Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Problems at startup


  • Please log in to reply
14 replies to this topic

#1 hobo698

hobo698

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:11:36 PM

Posted 07 January 2013 - 07:35 AM

Mod edit: Moved from W7 to Am I Infected~~ boopme

Hello

I am running windows 7 with F-secure.
I've recently installed Spybot2
Every time I restart, defender comes up and tells me the service has stopped.
It is not listed in services and if I try to start it from defender I get an error "the specified service does not exist as an installed service (error code 0x80070424)

Also, start-up is very slow, especially Outlook but usually firefox gives me the same 'not responding' crap for a few minutes as well.
NVIDIA rotation settings are now showing up in the toolbar as well as a new icon I've never seen before and I can't do anything with it. (it looks like a monitor with a circle and line through it.

Anyway, that's the gist of it.
If anyone can help, let me know.
It will be greatly appreciated.
Thanks in advance.
Cheers,
Hobo

Edited by boopme, 11 January 2013 - 12:58 PM.


BC AdBot (Login to Remove)

 


#2 hobo698

hobo698
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:11:36 PM

Posted 11 January 2013 - 04:52 AM

Since I originally posted I had a page pop up while downloading.
It was the Police Cybercrime Inv. Dept virus.
It locked my computer completely so I shut off the wireless connection, restarted in safe mode and shut the virus off in start up.
Then I ran spybot and it found and deleted a lot of it.
I went then rebooted and went online to find whatever registry items I could to delete.
The computer works now but still has the same issues as before and I am finding new temp files and a few others that can't be deleted.
I don't dare screw around with the registry any more so I guess I'll leave it alone and wait for a reply from someone that knows how to clean it properly.
Thanks again
Cheers.

#3 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:36 PM

Posted 11 January 2013 - 12:05 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#4 hobo698

hobo698
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:11:36 PM

Posted 11 January 2013 - 09:35 PM

Thanks for your reply!

I can't find where to attach the TDS log file so I'll post the contents.

aswMBR will not download for me so I tried 'click here' and got a blank page here...
http://public.avast.com/~gmerek/aswMBR.exe

I tried allowing the page to load after firefox blocked the popup and there was no avast download there that I could find. I tried going to their site to download it as well and got the same thing.
Any suggestions?

