Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Msctf.dll is not a valid windows image


  • Please log in to reply
16 replies to this topic

#1 Riverwnn

Riverwnn

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:04:41 PM

Posted 07 November 2012 - 06:35 PM

I stupidly clicked on something from a friend who's facebook had been hacked and I didn't realize it. I had a bad feeling about and so decided to run a virus scan. As I was scanning, a warning from Avira came up telling me that Msctf.dll is not a valid windows image. Please check it against your diskettes.

A quick scan from MBAM came back clean. Avira came back with 90 warnings, that is something new. No viruses or hidden objects had been detected.

I am running Windows XP Professional. This laptop is six years old and it could be a hardware issue. My mum's computer currently has a full-blown bad infection so I am paranoid.

Thanks.

Edited by Riverwnn, 07 November 2012 - 06:35 PM.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:41 PM

Posted 07 November 2012 - 09:26 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 Riverwnn

Riverwnn
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:04:41 PM

Posted 07 November 2012 - 10:05 PM

TDSSKiller results

22:00:47.0125 3172 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
22:00:47.0609 3172 ============================================================
22:00:47.0609 3172 Current date / time: 2012/11/07 22:00:47.0609
22:00:47.0609 3172 SystemInfo:
22:00:47.0609 3172
22:00:47.0609 3172 OS Version: 5.1.2600 ServicePack: 3.0
22:00:47.0609 3172 Product type: Workstation
22:00:47.0609 3172 ComputerName: MING
22:00:47.0609 3172 UserName: TT
22:00:47.0609 3172 Windows directory: C:\WINDOWS
22:00:47.0609 3172 System windows directory: C:\WINDOWS
22:00:47.0609 3172 Processor architecture: Intel x86
22:00:47.0609 3172 Number of processors: 2
22:00:47.0609 3172 Page size: 0x1000
22:00:47.0609 3172 Boot type: Normal boot
22:00:47.0609 3172 ============================================================
22:00:48.0406 3172 Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2861, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000050
22:00:48.0406 3172 ============================================================
22:00:48.0406 3172 \Device\Harddisk0\DR0:
22:00:48.0406 3172 MBR partitions:
22:00:48.0406 3172 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x8B47471
22:00:48.0406 3172 ============================================================
22:00:48.0453 3172 C: <-> \Device\Harddisk0\DR0\Partition1
22:00:48.0453 3172 ============================================================
22:00:48.0453 3172 Initialize success
22:00:48.0453 3172 ============================================================
22:00:59.0671 3788 ============================================================
22:00:59.0671 3788 Scan started
22:00:59.0671 3788 Mode: Manual;
22:00:59.0671 3788 ============================================================
22:01:00.0218 3788 ================ Scan system memory ========================
22:01:00.0218 3788 System memory - ok
22:01:00.0218 3788 ================ Scan services =============================
22:01:00.0421 3788 [ 01E81C84AD1D0ACC61CF3CFD06632210 ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
22:01:00.0421 3788 !SASCORE - ok
22:01:00.0671 3788 Abiosdsk - ok
22:01:00.0718 3788 [ 6ABB91494FE6C59089B9336452AB2EA3 ] abp480n5 C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
22:01:00.0718 3788 abp480n5 - ok
22:01:00.0750 3788 [ 0F2D66D5F08EBE2F77BB904288DCF6F0 ] ac97intc C:\WINDOWS\system32\drivers\ac97intc.sys
22:01:00.0750 3788 ac97intc - ok
22:01:00.0812 3788 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
22:01:00.0812 3788 ACPI - ok
22:01:00.0828 3788 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
22:01:00.0828 3788 ACPIEC - ok
22:01:00.0890 3788 [ C146F28401B7139369CD33F2CDD6E552 ] AcPrfMgrSvc C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
22:01:00.0890 3788 AcPrfMgrSvc - ok
22:01:00.0921 3788 [ D04906894E446415FB96516FEA348A27 ] AcSvc C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
22:01:00.0921 3788 AcSvc - ok
22:01:00.0984 3788 [ B7C4F2A40B7D2289EB944FFF30F385FF ] ADIHdAudAddService C:\WINDOWS\system32\drivers\ADIHdAud.sys
22:01:00.0984 3788 ADIHdAudAddService - ok
22:01:01.0000 3788 [ 9A11864873DA202C996558B2106B0BBC ] adpu160m C:\WINDOWS\system32\DRIVERS\adpu160m.sys
22:01:01.0015 3788 adpu160m - ok
22:01:01.0031 3788 [ C984DE22ED71414ABC42C1E03D412E33 ] AEAudioService C:\WINDOWS\system32\drivers\AEAudio.sys
22:01:01.0046 3788 AEAudioService - ok
22:01:01.0062 3788 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
22:01:01.0078 3788 aec - ok
22:01:01.0093 3788 [ 12DAFD934641DCF61E446313BC261EC2 ] AegisP C:\WINDOWS\system32\DRIVERS\AegisP.sys
22:01:01.0093 3788 AegisP - ok
22:01:01.0156 3788 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
22:01:01.0156 3788 AFD - ok
22:01:01.0203 3788 [ 08FD04AA961BDC77FB983F328334E3D7 ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys
22:01:01.0203 3788 agp440 - ok
22:01:01.0234 3788 [ 03A7E0922ACFE1B07D5DB2EEB0773063 ] agpCPQ C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
22:01:01.0234 3788 agpCPQ - ok
22:01:01.0265 3788 [ C23EA9B5F46C7F7910DB3EAB648FF013 ] Aha154x C:\WINDOWS\system32\DRIVERS\aha154x.sys
22:01:01.0265 3788 Aha154x - ok
22:01:01.0296 3788 [ 19DD0FB48B0C18892F70E2E7D61A1529 ] aic78u2 C:\WINDOWS\system32\DRIVERS\aic78u2.sys
22:01:01.0296 3788 aic78u2 - ok
22:01:01.0343 3788 [ B7FE594A7468AA0132DEB03FB8E34326 ] aic78xx C:\WINDOWS\system32\DRIVERS\aic78xx.sys
22:01:01.0343 3788 aic78xx - ok
22:01:01.0421 3788 [ 3F9F42085AB5B6A55498A539C54575AB ] akshasp C:\WINDOWS\system32\DRIVERS\akshasp.sys
22:01:01.0437 3788 akshasp - ok
22:01:01.0515 3788 [ D2B95315CC47F9230006FDBCBA394D8D ] aksusb C:\WINDOWS\system32\DRIVERS\aksusb.sys
22:01:01.0515 3788 aksusb - ok
22:01:01.0578 3788 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
22:01:01.0578 3788 Alerter - ok
22:01:01.0625 3788 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
22:01:01.0625 3788 ALG - ok
22:01:01.0656 3788 [ 1140AB9938809700B46BB88E46D72A96 ] AliIde C:\WINDOWS\system32\DRIVERS\aliide.sys
22:01:01.0656 3788 AliIde - ok
22:01:01.0671 3788 [ CB08AED0DE2DD889A8A820CD8082D83C ] alim1541 C:\WINDOWS\system32\DRIVERS\alim1541.sys
22:01:01.0671 3788 alim1541 - ok
22:01:01.0687 3788 [ 95B4FB835E28AA1336CEEB07FD5B9398 ] amdagp C:\WINDOWS\system32\DRIVERS\amdagp.sys
22:01:01.0687 3788 amdagp - ok
22:01:01.0734 3788 [ 79F5ADD8D24BD6893F2903A3E2F3FAD6 ] amsint C:\WINDOWS\system32\DRIVERS\amsint.sys
22:01:01.0734 3788 amsint - ok
22:01:01.0750 3788 [ 11AB185A7AF224800BBFB5B836974A17 ] ANC C:\WINDOWS\system32\drivers\ANC.SYS
22:01:01.0750 3788 ANC - ok
22:01:01.0828 3788 [ 0A1CC583E8147004E4AD4625D7FBF88C ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
22:01:01.0828 3788 AntiVirSchedulerService - ok
22:01:01.0875 3788 [ C9A36EF935ACED86AEDF93E97E606911 ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe
22:01:01.0875 3788 AntiVirService - ok
22:01:02.0000 3788 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
22:01:02.0000 3788 Apple Mobile Device - ok
22:01:02.0046 3788 [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
22:01:02.0046 3788 AppMgmt - ok
22:01:02.0093 3788 [ 62D318E9A0C8FC9B780008E724283707 ] asc C:\WINDOWS\system32\DRIVERS\asc.sys
22:01:02.0093 3788 asc - ok
22:01:02.0109 3788 [ 69EB0CC7714B32896CCBFD5EDCBEA447 ] asc3350p C:\WINDOWS\system32\DRIVERS\asc3350p.sys
22:01:02.0109 3788 asc3350p - ok
22:01:02.0125 3788 [ 5D8DE112AA0254B907861E9E9C31D597 ] asc3550 C:\WINDOWS\system32\DRIVERS\asc3550.sys
22:01:02.0125 3788 asc3550 - ok
22:01:02.0265 3788 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
22:01:02.0265 3788 aspnet_state - ok
22:01:02.0296 3788 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
22:01:02.0312 3788 AsyncMac - ok
22:01:02.0328 3788 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
22:01:02.0328 3788 atapi - ok
22:01:02.0343 3788 Atdisk - ok
22:01:02.0359 3788 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
22:01:02.0359 3788 Atmarpc - ok
22:01:02.0406 3788 [ DBF0D7E2DF33B469EB55406FEA759350 ] atmeltpm C:\WINDOWS\system32\DRIVERS\atmeltpm.sys
22:01:02.0406 3788 atmeltpm - ok
22:01:02.0468 3788 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
22:01:02.0468 3788 AudioSrv - ok
22:01:02.0484 3788 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
22:01:02.0484 3788 audstub - ok
22:01:02.0515 3788 [ D5541F0AFB767E85FC412FC609D96A74 ] avgntflt C:\WINDOWS\system32\DRIVERS\avgntflt.sys
22:01:02.0515 3788 avgntflt - ok
22:01:02.0562 3788 [ 7D967A682D4694DF7FA57D63A2DB01FE ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys
22:01:02.0562 3788 avipbb - ok
22:01:02.0609 3788 [ 271CFD1A989209B1964E24D969552BF7 ] avkmgr C:\WINDOWS\system32\DRIVERS\avkmgr.sys
22:01:02.0609 3788 avkmgr - ok
22:01:02.0625 3788 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
22:01:02.0625 3788 Beep - ok
22:01:02.0671 3788 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
22:01:02.0671 3788 BITS - ok
22:01:02.0765 3788 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
22:01:02.0765 3788 Bonjour Service - ok
22:01:02.0812 3788 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
22:01:02.0812 3788 Browser - ok
22:01:02.0875 3788 [ F5AD2F8F69445FDF21F0F6AE4DA098AA ] btaudio C:\WINDOWS\system32\drivers\btaudio.sys
22:01:02.0890 3788 btaudio - ok
22:01:02.0906 3788 [ AE2AE6A32B9450BCA89FF71DD148FAA5 ] BTDriver C:\WINDOWS\system32\DRIVERS\btport.sys
22:01:02.0906 3788 BTDriver - ok
22:01:03.0031 3788 [ 7512C4F3F408DD9804500E275517A758 ] BTKRNL C:\WINDOWS\system32\DRIVERS\btkrnl.sys
22:01:03.0046 3788 BTKRNL - ok
22:01:03.0140 3788 [ 0AB7A2E4EC1A207F1CAA1507552AED9B ] btwdins C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
22:01:03.0140 3788 btwdins - ok
22:01:03.0156 3788 [ E83259C865AB76C166759951A56E39C8 ] BTWDNDIS C:\WINDOWS\system32\DRIVERS\btwdndis.sys
22:01:03.0156 3788 BTWDNDIS - ok
22:01:03.0171 3788 [ EB68B380DA558BA4F5D54519EC734DC9 ] BTWUSB C:\WINDOWS\system32\Drivers\btwusb.sys
22:01:03.0171 3788 BTWUSB - ok
22:01:03.0312 3788 [ 2056F368D454BA970DDB755A3C59113B ] Cadence License Manager C:\OrCAD\license_manager\lmgrd.exe
22:01:03.0328 3788 Cadence License Manager - ok
22:01:03.0375 3788 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
22:01:03.0375 3788 cbidf - ok
22:01:03.0390 3788 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
22:01:03.0390 3788 cbidf2k - ok
22:01:03.0406 3788 [ F3EC03299634490E97BBCE94CD2954C7 ] cd20xrnt C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
22:01:03.0406 3788 cd20xrnt - ok
22:01:03.0453 3788 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
22:01:03.0468 3788 Cdaudio - ok
22:01:03.0515 3788 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
22:01:03.0515 3788 Cdfs - ok
22:01:03.0562 3788 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
22:01:03.0562 3788 Cdrom - ok
22:01:03.0578 3788 Changer - ok
22:01:03.0625 3788 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
22:01:03.0625 3788 CiSvc - ok
22:01:03.0656 3788 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
22:01:03.0656 3788 ClipSrv - ok
22:01:03.0718 3788 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:01:03.0718 3788 clr_optimization_v2.0.50727_32 - ok
22:01:03.0718 3788 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
22:01:03.0718 3788 CmBatt - ok
22:01:03.0750 3788 [ E5DCB56C533014ECBC556A8357C929D5 ] CmdIde C:\WINDOWS\system32\DRIVERS\cmdide.sys
22:01:03.0750 3788 CmdIde - ok
22:01:03.0750 3788 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
