAVE - ok
19:18:30.0559 21848 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:18:30.0559 21848 QWAVEdrv - ok
19:18:30.0574 21848 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:18:30.0574 21848 RasAcd - ok
19:18:30.0637 21848 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
19:18:30.0637 21848 RasAgileVpn - ok
19:18:30.0637 21848 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
19:18:30.0637 21848 RasAuto - ok
19:18:30.0652 21848 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:18:30.0652 21848 Rasl2tp - ok
19:18:30.0668 21848 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
19:18:30.0668 21848 RasMan - ok
19:18:30.0683 21848 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:18:30.0699 21848 RasPppoe - ok
19:18:30.0699 21848 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:18:30.0699 21848 RasSstp - ok
19:18:30.0730 21848 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:18:30.0730 21848 rdbss - ok
19:18:30.0730 21848 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
19:18:30.0730 21848 rdpbus - ok
19:18:30.0746 21848 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:18:30.0746 21848 RDPCDD - ok
19:18:30.0746 21848 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:18:30.0746 21848 RDPENCDD - ok
19:18:30.0761 21848 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
19:18:30.0761 21848 RDPREFMP - ok
19:18:30.0824 21848 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:18:30.0824 21848 RDPWD - ok
19:18:30.0824 21848 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
19:18:30.0824 21848 rdyboost - ok
19:18:30.0871 21848 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
19:18:30.0871 21848 RemoteAccess - ok
19:18:30.0871 21848 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:18:30.0886 21848 RemoteRegistry - ok
19:18:30.0917 21848 [ 085D18C71AB2611A3D61528132B6501E ] RoxioNow Service C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
19:18:30.0917 21848 RoxioNow Service - ok
19:18:30.0933 21848 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
19:18:30.0933 21848 RpcEptMapper - ok
19:18:30.0949 21848 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
19:18:30.0949 21848 RpcLocator - ok
19:18:30.0980 21848 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
19:18:30.0980 21848 RpcSs - ok
19:18:30.0980 21848 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:18:30.0980 21848 rspndr - ok
19:18:31.0011 21848 [ AFC12DFA4C7B089673AD67402CA19EDB ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
19:18:31.0011 21848 RTL8167 - ok
19:18:31.0027 21848 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
19:18:31.0027 21848 SamSs - ok
19:18:31.0058 21848 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
19:18:31.0058 21848 sbp2port - ok
19:18:31.0073 21848 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:18:31.0073 21848 SCardSvr - ok
19:18:31.0073 21848 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
19:18:31.0073 21848 scfilter - ok
19:18:31.0089 21848 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
19:18:31.0105 21848 Schedule - ok
19:18:31.0120 21848 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
19:18:31.0120 21848 SCPolicySvc - ok
19:18:31.0136 21848 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:18:31.0136 21848 SDRSVC - ok
19:18:31.0167 21848 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:18:31.0167 21848 secdrv - ok
19:18:31.0167 21848 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
19:18:31.0167 21848 seclogon - ok
19:18:31.0183 21848 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
19:18:31.0183 21848 SENS - ok
19:18:31.0198 21848 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
19:18:31.0198 21848 SensrSvc - ok
19:18:31.0198 21848 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
19:18:31.0198 21848 Serenum - ok
19:18:31.0229 21848 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
19:18:31.0229 21848 Serial - ok
19:18:31.0245 21848 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
19:18:31.0245 21848 sermouse - ok
19:18:31.0276 21848 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
19:18:31.0276 21848 SessionEnv - ok
19:18:31.0276 21848 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
19:18:31.0276 21848 sffdisk - ok
19:18:31.0307 21848 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
19:18:31.0307 21848 sffp_mmc - ok
19:18:31.0307 21848 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
19:18:31.0307 21848 sffp_sd - ok
19:18:31.0323 21848 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
19:18:31.0323 21848 sfloppy - ok
19:18:31.0370 21848 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
19:18:31.0370 21848 Sftfs - ok
19:18:31.0432 21848 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
19:18:31.0432 21848 sftlist - ok
19:18:31.0448 21848 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
19:18:31.0448 21848 Sftplay - ok
19:18:31.0463 21848 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
19:18:31.0463 21848 Sftredir - ok
19:18:31.0479 21848 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
19:18:31.0479 21848 Sftvol - ok
19:18:31.0495 21848 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
19:18:31.0495 21848 sftvsa - ok
19:18:31.0526 21848 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:18:31.0526 21848 SharedAccess - ok
19:18:31.0541 21848 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:18:31.0557 21848 ShellHWDetection - ok
19:18:31.0573 21848 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
19:18:31.0573 21848 SiSRaid2 - ok
19:18:31.0588 21848 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
19:18:31.0604 21848 SiSRaid4 - ok
19:18:31.0619 21848 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:18:31.0635 21848 Smb - ok
19:18:31.0651 21848 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:18:31.0666 21848 SNMPTRAP - ok
19:18:31.0666 21848 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
19:18:31.0666 21848 spldr - ok
19:18:31.0697 21848 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
19:18:31.0697 21848 Spooler - ok
19:18:31.0775 21848 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
19:18:31.0791 21848 sppsvc - ok
19:18:31.0807 21848 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
19:18:31.0807 21848 sppuinotify - ok
19:18:31.0838 21848 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
19:18:31.0838 21848 srv - ok
19:18:31.0853 21848 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:18:31.0853 21848 srv2 - ok
19:18:31.0869 21848 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:18:31.0869 21848 srvnet - ok
19:18:31.0885 21848 [ ED161B91FDF7EAA39469D72D463D5F4E ] sscdbus C:\Windows\system32\DRIVERS\sscdbus.sys
19:18:31.0900 21848 sscdbus - ok
19:18:31.0916 21848 [ 4CB09E77593DBD8D7AF33B37375CA715 ] sscdmdfl C:\Windows\system32\DRIVERS\sscdmdfl.sys
19:18:31.0916 21848 sscdmdfl - ok
19:18:31.0931 21848 [ C7B4CF53497A6E5363F3439427663882 ] sscdmdm C:\Windows\system32\DRIVERS\sscdmdm.sys
19:18:31.0931 21848 sscdmdm - ok
19:18:31.0963 21848 [ 05FFA552F578E27AB2D41B6828DB477F ] sscdserd C:\Windows\system32\DRIVERS\sscdserd.sys
19:18:31.0963 21848 sscdserd - ok
19:18:31.0978 21848 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:18:31.0994 21848 SSDPSRV - ok
19:18:32.0009 21848 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:18:32.0009 21848 SstpSvc - ok
19:18:32.0041 21848 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
19:18:32.0041 21848 stexstor - ok
19:18:32.0056 21848 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
19:18:32.0056 21848 stisvc - ok
19:18:32.0072 21848 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
19:18:32.0072 21848 swenum - ok
19:18:32.0119 21848 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
19:18:32.0119 21848 swprv - ok
19:18:32.0150 21848 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
19:18:32.0165 21848 SysMain - ok
19:18:32.0197 21848 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:18:32.0197 21848 TabletInputService - ok
19:18:32.0212 21848 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
19:18:32.0212 21848 TapiSrv - ok
19:18:32.0212 21848 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
19:18:32.0212 21848 TBS - ok
19:18:32.0290 21848 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:18:32.0306 21848 Tcpip - ok
19:18:32.0368 21848 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
19:18:32.0384 21848 TCPIP6 - ok
19:18:32.0431 21848 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:18:32.0431 21848 tcpipreg - ok
19:18:32.0446 21848 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:18:32.0446 21848 TDPIPE - ok
19:18:32.0477 21848 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:18:32.0477 21848 TDTCP - ok
19:18:32.0493 21848 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:18:32.0493 21848 tdx - ok
19:18:32.0509 21848 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
19:18:32.0509 21848 TermDD - ok
19:18:32.0540 21848 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
19:18:32.0540 21848 TermService - ok
19:18:32.0555 21848 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
19:18:32.0555 21848 Themes - ok
19:18:32.0571 21848 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
19:18:32.0571 21848 THREADORDER - ok
19:18:32.0587 21848 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
19:18:32.0587 21848 TrkWks - ok
19:18:32.0633 21848 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:18:32.0633 21848 TrustedInstaller - ok