19:51:44.0744 2476 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
19:51:45.0618 2476 ============================================================
19:51:45.0618 2476 Current date / time: 2013/01/11 19:51:45.0618
19:51:45.0618 2476 SystemInfo:
19:51:45.0618 2476
19:51:45.0618 2476 OS Version: 6.1.7601 ServicePack: 1.0
19:51:45.0618 2476 Product type: Workstation
19:51:45.0618 2476 ComputerName: HARTLEY-PC
19:51:45.0618 2476 UserName: Hartley
19:51:45.0618 2476 Windows directory: C:\Windows
19:51:45.0618 2476 System windows directory: C:\Windows
19:51:45.0618 2476 Processor architecture: Intel x86
19:51:45.0618 2476 Number of processors: 2
19:51:45.0618 2476 Page size: 0x1000
19:51:45.0618 2476 Boot type: Normal boot
19:51:45.0618 2476 ============================================================
19:51:47.0584 2476 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
19:51:47.0584 2476 ============================================================
19:51:47.0584 2476 \Device\Harddisk0\DR0:
19:51:47.0584 2476 MBR partitions:
19:51:47.0584 2476 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
19:51:47.0584 2476 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x129E6800
19:51:47.0584 2476 ============================================================
19:51:47.0662 2476 C: <-> \Device\Harddisk0\DR0\Partition2
19:51:47.0740 2476 ============================================================
19:51:47.0740 2476 Initialize success
19:51:47.0740 2476 ============================================================
19:52:16.0256 5348 ============================================================
19:52:16.0256 5348 Scan started
19:52:16.0256 5348 Mode: Manual; TDLFS;
19:52:16.0256 5348 ============================================================
19:52:17.0239 5348 ================ Scan system memory ========================
19:52:17.0239 5348 System memory - ok
19:52:17.0239 5348 ================ Scan services =============================
19:52:17.0520 5348 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
19:52:17.0520 5348 1394ohci - ok
19:52:17.0582 5348 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
19:52:17.0598 5348 ACPI - ok
19:52:17.0660 5348 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
19:52:17.0660 5348 AcpiPmi - ok
19:52:17.0863 5348 [ 62B7936F9036DD6ED36E6A7EFA805DC0 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
19:52:17.0863 5348 AdobeARMservice - ok
19:52:17.0972 5348 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
19:52:17.0988 5348 AdobeFlashPlayerUpdateSvc - ok
19:52:18.0066 5348 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
19:52:18.0066 5348 adp94xx - ok
19:52:18.0097 5348 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
19:52:18.0097 5348 adpahci - ok
19:52:18.0128 5348 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
19:52:18.0128 5348 adpu320 - ok
19:52:18.0191 5348 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:52:18.0191 5348 AeLookupSvc - ok
19:52:18.0269 5348 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
19:52:18.0284 5348 AFD - ok
19:52:18.0394 5348 [ 7E10E3BB9B258AD8A9300F91214D67B9 ] AgereSoftModem C:\Windows\system32\DRIVERS\AGRSM.sys
19:52:18.0409 5348 AgereSoftModem - ok
19:52:18.0456 5348 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
19:52:18.0472 5348 agp440 - ok
19:52:18.0550 5348 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
19:52:18.0550 5348 aic78xx - ok
19:52:18.0628 5348 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
19:52:18.0628 5348 ALG - ok
19:52:18.0643 5348 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
19:52:18.0643 5348 aliide - ok
19:52:18.0674 5348 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
19:52:18.0674 5348 amdagp - ok
19:52:18.0690 5348 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
19:52:18.0690 5348 amdide - ok
19:52:18.0768 5348 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
19:52:18.0784 5348 AmdK8 - ok
19:52:18.0799 5348 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
19:52:18.0799 5348 AmdPPM - ok
19:52:18.0862 5348 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
19:52:18.0877 5348 amdsata - ok
19:52:18.0955 5348 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
19:52:18.0955 5348 amdsbs - ok
19:52:18.0971 5348 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
19:52:18.0986 5348 amdxata - ok
19:52:19.0064 5348 [ C6A45FEE274FB31DAF3DE1E12D53A191 ] AnyDVD C:\Windows\system32\Drivers\AnyDVD.sys
19:52:19.0064 5348 AnyDVD - ok
19:52:19.0111 5348 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
19:52:19.0111 5348 AppID - ok
19:52:19.0189 5348 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
19:52:19.0205 5348 AppIDSvc - ok