22:01:03.0765 3788 Compbatt - ok
22:01:03.0765 3788 COMSysApp - ok
22:01:03.0812 3788 [ 3EE529119EED34CD212A215E8C40D4B6 ] Cpqarray C:\WINDOWS\system32\DRIVERS\cpqarray.sys
22:01:03.0812 3788 Cpqarray - ok
22:01:03.0843 3788 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
22:01:03.0843 3788 CryptSvc - ok
22:01:03.0875 3788 [ E550E7418984B65A78299D248F0A7F36 ] dac2w2k C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
22:01:03.0875 3788 dac2w2k - ok
22:01:03.0906 3788 [ 683789CAA3864EB46125AE86FF677D34 ] dac960nt C:\WINDOWS\system32\DRIVERS\dac960nt.sys
22:01:03.0906 3788 dac960nt - ok
22:01:03.0968 3788 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
22:01:03.0984 3788 DcomLaunch - ok
22:01:04.0000 3788 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
22:01:04.0015 3788 Dhcp - ok
22:01:04.0015 3788 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
22:01:04.0015 3788 Disk - ok
22:01:04.0125 3788 [ 57C54E1AD602F3206A8E2498E776C22D ] Diskeeper C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
22:01:04.0125 3788 Diskeeper - ok
22:01:04.0187 3788 [ EFAE981C8BA3DAD4103A76BCB5955B07 ] DLABOIOM C:\WINDOWS\system32\DLA\DLABOIOM.SYS
22:01:04.0187 3788 DLABOIOM - ok
22:01:04.0234 3788 [ 8D45AC148FD8C1A25204AECA1397FA7E ] DLACDBHM C:\WINDOWS\system32\Drivers\DLACDBHM.SYS
22:01:04.0234 3788 DLACDBHM - ok
22:01:04.0250 3788 [ 3E34A0991EFDAF8CFA97441C3A51FC81 ] DLADResN C:\WINDOWS\system32\DLA\DLADResN.SYS
22:01:04.0265 3788 DLADResN - ok
22:01:04.0296 3788 [ 2AEF49904BDE7398D0F09B6A603738EF ] DLAIFS_M C:\WINDOWS\system32\DLA\DLAIFS_M.SYS
22:01:04.0296 3788 DLAIFS_M - ok
22:01:04.0312 3788 [ 46FA268A829384256179F4CCB6EB308F ] DLAOPIOM C:\WINDOWS\system32\DLA\DLAOPIOM.SYS
22:01:04.0312 3788 DLAOPIOM - ok
22:01:04.0343 3788 [ 26E89839AF248625A4E7C4CF5873375D ] DLAPoolM C:\WINDOWS\system32\DLA\DLAPoolM.SYS
22:01:04.0343 3788 DLAPoolM - ok
22:01:04.0343 3788 [ 94ACCF8F7B87FBEAA27266927319E6BA ] DLARTL_N C:\WINDOWS\system32\Drivers\DLARTL_N.SYS
22:01:04.0359 3788 DLARTL_N - ok
22:01:04.0390 3788 [ 5E914BD7F68DDE3FB4BFFE005162C1E6 ] DLAUDFAM C:\WINDOWS\system32\DLA\DLAUDFAM.SYS
22:01:04.0390 3788 DLAUDFAM - ok
22:01:04.0406 3788 [ 8C3CFB22A7FB3BE67E0C321FA10B8B50 ] DLAUDF_M C:\WINDOWS\system32\DLA\DLAUDF_M.SYS
22:01:04.0406 3788 DLAUDF_M - ok
22:01:04.0437 3788 dmadmin - ok
22:01:04.0515 3788 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
22:01:04.0531 3788 dmboot - ok
22:01:04.0546 3788 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
22:01:04.0562 3788 dmio - ok
22:01:04.0625 3788 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
22:01:04.0640 3788 dmload - ok
22:01:04.0703 3788 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
22:01:04.0718 3788 dmserver - ok
22:01:04.0765 3788 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
22:01:04.0765 3788 DMusic - ok
22:01:04.0859 3788 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
22:01:04.0859 3788 Dnscache - ok
22:01:04.0953 3788 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
22:01:04.0953 3788 Dot3svc - ok
22:01:05.0000 3788 [ 40F3B93B4E5B0126F2F5C0A7A5E22660 ] dpti2o C:\WINDOWS\system32\DRIVERS\dpti2o.sys
22:01:05.0000 3788 dpti2o - ok
22:01:05.0046 3788 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
22:01:05.0046 3788 drmkaud - ok
22:01:05.0125 3788 [ AB6C5C26FFF9B3C456AEAF7E0093C2FE ] DRVMCDB C:\WINDOWS\system32\Drivers\DRVMCDB.SYS
22:01:05.0125 3788 DRVMCDB - ok
22:01:05.0140 3788 [ 4A307ADE1638D9358B6EB90076481CC6 ] DRVNDDM C:\WINDOWS\system32\Drivers\DRVNDDM.SYS
22:01:05.0140 3788 DRVNDDM - ok
22:01:05.0156 3788 [ 3FCA03CBCA11269F973B70FA483C88EF ] E100B C:\WINDOWS\system32\DRIVERS\e100b325.sys
22:01:05.0156 3788 E100B - ok
22:01:05.0171 3788 [ 00560C3FEDF8958FCDC7C68B7906F66F ] e1express C:\WINDOWS\system32\DRIVERS\e1e5132.sys
22:01:05.0171 3788 e1express - ok
22:01:05.0218 3788 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
22:01:05.0218 3788 EapHost - ok
22:01:05.0234 3788 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
22:01:05.0234 3788 ERSvc - ok
22:01:05.0281 3788 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
22:01:05.0281 3788 Eventlog - ok
22:01:05.0343 3788 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
22:01:05.0343 3788 EventSystem - ok
22:01:05.0406 3788 [ 44A95584057C2CFDA9DFF328232E1238 ] EvtEng C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
22:01:05.0406 3788 EvtEng - ok
22:01:05.0421 3788 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
22:01:05.0421 3788 Fastfat - ok
22:01:05.0468 3788 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
22:01:05.0484 3788 FastUserSwitchingCompatibility - ok
22:01:05.0500 3788 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
22:01:05.0500 3788 Fdc - ok
22:01:05.0546 3788 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
22:01:05.0546 3788 Fips - ok
22:01:05.0562 3788 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
22:01:05.0562 3788 Flpydisk - ok
22:01:05.0609 3788 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
22:01:05.0609 3788 FltMgr - ok
22:01:05.0703 3788 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
22:01:05.0703 3788 FontCache3.0.0.0 - ok
22:01:05.0734 3788 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
22:01:05.0734 3788 Fs_Rec - ok
22:01:05.0750 3788 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
22:01:05.0750 3788 Ftdisk - ok
22:01:05.0796 3788 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
22:01:05.0796 3788 GEARAspiWDM - ok
22:01:05.0812 3788 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
22:01:05.0812 3788 Gpc - ok
22:01:05.0953 3788 [ 751C1D2CA2ABF4A9F5A6B8D7D45B907C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
22:01:05.0953 3788 gusvc - ok
22:01:06.0015 3788 [ D95554949082FD29A04D351B58396718 ] hardlock C:\WINDOWS\system32\drivers\hardlock.sys
22:01:06.0031 3788 hardlock - ok
22:01:06.0046 3788 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
22:01:06.0062 3788 HDAudBus - ok
22:01:06.0125 3788 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
22:01:06.0125 3788 helpsvc - ok
22:01:06.0125 3788 HidServ - ok
22:01:06.0171 3788 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
22:01:06.0171 3788 HidUsb - ok
22:01:06.0203 3788 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
22:01:06.0218 3788 hkmsvc - ok
22:01:06.0250 3788 [ B028377DEA0546A5FCFBA928A8AEFAE0 ] hpn C:\WINDOWS\system32\DRIVERS\hpn.sys
22:01:06.0250 3788 hpn - ok
22:01:06.0390 3788 [ B1FC0B027DF4374F9E5B796CFDF797B3 ] HSF_DPV C:\WINDOWS\system32\DRIVERS\hsx_dpv.sys
22:01:06.0390 3788 HSF_DPV - ok
22:01:06.0406 3788 [ 3AF45F5B4157C88FFAE24D89BA408302 ] HSXHWAZL C:\WINDOWS\system32\DRIVERS\hsxhwazl.sys
22:01:06.0406 3788 HSXHWAZL - ok
22:01:06.0468 3788 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
22:01:06.0484 3788 HTTP - ok
22:01:06.0500 3788 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
22:01:06.0500 3788 HTTPFilter - ok
22:01:06.0515 3788 [ 9368670BD426EBEA5E8B18A62416EC28 ] i2omgmt C:\WINDOWS\system32\drivers\i2omgmt.sys
22:01:06.0515 3788 i2omgmt - ok
22:01:06.0531 3788 [ F10863BF1CCC290BABD1A09188AE49E0 ] i2omp C:\WINDOWS\system32\DRIVERS\i2omp.sys
22:01:06.0531 3788 i2omp - ok
22:01:06.0562 3788 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
22:01:06.0562 3788 i8042prt - ok
22:01:06.0875 3788 [ 06B71441957B48A4866DE2FE27CB79C8 ] ialm C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
22:01:06.0953 3788 ialm - ok
22:01:07.0015 3788 [ 309C4D86D989FB1FCF64BD30DC81C51B ] iaStor C:\WINDOWS\system32\DRIVERS\iaStor.sys
22:01:07.0031 3788 iaStor - ok
22:01:07.0046 3788 [ BD1DDF774E7FD633D701B1FB69B9F081 ] ibmfilter C:\WINDOWS\system32\drivers\ibmfilter.sys
22:01:07.0046 3788 ibmfilter - ok
22:01:07.0093 3788 [ 067A88764593B1F46A6CFB00C69C11EB ] IBMPMDRV C:\WINDOWS\system32\DRIVERS\ibmpmdrv.sys
22:01:07.0093 3788 IBMPMDRV - ok
22:01:07.0156 3788 [ 21ABD7E16659602723F984F512C65E02 ] IBMPMSVC C:\WINDOWS\system32\ibmpmsvc.exe
22:01:07.0156 3788 IBMPMSVC - ok
22:01:07.0171 3788 [ BFC9F3ADAAD74E13F9CE16C8BD336F95 ] IBMTPCHK C:\WINDOWS\system32\Drivers\IBMBLDID.sys
22:01:07.0171 3788 IBMTPCHK - ok
22:01:07.0234 3788 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
22:01:07.0234 3788 IDriverT - ok
22:01:07.0328 3788 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
22:01:07.0343 3788 idsvc - ok
22:01:07.0343 3788 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
22:01:07.0343 3788 Imapi - ok
22:01:07.0406 3788 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
22:01:07.0406 3788 ImapiService - ok
22:01:07.0421 3788 [ 4A40E045FAEE58631FD8D91AFC620719 ] ini910u C:\WINDOWS\system32\DRIVERS\ini910u.sys
22:01:07.0421 3788 ini910u - ok
22:01:07.0453 3788 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
22:01:07.0453 3788 IntelIde - ok
22:01:07.0500 3788 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
22:01:07.0500 3788 intelppm - ok
22:01:07.0515 3788 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
22:01:07.0515 3788 Ip6Fw - ok
22:01:07.0562 3788 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
22:01:07.0578 3788 IpFilterDriver - ok
22:01:07.0609 3788 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
22:01:07.0609 3788 IpInIp - ok
22:01:07.0640 3788 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
22:01:07.0640 3788 IpNat - ok
22:01:07.0718 3788 [ E6BE7A41A28D8F2DB174957454D32448 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
22:01:07.0718 3788 iPod Service - ok
22:01:07.0750 3788 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
22:01:07.0750 3788 IPSec - ok
22:01:07.0796 3788 [ EBC8D84FEA72BCD0421F029ACB68189D ] IPSSVC C:\WINDOWS\system32\IPSSVC.EXE
22:01:07.0796 3788 IPSSVC - ok
22:01:07.0828 3788 [ ACA5E7B54409F9CB5EED97ED0C81120E ] irda C:\WINDOWS\system32\DRIVERS\irda.sys
22:01:07.0828 3788 irda - ok
22:01:07.0875 3788 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
22:01:07.0875 3788 IRENUM - ok
22:01:07.0921 3788 [ 49CC4533CE897CB2E93C1E84A818FDE5 ] Irmon C:\WINDOWS\System32\irmon.dll
22:01:07.0921 3788 Irmon - ok
22:01:07.0953 3788 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
22:01:07.0953 3788 isapnp - ok
22:01:08.0015 3788 [ F59C3569A2F2C464BB78CB1BDCDCA55E ] Iviaspi C:\WINDOWS\system32\drivers\iviaspi.sys
22:01:08.0015 3788 Iviaspi - ok
22:01:08.0187 3788 [ B591E761161D1EF547D76EF236EAA6A5 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
22:01:08.0187 3788 JavaQuickStarterService - ok
22:01:08.0203 3788 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
22:01:08.0203 3788 Kbdclass - ok
22:01:08.0218 3788 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
22:01:08.0234 3788 kmixer - ok
22:01:08.0265 3788 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
22:01:08.0265 3788 KSecDD - ok
22:01:08.0312 3788 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
22:01:08.0312 3788 lanmanserver - ok
22:01:08.0359 3788 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
22:01:08.0375 3788 lanmanworkstation - ok
22:01:08.0375 3788 lbrtfdc - ok
22:01:08.0421 3788 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
22:01:08.0421 3788 LmHosts - ok
22:01:08.0437 3788 [ E246A32C445056996074A397DA56E815 ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
22:01:08.0437 3788 mdmxsdk - ok
22:01:08.0468 3788 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
22:01:08.0468 3788 Messenger - ok
22:01:08.0531 3788 Microsoft SharePoint Workspace Audit Service - ok
22:01:08.0578 3788 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
22:01:08.0578 3788 mnmdd - ok
22:01:08.0609 3788 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
22:01:08.0609 3788 mnmsrvc - ok