19:18:32.0649 21848 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:18:32.0649 21848 tssecsrv - ok
19:18:32.0649 21848 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
19:18:32.0649 21848 TsUsbFlt - ok
19:18:32.0665 21848 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
19:18:32.0665 21848 TsUsbGD - ok
19:18:32.0711 21848 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:18:32.0711 21848 tunnel - ok
19:18:32.0743 21848 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
19:18:32.0743 21848 uagp35 - ok
19:18:32.0743 21848 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:18:32.0743 21848 udfs - ok
19:18:32.0774 21848 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:18:32.0774 21848 UI0Detect - ok
19:18:32.0789 21848 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:18:32.0789 21848 uliagpkx - ok
19:18:32.0836 21848 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
19:18:32.0836 21848 umbus - ok
19:18:32.0867 21848 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
19:18:32.0867 21848 UmPass - ok
19:18:32.0930 21848 [ 7CCF424450AF71461CA5ACA14FB45B72 ] Updater Service for StartNow Toolbar C:\Program Files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe
19:18:32.0930 21848 Updater Service for StartNow Toolbar - ok
19:18:32.0961 21848 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
19:18:32.0961 21848 upnphost - ok
19:18:32.0992 21848 [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
19:18:32.0992 21848 USBAAPL64 - ok
19:18:33.0023 21848 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
19:18:33.0023 21848 usbccgp - ok
19:18:33.0039 21848 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
19:18:33.0039 21848 usbcir - ok
19:18:33.0070 21848 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
19:18:33.0070 21848 usbehci - ok
19:18:33.0086 21848 [ 2C780746DC44A28FE67004DC58173F05 ] usbfilter C:\Windows\system32\drivers\usbfilter.sys
19:18:33.0086 21848 usbfilter - ok
19:18:33.0101 21848 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
19:18:33.0101 21848 usbhub - ok
19:18:33.0117 21848 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
19:18:33.0117 21848 usbohci - ok
19:18:33.0133 21848 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
19:18:33.0133 21848 usbprint - ok
19:18:33.0148 21848 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:18:33.0164 21848 USBSTOR - ok
19:18:33.0179 21848 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
19:18:33.0179 21848 usbuhci - ok
19:18:33.0195 21848 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
19:18:33.0195 21848 UxSms - ok
19:18:33.0211 21848 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
19:18:33.0211 21848 VaultSvc - ok
19:18:33.0226 21848 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
19:18:33.0226 21848 vdrvroot - ok
19:18:33.0257 21848 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
19:18:33.0257 21848 vds - ok
19:18:33.0273 21848 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:18:33.0273 21848 vga - ok
19:18:33.0289 21848 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
19:18:33.0289 21848 VgaSave - ok
19:18:33.0320 21848 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
19:18:33.0320 21848 vhdmp - ok
19:18:33.0335 21848 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
19:18:33.0335 21848 viaide - ok
19:18:33.0351 21848 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:18:33.0351 21848 volmgr - ok
19:18:33.0382 21848 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:18:33.0382 21848 volmgrx - ok
19:18:33.0413 21848 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:18:33.0413 21848 volsnap - ok
19:18:33.0429 21848 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
19:18:33.0429 21848 vsmraid - ok
19:18:33.0460 21848 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
19:18:33.0476 21848 VSS - ok
19:18:33.0491 21848 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
19:18:33.0491 21848 vwifibus - ok
19:18:33.0507 21848 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
19:18:33.0507 21848 W32Time - ok
19:18:33.0523 21848 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
19:18:33.0523 21848 WacomPen - ok
19:18:33.0554 21848 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
19:18:33.0554 21848 WANARP - ok
19:18:33.0569 21848 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:18:33.0569 21848 Wanarpv6 - ok
19:18:33.0616 21848 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
19:18:33.0632 21848 WatAdminSvc - ok
19:18:33.0663 21848 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
19:18:33.0663 21848 wbengine - ok
19:18:33.0679 21848 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
19:18:33.0679 21848 WbioSrvc - ok
19:18:33.0694 21848 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:18:33.0694 21848 wcncsvc - ok
19:18:33.0710 21848 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:18:33.0710 21848 WcsPlugInService - ok
19:18:33.0741 21848 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
19:18:33.0741 21848 Wd - ok
19:18:33.0788 21848 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:18:33.0788 21848 Wdf01000 - ok
19:18:33.0803 21848 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:18:33.0803 21848 WdiServiceHost - ok
19:18:33.0819 21848 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:18:33.0819 21848 WdiSystemHost - ok
19:18:33.0819 21848 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
19:18:33.0835 21848 WebClient - ok
19:18:33.0850 21848 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:18:33.0850 21848 Wecsvc - ok
19:18:33.0866 21848 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:18:33.0866 21848 wercplsupport - ok
19:18:33.0897 21848 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
19:18:33.0897 21848 WerSvc - ok
19:18:33.0913 21848 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
19:18:33.0913 21848 WfpLwf - ok
19:18:33.0913 21848 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
19:18:33.0913 21848 WIMMount - ok
19:18:33.0928 21848 WinDefend - ok
19:18:33.0944 21848 WinHttpAutoProxySvc - ok
19:18:33.0975 21848 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:18:33.0975 21848 Winmgmt - ok
19:18:34.0006 21848 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
19:18:34.0022 21848 WinRM - ok
19:18:34.0053 21848 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
19:18:34.0053 21848 WinUsb - ok
19:18:34.0084 21848 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
19:18:34.0100 21848 Wlansvc - ok
19:18:34.0115 21848 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
19:18:34.0115 21848 wlcrasvc - ok
19:18:34.0178 21848 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:18:34.0193 21848 wlidsvc - ok
19:18:34.0209 21848 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
19:18:34.0209 21848 WmiAcpi - ok
19:18:34.0225 21848 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:18:34.0225 21848 wmiApSrv - ok
19:18:34.0256 21848 WMPNetworkSvc - ok
19:18:34.0271 21848 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:18:34.0271 21848 WPCSvc - ok
19:18:34.0271 21848 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:18:34.0271 21848 WPDBusEnum - ok
19:18:34.0287 21848 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:18:34.0287 21848 ws2ifsl - ok
19:18:34.0303 21848 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
19:18:34.0303 21848 wscsvc - ok
19:18:34.0303 21848 WSearch - ok
19:18:34.0396 21848 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
19:18:34.0412 21848 wuauserv - ok
19:18:34.0427 21848 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
19:18:34.0427 21848 WudfPf - ok
19:18:34.0459 21848 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:18:34.0459 21848 WUDFRd - ok
19:18:34.0490 21848 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:18:34.0490 21848 wudfsvc - ok
19:18:34.0521 21848 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
19:18:34.0521 21848 WwanSvc - ok
19:18:34.0537 21848 ================ Scan global ===============================
19:18:34.0552 21848 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
19:18:34.0568 21848 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
19:18:34.0583 21848 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
19:18:34.0615 21848 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
19:18:34.0615 21848 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
19:18:34.0630 21848 [Global] - ok
19:18:34.0630 21848 ================ Scan MBR ==================================
19:18:34.0646 21848 [ C35E8D3ACD88A36308808DC42A43CC4F ] \Device\Harddisk0\DR0
19:18:34.0817 21848 \Device\Harddisk0\DR0 - ok
19:18:34.0817 21848 ================ Scan VBR ==================================
19:18:34.0833 21848 [ 6E30B3A8ECDBE80C537C3BCADDE96EBB ] \Device\Harddisk0\DR0\Partition1
19:18:34.0833 21848 \Device\Harddisk0\DR0\Partition1 - ok
19:18:34.0849 21848 [ 7ACD80F4FD0EE37B46034C946585B9A5 ] \Device\Harddisk0\DR0\Partition2
19:18:34.0849 21848 \Device\Harddisk0\DR0\Partition2 - ok
19:18:34.0895 21848 [ 61E8C66456FD9FC2D3E06A826E571581 ] \Device\Harddisk0\DR0\Partition3
19:18:34.0895 21848 \Device\Harddisk0\DR0\Partition3 - ok
19:18:34.0895 21848 ============================================================
19:18:34.0895 21848 Scan finished
19:18:34.0895 21848 ============================================================
19:18:34.0911 11020 Detected object count: 0
19:18:34.0911 11020 Actual detected object count: 0
19:19:02.0242 10968 Deinitialize success

