Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Pop Up Ad At The Bottom Left Hand Corner Of The Browser & Redirect Page


  • Please log in to reply
10 replies to this topic

#1 topi

topi

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:10:22 PM

Posted 30 November 2012 - 01:27 PM

Hi,

I've been getting pop up ads that keep appearing on the left hand corner of my browser every time I go to certain websites (pic shown below). Also I get redirected to other websites quite often when I don't intend to open that website. Can anyone pls help? Much appreciated.

Posted Image

Edited by topi, 30 November 2012 - 01:44 PM.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:22 AM

Posted 30 November 2012 - 01:44 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 topi

topi
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:10:22 PM

Posted 01 December 2012 - 04:53 AM

TDSSKiller

01:47:02.0601 6808 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
01:47:03.0085 6808 ============================================================
01:47:03.0085 6808 Current date / time: 2012/12/01 01:47:03.0085
01:47:03.0085 6808 SystemInfo:
01:47:03.0085 6808
01:47:03.0085 6808 OS Version: 6.1.7601 ServicePack: 1.0
01:47:03.0085 6808 Product type: Workstation
01:47:03.0085 6808 ComputerName: XXX-PC
01:47:03.0085 6808 UserName: XXX
01:47:03.0085 6808 Windows directory: C:\Windows
01:47:03.0085 6808 System windows directory: C:\Windows
01:47:03.0085 6808 Running under WOW64
01:47:03.0085 6808 Processor architecture: Intel x64
01:47:03.0085 6808 Number of processors: 4
01:47:03.0085 6808 Page size: 0x1000
01:47:03.0085 6808 Boot type: Normal boot
01:47:03.0085 6808 ============================================================
01:47:04.0317 6808 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
01:47:04.0317 6808 ============================================================
01:47:04.0317 6808 \Device\Harddisk0\DR0:
01:47:04.0317 6808 MBR partitions:
01:47:04.0317 6808 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3200800, BlocksNum 0x1749C000
01:47:04.0349 6808 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1A69D000, BlocksNum 0x1FCE8800
01:47:04.0349 6808 ============================================================
01:47:04.0380 6808 C: <-> \Device\Harddisk0\DR0\Partition1
01:47:04.0411 6808 D: <-> \Device\Harddisk0\DR0\Partition2
01:47:04.0411 6808 ============================================================
01:47:04.0411 6808 Initialize success
01:47:04.0411 6808 ============================================================
01:47:35.0619 6632 ============================================================
01:47:35.0619 6632 Scan started
01:47:35.0619 6632 Mode: Manual; TDLFS;
01:47:35.0619 6632 ============================================================
01:47:35.0791 6632 ================ Scan system memory ========================
01:47:35.0791 6632 System memory - ok
01:47:35.0791 6632 ================ Scan services =============================
01:47:35.0994 6632 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
01:47:36.0009 6632 1394ohci - ok
01:47:36.0040 6632 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
01:47:36.0040 6632 ACPI - ok
01:47:36.0056 6632 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
01:47:36.0072 6632 AcpiPmi - ok
01:47:36.0181 6632 [ 11A52CF7B265631DEEB24C6149309EFF ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
01:47:36.0181 6632 AdobeARMservice - ok
01:47:36.0212 6632 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
01:47:36.0228 6632 adp94xx - ok
01:47:36.0259 6632 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
01:47:36.0274 6632 adpahci - ok
01:47:36.0290 6632 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
01:47:36.0290 6632 adpu320 - ok
01:47:36.0321 6632 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
01:47:36.0337 6632 AeLookupSvc - ok
01:47:36.0368 6632 [ 6E79A119B0CE418FE44E0C824BF3F039 ] AFBAgent C:\Windows\system32\FBAgent.exe
01:47:36.0384 6632 AFBAgent - ok
01:47:36.0433 6632 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
01:47:36.0449 6632 AFD - ok
01:47:36.0480 6632 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
01:47:36.0480 6632 agp440 - ok
01:47:36.0511 6632 [ 14370049D8C9912EAC7603809A77C378 ] AiCharger C:\Windows\system32\DRIVERS\AiCharger.sys
01:47:36.0511 6632 AiCharger - ok
01:47:36.0527 6632 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
01:47:36.0543 6632 ALG - ok
01:47:36.0558 6632 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
01:47:36.0558 6632 aliide - ok
01:47:36.0574 6632 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
01:47:36.0574 6632 amdide - ok
01:47:36.0589 6632 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
01:47:36.0589 6632 AmdK8 - ok
01:47:36.0605 6632 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
01:47:36.0605 6632 AmdPPM - ok
01:47:36.0636 6632 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
01:47:36.0652 6632 amdsata - ok
01:47:36.0667 6632 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
01:47:36.0667 6632 amdsbs - ok
01:47:36.0683 6632 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
01:47:36.0699 6632 amdxata - ok
01:47:36.0699 6632 AmUStor - ok
01:47:36.0714 6632 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
01:47:36.0714 6632 AppID - ok
01:47:36.0730 6632 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
01:47:36.0730 6632 AppIDSvc - ok
01:47:36.0745 6632 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
01:47:36.0745 6632 Appinfo - ok
01:47:36.0870 6632 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
01:47:36.0870 6632 Apple Mobile Device - ok
01:47:36.0886 6632 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
01:47:36.0886 6632 arc - ok
01:47:36.0901 6632 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
01:47:36.0901 6632 arcsas - ok
01:47:36.0979 6632 [ 18E5C2F937F9DEB8C282DF66A3761925 ] ASLDRService C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
01:47:36.0979 6632 ASLDRService - ok
01:47:37.0026 6632 [ 4C016FD76ED5C05E84CA8CAB77993961 ] ASMMAP64 C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
01:47:37.0026 6632 ASMMAP64 - ok
01:47:37.0042 6632 [ 06F30358A657CBA22115C4368B4001F9 ] assd C:\Windows\system32\drivers\assd.sys
01:47:37.0057 6632 assd - ok
01:47:37.0089 6632 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
01:47:37.0089 6632 AsyncMac - ok
01:47:37.0120 6632 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
01:47:37.0120 6632 atapi - ok
01:47:37.0135 6632 [ CBE61B4494165F458BD87E37181EE934 ] AthBTPort C:\Windows\system32\DRIVERS\btath_flt.sys
01:47:37.0135 6632 AthBTPort - ok
01:47:37.0167 6632 [ 4C4A576818EA028257C624AE36FF7A03 ] Atheros Bt&Wlan Coex Agent C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
01:47:37.0167 6632 Atheros Bt&Wlan Coex Agent - ok
01:47:37.0182 6632 [ 21753130331188C4B474E1D3B396E629 ] AtherosSvc C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
01:47:37.0182 6632 AtherosSvc - ok
01:47:37.0307 6632 [ B4174564AD5834A1680610572477878C ] athr C:\Windows\system32\DRIVERS\athrx.sys
01:47:37.0416 6632 athr - ok
01:47:37.0447 6632 [ 7910158929571214A959D5A6D16DD9C0 ] ATKGFNEXSrv C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
01:47:37.0447 6632 ATKGFNEXSrv - ok
01:47:37.0463 6632 [ 1F7238A37389ED92E9D8EEE975CABD54 ] ATKWMIACPIIO C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
01:47:37.0479 6632 ATKWMIACPIIO - ok
01:47:37.0525 6632 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
01:47:37.0541 6632 AudioEndpointBuilder - ok
01:47:37.0557 6632 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
01:47:37.0557 6632 AudioSrv - ok
01:47:37.0588 6632 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
01:47:37.0588 6632 AxInstSV - ok
01:47:37.0619 6632 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
01:47:37.0635 6632 b06bdrv - ok
01:47:37.0650 6632 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
01:47:37.0666 6632 b57nd60a - ok
01:47:37.0681 6632 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
01:47:37.0697 6632 BDESVC - ok
01:47:37.0697 6632 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
01:47:37.0697 6632 Beep - ok
01:47:37.0744 6632 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
01:47:37.0775 6632 BFE - ok
01:47:37.0822 6632 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
01:47:37.0853 6632 BITS - ok
01:47:37.0869 6632 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
01:47:37.0869 6632 blbdrive - ok
01:47:37.0993 6632 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
01:47:38.0009 6632 Bonjour Service - ok
01:47:38.0040 6632 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
01:47:38.0040 6632 bowser - ok
01:47:38.0056 6632 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
01:47:38.0056 6632 BrFiltLo - ok
01:47:38.0087 6632 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
01:47:38.0087 6632 BrFiltUp - ok
01:47:38.0118 6632 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
01:47:38.0181 6632 Browser - ok
01:47:38.0196 6632 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
01:47:38.0196 6632 Brserid - ok
01:47:38.0212 6632 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
01:47:38.0212 6632 BrSerWdm - ok
01:47:38.0227 6632 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
01:47:38.0227 6632 BrUsbMdm - ok
01:47:38.0227 6632 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
01:47:38.0243 6632 BrUsbSer - ok
01:47:38.0290 6632 [ FE70889A85C57A9268101B2DB0474509 ] BTATH_A2DP C:\Windows\system32\drivers\btath_a2dp.sys
01:47:38.0290 6632 BTATH_A2DP - ok
01:47:38.0337 6632 [ A83A91D07D1FE6BBE7A9DB46CA00434B ] BTATH_BUS C:\Windows\system32\DRIVERS\btath_bus.sys
01:47:38.0337 6632 BTATH_BUS - ok
01:47:38.0352 6632 [ C864FF85EE16D61C2BDD5EF76824625F ] BTATH_HCRP C:\Windows\system32\DRIVERS\btath_hcrp.sys
01:47:38.0368 6632 BTATH_HCRP - ok
01:47:38.0383 6632 [ 0DEA505EFB5D771826D177EF8B8A208F ] BTATH_LWFLT C:\Windows\system32\DRIVERS\btath_lwflt.sys
01:47:38.0383 6632 BTATH_LWFLT - ok
01:47:38.0399 6632 [ 724C8088C96EFE7A3E63FEC21D4681C0 ] BTATH_RCP C:\Windows\system32\DRIVERS\btath_rcp.sys
01:47:38.0399 6632 BTATH_RCP - ok
01:47:38.0430 6632 [ AA0F5AFCF077C5246589B32ECEEAE566 ] BtFilter C:\Windows\system32\DRIVERS\btfilter.sys
01:47:38.0430 6632 BtFilter - ok
01:47:38.0477 6632 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
01:47:38.0493 6632 BthEnum - ok
01:47:38.0524 6632 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
01:47:38.0524 6632 BTHMODEM - ok
01:47:38.0555 6632 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
01:47:38.0571 6632 BthPan - ok
01:47:38.0602 6632 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
01:47:38.0664 6632 BTHPORT - ok
01:47:38.0695 6632 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
01:47:38.0695 6632 bthserv - ok
01:47:38.0711 6632 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
01:47:38.0742 6632 BTHUSB - ok
01:47:38.0773 6632 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
01:47:38.0773 6632 cdfs - ok
01:47:38.0805 6632 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
01:47:38.0820 6632 cdrom - ok
01:47:38.0836 6632 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
01:47:38.0836 6632 CertPropSvc - ok
01:47:38.0976 6632 [ 74FFFB94D7FFD4750BD429CCB197720E ] Change Modem Device Service C:\Windows\SysWOW64\ChgService.exe
01:47:39.0054 6632 Change Modem Device Service - ok
01:47:39.0070 6632 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
01:47:39.0070 6632 circlass - ok
01:47:39.0085 6632 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
01:47:39.0101 6632 CLFS - ok
01:47:39.0179 6632 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
01:47:39.0179 6632 clr_optimization_v2.0.50727_32 - ok
01:47:39.0241 6632 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
01:47:39.0257 6632 clr_optimization_v2.0.50727_64 - ok
01:47:39.0335 6632 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
01:47:39.0351 6632 clr_optimization_v4.0.30319_32 - ok
01:47:39.0382 6632 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
01:47:39.0397 6632 clr_optimization_v4.0.30319_64 - ok
01:47:39.0429 6632 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
01:47:39.0429 6632 CmBatt - ok
01:47:39.0460 6632 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
01:47:39.0460 6632 cmdide - ok
01:47:39.0491 6632 [ F34031DC6D1745154F54B04AFF54F5D1 ] cmnsusbser C:\Windows\system32\DRIVERS\cmnsusbser.sys
01:47:39.0507 6632 cmnsusbser - ok
01:47:39.0538 6632 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
01:47:39.0553 6632 CNG - ok
01:47:39.0569 6632 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
01:47:39.0569 6632 Compbatt - ok
01:47:39.0600 6632 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
01:47:39.0600 6632 CompositeBus - ok
01:47:39.0616 6632 COMSysApp - ok
01:47:39.0647 6632 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
01:47:39.0647 6632 crcdisk - ok
01:47:39.0678 6632 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
01:47:39.0694 6632 CryptSvc - ok
01:47:39.0803 6632 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
01:47:39.0834 6632 cvhsvc - ok
01:47:39.0881 6632 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
01:47:39.0912 6632 DcomLaunch - ok
01:47:39.0943 6632 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
01:47:39.0959 6632 defragsvc - ok
01:47:39.0975 6632 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
01:47:39.0975 6632 DfsC - ok
01:47:40.0006 6632 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
01:47:40.0021 6632 Dhcp - ok
01:47:40.0053 6632 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