22:01:08.0640 3788 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
22:01:08.0640 3788 Modem - ok
22:01:08.0671 3788 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
22:01:08.0671 3788 Mouclass - ok
22:01:08.0718 3788 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
22:01:08.0718 3788 mouhid - ok
22:01:08.0734 3788 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
22:01:08.0734 3788 MountMgr - ok
22:01:08.0781 3788 [ 3F4BB95E5A44F3BE34824E8E7CAF0737 ] mraid35x C:\WINDOWS\system32\DRIVERS\mraid35x.sys
22:01:08.0781 3788 mraid35x - ok
22:01:08.0796 3788 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
22:01:08.0796 3788 MRxDAV - ok
22:01:08.0875 3788 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
22:01:08.0875 3788 MRxSmb - ok
22:01:08.0890 3788 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
22:01:08.0890 3788 MSDTC - ok
22:01:08.0906 3788 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
22:01:08.0906 3788 Msfs - ok
22:01:08.0921 3788 MSIServer - ok
22:01:08.0937 3788 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
22:01:08.0937 3788 MSKSSRV - ok
22:01:08.0953 3788 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
22:01:08.0953 3788 MSPCLOCK - ok
22:01:08.0953 3788 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
22:01:08.0968 3788 MSPQM - ok
22:01:09.0015 3788 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
22:01:09.0015 3788 mssmbios - ok
22:01:09.0031 3788 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
22:01:09.0046 3788 Mup - ok
22:01:09.0078 3788 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
22:01:09.0078 3788 napagent - ok
22:01:09.0125 3788 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
22:01:09.0125 3788 NDIS - ok
22:01:09.0171 3788 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
22:01:09.0171 3788 NdisTapi - ok
22:01:09.0187 3788 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
22:01:09.0187 3788 Ndisuio - ok
22:01:09.0203 3788 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
22:01:09.0203 3788 NdisWan - ok
22:01:09.0234 3788 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
22:01:09.0234 3788 NDProxy - ok
22:01:09.0250 3788 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
22:01:09.0250 3788 NetBIOS - ok
22:01:09.0281 3788 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
22:01:09.0281 3788 NetBT - ok
22:01:09.0343 3788 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
22:01:09.0343 3788 NetDDE - ok
22:01:09.0359 3788 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
22:01:09.0359 3788 NetDDEdsdm - ok
22:01:09.0390 3788 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
22:01:09.0390 3788 Netlogon - ok
22:01:09.0421 3788 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
22:01:09.0421 3788 Netman - ok
22:01:09.0468 3788 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:01:09.0468 3788 NetTcpPortSharing - ok
22:01:09.0500 3788 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
22:01:09.0500 3788 Nla - ok
22:01:09.0515 3788 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
22:01:09.0515 3788 Npfs - ok
22:01:09.0546 3788 [ 2ADC0CA9945C65284B3D19BC18765974 ] NSCIRDA C:\WINDOWS\system32\DRIVERS\nscirda.sys
22:01:09.0546 3788 NSCIRDA - ok
22:01:09.0578 3788 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
22:01:09.0593 3788 Ntfs - ok
22:01:09.0593 3788 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
22:01:09.0593 3788 NtLmSsp - ok
22:01:09.0640 3788 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
22:01:09.0640 3788 NtmsSvc - ok
22:01:09.0671 3788 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
22:01:09.0671 3788 Null - ok
22:01:09.0781 3788 [ 2B298519EDBFCF451D43E0F1E8F1006D ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
22:01:09.0812 3788 nv - ok
22:01:09.0875 3788 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
22:01:09.0875 3788 NwlnkFlt - ok
22:01:09.0890 3788 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
22:01:09.0906 3788 NwlnkFwd - ok
22:01:10.0125 3788 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:01:10.0125 3788 ose - ok
22:01:10.0531 3788 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
22:01:10.0593 3788 osppsvc - ok
22:01:10.0640 3788 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
22:01:10.0640 3788 Parport - ok
22:01:10.0656 3788 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
22:01:10.0656 3788 PartMgr - ok
22:01:10.0703 3788 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
22:01:10.0703 3788 ParVdm - ok
22:01:10.0718 3788 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
22:01:10.0718 3788 PCI - ok
22:01:10.0734 3788 PCIDump - ok
22:01:10.0750 3788 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
22:01:10.0750 3788 PCIIde - ok
22:01:10.0750 3788 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\DRIVERS\pcmcia.sys
22:01:10.0765 3788 Pcmcia - ok
22:01:10.0765 3788 PDCOMP - ok
22:01:10.0781 3788 PDFRAME - ok
22:01:10.0781 3788 PDRELI - ok
22:01:10.0796 3788 PDRFRAME - ok
22:01:10.0828 3788 [ 6C14B9C19BA84F73D3A86DBA11133101 ] perc2 C:\WINDOWS\system32\DRIVERS\perc2.sys
22:01:10.0828 3788 perc2 - ok
22:01:10.0875 3788 [ F50F7C27F131AFE7BEBA13E14A3B9416 ] perc2hib C:\WINDOWS\system32\DRIVERS\perc2hib.sys
22:01:10.0875 3788 perc2hib - ok
22:01:10.0921 3788 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
22:01:10.0921 3788 PlugPlay - ok
22:01:10.0937 3788 [ FA292805788528C083F416E151B60AB6 ] pmem C:\WINDOWS\System32\drivers\pmemnt.sys
22:01:10.0937 3788 pmem - ok
22:01:10.0953 3788 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
22:01:10.0953 3788 PolicyAgent - ok
22:01:11.0015 3788 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
22:01:11.0015 3788 PptpMiniport - ok
22:01:11.0140 3788 [ E580DD7D54415905BB0BAB306B659FDF ] PrivateDisk C:\Program Files\IBM ThinkVantage\SafeGuard PrivateDisk\PrivateDiskM.sys
22:01:11.0140 3788 PrivateDisk - ok
22:01:11.0171 3788 [ ABD39D58DAC2CFCEE7F0C9A838E989A8 ] PROCDD C:\WINDOWS\system32\DRIVERS\PROCDD.SYS
22:01:11.0171 3788 PROCDD - ok
22:01:11.0187 3788 [ A32BEBAF723557681BFC6BD93E98BD26 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
22:01:11.0187 3788 Processor - ok
22:01:11.0203 3788 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
22:01:11.0203 3788 ProtectedStorage - ok
22:01:11.0218 3788 [ 76DF9412C1556FCA3D6D94B2C9D94D6B ] psadd C:\WINDOWS\system32\Drivers\psadd.sys
22:01:11.0234 3788 psadd - ok
22:01:11.0234 3788 PsaSrv - ok
22:01:11.0250 3788 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
22:01:11.0250 3788 PSched - ok
22:01:11.0265 3788 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
22:01:11.0265 3788 Ptilink - ok
22:01:11.0281 3788 [ 183EF96BCC2EC3D5294CB2C2C0ECBCD1 ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
22:01:11.0281 3788 PxHelp20 - ok
22:01:11.0296 3788 [ 0A63FB54039EB5662433CABA3B26DBA7 ] ql1080 C:\WINDOWS\system32\DRIVERS\ql1080.sys
22:01:11.0296 3788 ql1080 - ok
22:01:11.0312 3788 [ 6503449E1D43A0FF0201AD5CB1B8C706 ] Ql10wnt C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
22:01:11.0312 3788 Ql10wnt - ok
22:01:11.0375 3788 [ 156ED0EF20C15114CA097A34A30D8A01 ] ql12160 C:\WINDOWS\system32\DRIVERS\ql12160.sys
22:01:11.0375 3788 ql12160 - ok
22:01:11.0406 3788 [ 70F016BEBDE6D29E864C1230A07CC5E6 ] ql1240 C:\WINDOWS\system32\DRIVERS\ql1240.sys
22:01:11.0406 3788 ql1240 - ok
22:01:11.0421 3788 [ 907F0AEEA6BC451011611E732BD31FCF ] ql1280 C:\WINDOWS\system32\DRIVERS\ql1280.sys
22:01:11.0421 3788 ql1280 - ok
22:01:11.0437 3788 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
22:01:11.0437 3788 RasAcd - ok
22:01:11.0468 3788 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
22:01:11.0484 3788 RasAuto - ok
22:01:11.0500 3788 [ 0207D26DDF796A193CCD9F83047BB5FC ] Rasirda C:\WINDOWS\system32\DRIVERS\rasirda.sys
22:01:11.0500 3788 Rasirda - ok
22:01:11.0515 3788 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
22:01:11.0515 3788 Rasl2tp - ok
22:01:11.0562 3788 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
22:01:11.0562 3788 RasMan - ok
22:01:11.0578 3788 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
22:01:11.0578 3788 RasPppoe - ok
22:01:11.0593 3788 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
22:01:11.0593 3788 Raspti - ok
22:01:11.0625 3788 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
22:01:11.0625 3788 Rdbss - ok
22:01:11.0625 3788 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
22:01:11.0625 3788 RDPCDD - ok
22:01:11.0656 3788 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
22:01:11.0656 3788 rdpdr - ok
22:01:11.0718 3788 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
22:01:11.0718 3788 RDPWD - ok
22:01:11.0765 3788 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
22:01:11.0781 3788 RDSessMgr - ok
22:01:11.0812 3788 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
22:01:11.0812 3788 redbook - ok
22:01:11.0875 3788 [ 99BA5C9E9E59DB26180FECFC1EFE7B47 ] RegSrvc C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
22:01:11.0875 3788 RegSrvc - ok
22:01:11.0921 3788 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
22:01:11.0921 3788 RemoteAccess - ok
22:01:11.0937 3788 [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
22:01:11.0937 3788 RemoteRegistry - ok
22:01:11.0968 3788 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
22:01:11.0968 3788 RpcLocator - ok
22:01:12.0000 3788 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\system32\rpcss.dll
22:01:12.0015 3788 RpcSs - ok
22:01:12.0062 3788 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
22:01:12.0062 3788 RSVP - ok
22:01:12.0171 3788 [ 4DC83BA53B8C42839A32B108B9E8C145 ] S24EventMonitor C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
22:01:12.0187 3788 S24EventMonitor - ok
22:01:12.0234 3788 [ 13C2D87042260AFA37B6D6A0BA3E4391 ] s24trans C:\WINDOWS\system32\DRIVERS\s24trans.sys
22:01:12.0234 3788 s24trans - ok
22:01:12.0250 3788 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
22:01:12.0250 3788 SamSs - ok
22:01:12.0343 3788 [ 39763504067962108505BFF25F024345 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
22:01:12.0343 3788 SASDIFSV - ok
22:01:12.0359 3788 [ 77B9FC20084B48408AD3E87570EB4A85 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
22:01:12.0359 3788 SASKUTIL - ok
22:01:12.0375 3788 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
22:01:12.0375 3788 SCardSvr - ok
22:01:12.0421 3788 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
22:01:12.0437 3788 Schedule - ok
22:01:12.0484 3788 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
22:01:12.0484 3788 Secdrv - ok
22:01:12.0515 3788 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
22:01:12.0531 3788 seclogon - ok
22:01:12.0546 3788 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
22:01:12.0546 3788 SENS - ok
22:01:12.0593 3788 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
22:01:12.0593 3788 serenum - ok
22:01:12.0625 3788 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
22:01:12.0625 3788 Serial - ok
22:01:12.0671 3788 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\DRIVERS\sfloppy.sys
22:01:12.0671 3788 Sfloppy - ok
22:01:12.0718 3788 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
22:01:12.0734 3788 SharedAccess - ok
22:01:12.0750 3788 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
22:01:12.0765 3788 ShellHWDetection - ok
22:01:12.0765 3788 [ 1A9B76C8E0D77BCACA24FDF36781B59D ] ShockMgr C:\WINDOWS\system32\drivers\ShockMgr.sys
22:01:12.0765 3788 ShockMgr - ok
22:01:12.0796 3788 [ 70D82EB75E7E3B2980D6BF5B26051F4B ] Shockprf C:\WINDOWS\system32\drivers\Shockprf.sys
22:01:12.0796 3788 Shockprf - ok
22:01:12.0812 3788 Simbad - ok