19:52:19.0252 5348 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
19:52:19.0252 5348 Appinfo - ok
19:52:19.0330 5348 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
19:52:19.0330 5348 AppMgmt - ok
19:52:19.0392 5348 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
19:52:19.0392 5348 arc - ok
19:52:19.0408 5348 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
19:52:19.0408 5348 arcsas - ok
19:52:19.0454 5348 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:52:19.0454 5348 AsyncMac - ok
19:52:19.0501 5348 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
19:52:19.0501 5348 atapi - ok
19:52:19.0579 5348 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:52:19.0595 5348 AudioEndpointBuilder - ok
19:52:19.0610 5348 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
19:52:19.0626 5348 Audiosrv - ok
19:52:19.0673 5348 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
19:52:19.0673 5348 AxInstSV - ok
19:52:19.0751 5348 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
19:52:19.0766 5348 b06bdrv - ok
19:52:19.0829 5348 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
19:52:19.0844 5348 b57nd60x - ok
19:52:19.0938 5348 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
19:52:19.0938 5348 BDESVC - ok
19:52:19.0969 5348 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
19:52:19.0969 5348 Beep - ok
19:52:20.0063 5348 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
19:52:20.0063 5348 BFE - ok
19:52:20.0141 5348 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll
19:52:20.0156 5348 BITS - ok
19:52:20.0172 5348 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
19:52:20.0172 5348 blbdrive - ok
19:52:20.0234 5348 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:52:20.0234 5348 bowser - ok
19:52:20.0281 5348 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:52:20.0281 5348 BrFiltLo - ok
19:52:20.0312 5348 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:52:20.0312 5348 BrFiltUp - ok
19:52:20.0375 5348 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
19:52:20.0375 5348 Browser - ok
19:52:20.0422 5348 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
19:52:20.0422 5348 Brserid - ok
19:52:20.0453 5348 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
19:52:20.0453 5348 BrSerWdm - ok
19:52:20.0468 5348 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
19:52:20.0484 5348 BrUsbMdm - ok
19:52:20.0500 5348 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
19:52:20.0500 5348 BrUsbSer - ok
19:52:20.0515 5348 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
19:52:20.0515 5348 BTHMODEM - ok
19:52:20.0593 5348 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
19:52:20.0593 5348 bthserv - ok
19:52:20.0640 5348 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:52:20.0656 5348 cdfs - ok
19:52:20.0734 5348 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\drivers\cdrom.sys
19:52:20.0734 5348 cdrom - ok
19:52:20.0796 5348 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
19:52:20.0905 5348 CertPropSvc - ok
19:52:21.0061 5348 [ 3CB0CC8879956C187E87E18634EE5164 ] CFSvcs C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
19:52:21.0061 5348 CFSvcs - ok
19:52:21.0124 5348 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
19:52:21.0139 5348 circlass - ok
19:52:21.0186 5348 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
19:52:21.0186 5348 CLFS - ok
19:52:21.0311 5348 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:52:21.0311 5348 clr_optimization_v2.0.50727_32 - ok
19:52:21.0420 5348 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:52:21.0420 5348 clr_optimization_v4.0.30319_32 - ok
19:52:21.0451 5348 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
19:52:21.0451 5348 CmBatt - ok
19:52:21.0482 5348 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
19:52:21.0482 5348 cmdide - ok
19:52:21.0529 5348 [ 42F158036BD4C2FF3122BF142E60E6FD ] CNG C:\Windows\system32\Drivers\cng.sys
19:52:21.0545 5348 CNG - ok
19:52:21.0607 5348 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
19:52:21.0623 5348 Compbatt - ok
19:52:21.0685 5348 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
19:52:21.0701 5348 CompositeBus - ok
19:52:21.0716 5348 COMSysApp - ok
19:52:21.0748 5348 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
19:52:21.0748 5348 crcdisk - ok
19:52:21.0810 5348 [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:52:21.0810 5348 CryptSvc - ok
19:52:21.0857 5348 [ 15F93B37F6801943360D9EB42485D5D3 ] CscService C:\Windows\System32\cscsvc.dll
19:52:21.0872 5348 CscService - ok
19:52:21.0935 5348 [ 94010220445F181ADE8E7CA9C3A98BF4 ] dc3d C:\Windows\system32\DRIVERS\dc3d.sys
19:52:22.0106 5348 dc3d - ok
