Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

i AM INFECTED WITH A BITCOIN RPCMINER THAT i CANT GET RID OF IT COMES BACK AFTER REBOOT


  • Please log in to reply
9 replies to this topic

#1 dhc

dhc

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:09:15 PM

Posted 30 October 2012 - 06:56 AM

i AM INFECTED WITH A BITCOIN RPCMINER i HAVE RUN lots of tolls including combofix

Combofix finds it but doesnt remove the root of it

it is only afecting one user as of right now

I run the scan as the adminstrative user but it still comes back

it emanates from two difernt directories in the USers AppData\local\tmp directory

They are rpcm and cgm

it either starts svchost32 or rpcminer.exe

I have curently made these two directories unacesable to any user

I have not found the root program for if I make these acesable then the programs start

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:15 PM

Posted 30 October 2012 - 08:59 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 dhc

dhc
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:09:15 PM

Posted 30 October 2012 - 07:57 PM

I did this all as the Administraor user and I did not reset the directories so they could be viewd

I can do this as a difernt user or change the permisions on the directories or both






13:46:32.0862 5688 TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
13:46:33.0013 5688 ============================================================
13:46:33.0013 5688 Current date / time: 2012/10/30 13:46:33.0013
13:46:33.0013 5688 SystemInfo:
13:46:33.0013 5688
13:46:33.0013 5688 OS Version: 6.1.7601 ServicePack: 1.0
13:46:33.0013 5688 Product type: Workstation
13:46:33.0013 5688 ComputerName: DENIS-HOME-PC
13:46:33.0013 5688 UserName: Administrator
13:46:33.0013 5688 Windows directory: C:\Windows
13:46:33.0013 5688 System windows directory: C:\Windows
13:46:33.0013 5688 Running under WOW64
13:46:33.0013 5688 Processor architecture: Intel x64
13:46:33.0013 5688 Number of processors: 5
13:46:33.0013 5688 Page size: 0x1000
13:46:33.0013 5688 Boot type: Normal boot
13:46:33.0013 5688 ============================================================
13:46:34.0149 5688 Drive \Device\Harddisk2\DR2 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:46:34.0163 5688 Drive \Device\Harddisk0\DR0 - Size: 0x45DD826000 (279.46 Gb), SectorSize: 0x200, Cylinders: 0x8E81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:46:34.0164 5688 Drive \Device\Harddisk1\DR1 - Size: 0x6FD21E000 (27.96 Gb), SectorSize: 0x200, Cylinders: 0xE41, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:46:34.0264 5688 ============================================================
13:46:34.0264 5688 \Device\Harddisk2\DR2:
13:46:34.0275 5688 MBR partitions:
13:46:34.0275 5688 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
13:46:34.0275 5688 \Device\Harddisk0\DR0:
13:46:34.0275 5688 MBR partitions:
13:46:34.0275 5688 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1006896, BlocksNum 0x21EE45EA
13:46:34.0275 5688 \Device\Harddisk1\DR1:
13:46:34.0275 5688 MBR partitions:
13:46:34.0275 5688 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x37E8000
13:46:34.0275 5688 ============================================================
13:46:34.0300 5688 C: <-> \Device\Harddisk2\DR2\Partition1
13:46:34.0326 5688 E: <-> \Device\Harddisk0\DR0\Partition1
13:46:34.0328 5688 G: <-> \Device\Harddisk1\DR1\Partition1
13:46:34.0328 5688 ============================================================
13:46:34.0328 5688 Initialize success
13:46:34.0328 5688 ============================================================
13:46:38.0636 1500 ============================================================
13:46:38.0636 1500 Scan started
13:46:38.0636 1500 Mode: Manual;
13:46:38.0636 1500 ============================================================
13:46:38.0817 1500 ================ Scan system memory ========================
13:46:38.0817 1500 System memory - ok
13:46:38.0817 1500 ================ Scan services =============================
13:46:38.0861 1500 [ 581D88B25C4D4121824FED2CA38E562F ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
13:46:38.0862 1500 !SASCORE - ok
13:46:38.0937 1500 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
13:46:38.0938 1500 1394ohci - ok
13:46:38.0951 1500 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
13:46:38.0953 1500 ACPI - ok
13:46:38.0964 1500 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
13:46:38.0964 1500 AcpiPmi - ok
13:46:39.0030 1500 [ 1474F121C3DF1232D3E7239C03691EE6 ] AdobeActiveFileMonitor9.0 C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
13:46:39.0031 1500 AdobeActiveFileMonitor9.0 - ok
13:46:39.0077 1500 [ 62B7936F9036DD6ED36E6A7EFA805DC0 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
13:46:39.0078 1500 AdobeARMservice - ok
13:46:39.0149 1500 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
13:46:39.0151 1500 AdobeFlashPlayerUpdateSvc - ok
13:46:39.0167 1500 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
13:46:39.0170 1500 adp94xx - ok
13:46:39.0193 1500 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
13:46:39.0195 1500 adpahci - ok
13:46:39.0207 1500 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
13:46:39.0208 1500 adpu320 - ok
13:46:39.0247 1500 [ 18BA414C06B667FA2CB48DC3E27C8F97 ] AdvancedSystemCareService C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCService.exe
13:46:39.0259 1500 AdvancedSystemCareService - ok
13:46:39.0275 1500 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
13:46:39.0276 1500 AeLookupSvc - ok
13:46:39.0316 1500 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
13:46:39.0318 1500 AFD - ok
13:46:39.0329 1500 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
13:46:39.0330 1500 agp440 - ok
13:46:39.0341 1500 AirPrint - ok
13:46:39.0345 1500 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
13:46:39.0345 1500 ALG - ok
13:46:39.0354 1500 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
13:46:39.0355 1500 aliide - ok
13:46:39.0415 1500 ALSysIO - ok
13:46:39.0444 1500 [ A359974EAAC83A435497C52F62A2E590 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
13:46:39.0445 1500 AMD External Events Utility - ok
13:46:39.0454 1500 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
13:46:39.0455 1500 amdide - ok
13:46:39.0469 1500 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
13:46:39.0470 1500 AmdK8 - ok
13:46:39.0614 1500 [ 60216B0E704584DE6D5A9F59E9C34C47 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
13:46:39.0652 1500 amdkmdag - ok
13:46:39.0668 1500 [ 6B4E9261B613B047A9A145F328889968 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
13:46:39.0669 1500 amdkmdap - ok
13:46:39.0676 1500 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
13:46:39.0677 1500 AmdPPM - ok
13:46:39.0703 1500 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
13:46:39.0703 1500 amdsata - ok
13:46:39.0712 1500 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
13:46:39.0713 1500 amdsbs - ok
13:46:39.0726 1500 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
13:46:39.0727 1500 amdxata - ok
13:46:39.0757 1500 [ B934322C68C30DCECA96C0274A51F7B0 ] AODDriver C:\Program Files\ASUS\GPU Boost Driver\amd64\AODDriver.sys
13:46:39.0757 1500 AODDriver - ok
13:46:39.0789 1500 [ DC45AB27932447B598848B10650313C5 ] APC UPS Service C:\Program Files (x86)\APC\APC PowerChute Personal Edition\mainserv.exe
13:46:39.0790 1500 APC UPS Service - ok
13:46:39.0805 1500 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
13:46:39.0806 1500 AppID - ok
13:46:39.0822 1500 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
13:46:39.0822 1500 AppIDSvc - ok
13:46:39.0831 1500 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
13:46:39.0832 1500 Appinfo - ok
13:46:39.0856 1500 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:46:39.0857 1500 Apple Mobile Device - ok
13:46:39.0893 1500 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
13:46:39.0894 1500 AppMgmt - ok
13:46:39.0903 1500 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
13:46:39.0904 1500 arc - ok
13:46:39.0916 1500 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
13:46:39.0917 1500 arcsas - ok
13:46:39.0952 1500 [ F6BDA026E4157DC4E321CA391E9D9BC6 ] AsIO C:\Windows\syswow64\drivers\AsIO.sys
13:46:39.0952 1500 AsIO - ok
13:46:40.0041 1500 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
13:46:40.0042 1500 aspnet_state - ok
13:46:40.0055 1500 [ 8C1FD73CC27EDD8D3344C632571C224C ] AsSysCtrlService C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.05\AsSysCtrlService.exe
13:46:40.0095 1500 AsSysCtrlService - ok
13:46:40.0113 1500 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
13:46:40.0114 1500 AsyncMac - ok
13:46:40.0126 1500 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
13:46:40.0126 1500 atapi - ok
13:46:40.0157 1500 [ 77C149E6D702737B2E372DEE166FAEF8 ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
13:46:40.0158 1500 AtiHdmiService - ok
13:46:40.0169 1500 [ 7C5D273E29DCC5505469B299C6F29163 ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys
13:46:40.0169 1500 AtiPcie - ok
13:46:40.0218 1500 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:46:40.0221 1500 AudioEndpointBuilder - ok
13:46:40.0233 1500 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
13:46:40.0236 1500 AudioSrv - ok
13:46:40.0254 1500 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
13:46:40.0255 1500 AxInstSV - ok
13:46:40.0272 1500 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
13:46:40.0274 1500 b06bdrv - ok
13:46:40.0288 1500 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
13:46:40.0290 1500 b57nd60a - ok
13:46:40.0383 1500 [ F48FEB7DA35821DA15E0B006DCB9A169 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe
13:46:40.0384 1500 BBSvc - ok
13:46:40.0419 1500 [ 8E16F7A85441986FD2B9CE6C879524E4 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe
13:46:40.0420 1500 BBUpdate - ok
13:46:40.0471 1500 [ 7ED4E1D2E124AD4E6A287CF49DBC9BBA ] BCUService C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe
13:46:40.0510 1500 BCUService - ok
13:46:40.0547 1500 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
13:46:40.0548 1500 BDESVC - ok
13:46:40.0560 1500 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
13:46:40.0560 1500 Beep - ok
13:46:40.0592 1500 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
13:46:40.0595 1500 BFE - ok
13:46:40.0640 1500 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
13:46:40.0645 1500 BITS - ok
13:46:40.0662 1500 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
13:46:40.0662 1500 blbdrive - ok
13:46:40.0676 1500 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
13:46:40.0678 1500 Bonjour Service - ok
13:46:40.0700 1500 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
13:46:40.0700 1500 bowser - ok
13:46:40.0713 1500 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
13:46:40.0713 1500 BrFiltLo - ok
13:46:40.0722 1500 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
13:46:40.0722 1500 BrFiltUp - ok
13:46:40.0750 1500 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
13:46:40.0750 1500 BridgeMP - ok
13:46:40.0774 1500 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
13:46:40.0774 1500 Browser - ok
13:46:40.0785 1500 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
13:46:40.0787 1500 Brserid - ok
13:46:40.0800 1500 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
13:46:40.0801 1500 BrSerWdm - ok
13:46:40.0808 1500 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
13:46:40.0808 1500 BrUsbMdm - ok
13:46:40.0811 1500 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
13:46:40.0812 1500 BrUsbSer - ok
13:46:40.0821 1500 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
13:46:40.0822 1500 BTHMODEM - ok
13:46:40.0831 1500 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
13:46:40.0832 1500 bthserv - ok
13:46:40.0847 1500 catchme - ok
13:46:40.0860 1500 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
13:46:40.0860 1500 cdfs - ok
13:46:40.0878 1500 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
13:46:40.0879 1500 cdrom - ok
13:46:40.0886 1500 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
13:46:40.0887 1500 CertPropSvc - ok
13:46:40.0893 1500 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
13:46:40.0894 1500 circlass - ok
13:46:40.0907 1500 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
13:46:40.0909 1500 CLFS - ok
13:46:40.0939 1500 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:46:40.0940 1500 clr_optimization_v2.0.50727_32 - ok
13:46:40.0966 1500 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:46:40.0967 1500 clr_optimization_v2.0.50727_64 - ok
13:46:41.0021 1500 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:46:41.0022 1500 clr_optimization_v4.0.30319_32 - ok
13:46:41.0030 1500 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:46:41.0031 1500 clr_optimization_v4.0.30319_64 - ok
13:46:41.0035 1500 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
13:46:41.0035 1500 CmBatt - ok
13:46:41.0038 1500 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
13:46:41.0039 1500 cmdide - ok
13:46:41.0069 1500 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
13:46:41.0071 1500 CNG - ok
13:46:41.0083 1500 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
13:46:41.0083 1500 Compbatt - ok
13:46:41.0104 1500 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
13:46:41.0104 1500 CompositeBus - ok
13:46:41.0111 1500 COMSysApp - ok
13:46:41.0190 1500 cpuz134 - ok
13:46:41.0203 1500 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
13:46:41.0203 1500 crcdisk - ok
13:46:41.0234 1500 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
13:46:41.0235 1500 CryptSvc - ok
13:46:41.0255 1500 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
13:46:41.0257 1500 CSC - ok
13:46:41.0275 1500 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
13:46:41.0278 1500 CscService - ok
13:46:41.0306 1500 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
13:46:41.0309 1500 DcomLaunch - ok
13:46:41.0338 1500 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
13:46:41.0340 1500 defragsvc - ok
13:46:41.0352 1500 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
13:46:41.0353 1500 DfsC - ok
13:46:41.0376 1500 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
13:46:41.0378 1500 Dhcp - ok
13:46:41.0385 1500 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
13:46:41.0386 1500 discache - ok
13:46:41.0396 1500 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
13:46:41.0396 1500 Disk - ok
13:46:41.0417 1500 [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
13:46:41.0418 1500 dmvsc - ok
13:46:41.0439 1500 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
13:46:41.0440 1500 Dnscache - ok
13:46:41.0455 1500 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
13:46:41.0457 1500 dot3svc - ok
13:46:41.0471 1500 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
13:46:41.0472 1500 DPS - ok
13:46:41.0493 1500 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
13:46:41.0493 1500 drmkaud - ok
13:46:41.0517 1500 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
13:46:41.0521 1500 DXGKrnl - ok
13:46:41.0529 1500 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
13:46:41.0530 1500 EapHost - ok
13:46:41.0750 1500 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
13:46:41.0764 1500 ebdrv - ok
13:46:41.0785 1500 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
13:46:41.0786 1500 EFS - ok
13:46:41.0835 1500 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
13:46:41.0838 1500 ehRecvr - ok
13:46:41.0842 1500 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
13:46:41.0843 1500 ehSched - ok
13:46:41.0857 1500 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
13:46:41.0859 1500 elxstor - ok
13:46:41.0872 1500 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
13:46:41.0873 1500 ErrDev - ok
13:46:41.0895 1500 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
13:46:41.0896 1500 EventSystem - ok
13:46:41.0907 1500 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
13:46:41.0908 1500 exfat - ok
13:46:41.0917 1500 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
13:46:41.0918 1500 fastfat - ok
13:46:41.0957 1500 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
13:46:41.0960 1500 Fax - ok
13:46:41.0966 1500 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
13:46:41.0966 1500 fdc - ok
13:46:41.0970 1500 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
13:46:41.0971 1500 fdPHost - ok
13:46:41.0982 1500 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
13:46:41.0983 1500 FDResPub - ok
13:46:41.0991 1500 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
13:46:41.0992 1500 FileInfo - ok
13:46:41.0997 1500 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
13:46:41.0997 1500 Filetrace - ok
13:46:42.0007 1500 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
13:46:42.0008 1500 flpydisk - ok
13:46:42.0016 1500 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
13:46:42.0018 1500 FltMgr - ok
13:46:42.0052 1500 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
13:46:42.0057 1500 FontCache - ok
13:46:42.0072 1500 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:46:42.0073 1500 FontCache3.0.0.0 - ok
13:46:42.0083 1500 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
13:46:42.0083 1500 FsDepends - ok
13:46:42.0104 1500 [ 07DA62C960DDCCC2D35836AEAB4FC578 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
13:46:42.0104 1500 fssfltr - ok
13:46:42.0155 1500 [ 28DDEEEC44E988657B732CF404D504CB ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
13:46:42.0161 1500 fsssvc - ok
13:46:42.0181 1500 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
13:46:42.0182 1500 Fs_Rec - ok
13:46:42.0201 1500 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
13:46:42.0202 1500 fvevol - ok
13:46:42.0209 1500 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
13:46:42.0210 1500 gagp30kx - ok
13:46:42.0231 1500 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
13:46:42.0231 1500 GEARAspiWDM - ok
13:46:42.0255 1500 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
13:46:42.0259 1500 gpsvc - ok
13:46:42.0279 1500 [ 2ED7FF3E1ADA4092632393781518B3A7 ] grmnusb C:\Windows\system32\drivers\grmnusb.sys
13:46:42.0280 1500 grmnusb - ok
13:46:42.0318 1500 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:46:42.0319 1500 gupdate - ok
13:46:42.0335 1500 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:46:42.0336 1500 gupdatem - ok
13:46:42.0342 1500 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
13:46:42.0343 1500 gusvc - ok
13:46:42.0352 1500 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
13:46:42.0352 1500 hcw85cir - ok
13:46:42.0381 1500 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:46:42.0383 1500 HdAudAddService - ok
13:46:42.0400 1500 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
13:46:42.0401 1500 HDAudBus - ok
13:46:42.0410 1500 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
13:46:42.0411 1500 HidBatt - ok
13:46:42.0424 1500 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
13:46:42.0425 1500 HidBth - ok
13:46:42.0431 1500 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
13:46:42.0432 1500 HidIr - ok
13:46:42.0442 1500 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
13:46:42.0443 1500 hidserv - ok
13:46:42.0455 1500 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
13:46:42.0455 1500 HidUsb - ok
13:46:42.0478 1500 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
13:46:42.0479 1500 hkmsvc - ok
13:46:42.0492 1500 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
13:46:42.0494 1500 HomeGroupListener - ok
13:46:42.0507 1500 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
13:46:42.0509 1500 HomeGroupProvider - ok
13:46:42.0515 1500 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
13:46:42.0516 1500 HpSAMD - ok
13:46:42.0547 1500 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
13:46:42.0550 1500 HTTP - ok
13:46:42.0564 1500 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
13:46:42.0564 1500 hwpolicy - ok
13:46:42.0578 1500 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
13:46:42.0579 1500 i8042prt - ok
13:46:42.0609 1500 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
13:46:42.0611 1500 iaStorV - ok
13:46:42.0648 1500 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:46:42.0652 1500 idsvc - ok
13:46:42.0660 1500 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
13:46:42.0660 1500 iirsp - ok
13:46:42.0680 1500 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
13:46:42.0685 1500 IKEEXT - ok
13:46:42.0742 1500 [ A3BCBD0F710580A07D1B929D787D36CE ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
13:46:42.0751 1500 IntcAzAudAddService - ok
13:46:42.0761 1500 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
13:46:42.0761 1500 intelide - ok
13:46:42.0776 1500 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\drivers\intelppm.sys
13:46:42.0776 1500 intelppm - ok
13:46:42.0799 1500 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
13:46:42.0800 1500 IPBusEnum - ok
13:46:42.0815 1500 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:46:42.0816 1500 IpFilterDriver - ok
13:46:42.0830 1500 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
13:46:42.0833 1500 iphlpsvc - ok
13:46:42.0840 1500 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
13:46:42.0840 1500 IPMIDRV - ok
13:46:42.0855 1500 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
13:46:42.0856 1500 IPNAT - ok
13:46:42.0898 1500 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
13:46:42.0901 1500 iPod Service - ok
13:46:42.0913 1500 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
13:46:42.0914 1500 IRENUM - ok
13:46:42.0917 1500 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
13:46:42.0917 1500 isapnp - ok
13:46:42.0928 1500 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
13:46:42.0929 1500 iScsiPrt - ok
13:46:42.0949 1500 [ 4A8A242FDA43765F4F73ECDE2BA0D62A ] JRAID C:\Windows\system32\DRIVERS\jraid.sys
13:46:42.0950 1500 JRAID - ok
13:46:42.0967 1500 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
13:46:42.0967 1500 kbdclass - ok
13:46:42.0987 1500 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
13:46:42.0987 1500 kbdhid - ok
13:46:42.0993 1500 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
13:46:42.0994 1500 KeyIso - ok
13:46:43.0015 1500 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
13:46:43.0016 1500 KSecDD - ok
13:46:43.0032 1500 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
13:46:43.0033 1500 KSecPkg - ok
13:46:43.0040 1500 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
13:46:43.0041 1500 ksthunk - ok
13:46:43.0069 1500 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
13:46:43.0071 1500 KtmRm - ok
13:46:43.0087 1500 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
13:46:43.0089 1500 LanmanServer - ok
13:46:43.0100 1500 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:46:43.0102 1500 LanmanWorkstation - ok
13:46:43.0119 1500 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
13:46:43.0119 1500 lltdio - ok
13:46:43.0144 1500 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
13:46:43.0146 1500 lltdsvc - ok
13:46:43.0156 1500 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
13:46:43.0156 1500 lmhosts - ok
13:46:43.0166 1500 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
13:46:43.0167 1500 LSI_FC - ok
13:46:43.0180 1500 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
13:46:43.0180 1500 LSI_SAS - ok
13:46:43.0194 1500 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
13:46:43.0194 1500 LSI_SAS2 - ok
13:46:43.0206 1500 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
13:46:43.0207 1500 LSI_SCSI - ok
13:46:43.0216 1500 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
13:46:43.0216 1500 luafv - ok
13:46:43.0244 1500 [ 0C85B2B6FB74B36A251792D45E0EF860 ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys
13:46:43.0246 1500 LVRS64 - ok
13:46:43.0337 1500 [ FF3A488924B0032B1A9CA6948C1FA9E8 ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys
13:46:43.0358 1500 LVUVC64 - ok
13:46:43.0377 1500 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
13:46:43.0379 1500 Mcx2Svc - ok
13:46:43.0387 1500 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
13:46:43.0388 1500 megasas - ok
13:46:43.0399 1500 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
13:46:43.0400 1500 MegaSR - ok
13:46:43.0419 1500 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
13:46:43.0420 1500 MMCSS - ok
13:46:43.0423 1500 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
13:46:43.0424 1500 Modem - ok
13:46:43.0437 1500 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
13:46:43.0438 1500 monitor - ok
13:46:43.0456 1500 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
13:46:43.0456 1500 mouclass - ok
13:46:43.0468 1500 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
13:46:43.0469 1500 mouhid - ok
13:46:43.0479 1500 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
13:46:43.0480 1500 mountmgr - ok
13:46:43.0513 1500 [ 05BF204EC0E82CC4A054DB189C8A3D84 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
13:46:43.0514 1500 MpFilter - ok
13:46:43.0533 1500 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
13:46:43.0534 1500 mpio - ok
13:46:43.0551 1500 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
13:46:43.0551 1500 mpsdrv - ok
13:46:43.0576 1500 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
13:46:43.0580 1500 MpsSvc - ok
13:46:43.0591 1500 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
13:46:43.0592 1500 MRxDAV - ok
13:46:43.0608 1500 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
13:46:43.0609 1500 mrxsmb - ok
13:46:43.0622 1500 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:46:43.0623 1500 mrxsmb10 - ok
13:46:43.0627 1500 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:46:43.0628 1500 mrxsmb20 - ok
13:46:43.0639 1500 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
13:46:43.0640 1500 msahci - ok
13:46:43.0653 1500 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
13:46:43.0654 1500 msdsm - ok
13:46:43.0666 1500 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
13:46:43.0668 1500 MSDTC - ok
13:46:43.0674 1500 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
13:46:43.0674 1500 Msfs - ok
13:46:43.0681 1500 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
13:46:43.0682 1500 mshidkmdf - ok
13:46:43.0688 1500 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
13:46:43.0689 1500 msisadrv - ok
13:46:43.0706 1500 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
13:46:43.0708 1500 MSiSCSI - ok
13:46:43.0711 1500 msiserver - ok
13:46:43.0727 1500 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
13:46:43.0727 1500 MSKSSRV - ok
13:46:43.0759 1500 [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
13:46:43.0759 1500 MsMpSvc - ok
13:46:43.0763 1500 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
13:46:43.0763 1500 MSPCLOCK - ok
13:46:43.0766 1500 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
13:46:43.0767 1500 MSPQM - ok
13:46:43.0782 1500 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
13:46:43.0784 1500 MsRPC - ok
13:46:43.0789 1500 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
13:46:43.0790 1500 mssmbios - ok
13:46:43.0803 1500 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
13:46:43.0803 1500 MSTEE - ok
13:46:43.0819 1500 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
13:46:43.0819 1500 MTConfig - ok
13:46:43.0841 1500 [ 19B006B181E3875FD254F7B67ACF1E7C ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
13:46:43.0842 1500 MTsensor - ok