22:01:12.0859 3788 [ 6B33D0EBD30DB32E27D1D78FE946A754 ] sisagp C:\WINDOWS\system32\DRIVERS\sisagp.sys
22:01:12.0859 3788 sisagp - ok
22:01:12.0875 3788 [ 26341D0DD225D19FD50E0EE3C3C77502 ] Smapint C:\WINDOWS\system32\drivers\Smapint.sys
22:01:12.0875 3788 Smapint - ok
22:01:12.0921 3788 [ 3BA9D0C8A0FBD9FB4029B6CD87C8CE0B ] smi2 C:\Program Files\SMI2\smi2.sys
22:01:12.0921 3788 smi2 - ok
22:01:13.0015 3788 [ 0B9C01236D25BDCB37AA79DC59DFB7D3 ] smihlp2 C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys
22:01:13.0015 3788 smihlp2 - ok
22:01:13.0046 3788 [ 83C0F71F86D3BDAF915685F3D568B20E ] Sparrow C:\WINDOWS\system32\DRIVERS\sparrow.sys
22:01:13.0046 3788 Sparrow - ok
22:01:13.0078 3788 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
22:01:13.0078 3788 splitter - ok
22:01:13.0125 3788 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
22:01:13.0125 3788 Spooler - ok
22:01:13.0140 3788 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
22:01:13.0140 3788 sr - ok
22:01:13.0187 3788 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
22:01:13.0187 3788 srservice - ok
22:01:13.0250 3788 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
22:01:13.0250 3788 Srv - ok
22:01:13.0281 3788 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
22:01:13.0281 3788 SSDPSRV - ok
22:01:13.0312 3788 [ 1097FE3528C825E54C1D52ED8C0EAC0F ] ssfs0bbc C:\WINDOWS\system32\DRIVERS\ssfs0bbc.sys
22:01:13.0312 3788 ssfs0bbc - ok
22:01:13.0328 3788 [ E97911C0AC7D26D1A2A782869F264E9E ] sshrmd C:\WINDOWS\system32\DRIVERS\sshrmd.sys
22:01:13.0328 3788 sshrmd - ok
22:01:13.0343 3788 [ 80997508996F9D2A662502238FBCB1D7 ] ssidrv C:\WINDOWS\system32\DRIVERS\ssidrv.sys
22:01:13.0359 3788 ssidrv - ok
22:01:13.0406 3788 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
22:01:13.0406 3788 ssmdrv - ok
22:01:13.0468 3788 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
22:01:13.0484 3788 stisvc - ok
22:01:13.0515 3788 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
22:01:13.0515 3788 swenum - ok
22:01:13.0578 3788 SWI32 - ok
22:01:13.0609 3788 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
22:01:13.0609 3788 swmidi - ok
22:01:13.0625 3788 SwPrv - ok
22:01:13.0656 3788 [ 1FF3217614018630D0A6758630FC698C ] symc810 C:\WINDOWS\system32\DRIVERS\symc810.sys
22:01:13.0656 3788 symc810 - ok
22:01:13.0687 3788 [ 070E001D95CF725186EF8B20335F933C ] symc8xx C:\WINDOWS\system32\DRIVERS\symc8xx.sys
22:01:13.0687 3788 symc8xx - ok
22:01:13.0703 3788 [ 80AC1C4ABBE2DF3B738BF15517A51F2C ] sym_hi C:\WINDOWS\system32\DRIVERS\sym_hi.sys
22:01:13.0703 3788 sym_hi - ok
22:01:13.0718 3788 [ BF4FAB949A382A8E105F46EBB4937058 ] sym_u3 C:\WINDOWS\system32\DRIVERS\sym_u3.sys
22:01:13.0718 3788 sym_u3 - ok
22:01:13.0750 3788 [ B55024AF8A5F940A4723F3B62CCBF349 ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys
22:01:13.0750 3788 SynTP - ok
22:01:13.0765 3788 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
22:01:13.0781 3788 sysaudio - ok
22:01:13.0828 3788 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
22:01:13.0828 3788 SysmonLog - ok
22:01:13.0921 3788 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
22:01:13.0921 3788 TapiSrv - ok
22:01:14.0031 3788 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
22:01:14.0046 3788 Tcpip - ok
22:01:14.0078 3788 [ 64ABEA4001F8EB869385E65D85BC302B ] TcUsb C:\WINDOWS\system32\Drivers\tcusb.sys
22:01:14.0093 3788 TcUsb - ok
22:01:14.0125 3788 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
22:01:14.0125 3788 TDPIPE - ok
22:01:14.0156 3788 [ 564B337034271B7BDDCABFDDC91C6B7A ] TDSMAPI C:\WINDOWS\system32\drivers\TDSMAPI.SYS
22:01:14.0156 3788 TDSMAPI - ok
22:01:14.0171 3788 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
22:01:14.0187 3788 TDTCP - ok
22:01:14.0203 3788 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
22:01:14.0218 3788 TermDD - ok
22:01:14.0250 3788 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
22:01:14.0265 3788 TermService - ok
22:01:14.0281 3788 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
22:01:14.0281 3788 Themes - ok
22:01:14.0343 3788 [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
22:01:14.0343 3788 TlntSvr - ok
22:01:14.0375 3788 [ F2790F6AF01321B172AA62F8E1E187D9 ] TosIde C:\WINDOWS\system32\DRIVERS\toside.sys
22:01:14.0375 3788 TosIde - ok
22:01:14.0421 3788 [ A3552782E8D402F3AA513765D93C852D ] TPHDEXLGSVC C:\WINDOWS\system32\TPHDEXLG.EXE
22:01:14.0421 3788 TPHDEXLGSVC - ok
22:01:14.0468 3788 [ 29F3601D4233A53F819010FEE8C04A60 ] TPHKDRV C:\WINDOWS\system32\drivers\TPHKDRV.sys
22:01:14.0468 3788 TPHKDRV - ok
22:01:14.0500 3788 TPISYSID - ok
22:01:14.0546 3788 [ DFB268FF0A6DCB9280015FF527F892FF ] TpKmpSVC C:\WINDOWS\system32\TpKmpSVC.exe
22:01:14.0546 3788 TpKmpSVC - ok
22:01:14.0546 3788 [ 44672DE6CEA9569C21C4B7A8D2560750 ] TPPWRIF C:\WINDOWS\system32\drivers\Tppwrif.sys
22:01:14.0546 3788 TPPWRIF - ok
22:01:14.0609 3788 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
22:01:14.0609 3788 TrkWks - ok
22:01:14.0625 3788 [ F2ABA3066D7921D7FCDBD66DEA88BE11 ] TSMAPIP C:\WINDOWS\system32\drivers\TSMAPIP.SYS
22:01:14.0625 3788 TSMAPIP - ok
22:01:14.0750 3788 [ 1F7CCCED8D0E539DC80FCD8DB2CA0B0C ] TSSCoreService C:\Program Files\IBM ThinkVantage\Client Security Solution\ibmtcsd.exe
22:01:14.0765 3788 TSSCoreService - ok
22:01:14.0906 3788 [ 495516AF335599927BCBF446FBCB4BE4 ] TVT Backup Service C:\Program Files\IBM ThinkVantage\Rescue and Recovery\rrservice.exe
22:01:14.0921 3788 TVT Backup Service - ok
22:01:14.0984 3788 [ A55EE3BC5F99CA0FD4DBD54A3ABBADB3 ] TVT Scheduler C:\Program Files\IBM ThinkVantage\Common\Scheduler\tvtsched.exe
22:01:14.0984 3788 TVT Scheduler - ok
22:01:15.0031 3788 [ 7541BD8978AA1447FC2467C1F2B39B87 ] UCLauncherService C:\Program Files\ThinkVantage\SystemUpdate\UCLauncherService.exe
22:01:15.0031 3788 UCLauncherService - ok
22:01:15.0078 3788 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
22:01:15.0078 3788 Udfs - ok
22:01:15.0140 3788 [ 1B698A51CD528D8DA4FFAED66DFC51B9 ] ultra C:\WINDOWS\system32\DRIVERS\ultra.sys
22:01:15.0140 3788 ultra - ok
22:01:15.0171 3788 [ C81B8635DEE0D3EF5F64B3DD643023A5 ] UMWdf C:\WINDOWS\system32\wdfmgr.exe
22:01:15.0171 3788 UMWdf - ok
22:01:15.0218 3788 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
22:01:15.0234 3788 Update - ok
22:01:15.0281 3788 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
22:01:15.0296 3788 upnphost - ok
22:01:15.0343 3788 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
22:01:15.0343 3788 UPS - ok
22:01:15.0406 3788 [ 5C2BDC152BBAB34F36473DEAF7713F22 ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys
22:01:15.0406 3788 USBAAPL - ok
22:01:15.0468 3788 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
22:01:15.0468 3788 usbehci - ok
22:01:15.0500 3788 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
22:01:15.0500 3788 usbhub - ok
22:01:15.0500 3788 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
22:01:15.0515 3788 usbprint - ok
22:01:15.0578 3788 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
22:01:15.0578 3788 usbscan - ok
22:01:15.0593 3788 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
22:01:15.0593 3788 USBSTOR - ok
22:01:15.0609 3788 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
22:01:15.0609 3788 usbuhci - ok
22:01:15.0625 3788 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
22:01:15.0625 3788 VgaSave - ok
22:01:15.0625 3788 [ 754292CE5848B3738281B4F3607EAEF4 ] viaagp C:\WINDOWS\system32\DRIVERS\viaagp.sys
22:01:15.0640 3788 viaagp - ok
22:01:15.0656 3788 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
22:01:15.0656 3788 ViaIde - ok
22:01:15.0750 3788 [ 5F974FDE801C73952770736BECDE11E7 ] Viewpoint Manager Service C:\Program Files\Viewpoint\Common\ViewpointService.exe
22:01:15.0750 3788 Viewpoint Manager Service - ok
22:01:15.0765 3788 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
22:01:15.0765 3788 VolSnap - ok
22:01:15.0796 3788 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
22:01:15.0812 3788 VSS - ok
22:01:15.0890 3788 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll
22:01:15.0890 3788 W32Time - ok
22:01:15.0984 3788 [ B1F126E7E28877106D60E6FF3998D033 ] w39n51 C:\WINDOWS\system32\DRIVERS\w39n51.sys
22:01:16.0000 3788 w39n51 - ok
22:01:16.0046 3788 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
22:01:16.0062 3788 Wanarp - ok
22:01:16.0062 3788 WDICA - ok
22:01:16.0078 3788 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
22:01:16.0093 3788 wdmaud - ok
22:01:16.0125 3788 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
22:01:16.0125 3788 WebClient - ok
22:01:16.0375 3788 [ DE5E3C8F9EA9764FF57956DD6680C482 ] WebrootSpySweeperService C:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe
22:01:16.0421 3788 WebrootSpySweeperService - ok
22:01:16.0500 3788 [ 11EC1AFCEB5C917CE73D3C301FF4291E ] winachsf C:\WINDOWS\system32\DRIVERS\hsx_cnxt.sys
22:01:16.0500 3788 winachsf - ok
22:01:16.0593 3788 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
22:01:16.0593 3788 winmgmt - ok
22:01:16.0703 3788 [ 20263DAFD033D30F151BB87568386769 ] WmcCds c:\program files\windows media connect\mswmccds.exe
22:01:16.0703 3788 WmcCds - ok
22:01:16.0734 3788 [ 1DD015A69235DCFAE18B5F98FB50BE23 ] WmcCdsLs C:\Program Files\Windows Media Connect\mswmcls.exe
22:01:16.0734 3788 WmcCdsLs - ok
22:01:16.0765 3788 [ A477391B7A8B0A0DAABADB17CF533A4B ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
22:01:16.0765 3788 WmdmPmSN - ok
22:01:16.0890 3788 [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi C:\WINDOWS\System32\advapi32.dll
22:01:16.0890 3788 Wmi - ok
22:01:16.0968 3788 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
22:01:16.0968 3788 WmiApSrv - ok
22:01:17.0015 3788 [ C1B3D9D75C3FB735F5FA3A5806ADED57 ] WpdUsb C:\WINDOWS\system32\Drivers\wpdusb.sys
22:01:17.0015 3788 WpdUsb - ok
22:01:17.0093 3788 [ 005721A54EABA8CF4C3307B521FB4B5E ] WRConsumerService C:\Program Files\Webroot\WebrootSecurity\WRConsumerService.exe
22:01:17.0109 3788 WRConsumerService - ok
22:01:17.0140 3788 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
22:01:17.0140 3788 WS2IFSL - ok
22:01:17.0187 3788 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
22:01:17.0203 3788 wscsvc - ok
22:01:17.0218 3788 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
22:01:17.0218 3788 wuauserv - ok
22:01:17.0296 3788 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
22:01:17.0296 3788 WZCSVC - ok
22:01:17.0328 3788 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
22:01:17.0328 3788 xmlprov - ok
22:01:17.0343 3788 ================ Scan global ===============================
22:01:17.0375 3788 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
22:01:17.0453 3788 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
22:01:17.0468 3788 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
22:01:17.0500 3788 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
22:01:17.0500 3788 [Global] - ok
22:01:17.0500 3788 ================ Scan MBR ==================================
22:01:17.0531 3788 [ 2008ADFC0318FEC44379D7968F1769AA ] \Device\Harddisk0\DR0
22:01:17.0750 3788 \Device\Harddisk0\DR0 - ok
22:01:17.0765 3788 ================ Scan VBR ==================================
22:01:17.0765 3788 [ E92E11D80A9DCF79BC4ADB35650C4614 ] \Device\Harddisk0\DR0\Partition1
22:01:17.0765 3788 \Device\Harddisk0\DR0\Partition1 - ok
22:01:17.0765 3788 ============================================================
22:01:17.0765 3788 Scan finished
22:01:17.0765 3788 ============================================================
22:01:17.0796 4672 Detected object count: 0
22:01:17.0796 4672 Actual detected object count: 0