19:52:22.0153 5348 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
19:52:22.0169 5348 DcomLaunch - ok
19:52:22.0231 5348 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
19:52:22.0247 5348 defragsvc - ok
19:52:22.0309 5348 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:52:22.0309 5348 DfsC - ok
19:52:22.0387 5348 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
19:52:22.0403 5348 Dhcp - ok
19:52:22.0465 5348 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
19:52:22.0465 5348 discache - ok
19:52:22.0496 5348 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
19:52:22.0496 5348 Disk - ok
19:52:22.0543 5348 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:52:22.0543 5348 Dnscache - ok
19:52:22.0606 5348 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
19:52:22.0621 5348 dot3svc - ok
19:52:22.0668 5348 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
19:52:22.0668 5348 DPS - ok
19:52:22.0715 5348 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:52:22.0715 5348 drmkaud - ok
19:52:22.0793 5348 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:52:22.0824 5348 DXGKrnl - ok
19:52:22.0886 5348 [ 20DE769B84960606D8DBB2AEC123021A ] E100B C:\Windows\system32\DRIVERS\e100b325.sys
19:52:22.0886 5348 E100B - ok
19:52:22.0964 5348 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
19:52:22.0964 5348 EapHost - ok
19:52:23.0136 5348 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
19:52:23.0245 5348 ebdrv - ok
19:52:23.0308 5348 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
19:52:23.0308 5348 EFS - ok
19:52:23.0417 5348 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
19:52:23.0432 5348 ehRecvr - ok
19:52:23.0495 5348 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
19:52:23.0495 5348 ehSched - ok
19:52:23.0542 5348 [ 309AC30471A0F1C3A89DEE1C81230576 ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys
19:52:23.0542 5348 ElbyCDIO - ok
19:52:23.0651 5348 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
19:52:23.0651 5348 elxstor - ok
19:52:23.0666 5348 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
19:52:23.0682 5348 ErrDev - ok
19:52:23.0744 5348 esgiguard - ok
19:52:23.0791 5348 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
19:52:23.0807 5348 EventSystem - ok
19:52:23.0916 5348 [ 6A197698A141FFE7651B962AE3172008 ] EvtEng C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
19:52:23.0916 5348 EvtEng - ok
19:52:23.0947 5348 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
19:52:23.0947 5348 exfat - ok
19:52:24.0212 5348 [ 7CE0422451C4B05A14B642680F525C69 ] F-Secure Gatekeeper C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys
19:52:24.0228 5348 F-Secure Gatekeeper - ok
19:52:24.0322 5348 [ FD2B7F5109968DD6773C6D118BCBDF06 ] F-Secure HIPS C:\Program Files\F-Secure\apps\ComputerSecurity\HIPS\drivers\fshs.sys
19:52:24.0337 5348 F-Secure HIPS - ok
19:52:24.0384 5348 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:52:24.0384 5348 fastfat - ok
19:52:24.0462 5348 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
19:52:24.0478 5348 Fax - ok
19:52:24.0493 5348 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
19:52:24.0493 5348 fdc - ok
19:52:24.0556 5348 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
19:52:24.0556 5348 fdPHost - ok
19:52:24.0556 5348 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
19:52:24.0556 5348 FDResPub - ok
19:52:24.0618 5348 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:52:24.0618 5348 FileInfo - ok
19:52:24.0618 5348 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:52:24.0618 5348 Filetrace - ok
19:52:24.0634 5348 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
19:52:24.0634 5348 flpydisk - ok
19:52:24.0665 5348 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:52:24.0665 5348 FltMgr - ok
19:52:24.0743 5348 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\Windows\system32\FntCache.dll
19:52:24.0758 5348 FontCache - ok
19:52:24.0852 5348 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
19:52:24.0852 5348 FontCache3.0.0.0 - ok
19:52:24.0899 5348 [ 18DA737DD5122A475DA4948ED4643675 ] fsbts C:\Windows\system32\Drivers\fsbts.sys
19:52:24.0899 5348 fsbts - ok
19:52:24.0992 5348 [ 7E000D7668322F5D30C278D331C7C8F6 ] fsccsys1346933087 C:\Windows\System32\drivers\fsccsys.sys
19:52:24.0992 5348 fsccsys1346933087 - ok
19:52:25.0024 5348 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
19:52:25.0024 5348 FsDepends - ok
19:52:25.0180 5348 [ EE0D13C7CF71E9AD2BC18C5932573D1B ] FSDFWD C:\Program Files\F-Secure\apps\ComputerSecurity\FWES\Program\fsdfwd.exe
19:52:25.0180 5348 FSDFWD - ok
19:52:25.0351 5348 [ A87006C1C4015CE286E4DE7D6F8B5B0C ] FSES C:\Windows\system32\drivers\fses.sys