01:47:40.0053 6632 discache - ok
01:47:40.0068 6632 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
01:47:40.0084 6632 Disk - ok
01:47:40.0099 6632 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
01:47:40.0115 6632 Dnscache - ok
01:47:40.0146 6632 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
01:47:40.0146 6632 dot3svc - ok
01:47:40.0193 6632 [ B42ED0320C6E41102FDE0005154849BB ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
01:47:40.0193 6632 Dot4 - ok
01:47:40.0224 6632 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
01:47:40.0224 6632 Dot4Print - ok
01:47:40.0255 6632 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
01:47:40.0255 6632 dot4usb - ok
01:47:40.0271 6632 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
01:47:40.0287 6632 DPS - ok
01:47:40.0318 6632 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
01:47:40.0318 6632 drmkaud - ok
01:47:40.0365 6632 [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
01:47:40.0365 6632 dtsoftbus01 - ok
01:47:40.0411 6632 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
01:47:40.0458 6632 DXGKrnl - ok
01:47:40.0489 6632 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
01:47:40.0489 6632 EapHost - ok
01:47:40.0599 6632 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
01:47:40.0677 6632 ebdrv - ok
01:47:40.0708 6632 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
01:47:40.0708 6632 EFS - ok
01:47:40.0770 6632 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
01:47:40.0786 6632 ehRecvr - ok
01:47:40.0817 6632 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
01:47:40.0817 6632 ehSched - ok
01:47:40.0848 6632 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
01:47:40.0864 6632 elxstor - ok
01:47:40.0879 6632 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
01:47:40.0879 6632 ErrDev - ok
01:47:40.0942 6632 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
01:47:40.0942 6632 EventSystem - ok
01:47:40.0973 6632 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
01:47:40.0973 6632 exfat - ok
01:47:41.0004 6632 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
01:47:41.0020 6632 fastfat - ok
01:47:41.0051 6632 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
01:47:41.0082 6632 Fax - ok
01:47:41.0098 6632 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
01:47:41.0113 6632 fdc - ok
01:47:41.0129 6632 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
01:47:41.0145 6632 fdPHost - ok
01:47:41.0160 6632 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
01:47:41.0160 6632 FDResPub - ok
01:47:41.0191 6632 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
01:47:41.0191 6632 FileInfo - ok
01:47:41.0207 6632 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
01:47:41.0207 6632 Filetrace - ok
01:47:41.0223 6632 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
01:47:41.0238 6632 flpydisk - ok
01:47:41.0254 6632 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
01:47:41.0269 6632 FltMgr - ok
01:47:41.0301 6632 [ 7DE8A770487FC4B5E3A168AD97E1D370 ] FLxHCIc C:\Windows\system32\DRIVERS\FLxHCIc.sys
01:47:41.0316 6632 FLxHCIc - ok
01:47:41.0347 6632 [ 2D54A3319FC955029E4B371CDC088FF4 ] FLxHCIh C:\Windows\system32\DRIVERS\FLxHCIh.sys
01:47:41.0347 6632 FLxHCIh - ok
01:47:41.0410 6632 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
01:47:41.0457 6632 FontCache - ok
01:47:41.0504 6632 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
01:47:41.0520 6632 FontCache3.0.0.0 - ok
01:47:41.0536 6632 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
01:47:41.0536 6632 FsDepends - ok
01:47:41.0567 6632 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
01:47:41.0567 6632 Fs_Rec - ok
01:47:41.0598 6632 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
01:47:41.0598 6632 fvevol - ok
01:47:41.0629 6632 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
01:47:41.0629 6632 gagp30kx - ok
01:47:41.0660 6632 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
01:47:41.0660 6632 GEARAspiWDM - ok
01:47:41.0723 6632 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
01:47:41.0754 6632 gpsvc - ok
01:47:41.0832 6632 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
01:47:41.0832 6632 gupdate - ok
01:47:41.0848 6632 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
01:47:41.0848 6632 gupdatem - ok
01:47:41.0894 6632 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
01:47:41.0894 6632 hamachi - ok
01:47:41.0926 6632 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
01:47:41.0926 6632 hcw85cir - ok
01:47:41.0941 6632 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
01:47:41.0957 6632 HdAudAddService - ok
01:47:41.0988 6632 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
01:47:41.0988 6632 HDAudBus - ok
01:47:42.0004 6632 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
01:47:42.0004 6632 HidBatt - ok
01:47:42.0035 6632 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
01:47:42.0050 6632 HidBth - ok
01:47:42.0050 6632 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
01:47:42.0050 6632 HidIr - ok
01:47:42.0082 6632 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
01:47:42.0082 6632 hidserv - ok
01:47:42.0097 6632 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
01:47:42.0113 6632 HidUsb - ok
01:47:42.0160 6632 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
01:47:42.0160 6632 hkmsvc - ok
01:47:42.0175 6632 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
01:47:42.0175 6632 HomeGroupListener - ok
01:47:42.0206 6632 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
01:47:42.0222 6632 HomeGroupProvider - ok
01:47:42.0238 6632 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
01:47:42.0238 6632 HpSAMD - ok
01:47:42.0316 6632 [ 5ECEC779312AD35B1B19951A4B53FAC1 ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
01:47:42.0534 6632 HPSLPSVC - ok
01:47:42.0581 6632 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
01:47:42.0612 6632 HTTP - ok
01:47:42.0643 6632 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
01:47:42.0643 6632 hwpolicy - ok
01:47:42.0674 6632 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
01:47:42.0674 6632 i8042prt - ok
01:47:42.0737 6632 [ D7921D5A870B11CC1ADAB198A519D50A ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
01:47:42.0752 6632 iaStor - ok
01:47:42.0815 6632 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
01:47:42.0830 6632 iaStorV - ok
01:47:42.0908 6632 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
01:47:42.0955 6632 idsvc - ok
01:47:43.0298 6632 [ EFE5A0AF39A8E179624117C521F1E012 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
01:47:43.0579 6632 igfx - ok
01:47:43.0626 6632 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
01:47:43.0642 6632 iirsp - ok
01:47:43.0688 6632 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
01:47:43.0720 6632 IKEEXT - ok
01:47:43.0860 6632 [ 9F573C952961F444F400489E81ECA381 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
01:47:43.0954 6632 IntcAzAudAddService - ok
01:47:43.0985 6632 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
01:47:44.0000 6632 IntcDAud - ok
01:47:44.0000 6632 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
01:47:44.0000 6632 intelide - ok
01:47:44.0032 6632 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
01:47:44.0047 6632 intelppm - ok
01:47:44.0078 6632 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
01:47:44.0078 6632 IPBusEnum - ok
01:47:44.0094 6632 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
01:47:44.0094 6632 IpFilterDriver - ok
01:47:44.0141 6632 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
01:47:44.0156 6632 iphlpsvc - ok
01:47:44.0172 6632 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
01:47:44.0172 6632 IPMIDRV - ok
01:47:44.0188 6632 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
01:47:44.0188 6632 IPNAT - ok
01:47:44.0312 6632 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
01:47:44.0344 6632 iPod Service - ok
01:47:44.0375 6632 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
01:47:44.0375 6632 IRENUM - ok
01:47:44.0390 6632 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
01:47:44.0390 6632 isapnp - ok
01:47:44.0422 6632 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
01:47:44.0422 6632 iScsiPrt - ok
01:47:44.0453 6632 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
01:47:44.0453 6632 kbdclass - ok
01:47:44.0484 6632 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
01:47:44.0484 6632 kbdhid - ok
01:47:44.0515 6632 [ E63EF8C3271D014F14E2469CE75FECB4 ] kbfiltr C:\Windows\system32\DRIVERS\kbfiltr.sys
01:47:44.0531 6632 kbfiltr - ok
01:47:44.0546 6632 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
01:47:44.0546 6632 KeyIso - ok
01:47:44.0593 6632 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
01:47:44.0593 6632 KSecDD - ok
01:47:44.0624 6632 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
01:47:44.0624 6632 KSecPkg - ok
01:47:44.0640 6632 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
01:47:44.0640 6632 ksthunk - ok
01:47:44.0702 6632 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
01:47:44.0702 6632 KtmRm - ok
01:47:44.0749 6632 [ A4A9CA24E54E81C6C3E469EAEB4B3F42 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
01:47:44.0749 6632 L1C - ok
01:47:44.0780 6632 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
01:47:44.0780 6632 LanmanServer - ok
01:47:44.0812 6632 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
01:47:44.0827 6632 LanmanWorkstation - ok
01:47:44.0843 6632 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
01:47:44.0843 6632 lltdio - ok
01:47:44.0890 6632 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
01:47:44.0905 6632 lltdsvc - ok
01:47:44.0921 6632 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
01:47:44.0921 6632 lmhosts - ok
01:47:44.0983 6632 [ 7F32D4C47A50E7223491E8FB9359907D ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
01:47:44.0999 6632 LMS - ok
01:47:45.0030 6632 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
01:47:45.0046 6632 LSI_FC - ok
01:47:45.0061 6632 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
01:47:45.0061 6632 LSI_SAS - ok
01:47:45.0077 6632 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
01:47:45.0077 6632 LSI_SAS2 - ok
01:47:45.0092 6632 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
01:47:45.0108 6632 LSI_SCSI - ok
01:47:45.0124 6632 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
01:47:45.0124 6632 luafv - ok
01:47:45.0186 6632 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
01:47:45.0186 6632 Mcx2Svc - ok
01:47:45.0202 6632 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
01:47:45.0217 6632 megasas - ok
01:47:45.0248 6632 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
01:47:45.0248 6632 MegaSR - ok
01:47:45.0280 6632 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
01:47:45.0280 6632 MEIx64 - ok
01:47:45.0358 6632 Microsoft SharePoint Workspace Audit Service - ok
01:47:45.0404 6632 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
01:47:45.0404 6632 MMCSS - ok
01:47:45.0436 6632 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
01:47:45.0436 6632 Modem - ok
01:47:45.0451 6632 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
01:47:45.0451 6632 monitor - ok
01:47:45.0467 6632 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
01:47:45.0467 6632 mouclass - ok
01:47:45.0482 6632 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
01:47:45.0482 6632 mouhid - ok
01:47:45.0514 6632 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
01:47:45.0514 6632 mountmgr - ok
01:47:45.0592 6632 [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
01:47:45.0592 6632 MozillaMaintenance - ok
01:47:45.0654 6632 [ 94C66EDEDCDB6A126880472F9A704D8E ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
01:47:45.0670 6632 MpFilter - ok
01:47:45.0701 6632 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
01:47:45.0701 6632 mpio - ok
01:47:45.0732 6632 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
01:47:45.0732 6632 mpsdrv - ok
01:47:45.0794 6632 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
01:47:45.0826 6632 MpsSvc - ok
01:47:45.0841 6632 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
01:47:45.0857 6632 MRxDAV - ok
01:47:45.0904 6632 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
01:47:45.0904 6632 mrxsmb - ok
01:47:45.0935 6632 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
01:47:45.0950 6632 mrxsmb10 - ok
01:47:45.0966 6632 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
01:47:45.0982 6632 mrxsmb20 - ok
01:47:46.0013 6632 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
01:47:46.0013 6632 msahci - ok
01:47:46.0044 6632 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
01:47:46.0044 6632 msdsm - ok
01:47:46.0075 6632 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
01:47:46.0075 6632 MSDTC - ok
01:47:46.0122 6632 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
01:47:46.0138 6632 Msfs - ok
01:47:46.0153 6632 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
01:47:46.0153 6632 mshidkmdf - ok
01:47:46.0169 6632 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
01:47:46.0169 6632 msisadrv - ok
01:47:46.0216 6632 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
01:47:46.0231 6632 MSiSCSI - ok
01:47:46.0231 6632 msiserver - ok
01:47:46.0262 6632 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
01:47:46.0262 6632 MSKSSRV - ok
01:47:46.0325 6632 [ 59FAAF2C83C8169EA20F9E335E418907 ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe
01:47:46.0325 6632 MsMpSvc - ok
01:47:46.0356 6632 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