#4 Riverwnn

Riverwnn
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:04:41 PM

Posted 07 November 2012 - 10:37 PM

I did a quick scan. That was the default option. If this is not the correct scan then please let me know and I will redo it. The last one should be finishing shortly.

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-11-07 22:04:55
-----------------------------
22:04:55.640 OS Version: Windows 5.1.2600 Service Pack 3
22:04:55.640 Number of processors: 2 586 0xE08
22:04:55.640 ComputerName: MING UserName: TT
22:04:56.546 Initialize success
22:17:38.515 AVAST engine defs: 12110701
22:19:40.437 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
22:19:40.453 Disk 0 Vendor: HTS54108 MB4I Size: 76319MB BusType: 3
22:19:40.484 Disk 0 MBR read successfully
22:19:40.484 Disk 0 MBR scan
22:19:40.671 Disk 0 unknown MBR code
22:19:40.671 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 71310 MB offset 63
22:19:40.781 Disk 0 Partition 2 00 12 Compaq diag MSWIN4.1 5005 MB offset 146044080
22:19:40.906 Disk 0 scanning sectors +156295440
22:19:41.046 Disk 0 scanning C:\WINDOWS\system32\drivers
22:20:13.265 Service scanning
22:21:00.578 Modules scanning
22:21:19.656 Module: C:\WINDOWS\System32\DLA\DLADResN.SYS **SUSPICIOUS**
22:21:36.484 Disk 0 trace - called modules:
22:21:36.890 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll iaStor.sys
22:21:36.906 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a8b4968]
22:21:36.921 3 CLASSPNP.SYS[ba108fd7] -> nt!IofCallDriver -> \Device\00000094[0x8a888f18]
22:21:36.921 5 ACPI.sys[b9f7f620] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x8a8c2030]
22:21:38.187 AVAST engine scan C:\WINDOWS
22:22:00.093 AVAST engine scan C:\WINDOWS\system32
22:32:54.781 AVAST engine scan C:\WINDOWS\system32\drivers
22:34:24.109 AVAST engine scan C:\Documents and Settings\TT
22:34:47.859 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\TT\My Documents\MBR.dat"
22:34:48.000 The log file has been saved successfully to "C:\Documents and Settings\TT\My Documents\aswMBR.txt"

#5 Riverwnn

Riverwnn
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:04:41 PM

Posted 08 November 2012 - 12:21 AM

the ESET Scanner did not produce a log. There were no threats.

Also, it may be worth mentioning that my laptop had a bad infection in 2007 and hasn't been the same since. I wonder if the person who repaired with it may have deleted something they shouldn't have? Every so often it Blue screens on me and doesn't come out of hibernation very well. Anyway. Just a thought. Computer seems to running ok right now.

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:41 PM

Posted 08 November 2012 - 10:12 AM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.

#7 Riverwnn

Riverwnn
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:04:41 PM

Posted 08 November 2012 - 02:46 PM

Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Database version: v2012.11.08.06

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 6.0.2900.5512
TT :: MING [administrator]

11/8/2012 10:36:01 AM
mbam-log-2012-11-08 (10-36-01).txt

Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 340197
Time elapsed: 2 hour(s), 26 minute(s), 6 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

Farbar Service Scanner Version: 07-11-2012
Ran by TT (administrator) on 08-11-2012 at 14:32:18
Running from "C:\Documents and Settings\TT\My Documents\Downloads"
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
AegisP(10) Gpc(6) IPSec(4) irda(8) NetBT(5) PSched(7) s24trans(9) Tcpip(3)
0x0D0000000400000001000000020000000300000056000000050000000C0000000B000000060000000700000008000000090000000A000000
IpSec Tag value is correct.

**** End of log ****

#8 Riverwnn

Riverwnn
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:04:41 PM

Posted 08 November 2012 - 02:59 PM

I some how lost my log for adware cleaner. Where do I look for it?

Sorry, found it.

# AdwCleaner v2.007 - Logfile created 11/08/2012 at 14:35:15
# Updated 06/11/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : TT - MING
# Boot Mode : Normal
# Running from : C:\Documents and Settings\TT\My Documents\Downloads\adwcleaner (1).exe
# Option [Delete]


***** [Services] *****

Stopped & Deleted : Viewpoint Manager Service

***** [Files / Folders] *****

Deleted on reboot : C:\Program Files\Viewpoint
File Deleted : C:\Program Files\Mozilla Firefox\plugins\npdnu.dll
File Deleted : C:\Program Files\Mozilla Firefox\plugins\npdnu.xpt
File Deleted : C:\Program Files\Mozilla Firefox\plugins\npdnupdater2.dll
File Deleted : C:\Program Files\Mozilla Firefox\plugins\npdnupdater2.xpt
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Viewpoint
Folder Deleted : C:\Program Files\Common Files\Software Update Utility
Folder Deleted : C:\Program Files\Common Files\Viewpoint

***** [Registry] *****

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7327C09-B521-4EDB-8509-7D2660C9EC98}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F8AD5AA5-D966-4667-9DAF-2561D68B2012}
Key Deleted : HKCU\Software\Viewpoint
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B27D9527-3762-4D71-963D-FB7A94FDD678}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\dnu.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdate
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}
Key Deleted : HKLM\Software\MetaStream
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SoftwareUpdUtility
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Viewpoint Manager
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ViewpointMediaPlayer
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Viewpoint Manager
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
Key Deleted : HKLM\Software\Viewpoint

***** [Internet Browsers] *****

-\\ Internet Explorer v6.0.2900.5512

[OK] Registry is clean.

-\\ Mozilla Firefox v10.0.2 (en-US)

-\\ Google Chrome v23.0.1271.64

*************************

AdwCleaner[S2].txt - [4360 octets] - [08/11/2012 14:35:15]

########## EOF - C:\AdwCleaner[S2].txt - [4420 octets] ##########

Edited by Riverwnn, 08 November 2012 - 03:17 PM.


#9 Riverwnn

Riverwnn
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:04:41 PM

Posted 08 November 2012 - 03:05 PM

Junkware Removal Tool (JRT) by Thisisu
Version: 2.8.7 (11.08.2012)
OS: Microsoft Windows XP x86
Ran by TT on Thu 11/08/2012 at 14:58:20.59
Blog: http://thisisudax.blogspot.com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Successfully deleted: [File] C:\Documents and Settings\TT\Application Data\Mozilla\Firefox\Profiles\slkf1t7m.default\user.js
Successfully deleted: [Folder] C:\Documents and Settings\TT\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 11/08/2012 at 15:04:51.06
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:41 PM

Posted 08 November 2012 - 03:05 PM

Ignore it and move to next one.

#11 Riverwnn

Riverwnn
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:04:41 PM

Posted 08 November 2012 - 03:20 PM

I found it. it is in my previous entry.

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:41 PM

Posted 08 November 2012 - 03:22 PM

Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#13 Riverwnn

Riverwnn
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:04:41 PM

Posted 08 November 2012 - 03:33 PM

Avira blocked it's attempt to look at the Host files. Does that matter?

Rkill 2.4.5 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 11/08/2012 03:30:41 PM in x86 mode.
Windows Version: Microsoft Windows XP Service Pack 3

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\WINDOWS\system32\IPSSVC.EXE (PID: 2716) [WD-HEUR]
* C:\WINDOWS\System32\TPHDEXLG.EXE (PID: 3744) [WD-HEUR]
* C:\WINDOWS\system32\TpKmpSVC.exe (PID: 3764) [WD-HEUR]

3 proccesses terminated!

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* Cannot edit the HOSTS file.
* Permissions could not be fixed. Use Hosts-perm.bat to fix permissions: http://www.bleepingcomputer.com/download/hosts-permbat/

* HOSTS file entries found:

127.0.0.1 localhost

Program finished at: 11/08/2012 03:31:50 PM
Execution time: 0 hours(s), 1 minute(s), and 9 seconds(s)

#14 Riverwnn

Riverwnn
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:04:41 PM

Posted 08 November 2012 - 03:39 PM

Done. My computer seems to be running faster.