19:52:25.0351 5348 FSES - ok
19:52:25.0445 5348 [ A272D270CEF837FB95D963D4671C5603 ] FSFW C:\Windows\system32\drivers\fsdfw.sys
19:52:25.0445 5348 FSFW - ok
19:52:25.0523 5348 [ 17BE4BAEC3D4FE887BC5F446FEF4FD97 ] fshoster C:\Program Files\F-Secure\fshoster32.exe
19:52:25.0523 5348 fshoster - ok
19:52:25.0632 5348 [ C2251C602EDFC49E71D13D660AB7F625 ] FSMA C:\Program Files\F-Secure\apps\ComputerSecurity\Common\FSMA32.EXE
19:52:25.0648 5348 FSMA - ok
19:52:25.0694 5348 [ B50C3AD8A850FA494D87AF943C011F2F ] FSORSPClient C:\Program Files\F-Secure\apps\CCF_Reputation\fsorsp.exe
19:52:25.0694 5348 FSORSPClient - ok
19:52:25.0757 5348 [ F95FFCF662786DAE8B79F0BA32FA8ADD ] fsvista C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys
19:52:25.0772 5348 fsvista - ok
19:52:25.0804 5348 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:52:25.0819 5348 Fs_Rec - ok
19:52:25.0882 5348 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
19:52:25.0882 5348 fvevol - ok
19:52:25.0944 5348 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
19:52:25.0960 5348 gagp30kx - ok
19:52:26.0022 5348 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
19:52:26.0022 5348 gpsvc - ok
19:52:26.0178 5348 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
19:52:26.0178 5348 gupdate - ok
19:52:26.0225 5348 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
19:52:26.0225 5348 gupdatem - ok
19:52:26.0272 5348 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
19:52:26.0272 5348 hcw85cir - ok
19:52:26.0350 5348 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:52:26.0365 5348 HdAudAddService - ok
19:52:26.0412 5348 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
19:52:26.0412 5348 HDAudBus - ok
19:52:26.0428 5348 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
19:52:26.0428 5348 HidBatt - ok
19:52:26.0459 5348 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
19:52:26.0459 5348 HidBth - ok
19:52:26.0506 5348 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
19:52:26.0521 5348 HidIr - ok
19:52:26.0568 5348 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
19:52:26.0568 5348 hidserv - ok
19:52:26.0630 5348 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
19:52:26.0630 5348 HidUsb - ok
19:52:26.0677 5348 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
19:52:26.0693 5348 hkmsvc - ok
19:52:26.0740 5348 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:52:26.0740 5348 HomeGroupListener - ok
19:52:26.0802 5348 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:52:26.0802 5348 HomeGroupProvider - ok
19:52:26.0864 5348 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
19:52:26.0864 5348 HpSAMD - ok
19:52:26.0927 5348 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:52:26.0942 5348 HTTP - ok
19:52:27.0005 5348 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
19:52:27.0005 5348 hwpolicy - ok
19:52:27.0067 5348 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
19:52:27.0067 5348 i8042prt - ok
19:52:27.0145 5348 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
19:52:27.0145 5348 iaStorV - ok
19:52:27.0223 5348 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:52:27.0239 5348 idsvc - ok
19:52:27.0317 5348 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
19:52:27.0317 5348 iirsp - ok
19:52:27.0395 5348 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
19:52:27.0410 5348 IKEEXT - ok
19:52:27.0473 5348 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
19:52:27.0473 5348 intelide - ok
19:52:27.0535 5348 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
19:52:27.0551 5348 intelppm - ok
19:52:27.0598 5348 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:52:27.0598 5348 IPBusEnum - ok
19:52:27.0629 5348 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:52:27.0629 5348 IpFilterDriver - ok
19:52:27.0707 5348 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
19:52:27.0707 5348 IPMIDRV - ok
19:52:27.0754 5348 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
19:52:27.0769 5348 IPNAT - ok
19:52:27.0816 5348 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:52:27.0816 5348 IRENUM - ok
19:52:27.0863 5348 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:52:27.0863 5348 isapnp - ok
19:52:27.0925 5348 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
19:52:27.0925 5348 iScsiPrt - ok
19:52:27.0988 5348 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
19:52:27.0988 5348 kbdclass - ok
19:52:28.0050 5348 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
19:52:28.0050 5348 kbdhid - ok
19:52:28.0066 5348 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
19:52:28.0066 5348 KeyIso - ok
19:52:28.0112 5348 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:52:28.0128 5348 KSecDD - ok