01:47:46.0356 6632 MSPCLOCK - ok
01:47:46.0387 6632 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
01:47:46.0387 6632 MSPQM - ok
01:47:46.0418 6632 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
01:47:46.0434 6632 MsRPC - ok
01:47:46.0465 6632 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
01:47:46.0465 6632 mssmbios - ok
01:47:46.0465 6632 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
01:47:46.0481 6632 MSTEE - ok
01:47:46.0481 6632 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
01:47:46.0496 6632 MTConfig - ok
01:47:46.0513 6632 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
01:47:46.0513 6632 Mup - ok
01:47:46.0607 6632 [ 53CB493291C3141AC644242276C3E41D ] MyEpson Portal Service C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe
01:47:46.0622 6632 MyEpson Portal Service - ok
01:47:46.0653 6632 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
01:47:46.0685 6632 napagent - ok
01:47:46.0716 6632 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
01:47:46.0731 6632 NativeWifiP - ok
01:47:46.0778 6632 [ C38B8AE57F78915905064A9A24DC1586 ] NDIS C:\Windows\system32\drivers\ndis.sys
01:47:46.0809 6632 NDIS - ok
01:47:46.0841 6632 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
01:47:46.0841 6632 NdisCap - ok
01:47:46.0856 6632 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
01:47:46.0872 6632 NdisTapi - ok
01:47:46.0872 6632 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
01:47:46.0887 6632 Ndisuio - ok
01:47:46.0903 6632 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
01:47:46.0903 6632 NdisWan - ok
01:47:46.0934 6632 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
01:47:46.0934 6632 NDProxy - ok
01:47:46.0981 6632 [ DC6530A291D4BDF6DF399F1F128E7F8F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
01:47:46.0981 6632 Net Driver HPZ12 - ok
01:47:46.0998 6632 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
01:47:46.0998 6632 NetBIOS - ok
01:47:47.0029 6632 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
01:47:47.0029 6632 NetBT - ok
01:47:47.0044 6632 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
01:47:47.0044 6632 Netlogon - ok
01:47:47.0091 6632 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
01:47:47.0091 6632 Netman - ok
01:47:47.0138 6632 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
01:47:47.0169 6632 netprofm - ok
01:47:47.0200 6632 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
01:47:47.0200 6632 NetTcpPortSharing - ok
01:47:47.0247 6632 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
01:47:47.0247 6632 nfrd960 - ok
01:47:47.0294 6632 [ 91B4E0273D2F6C24EF845F2B41311289 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
01:47:47.0310 6632 NisDrv - ok
01:47:47.0341 6632 [ 10A43829A9E606AF3EEF25A1C1665923 ] NisSrv C:\Program Files\Microsoft Security Client\NisSrv.exe
01:47:47.0341 6632 NisSrv - ok
01:47:47.0481 6632 [ 39645FF63EE21582D40704C2CAAC1252 ] NitroReaderDriverReadSpool2 C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe
01:47:47.0481 6632 NitroReaderDriverReadSpool2 - ok
01:47:47.0544 6632 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
01:47:47.0544 6632 NlaSvc - ok
01:47:47.0590 6632 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
01:47:47.0590 6632 Npfs - ok
01:47:47.0637 6632 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
01:47:47.0637 6632 nsi - ok
01:47:47.0637 6632 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
01:47:47.0637 6632 nsiproxy - ok
01:47:47.0715 6632 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
01:47:47.0778 6632 Ntfs - ok
01:47:47.0793 6632 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
01:47:47.0793 6632 Null - ok
01:47:48.0121 6632 [ 7328528DAF9B8A486E16595A35043DB0 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
01:47:48.0433 6632 nvlddmkm - ok
01:47:48.0464 6632 [ 8AE5A124F3B65C3EC531D251A3E9C87F ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys
01:47:48.0464 6632 nvpciflt - ok
01:47:48.0511 6632 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
01:47:48.0511 6632 nvraid - ok
01:47:48.0526 6632 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
01:47:48.0526 6632 nvstor - ok
01:47:48.0573 6632 [ CEA3416907C17BB6623D9CB1E015B3C4 ] NVSvc C:\Windows\system32\nvvsvc.exe
01:47:48.0604 6632 NVSvc - ok
01:47:48.0698 6632 [ 741688E5A65CC43567BCC329AE130075 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
01:47:48.0760 6632 nvUpdatusService - ok
01:47:48.0792 6632 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
01:47:48.0792 6632 nv_agp - ok
01:47:48.0823 6632 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
01:47:48.0838 6632 ohci1394 - ok
01:47:48.0885 6632 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
01:47:48.0901 6632 ose - ok
01:47:49.0072 6632 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
01:47:49.0213 6632 osppsvc - ok
01:47:49.0260 6632 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
01:47:49.0275 6632 p2pimsvc - ok
01:47:49.0322 6632 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
01:47:49.0338 6632 p2psvc - ok
01:47:49.0369 6632 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
01:47:49.0369 6632 Parport - ok
01:47:49.0400 6632 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
01:47:49.0416 6632 partmgr - ok
01:47:49.0447 6632 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
01:47:49.0447 6632 PcaSvc - ok
01:47:49.0525 6632 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
01:47:49.0540 6632 pci - ok
01:47:49.0556 6632 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
01:47:49.0572 6632 pciide - ok
01:47:49.0603 6632 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
01:47:49.0603 6632 pcmcia - ok
01:47:49.0634 6632 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
01:47:49.0634 6632 pcw - ok
01:47:49.0665 6632 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
01:47:49.0681 6632 PEAUTH - ok
01:47:49.0821 6632 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
01:47:49.0821 6632 PerfHost - ok
01:47:49.0962 6632 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
01:47:50.0008 6632 pla - ok
01:47:50.0055 6632 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
01:47:50.0071 6632 PlugPlay - ok
01:47:50.0102 6632 [ 71F62C51DFDFBC04C83C5C64B2B8058E ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
01:47:50.0102 6632 Pml Driver HPZ12 - ok
01:47:50.0133 6632 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
01:47:50.0133 6632 PNRPAutoReg - ok
01:47:50.0164 6632 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
01:47:50.0164 6632 PNRPsvc - ok
01:47:50.0227 6632 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
01:47:50.0227 6632 PolicyAgent - ok
01:47:50.0289 6632 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
01:47:50.0289 6632 Power - ok
01:47:50.0320 6632 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
01:47:50.0336 6632 PptpMiniport - ok
01:47:50.0352 6632 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
01:47:50.0352 6632 Processor - ok
01:47:50.0383 6632 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
01:47:50.0383 6632 ProfSvc - ok
01:47:50.0398 6632 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
01:47:50.0398 6632 ProtectedStorage - ok
01:47:50.0430 6632 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
01:47:50.0430 6632 Psched - ok
01:47:50.0476 6632 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
01:47:50.0508 6632 ql2300 - ok
01:47:50.0586 6632 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
01:47:50.0586 6632 ql40xx - ok
01:47:50.0632 6632 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
01:47:50.0632 6632 QWAVE - ok
01:47:50.0664 6632 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
01:47:50.0664 6632 QWAVEdrv - ok
01:47:50.0664 6632 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
01:47:50.0679 6632 RasAcd - ok
01:47:50.0710 6632 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
01:47:50.0710 6632 RasAgileVpn - ok
01:47:50.0726 6632 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
01:47:50.0742 6632 RasAuto - ok
01:47:50.0757 6632 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
01:47:50.0757 6632 Rasl2tp - ok
01:47:50.0773 6632 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
01:47:50.0773 6632 RasMan - ok
01:47:50.0835 6632 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
01:47:50.0835 6632 RasPppoe - ok
01:47:50.0851 6632 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
01:47:50.0851 6632 RasSstp - ok
01:47:50.0882 6632 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
01:47:50.0882 6632 rdbss - ok
01:47:50.0913 6632 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
01:47:50.0913 6632 rdpbus - ok
01:47:50.0929 6632 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
01:47:50.0929 6632 RDPCDD - ok
01:47:50.0960 6632 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
01:47:50.0960 6632 RDPENCDD - ok
01:47:50.0991 6632 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
01:47:50.0991 6632 RDPREFMP - ok
01:47:51.0038 6632 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
01:47:51.0038 6632 RDPWD - ok
01:47:51.0054 6632 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
01:47:51.0054 6632 rdyboost - ok
01:47:51.0116 6632 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
01:47:51.0116 6632 RemoteAccess - ok
01:47:51.0163 6632 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
01:47:51.0163 6632 RemoteRegistry - ok
01:47:51.0194 6632 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
01:47:51.0194 6632 RFCOMM - ok
01:47:51.0241 6632 [ AD42432D22940B4215177BE113E4919C ] RimUsb C:\Windows\system32\Drivers\RimUsb_AMD64.sys
01:47:51.0256 6632 RimUsb - ok
01:47:51.0288 6632 [ 4AAFFFA67AC4DFA3D9985D78573887E2 ] RimVSerPort C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
01:47:51.0303 6632 RimVSerPort - ok
01:47:51.0334 6632 [ 388D3DD1A6457280F3BADBA9F3ACD6B1 ] ROOTMODEM C:\Windows\system32\Drivers\RootMdm.sys
01:47:51.0334 6632 ROOTMODEM - ok
01:47:51.0350 6632 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
01:47:51.0350 6632 RpcEptMapper - ok
01:47:51.0381 6632 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
01:47:51.0381 6632 RpcLocator - ok
01:47:51.0428 6632 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
01:47:51.0428 6632 RpcSs - ok
01:47:51.0459 6632 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
01:47:51.0459 6632 rspndr - ok
01:47:51.0490 6632 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
01:47:51.0490 6632 SamSs - ok
01:47:51.0522 6632 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
01:47:51.0522 6632 sbp2port - ok
01:47:51.0537 6632 SBRE - ok
01:47:51.0553 6632 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
01:47:51.0553 6632 SCardSvr - ok
01:47:51.0568 6632 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
01:47:51.0584 6632 scfilter - ok
01:47:51.0615 6632 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
01:47:51.0646 6632 Schedule - ok
01:47:51.0678 6632 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
01:47:51.0678 6632 SCPolicySvc - ok
01:47:51.0693 6632 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
01:47:51.0693 6632 SDRSVC - ok
01:47:51.0709 6632 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
01:47:51.0709 6632 secdrv - ok
01:47:51.0724 6632 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
01:47:51.0740 6632 seclogon - ok
01:47:51.0756 6632 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
01:47:51.0756 6632 SENS - ok
01:47:51.0771 6632 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
01:47:51.0787 6632 SensrSvc - ok
01:47:51.0802 6632 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
01:47:51.0802 6632 Serenum - ok
01:47:51.0818 6632 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
01:47:51.0818 6632 Serial - ok
01:47:51.0834 6632 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
01:47:51.0834 6632 sermouse - ok
01:47:51.0896 6632 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
01:47:51.0896 6632 SessionEnv - ok
01:47:51.0896 6632 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
01:47:51.0912 6632 sffdisk - ok
01:47:51.0912 6632 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
01:47:51.0912 6632 sffp_mmc - ok
01:47:51.0927 6632 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
01:47:51.0943 6632 sffp_sd - ok
01:47:51.0943 6632 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
01:47:51.0943 6632 sfloppy - ok
01:47:51.0990 6632 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
01:47:52.0005 6632 Sftfs - ok
01:47:52.0083 6632 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
01:47:52.0083 6632 sftlist - ok
01:47:52.0130 6632 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
01:47:52.0146 6632 Sftplay - ok
01:47:52.0161 6632 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
01:47:52.0161 6632 Sftredir - ok
01:47:52.0192 6632 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
01:47:52.0192 6632 Sftvol - ok
01:47:52.0224 6632 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
01:47:52.0224 6632 sftvsa - ok
01:47:52.0286 6632 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
01:47:52.0302 6632 SharedAccess - ok
01:47:52.0348 6632 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
01:47:52.0364 6632 ShellHWDetection - ok
01:47:52.0395 6632 [ 1BC348CF6BAA90EC8E533EF6E6A69933 ] SiSGbeLH C:\Windows\system32\DRIVERS\SiSG664.sys
01:47:52.0411 6632 SiSGbeLH - ok
01:47:52.0442 6632 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
01:47:52.0442 6632 SiSRaid2 - ok
01:47:52.0473 6632 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