13:46:43.0851 1500 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
13:46:43.0852 1500 Mup - ok
13:46:43.0876 1500 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
13:46:43.0879 1500 napagent - ok
13:46:43.0896 1500 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
13:46:43.0897 1500 NativeWifiP - ok
13:46:43.0926 1500 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
13:46:43.0930 1500 NDIS - ok
13:46:43.0940 1500 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
13:46:43.0940 1500 NdisCap - ok
13:46:43.0959 1500 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
13:46:43.0959 1500 NdisTapi - ok
13:46:43.0972 1500 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
13:46:43.0972 1500 Ndisuio - ok
13:46:43.0984 1500 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
13:46:43.0985 1500 NdisWan - ok
13:46:44.0004 1500 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
13:46:44.0005 1500 NDProxy - ok
13:46:44.0014 1500 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
13:46:44.0015 1500 NetBIOS - ok
13:46:44.0027 1500 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
13:46:44.0029 1500 NetBT - ok
13:46:44.0035 1500 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
13:46:44.0035 1500 Netlogon - ok
13:46:44.0062 1500 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
13:46:44.0064 1500 Netman - ok
13:46:44.0108 1500 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:46:44.0109 1500 NetMsmqActivator - ok
13:46:44.0115 1500 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:46:44.0116 1500 NetPipeActivator - ok
13:46:44.0134 1500 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
13:46:44.0137 1500 netprofm - ok
13:46:44.0147 1500 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:46:44.0148 1500 NetTcpActivator - ok
13:46:44.0151 1500 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:46:44.0152 1500 NetTcpPortSharing - ok
13:46:44.0164 1500 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
13:46:44.0164 1500 nfrd960 - ok
13:46:44.0179 1500 [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
13:46:44.0180 1500 NisDrv - ok
13:46:44.0194 1500 [ 79E80B10FE8F6662E0C9162A68C43444 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
13:46:44.0196 1500 NisSrv - ok
13:46:44.0216 1500 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
13:46:44.0218 1500 NlaSvc - ok
13:46:44.0226 1500 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
13:46:44.0226 1500 Npfs - ok
13:46:44.0238 1500 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
13:46:44.0239 1500 nsi - ok
13:46:44.0250 1500 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
13:46:44.0251 1500 nsiproxy - ok
13:46:44.0294 1500 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
13:46:44.0301 1500 Ntfs - ok
13:46:44.0314 1500 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
13:46:44.0315 1500 Null - ok
13:46:44.0342 1500 [ 285ACEC1B13A15BA520AAE06BACB9CFF ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
13:46:44.0343 1500 nusb3hub - ok
13:46:44.0356 1500 [ F6D625FF7B56BB6EA063F0D3A5BBC996 ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
13:46:44.0357 1500 nusb3xhc - ok
13:46:44.0377 1500 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
13:46:44.0378 1500 nvraid - ok
13:46:44.0395 1500 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
13:46:44.0396 1500 nvstor - ok
13:46:44.0408 1500 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
13:46:44.0409 1500 nv_agp - ok
13:46:44.0420 1500 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
13:46:44.0420 1500 ohci1394 - ok
13:46:44.0468 1500 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:46:44.0469 1500 ose - ok
13:46:44.0561 1500 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
13:46:44.0628 1500 osppsvc - ok
13:46:44.0657 1500 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
13:46:44.0659 1500 p2pimsvc - ok
13:46:44.0674 1500 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
13:46:44.0677 1500 p2psvc - ok
13:46:44.0685 1500 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
13:46:44.0686 1500 Parport - ok
13:46:44.0695 1500 Partizan - ok
13:46:44.0714 1500 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
13:46:44.0714 1500 partmgr - ok
13:46:44.0730 1500 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
13:46:44.0732 1500 PcaSvc - ok
13:46:44.0741 1500 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
13:46:44.0742 1500 pci - ok
13:46:44.0750 1500 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
13:46:44.0751 1500 pciide - ok
13:46:44.0766 1500 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
13:46:44.0767 1500 pcmcia - ok
13:46:44.0772 1500 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
13:46:44.0773 1500 pcw - ok
13:46:44.0795 1500 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
13:46:44.0798 1500 PEAUTH - ok
13:46:44.0830 1500 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
13:46:44.0836 1500 PeerDistSvc - ok
13:46:44.0881 1500 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
13:46:44.0882 1500 PerfHost - ok
13:46:44.0912 1500 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
13:46:44.0919 1500 pla - ok
13:46:44.0944 1500 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
13:46:44.0946 1500 PlugPlay - ok
13:46:44.0955 1500 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
13:46:44.0956 1500 PNRPAutoReg - ok
13:46:44.0963 1500 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
13:46:44.0965 1500 PNRPsvc - ok
13:46:44.0990 1500 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
13:46:44.0993 1500 PolicyAgent - ok
13:46:45.0008 1500 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
13:46:45.0010 1500 Power - ok
13:46:45.0028 1500 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
13:46:45.0029 1500 PptpMiniport - ok
13:46:45.0041 1500 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
13:46:45.0042 1500 Processor - ok
13:46:45.0056 1500 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
13:46:45.0058 1500 ProfSvc - ok
13:46:45.0068 1500 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
13:46:45.0069 1500 ProtectedStorage - ok
13:46:45.0089 1500 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
13:46:45.0090 1500 Psched - ok
13:46:45.0126 1500 [ 8BADA2218E88D3F125E1AAD4DFC04930 ] PSMounterEx C:\Windows\system32\drivers\psmounterex.sys
13:46:45.0137 1500 PSMounterEx - ok
13:46:45.0147 1500 [ B542BC04D16F78FCB9DFF9B6BAEC7C06 ] PSVolAcc C:\Windows\system32\drivers\PSVolAcc.sys
13:46:45.0153 1500 PSVolAcc - ok
13:46:45.0173 1500 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
13:46:45.0174 1500 PxHlpa64 - ok
13:46:45.0208 1500 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
13:46:45.0214 1500 ql2300 - ok
13:46:45.0227 1500 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
13:46:45.0228 1500 ql40xx - ok
13:46:45.0240 1500 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
13:46:45.0242 1500 QWAVE - ok
13:46:45.0254 1500 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
13:46:45.0255 1500 QWAVEdrv - ok
13:46:45.0263 1500 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
13:46:45.0263 1500 RasAcd - ok
13:46:45.0275 1500 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
13:46:45.0276 1500 RasAgileVpn - ok
13:46:45.0284 1500 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
13:46:45.0286 1500 RasAuto - ok
13:46:45.0290 1500 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
13:46:45.0291 1500 Rasl2tp - ok
13:46:45.0309 1500 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
13:46:45.0311 1500 RasMan - ok
13:46:45.0324 1500 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
13:46:45.0325 1500 RasPppoe - ok
13:46:45.0337 1500 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
13:46:45.0338 1500 RasSstp - ok
13:46:45.0355 1500 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
13:46:45.0356 1500 rdbss - ok
13:46:45.0367 1500 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
13:46:45.0367 1500 rdpbus - ok
13:46:45.0374 1500 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
13:46:45.0374 1500 RDPCDD - ok
13:46:45.0392 1500 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
13:46:45.0393 1500 RDPDR - ok
13:46:45.0408 1500 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
13:46:45.0408 1500 RDPENCDD - ok
13:46:45.0413 1500 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
13:46:45.0413 1500 RDPREFMP - ok
13:46:45.0444 1500 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
13:46:45.0445 1500 RDPWD - ok
13:46:45.0457 1500 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
13:46:45.0458 1500 rdyboost - ok
13:46:45.0497 1500 [ 6B81926B784559ED1DA6238E160757EB ] ReflectService.exe C:\Program Files\Macrium\Reflect\ReflectService.exe
13:46:45.0534 1500 ReflectService.exe - ok
13:46:45.0561 1500 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
13:46:45.0562 1500 RemoteAccess - ok
13:46:45.0577 1500 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
13:46:45.0578 1500 RemoteRegistry - ok
13:46:45.0608 1500 [ 06A49B7BDC36CFBF97DD90804F833369 ] RichVideo C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe
13:46:45.0610 1500 RichVideo - ok
13:46:45.0621 1500 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
13:46:45.0622 1500 RpcEptMapper - ok
13:46:45.0637 1500 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
13:46:45.0638 1500 RpcLocator - ok
13:46:45.0656 1500 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
13:46:45.0659 1500 RpcSs - ok
13:46:45.0663 1500 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
13:46:45.0663 1500 rspndr - ok
13:46:45.0692 1500 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
13:46:45.0695 1500 RTL8167 - ok
13:46:45.0719 1500 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
13:46:45.0720 1500 s3cap - ok
13:46:45.0734 1500 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
13:46:45.0735 1500 SamSs - ok
13:46:45.0761 1500 [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
13:46:45.0761 1500 SASDIFSV - ok
13:46:45.0776 1500 [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
13:46:45.0777 1500 SASKUTIL - ok
13:46:45.0792 1500 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
13:46:45.0793 1500 sbp2port - ok
13:46:45.0809 1500 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
13:46:45.0811 1500 SCardSvr - ok
13:46:45.0822 1500 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
13:46:45.0822 1500 scfilter - ok
13:46:45.0845 1500 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
13:46:45.0850 1500 Schedule - ok
13:46:45.0869 1500 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
13:46:45.0870 1500 SCPolicySvc - ok
13:46:45.0878 1500 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
13:46:45.0880 1500 SDRSVC - ok
13:46:45.0919 1500 [ 16B44D246835EAC156F8DAF0AA4F530C ] SeagateDashboardService C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe
13:46:45.0919 1500 SeagateDashboardService - ok
13:46:45.0938 1500 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
13:46:45.0938 1500 secdrv - ok
13:46:45.0946 1500 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
13:46:45.0947 1500 seclogon - ok
13:46:45.0951 1500 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
13:46:45.0952 1500 SENS - ok
13:46:45.0964 1500 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
13:46:45.0965 1500 SensrSvc - ok
13:46:45.0977 1500 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
13:46:45.0978 1500 Serenum - ok
13:46:45.0988 1500 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
13:46:45.0988 1500 Serial - ok
13:46:46.0024 1500 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
13:46:46.0025 1500 sermouse - ok
13:46:46.0041 1500 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
13:46:46.0042 1500 SessionEnv - ok
13:46:46.0049 1500 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
13:46:46.0050 1500 sffdisk - ok
13:46:46.0060 1500 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
13:46:46.0060 1500 sffp_mmc - ok
13:46:46.0068 1500 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
13:46:46.0068 1500 sffp_sd - ok
13:46:46.0081 1500 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
13:46:46.0081 1500 sfloppy - ok
13:46:46.0104 1500 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
13:46:46.0106 1500 SharedAccess - ok
13:46:46.0144 1500 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:46:46.0147 1500 ShellHWDetection - ok
13:46:46.0168 1500 [ 68BA8F870E3E37646138497950FFA6A1 ] Si3132r5 C:\Windows\system32\DRIVERS\Si3132r5.sys
13:46:46.0170 1500 Si3132r5 - ok
13:46:46.0192 1500 [ 0DD2045A3C42CE78ED6DBF1EA2A61ECE ] SiFilter C:\Windows\system32\DRIVERS\SiWinAcc.sys
13:46:46.0192 1500 SiFilter - ok
13:46:46.0203 1500 [ 1E541838BA90611C9A5C2D7D53DB3EDD ] SiRemFil C:\Windows\system32\DRIVERS\SiRemFil.sys
13:46:46.0203 1500 SiRemFil - ok
13:46:46.0210 1500 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
13:46:46.0211 1500 SiSRaid2 - ok
13:46:46.0225 1500 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
13:46:46.0225 1500 SiSRaid4 - ok
13:46:46.0253 1500 [ 94CE7845AF6A2065B829E0126CD56236 ] SmartDefragDriver C:\Windows\system32\Drivers\SmartDefragDriver.sys
13:46:46.0253 1500 SmartDefragDriver - ok
13:46:46.0272 1500 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
13:46:46.0273 1500 Smb - ok
13:46:46.0287 1500 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
13:46:46.0288 1500 SNMPTRAP - ok
13:46:46.0297 1500 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
13:46:46.0297 1500 spldr - ok
13:46:46.0332 1500 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
13:46:46.0335 1500 Spooler - ok
13:46:46.0413 1500 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
13:46:46.0428 1500 sppsvc - ok
13:46:46.0442 1500 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
13:46:46.0443 1500 sppuinotify - ok
13:46:46.0473 1500 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
13:46:46.0475 1500 srv - ok
13:46:46.0487 1500 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
13:46:46.0489 1500 srv2 - ok
13:46:46.0496 1500 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
13:46:46.0497 1500 srvnet - ok
13:46:46.0519 1500 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
13:46:46.0521 1500 SSDPSRV - ok
13:46:46.0530 1500 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
13:46:46.0531 1500 SstpSvc - ok
13:46:46.0542 1500 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
13:46:46.0542 1500 stexstor - ok
13:46:46.0574 1500 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
13:46:46.0578 1500 stisvc - ok
13:46:46.0587 1500 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
13:46:46.0588 1500 storflt - ok
13:46:46.0605 1500 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
13:46:46.0606 1500 StorSvc - ok
13:46:46.0621 1500 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
13:46:46.0621 1500 storvsc - ok
13:46:46.0636 1500 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
13:46:46.0636 1500 swenum - ok
13:46:46.0648 1500 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
13:46:46.0652 1500 swprv - ok
13:46:46.0685 1500 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
13:46:46.0693 1500 SysMain - ok
13:46:46.0702 1500 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:46:46.0704 1500 TabletInputService - ok
13:46:46.0717 1500 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
13:46:46.0719 1500 TapiSrv - ok
13:46:46.0730 1500 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
13:46:46.0731 1500 TBS - ok
13:46:46.0815 1500 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
13:46:46.0823 1500 Tcpip - ok
13:46:46.0961 1500 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
13:46:46.0969 1500 TCPIP6 - ok
13:46:46.0979 1500 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
13:46:46.0979 1500 tcpipreg - ok
13:46:46.0992 1500 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
13:46:46.0993 1500 TDPIPE - ok
13:46:47.0012 1500 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
13:46:47.0012 1500 TDTCP - ok
13:46:47.0021 1500 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
13:46:47.0022 1500 tdx - ok
13:46:47.0113 1500 [ 9C1F776825207C203CB44CA3C63B5A6E ] TeamViewer7 C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
13:46:47.0124 1500 TeamViewer7 - ok
13:46:47.0135 1500 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
13:46:47.0136 1500 TermDD - ok
13:46:47.0158 1500 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
13:46:47.0162 1500 TermService - ok
13:46:47.0173 1500 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
13:46:47.0174 1500 Themes - ok
13:46:47.0202 1500 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
13:46:47.0203 1500 THREADORDER - ok
13:46:47.0233 1500 [ 519CB7D7F697F4BA47DE05845C20F158 ] TlntSvr C:\Windows\System32\tlntsvr.exe
13:46:47.0235 1500 TlntSvr - ok
13:46:47.0243 1500 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
13:46:47.0244 1500 TrkWks - ok
13:46:47.0272 1500 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:46:47.0273 1500 TrustedInstaller - ok
13:46:47.0285 1500 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
13:46:47.0285 1500 tssecsrv - ok
13:46:47.0296 1500 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
13:46:47.0297 1500 TsUsbFlt - ok
13:46:47.0306 1500 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
13:46:47.0307 1500 TsUsbGD - ok
13:46:47.0330 1500 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
13:46:47.0331 1500 tunnel - ok
13:46:47.0339 1500 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
13:46:47.0340 1500 uagp35 - ok
13:46:47.0360 1500 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
13:46:47.0362 1500 udfs - ok
13:46:47.0372 1500 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
13:46:47.0374 1500 UI0Detect - ok
13:46:47.0389 1500 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
13:46:47.0389 1500 uliagpkx - ok
13:46:47.0403 1500 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
13:46:47.0404 1500 umbus - ok
13:46:47.0413 1500 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
13:46:47.0413 1500 UmPass - ok
13:46:47.0428 1500 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
13:46:47.0430 1500 UmRdpService - ok
13:46:47.0473 1500 [ 67A95B9D129ED5399E7965CD09CF30E7 ] UMVPFSrv C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
13:46:47.0475 1500 UMVPFSrv - ok
13:46:47.0490 1500 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
13:46:47.0493 1500 upnphost - ok
13:46:47.0514 1500 [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
13:46:47.0515 1500 USBAAPL64 - ok
13:46:47.0535 1500 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
13:46:47.0536 1500 usbaudio - ok
13:46:47.0547 1500 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
13:46:47.0547 1500 usbccgp - ok
13:46:47.0566 1500 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
13:46:47.0567 1500 usbcir - ok
13:46:47.0576 1500 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
13:46:47.0576 1500 usbehci - ok
13:46:47.0599 1500 [ 2C780746DC44A28FE67004DC58173F05 ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys
13:46:47.0599 1500 usbfilter - ok
13:46:47.0619 1500 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
13:46:47.0621 1500 usbhub - ok
13:46:47.0630 1500 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
13:46:47.0630 1500 usbohci - ok
13:46:47.0640 1500 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
13:46:47.0640 1500 usbprint - ok
13:46:47.0648 1500 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:46:47.0648 1500 USBSTOR - ok
13:46:47.0657 1500 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
13:46:47.0657 1500 usbuhci - ok
13:46:47.0701 1500 [ 9E20BD6A75E0BD4A62A85D1D37EDE5DD ] USTSScheduler C:\Program Files (x86)\USTechSupport\SchedulerService\SchedulerService.exe
13:46:47.0816 1500 USTSScheduler - ok
13:46:47.0827 1500 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
13:46:47.0828 1500 UxSms - ok
13:46:47.0834 1500 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
13:46:47.0835 1500 VaultSvc - ok
13:46:47.0841 1500 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
13:46:47.0842 1500 vdrvroot - ok
13:46:47.0855 1500 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
13:46:47.0859 1500 vds - ok
13:46:47.0872 1500 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
13:46:47.0873 1500 vga - ok
13:46:47.0879 1500 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
13:46:47.0880 1500 VgaSave - ok
13:46:47.0897 1500 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
13:46:47.0898 1500 vhdmp - ok
13:46:47.0912 1500 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
13:46:47.0913 1500 viaide - ok
13:46:47.0932 1500 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
13:46:47.0933 1500 vmbus - ok
13:46:47.0944 1500 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
13:46:47.0945 1500 VMBusHID - ok
13:46:47.0957 1500 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
13:46:47.0957 1500 volmgr - ok
13:46:47.0972 1500 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
13:46:47.0974 1500 volmgrx - ok
13:46:47.0985 1500 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
13:46:47.0986 1500 volsnap - ok
13:46:48.0010 1500 [ B4A73CA4EF9A02B9738CEA9AD5FE5917 ] vpcbus C:\Windows\system32\DRIVERS\vpchbus.sys
13:46:48.0011 1500 vpcbus - ok
13:46:48.0027 1500 [ E675FB2B48C54F09895482E2253B289C ] vpcnfltr C:\Windows\system32\DRIVERS\vpcnfltr.sys
13:46:48.0028 1500 vpcnfltr - ok
13:46:48.0040 1500 [ 5FB42082B0D19A0268705F1DD343DF20 ] vpcusb C:\Windows\system32\DRIVERS\vpcusb.sys
13:46:48.0041 1500 vpcusb - ok
13:46:48.0062 1500 [ 207B6539799CC1C112661A9B620DD233 ] vpcvmm C:\Windows\system32\drivers\vpcvmm.sys
13:46:48.0064 1500 vpcvmm - ok
13:46:48.0077 1500 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
13:46:48.0078 1500 vsmraid - ok
13:46:48.0109 1500 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
13:46:48.0117 1500 VSS - ok
13:46:48.0124 1500 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
13:46:48.0125 1500 vwifibus - ok
13:46:48.0140 1500 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
13:46:48.0143 1500 W32Time - ok
13:46:48.0156 1500 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
13:46:48.0156 1500 WacomPen - ok
13:46:48.0173 1500 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
13:46:48.0174 1500 WANARP - ok
13:46:48.0177 1500 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
13:46:48.0177 1500 Wanarpv6 - ok
13:46:48.0228 1500 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
13:46:48.0233 1500 WatAdminSvc - ok
13:46:48.0266 1500 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
13:46:48.0273 1500 wbengine - ok
13:46:48.0282 1500 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
13:46:48.0284 1500 WbioSrvc - ok
13:46:48.0298 1500 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
13:46:48.0300 1500 wcncsvc - ok
13:46:48.0314 1500 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:46:48.0315 1500 WcsPlugInService - ok
13:46:48.0322 1500 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
13:46:48.0323 1500 Wd - ok
13:46:48.0344 1500 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
13:46:48.0347 1500 Wdf01000 - ok
13:46:48.0351 1500 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
13:46:48.0353 1500 WdiServiceHost - ok
13:46:48.0356 1500 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
13:46:48.0358 1500 WdiSystemHost - ok
13:46:48.0379 1500 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
13:46:48.0381 1500 WebClient - ok
13:46:48.0400 1500 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
13:46:48.0402 1500 Wecsvc - ok
13:46:48.0408 1500 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
13:46:48.0410 1500 wercplsupport - ok
13:46:48.0425 1500 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
13:46:48.0427 1500 WerSvc - ok
13:46:48.0435 1500 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
13:46:48.0435 1500 WfpLwf - ok
13:46:48.0442 1500 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
13:46:48.0442 1500 WIMMount - ok
13:46:48.0452 1500 WinDefend - ok
13:46:48.0457 1500 WinHttpAutoProxySvc - ok
13:46:48.0493 1500 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
13:46:48.0495 1500 Winmgmt - ok
13:46:48.0524 1500 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
13:46:48.0534 1500 WinRM - ok
13:46:48.0580 1500 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
13:46:48.0581 1500 WinUsb - ok
13:46:48.0606 1500 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
13:46:48.0610 1500 Wlansvc - ok
13:46:48.0647 1500 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
13:46:48.0648 1500 wlcrasvc - ok
13:46:48.0709 1500 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
13:46:48.0719 1500 wlidsvc - ok
13:46:48.0729 1500 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
13:46:48.0729 1500 WmiAcpi - ok
13:46:48.0757 1500 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
13:46:48.0759 1500 wmiApSrv - ok
13:46:48.0764 1500 WMPNetworkSvc - ok
13:46:48.0779 1500 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
13:46:48.0780 1500 WPCSvc - ok
13:46:48.0790 1500 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
13:46:48.0792 1500 WPDBusEnum - ok
13:46:48.0799 1500 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
13:46:48.0800 1500 ws2ifsl - ok
13:46:48.0811 1500 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
13:46:48.0813 1500 wscsvc - ok
13:46:48.0816 1500 WSearch - ok
13:46:48.0871 1500 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
13:46:48.0883 1500 wuauserv - ok
13:46:48.0892 1500 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
13:46:48.0893 1500 WudfPf - ok
13:46:48.0911 1500 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
13:46:48.0912 1500 WUDFRd - ok
13:46:48.0923 1500 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
13:46:48.0924 1500 wudfsvc - ok
13:46:48.0944 1500 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
13:46:48.0946 1500 WwanSvc - ok
13:46:48.0958 1500 ================ Scan global ===============================
13:46:48.0973 1500 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
13:46:48.0997 1500 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
13:46:49.0003 1500 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
13:46:49.0009 1500 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
13:46:49.0025 1500 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
13:46:49.0028 1500 [Global] - ok
13:46:49.0028 1500 ================ Scan MBR ==================================
13:46:49.0048 1500 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
13:46:49.0211 1500 \Device\Harddisk2\DR2 - ok
13:46:49.0240 1500 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
13:46:49.0376 1500 \Device\Harddisk0\DR0 - ok
13:46:49.0379 1500 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
13:46:49.0382 1500 \Device\Harddisk1\DR1 - ok
13:46:49.0382 1500 ================ Scan VBR ==================================
13:46:49.0384 1500 [ 6CE6B3C23B447B71C5F19A7A9232DF49 ] \Device\Harddisk2\DR2\Partition1
13:46:49.0385 1500 \Device\Harddisk2\DR2\Partition1 - ok
13:46:49.0387 1500 [ 7D7C341C70FC13E58968C56B21A40339 ] \Device\Harddisk0\DR0\Partition1
13:46:49.0389 1500 \Device\Harddisk0\DR0\Partition1 - ok
13:46:49.0391 1500 [ 030E1E09AB77AA9276E6F783BEAE5B11 ] \Device\Harddisk1\DR1\Partition1
13:46:49.0392 1500 \Device\Harddisk1\DR1\Partition1 - ok
13:46:49.0393 1500 ============================================================
13:46:49.0393 1500 Scan finished
13:46:49.0393 1500 ============================================================
13:46:49.0401 1620 Detected object count: 0
13:46:49.0401 1620 Actual detected object count: 0
13:47:17.0086 2396 Deinitialize success








aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-10-30 13:51:16
-----------------------------
13:51:16.099 OS Version: Windows x64 6.1.7601 Service Pack 1
13:51:16.099 Number of processors: 5 586 0xA00
13:51:16.100 ComputerName: DENIS-HOME-PC UserName: Administrator
13:51:17.927 Initialize success
13:51:58.260 AVAST engine defs: 12103000
13:54:03.060 Disk 0 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-3
13:54:03.062 Disk 0 Vendor: ST3300831AS 3.03 Size: 286168MB BusType: 3
13:54:03.063 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP2T1L0-4
13:54:03.064 Disk 1 Vendor: KINGSTON_SSDNOW_30GB AJXA0202 Size: 28626MB BusType: 3
13:54:03.066 Disk 2 (boot) \Device\Harddisk2\DR2 -> \Device\Ide\IdeDeviceP0T0L0-0
13:54:03.068 Disk 2 Vendor: External_Disk_0 RGL10403 Size: 953869MB BusType: 3
13:54:03.081 Disk 2 MBR read successfully
13:54:03.083 Disk 2 MBR scan
13:54:03.088 Disk 2 Windows 7 default MBR code
13:54:03.091 Disk 2 Partition 1 80 (A) 07 HPFS/NTFS NTFS 953867 MB offset 2048
13:54:03.136 Disk 2 scanning C:\Windows\system32\drivers
13:54:12.319 Service scanning
13:54:33.096 Modules scanning
13:54:33.426 Disk 2 trace - called modules:
13:54:33.439 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
13:54:33.442 1 nt!IofCallDriver -> \Device\Harddisk2\DR2[0xfffffa800771e790]
13:54:33.445 3 CLASSPNP.SYS[fffff8800145143f] -> nt!IofCallDriver -> [0xfffffa800766a9b0]
13:54:33.448 5 ACPI.sys[fffff88000ef07a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa800771c680]
13:54:35.707 AVAST engine scan C:\Windows
13:54:40.698 AVAST engine scan C:\Windows\system32
13:57:09.030 AVAST engine scan C:\Windows\system32\drivers
13:57:23.205 AVAST engine scan C:\Users\Administrator
13:57:39.296 AVAST engine scan C:\ProgramData
14:01:34.188 Scan finished successfully
14:37:50.451 Disk 2 MBR has been saved successfully to "C:\Users\Administrator\Desktop\MBR.dat"
14:37:50.498 The log file has been saved successfully to "C:\Users\Administrator\Desktop\aswMBR.txt"