"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "AppleSyncNotifier" "AppleSyncNotifier" "Apple Inc." "c:\program files\common files\apple\mobile device support\applesyncnotifier.exe"
+ "APSDaemon" "Apple Push" "Apple Inc." "c:\program files\common files\apple\apple application support\apsdaemon.exe"
+ "avgnt" "Avira System Tray Tool" "Avira Operations GmbH & Co. KG" "c:\program files\avira\antivir desktop\avgnt.exe"
+ "BCSSync" "Microsoft Office 2010 component" "Microsoft Corporation" "c:\program files\microsoft office\office14\bcssync.exe"
+ "CanonMyPrinter" "Canon My Printer" "CANON INC." "c:\program files\canon\myprinter\bjmyprt.exe"
+ "CanonSolutionMenu" "CNSLMAIN" "CANON INC." "c:\program files\canon\solutionmenu\cnslmain.exe"
+ "HotKeysCmds" "hkcmd Module" "Intel Corporation" "c:\windows\system32\hkcmd.exe"
+ "IgfxTray" "igfxTray Module" "Intel Corporation" "c:\windows\system32\igfxtray.exe"
+ "IJNetworkScanUtility" "Canon IJ Network Scan Utility" "CANON INC." "c:\program files\canon\canon ij network scan utility\cnmnsut.exe"
+ "iTunesHelper" "iTunesHelper" "Apple Inc." "c:\program files\itunes\ituneshelper.exe"
+ "Persistence" "persistence Module" "Intel Corporation" "c:\windows\system32\igfxpers.exe"
+ "PSQLLauncher" "Fingerprint Launcher" "UPEK Inc." "c:\program files\thinkvantage fingerprint software\launcher.exe"
+ "QuickTime Task" "QuickTime Task" "Apple Inc." "c:\program files\quicktime\qttask.exe"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files\common files\java\java update\jusched.exe"
+ "TkBellExe" "RealNetworks Scheduler" "RealNetworks, Inc." "c:\program files\real\realplayer\update\realsched.exe"
"C:\Documents and Settings\TT\Start Menu\Programs\Startup" "" "" ""
+ "Norton 360.lnk" "" "" "File not found: C:\Program Files\Norton 360\MainStub.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Address Book 6" "Outlook Express Setup Library" "Microsoft Corporation" "c:\program files\outlook express\setup50.exe"
+ "Microsoft Outlook Express 6" "Outlook Express Setup Library" "Microsoft Corporation" "c:\program files\outlook express\setup50.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "EA Core" "" "" "File not found: C:\Program Files\Electronic Arts\EADM\Core.exe"
+ "Google Update" "Google Installer" "Google Inc." "c:\documents and settings\tt\local settings\application data\google\update\googleupdate.exe"
+ "Microsoft Works Update Detection" "" "" "File not found: ￿
+ "msnmsgr" "Windows Live Messenger" "Microsoft Corporation" "c:\program files\windows live\messenger\msnmsgr.exe"
+ "Spotify" "Spotify" "Spotify Ltd" "c:\documents and settings\tt\application data\spotify\spotify.exe"
+ "Spotify Web Helper" "SpotifyWebHelper" "Spotify Ltd" "c:\documents and settings\tt\application data\spotify\data\spotifywebhelper.exe"
+ "swg" "GoogleToolbarNotifier" "Google Inc." "c:\program files\google\googletoolbarnotifier\googletoolbarnotifier.exe"
"HKLM\SOFTWARE\Microsoft\Windows CE Services\AutoStartOnConnect" "" "" ""
+ "BTW Setup Wizard" "BtWizard Module" "Broadcom Corporation." "c:\windows\system32\btwizard.dll"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office14\msoxmlmf.dll"
"HKLM\SOFTWARE\Classes\Protocols\Handler" "" "" ""
+ "livecall" "Windows Live Messenger Protocol Handler Module" "Microsoft Corporation" "c:\program files\windows live\messenger\msgrapp.14.0.8117.0416.dll"
+ "ms-help" "Microsoft® Help Data Services Module" "Microsoft Corporation" "c:\program files\common files\microsoft shared\help\hxds.dll"
+ "msnim" "Windows Live Messenger Protocol Handler Module" "Microsoft Corporation" "c:\program files\windows live\messenger\msgrapp.14.0.8117.0416.dll"
"HKCU\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components" "" "" ""
+ "0" "" "" "File not found: About:Home"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks" "" "" ""
+ "Groove GFS Stub Execution Hook" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "SABShellExecuteHook Class" "ShellExecuteHook" "SuperAdBlocker.com" "c:\program files\superantispyware\sasseh.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "LavasoftShellExt" "" "" "File not found: C:\Program Files\Lavasoft\Ad-Aware\ShellExt.dll"
+ "SASContextMenu Class" "SUPERAntiSpyware Context Menu Extension" "SUPERAntiSpyware.com" "c:\program files\superantispyware\sasctxmn.dll"
+ "SGPDMenu" "SafeGuard PrivateDisk Shell Extension DLL" "Utimaco Safeware AG" "c:\program files\ibm thinkvantage\safeguard privatedisk\pdshell.dll"
+ "Shell Extension for Malware scanning" "Avira Shell Extension Library" "Avira Operations GmbH & Co. KG" "c:\program files\avira\antivir desktop\shlext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
+ "SpySweeper" "Spy Sweeper Client Executable" "Webroot Software, Inc." "c:\program files\webroot\webrootsecurity\ssctxmnu.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "SASContextMenu Class" "SUPERAntiSpyware Context Menu Extension" "SUPERAntiSpyware.com" "c:\program files\superantispyware\sasctxmn.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\Directory\Shellex\CopyHookHandlers" "" "" ""
+ "Monitor" "BTNCopy Module" "Broadcom Corporation." "c:\windows\system32\btncopy.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "igfxcui" "igfxpph Module" "Intel Corporation" "c:\windows\system32\igfxpph.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files\adobe\acrobat 7.0\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "LavasoftShellExt" "" "" "File not found: C:\Program Files\Lavasoft\Ad-Aware\ShellExt.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
+ "SGPDMenu" "SafeGuard PrivateDisk Shell Extension DLL" "Utimaco Safeware AG" "c:\program files\ibm thinkvantage\safeguard privatedisk\pdshell.dll"
+ "Shell Extension for Malware scanning" "Avira Shell Extension Library" "Avira Operations GmbH & Co. KG" "c:\program files\avira\antivir desktop\shlext.dll"
+ "SpySweeper" "Spy Sweeper Client Executable" "Webroot Software, Inc." "c:\program files\webroot\webrootsecurity\ssctxmnu.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2 (GFS Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 3 (GFS Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "AOL Messaging Toolbar Loader" "AOL Messaging Toolbar IE Dynamic Link Library" "AOL Inc." "c:\program files\aim toolbar\aimtb.dll"
+ "Groove GFS Browser Helper" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files\java\jre7\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files\java\jre7\bin\ssv.dll"
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files\microsoft office\office14\urlredir.dll"
+ "RealPlayer Download and Record Plugin for Internet Explorer" "RealPlayer Download and Record Plugin" "RealPlayer" "c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll"
+ "Windows Live Sign-in Helper" "WindowsLiveLogin.dll" "Microsoft Corporation" "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKCU\Software\Microsoft\Internet Explorer\UrlSearchHooks" "" "" ""
+ "AOL Messaging Toolbar Search Class" "AOL Messaging Toolbar IE Dynamic Link Library" "AOL Inc." "c:\program files\aim toolbar\aimtb.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "AOL Messaging Toolbar" "AOL Messaging Toolbar IE Dynamic Link Library" "AOL Inc." "c:\program files\aim toolbar\aimtb.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "AIM" "" "" "File not found: F:\AIM\AIM\aim.exe"
+ "OneNote Lin&ked Notes" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office14\onbttnielinkednotes.dll"
+ "Se&nd to OneNote" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office14\onbttnie.dll"
"Task Scheduler" "" "" ""
+ "Ad-Aware Update (Weekly).job" "" "" "File not found: C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe update all silent repair"
+ "AppleSoftwareUpdate.job" "Apple Software Update" "Apple Inc." "c:\program files\apple software update\softwareupdate.exe"
+ "GoogleUpdateTaskUserS-1-5-21-640065858-1337420392-2901501380-1006Core.job" "Google Installer" "Google Inc." "c:\documents and settings\tt\local settings\application data\google\update\googleupdate.exe"
+ "GoogleUpdateTaskUserS-1-5-21-640065858-1337420392-2901501380-1006UA.job" "Google Installer" "Google Inc." "c:\documents and settings\tt\local settings\application data\google\update\googleupdate.exe"
X "PMTask.job" "" "" "c:\program files\thinkpad\utilities\pwmidtsk.exe"
+ "RealUpgradeLogonTaskS-1-5-21-640065858-1337420392-2901501380-1005.job" "RealUpgrade Launcher" "RealNetworks, Inc." "c:\program files\real\realupgrade\realupgrade.exe"
+ "RealUpgradeLogonTaskS-1-5-21-640065858-1337420392-2901501380-1006.job" "RealUpgrade Launcher" "RealNetworks, Inc." "c:\program files\real\realupgrade\realupgrade.exe"
+ "RealUpgradeScheduledTaskS-1-5-21-640065858-1337420392-2901501380-1005.job" "RealUpgrade Launcher" "RealNetworks, Inc." "c:\program files\real\realupgrade\realupgrade.exe"
+ "RealUpgradeScheduledTaskS-1-5-21-640065858-1337420392-2901501380-1006.job" "RealUpgrade Launcher" "RealNetworks, Inc." "c:\program files\real\realupgrade\realupgrade.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "!SASCORE" "SUPERAntiSpyware Core Service" "SUPERAntiSpyware.com" "c:\program files\superantispyware\sascore.exe"
+ "AcPrfMgrSvc" "" "" "c:\program files\thinkpad\connectutilities\acprfmgrsvc.exe"
+ "AcSvc" "ThinkVantage Access Connections Main Service Module" "Lenovo" "c:\program files\thinkpad\connectutilities\acsvc.exe"
+ "AntiVirSchedulerService" "Service to schedule Avira Free Antivirus jobs and updates." "Avira Operations GmbH & Co. KG" "c:\program files\avira\antivir desktop\sched.exe"
+ "AntiVirService" "Offers permanent protection against viruses and malware with the Avira search engine." "Avira Operations GmbH & Co. KG" "c:\program files\avira\antivir desktop\avguard.exe"
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "Bonjour Service" "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence." "Apple Inc." "c:\program files\bonjour\mdnsresponder.exe"
+ "btwdins" "Handles installation and removal of Bluetooth devices." "Broadcom Corporation." "c:\program files\thinkpad\bluetooth software\bin\btwdins.exe"
+ "Diskeeper" "Controls the Windows Diskeeper Service" "Diskeeper Corporation" "c:\program files\diskeeper corporation\diskeeper\dkservice.exe"
+ "EvtEng" "Manages the event trace messages for all the components of Intel® PROSet/Wireless software." "Intel Corporation" "c:\program files\intel\wireless\bin\evteng.exe"
+ "gusvc" "gusvc" "Google" "c:\program files\google\common\google updater\googleupdaterservice.exe"
+ "IBMPMSVC" "ThinkPad Power Management Service" "Lenovo." "c:\windows\system32\ibmpmsvc.exe"