19:52:28.0144 5348 [ 5FE1ABF1AF591A3458C9CF24ED9A4D35 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
19:52:28.0159 5348 KSecPkg - ok
19:52:28.0206 5348 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
19:52:28.0206 5348 KtmRm - ok
19:52:28.0268 5348 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\system32\srvsvc.dll
19:52:28.0268 5348 LanmanServer - ok
19:52:28.0315 5348 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:52:28.0315 5348 LanmanWorkstation - ok
19:52:28.0393 5348 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:52:28.0409 5348 lltdio - ok
19:52:28.0456 5348 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:52:28.0456 5348 lltdsvc - ok
19:52:28.0487 5348 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
19:52:28.0487 5348 lmhosts - ok
19:52:28.0549 5348 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
19:52:28.0549 5348 LSI_FC - ok
19:52:28.0580 5348 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
19:52:28.0580 5348 LSI_SAS - ok
19:52:28.0612 5348 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:52:28.0627 5348 LSI_SAS2 - ok
19:52:28.0643 5348 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:52:28.0643 5348 LSI_SCSI - ok
19:52:28.0674 5348 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
19:52:28.0674 5348 luafv - ok
19:52:28.0705 5348 [ DF0A511F38F16016BF658FCA0090CB87 ] McrdSvc C:\WINDOWS\ehome\mcrdsvc.exe
19:52:28.0721 5348 McrdSvc - ok
19:52:28.0768 5348 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
19:52:28.0768 5348 Mcx2Svc - ok
19:52:28.0814 5348 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
19:52:28.0814 5348 megasas - ok
19:52:28.0861 5348 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
19:52:28.0861 5348 MegaSR - ok
19:52:28.0924 5348 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
19:52:28.0939 5348 MMCSS - ok
19:52:28.0986 5348 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
19:52:28.0986 5348 Modem - ok
19:52:29.0002 5348 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:52:29.0002 5348 monitor - ok
19:52:29.0048 5348 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
19:52:29.0064 5348 mouclass - ok
19:52:29.0095 5348 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:52:29.0095 5348 mouhid - ok
19:52:29.0142 5348 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
19:52:29.0158 5348 mountmgr - ok
19:52:29.0298 5348 [ 730A519505621DF46BCBF9CDAC9FB6AD ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
19:52:29.0298 5348 MozillaMaintenance - ok
19:52:29.0345 5348 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
19:52:29.0360 5348 mpio - ok
19:52:29.0407 5348 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:52:29.0407 5348 mpsdrv - ok
19:52:29.0516 5348 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
19:52:29.0532 5348 MpsSvc - ok
19:52:29.0579 5348 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:52:29.0594 5348 MRxDAV - ok
19:52:29.0641 5348 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:52:29.0641 5348 mrxsmb - ok
19:52:29.0704 5348 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:52:29.0704 5348 mrxsmb10 - ok
19:52:29.0735 5348 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:52:29.0735 5348 mrxsmb20 - ok
19:52:29.0782 5348 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
19:52:29.0782 5348 msahci - ok
19:52:29.0813 5348 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
19:52:29.0813 5348 msdsm - ok
19:52:29.0860 5348 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
19:52:29.0860 5348 MSDTC - ok
19:52:29.0938 5348 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:52:29.0938 5348 Msfs - ok
19:52:29.0953 5348 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
19:52:29.0969 5348 mshidkmdf - ok
19:52:30.0016 5348 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:52:30.0016 5348 msisadrv - ok
19:52:30.0078 5348 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:52:30.0078 5348 MSiSCSI - ok
19:52:30.0094 5348 msiserver - ok
19:52:30.0156 5348 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:52:30.0172 5348 MSKSSRV - ok
19:52:30.0234 5348 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:52:30.0234 5348 MSPCLOCK - ok
19:52:30.0250 5348 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:52:30.0250 5348 MSPQM - ok
19:52:30.0281 5348 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:52:30.0281 5348 MsRPC - ok
19:52:30.0343 5348 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
19:52:30.0343 5348 mssmbios - ok
19:52:30.0374 5348 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:52:30.0374 5348 MSTEE - ok
19:52:30.0390 5348 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