#5 23172

23172

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:11:10 PM

Posted 06 December 2012 - 07:50 PM

Second log -
aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2012-12-06 19:28:22
-----------------------------
19:28:22.447 OS Version: Windows x64 6.1.7601 Service Pack 1
19:28:22.447 Number of processors: 2 586 0x603
19:28:22.447 ComputerName: WINNING-HP UserName: winning
19:31:03.331 Initialize success
19:32:48.541 AVAST engine defs: 12120602
19:33:02.175 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000004f
19:33:02.175 Disk 0 Vendor: ST310005 HP40 Size: 953869MB BusType: 11
19:33:02.191 Disk 0 MBR read successfully
19:33:02.191 Disk 0 MBR scan
19:33:02.191 Disk 0 unknown MBR code
19:33:02.191 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
19:33:02.207 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 942268 MB offset 206848
19:33:02.238 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 11499 MB offset 1929971712
19:33:02.347 Disk 0 scanning C:\Windows\system32\drivers
19:33:13.876 Service scanning
19:33:38.197 Modules scanning
19:33:38.197 Disk 0 trace - called modules:
19:33:38.212 ntoskrnl.exe CLASSPNP.SYS disk.sys amd_xata.sys storport.sys hal.dll amd_sata.sys
19:33:38.743 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8003da5060]
19:33:38.743 3 CLASSPNP.SYS[fffff8800214f43f] -> nt!IofCallDriver -> [0xfffffa80036eaac0]
19:33:38.743 5 amd_xata.sys[fffff880010178b4] -> nt!IofCallDriver -> \Device\0000004f[0xfffffa8003d939c0]
19:33:44.265 AVAST engine scan C:\Windows
19:33:47.869 AVAST engine scan C:\Windows\system32
19:39:38.871 AVAST engine scan C:\Windows\system32\drivers
19:40:14.245 AVAST engine scan C:\Users\winning
19:47:43.933 File: C:\Users\winning\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\BTS932ZU\setup_security_defender_681[1].exe **INFECTED** Win32:Defmid-C [Trj]
19:50:19.856 Disk 0 MBR has been saved successfully to "C:\MBR.dat"
19:50:19.872 The log file has been saved successfully to "C:\aswMBR log.txt"

#6 23172

23172

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:11:10 PM

Posted 06 December 2012 - 09:44 PM

Final scan ESET -
C:\Users\All Users\Zoomex\50c13347bfeae.ocx Win32/Adware.MultiPlug.E application unable to clean
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DZMXLDB7\updater-startnow-200-2.5-g[1].exe a variant of Win32/Toolbar.Zugo application unable to clean
C:\Program Files (x86)\StartNow Toolbar\StartNowToolbarUninstall.exe Win32/Toolbar.Zugo application cleaned by deleting - quarantined
C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll a variant of Win32/Toolbar.Zugo application cleaned by deleting (after the next restart) - quarantined
C:\Program Files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe a variant of Win32/Toolbar.Zugo application cleaned by deleting (after the next restart) - quarantined
C:\ProgramData\Zoomex\50c13347bfeae.ocx Win32/Adware.MultiPlug.E application cleaned by deleting (after the next restart) - quarantined
C:\Users\winning\AppData\Local\Temp\ICReinstall\cnet_ieSpellSetup264573_exe[1].exe a variant of Win32/InstallCore.D application cleaned by deleting - quarantined
C:\Users\winning\AppData\Local\Temp\is1598539481\zgInstaller.exe Win32/Toolbar.Zugo application cleaned by deleting - quarantined
C:\Users\winning\AppData\Local\Temp\nsj684.tmp\chutil.dll probably a variant of Win32/TopMedia.A application cleaned by deleting - quarantined
C:\Users\winning\AppData\Local\Temp\{92CF131E-D3CC-B813-5AF8-9BEE492C31E8}\Addons\coupon_setup.exe Win32/Adware.MultiPlug.E application cleaned by deleting - quarantined
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DZMXLDB7\updater-startnow-200-2.5-g[1].exe a variant of Win32/Toolbar.Zugo application cleaned by deleting - quarantined
C:\Windows\Temp\ToolbarUpdate.exe a variant of Win32/Toolbar.Zugo application cleaned by deleting - quarantined
C:\Windows\Temp\TBU002\ToolbarUpdate.exe a variant of Win32/Toolbar.Zugo application cleaned by deleting - quarantined

#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:10 PM

Posted 09 December 2012 - 12:38 PM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.

#8 23172

23172

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:11:10 PM

Posted 11 December 2012 - 07:17 PM

MiniToolBox by Farbar Version: 25-11-2012
Ran by winning (administrator) on 11-12-2012 at 19:17:03
Running from "C:\Users\winning\Downloads"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.type", 0

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Realtek PCIe FE Family Controller = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : winning-HP
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : hsd1.va.comcast.net.

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : hsd1.va.comcast.net.
Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
Physical Address. . . . . . . . . : 78-AC-C0-B4-6E-4F
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:558:6036:14:5d1d:dab6:b1ac:5d98(Preferred)
Lease Obtained. . . . . . . . . . : Tuesday, December 11, 2012 12:19:45 PM
Lease Expires . . . . . . . . . . : Tuesday, December 11, 2012 7:58:20 PM
Link-local IPv6 Address . . . . . : fe80::f047:fc02:5c09:97fd%12(Preferred)
IPv4 Address. . . . . . . . . . . : 71.62.80.114(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.252.0
Lease Obtained. . . . . . . . . . : Tuesday, December 11, 2012 8:13:41 AM
Lease Expires . . . . . . . . . . : Saturday, December 15, 2012 1:35:23 PM
Default Gateway . . . . . . . . . : fe80::201:5cff:fe32:e041%12
71.62.80.1
DHCP Server . . . . . . . . . . . : 69.252.67.5
DHCPv6 IAID . . . . . . . . . . . : 276344000
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-80-A3-6A-78-AC-C0-B4-6E-4F
DNS Servers . . . . . . . . . . . : 2001:558:feed::1
2001:558:feed::2
75.75.75.75
75.75.76.76
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.hsd1.va.comcast.net.:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : hsd1.va.comcast.net.
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 12:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Teredo Tunneling Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:953c:386f:6d7:b8c1:af8d(Preferred)
Link-local IPv6 Address . . . . . : fe80::386f:6d7:b8c1:af8d%11(Preferred)
Default Gateway . . . . . . . . . :
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: cdns01.comcast.net
Address: 2001:558:feed::1

Name: google.com
Addresses: 2607:f8b0:4004:802::1008
74.125.228.104
74.125.228.98
74.125.228.110
74.125.228.99
74.125.228.97
74.125.228.96
74.125.228.100
74.125.228.105
74.125.228.101
74.125.228.102
74.125.228.103


Pinging google.com [2607:f8b0:4004:800::1002] with 32 bytes of data:
Reply from 2607:f8b0:4004:800::1002: time=17ms
Reply from 2607:f8b0:4004:800::1002: time=18ms

Ping statistics for 2607:f8b0:4004:800::1002:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 17ms, Maximum = 18ms, Average = 17ms
Server: cdns01.comcast.net
Address: 2001:558:feed::1

DNS request timed out.
timeout was 2 seconds.
Name: yahoo.com
Addresses: 98.138.253.109
98.139.183.24
72.30.38.140


Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=85ms TTL=47
Reply from 98.138.253.109: bytes=32 time=83ms TTL=47

Ping statistics for 98.138.253.109:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 83ms, Maximum = 85ms, Average = 84ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=9ms TTL=128
Reply from 127.0.0.1: bytes=32 time=3ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 3ms, Maximum = 9ms, Average = 6ms
===========================================================================
Interface List
12...78 ac c0 b4 6e 4f ......Realtek PCIe FE Family Controller
1...........................Software Loopback Interface 1
13...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
11...00 00 00 00 00 00 00 e0 Microsoft Teredo Tunneling Adapter
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 71.62.80.1 71.62.80.114 20
71.62.80.0 255.255.252.0 On-link 71.62.80.114 276
71.62.80.114 255.255.255.255 On-link 71.62.80.114 276
71.62.83.255 255.255.255.255 On-link 71.62.80.114 276
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 71.62.80.114 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 71.62.80.114 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
12 276 ::/0 fe80::201:5cff:fe32:e041
1 306 ::1/128 On-link
11 58 2001::/32 On-link
11 306 2001:0:9d38:953c:386f:6d7:b8c1:af8d/128
On-link
12 276 2001:558:6036:14:5d1d:dab6:b1ac:5d98/128
On-link
12 276 fe80::/64 On-link
11 306 fe80::/64 On-link
11 306 fe80::386f:6d7:b8c1:af8d/128
On-link
12 276 fe80::f047:fc02:5c09:97fd/128
On-link
1 306 ff00::/8 On-link
11 306 ff00::/8 On-link
12 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (12/06/2012 11:57:38 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (12/06/2012 11:37:25 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (12/06/2012 11:37:24 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.

Error: (12/06/2012 09:59:53 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/06/2012 09:01:48 PM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 9.0.8112.16455 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 2488

Start Time: 01cdd40d634dae40

Termination Time: 47

Application Path: C:\Program Files (x86)\Internet Explorer\iexplore.exe

Report Id:

Error: (12/06/2012 07:34:55 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (12/06/2012 07:34:42 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (12/01/2012 04:48:57 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7878

Error: (12/01/2012 04:48:57 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7878

Error: (12/01/2012 04:48:57 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (12/10/2012 04:32:32 AM) (Source: DCOM) (User: )
Description: {4EB61BAC-A3B6-4760-9581-655041EF4D69}

Error: (12/08/2012 11:25:05 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the lmhosts service.

Error: (12/08/2012 09:53:55 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.

Error: (12/08/2012 03:29:43 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.

Error: (12/08/2012 03:05:47 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.

Error: (12/08/2012 02:41:09 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.

Error: (12/08/2012 02:18:55 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.

Error: (12/08/2012 00:48:50 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.

Error: (12/08/2012 00:22:19 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.

Error: (12/07/2012 11:48:10 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.


Microsoft Office Sessions:
=========================
Error: (12/06/2012 11:57:38 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\Users\winning\AppData\Local\microsoft\Windows\temporary internet files\Content.IE5\JDFJAYIG\esetsmartinstaller_enu.exe

Error: (12/06/2012 11:37:25 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (12/06/2012 11:37:24 PM) (Source: SideBySide)(User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORC:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllC:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

Error: (12/06/2012 09:59:53 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/06/2012 09:01:48 PM) (Source: Application Hang)(User: )
Description: iexplore.exe9.0.8112.16455248801cdd40d634dae4047C:\Program Files (x86)\Internet Explorer\iexplore.exe

Error: (12/06/2012 07:34:55 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\winning\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JDFJAYIG\esetsmartinstaller_enu.exe

Error: (12/06/2012 07:34:42 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\winning\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JDFJAYIG\esetsmartinstaller_enu.exe

Error: (12/01/2012 04:48:57 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7878

Error: (12/01/2012 04:48:57 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7878

Error: (12/01/2012 04:48:57 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second