+ "IDriverT" "Provides support for the Running Object Table for InstallShield Drivers" "Macrovision Corporation" "c:\program files\common files\installshield\driver\1050\intel 32\idrivert.exe"
+ "iPod Service" "iPod hardware management services" "Apple Inc." "c:\program files\ipod\bin\ipodservice.exe"
+ "IPSSVC" "IPS Core Service" "Lenovo Group Limited" "c:\windows\system32\ipssvc.exe"
+ "JavaQuickStarterService" "Prefetches JRE files for faster startup of Java applets and applications" "Oracle Corporation" "c:\program files\java\jre7\bin\jqs.exe"
+ "Microsoft SharePoint Workspace Audit Service" "Microsoft SharePoint Workspace" "Microsoft Corporation" "c:\program files\microsoft office\office14\groove.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files\common files\microsoft shared\source engine\ose.exe"
+ "osppsvc" "Office Software Protection Platform Service (unlocalized description)" "Microsoft Corporation" "c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe"
+ "PsaSrv" "" "" "File not found: C:\WINDOWS\system32\PsaSrv.exe"
+ "RegSrvc" "Intel® PROSet/Wireless Registry Service" "Intel Corporation" "c:\program files\intel\wireless\bin\regsrvc.exe"
+ "S24EventMonitor" "Wireless Management Service for Intel® PROSet/Wireless" "Intel Corporation " "c:\program files\intel\wireless\bin\s24evmon.exe"
+ "TPHDEXLGSVC" "ThinkVantage Active Protection System - HDD Logger Module" "Lenovo." "c:\windows\system32\tphdexlg.exe"
+ "TpKmpSVC" "" "" "c:\windows\system32\tpkmpsvc.exe"
+ "TSSCoreService" "ibmtcsd Application" "IBM" "c:\program files\ibm thinkvantage\client security solution\ibmtcsd.exe"
+ "TVT Backup Service" "rrservice Module" "" "c:\program files\ibm thinkvantage\rescue and recovery\rrservice.exe"
+ "TVT Scheduler" "tvtsched Module" "" "c:\program files\ibm thinkvantage\common\scheduler\tvtsched.exe"
+ "UCLauncherService" "" "" "c:\program files\thinkvantage\systemupdate\uclauncherservice.exe"
+ "WebrootSpySweeperService" "Provides core functionality to Webroot Spy Sweeper. This service must be enabled and started for Spy Sweeper to function." "Webroot Software, Inc. (www.webroot.com)" "c:\program files\webroot\webrootsecurity\spysweeper.exe"
+ "WmcCds" "Serves shared multimedia content to Universal Plug and Play devices" "Microsoft Corporation" "c:\program files\windows media connect\mswmccds.exe"
+ "WmcCdsLs" "Monitors the network for new UPnP Media Renderer devices." "Microsoft Corporation" "c:\program files\windows media connect\mswmcls.exe"
+ "WRConsumerService" "This service provides system level operations for the Webroot Client." "Webroot Software, Inc. " "c:\program files\webroot\webrootsecurity\wrconsumerservice.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "ac97intc" "Intel® Integrated Controller Hub Audio Driver" "Intel Corporation" "c:\windows\system32\drivers\ac97intc.sys"
+ "ADIHdAudAddService" "High Definition Audio Function Driver(Release Candidate 1)" "Analog Devices, Inc." "c:\windows\system32\drivers\adihdaud.sys"
+ "AEAudioService" "Audio Noise Filtering Driver" "Andrea Electronics Corporation" "c:\windows\system32\drivers\aeaudio.sys"
+ "AegisP" "AEGIS Protocol (IEEE 802.1x) v3.4.9.0" "Meetinghouse Data Communications" "c:\windows\system32\drivers\aegisp.sys"
+ "akshasp" "AKSHASP Device Driver" "Aladdin Knowledge Systems Ltd." "c:\windows\system32\drivers\akshasp.sys"
+ "aksusb" "Aladdin USB Key Driver" "Aladdin Knowledge Systems Ltd." "c:\windows\system32\drivers\aksusb.sys"
+ "ANC" "IBM Access Connections - ANC" "IBM Corp." "c:\windows\system32\drivers\anc.sys"
+ "atmeltpm" "Atmel TPM Driver" "Atmel, Inc." "c:\windows\system32\drivers\atmeltpm.sys"
+ "avgntflt" "Avira mini-filter driver" "Avira GmbH" "c:\windows\system32\drivers\avgntflt.sys"
+ "avipbb" "Avira Security Enhancement Driver" "Avira GmbH" "c:\windows\system32\drivers\avipbb.sys"
+ "avkmgr" "Avira Manager Driver" "Avira GmbH" "c:\windows\system32\drivers\avkmgr.sys"
+ "btaudio" "Bluetooth Audio Device" "Broadcom Corporation." "c:\windows\system32\drivers\btaudio.sys"
+ "BTDriver" "Bluetooth BTPORT Driver for Windows 2000" "Broadcom Corporation." "c:\windows\system32\drivers\btport.sys"
+ "BTKRNL" "Bluetooth Bus Enumerator" "Broadcom Corporation." "c:\windows\system32\drivers\btkrnl.sys"
+ "BTWDNDIS" "Bluetooth LAN Access Server Driver" "Broadcom Corporation." "c:\windows\system32\drivers\btwdndis.sys"
+ "BTWUSB" "Driver for Bluetooth USB Devices" "Broadcom Corporation." "c:\windows\system32\drivers\btwusb.sys"
+ "Changer" "" "" "File not found: C:\WINDOWS\System32\Drivers\Changer.sys"
+ "CmdIde" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "DLABOIOM" "Drive Letter Access Component" "Sonic Solutions" "c:\windows\system32\dla\dlaboiom.sys"
+ "DLACDBHM" "Shared Driver Component" "Sonic Solutions" "c:\windows\system32\drivers\dlacdbhm.sys"
+ "DLADResN" "Drive Letter Access Component" "Sonic Solutions" "c:\windows\system32\dla\dladresn.sys"
+ "DLAIFS_M" "Drive Letter Access Component" "Sonic Solutions" "c:\windows\system32\dla\dlaifs_m.sys"
+ "DLAOPIOM" "Drive Letter Access Component" "Sonic Solutions" "c:\windows\system32\dla\dlaopiom.sys"
+ "DLAPoolM" "Drive Letter Access Component" "Sonic Solutions" "c:\windows\system32\dla\dlapoolm.sys"
+ "DLARTL_N" "Shared Driver Component" "Sonic Solutions" "c:\windows\system32\drivers\dlartl_n.sys"
+ "DLAUDF_M" "Drive Letter Access Component" "Sonic Solutions" "c:\windows\system32\dla\dlaudf_m.sys"
+ "DLAUDFAM" "Drive Letter Access Component" "Sonic Solutions" "c:\windows\system32\dla\dlaudfam.sys"
+ "DRVMCDB" "Device Driver" "Sonic Solutions" "c:\windows\system32\drivers\drvmcdb.sys"
+ "DRVNDDM" "Device Driver Manager" "Sonic Solutions" "c:\windows\system32\drivers\drvnddm.sys"
+ "E100B" "NDIS 5 driver" "Intel Corporation" "c:\windows\system32\drivers\e100b325.sys"
+ "e1express" "Intel® PRO/1000 Adapter NDIS 5.1 deserialized driver" "Intel Corporation" "c:\windows\system32\drivers\e1e5132.sys"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "hardlock" "Hardlock Device Driver for Windows NT" "Aladdin Knowledge Systems Ltd." "c:\windows\system32\drivers\hardlock.sys"
+ "HDAudBus" "High Definition Audio Bus Driver v1.0a" "Windows ® Server 2003 DDK provider" "c:\windows\system32\drivers\hdaudbus.sys"
+ "HSF_DPV" "HSF_DP driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\hsx_dpv.sys"
+ "HSXHWAZL" "HSF_HWAZL WDM driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\hsxhwazl.sys"
+ "ialm" "Intel Graphics Miniport Driver" "Intel Corporation" "c:\windows\system32\drivers\igxpmp32.sys"
+ "iaStor" "Intel Matrix Storage Manager driver" "Intel Corporation" "c:\windows\system32\drivers\iastor.sys"
+ "ibmfilter" "IBM Rescue and Recovery filter driver" "IBM" "c:\windows\system32\drivers\ibmfilter.sys"
+ "IBMPMDRV" "ThinkPad Power Management Driver" "Lenovo." "c:\windows\system32\drivers\ibmpmdrv.sys"
+ "IBMTPCHK" "" "" "c:\windows\system32\drivers\ibmbldid.sys"
+ "Iviaspi" "InterVideo ASPI Shell" "InterVideo, Inc." "c:\windows\system32\drivers\iviaspi.sys"
+ "lbrtfdc" "" "" "File not found: C:\WINDOWS\System32\Drivers\lbrtfdc.sys"
+ "mdmxsdk" "Diagnostic Interface DRIVER" "Conexant" "c:\windows\system32\drivers\mdmxsdk.sys"
+ "NSCIRDA" "NSC Fast Infrared Driver." "National Semiconductor Corporation" "c:\windows\system32\drivers\nscirda.sys"
+ "nv" "NVIDIA Compatible Windows 2000 Miniport Driver, Version 56.73 " "NVIDIA Corporation" "c:\windows\system32\drivers\nv4_mini.sys"
+ "PCIDump" "" "" "File not found: C:\WINDOWS\System32\Drivers\PCIDump.sys"
+ "PDCOMP" "" "" "File not found: C:\WINDOWS\System32\Drivers\PDCOMP.sys"
+ "PDFRAME" "" "" "File not found: C:\WINDOWS\System32\Drivers\PDFRAME.sys"
+ "PDRELI" "" "" "File not found: C:\WINDOWS\System32\Drivers\PDRELI.sys"
+ "PDRFRAME" "" "" "File not found: C:\WINDOWS\System32\Drivers\PDRFRAME.sys"
+ "PrivateDisk" "SafeGuard® PrivateDisk Driver" "Utimaco Safeware AG" "c:\program files\ibm thinkvantage\safeguard privatedisk\privatediskm.sys"
+ "PROCDD" "IPS Helper Driver" "Lenovo Group Limited" "c:\windows\system32\drivers\procdd.sys"
+ "psadd" "SMI Driver" "Lenovo" "c:\windows\system32\drivers\psadd.sys"
+ "Ptilink" "Direct Parallel Link Driver" "Parallel Technologies, Inc." "c:\windows\system32\drivers\ptilink.sys"
+ "PxHelp20" "Px Engine Device Driver for Windows 2000/XP" "Sonic Solutions" "c:\windows\system32\drivers\pxhelp20.sys"
+ "s24trans" "WLAN Transport" "Intel Corporation" "c:\windows\system32\drivers\s24trans.sys"
+ "SASDIFSV" "SASDIFSV.SYS" "SUPERAdBlocker.com and SUPERAntiSpyware.com" "c:\program files\superantispyware\sasdifsv.sys"
+ "SASKUTIL" "SASKUTIL.SYS" "SUPERAdBlocker.com and SUPERAntiSpyware.com" "c:\program files\superantispyware\saskutil.sys"
+ "Secdrv" "SafeDisc driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "ShockMgr" "ShockMgr Device Driver" "Lenovo." "c:\windows\system32\drivers\shockmgr.sys"
+ "Shockprf" "Shockproof Disk Driver" "Lenovo" "c:\windows\system32\drivers\shockprf.sys"
+ "smi2" "SMI BIOS driver" "IBM Corp." "c:\program files\smi2\smi2.sys"
+ "smihlp2" "SMI helper driver" "UPEK Inc." "c:\program files\thinkvantage fingerprint software\smihlp.sys"
+ "ssfs0bbc" "Spy Sweeper File System Filter Driver" "Webroot Software, Inc. (www.webroot.com)" "c:\windows\system32\drivers\ssfs0bbc.sys"
+ "sshrmd" "Spy Sweeper Hookrack MiniDriver" "Webroot Software, Inc. (www.webroot.com)" "c:\windows\system32\drivers\sshrmd.sys"
+ "ssidrv" "Spy Sweeper Interdiction Driver" "Webroot Software, Inc. (www.webroot.com)" "c:\windows\system32\drivers\ssidrv.sys"
+ "ssmdrv" "Avira Snapshot Driver" "Avira GmbH" "c:\windows\system32\drivers\ssmdrv.sys"
+ "SWI32" "" "" "File not found: C:\Program Files\ThinkVantage\SystemUpdate\session\7cwv07ww\SWI32.sys"
+ "SynTP" "Synaptics Touchpad Driver" "Synaptics, Inc." "c:\windows\system32\drivers\syntp.sys"
+ "TcUsb" "TouchChip USB Kernel Driver" "UPEK Inc." "c:\windows\system32\drivers\tcusb.sys"
+ "TDSMAPI" "" "" "c:\windows\system32\drivers\tdsmapi.sys"
+ "TPHKDRV" "ThinkPad Hotkey Driver" "IBM Corporation" "c:\windows\system32\drivers\tphkdrv.sys"
+ "TPISYSID" "" "" "File not found: C:\Program Files\ThinkVantage\SystemUpdate\session\7bwc14ww\TPISYSID.sys"
+ "TPPWRIF" "" "" "c:\windows\system32\drivers\tppwrif.sys"
+ "TSMAPIP" "" "" "c:\windows\system32\drivers\tsmapip.sys"
+ "USBAAPL" "Apple Mobile Device USB Driver" "Apple, Inc." "c:\windows\system32\drivers\usbaapl.sys"
+ "w39n51" "Intel® Wireless LAN Driver" "Intel® Corporation" "c:\windows\system32\drivers\w39n51.sys"
+ "WDICA" "" "" "File not found: C:\WINDOWS\System32\Drivers\WDICA.sys"
+ "winachsf" "HSF_CNXT driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\hsx_cnxt.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.iac2" "Indeo® audio software" "Intel Corporation" "c:\windows\system32\iac25_32.ax"