01:47:52.0473 6632 SiSRaid4 - ok
01:47:52.0551 6632 [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
01:47:52.0551 6632 SkypeUpdate - ok
01:47:52.0582 6632 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
01:47:52.0582 6632 Smb - ok
01:47:52.0629 6632 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
01:47:52.0629 6632 SNMPTRAP - ok
01:47:52.0738 6632 [ C98375D19F9E9966F6201BAE65FB3728 ] SNP2UVC C:\Windows\system32\DRIVERS\snp2uvc.sys
01:47:52.0801 6632 SNP2UVC - ok
01:47:52.0832 6632 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
01:47:52.0832 6632 spldr - ok
01:47:52.0879 6632 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
01:47:52.0957 6632 Spooler - ok
01:47:53.0066 6632 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
01:47:53.0175 6632 sppsvc - ok
01:47:53.0206 6632 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
01:47:53.0206 6632 sppuinotify - ok
01:47:53.0253 6632 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
01:47:53.0269 6632 srv - ok
01:47:53.0300 6632 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
01:47:53.0316 6632 srv2 - ok
01:47:53.0347 6632 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
01:47:53.0347 6632 srvnet - ok
01:47:53.0394 6632 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
01:47:53.0409 6632 SSDPSRV - ok
01:47:53.0425 6632 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
01:47:53.0425 6632 SstpSvc - ok
01:47:53.0456 6632 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
01:47:53.0456 6632 stexstor - ok
01:47:53.0503 6632 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
01:47:53.0518 6632 StillCam - ok
01:47:53.0550 6632 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
01:47:53.0596 6632 stisvc - ok
01:47:53.0628 6632 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
01:47:53.0628 6632 swenum - ok
01:47:53.0674 6632 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
01:47:53.0690 6632 swprv - ok
01:47:53.0784 6632 [ BC642D540AEDF9A253C74D10C848EBD2 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
01:47:53.0830 6632 SynTP - ok
01:47:53.0908 6632 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
01:47:53.0971 6632 SysMain - ok
01:47:54.0002 6632 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
01:47:54.0002 6632 TabletInputService - ok
01:47:54.0033 6632 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
01:47:54.0049 6632 TapiSrv - ok
01:47:54.0080 6632 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
01:47:54.0080 6632 TBS - ok
01:47:54.0142 6632 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
01:47:54.0205 6632 Tcpip - ok
01:47:54.0252 6632 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
01:47:54.0267 6632 TCPIP6 - ok
01:47:54.0314 6632 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
01:47:54.0330 6632 tcpipreg - ok
01:47:54.0361 6632 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
01:47:54.0361 6632 TDPIPE - ok
01:47:54.0392 6632 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
01:47:54.0408 6632 TDTCP - ok
01:47:54.0439 6632 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
01:47:54.0439 6632 tdx - ok
01:47:54.0579 6632 [ C9B9373A0A430C11F0213E359D0772B2 ] TeamViewer7 C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
01:47:54.0642 6632 TeamViewer7 - ok
01:47:54.0673 6632 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
01:47:54.0673 6632 TermDD - ok
01:47:54.0720 6632 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
01:47:54.0751 6632 TermService - ok
01:47:54.0766 6632 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
01:47:54.0766 6632 Themes - ok
01:47:54.0813 6632 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
01:47:54.0813 6632 THREADORDER - ok
01:47:54.0844 6632 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
01:47:54.0860 6632 TrkWks - ok
01:47:54.0954 6632 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
01:47:54.0954 6632 TrustedInstaller - ok
01:47:55.0016 6632 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
01:47:55.0016 6632 tssecsrv - ok
01:47:55.0078 6632 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
01:47:55.0078 6632 TsUsbFlt - ok
01:47:55.0141 6632 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
01:47:55.0141 6632 TsUsbGD - ok
01:47:55.0188 6632 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
01:47:55.0188 6632 tunnel - ok
01:47:55.0234 6632 [ FD24F98D2898BE093FE926604BE7DB99 ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys
01:47:55.0250 6632 TurboB - ok
01:47:55.0297 6632 [ 600B406A04D90F577FEA8A88D7379F08 ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
01:47:55.0359 6632 TurboBoost - ok
01:47:55.0390 6632 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
01:47:55.0390 6632 uagp35 - ok
01:47:55.0453 6632 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
01:47:55.0453 6632 udfs - ok
01:47:55.0515 6632 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
01:47:55.0515 6632 UI0Detect - ok
01:47:55.0546 6632 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
01:47:55.0546 6632 uliagpkx - ok
01:47:55.0578 6632 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
01:47:55.0578 6632 umbus - ok
01:47:55.0624 6632 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
01:47:55.0624 6632 UmPass - ok
01:47:55.0780 6632 [ 2C16648A12999AE69A9EBF41974B0BA2 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
01:47:55.0858 6632 UNS - ok
01:47:55.0905 6632 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
01:47:55.0905 6632 upnphost - ok
01:47:55.0952 6632 [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
01:47:55.0968 6632 USBAAPL64 - ok
01:47:56.0014 6632 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
01:47:56.0030 6632 usbccgp - ok
01:47:56.0077 6632 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
01:47:56.0077 6632 usbcir - ok
01:47:56.0108 6632 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
01:47:56.0108 6632 usbehci - ok
01:47:56.0139 6632 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
01:47:56.0139 6632 usbhub - ok
01:47:56.0186 6632 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
01:47:56.0186 6632 usbohci - ok
01:47:56.0217 6632 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
01:47:56.0217 6632 usbprint - ok
01:47:56.0280 6632 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
01:47:56.0280 6632 usbscan - ok
01:47:56.0311 6632 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
01:47:56.0342 6632 USBSTOR - ok
01:47:56.0389 6632 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
01:47:56.0389 6632 usbuhci - ok
01:47:56.0436 6632 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
01:47:56.0436 6632 usbvideo - ok
01:47:56.0482 6632 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
01:47:56.0482 6632 UxSms - ok
01:47:56.0498 6632 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
01:47:56.0498 6632 VaultSvc - ok
01:47:56.0529 6632 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
01:47:56.0529 6632 vdrvroot - ok
01:47:56.0607 6632 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
01:47:56.0607 6632 vds - ok
01:47:56.0639 6632 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
01:47:56.0639 6632 vga - ok
01:47:56.0671 6632 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
01:47:56.0671 6632 VgaSave - ok
01:47:56.0717 6632 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
01:47:56.0717 6632 vhdmp - ok
01:47:56.0764 6632 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
01:47:56.0764 6632 viaide - ok
01:47:56.0795 6632 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
01:47:56.0811 6632 volmgr - ok
01:47:56.0858 6632 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
01:47:56.0873 6632 volmgrx - ok
01:47:56.0951 6632 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
01:47:56.0951 6632 volsnap - ok
01:47:57.0029 6632 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
01:47:57.0029 6632 vsmraid - ok
01:47:57.0107 6632 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
01:47:57.0140 6632 VSS - ok
01:47:57.0186 6632 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
01:47:57.0186 6632 vwifibus - ok
01:47:57.0218 6632 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
01:47:57.0218 6632 vwififlt - ok
01:47:57.0233 6632 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
01:47:57.0249 6632 W32Time - ok
01:47:57.0280 6632 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
01:47:57.0280 6632 WacomPen - ok
01:47:57.0311 6632 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
01:47:57.0311 6632 WANARP - ok
01:47:57.0327 6632 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
01:47:57.0327 6632 Wanarpv6 - ok
01:47:57.0545 6632 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
01:47:57.0592 6632 WatAdminSvc - ok
01:47:57.0654 6632 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
01:47:57.0686 6632 wbengine - ok
01:47:57.0748 6632 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
01:47:57.0748 6632 WbioSrvc - ok
01:47:57.0779 6632 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
01:47:57.0795 6632 wcncsvc - ok
01:47:57.0826 6632 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
01:47:57.0826 6632 WcsPlugInService - ok
01:47:57.0873 6632 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
01:47:57.0873 6632 Wd - ok
01:47:57.0920 6632 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
01:47:57.0935 6632 Wdf01000 - ok
01:47:57.0982 6632 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
01:47:57.0982 6632 WdiServiceHost - ok
01:47:58.0013 6632 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
01:47:58.0013 6632 WdiSystemHost - ok
01:47:58.0044 6632 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
01:47:58.0060 6632 WebClient - ok
01:47:58.0091 6632 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
01:47:58.0091 6632 Wecsvc - ok
01:47:58.0122 6632 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
01:47:58.0138 6632 wercplsupport - ok
01:47:58.0169 6632 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
01:47:58.0169 6632 WerSvc - ok
01:47:58.0216 6632 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
01:47:58.0216 6632 WfpLwf - ok
01:47:58.0263 6632 [ 52DED146E4797E6CCF94799E8E22BB2A ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
01:47:58.0263 6632 WimFltr - ok
01:47:58.0294 6632 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
01:47:58.0294 6632 WIMMount - ok
01:47:58.0356 6632 WinDefend - ok
01:47:58.0388 6632 WinHttpAutoProxySvc - ok
01:47:58.0481 6632 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
01:47:58.0481 6632 Winmgmt - ok
01:47:58.0606 6632 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
01:47:58.0684 6632 WinRM - ok
01:47:58.0762 6632 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
01:47:58.0778 6632 WinUsb - ok
01:47:58.0824 6632 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
01:47:58.0856 6632 Wlansvc - ok
01:47:59.0012 6632 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
01:47:59.0090 6632 wlidsvc - ok
01:47:59.0121 6632 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
01:47:59.0121 6632 WmiAcpi - ok
01:47:59.0168 6632 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
01:47:59.0168 6632 wmiApSrv - ok
01:47:59.0199 6632 WMPNetworkSvc - ok
01:47:59.0230 6632 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
01:47:59.0230 6632 WPCSvc - ok
01:47:59.0261 6632 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
01:47:59.0261 6632 WPDBusEnum - ok
01:47:59.0308 6632 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
01:47:59.0308 6632 ws2ifsl - ok
01:47:59.0339 6632 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
01:47:59.0339 6632 wscsvc - ok
01:47:59.0386 6632 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
01:47:59.0402 6632 WSDPrintDevice - ok
01:47:59.0417 6632 WSearch - ok
01:47:59.0526 6632 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
01:47:59.0604 6632 wuauserv - ok
01:47:59.0620 6632 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
01:47:59.0636 6632 WudfPf - ok
01:47:59.0651 6632 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
01:47:59.0651 6632 WUDFRd - ok
01:47:59.0682 6632 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
01:47:59.0682 6632 wudfsvc - ok
01:47:59.0714 6632 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
01:47:59.0714 6632 WwanSvc - ok
01:47:59.0776 6632 ================ Scan global ===============================
01:47:59.0854 6632 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
01:47:59.0870 6632 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
01:47:59.0901 6632 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
01:47:59.0932 6632 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
01:47:59.0979 6632 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
01:47:59.0979 6632 [Global] - ok
01:47:59.0979 6632 ================ Scan MBR ==================================
01:47:59.0994 6632 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
01:48:00.0572 6632 \Device\Harddisk0\DR0 - ok
01:48:00.0572 6632 ================ Scan VBR ==================================
01:48:00.0572 6632 [ B64A48BFD40272B21C9532B283E55DD8 ] \Device\Harddisk0\DR0\Partition1
01:48:00.0587 6632 \Device\Harddisk0\DR0\Partition1 - ok
01:48:00.0603 6632 [ B421E736243C08A6186264EEBF9622A5 ] \Device\Harddisk0\DR0\Partition2
01:48:00.0618 6632 \Device\Harddisk0\DR0\Partition2 - ok
01:48:00.0618 6632 ============================================================
01:48:00.0618 6632 Scan finished
01:48:00.0618 6632 ============================================================
01:48:00.0634 0636 Detected object count: 0
01:48:00.0634 0636 Actual detected object count: 0