=========================== Installed Programs ============================

Adobe AIR (Version: 1.5.3.9130)
Adobe Flash Player 11 ActiveX (Version: 11.5.502.135)
Adobe Flash Player 11 Plugin (Version: 11.5.502.135)
Agatha Christie - Peril at End House (Version: 2.2.0.95)
Amazon Add to Wish List IE Extension 1.2 (Version: 1.2)
Angry Birds (Version: 2.1.0)
Angry Birds Rio (Version: 1.4.4)
Angry Birds Seasons (Version: 2.4.1)
Angry Birds Space (Version: 1.3.0)
Apple Application Support (Version: 2.2.2)
Apple Mobile Device Support (Version: 6.0.0.59)
Apple Software Update (Version: 2.1.3.127)
Ask Toolbar (Version: 1.15.9.0)
Ask Toolbar Updater (Version: 1.2.3.29495)
ATI Catalyst Install Manager (Version: 3.0.774.0)
Bejeweled 2 Deluxe (Version: 2.2.0.95)
Bejeweled 3 (Version: 2.2.0.95)
Bing Rewards Client Installer (Version: 16.0.345.0)
Blackhawk Striker 2 (Version: 2.2.0.95)
Blasterball 3 (Version: 2.2.0.95)
Blio (Version: 2.2.6699)
Bonjour (Version: 3.0.0.10)
Bounce Symphony (Version: 2.2.0.95)
Build-a-lot 2 (Version: 2.2.0.95)
Cake Mania (Version: 2.2.0.95)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Core Implementation (Version: 2010.0511.2153.37435)
Catalyst Control Center Graphics Full Existing (Version: 2010.0511.2153.37435)
Catalyst Control Center Graphics Full New (Version: 2010.0511.2153.37435)
Catalyst Control Center Graphics Light (Version: 2010.0511.2153.37435)
Catalyst Control Center Graphics Previews Vista (Version: 2010.0511.2153.37435)
Catalyst Control Center InstallProxy (Version: 2010.0511.2153.37435)
Catalyst Control Center Localization All (Version: 2010.0511.2153.37435)
ccc-core-static (Version: 2010.0511.2153.37435)
ccc-utility64 (Version: 2010.0511.2153.37435)
CCC Help Chinese Standard (Version: 2010.0511.2152.37435)
CCC Help Chinese Traditional (Version: 2010.0511.2152.37435)
CCC Help Czech (Version: 2010.0511.2152.37435)
CCC Help Danish (Version: 2010.0511.2152.37435)
CCC Help Dutch (Version: 2010.0511.2152.37435)
CCC Help English (Version: 2010.0511.2152.37435)
CCC Help Finnish (Version: 2010.0511.2152.37435)
CCC Help French (Version: 2010.0511.2152.37435)
CCC Help German (Version: 2010.0511.2152.37435)
CCC Help Greek (Version: 2010.0511.2152.37435)
CCC Help Hungarian (Version: 2010.0511.2152.37435)
CCC Help Italian (Version: 2010.0511.2152.37435)
CCC Help Japanese (Version: 2010.0511.2152.37435)
CCC Help Korean (Version: 2010.0511.2152.37435)
CCC Help Norwegian (Version: 2010.0511.2152.37435)
CCC Help Polish (Version: 2010.0511.2152.37435)
CCC Help Portuguese (Version: 2010.0511.2152.37435)
CCC Help Russian (Version: 2010.0511.2152.37435)
CCC Help Spanish (Version: 2010.0511.2152.37435)
CCC Help Swedish (Version: 2010.0511.2152.37435)
CCC Help Thai (Version: 2010.0511.2152.37435)
CCC Help Turkish (Version: 2010.0511.2152.37435)
Chuzzle Deluxe (Version: 2.2.0.95)
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Diner Dash 2 Restaurant Rescue (Version: 2.2.0.95)
Dora's World Adventure (Version: 2.2.0.95)
ESET Online Scanner v3
Farm Frenzy (Version: 2.2.0.95)
FATE - The Traitor Soul (Version: 2.2.0.95)
Google Chrome (Version: 23.0.1271.95)
Google Earth (Version: 6.2.2.6613)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.4.3230.2052)
Google Update Helper (Version: 1.3.21.123)
Hewlett-Packard ACLM.NET v1.2.1.1 (Version: 1.00.0000)
HP Auto (Version: 1.0.12935.3667)
HP Client Services (Version: 1.1.12938.3539)
HP Customer Experience Enhancements (Version: 6.0.1.7)
HP Games (Version: 1.0.2.4)
HP LinkUp (Version: 2.01.026)
HP MediaSmart/TouchSmart Netflix (Version: 1.0.6.0)
HP MovieStore (Version: 1.0.045)
HP MovieStore (Version: 2.0)
HP Odometer (Version: 2.10.0000)
HP Setup (Version: 8.6.4530.3651)
HP Setup Manager (Version: 1.1.13253.3682)
HP Support Assistant (Version: 7.0.39.15)
HP Support Information (Version: 10.1.1000)
HP Update (Version: 5.002.003.003)
HP Vision Hardware Diagnostics (Version: 2.5.0.0)
Hulu Desktop (Version: 0.9.13)
ieSpell (Version: 2.6.4 (build 573))
iTunes (Version: 10.7.0.21)
J2SE Runtime Environment 5.0 Update 17 (Version: 1.5.0.170)
Java 7 Update 9 (Version: 7.0.90)
Java Auto Updater (Version: 2.1.9.0)
Java™ 6 Update 35 (Version: 6.0.350)
Junk Mail filter update (Version: 15.4.3502.0922)
Kaspersky Anti-Virus 2011 (Version: 11.0.2.556)
Kobo (Version: 1.6)
LabelPrint (Version: 2.5.3609)
LightScribe System Software (Version: 1.18.20.1)
Mah Jong Medley (Version: 2.2.0.95)
Malwarebytes Anti-Malware version 1.65.1.1000 (Version: 1.65.1.1000)
McAfee Security Scan Plus (Version: 2.0.181.2)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Home and Student 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
Mozilla Firefox 16.0.2 (x86 en-US) (Version: 16.0.2)
Mozilla Maintenance Service (Version: 16.0.2)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Mystery P.I. - Stolen in San Francisco (Version: 2.2.0.95)
Namco All-Stars PAC-MAN (Version: 2.2.0.95)
Oracle JInitiator 1.3.1.29
PDF Complete Special Edition (Version: 4.0.35)
Penguins! (Version: 2.2.0.95)
Plants vs. Zombies - Game of the Year (Version: 2.2.0.95)
PlayReady PC Runtime amd64 (Version: 1.3.0)
PlayReady PC Runtime x86 (Version: 1.3.0)
Poker Superstars III (Version: 2.2.0.95)
Polar Bowler (Version: 2.2.0.95)
Polar Golfer (Version: 2.2.0.95)
Power2Go (Version: 6.1.4817)
PressReader (Version: 5.10.1217.0)
PrivitizeVPN (Version: 1.0.0)
QuickTime (Version: 7.72.80.56)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealPlayer (Version: 15.0.6)
Realtek High Definition Audio Driver (Version: 6.0.1.6251)
RealUpgrade 1.1 (Version: 1.1.0)
Recovery Manager (Version: 5.5.3621)
Remote Graphics Receiver (Version: 5.4.5)
RoxioNow Player (Version: 1.9.5.103)
Samsung Mobile phone USB driver Drive Software
SAMSUNG Mobile USB Modem 1.0 Software
SAMSUNG Mobile USB Modem Software
Samsung PC Studio 3 USB Driver Installer (Version: 3.2.0.70701)
SAMSUNG USB Driver for Mobile Phones (Version: 1.3.550.0)
Slingo Supreme (Version: 2.2.0.95)
StartNow Toolbar (Version: 2.3.0)
Unity Web Player (Version: )
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553272) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
Update Installer for WildTangent Games App
Verizon Wireless Software Upgrade Assistant - SAMSUNG (TL-PC) (Version: 1.11.1001)
Verizon Wireless Software Upgrade Assistant - Samsung (Version: 1.11.1201)
Virtual Villagers 4 - The Tree of Life (Version: 2.2.0.95)
Vsk5Online
VSKITALIA - TP52
Wheel of Fortune 2 (Version: 2.2.0.95)
WildTangent Games App (HP Games) (Version: 4.0.5.25)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3508.1109)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Zinio Reader 4 (Version: 4.0.3184)
Zoomex (Version: )
Zuma Deluxe (Version: 2.2.0.95)

========================= Memory info: ===================================

Percentage of memory in use: 45%
Total physical RAM: 3839.29 MB
Available physical RAM: 2082.09 MB
Total Pagefile: 7676.76 MB
Available Pagefile: 5274.06 MB
Total Virtual: 4095.88 MB
Available Virtual: 3966.62 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:920.18 GB) (Free:849.44 GB) NTFS
2 Drive d: (HP_RECOVERY) (Fixed) (Total:11.23 GB) (Free:1.37 GB) NTFS

========================= Users: ========================================

User accounts for \\WINNING-HP

Administrator Guest winning

========================= Restore Points ==================================

11-10-2012 07:00:40 Windows Update
28-10-2012 05:20:40 HPSF Restore Point
28-10-2012 05:36:26 HPSF Restore Point
30-10-2012 02:11:09 Windows Update
30-10-2012 02:11:43 Windows Update
30-10-2012 02:12:44 Windows Update
15-11-2012 02:14:22 Installed HP Support Assistant
15-11-2012 02:19:30 Windows Modules Installer
15-11-2012 02:20:17 Windows Modules Installer
16-11-2012 08:00:16 Windows Update
24-11-2012 16:52:44 Installed Java 7 Update 9
29-11-2012 08:00:26 Windows Update
07-12-2012 04:56:05 Scheduled Checkpoint

**** End of log ****

#9 23172

23172

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:11:10 PM

Posted 11 December 2012 - 08:41 PM

Malwarebytes Anti-Malware (Trial) 1.65.1.1000
www.malwarebytes.org

Database version: v2012.12.11.12

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
winning :: WINNING-HP [administrator]

Protection: Enabled

12/11/2012 7:05:44 PM
mbam-log-2012-12-11 (19-05-44).txt

Scan type: Full scan (C:\|D:\|Q:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 373109
Time elapsed: 1 hour(s), 19 minute(s), 9 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#10 23172

23172

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:11:10 PM

Posted 11 December 2012 - 08:49 PM

# AdwCleaner v2.100 - Logfile created 12/11/2012 at 20:45:24
# Updated 09/12/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : winning - WINNING-HP
# Boot Mode : Normal
# Running from : C:\Users\winning\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M9FF3UG3\adwcleaner.exe
# Option [Delete]


***** [Services] *****

Stopped & Deleted : Updater Service for StartNow Toolbar

***** [Files / Folders] *****

File Deleted : C:\Users\Public\Desktop\eBay.lnk
File Deleted : C:\Users\winning\AppData\Roaming\Mozilla\Firefox\Profiles\bkmupsmg.default\searchplugins\Askcom.xml
Folder Deleted : C:\Program Files (x86)\Ask.com
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\InstallMate
Folder Deleted : C:\ProgramData\Premium
Folder Deleted : C:\Users\winning\AppData\Local\APN
Folder Deleted : C:\Users\winning\AppData\Local\Temp\AskSearch
Folder Deleted : C:\Users\winning\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\winning\AppData\Roaming\Mozilla\Firefox\Profiles\bkmupsmg.default\extensions\toolbar@ask.com
Folder Deleted : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

***** [Registry] *****

Key Deleted : HKCU\Software\APN
Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5911488E-9D1E-40EC-8CBB-06B231CC153F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E13D095-45C3-4271-9475-F3B48227DD9F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5911488E-9D1E-40EC-8CBB-06B231CC153F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E13D095-45C3-4271-9475-F3B48227DD9F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKCU\Software\StartNow Toolbar
Key Deleted : HKCU\Software\StartSearch
Key Deleted : HKCU\Software\Zugo
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKLM\Software\APN
Key Deleted : HKLM\Software\AskToolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7E8A36EA-2501-4ED3-A3C8-CFA9143FB169}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\Toolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.BandObject
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.BandObject.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.ToolbarHelperObject
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.ToolbarHelperObject.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6857AC4A-95B4-4E2C-B2D2-8A235FCCEF4A}
Key Deleted : HKLM\Software\StartNow Toolbar
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{5911488E-9D1E-40EC-8CBB-06B231CC153F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{6E13D095-45C3-4271-9475-F3B48227DD9F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1C888195-0160-4883-91B7-294C0CE2F277}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{99ACA0F7-D864-45CB-8C40-FD42A077E7CA}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E13D095-45C3-4271-9475-F3B48227DD9F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\StartNow Toolbar
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1C888195-0160-4883-91B7-294C0CE2F277}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{99ACA0F7-D864-45CB-8C40-FD42A077E7CA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [StartNowToolbarHelper]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16455

[OK] Registry is clean.