ESET had no findings

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:15 PM

Posted 30 October 2012 - 08:44 PM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.

#5 dhc

dhc
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:09:15 PM

Posted 31 October 2012 - 01:46 PM

Malwarebytes Anti-Malware (Trial) 1.65.1.1000
www.malwarebytes.org

Database version: v2012.10.31.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
DENIS-HOME :: DENIS-HOME-PC [administrator]

Protection: Enabled

10/31/2012 11:58:48 AM
mbam-log-2012-10-31 (11-58-48).txt

Scan type: Full scan (C:\|E:\|G:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 716159
Time elapsed: 1 hour(s), 58 minute(s), 5 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)






MiniToolBox by Farbar Version: 23-07-2012
Ran by DENIS-HOME (administrator) on 31-10-2012 at 14:02:10
Microsoft Windows 7 Professional Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : DENIS-HOME-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : home

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : home
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : BC-AE-C5-0E-2A-00
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::5519:efa5:6f4f:a6cf%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.44(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Wednesday, October 31, 2012 11:29:38 AM
Lease Expires . . . . . . . . . . : Thursday, November 01, 2012 11:29:37 AM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 247246533
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-6C-76-B0-BC-AE-C5-0E-2A-00
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:1c4f:975:3f57:fed3(Preferred)
Link-local IPv6 Address . . . . . : fe80::1c4f:975:3f57:fed3%13(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.home:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : home
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: Wireless_Broadband_Router.home
Address: 192.168.1.1

Name: google.com
Addresses: 2607:f8b0:4006:802::1000
173.194.43.5
173.194.43.6
173.194.43.7
173.194.43.8
173.194.43.9
173.194.43.14
173.194.43.0
173.194.43.1
173.194.43.2
173.194.43.3
173.194.43.4


Pinging google.com [173.194.43.4] with 32 bytes of data:
Reply from 173.194.43.4: bytes=32 time=23ms TTL=52
Reply from 173.194.43.4: bytes=32 time=25ms TTL=52

Ping statistics for 173.194.43.4:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 23ms, Maximum = 25ms, Average = 24ms
Server: Wireless_Broadband_Router.home
Address: 192.168.1.1

Name: yahoo.com
Addresses: 98.138.253.109
98.139.183.24
72.30.38.140


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=101ms TTL=50
Reply from 72.30.38.140: bytes=32 time=110ms TTL=50

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 101ms, Maximum = 110ms, Average = 105ms
Server: Wireless_Broadband_Router.home
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=7ms TTL=128
Reply from 127.0.0.1: bytes=32 time=4ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 4ms, Maximum = 7ms, Average = 5ms
===========================================================================
Interface List
11...bc ae c5 0e 2a 00 ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.44 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.44 276
192.168.1.44 255.255.255.255 On-link 192.168.1.44 276
192.168.1.255 255.255.255.255 On-link 192.168.1.44 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.44 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.44 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
13 58 ::/0 On-link
1 306 ::1/128 On-link
13 58 2001::/32 On-link
13 306 2001:0:4137:9e76:1c4f:975:3f57:fed3/128
On-link
11 276 fe80::/64 On-link
13 306 fe80::/64 On-link
13 306 fe80::1c4f:975:3f57:fed3/128
On-link
11 276 fe80::5519:efa5:6f4f:a6cf/128
On-link
1 306 ff00::/8 On-link
13 306 ff00::/8 On-link
11 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/31/2012 11:31:15 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/30/2012 08:58:48 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine IVssAsrWriterBackup::GetDiskComponents. hr = 0x80070057, The parameter is incorrect.
.