==================================================================================

aswMBR

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2012-12-01 01:53:14
-----------------------------
01:53:14.655 OS Version: Windows x64 6.1.7601 Service Pack 1
01:53:14.671 Number of processors: 4 586 0x2A07
01:53:14.671 ComputerName: XXX-PC UserName: XXX
01:53:15.950 Initialize success
01:55:51.261 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
01:55:51.277 Disk 0 Vendor: WDC_WD50 01.0 Size: 476940MB BusType: 3
01:55:51.292 Disk 0 MBR read successfully
01:55:51.292 Disk 0 MBR scan
01:55:51.292 Disk 0 Windows 7 default MBR code
01:55:51.308 Disk 0 Partition 1 00 1C Hidd FAT32 LBA MSDOS5.0 25600 MB offset 2048
01:55:51.308 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 190776 MB offset 52430848
01:55:51.324 Disk 0 Partition - 00 0F Extended LBA 260562 MB offset 443140096
01:55:51.355 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 260561 MB offset 443142144
01:55:51.370 Disk 0 scanning C:\Windows\system32\drivers
01:55:57.473 Service scanning
01:56:17.260 Modules scanning
01:56:17.275 Disk 0 trace - called modules:
01:56:17.307 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys
01:56:17.821 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80099f1060]
01:56:17.821 3 CLASSPNP.SYS[fffff88001b6843f] -> nt!IofCallDriver -> [0xfffffa8007ad3e40]
01:56:17.821 5 ACPI.sys[fffff88000d7a7a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0xfffffa8007ad4050]
01:56:17.837 Scan finished successfully

==================================================================================

ESET

C:\Users\XXX\Downloads\WinZip165(1).exe a variant of Win32/OpenInstall application cleaned by deleting - quarantined
C:\Users\XXX\Downloads\WinZip165(2).exe a variant of Win32/OpenInstall application cleaned by deleting - quarantined
C:\Users\XXX\Downloads\WinZip165.exe a variant of Win32/OpenInstall application cleaned by deleting - quarantined

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:22 AM

Posted 01 December 2012 - 07:36 AM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.