-\\ Mozilla Firefox v16.0.2 (en-US)

Profile name : default
File : C:\Users\winning\AppData\Roaming\Mozilla\Firefox\Profiles\bkmupsmg.default\prefs.js

Deleted : user_pref("extensions.asktb.ff-original-keyword-url", "");

-\\ Google Chrome v23.0.1271.95

File : C:\Users\winning\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [7078 octets] - [11/12/2012 20:45:24]

########## EOF - C:\AdwCleaner[S1].txt - [7138 octets] ##########

#11 23172

23172

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:11:10 PM

Posted 11 December 2012 - 09:39 PM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.0.7 (12.11.2012:3)
OS: Windows 7 Home Premium x64
Ran by winning on Tue 12/11/2012 at 20:52:09.59
Blog: http://thisisudax.blogspot.com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] hkey_current_user\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\.default\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\s-1-5-18\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\s-1-5-19\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\s-1-5-20\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\S-1-5-21-2732048130-404514616-2650451616-1001\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\main\\Start Page



~~~ Registry Keys

Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\zoomex"
Successfully deleted: [Folder] "C:\Users\winning\appdata\locallow\zoomex"
Successfully deleted: [Folder] "C:\Program Files (x86)\startnow toolbar"



~~~ FireFox

Successfully deleted: [Folder] C:\Users\winning\AppData\Roaming\mozilla\firefox\profiles\bkmupsmg.default\extensions\50c13347bfd1f@50c13347bfd58.com
Successfully deleted the following from C:\Users\winning\AppData\Roaming\mozilla\firefox\profiles\bkmupsmg.default\prefs.js

user_pref("browser.startup.homepage", "http://search.privitize.com/?aff=7");
user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{0153E448-190B-4987-BDE1-F256CADA672F}\":{\"descriptor\":\"C:\\\\ProgramData\\\\Real\\\\Re
user_pref("keyword.URL", "http://search.privitize.com/?aff=7&q=");



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 12/11/2012 at 21:07:37.38
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:10 PM

Posted 13 December 2012 - 01:49 AM

Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#13 23172

23172

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:11:10 PM

Posted 21 December 2012 - 10:22 PM

Rkill 2.4.5 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 12/21/2012 10:20:46 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\Users\winning\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe (PID: 5996) [UP-HEUR]

1 proccess terminated!

Checking Registry for malware related settings:

* Explorer Policy Removed: NoActiveDesktopChanges [HKLM]

Backup Registry file created at:
C:\Users\winning\Desktop\rkill\rkill-12-21-2012-10-20-51.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity:

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Manual

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 12/21/2012 10:21:00 PM
Execution time: 0 hours(s), 0 minute(s), and 14 seconds(s)