Operation:
OnIdentify event
Gathering Writer Data

Context:
Execution Context: ASR Writer
Writer Class Id: {be000cbe-11fe-4426-9c58-531aa6355fc4}
Writer Name: ASR Writer
Writer Instance ID: {13ec6bef-c77b-4365-8b85-b16c7f7e0864}

Error: (10/30/2012 02:40:46 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/30/2012 02:39:31 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/30/2012 02:39:30 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/30/2012 02:39:27 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/30/2012 01:23:52 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/30/2012 10:38:47 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/30/2012 10:37:58 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/30/2012 09:49:34 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine IVssAsrWriterBackup::GetDiskComponents. hr = 0x80070057, The parameter is incorrect.
.


Operation:
OnIdentify event
Gathering Writer Data

Context:
Execution Context: ASR Writer
Writer Class Id: {be000cbe-11fe-4426-9c58-531aa6355fc4}
Writer Name: ASR Writer
Writer Instance ID: {8afad770-58da-4eb5-9fac-dc718e789c70}


System errors:
=============
Error: (10/30/2012 08:58:45 PM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (10/30/2012 01:21:12 PM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (10/29/2012 08:18:18 PM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (10/29/2012 03:25:57 PM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (10/29/2012 03:08:29 PM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}


Microsoft Office Sessions:
=========================
Error: (10/31/2012 11:31:15 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/30/2012 08:58:48 PM) (Source: VSS)(User: )
Description: IVssAsrWriterBackup::GetDiskComponents0x80070057, The parameter is incorrect.


Operation:
OnIdentify event
Gathering Writer Data

Context:
Execution Context: ASR Writer
Writer Class Id: {be000cbe-11fe-4426-9c58-531aa6355fc4}
Writer Name: ASR Writer
Writer Instance ID: {13ec6bef-c77b-4365-8b85-b16c7f7e0864}

Error: (10/30/2012 02:40:46 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\81JPICTK\esetsmartinstaller_enu.exe

Error: (10/30/2012 02:39:31 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Administrator\Downloads\esetsmartinstaller_enu.exe

Error: (10/30/2012 02:39:30 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Administrator\Downloads\esetsmartinstaller_enu.exe

Error: (10/30/2012 02:39:27 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Administrator\Downloads\esetsmartinstaller_enu.exe

Error: (10/30/2012 01:23:52 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/30/2012 10:38:47 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (10/30/2012 10:37:58 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\Nero\Nero8\Nero Toolkit\DiscSpeed.exe

Error: (10/30/2012 09:49:34 AM) (Source: VSS)(User: )
Description: IVssAsrWriterBackup::GetDiskComponents0x80070057, The parameter is incorrect.


Operation:
OnIdentify event
Gathering Writer Data

Context:
Execution Context: ASR Writer
Writer Class Id: {be000cbe-11fe-4426-9c58-531aa6355fc4}
Writer Name: ASR Writer
Writer Instance ID: {8afad770-58da-4eb5-9fac-dc718e789c70}


=========================== Installed Programs ============================

Acrobat.com (Version: 2.0.0)
Acrobat.com (Version: 2.0.0.0)
Adobe AIR (Version: 2.6.0.19140)
Adobe Community Help (Version: 3.5.23)
Adobe Connect Add-in
Adobe Flash Player 11 ActiveX (Version: 11.4.402.287)
Adobe Photoshop Elements 9 (Version: 9.0.3.0)
Adobe Photoshop.com Inspiration Browser (Version: 3.07)
Adobe Premiere Elements 9 (Version: 9.0)
Adobe Premiere Elements 9 (Version: 9.0.1)
Adobe Premiere Elements 9 Content (Version: 9.0)
Adobe Premiere Elements 9 Content 1 (Version: 9.0)
Adobe Premiere Elements 9 Content 2 (Version: 9.0)
Adobe Premiere Elements 9 Content 3 (Version: 9.0)
Adobe Premiere Elements 9 HD Content 1 (Version: 9.0)
Adobe Premiere Elements 9 HD Content 2 (Version: 9.0)
Adobe Premiere Elements 9 HD Content 3 (Version: 9.0)
Adobe Reader X (10.1.3) (Version: 10.1.3)
Advanced SystemCare 4 (Version: 4.0.1)
AIM 7
AirPrint for Windows (Version: 1.10.0000)
AMD USB Filter Driver (Version: 1.0.15.94)
AOL Messaging Toolbar
APC Back-UPS HS
APC PowerChute Personal Edition (Version: 2.0)
Apple Application Support (Version: 2.2.2)
Apple Mobile Device Support (Version: 6.0.0.59)
Apple Software Update (Version: 2.1.3.127)
ATI Catalyst Install Manager (Version: 3.0.765.0)
Bing Bar (Version: 7.1.391.0)
Bing Maps 3D (Version: 4.0.903.16005)
Bonjour (Version: 3.0.0.10)
Browser Configuration Utility (Version: 1.0.10.0)
CameraHelperMsi (Version: 13.31.1038.0)
Canon Camera WIA Driver (Version: 5.6)
Canon EOS Kiss_N REBEL_XT 350D WIA Driver (Version: 5.6)
Catalyst Control Center Core Implementation (Version: 2010.0210.2206.39615)
Catalyst Control Center Graphics Full Existing (Version: 2010.0210.2206.39615)
Catalyst Control Center Graphics Full New (Version: 2010.0210.2206.39615)
Catalyst Control Center Graphics Light (Version: 2010.0210.2206.39615)
Catalyst Control Center Graphics Previews Common (Version: 2010.0210.2206.39615)
Catalyst Control Center Graphics Previews Vista (Version: 2010.0210.2206.39615)
Catalyst Control Center InstallProxy (Version: 2010.0210.2206.39615)
Catalyst Control Center Localization All (Version: 2010.0210.2206.39615)
ccc-core-static (Version: 2010.0210.2206.39615)
ccc-utility64 (Version: 2010.0210.2206.39615)
CCC Help Chinese Standard (Version: 2010.0210.2205.39615)
CCC Help Chinese Traditional (Version: 2010.0210.2205.39615)
CCC Help Czech (Version: 2010.0210.2205.39615)
CCC Help Danish (Version: 2010.0210.2205.39615)
CCC Help Dutch (Version: 2010.0210.2205.39615)
CCC Help English (Version: 2010.0210.2205.39615)
CCC Help Finnish (Version: 2010.0210.2205.39615)
CCC Help French (Version: 2010.0210.2205.39615)
CCC Help German (Version: 2010.0210.2205.39615)
CCC Help Greek (Version: 2010.0210.2205.39615)
CCC Help Hungarian (Version: 2010.0210.2205.39615)
CCC Help Italian (Version: 2010.0210.2205.39615)
CCC Help Japanese (Version: 2010.0210.2205.39615)
CCC Help Korean (Version: 2010.0210.2205.39615)
CCC Help Norwegian (Version: 2010.0210.2205.39615)
CCC Help Polish (Version: 2010.0210.2205.39615)
CCC Help Portuguese (Version: 2010.0210.2205.39615)
CCC Help Russian (Version: 2010.0210.2205.39615)
CCC Help Spanish (Version: 2010.0210.2205.39615)
CCC Help Swedish (Version: 2010.0210.2205.39615)
CCC Help Thai (Version: 2010.0210.2205.39615)
CCC Help Turkish (Version: 2010.0210.2205.39615)
Core Temp 1.0 RC3 (Version: 1.0)
CWA Reminder by We-Care.com v4.1.18.3 (Version: 4.1.18.3)
D3DX10 (Version: 15.4.2368.0902)
DCE AutoEnhance 2.1
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
DriverBoost (Version: 8.0.1)
Elements 9 Organizer (Version: 9.0)
Elements STI Installer (Version: 1.0)
EPU (Version: 1.02.20)
erLT (Version: 1.20.138.34)
ESET Online Scanner v3
Free PDF to Word Converter 5.1.0.383 (Version: 5.1.0.383)
Garmin Lifetime Updater (Version: 2.0.6)
Garmin Lifetime Updater (Version: 2.1.7)
Google Chrome (Version: 22.0.1229.94)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.4.3230.2052)
Google Update Helper (Version: 1.3.21.123)
GPU Boost Driver (Version: 1.01.15)
iCloud (Version: 1.1.0.40)
Internet TV for Windows Media Center (Version: 4.2.2.0)
iTunes (Version: 10.7.0.21)
JMicron JMB36X Driver (Version: 1.00.0000)
Junk Mail filter update (Version: 15.4.3502.0922)
LG Burning Tools (Version: 8.3.568)
LG CyberLink PowerBackup (Version: 2.5.4511)
LG CyberLink PowerDVD 7.0 (Version: 7.0.3409.a)
LG CyberLink PowerProducer (Version: 085312a(3.7)_Vista_LG)
LG CyberLink YouCam (Version: 1.0.2609)
LG ODD Auto Firmware Update (Version: 9.01.1124.01)
Logitech Harmony Remote Software 7 (Version: 7.7.0.0)
Logitech Webcam Software (Version: 2.30)
LWS Facebook (Version: 13.31.1038.0)
LWS Gallery (Version: 13.31.1038.0)
LWS Help_main (Version: 13.31.1044.0)
LWS Launcher (Version: 13.31.1038.0)
LWS Motion Detection (Version: 13.30.1395.0)
LWS Pictures And Video (Version: 13.31.1038.0)
LWS Twitter (Version: 13.30.1346.0)
LWS Video Mask Maker (Version: 13.30.1379.0)
LWS VideoEffects (Version: 13.30.1379.0)
LWS Webcam Software (Version: 13.31.1038.0)
LWS WLM Plugin (Version: 1.30.1201.0)
LWS YouTube Plugin (Version: 13.31.1038.0)
Macrium Reflect Standard Edition (Version: 5.0.5154)
Malwarebytes Anti-Malware version 1.65.1.1000 (Version: 1.65.1.1000)
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook Connector (Version: 14.0.5118.5000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (Version: 14.0.5120.5000)
Microsoft Security Client (Version: 4.1.0522.0)
Microsoft Security Essentials (Version: 4.1.522.0)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft VC9 runtime libraries (Version: 2.0.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.31119)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.31124)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Mozilla Firefox 5.0 (x86 en-US) (Version: 5.0)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
neroxml (Version: 1.0.0)
Network Print Monitor for Windows 2000/XP
Punch! Home and Landscape Design Suite
QuickTime (Version: 7.72.80.56)
Realtek Ethernet Controller Driver For Windows 7 (Version: 7.21.531.2010)
Realtek High Definition Audio Driver (Version: 6.0.1.6037)
Remote Control USB Driver (Version: 2.3.2.317)
Renesas Electronics USB 3.0 Host Controller Driver (Version: 2.0.4.0)
Seagate Dashboard (Version: 1.1.0.1421)
SimCity 4
Smart Defrag 2 (Version: 2.0.1)
SmartSound Quicktracks for Premiere Elements 9.0 (Version: 3.12.3090)
SUPERAntiSpyware (Version: 5.6.1012)
Tabulating and Scoring for Windows
TeamViewer 7 (Version: 7.0.14484)
The Weather Channel App
ToneCheck for Outlook (Version: 1.0.1.0)
TurboV EVO (Version: 1.02.32)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553272) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598289) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
US Tech Support Framework (Version: 2.1.0.4558)
VCRedistSetup (Version: 1.0.0)
VLC Media Player (Version: 1.0)
VLC media player 1.1.10 (Version: 1.1.10)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live Family Safety (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows XP Mode (Version: 1.3.7600.16423)
WinRAR archiver
WinZip 12.0 (Version: 12.0.8252)
XnView 1.98 (Version: 1.98)

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 37%
Total physical RAM: 7934.18 MB
Available physical RAM: 4958.12 MB
Total Pagefile: 29932.37 MB
Available Pagefile: 26879.1 MB
Total Virtual: 4095.88 MB
Available Virtual: 3959.53 MB

========================= Partitions: =====================================

1 Drive c: (New Volume) (Fixed) (Total:931.51 GB) (Free:823.67 GB) NTFS
3 Drive e: (HP_PAVILION) (Fixed) (Total:271.45 GB) (Free:29.64 GB) NTFS
5 Drive g: (New Volume) (Fixed) (Total:27.95 GB) (Free:5.18 GB) NTFS

========================= Users: ========================================

User accounts for \\DENIS-HOME-PC

Administrator Denis1 DENIS-HOME
Guest Nely

========================= Minidump Files ==================================

No minidump file found

========================= Restore Points ==================================

29-10-2012 12:45:51 Restore 10-29-2012
29-10-2012 15:22:17 Windows Update
30-10-2012 13:49:33 PC Decrapifier Restore Point
31-10-2012 00:58:48 Windows Update

**** End of log ****







Farbar Service Scanner Version: 27-10-2012
Ran by DENIS-HOME (administrator) on 31-10-2012 at 14:03:32
Running from "C:\Users\DENIS-HOME\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VOSK4QAF"
Microsoft Windows 7 Professional Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****







# AdwCleaner v2.006 - Logfile created 10/31/2012 at 14:04:10
# Updated 30/10/2012 by Xplode
# Operating system : Windows 7 Professional Service Pack 1 (64 bits)
# User : DENIS-HOME - DENIS-HOME-PC
# Boot Mode : Normal
# Running from : C:\Users\DENIS-HOME\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OETAC3KI\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\ProgramData\Browser Manager