#5 topi

topi
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:10:22 PM

Posted 01 December 2012 - 11:23 AM

Malwarebytes

Scan type: Full scan (C:\|D:\|Q:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 363188
Time elapsed: 44 minute(s), 26 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 1
HKCR\SOFTWARE\Microsoft\Internet Explorer\SearchScopes|URL (Hijack.SearchPage) -> Bad: (http://findgala.com/?&uid=8020&q={searchTerms}) Good: (http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}) -> Quarantined and repaired successfully.

Folders Detected: 1
C:\Users\XXX\AppData\Roaming\Smart Anti-Malware Protection (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Files Detected: 3
C:\Users\XXX\Downloads\SmartDraw2010patch_Keygen_tonyweb\SmartDraw2010Keygen.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully.
C:\Users\XXX\AppData\Roaming\Smart Anti-Malware Protection\cookies.sqlite (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Users\XXX\AppData\Roaming\Smart Anti-Malware Protection\Instructions.ini (Trojan.FakeAlert) -> Quarantined and deleted successfully.

==================================================================================
mini toolbox

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

::1 localhost


==================================================================================
Farbar service scanner

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


==================================================================================
adware cleaner

***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Users\XXX\AppData\Local\Temp\Uninstall.exe
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\ProgramData\Partner
Folder Deleted : C:\Users\XXX\AppData\Local\Conduit
Folder Deleted : C:\Users\XXX\AppData\Local\Temp\avg@toolbar
Folder Deleted : C:\Users\XXX\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\XXX\AppData\Roaming\OpenCandy

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\IGearSettings
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2790392
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v16.0.2 (en-GB)

Profile name : default
File : C:\Users\XXX\AppData\Roaming\Mozilla\Firefox\Profiles\fspd5mx8.default\prefs.js

[OK] File is clean.

*************************


==================================================================================
Junkware removal tool


~~~ Services



~~~ Registry Values

Successfully deleted: [Registry Value] hkey_current_user\software\microsoft\internet explorer\toolbar\webbrowser\\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}
Successfully deleted: [Registry Value] hkey_current_user\software\microsoft\internet explorer\urlsearchhooks\\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:22 AM

Posted 01 December 2012 - 12:23 PM




Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here


Edited by narenxp, 12 March 2013 - 12:33 AM.


#7 topi

topi
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:10:22 PM

Posted 02 December 2012 - 04:47 AM

Mini toolbox

========================= Hosts content: =================================

# ::1 localhost


==========================================================================
RKILL

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\Windows\SysWOW64\ChgService.exe (PID: 1276) [WD-HEUR]
* C:\Windows\SysWOW64\ACEngSvr.exe (PID: 5036) [WD-HEUR]

2 proccesses terminated!

Checking Registry for malware related settings:

* Explorer Policy Removed: NoActiveDesktopChanges [HKLM]

Backup Registry file created at:
C:\Users\XXX\Desktop\rkill\rkill-12-02-2012-04-32-22.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
* HKLM\Software\Classes\.exe\shell found and deleted!


Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.


==========================================================================
autoruns