#14 23172

23172

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:11:10 PM

Posted 21 December 2012 - 10:32 PM

"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" ""
+ "rdpclip" "" "" "File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "hpsysdrv" "hpsysdrv" "Hewlett-Packard" "c:\program files (x86)\hewlett-packard\hp odometer\hpsysdrv.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "APSDaemon" "Apple Push" "Apple Inc." "c:\program files (x86)\common files\apple\apple application support\apsdaemon.exe"
+ "AVP" "Kaspersky Anti-Virus" "Kaspersky Lab ZAO" "c:\program files (x86)\kaspersky lab\kaspersky anti-virus 2011\avp.exe"
+ "HP Software Update" "hpwuSchd Application" "Hewlett-Packard" "c:\program files (x86)\hp\hp software update\hpwuschd2.exe"
+ "iTunesHelper" "iTunesHelper" "Apple Inc." "c:\program files (x86)\itunes\ituneshelper.exe"
+ "PDF Complete" "Sentry for PDF" "PDF Complete Inc" "c:\program files (x86)\pdf complete\pdfsty.exe"
+ "PrivitizeVPN" "PrivitizeVPN Client" "OOO Industry" "c:\program files (x86)\privitizevpn\privitizevpn.exe"
+ "QuickTime Task" "QuickTime Task" "Apple Inc." "c:\program files (x86)\quicktime\qttask.exe"
+ "StartCCC" "Catalyst® Control Center Launcher" "Advanced Micro Devices, Inc." "c:\program files (x86)\ati technologies\ati.ace\core-static\clistart.exe"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files (x86)\common files\java\java update\jusched.exe"
+ "TkBellExe" "RealNetworks Scheduler" "RealNetworks, Inc." "c:\program files (x86)\real\realplayer\update\realsched.exe"
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "McAfee Security Scan Plus.lnk" "McAfee Security Scanner Scheduler" "McAfee, Inc." "c:\program files (x86)\mcafee security scan\2.0.181\ssscheduler.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "swg" "GoogleToolbarNotifier" "Google Inc." "c:\program files (x86)\google\googletoolbarnotifier\googletoolbarnotifier.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office14\msoxmlmf.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "Kaspersky Anti-Virus" "Windows Shell Extension" "Kaspersky Lab ZAO" "c:\program files (x86)\kaspersky lab\kaspersky anti-virus 2011\x64\shellex.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "Kaspersky Anti-Virus" "Windows Shell Extension" "Kaspersky Lab ZAO" "c:\program files (x86)\kaspersky lab\kaspersky anti-virus 2011\shellex.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "LinkUpMenuExt" "HP LinkUp File Transfer Extension" "Hewlett-Packard" "c:\program files (x86)\hewlett-packard\hp linkup\linkupext64.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "Kaspersky Anti-Virus" "Windows Shell Extension" "Kaspersky Lab ZAO" "c:\program files (x86)\kaspersky lab\kaspersky anti-virus 2011\x64\shellex.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "Kaspersky Anti-Virus" "Windows Shell Extension" "Kaspersky Lab ZAO" "c:\program files (x86)\kaspersky lab\kaspersky anti-virus 2011\shellex.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "ACE" "AMD Desktop Control Panel" "Advanced Micro Devices, Inc." "c:\program files (x86)\ati technologies\ati.ace\core-static\atiacm64.dll"
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "Kaspersky Anti-Virus" "Windows Shell Extension" "Kaspersky Lab ZAO" "c:\program files (x86)\kaspersky lab\kaspersky anti-virus 2011\x64\shellex.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "Kaspersky Anti-Virus" "Windows Shell Extension" "Kaspersky Lab ZAO" "c:\program files (x86)\kaspersky lab\kaspersky anti-virus 2011\shellex.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "FilterBHO Class" "WebToolBar component" "Kaspersky Lab ZAO" "c:\program files (x86)\kaspersky lab\kaspersky anti-virus 2011\x64\klwtbbho.dll"
+ "Google Toolbar Helper" "Google Toolbar" "Google Inc." "c:\program files (x86)\google\google toolbar\googletoolbar_64.dll"
+ "IEVkbdBHO Class" "IE Virtual Keyboard" "Kaspersky Lab ZAO" "c:\program files (x86)\kaspersky lab\kaspersky anti-virus 2011\x64\ievkbd.dll"
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files\microsoft office\office14\urlredir.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "DefaultTab Browser Helper" "Search Results" "Search Results LLC." "c:\users\winning\appdata\roaming\defaulttab\defaulttab\defaulttabbho.dll"
+ "FilterBHO Class" "WebToolBar component" "Kaspersky Lab ZAO" "c:\program files (x86)\kaspersky lab\kaspersky anti-virus 2011\klwtbbho.dll"
+ "Google Toolbar Helper" "Google Toolbar" "Google Inc." "c:\program files (x86)\google\google toolbar\googletoolbar_32.dll"
+ "HP Network Check Helper" "HP Network Check IE Plug-in" "Hewlett-Packard" "c:\program files (x86)\hewlett-packard\hp support framework\resources\hpnetworkcheck\hpnetworkcheckplugin.dll"
+ "IEVkbdBHO Class" "IE Virtual Keyboard" "Kaspersky Lab ZAO" "c:\program files (x86)\kaspersky lab\kaspersky anti-virus 2011\ievkbd.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\java\jre7\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\java\jre7\bin\ssv.dll"
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\urlredir.dll"
+ "RealPlayer Download and Record Plugin for Internet Explorer" "RealPlayer Download and Record Plugin" "RealPlayer" "c:\programdata\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll"
+ "WeCareReminder Class" "We-Care.com Browser Helper" "We-Care.com" "c:\programdata\wecarereminder\iehelperv2.5.0.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "Google Toolbar" "Google Toolbar" "Google Inc." "c:\program files (x86)\google\google toolbar\googletoolbar_64.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "Google Toolbar" "Google Toolbar" "Google Inc." "c:\program files (x86)\google\google toolbar\googletoolbar_32.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "&Virtual Keyboard" "WebToolBar component" "Kaspersky Lab ZAO" "c:\program files (x86)\kaspersky lab\kaspersky anti-virus 2011\x64\klwtbbho.dll"
+ "OneNote Lin&ked Notes" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office14\onbttnielinkednotes.dll"
+ "Se&nd to OneNote" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office14\onbttnie.dll"
+ "URLs c&heck" "WebToolBar component" "Kaspersky Lab ZAO" "c:\program files (x86)\kaspersky lab\kaspersky anti-virus 2011\x64\klwtbbho.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "&Blog This in Windows Live Writer" "Windows Live Writer Blog This Extension" "Microsoft Corporation" "c:\program files (x86)\windows live\writer\writerbrowserextension.dll"
+ "&Virtual Keyboard" "WebToolBar component" "Kaspersky Lab ZAO" "c:\program files (x86)\kaspersky lab\kaspersky anti-virus 2011\klwtbbho.dll"
+ "Add to Wish List" "" "" "c:\program files (x86)\amazon\add to wish list ie extension\run.htm"
+ "HP Network Check" "NCLauncherFromIE" "Hewlett-Packard" "c:\program files (x86)\hewlett-packard\hp support framework\resources\hpnetworkcheck\nclauncherfromie.exe"
+ "ieSpell" "" "" "File not found: C:\Program Files (x86)\ieSpell\iespell.dll/SPELLCHECK.HTM"
+ "ieSpell Options" "" "" "File not found: C:\Program Files (x86)\ieSpell\iespell.dll/SPELLOPTION.HTM"
+ "OneNote Lin&ked Notes" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\onbttnielinkednotes.dll"
+ "Se&nd to OneNote" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\onbttnie.dll"
+ "URLs c&heck" "WebToolBar component" "Kaspersky Lab ZAO" "c:\program files (x86)\kaspersky lab\kaspersky anti-virus 2011\klwtbbho.dll"
"Task Scheduler" "" "" ""
+ "\Apple\AppleSoftwareUpdate" "Apple Software Update" "Apple Inc." "c:\program files (x86)\apple software update\softwareupdate.exe"
+ "\HPCeeScheduleForwinning" "HP Ceement" "Hewlett-Packard" "c:\program files (x86)\hewlett-packard\hp ceement\hpcee.exe"
+ "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task" "Windows Live Social Object Extractor Engine" "Microsoft Corporation" "c:\program files (x86)\windows live\soxe\wlsoxe.dll"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
+ "\RealUpgradeLogonTaskS-1-5-21-2732048130-404514616-2650451616-1001" "RealUpgrade Launcher" "RealNetworks, Inc." "c:\program files (x86)\real\realupgrade\realupgrade.exe"
+ "\RealUpgradeScheduledTaskS-1-5-21-2732048130-404514616-2650451616-1001" "RealUpgrade Launcher" "RealNetworks, Inc." "c:\program files (x86)\real\realupgrade\realupgrade.exe"
+ "\Registration" "ESAdvRemIntegrator" "" "c:\program files (x86)\hewlett-packard\hp setup\remengine.exe"
+ "\Scheduled Update for Ask Toolbar" "" "" "File not found: C:\Program Files (x86)\Ask.com\UpdateTask.exe"
+ "\SidebarExecute" "Windows Desktop Gadgets" "Microsoft Corporation" "c:\program files\windows sidebar\sidebar.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "AMD External Events Utility" "AMD External Events Service Module" "AMD" "c:\windows\system32\atiesrxx.exe"
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files (x86)\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "AVP" "Provides computer protection against viruses, dangerous software, network attacks, internet fraud and spam." "Kaspersky Lab ZAO" "c:\program files (x86)\kaspersky lab\kaspersky anti-virus 2011\avp.exe"
+ "Bonjour Service" "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence." "Apple Inc." "c:\program files\bonjour\mdnsresponder.exe"
+ "cvhsvc" "Client Virtualization Handler Service (unlocalized description)" "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\virtualization handler\cvhsvc.exe"
+ "DefaultTabSearch" "" "" "c:\program files (x86)\defaulttab\defaulttabsearch.exe"
+ "DefaultTabUpdate" "DefaultTab Update Service" "Search Results, LLC" "c:\users\winning\appdata\roaming\defaulttab\defaulttab\dtupdate.exe"
+ "GamesAppService" "WT Games App Services" "WildTangent, Inc." "c:\program files (x86)\wildtangent games\app\gamesappservice.exe"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "gusvc" "Google Updater keeps your Google software up to date. If Google Updater Service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work." "Google" "c:\program files (x86)\google\common\google updater\googleupdaterservice.exe"