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B}
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v5.0 (en-US)

Profile name : default
File : C:\Users\DENIS-HOME\AppData\Roaming\Mozilla\Firefox\Profiles\6vhh1imm.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v [Unable to get version]

File : C:\Users\DENIS-HOME\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [9526 octets] - [29/10/2012 15:05:56]
AdwCleaner[R2].txt - [9518 octets] - [29/10/2012 15:07:59]
AdwCleaner[S2].txt - [9503 octets] - [29/10/2012 15:08:10]
AdwCleaner[S4].txt - [1867 octets] - [31/10/2012 14:04:10]

########## EOF - C:\AdwCleaner[S4].txt - [1927 octets] ##########





Junkware Removal Tool (JRT) by Thisisu
Version: 2.3.4 (10.31.2012)
OS: Windows 7 Professional x64
Ran by DENIS-HOME on Wed 10/31/2012 at 14:11:29.06
Blog: http://thisisudax.blogspot.com
**************************************************************




*** Services: 0 Detections



*** Registry Values: 0 Detections



*** Registry Keys:

Successfully deleted: [KEY] hkey_current_user\software\microsoft\windows\currentversion\ext\settings\{ef99bd32-c1fb-11d2-892f-0090271d4f88}



*** Files: 0 Detections



*** Folders: 0 Detections



*** FireFox detected and repaired



*** Event Viewer Logs - Cleared





**************************************************************
Scan was completed on Wed 10/31/2012 at 14:23:07.91
End of Report

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:15 PM

Posted 31 October 2012 - 10:27 PM

Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#7 dhc

dhc
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:09:15 PM

Posted 01 November 2012 - 09:03 AM

Rkill 2.4.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 11/01/2012 07:29:14 AM in x64 mode.
Windows Version: Windows 7 Professional Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 localhost

Program finished at: 11/01/2012 07:29:22 AM
Execution time: 0 hours(s), 0 minute(s), and 7 seconds(s)