"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" ""
+ "rdpclip" "" "" "File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "AthBtTray" "Bluetooth Tray" "Atheros Commnucations" "c:\program files (x86)\bluetooth suite\athbttray.exe"
+ "AtherosBtStack" "Bluetooth Stack Server" "Atheros Commnucations" "c:\program files (x86)\bluetooth suite\btvstack.exe"
+ "HotKeysCmds" "hkcmd Module" "Intel Corporation" "c:\windows\system32\hkcmd.exe"
+ "IgfxTray" "igfxTray Module" "Intel Corporation" "c:\windows\system32\igfxtray.exe"
+ "IntelTBRunOnce" "" "" "c:\program files\intel\turboboost\runtbgadgetonce.vbs"
+ "MSC" "Microsoft Security Client User Interface" "Microsoft Corporation" "c:\program files\microsoft security client\msseces.exe"
+ "Persistence" "persistence Module" "Intel Corporation" "c:\windows\system32\igfxpers.exe"
+ "RtHDVBg" "HD Audio Background Process" "Realtek Semiconductor" "c:\program files\realtek\audio\hda\ravbg64.exe"
+ "SynTPEnh" "Synaptics TouchPad Enhancements" "Synaptics Incorporated" "c:\program files\synaptics\syntp\syntpenh.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "APSDaemon" "Apple Push" "Apple Inc." "c:\program files (x86)\common files\apple\apple application support\apsdaemon.exe"
+ "ASUSPRP" "ASUS Product Register Program" "ASUSTek Computer Inc." "c:\program files (x86)\asus\aprp\aprp.exe"
+ "ASUSWebStorage" "AsusWebStorage" "ecareme" "c:\program files (x86)\asus\asus webstorage\3.0.84.161\asuswspanel.exe"
+ "ATKMEDIA" "ATK Media" "ASUS" "c:\program files (x86)\asus\atk package\atk media\dmedia.exe"
+ "ATKOSD2" "ATKOSD2" "ASUS" "c:\program files (x86)\asus\atk package\atkosd2\atkosd2.exe"
+ "BCSSync" "Microsoft Office 2010 component" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\bcssync.exe"
+ "FLxHCIm" "Fresco Logic" "Windows ® Win 7 DDK provider" "c:\program files\fresco logic inc\fresco logic usb3.0 host controller\host\flxhcim.exe"
+ "HControlUser" "HControlUser" "ASUS" "c:\program files (x86)\asus\atk package\atk hotkey\hcontroluser.exe"
+ "iTunesHelper" "iTunesHelper" "Apple Inc." "c:\program files (x86)\itunes\ituneshelper.exe"
+ "RIMBBLaunchAgent.exe" "Launch Agent Service" "Research In Motion Limited" "c:\program files (x86)\common files\research in motion\usb drivers\rimbblaunchagent.exe"
+ "ROC_roc_ssl_v12" "" "" "File not found: C:\Program Files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files (x86)\common files\java\java update\jusched.exe"
+ "TkBellExe" "RealNetworks Scheduler" "RealNetworks, Inc." "c:\program files (x86)\real\realplayer\update\realsched.exe"
+ "USBChargerPlusTray" "USB Charger+" "ASUSTek Computer Inc." "c:\program files (x86)\asus\usbchargerplus\usbchargerplus.exe"
+ "Wireless Console 3" "Wireless Console 3" "" "c:\program files (x86)\asus\wireless console 3\wcourier.exe"
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "AsusVibeLauncher.lnk" "AsusVibe Application" "" "c:\program files (x86)\asus\asusvibe\asusvibelauncher.exe"
+ "FancyStart daemon.lnk" "" "" "c:\windows\installer\{c944b4c5-1c4d-4d95-8ac0-7cef13914131}\_77b5857c27147149171be7.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "DAEMON Tools Lite" "DAEMON Tools Lite" "DT Soft Ltd" "c:\program files (x86)\daemon tools lite\dtlite.exe"
+ "PPS Accelerator" "PPS 网络加速器" "PPStream Inc" "d:\pps.tv\ppstream\ppsap.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office14\msoxmlmf.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks" "" "" ""
+ "Groove GFS Stub Execution Hook" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks" "" "" ""
+ "Groove GFS Stub Execution Hook" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "Atheros" "Bluetooth Application Extension" "Atheros Commnucations" "c:\program files (x86)\bluetooth suite\btvappext.dll"
+ "DataSanitizerShellExtObj" "TODO: <File description>" "TODO: <Company name>" "c:\program files (x86)\common files\asus\secure delete\asus secure delete shellext.dll"
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll"
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing, S.L." "c:\program files\winzip\wzshls64.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing, S.L." "c:\program files\winzip\wzshlstb.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "FTShellContext" "ShellContextExt Module" "Atheros Commnucations" "c:\program files (x86)\bluetooth suite\shellcontextext.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "DataSanitizerShellExtObj" "TODO: <File description>" "TODO: <Company name>" "c:\program files (x86)\common files\asus\secure delete\asus secure delete shellext.dll"
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll"
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing, S.L." "c:\program files\winzip\wzshls64.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing, S.L." "c:\program files\winzip\wzshlstb.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing, S.L." "c:\program files\winzip\wzshls64.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing, S.L." "c:\program files\winzip\wzshlstb.dll"
"HKLM\Software\Classes\Directory\Shellex\CopyHookHandlers" "" "" ""
+ "Ath_CopyHook" "AthCopyHook Dynamic Link Library" "Atheros Commnucations" "c:\program files (x86)\bluetooth suite\athcopyhook.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
+ "igfxcui" "igfxpph Module" "Intel Corporation" "c:\windows\system32\igfxpph.dll"
+ "NvCplDesktopContext" "" "NVIDIA Corporation" "c:\windows\system32\nvshext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing, S.L." "c:\program files\winzip\wzshls64.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing, S.L." "c:\program files\winzip\wzshlstb.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing, S.L." "c:\program files\winzip\wzshls64.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing, S.L." "c:\program files\winzip\wzshlstb.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "AsusWSShellExt_B" "AsusWSShellExt64" "eCareme Technologies, Inc." "c:\program files (x86)\asus\asus webstorage\3.0.84.161\asuswsshellext64.dll"
+ "AsusWSShellExt_O" "AsusWSShellExt64" "eCareme Technologies, Inc." "c:\program files (x86)\asus\asus webstorage\3.0.84.161\asuswsshellext64.dll"
+ "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2 (GFS Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 3 (GFS Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2 (GFS Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 3 (GFS Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Groove GFS Browser Helper" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files\microsoft office\office14\urlredir.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "CIESpeechBHO Class" "Bluetooth IE PlugIn" "Atheros Commnucations" "c:\program files (x86)\bluetooth suite\ieplugin.dll"
+ "Groove GFS Browser Helper" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\oracle\javafx 2.1 runtime\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\oracle\javafx 2.1 runtime\bin\ssv.dll"
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\urlredir.dll"
+ "RealPlayer Download and Record Plugin for Internet Explorer" "RealPlayer Download and Record Plugin" "RealPlayer" "c:\programdata\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "OneNote Lin&ked Notes" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office14\onbttnielinkednotes.dll"
+ "Se&nd to OneNote" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office14\onbttnie.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "OneNote Lin&ked Notes" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\onbttnielinkednotes.dll"
+ "Se&nd to OneNote" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\onbttnie.dll"
+ "Send by Bluetooth to" "Bluetooth IE PlugIn" "Atheros Commnucations" "c:\program files (x86)\bluetooth suite\ieplugin.dll"
"Task Scheduler" "" "" ""
+ "\ACMON" "ACMON " "ASUS" "c:\program files (x86)\asus\splendid\acmon.exe"
+ "\Adobe online update program" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe"
+ "\AIRecoveryRemind" "AIRecoveryRemind" "ASUSTek Computer Inc." "c:\program files (x86)\asus\ai recovery\airecoveryremind.exe"
+ "\ASUS Live Update" "ALU" "" "c:\program files (x86)\asus\asus live update\alu.exe"
+ "\ASUS P4G" "Power4Gear Hybrid" "ASUS" "c:\program files\p4g\batterylife.exe"
+ "\ASUS Patch 10430001" "ASUS Patch 10430001" "" "c:\windows\aspatch10430001.exe"
+ "\ASUS Secure Delete" "" "" "c:\program files\asus\asus secure delete\addel.exe"
+ "\ASUS SmartLogon Console Sensor" "SmartLogon Application" "ASUS" "c:\program files (x86)\asus\smartlogon\sensorsrv.exe"
+ "\ATKOSD2" "ATKOSD2" "ASUS" "c:\program files (x86)\asus\atk package\atkosd2\atkosd2.exe"
+ "\GoogleUpdateTaskMachineCore" "Google Installer" "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskMachineUA" "Google Installer" "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\microsoft security client\mpcmdrun.exe"
+ "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task" "Windows Live Social Object Extractor Engine" "Microsoft Corporation" "c:\program files (x86)\windows live\soxe\wlsoxe.dll"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
+ "\RealUpgradeLogonTaskS-1-5-21-4164705912-2342674598-2499158641-1001" "RealUpgrade Launcher" "RealNetworks, Inc." "c:\program files (x86)\real\realupgrade\realupgrade.exe"
+ "\RealUpgradeScheduledTaskS-1-5-21-4164705912-2342674598-2499158641-1001" "RealUpgrade Launcher" "RealNetworks, Inc." "c:\program files (x86)\real\realupgrade\realupgrade.exe"
+ "\SidebarExecute" "Windows Desktop Gadgets" "Microsoft Corporation" "c:\program files\windows sidebar\sidebar.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AdobeARMservice" "Adobe Acrobat Updater keeps your Adobe software up to date." "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe"
+ "AFBAgent" "ASUS FastBoot" "ASUSTeK Computer Inc." "c:\windows\system32\fbagent.exe"
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files (x86)\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "ASLDRService" "ASLDR Service" "ASUS" "c:\program files (x86)\asus\atk package\atk hotkey\asldrsrv.exe"
+ "Atheros Bt&Wlan Coex Agent" "Co-existence Coordinator Service between 11a/b/g/n Wireless LAN and Bluetooth." "Atheros" "c:\program files (x86)\bluetooth suite\ath_coexagent.exe"
+ "AtherosSvc" "Atheros BT Stack Service Agent" "Atheros Commnucations" "c:\program files (x86)\bluetooth suite\adminservice.exe"
+ "ATKGFNEXSrv" "GFNEXSrv" "ASUS" "c:\program files (x86)\asus\atk package\atkgfnex\gfnexsrv.exe"
+ "Bonjour Service" "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence." "Apple Inc." "c:\program files\bonjour\mdnsresponder.exe"
+ "Change Modem Device Service" "" "" "c:\windows\syswow64\chgservice.exe"
+ "cvhsvc" "Client Virtualization Handler Service (unlocalized description)" "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\virtualization handler\cvhsvc.exe"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "HPSLPSVC" "Discovers and monitors the state and the configuration of the HP devices attached to your network. If the service is stopped, and your network devices change IP addresses, they might become unavailable" "Hewlett-Packard Co." "c:\program files (x86)\hp\digital imaging\bin\hpslpsvc64.dll"
+ "iPod Service" "iPod hardware management services" "Apple Inc." "c:\program files\ipod\bin\ipodservice.exe"
+ "LMS" "Allows applications to access the local Intel® Management and Security Application using its locally-available selected network interfaces." "Intel Corporation" "c:\program files (x86)\intel\intel® management engine components\lms\lms.exe"
+ "MBAMScheduler" "Malwarebytes Anti-Malware scheduler" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamscheduler.exe"
+ "MBAMService" "Malwarebytes Anti-Malware service" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamservice.exe"
+ "Microsoft SharePoint Workspace Audit Service" "Microsoft SharePoint Workspace" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\groove.exe"
+ "MozillaMaintenance" "The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled." "Mozilla Foundation" "c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe"
+ "MsMpSvc" "Helps protect users from malware and other potentially unwanted software" "Microsoft Corporation" "c:\program files\microsoft security client\msmpeng.exe"
+ "MyEpson Portal Service" "MyEpson Portal Service" "SEIKO EPSON CORPORATION" "c:\program files (x86)\epson\myepson portal\mepservice.exe"
+ "Net Driver HPZ12" "Dot4Net Module" "Hewlett-Packard" "c:\windows\system32\hpzinw12.dll"
+ "NisSrv" "Helps guard against intrusion attempts targeting known and newly discovered vulnerabilities in network protocols" "Microsoft Corporation" "c:\program files\microsoft security client\nissrv.exe"
+ "NitroReaderDriverReadSpool2" "Nitro Reader Driver Read Spool 2" "Nitro PDF Software" "c:\program files\common files\nitro pdf\reader\2.0\nitropdfreaderdriverservice2x64.exe"
+ "NVSvc" "NVIDIA Driver Helper Service, Version 267.54" "NVIDIA Corporation" "c:\windows\system32\nvvsvc.exe"