+ "HP Support Assistant Service" "HP Support Assistant Service" "Hewlett-Packard Company" "c:\program files (x86)\hewlett-packard\hp support framework\hpsa_service.exe"
+ "HPClientSvc" "HP Client Services" "Hewlett-Packard Company" "c:\program files\hewlett-packard\hp client services\hpclientservices.exe"
+ "hpqwmiex" "HP Software Framework WMI Service" "Hewlett-Packard Company" "c:\program files (x86)\hewlett-packard\shared\hpqwmiex.exe"
+ "iPod Service" "iPod hardware management services" "Apple Inc." "c:\program files\ipod\bin\ipodservice.exe"
+ "LightScribeService" "Used by the LightScribe software components to support 3rd party disc labeling applications using the LightScribe COM Application Programming Interface (LSCAPI). This service needs to run for LightScribe direct disc labeling to work." "Hewlett-Packard Company" "c:\program files (x86)\common files\lightscribe\lssrvc.exe"
+ "MBAMScheduler" "Malwarebytes Anti-Malware scheduler" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamscheduler.exe"
+ "MBAMService" "Malwarebytes Anti-Malware service" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamservice.exe"
+ "McComponentHostService" "McAfee Security Scan Component Host Service" "McAfee, Inc." "c:\program files (x86)\mcafee security scan\2.0.181\mcchsvc.exe"
+ "MozillaMaintenance" "The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled." "Mozilla Foundation" "c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"
+ "osppsvc" "Office Software Protection Platform Service (unlocalized description)" "Microsoft Corporation" "c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe"
+ "pdfcDispatcher" "Manages the PDF document production process. A primary task is to enable the routing of documents from the print spooler to the user. If this service is stopped, PDF documents will be unavailable." "PDF Complete Inc" "c:\program files (x86)\pdf complete\pdfsvc.exe"
+ "RoxioNow Service" "Windows Service App" "Roxio" "c:\program files (x86)\roxio\roxionow player\rnowsvc.exe"
+ "sftlist" "Streams and manages applications." "Microsoft Corporation" "c:\program files (x86)\microsoft application virtualization client\sftlist.exe"
+ "sftvsa" "Monitors global service events and launches virtual services." "Microsoft Corporation" "c:\program files (x86)\microsoft application virtualization client\sftvsa.exe"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "wlidsvc" "Enables Windows Live ID authentication." "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amd_sata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amd_sata.sys"
+ "amd_xata" "Stor Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amd_xata.sys"
+ "amdkmdag" "ATI Radeon Kernel Mode Driver" "ATI Technologies Inc." "c:\windows\system32\drivers\atikmdag.sys"
+ "amdkmdap" "AMD multi-vendor Miniport Driver" "Advanced Micro Devices, Inc." "c:\windows\system32\drivers\atikmpag.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "AtiPcie" "AMD PCIE Filter Driver for ATI PCIE chipset" "Advanced Micro Devices Inc." "c:\windows\system32\drivers\atipcie64.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "igfx" "Intel Graphics Kernel Mode Driver" "Intel Corporation" "c:\windows\system32\drivers\igdkmd64.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "IntcAzAudAddService" "Realtek® High Definition Audio Function Driver" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtkvhd64.sys"
+ "KL1" "Kaspersky Unified Driver" "Kaspersky Lab ZAO" "c:\windows\system32\drivers\kl1.sys"
+ "kl2" "Kaspersky Unified Driver" "Kaspersky Lab ZAO" "c:\windows\system32\drivers\kl2.sys"
+ "KLIF" "Kaspersky Lab Interceptor and Filter" "Kaspersky Lab" "c:\windows\system32\drivers\klif.sys"
+ "KLIM6" "Kaspersky Anti-Virus NDIS 6 Filter" "Kaspersky Lab ZAO" "c:\windows\system32\drivers\klim6.sys"
+ "klmouflt" "Kaspersky Lab Mouse Class Filter" "Kaspersky Lab" "c:\windows\system32\drivers\klmouflt.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "MBAMProtector" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\windows\system32\drivers\mbam.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "RTL8167" "Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver " "Realtek " "c:\windows\system32\drivers\rt64win7.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "sscdbus" "SAMSUNG USB Composite Device Driver" "MCCI Corporation" "c:\windows\system32\drivers\sscdbus.sys"
+ "sscdmdfl" "SAMSUNG Mobile Modem Filter" "MCCI Corporation" "c:\windows\system32\drivers\sscdmdfl.sys"
+ "sscdmdm" "SAMSUNG Mobile Modem Drivers" "MCCI Corporation" "c:\windows\system32\drivers\sscdmdm.sys"
+ "sscdserd" "SAMSUNG Mobile Modem Diagnostic Serial Port (WDM)" "MCCI Corporation" "c:\windows\system32\drivers\sscdserd.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "USBAAPL64" "Apple Mobile Device USB Driver" "Apple, Inc." "c:\windows\system32\drivers\usbaapl64.sys"
+ "usbfilter" "AMD USB Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\usbfilter.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "MS PR Source Filter" "PlayReady DirectShow Source Filter DLL" "Microsoft Corporation" "c:\program files\playready\prsource.dll"
+ "PlayReady DMO Wrapper" "PlayReady DirectShow DMO Wrapper Filter DLL" "Microsoft Corporation" "c:\program files\playready\prdmowrapper.dll"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "Audio Destination" "WAVDest Filter (Sample)" "Microsoft Corporation" "c:\program files (x86)\google\google earth\client\wavdest.ax"
+ "Capture File Writer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "CyberLink Audio Noise Reduction" "CLAuNR" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gaunrwrapper.ax"
+ "CyberLink Audio Resampler" "CLAuRsmpl.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gaursmpl.ax"
+ "CyberLink Audio VolumeBooster" "CyberLink Audio Volume Booster Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gvb.ax"
+ "CyberLink AudioCD Filter" "CyberLink AudioCD Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gaudiocd.ax"
+ "Cyberlink Dump Dispatch Filter" "Cyberlink File Dump Dispatch Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gdumpdispatch.ax"
+ "Cyberlink Dump Filter" "Cyberlink File Dump Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gdump.ax"
+ "CyberLink Editing Service 3.0 (Source)" "CES Kernel" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gedtkrn.dll"
+ "Cyberlink File Reader (Async.)" "Cyberlink MPEG File Reader" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2greader.ax"
+ "CyberLink Load Image Filter" "CLImage" "CyberLink" "c:\program files (x86)\cyberlink\shared files\climage.ax"
+ "CyberLink M2V Writer" "CLM2VWriter" "CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gm2vwriter.ax"
+ "CyberLink MP3/WAV Wrapper" "CyberLink MP3 Wrapper" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gmp3wrap.ax"
+ "CyberLink MPEG Decoder" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gmvd.ax"
+ "CyberLink MPEG Muxer" "MpgMux" "CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gmpgmux.ax"
+ "CyberLink MPEG Video Encoder" "CyberLink MPEG Video Encoder " "CyberLink Corp. " "c:\program files (x86)\cyberlink\power2go\p2gvidenc.ax"
+ "CyberLink MPEG-1 Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gm1spliter.ax"
+ "CyberLink MPEG-2 Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gm2spliter.ax"
+ "CyberLink PCM Wrapper" "CyberLink PCM Wrapper" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gpcmenc.ax"
+ "CyberLink TimeStretch Filter (CES)" "CLAuTS.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gauts.ax"
+ "CyberLink TL MPEG Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gtlmsplter.ax"
+ "CyberLink Video Effect" "CLVidFx" "CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gvidfx.ax"
+ "CyberLink Video Regulator" "CLRGL" "Cyberlink" "c:\program files (x86)\cyberlink\power2go\p2grgl.ax"
+ "CyberLink Video Stabilizer" "CLVideoDeShaking" "CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gvideostabilizer.ax"
+ "MS PR Source Filter" "PlayReady DirectShow Source Filter DLL" "Microsoft Corporation" "c:\program files (x86)\playready\prsource.dll"
+ "P2G Audio Decoder" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gaud.ax"
+ "P2G Audio Encoder" "CyberLink Audio Encoder Filter" "Cyberlink Corp." "c:\program files (x86)\cyberlink\power2go\p2gaudenc.ax"
+ "P2G Video Decoder" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gvsd.ax"
+ "P2G Video Regulator" "CyberLink Video Regulator" "CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gresample.ax"
+ "PlayReady DMO Wrapper" "PlayReady DirectShow DMO Wrapper Filter DLL" "Microsoft Corporation" "c:\program files (x86)\playready\prdmowrapper.dll"
+ "RealPlayer Audio Filter" "Audio Filter Plugin" "RealNetworks, Inc." "c:\program files (x86)\real\realplayer\rdsf3260.dll"
+ "RealPlayer Transcode Filter" "Audio Filter Plugin" "RealNetworks, Inc." "c:\program files (x86)\real\realplayer\rdsf3260.dll"
+ "RealPlayer Video Filter" "Audio Filter Plugin" "RealNetworks, Inc." "c:\program files (x86)\real\realplayer\rdsf3260.dll"
+ "Record Queue" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WM VIH2 Fix" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT DV Extract Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" "" "" ""
+ "WLIDCredentialProvider" "Microsoft® Windows Live ID Credential Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "klogon" "Logon Visualizer" "Kaspersky Lab ZAO" "c:\windows\system32\klogon.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files (x86)\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "PDFC" "PDF Complete Print Monitor" "PDF Complete, Inc." "c:\windows\system32\pdfc_port.dll"

#15 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:10 PM

Posted 23 December 2012 - 09:56 PM

Current issues?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users