"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "AdobeAAMUpdater-1.0" "Adobe Updater Startup Utility" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\oobe\pdapp\uwa\updaterstartuputility.exe"
+ "MSC" "Microsoft Security Client User Interface" "Microsoft Corporation" "c:\program files\microsoft security client\msseces.exe"
+ "RtHDVCpl" "Realtek HD Audio Manager" "Realtek Semiconductor" "c:\program files\realtek\audio\hda\ravcpl64.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe"
+ "APSDaemon" "Apple Push" "Apple Inc." "c:\program files (x86)\common files\apple\apple application support\apsdaemon.exe"
+ "BCU" "Browser Configuration Utility" "DeviceVM, Inc." "c:\program files (x86)\devicevm\browser configuration utility\bcu.exe"
+ "Garmin Lifetime Updater" "Garmin Lifetime Updater" "Garmin" "c:\program files (x86)\garmin\lifetime updater\garminlifetime.exe"
+ "iTunesHelper" "iTunesHelper" "Apple Inc." "c:\program files (x86)\itunes\ituneshelper.exe"
+ "LanguageShortcut" "Language Application" "" "c:\program files (x86)\cyberlink\powerdvd\language\language.exe"
+ "LWS" "Logitech Webcam Software" "Logitech Inc." "c:\program files (x86)\logitech\lws\webcam software\lws.exe"
+ "NUSB3MON" "USB 3.0 Monitor" "Renesas Electronics Corporation" "c:\program files (x86)\renesas electronics\usb 3.0 host controller driver\application\nusb3mon.exe"
+ "QuickTime Task" "QuickTime Task" "Apple Inc." "c:\program files (x86)\quicktime\qttask.exe"
+ "RemoteControl" "PowerDVD RC Service" "Cyberlink Corp." "c:\program files (x86)\cyberlink\powerdvd\pdvdserv.exe"
+ "Six Engine" "" "
ASUSTeK Computer Inc." "c:\program files (x86)\asus\epu\epu.exe"
+ "StartCCC" "Catalyst® Control Center Launcher" "Advanced Micro Devices, Inc." "c:\program files (x86)\ati technologies\ati.ace\core-static\clistart.exe"
+ "TurboV EVO" "TurboV EVO" "ASUSTeK Computer Inc." "c:\program files\asus\turbov evo\turbov_evo.exe"
+ "UCam_Menu" "MUI StartMenu Application" "CyberLink Corp." "c:\program files (x86)\cyberlink\youcam\muitransfer\muistartmenu.exe"
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "APC UPS Status.lnk" "Startup notification module" "American Power Conversion Corporation" "c:\program files (x86)\apc\apc powerchute personal edition\display.exe"
+ "WinZip Quick Pick.lnk" "WinZip Executable" "WinZip Computing, S.L." "c:\program files (x86)\winzip\wzqkpick.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Advanced SystemCare 4" "Advanced SystemCare 4 Tray" "IObit" "c:\program files (x86)\iobit\advanced systemcare 4\asctray.exe"
+ "Aim" "AOL Instant Messenger" "AOL Inc." "c:\program files (x86)\aim\aim.exe"
+ "CAHeadless" "ElementsAutoAnalyzer" "Adobe Systems Incorporated" "c:\program files (x86)\adobe\elements 9 organizer\caheadless\elementsautoanalyzer.exe"
+ "DW7" "The Weather Channel App" "The Weather Channel" "c:\program files (x86)\the weather channel\the weather channel app\twcapp.exe"
+ "Garmin Lifetime Updater" "Garmin Lifetime Updater" "Garmin" "c:\program files (x86)\garmin\lifetime updater\garminlifetime.exe"
+ "MobileDocuments" "ubd.exe" "Apple Inc." "c:\program files (x86)\common files\apple\internet services\ubd.exe"
+ "SmartRAM" "Monitors and Optimizes memory usage to increase available physical memory." "IObit" "c:\users\denis-home\downloads\iobit_toolbox\tools\suo10_smartram.exe"
+ "StartupCop Pro Startup Launcher" "Startup Cop Pro startup manager utility" "Ziff-Davis Media, Inc." "e:\program files\pc magazine utilities\startup cop pro\startupcoppro.exe"
+ "SUPERAntiSpyware" "SUPERAntiSpyware Application" "SUPERAntiSpyware.com" "c:\program files\superantispyware\superantispyware.exe"
+ "swg" "GoogleToolbarNotifier" "Google Inc." "c:\program files (x86)\google\googletoolbarnotifier\googletoolbarnotifier.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office14\msoxmlmf.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll"
+ "SASContextMenu Class" "SUPERAntiSpyware Context Menu Extension" "SUPERAntiSpyware.com" "c:\program files\superantispyware\sasctxmn64.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll"
+ "SASContextMenu Class" "SUPERAntiSpyware Context Menu Extension" "SUPERAntiSpyware.com" "c:\program files\superantispyware\sasctxmn64.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "ACE" "AMD Desktop Control Panel" "Advanced Micro Devices, Inc." "c:\program files (x86)\ati technologies\ati.ace\core-static\atiacm64.dll"
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "WinRAR" "" "" "c:\program files (x86)\winrar\rarext64.dll"
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing, S.L." "c:\program files (x86)\winzip\wzshls64.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "WinRAR32" "" "" "c:\program files (x86)\winrar\rarext.dll"
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "WinRAR" "" "" "c:\program files (x86)\winrar\rarext64.dll"
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing, S.L." "c:\program files (x86)\winzip\wzshls64.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "WinRAR32" "" "" "c:\program files (x86)\winrar\rarext.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Google Toolbar Helper" "Google Toolbar" "Google Inc." "c:\program files (x86)\google\google toolbar\googletoolbar_64.dll"
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files\microsoft office\office14\urlredir.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "Bing Bar Helper" "Bing Client Extensions" "Microsoft Corporation." "c:\program files (x86)\microsoft\bingbar\7.1.391.0\bingext.dll"
+ "Google Toolbar Helper" "Google Toolbar" "Google Inc." "c:\program files (x86)\google\google toolbar\googletoolbar_32.dll"
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\urlredir.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll"
+ "Windows Live Messenger Companion Helper" "Windows Live Messenger Companion Core" "Microsoft Corporation" "c:\program files (x86)\windows live\companion\companioncore.dll"
"HKCU\Software\Microsoft\Internet Explorer\UrlSearchHooks" "" "" ""
+ "SearchHook Class" "Browser Configuration Utility Address Bar Search Hook Addin" "DeviceVM, Inc." "c:\program files (x86)\devicevm\browser configuration utility\addressbarsearch64.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "Google Toolbar" "Google Toolbar" "Google Inc." "c:\program files (x86)\google\google toolbar\googletoolbar_64.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "Bing" "Bing Client Extensions" "Microsoft Corporation." "c:\program files (x86)\microsoft\bingbar\7.1.391.0\bingext.dll"
+ "Google Toolbar" "Google Toolbar" "Google Inc." "c:\program files (x86)\google\google toolbar\googletoolbar_32.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "&Blog This in Windows Live Writer" "Windows Live Writer Blog This Extension" "Microsoft Corporation" "c:\program files (x86)\windows live\writer\writerbrowserextension.dll"
+ "Messenger Companion (Ctrl+Shift+C)" "Windows Live Messenger Companion Core" "Microsoft Corporation" "c:\program files (x86)\windows live\companion\companioncore.dll"
+ "OneNote Lin&ked Notes" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\onbttnielinkednotes.dll"
+ "Se&nd to OneNote" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\onbttnie.dll"
"Task Scheduler" "" "" ""
+ "\AdobeAAMUpdater-1.0-DENIS-HOME-PC-DENIS-HOME" "Adobe Updater Startup Utility" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\oobe\pdapp\uwa\updaterstartuputility.exe"
+ "\ASUS\Gpu Boost Driver" "" "
ASUSTeK Computer Inc." "c:\program files\asus\gpu boost driver\gpuboostserver.exe"
+ "\ASUS\TurboVHelp" "TurboVHelp" "ASUSTeK Computer Inc." "c:\program files\asus\turbov evo\turbovhelp.exe"
+ "\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\microsoft security client\mpcmdrun.exe"
+ "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task" "Windows Live Social Object Extractor Engine" "Microsoft Corporation" "c:\program files (x86)\windows live\soxe\wlsoxe.dll"
X "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
X "\Scheduled Update for Ask Toolbar" "" "" "File not found: C:\Program Files (x86)\Ask.com\UpdateTask.exe"
+ "\SmartDefrag_Startup" "Smart Defrag v2" "IObit" "c:\program files (x86)\iobit\smart defrag 2\smartdefrag.exe"
+ "\SUPERAntiSpyware Scheduled Task 4f19a817-7676-4acf-a414-f8a716833efe" "SUPERAntiSpyware Task Dispatcher" "SUPERAdBlocker.com" "c:\program files\superantispyware\sastask.exe"
+ "\SUPERAntiSpyware Scheduled Task 6d7e23dd-294e-4709-bc6e-78b67ab5189b" "SUPERAntiSpyware Task Dispatcher" "SUPERAdBlocker.com" "c:\program files\superantispyware\sastask.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "!SASCORE" "SUPERAntiSpyware Core Service" "SUPERAntiSpyware.com" "c:\program files\superantispyware\sascore64.exe"
+ "AdobeActiveFileMonitor9.0" "Tracks files that are managed by Elements Organizer" "Adobe Systems Incorporated" "c:\program files (x86)\adobe\elements 9 organizer\photoshopelementsfileagent.exe"
+ "AdobeARMservice" "Adobe Acrobat Updater keeps your Adobe software up to date." "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe"
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "AdvancedSystemCareService" "Advanced SystemCare Service" "IObit" "c:\program files (x86)\iobit\advanced systemcare 4\ascservice.exe"
+ "AirPrint" "AirPrint For Windows" "Apple Inc." "c:\program files (x86)\airprint\airprint.exe"
+ "AMD External Events Utility" "AMD External Events Service Module" "AMD" "c:\windows\system32\atiesrxx.exe"
+ "APC UPS Service" "Battery backup management service" "American Power Conversion Corporation" "c:\program files (x86)\apc\apc powerchute personal edition\mainserv.exe"
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files (x86)\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "AsSysCtrlService" "" "" "c:\program files (x86)\asus\assysctrlservice\1.00.05\assysctrlservice.exe"
+ "BBSvc" "Keeps Bing Bar up-to-date. Disabling this service might prevent updates and expose your computer to security vulnerabilities or functional flaws in Bing Bar." "Microsoft Corporation." "c:\program files (x86)\microsoft\bingbar\7.1.391.0\bbsvc.exe"
+ "BBUpdate" "Enables the detection, download and installation of up-to-date configuration files for Bing Bar. Also provides server communication for the customer experience improvement program. Stopping or disabling this service may prevent you from getting the latest updates for Bing Bar, which may expose your computer to security vulnerabilities or functional flaws in the Bing Bar." "Microsoft Corporation." "c:\program files (x86)\microsoft\bingbar\7.1.391.0\seaport.exe"
+ "BCUService" "This service performs auto-recovery for Browser Configuration Utility." "DeviceVM, Inc." "c:\program files (x86)\devicevm\browser configuration utility\bcuservice.exe"
+ "Bonjour Service" "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence." "Apple Inc." "c:\program files\bonjour\mdnsresponder.exe"
+ "fsssvc" "This service enables Family Safety on the computer. If this service is not running, Family Safety will not work." "Microsoft Corporation" "c:\program files (x86)\windows live\family safety\fsssvc.exe"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "gusvc" "Google Updater keeps your Google software up to date. If Google Updater Service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work." "Google" "c:\program files (x86)\google\common\google updater\googleupdaterservice.exe"
+ "iPod Service" "iPod hardware management services" "Apple Inc." "c:\program files\ipod\bin\ipodservice.exe"
+ "MBAMScheduler" "Malwarebytes Anti-Malware scheduler" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamscheduler.exe"
+ "MBAMService" "Malwarebytes Anti-Malware service" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamservice.exe"
+ "MsMpSvc" "Helps protect users from malware and other potentially unwanted software" "Microsoft Corporation" "c:\program files\microsoft security client\msmpeng.exe"
+ "NisSrv" "Helps guard against intrusion attempts targeting known and newly discovered vulnerabilities in network protocols" "Microsoft Corporation" "c:\program files\microsoft security client\nissrv.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"
+ "osppsvc" "Office Software Protection Platform Service (unlocalized description)" "Microsoft Corporation" "c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe"
+ "ReflectService.exe" "Reflect Service - Enables mounting of images" "" "c:\program files\macrium\reflect\reflectservice.exe"
+ "RichVideo" "RichVideo Module" "" "c:\program files (x86)\cyberlink\shared files\richvideo.exe"
+ "SeagateDashboardService" "Dashboard for Memeo applications" "Memeo" "c:\program files (x86)\seagate\seagate dashboard\seagatedashboardservice.exe"
+ "TeamViewer7" "TeamViewer Remote Software" "TeamViewer GmbH" "c:\program files (x86)\teamviewer\version7\teamviewer_service.exe"
+ "UMVPFSrv" "UMVPF is a user mode Logitech driver" "Logitech Inc." "c:\program files (x86)\common files\logishrd\lvmvfm\umvpfsrv.exe"
+ "USTSScheduler" "Required for US Tech Support products" "US Tech Support LLC" "c:\program files (x86)\ustechsupport\schedulerservice\schedulerservice.exe"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "wlidsvc" "Enables Windows Live ID authentication." "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "ALSysIO" "" "" "File not found: C:\Users\ADMINI~1\AppData\Local\Temp\ALSysIO64.sys"
+ "amdkmdag" "ATI Radeon Kernel Mode Driver" "ATI Technologies Inc." "c:\windows\system32\drivers\atikmdag.sys"
+ "amdkmdap" "AMD multi-vendor Miniport Driver" "Advanced Micro Devices, Inc." "c:\windows\system32\drivers\atikmpag.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "AODDriver" "AMD OverDrive Service Driver" "Advanced Micro Devices" "c:\program files\asus\gpu boost driver\amd64\aoddriver.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "AsIO" "" "" "c:\windows\syswow64\drivers\asio.sys"
+ "AtiHdmiService" "ATI High Definition Audio Function Driver" "ATI Technologies, Inc." "c:\windows\system32\drivers\atihdmi.sys"
+ "AtiPcie" "AMD PCIE Filter Driver for ATI PCIE chipset" "Advanced Micro Devices Inc." "c:\windows\system32\drivers\atipcie.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
X "catchme" "" "" "File not found: C:\ComboFix\catchme.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
X "cpuz134" "" "" "File not found: C:\Users\DENIS-~1\AppData\Local\Temp\cpuz134\cpuz134_x64.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "grmnusb" "grmnusb.sys" "GARMIN Corp." "c:\windows\system32\drivers\grmnusb.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "IntcAzAudAddService" "Realtek® High Definition Audio Function Driver" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtkvhd64.sys"
+ "JRAID" "JMicron JMB36X RAID Driver" "JMicron Technology Corp." "c:\windows\system32\drivers\jraid.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "LVRS64" "Logitech Kernel Audio Improvement Filter Driver" "Logitech Inc." "c:\windows\system32\drivers\lvrs64.sys"
+ "LVUVC64" "Logitech USB Video Class Driver" "Logitech Inc." "c:\windows\system32\drivers\lvuvc64.sys"
+ "MBAMProtector" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\windows\system32\drivers\mbam.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "MTsensor" "ATK0110 ACPI Utility" "" "c:\windows\system32\drivers\asacpi.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "nusb3hub" "USB 3.0 Hub Driver" "Renesas Electronics Corporation" "c:\windows\system32\drivers\nusb3hub.sys"
+ "nusb3xhc" "USB 3.0 Host Controller Driver" "Renesas Electronics Corporation" "c:\windows\system32\drivers\nusb3xhc.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
X "Partizan" "" "" "File not found: system32\drivers\Partizan.sys"
+ "PSMounterEx" "Macrium Reflect Image Explorer Driver. Allows images and backups to be accessed by Windows Explorer" "" "c:\windows\system32\drivers\psmounterex.sys"
+ "PSVolAcc" "PSVolAcc mini-filter driver" "Paramount Software UK Ltd" "c:\windows\system32\drivers\psvolacc.sys"
+ "PxHlpa64" "Px Engine Device Driver for 64-bit Windows" "Sonic Solutions" "c:\windows\system32\drivers\pxhlpa64.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "RTL8167" "Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver " "Realtek " "c:\windows\system32\drivers\rt64win7.sys"
+ "SASDIFSV" "SASDIFSV64.SYS" "SUPERAdBlocker.com and SUPERAntiSpyware.com" "c:\program files\superantispyware\sasdifsv64.sys"
+ "SASKUTIL" "SASKUTIL64.SYS" "SUPERAdBlocker.com and SUPERAntiSpyware.com" "c:\program files\superantispyware\saskutil64.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "Si3132r5" "SATA SoftRAID 5 miniport driver" "Silicon Image, Inc" "c:\windows\system32\drivers\si3132r5.sys"
+ "SiFilter" "Windows Accelerator Driver" "Silicon Image, Inc." "c:\windows\system32\drivers\siwinacc.sys"
+ "SiRemFil" "Filter driver for Silicon Image SATALink controllers." "Silicon Image, Inc." "c:\windows\system32\drivers\siremfil.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "SmartDefragDriver" "File driver of SmartDefrag" "" "c:\windows\system32\drivers\smartdefragdriver.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "USBAAPL64" "Apple Mobile Device USB Driver" "Apple, Inc." "c:\windows\system32\drivers\usbaapl64.sys"
+ "usbfilter" "AMD USB Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\usbfilter.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
+ "vidc.i420" "Video Codec" "Logitech Inc." "c:\windows\system32\lvcod64.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
+ "vidc.i420" "Video Codec" "Logitech Inc." "c:\windows\syswow64\lvcodec2.dll"
"HKLM\Software\Classes\Filter" "" "" ""
+ "MainConcept MPEG Demultiplexer" "MPEG-1/2 Demultiplexer" "MainConcept GmbH" "c:\program files (x86)\adobe\elements 9 organizer\caheadless\mc_demux_mp2_ds.ax"
+ "MainConcept MPEG Push Demultiplexer" "MPEG Push Demultiplexer" "MainConcept GmbH" "c:\program files (x86)\adobe\elements 9 organizer\caheadless\mc_demuxpush_mp2_ds.ax"
+ "MainConcept VC-1 Decoder" "VC-1 Decoder DirectShow Filter" "MainConcept GmbH" "c:\program files (x86)\adobe\elements 9 organizer\caheadless\mc_dec_vc1_ds.ax"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "ATI Ticker" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\ticker.ax"
+ "Capture File Writer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "CyberLink Audio Commercial Cut Analyzer" "CLAudCM" "Cyberlink Corp." "c:\program files (x86)\cyberlink\powerproducer\claudcm.ax"
+ "CyberLink Audio Decoder (PDVD7 UPnP)" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd\upnp\claud.ax"
+ "CyberLink Audio Decoder (PDVD7)" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd\audiofilter\claud.ax"
+ "CyberLink Audio Effect (PDVD7)" "CyberLink Audio Effect Filter" "CyberLink Corporation" "c:\program files (x86)\cyberlink\powerdvd\audiofilter\claudfx.ax"
+ "CyberLink Audio Spectrum Analyzer (PDVD7)" "CLAudSpa.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd\audiofilter\claudspa.ax"
+ "CyberLink Audio Wizard" "CyberLink Audio Wizard Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd\audiofilter\claudwizard.ax"