+ "nvUpdatusService" "NVIDIA Settings Update Manager service, used to check new updates from NVIDIA server." "NVIDIA Corporation" "c:\program files (x86)\nvidia corporation\nvidia updatus\daemonu.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"
+ "osppsvc" "Office Software Protection Platform Service (unlocalized description)" "Microsoft Corporation" "c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe"
+ "Pml Driver HPZ12" "PmlDrv Module" "Hewlett-Packard" "c:\windows\system32\hpzipm12.dll"
+ "sftlist" "Streams and manages applications." "Microsoft Corporation" "c:\program files (x86)\microsoft application virtualization client\sftlist.exe"
+ "sftvsa" "Monitors global service events and launches virtual services." "Microsoft Corporation" "c:\program files (x86)\microsoft application virtualization client\sftvsa.exe"
+ "SkypeUpdate" "Enables the detection, download and installation of updates for Skype." "Skype Technologies" "c:\program files (x86)\skype\updater\updater.exe"
+ "TeamViewer7" "TeamViewer Remote Software" "TeamViewer GmbH" "c:\program files (x86)\teamviewer\version7\teamviewer_service.exe"
+ "TurboBoost" "Intel® Turbo Boost Technology Monitor 2.0" "Intel® Corporation" "c:\program files\intel\turboboost\turboboost.exe"
+ "UNS" "Intel® Management and Security Application User Notification Service - Updates the Windows Event Log with notifications of pre defined events received from the local Intel® Management and Security Application Device." "Intel Corporation" "c:\program files (x86)\intel\intel® management engine components\uns\uns.exe"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "wlidsvc" "Enables Windows Live ID authentication." "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "AiCharger" "ASUS Charger driver" "ASUSTek Computer Inc." "c:\windows\system32\drivers\aicharger.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "AmUStor" "" "" "File not found: system32\drivers\AmUStor.SYS"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "ASMMAP64" "Memory mapping Driver" "ASUS" "c:\program files (x86)\asus\atk package\atkgfnex\asmmap64.sys"
+ "assd" "ASUS Image Toolkit Disk Monitor Driver" "ASUS Corporation" "c:\windows\system32\drivers\assd.sys"
+ "AthBTPort" "Atheros FILTER driver" "Atheros" "c:\windows\system32\drivers\btath_flt.sys"
+ "athr" "Atheros Extensible Wireless LAN device driver" "Atheros Communications, Inc." "c:\windows\system32\drivers\athrx.sys"
+ "ATKWMIACPIIO" "ATK WMIACPI Utility" "ASUS" "c:\program files (x86)\asus\atk package\atk wmiacpi\atkwmiacpi64.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "BTATH_A2DP" "Atheros A2DP driver" "Atheros" "c:\windows\system32\drivers\btath_a2dp.sys"
+ "BTATH_BUS" "Atheros BUS driver" "Atheros" "c:\windows\system32\drivers\btath_bus.sys"
+ "BTATH_HCRP" "Atheros HCRP driver" "Atheros" "c:\windows\system32\drivers\btath_hcrp.sys"
+ "BTATH_LWFLT" "Atheros FILTER driver" "Atheros" "c:\windows\system32\drivers\btath_lwflt.sys"
+ "BTATH_RCP" "Atheros AVRCP driver" "Atheros" "c:\windows\system32\drivers\btath_rcp.sys"
+ "BtFilter" "BtFilter Driver" "Atheros" "c:\windows\system32\drivers\btfilter.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "cmnsusbser" "USB Modem/Serial Device Driver" "QUALCOMM Incorporated" "c:\windows\system32\drivers\cmnsusbser.sys"
+ "dtsoftbus01" "DAEMON Tools Virtual Bus Driver" "DT Soft Ltd" "c:\windows\system32\drivers\dtsoftbus01.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "FLxHCIc" "xHCI Bus Driver" "Fresco Logic" "c:\windows\system32\drivers\flxhcic.sys"
+ "FLxHCIh" "xHCI Hub Driver" "Fresco Logic" "c:\windows\system32\drivers\flxhcih.sys"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "hamachi" "Hamachi Virtual Network Interface Driver" "LogMeIn, Inc." "c:\windows\system32\drivers\hamachi.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStor" "Intel Rapid Storage Technology driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastor.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "igfx" "Intel Graphics Kernel Mode Driver" "Intel Corporation" "c:\windows\system32\drivers\igdkmd64.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "IntcAzAudAddService" "Realtek® High Definition Audio Function Driver" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtkvhd64.sys"
+ "IntcDAud" "Intel® Display Audio Driver" "Intel® Corporation" "c:\windows\system32\drivers\intcdaud.sys"
+ "kbfiltr" "Keyboard Filter Driver" " " "c:\windows\system32\drivers\kbfiltr.sys"
+ "L1C" "Atheros L1c PCI-E Gigabit Ethernet Controller" "Atheros Communications, Inc." "c:\windows\system32\drivers\l1c62x64.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "MBAMProtector" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\windows\system32\drivers\mbam.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "MEIx64" "Intel® Management Engine Interface" "Intel Corporation" "c:\windows\system32\drivers\hecix64.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "nvlddmkm" "NVIDIA Windows Kernel Mode Driver, Version 267.54 " "NVIDIA Corporation" "c:\windows\system32\drivers\nvlddmkm.sys"
+ "nvpciflt" "NVIDIA Windows Kernel Mode Driver, Version 267.54 " "NVIDIA Corporation" "c:\windows\system32\drivers\nvpciflt.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "RimUsb" "BlackBerry Device Driver" "Research In Motion Limited" "c:\windows\system32\drivers\rimusb_amd64.sys"
+ "RimVSerPort" "RIM Virtual Serial Driver" "Research in Motion Ltd" "c:\windows\system32\drivers\rimserial_amd64.sys"
+ "SBRE" "" "" "File not found: C:\Windows\system32\drivers\SBREdrv.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SiSGbeLH" "NDIS 6.0 Miniport Driver for SiS191/SiS190 Ethernet Device" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisg664.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "SNP2UVC" "UVC Camera Streaming Driver" "Sonix Technology Co., Ltd." "c:\windows\system32\drivers\snp2uvc.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "SynTP" "Synaptics Touchpad Driver" "Synaptics Incorporated" "c:\windows\system32\drivers\syntp.sys"
+ "TurboB" "Turbo Boost UI Monitor driver" "Intel® Corporation" "c:\windows\system32\drivers\turbob.sys"
+ "USBAAPL64" "Apple Mobile Device USB Driver" "Apple, Inc." "c:\windows\system32\drivers\usbaapl64.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "ASUS Color Preview Filter" "ASUS Color Preview Filter" "ASUSTek" "c:\program files (x86)\asus\splendid\rgbtran.ax"
+ "Color Convert" "ASUS Color Preview Filter" "ASUSTek" "c:\program files (x86)\asus\splendid\rgbtran.ax"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "ASUS SplitVCam Pump" "" "" "c:\program files (x86)\asus\virtualcamera\virtualcamera.ax"
+ "ASUS SplitVCam Relayer" "" "" "c:\program files (x86)\asus\virtualcamera\virtualcamera.ax"
+ "ASUS SplitVCam Renderer" "" "" "c:\program files (x86)\asus\virtualcamera\splitvcamrenderer.ax"
+ "ASUS Virtual Camera" "" "" "c:\program files (x86)\asus\virtualcamera\virtualcamera.ax"
+ "Capture File Writer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "Gargle" "Gargle Filter (Sample)" "Microsoft Corporation" "c:\program files (x86)\asus\asus lifeframe3\lifeframeaudio.ax"
+ "LifeFrame Image Effects" "Camera Filter" "ASUS" "c:\program files (x86)\asus\asus lifeframe3\camera_effect.ax"
+ "Logon Effects" "SmartLogon Filter" "ASUS" "c:\program files (x86)\asus\smartlogon\face_filter.ax"
+ "MainConcept AAC Decoder" "AAC audio decoder filter" "MainConcept GmbH" "c:\program files (x86)\research in motion\blackberry desktop\codecs\mc_dec_aac_ds.ax"
+ "MainConcept AMR Decoder" "AMR Decoder DirectShow Filter" "MainConcept GmbH" "c:\program files (x86)\research in motion\blackberry desktop\codecs\mc_dec_amr_ds.ax"
+ "MainConcept Audio Converter" "Audio Converter DirectShow Filter" "MainConcept GmbH" "c:\program files (x86)\research in motion\blackberry desktop\codecs\mc_trans_audio_converter_ds.ax"
+ "MainConcept Audio Resampler" "Audio Resampler Direct Show Filter" "MainConcept GmbH" "c:\program files (x86)\research in motion\blackberry desktop\codecs\mc_trans_audio_samplerate_ds.ax"
+ "MainConcept AVC/H.264 Video Decoder" "AVC/H.264 Decoder DirectShow Filter" "MainConcept GmbH" "c:\program files (x86)\research in motion\blackberry desktop\codecs\mc_dec_avc_ds.ax"
+ "MainConcept Color Space Converter" "Color Space Converter DirectShow Filter" "MainConcept GmbH" "c:\program files (x86)\research in motion\blackberry desktop\codecs\mc_trans_video_colorspace_ds.ax"
+ "MainConcept Frame Rate Converter" "Frame Rate Converter DS Filter" "MainConcept GmbH" "c:\program files (x86)\research in motion\blackberry desktop\codecs\mc_trans_video_framerate_ds.ax"
+ "MainConcept ImageScaler" "ImageScaler DS Filter" "MainConcept GmbH" "c:\program files (x86)\research in motion\blackberry desktop\codecs\mc_trans_video_imagescaler_ds.ax"
+ "MainConcept Layer II Audio Decoder" "Layer II Audio Decoder" "MainConcept GmbH" "c:\program files (x86)\research in motion\blackberry desktop\codecs\mc_dec_mpa_ds.ax"
+ "MainConcept MP4 Demultiplexer" "MP4 Demultiplexer Direct Show Filter" "MainConcept GmbH" "c:\program files (x86)\research in motion\blackberry desktop\codecs\mc_demux_mp4_ds.ax"
+ "MainConcept MPEG Demultiplexer" "MPEG-1/2 Demultiplexer" "MainConcept GmbH" "c:\program files (x86)\research in motion\blackberry desktop\codecs\mc_demux_mp2_ds.ax"
+ "MainConcept MPEG-2 Video Decoder" "MPEG-2 Video Decoder" "MainConcept GmbH" "c:\program files (x86)\research in motion\blackberry desktop\codecs\mc_dec_mp2v_ds.ax"
+ "MainConcept MPEG-4 Video Decoder" "MPEG-4 Video Decoder Direct Show Filter" "MainConcept GmbH" "c:\program files (x86)\research in motion\blackberry desktop\codecs\mc_dec_mp4v_ds.ax"
+ "MainConcept Sink Filter" "Sink DS Filter" "MainConcept GmbH" "c:\program files (x86)\research in motion\blackberry desktop\codecs\mc_render_fileindex_ds.ax"
+ "MainConcept Stream Parser" "MPEG-1/2 Demultiplexer" "MainConcept GmbH" "c:\program files (x86)\research in motion\blackberry desktop\codecs\mc_demux_mp2_ds.ax"
+ "MotionDetect" "" "" "c:\program files (x86)\asus\asus lifeframe3\motiondetect.ax"
+ "RealPlayer Audio Filter" "Audio Filter Plugin" "RealNetworks, Inc." "c:\program files (x86)\real\realplayer\rdsf3260.dll"
+ "RealPlayer Transcode Filter" "Audio Filter Plugin" "RealNetworks, Inc." "c:\program files (x86)\real\realplayer\rdsf3260.dll"
+ "RealPlayer Video Filter" "Audio Filter Plugin" "RealNetworks, Inc." "c:\program files (x86)\real\realplayer\rdsf3260.dll"
+ "Record Queue" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WM VIH2 Fix" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT DV Extract Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Appinit_Dlls" "" "" ""
+ "C:\Windows\system32\nvinitx.dll" "NVIDIA Compatible NVIDIA shim initialization dll, Version 267.54 " "NVIDIA Corporation" "c:\windows\system32\nvinitx.dll"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Windows\Appinit_Dlls" "" "" ""
+ "C:\Windows\SysWOW64\nvinit.dll" "NVIDIA Compatible NVIDIA shim initialization dll, Version 267.54 " "NVIDIA Corporation" "c:\windows\syswow64\nvinit.dll"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" "" "" ""
+ "FaceCredentialProvider64" "SmartLogon Dynamic Link Library" "ASUS" "c:\program files (x86)\asus\smartlogon\system\facecredentialprovider64.dll"
+ "WLIDCredentialProvider" "Microsoft® Windows Live ID Credential Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "igfxcui" "igfxdev Module" "Intel Corporation" "c:\windows\system32\igfxdev.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files (x86)\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "EPSON L200 Series 64MonitorBP" "EPSON Bi-directional Monitor AMD64" "SEIKO EPSON CORPORATION" "c:\windows\system32\e_ilmgup.dll"
+ "hpf3l101.dll" "LanguageMonitor" "Hewlett-Packard Company" "c:\windows\system32\hpf3l101.dll"
+ "LIDIL hpfllw73" "LanguageMonitor" "Hewlett-Packard Company" "c:\windows\system32\hpfllw73.dll"
+ "Nitro PDF Port Monitor" "Windows NT Nitro Print PDF Interface Driver" "Nitro PDF Software" "c:\windows\system32\nitrolocalmon2.dll"
+ "PrimoMon" "" "" "c:\windows\system32\primomonnt.dll"

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:22 AM

Posted 02 December 2012 - 11:14 AM

That looks good

Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

XP- http://support.microsoft.com/kb/310405

Vista & windows 7- http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing :)

#9 topi

topi
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:10:22 PM

Posted 02 December 2012 - 09:55 PM

Thanks so much for your help!! Greatly appreciate it! :)

One question, for the restore point, do I need to turn it off and then on (restore) it again?

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:22 AM

Posted 03 December 2012 - 01:34 AM

Yep :)

#11 topi

topi
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:10:22 PM

Posted 03 December 2012 - 09:29 AM

Great!! Thanks!! :thumbup2:




1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users