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
+ "msacm.sl_anet" "Audio codec for MS ACM" "Sipro Lab Telecom Inc." "c:\windows\system32\sl_anet.acm"
+ "msacm.trspch" "DSP Group TrueSpeech™ Audio Codec for MSACM V3.50" "DSP GROUP, INC." "c:\windows\system32\tssoft32.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\system32\iccvid.dll"
+ "vidc.iv31" "" "" "c:\windows\system32\ir32_32.dll"
+ "vidc.iv32" "" "" "c:\windows\system32\ir32_32.dll"
+ "vidc.iv41" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "vidc.iv50" "Intel Indeo® video 5.10" "Intel Corporation" "c:\windows\system32\ir50_32.dll"
+ "vidc.VP60" "VP6 VIDEO FOR WINDOWS CODEC " "On2.com" "c:\windows\system32\vp6vfw.dll"
+ "vidc.VP61" "VP6 VIDEO FOR WINDOWS CODEC " "On2.com" "c:\windows\system32\vp6vfw.dll"
"HKLM\Software\Classes\Filter" "" "" ""
+ "Indeo® video 4.4 Compression Filter" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "Indeo® video 4.4 Compression Filter" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "Indeo® video 4.4 Decompression Filter" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "Indeo® video 4.4 Decompression Filter" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "9x8Resize" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "AAC Encoder" "AACEnc" "InterVider" "c:\program files\ibmtools\apps\common\bin\aacenc.ax"
+ "ACELP.net Audio Decoder" "ACELP.net Audio Decoder" "Sipro Lab Telecom Inc." "c:\windows\system32\acelpdec.ax"
+ "Allocator Fix" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Bitmap" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Correct Corrupted Audio" "Correct Corrupted Audio Filter" "Microsoft Corporation" "c:\program files\ibmtools\apps\common\bin\correcta.ax"
+ "Frame Eater" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Indeo® audio software" "Indeo® audio software" "Intel Corporation" "c:\windows\system32\iac25_32.ax"
+ "Indeo® video 5.10 Compression Filter" "Intel Indeo® video 5.10" "Intel Corporation" "c:\windows\system32\ir50_32.dll"
+ "Indeo® video 5.10 Decompression Filter" "Intel Indeo® video 5.10" "Intel Corporation" "c:\windows\system32\ir50_32.dll"
+ "Intervideo 3gFileWrite" "Intervideo 3G File Write Filter" "Microsoft Corporation" "c:\program files\ibmtools\apps\common\bin\write3g.ax"
+ "Intervideo AMR Encoder" "IVI AMR Encoding" "Intervideo, Inc." "c:\program files\ibmtools\apps\common\bin\amrenc.ax"
+ "InterVideo Audio Decoder" "IVIAUDIO" "InterVideo Inc." "c:\program files\ibmtools\apps\common\bin\iviaudio.ax"
+ "InterVideo Audio Encoder" "InterVideo?Audio Encoder Filter" "InterVideo Inc." "c:\program files\ibmtools\apps\common\bin\iviaenc.ax"
+ "InterVideo Audio Processor" "" "" "c:\program files\ibmtools\apps\common\bin\iviaudioprocess.ax"
+ "InterVideo Demultiplexer" "InterVideo® MPEG System Demultiplexer Filter" "InterVideo Inc." "c:\program files\ibmtools\apps\common\bin\ividemux.ax"
+ "InterVideo Demux" "InterVideo® MPEG System Demultiplexer Filter" "InterVideo Inc." "c:\program files\ibmtools\apps\common\bin\ividemxx.ax"
+ "Intervideo Disc Read2 Filter" "" "" "c:\program files\ibmtools\apps\common\bin\discread.ax"
+ "InterVideo Disc Write2 Filter" "DiscRite" "InterVideo Inc." "c:\program files\ibmtools\apps\common\bin\discrite.ax"
+ "InterVideo Down Scale Filter" "InterVideo® Down Scale Filter" "InterVideo Inc." "c:\program files\ibmtools\apps\common\bin\ividowns.ax"
+ "InterVideo DV Pre-Process" "InterVideo DV Pre-Process Filter" "InterVideo" "c:\program files\ibmtools\apps\common\bin\dvprocs.ax"
+ "InterVideo File Writer" "InterVideo® File Writer Filter" "InterVideo Inc." "c:\program files\ibmtools\apps\common\bin\iviwrite.ax"
+ "InterVideo MPEG4 Video Decoder" "InterVideo® MPEG4 Video Decoder Filter" "InterVideo Inc." "c:\program files\ibmtools\apps\common\bin\mp4vdec.ax"
+ "InterVideo MPEG4 Video Encoder" "InterVideo® MPEG4 Video Encoder Filter" "InterVideo Inc." "c:\program files\ibmtools\apps\common\bin\mp4venc.ax"
+ "InterVideo MpegInspect" "InterVideo MpegInspect Filter" "InterVideo" "c:\program files\ibmtools\apps\common\bin\mpginspc.ax"
+ "InterVideo Multiplexer" "InterVideo® MPEG System Multiplexer Filter" "InterVideo Inc." "c:\program files\ibmtools\apps\common\bin\ivimux.ax"
+ "InterVideo Navigator" "IVINAV" "InterVideo Inc." "c:\program files\ibmtools\apps\common\bin\ivinav.ax"
+ "InterVideo Pre-scaling Filter" "InterVideo® PreScale Filter" "InterVideo Inc." "c:\program files\ibmtools\apps\common\bin\iviscale.ax"
+ "Intervideo SmartRender" "Intervideo SmartRender Filter" "Microsoft Corporation" "c:\program files\ibmtools\apps\common\bin\smartrnd.ax"
+ "InterVideo Still Capture" "InterVideo® Still Capture Filter" "InterVideo Inc." "c:\program files\ibmtools\apps\common\bin\iviscapt.ax"
+ "InterVideo Stream Buffer Filter" "InterVideo Stream Buffer Filter" "InterVideo Inc." "c:\program files\ibmtools\apps\common\bin\smbuffer.ax"
+ "InterVideo Stream Renderer" "IinterVideo Stream Renderer Filter " "InterVideo, Inc." "c:\program files\ibmtools\apps\common\bin\ivistreamrenderer.ax"
+ "InterVideo Subpicture Source" "Subpicture Source Filter" "InterVideo, Inc." "c:\program files\ibmtools\apps\common\bin\ivispic.ax"
+ "InterVideo VBI Decoder" "InterVideo VBI Decoder Filter" "InterVideo, Inc." "c:\program files\common files\intervideo\vbidec\ivvbidec.ax"
+ "InterVideo Video Decoder" "IVIVIDEO" " InterVideo Inc." "c:\program files\ibmtools\apps\common\bin\ivivideo.ax"
+ "InterVideo Video Encoder" "InterVideo® MPEG Video Encoder Filter" "InterVideo Inc." "c:\program files\ibmtools\apps\common\bin\ivivenc.ax"
+ "InterVideo Wave Wrapper" "InterVideo Wave Wrapper Filter" "InterVideo Inc." "c:\program files\ibmtools\apps\common\bin\iviwavex.ax"
+ "IVI QT source" "iviQTsource" "InterVideo" "c:\program files\ibmtools\apps\common\bin\iviqtsource.ax"
+ "MainConcept (Nikon) MPEG Audio Decoder" "MPEG Video and Audio Decoder" "MainConcept AG (Nikon)" "c:\program files\common files\nikon\mpeg\nikonmcdsmpeg.ax"
+ "MainConcept (Nikon) MPEG Encoder" "MPEG Encoder and Muxer" "MainConcept AG (Nikon)" "c:\program files\common files\nikon\mpeg\nikonmcesmpeg.ax"
+ "MainConcept (Nikon) MPEG Splitter" "Mpeg I/II Splitter" "MainConcept AG (Nikon)" "c:\program files\common files\nikon\mpeg\nikonmcspmpeg.ax"
+ "MainConcept (Nikon) MPEG Video Decoder" "MPEG Video and Audio Decoder" "MainConcept AG (Nikon)" "c:\program files\common files\nikon\mpeg\nikonmcdsmpeg.ax"
+ "MPEG Layer-3 Decoder" "MPEG Layer-3 Audio Decoder" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codecx.ax"
+ "muvee Music Analyser" "Music Analyser Filter for muvee autoProducer" "muvee Technologies Pte Ltd" "c:\program files\common files\muvee technologies\030625\mvmanalyse.ax"
+ "muvee Video Analyser" "Video Analyser Filter for muvee autoProducer" "muvee Technologies Pte Ltd" "c:\program files\common files\muvee technologies\030625\mvvanalyse.ax"
+ "QuickTime Encoder" "QuickTime Encoder" "muvee Technologies" "c:\program files\common files\muvee technologies\030625\quicktimesink.ax"
+ "QuickTime Source Filter" "QuickTimeSource Module" "" "c:\program files\common files\muvee technologies\030625\quicktimesource.dll"
+ "QuickTimeRenderer Filter" "QuickTimeRenderer Filter" "muvee Technologies Pte. Ltd." "c:\program files\common files\muvee technologies\030625\quicktimerenderer.ax"
+ "RealPlayer Audio Filter" "Audio Filter Plugin" "RealNetworks, Inc." "c:\program files\real\realplayer\rdsf3260.dll"
+ "RealPlayer Transcode Filter" "Audio Filter Plugin" "RealNetworks, Inc." "c:\program files\real\realplayer\rdsf3260.dll"
+ "RealPlayer Video Filter" "Audio Filter Plugin" "RealNetworks, Inc." "c:\program files\real\realplayer\rdsf3260.dll"
+ "Record Queue" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "ShotDetect" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Stetch" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WIA Stream Snapshot Filter" "WIA Stream Snapshot Filter" "MyCompanyName" "c:\windows\system32\wiasf.ax"
+ "WM VIH2 Fix" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Audio Analyzer" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Black Frame Generator" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT DirectX Transform Wrapper" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT DV Extract Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT FormatConversion" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Import Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Interlacer" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Log Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT MuxDeMux Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Sample Info Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Screen capture Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Switch Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Renderer" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Source" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Volume" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GinaDLL" "" "" ""
+ "vrlogon.dll" "GINA replacement" "UPEK Inc." "c:\windows\system32\vrlogon.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "igfxcui" "igfxdev Module" "Intel Corporation" "c:\windows\system32\igfxdev.dll"
+ "psfus" "Logon stub" "UPEK Inc." "c:\program files\thinkvantage fingerprint software\psqlpwd.dll"
+ "tpfnf2" "" "" "c:\windows\system32\notifyf2.dll"
+ "tphotkey" "" "" "c:\windows\system32\tphklock.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "Bluetooth Printer Port" "bthcrp DLL" "Broadcom Corporation." "c:\windows\system32\bthcrp.dll"
+ "Canon BJ Language Monitor MX870 series" "IJ Language Monitor" "CANON INC." "c:\windows\system32\cnmlma7.dll"
+ "Canon BJNP Port" "Canon IJ Network 32bit comm Module" "CANON INC." "c:\windows\system32\cnmnppm.dll"
+ "Canon MP FAX Language Monitor MX870 series" "MP FAX Language Monitor DLL" "Canon Inc." "c:\windows\system32\cncf2lm.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Notification Packages" "" "" ""
+ "C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll" "Logon stub" "UPEK Inc." "c:\program files\thinkvantage fingerprint software\psqlpwd.dll"
+ "csspwntfy" "Password change notification" "Lenovo Group Limited" "c:\program files\ibm thinkvantage\client security solution\csspwntfy.dll"

#15 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:41 PM

Posted 08 November 2012 - 04:07 PM

Avira blocked it's attempt to look at the Host files. Does that matter?


No

What are the current issues?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users