+ "CyberLink AudioCD Filter (PDVD7)" "CyberLink AudioCD Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd\audiofilter\claudiocd.ax"
+ "CyberLink Demultiplexer" "MPEG-2 Dempltiplexer" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerproducer\ppdemuxer.ax"
+ "CyberLink Demux (PDVD7 UPnP)" "MPEG-2 Dempltiplexer" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd\upnp\cldemuxer.ax"
+ "CyberLink Demux (PDVD7)" "MPEG-2 Dempltiplexer" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd\navfilter\cldemuxer.ax"
+ "CyberLink DV Buffer" "DV dump Filter" "CyberLink Corporation" "c:\program files (x86)\cyberlink\powerproducer\ppdvdump.ax"
+ "CyberLink DVD Navigator (PDVD7)" "CyberLink DVD Navigation Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd\navfilter\clnavx.ax"
+ "CyberLink Editing Service 3.0 (Source)" "CES Kernel" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerproducer\cledtkrn.dll"
+ "CyberLink Effect Decorator (YouCam)" "CyberLink Effect Decorator (Generic)" "CyberLink Corporation" "c:\program files (x86)\cyberlink\youcam\ycfxdec.ax"
+ "CyberLink Frame Parser" "CLFParser" "CyberLink" "c:\program files (x86)\cyberlink\powerproducer\clfparser.ax"
+ "CyberLink Line21 Decoder (PDVD7)" "CyberLink Line21 Decoder Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd\videofilter\clline21.ax"
+ "CyberLink Load Image Filter" "CLImage" "CyberLink" "c:\program files (x86)\cyberlink\shared files\climage.ax"
+ "CyberLink MPEG Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd\upnp\clsplter.ax"
+ "CyberLink MPEG-4 Splitter (PDVD7)" "CyberLink MPEG-4 Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd\navfilter\clm4splt.ax"
+ "CyberLink Push-Mode CLStream (PDVD7)" "CLStream" "CyberLink" "c:\program files (x86)\cyberlink\powerdvd\upnp\clstream(pushmode).ax"
+ "Cyberlink Scene Detect Filter" "CLScnDt" "CyberLink" "c:\program files (x86)\cyberlink\powerproducer\ppscndt.ax"
+ "CyberLink Streamming Filter (PDVD7)" "Cyberlink Streaming Source Filter(Scramble)" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd\upnp\clstream.ax"
+ "Cyberlink Sub-Picture Filter" "Cyberlink Sub-Picture Filter" "Cyberlink" "c:\program files (x86)\cyberlink\powerproducer\clsubpic.ax"
+ "Cyberlink SubTitle Importor (PDVD7)" "CLSubTitle.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd\videofilter\clsubtitle.ax"
+ "CyberLink TimeStretch Filter (PDVD7)" "CLAuTS.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd\audiofilter\clauts.ax"
+ "CyberLink TL MPEG Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\youcam\yctlmsplter.ax"
+ "Cyberlink TS Information" "CLTSInfo" "Cyberlink" "c:\program files (x86)\cyberlink\powerproducer\pptsinfo.ax"
+ "CyberLink Video Regulator" "CLRGL" "Cyberlink" "c:\program files (x86)\cyberlink\youcam\ycrgl.ax"
+ "CyberLink Video/SP Decoder (PDVD7)" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd\videofilter\clvsd.ax"
+ "CyberLink Video/SP Decoder(PDVD7 HomeNetwork)" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd\upnp\clvsd.ax"
+ "CyberLink WebCamera NULL Render" "CLWEBCAMERARENDER" "CyberLink" "c:\program files (x86)\cyberlink\youcam\ycwebcamerarender.ax"
+ "DV Scenes" "DV-Timecode based Scenechange Detection" "Nero AG" "c:\program files (x86)\nero\nero8\nero vision\nvdv.dll"
+ "DV Source Filter" "DV-Timecode based Scenechange Detection" "Nero AG" "c:\program files (x86)\nero\nero8\nero vision\nvdv.dll"
+ "MainConcept (Broadcast) AVC/H.264 Video Decoder" "AVC/H.264 Decoder DirectShow Filter" "MainConcept GmbH" "c:\program files (x86)\adobe\elements 9 organizer\caheadless\mc_bc_dec_avc_ds.ax"
+ "MainConcept AAC Decoder" "AAC audio decoder filter" "MainConcept GmbH" "c:\program files (x86)\adobe\elements 9 organizer\caheadless\mc_dec_aac_ds.ax"
+ "MainConcept AVC/H.264 Video Decoder" "AVC/H.264 Decoder DirectShow Filter" "MainConcept GmbH" "c:\program files (x86)\adobe\elements 9 organizer\caheadless\mc_dec_avc_ds.ax"
+ "MainConcept Dolby Digital Audio Decoder" "Dolby Digital Audio Decoder" "MainConcept GmbH" "c:\program files (x86)\adobe\adobe premiere elements 9\mc_dec_dd_ds.ax"
+ "MainConcept DV Dif Parser" "DV Dif Parser DS Filter" "MainConcept GmbH" "c:\program files (x86)\adobe\elements 9 organizer\caheadless\mc_parser_dv_ds.ax"
+ "MainConcept DV Video Decoder" "DirectShow DVCPro Video Decoder" "MainConcept GmbH" "c:\program files (x86)\adobe\elements 9 organizer\caheadless\mc_dec_dv_ds.ax"
+ "MainConcept DV-Demultiplexer" "DV-Splitter DS Filter" "MainConcept GmbH" "c:\program files (x86)\adobe\elements 9 organizer\caheadless\mc_demux_dv_ds.ax"
+ "MainConcept DVCPro 50 Video Decoder" "DirectShow DVCPro50 Video Decoder" "MainConcept GmbH" "c:\program files (x86)\adobe\elements 9 organizer\caheadless\mc_dec_dv50_ds.ax"
+ "MainConcept DVCPro HD Video Decoder" "DirectShow DVCProHD Video Decoder" "MainConcept GmbH" "c:\program files (x86)\adobe\elements 9 organizer\caheadless\mc_dec_dv100_ds.ax"
+ "MainConcept MPEG Demultiplexer" "MPEG-1/2 Demultiplexer" "MainConcept GmbH" "c:\program files (x86)\adobe\elements 9 organizer\caheadless\mc_demux_mp2_ds.ax"
+ "MainConcept MPEG Push Demultiplexer" "MPEG Push Demultiplexer" "MainConcept GmbH" "c:\program files (x86)\adobe\elements 9 organizer\caheadless\mc_demuxpush_mp2_ds.ax"
+ "MainConcept Stream Parser" "MPEG-1/2 Demultiplexer" "MainConcept GmbH" "c:\program files (x86)\adobe\elements 9 organizer\caheadless\mc_demux_mp2_ds.ax"
+ "MainConcept VC-1 Decoder" "VC-1 Decoder DirectShow Filter" "MainConcept GmbH" "c:\program files (x86)\adobe\elements 9 organizer\caheadless\mc_dec_vc1_ds.ax"
+ "MMACE Deinterlace" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "MMACE ProcAmp" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "MMACE SoftEmu" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "NeAudio2" "Nero Audio Decoder 2" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\neaudio2.ax"
+ "NeAudioRender" "Nero Audio Renderer" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\neaudiorender.ax"
+ "Nero Audible Decoder" "Nero Audible Decoder" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\neaudible.ax"
+ "Nero Audio CD Filter" "Nero Audio CD Source Filter" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\neaudcd.ax"
+ "Nero Audio CD Navigator" "Nero Audio CD Source Filter" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\neaudcd.ax"
+ "Nero Audio Transcoder" "Audio Transcoding Filter" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\netranscoder.ax"
+ "Nero AV Synchronizer" "Audio/Video Synchronizer" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\neavsync.ax"
+ "Nero Colorspace Converter" "Colorspace Converter" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\necolorspace.ax"
+ "Nero Deinterlace" "Deinterlacing Filter" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\nedeinterlace.ax"
+ "Nero Digital Audio Encoder 8" "AAC LC/HE Audio Encoder" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\nendaud.ax"
+ "Nero Digital File Writer 8" "NeroDigital File Format Muxer" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\nendmux.ax"
+ "Nero Digital Muxer 8" "NeroDigital File Format Muxer" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\nendmux.ax"
+ "Nero Digital Null Renderer 8" "NeroDigital File Format Muxer" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\nendmux.ax"
+ "Nero Digital Subpicture Enc 8" "NeroDigital File Format Muxer" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\nendmux.ax"
+ "Nero Digital Video Enc 8" "MPEG4 and H.264 (AVC) Video Encoder" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\nendvid.ax"
+ "Nero DV Splitter" "DV Splitter Filter" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\nedvsplitter.ax"
+ "Nero DVD Decoder" "MPEG-1/2/4 & AVC video decoder w/ DxVA" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\nevideo.ax"
+ "Nero DVD Navigator" "DVD Navigator Filter" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\nedvd.ax"
+ "Nero Elementary Stream Parser" "Nero Elementary Stream Parser" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\neesparser.ax"
+ "Nero File Source (Async.)" "Nero Home" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\nefilesourceasync.ax"
+ "Nero FLV Splitter" "Nero FLV Splitter Filter" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\neflvsplitter.ax"
+ "Nero Frame Capture" "Direct Show frame grabber filter" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\necapture.ax"
+ "Nero Framerate Converter" "Framerate Conversion DirectShow Filter" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\neframerate.ax"
+ "Nero HD Audio Mixer" "Nero Audio Mixer" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\nehdaudiomixer.ax"
+ "Nero InteractiveGraphics Decoder" "Graphics Decoder Filter" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\nebdgraphic.ax"
+ "Nero MP2 Audio Encoder" "MP2 Audio Encoding Filter" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\nemp2audioenc.ax"
+ "Nero MP3 Encoder" "MP3 Encoding Filter" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\nemp3encoder.ax"
+ "Nero MP4 Splitter" "MP4 Splitter Filter" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\nemp4splitter.ax"
+ "Nero Mpeg Video Encoder" "NeroMpeg Dynamic Link Library" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\nempegvideoenc.ax"
+ "Nero Mpeg2 Encoder" "MPEG 1/2 encoder filter" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\nevcr.ax"
+ "Nero Ogg Splitter" "Ogg Splitter Filter" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\neoggsplitter.ax"
+ "Nero Photo Source" "Nero Home" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\nephotosource.ax"
+ "Nero PresentationGraphics Decoder" "Graphics Decoder Filter" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\nebdgraphic.ax"
+ "Nero PS Muxer" "PS Muxer Filter" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\nepsmuxer.ax"
+ "Nero QuickTime™ Audio Decoder" "QuickTime™ Decoder Wrapper" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\neqtdec.ax"
+ "Nero QuickTime™ Video Decoder" "QuickTime™ Decoder Wrapper" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\neqtdec.ax"
+ "Nero Resize" "Resizing Filter" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\neresize.ax"
+ "Nero Scene Change Detector" "Scene Change Detector" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\nescenedetector.ax"
+ "Nero Scene Change Detector" "Scene Change Detector" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\nescenedetector.ax"
+ "Nero Sound Processor" "Nero Sound Processor" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\nesoundproc.ax"
+ "Nero Splitter" "Splitter Filter" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\nesplitter.ax"
+ "Nero Stream Buffer Sink" "Nero Stream Buffer Engine" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\nesbe.ax"
+ "Nero Stream Buffer Source" "Nero Stream Buffer Engine" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\nesbe.ax"
+ "Nero Subpicture Decoder" "Nero Subpicture Decoder" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\nesubpicture.ax"
+ "Nero Subtitle" "Subtitle Renderer & Mixer" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\nesubtitle.ax"
+ "Nero Teletext Decoder" "Teletext Decoder Filter" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\neteletext.ax"
+ "Nero Thumbnail Decoder" "Thumbnail Decoder Filter" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\nebdthumbnail.ax"
+ "Nero TS Muxer" "Nero Transport Stream Muxltiplexer" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\netsmuxer.ax"
+ "Nero Vcd Navigator" "Nero Vcd Navigator Filter" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\nevcd.ax"
+ "Nero Video Analyzer" "Nero Video Analyzer" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\nevideoanalyzer.ax"
+ "Nero Video Decoder" "MPEG-1/2/4 & AVC video decoder w/ DxVA" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\nevideo.ax"
+ "Nero Video Decoder HD" "Nero HD Video Decoder" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\nevideohd.ax"
+ "Nero Video Processor" "Resize / Deinterlace / Color Correction / Film Effect / Frame Capture Filter" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\nerovideoproc.ax"
+ "Nero Video Renderer" "Nero Video Renderer" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\nevideorenderer.ax"
+ "Nero VMR Modules Filter" "Nero VMR Modules" "Nero AG" "c:\program files (x86)\common files\nero\lib\nerovmrmodules.dll"
+ "NeroVobuGenerator" "Nero Vobu Generator" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\nerovobugenerator.ax"
+ "NeSoundSwitch" "Nero Sound Switcher" "Nero AG" "c:\program files (x86)\common files\nero\dsfilter\nesoundswitch.ax"
+ "PowerProducer Double Tee" "Cyberlink Double Tee Filter" "CtberLink Corporation" "c:\program files (x86)\cyberlink\powerproducer\ppdoubletee.ax"
+ "PP Audio Decoder" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerproducer\claud.ax"
+ "PP Audio Effect" "CyberLink Audio Effect Filter" "CyberLink Corporation" "c:\program files (x86)\cyberlink\powerproducer\claudfx.ax"
+ "PP Audio Encoder" "CyberLink Audio Encoder Filter" "Cyberlink Corp." "c:\program files (x86)\cyberlink\powerproducer\ppaudenc.ax"
+ "PP Audio Noise Reduction (CES)" "CLAuNR" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerproducer\claunrwrapper.ax"
+ "PP Audio Resampler" "CLAuRsmpl.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerproducer\ppaursmpl.ax"
+ "PP Byte Counter" "PP Byte Counter" "CyberLink Corporation" "c:\program files (x86)\cyberlink\powerproducer\ppbytecounter.ax"
+ "PP DDR" "PP DDR" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerproducer\pprender.ax"
+ "PP Dump Dispatch Filter" "Cyberlink File Dump Dispatch Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerproducer\ppdumpdispatch.ax"
+ "PP Dump Filter" "Cyberlink File Dump Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerproducer\ppdump.ax"
+ "PP DV Buffer" "CLDVBuffer Filter" "CyberLink" "c:\program files (x86)\cyberlink\powerproducer\ppdvbuffer.ax"
+ "PP DV Dump Filter" "DV dump Filter" "CyberLink Corporation" "c:\program files (x86)\cyberlink\powerproducer\ppdvdump.ax"
+ "PP DV Reader Filter" "DVMultReader Filter" "CyberLink" "c:\program files (x86)\cyberlink\powerproducer\ppdvmrd.ax"
+ "PP DV TCR" "DVTCR" "CyberLink" "c:\program files (x86)\cyberlink\powerproducer\ppdvtcr.ax"
+ "PP File Reader (Async.)" "Cyberlink MPEG File Reader" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerproducer\ppreader.ax"
+ "PP Gate Filter" "CLGate" "CyberLink" "c:\program files (x86)\cyberlink\powerproducer\ppgate.ax"
+ "PP IDM" "idmf" "Cyberlink" "c:\program files (x86)\cyberlink\powerproducer\ppidmf.ax"
+ "PP M2V Writer" "CLM2VWriter" "CyberLink" "c:\program files (x86)\cyberlink\powerproducer\ppm2vwriter.ax"
+ "PP MPEG Muxer" "MpgMux" "CyberLink" "c:\program files (x86)\cyberlink\powerproducer\ppmpgmux.ax"
+ "PP MPEG Video Encoder" "CyberLink MPEG Video Encoder " "CyberLink Corp. " "c:\program files (x86)\cyberlink\powerproducer\ppvidenc.ax"
+ "PP MPEG-1 Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerproducer\ppm1splter.ax"
+ "PP MPEG-2 Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerproducer\ppm2splter.ax"
+ "PP PCM Wrapper" "PP PCM Wrapper" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerproducer\pppcmenc.ax"
+ "PP Snapshot Filter" "CLSnapShot Filter" "CyberLink" "c:\program files (x86)\cyberlink\powerproducer\ppsnapshot.ax"
+ "PP SnapShotTIP Filter" "CLSShot" "CyberLink" "c:\program files (x86)\cyberlink\powerproducer\ppsshot.ax"
+ "PP TimeStretch Filter (CES)" "CLAuTS.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerproducer\clauts.ax"
+ "PP TL MPEG Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerproducer\pptlmsplter.ax"
+ "PP Video Decoder" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerproducer\ppgenericvsd.ax"
+ "PP Video Effect" "CLVidFx" "CyberLink" "c:\program files (x86)\cyberlink\powerproducer\ppvidfx.ax"
+ "PP Video Regulator" "CyberLink Video Regulator" "CyberLink" "c:\program files (x86)\cyberlink\powerproducer\ppresample.ax"
+ "PP Video Regulator" "CLRGL" "Cyberlink" "c:\program files (x86)\cyberlink\powerproducer\clrgl.ax"
+ "PP Video Stabilizer" "CLVideoDeShaking" "CyberLink" "c:\program files (x86)\cyberlink\powerproducer\clvideostabilizer.ax"
+ "PP WAV Dest" "CLWavDest" "CyberLink" "c:\program files (x86)\cyberlink\powerproducer\ppwavdest.ax"
+ "PP YUY2 Deinterlace" "DitlYuY2" "CyberLink" "c:\program files (x86)\cyberlink\powerproducer\ppditlyuy2.ax"
+ "PP YUY2 Sub-Sampling" "SubYUY2 Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerproducer\ppsubyuy2.ax"
+ "Record Queue" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "SmartSound SDS Reader" "SDS Media File Reader Filter" "SmartSound Software Inc." "c:\program files (x86)\smartsound software\quicktracks\sdsreader.dll"
+ "SmartSound Soundtrack" "Quicktracks Soundtrack source filter" "SmartSound Software Inc." "c:\program files (x86)\smartsound software\quicktracks\directqx.dll"
+ "Time Regulator" "TimeRegulator" "cyberlink" "c:\program files (x86)\cyberlink\powerproducer\avi_audtr.ax"
+ "Track1Filter" "Adobe Photoshop Elements 9.0 (component)" "Adobe Systems Incorporated" "c:\program files (x86)\adobe\elements 9 organizer\track1filter.dll"
+ "Track2Filter" "Adobe Photoshop Elements 9.0 (component)" "Adobe Systems Incorporated" "c:\program files (x86)\adobe\elements 9 organizer\track2filter.dll"
+ "WM VIH2 Fix" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT DV Extract Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
X "{D517CC93-7066-4D06-A2AF-2F4298738C2A}" "" "" "File not found: C:\Program Files (x86)\Adobe\Adobe Premiere Elements 9\plug-ins\en_US\DvFileWriter.prm"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" "" "" ""
+ "WLIDCredentialProvider" "Microsoft® Windows Live ID Credential Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files (x86)\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "PCL hpz3llhn" "LanguageMonitor" "Hewlett-Packard Company" "c:\windows\system32\hpz3llhn.dll"
+ "PCL hpz3lw71" "LanguageMonitor" "Hewlett-Packard Corporation" "c:\windows\system32\hpz3lw71.dll"

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:15 PM

Posted 01 November 2012 - 09:04 AM

Are you still receiving the pop ups?

what is exact path location?

#9 dhc

dhc
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:09:15 PM

Posted 01 November 2012 - 10:51 AM

Looks like it is finally gone

I removed these directories and they have not come back

it emanates from two difernt directories in the USers AppData\local\tmp directory

They are rpcm and cgm

When it on the box these directories always come back within a few minutes


they dont seem to be comming bakc

thanks

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:15 PM

Posted 01 November 2012 - 02:20 PM

That looks good

Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

XP- http://support.microsoft.com/kb/310405

Vista & windows 7- http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users