19:52:30.0390 5348 MTConfig - ok
19:52:30.0406 5348 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
19:52:30.0406 5348 Mup - ok
19:52:30.0468 5348 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
19:52:30.0484 5348 napagent - ok
19:52:30.0577 5348 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:52:30.0577 5348 NativeWifiP - ok
19:52:30.0640 5348 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys
19:52:30.0655 5348 NDIS - ok
19:52:30.0718 5348 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
19:52:30.0718 5348 NdisCap - ok
19:52:30.0764 5348 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:52:30.0764 5348 NdisTapi - ok
19:52:30.0827 5348 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:52:30.0827 5348 Ndisuio - ok
19:52:30.0874 5348 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:52:30.0889 5348 NdisWan - ok
19:52:30.0920 5348 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:52:30.0920 5348 NDProxy - ok
19:52:30.0983 5348 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:52:30.0983 5348 NetBIOS - ok
19:52:31.0030 5348 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
19:52:31.0045 5348 NetBT - ok
19:52:31.0061 5348 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
19:52:31.0076 5348 Netlogon - ok
19:52:31.0170 5348 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
19:52:31.0170 5348 Netman - ok
19:52:31.0186 5348 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
19:52:31.0201 5348 netprofm - ok
19:52:31.0248 5348 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:52:31.0248 5348 NetTcpPortSharing - ok
19:52:31.0482 5348 [ 58218EC6B61B1169CF54AAB0D00F5FE2 ] netw5v32 C:\Windows\system32\DRIVERS\netw5v32.sys
19:52:31.0654 5348 netw5v32 - ok
19:52:31.0732 5348 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
19:52:31.0732 5348 nfrd960 - ok
19:52:31.0778 5348 [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc C:\Windows\System32\nlasvc.dll
19:52:31.0794 5348 NlaSvc - ok
19:52:31.0825 5348 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:52:31.0825 5348 Npfs - ok
19:52:31.0872 5348 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
19:52:31.0888 5348 nsi - ok
19:52:31.0888 5348 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:52:31.0888 5348 nsiproxy - ok
19:52:31.0981 5348 [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:52:32.0028 5348 Ntfs - ok
19:52:32.0090 5348 [ EF2B9A14EC5DD74ADE3417FAF1B45E16 ] NuidFltr C:\Windows\system32\DRIVERS\NuidFltr.sys
19:52:32.0090 5348 NuidFltr - ok
19:52:32.0153 5348 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
19:52:32.0153 5348 Null - ok
19:52:32.0480 5348 [ 05B288B25C2EBD9A4E9E5114AE790876 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
19:52:32.0777 5348 nvlddmkm - ok
19:52:32.0855 5348 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:52:32.0855 5348 nvraid - ok
19:52:32.0933 5348 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:52:32.0948 5348 nvstor - ok
19:52:33.0011 5348 [ E937A615D4289E83E234C3EC26092431 ] nvsvc C:\Windows\system32\nvvsvc.exe
19:52:33.0011 5348 nvsvc - ok
19:52:33.0073 5348 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:52:33.0073 5348 nv_agp - ok
19:52:33.0198 5348 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
19:52:33.0214 5348 odserv - ok
19:52:33.0260 5348 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
19:52:33.0260 5348 ohci1394 - ok
19:52:33.0323 5348 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:52:33.0338 5348 ose - ok
19:52:33.0401 5348 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
19:52:33.0401 5348 p2pimsvc - ok
19:52:33.0463 5348 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
19:52:33.0479 5348 p2psvc - ok
19:52:33.0541 5348 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
19:52:33.0541 5348 Parport - ok
19:52:33.0604 5348 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:52:33.0604 5348 partmgr - ok
19:52:33.0635 5348 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
19:52:33.0635 5348 Parvdm - ok
19:52:33.0697 5348 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
19:52:33.0697 5348 PcaSvc - ok
19:52:33.0760 5348 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
19:52:33.0775 5348 pci - ok
19:52:33.0791 5348 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
19:52:33.0791 5348 pciide - ok
19:52:33.0853 5348 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
19:52:33.0853 5348 pcmcia - ok
19:52:33.0869 5348 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
19:52:33.0869 5348 pcw - ok
19:52:33.0916 5348 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:52:33.0916 5348 PEAUTH - ok
19:52:34.0009 5348 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
19:52:34.0040 5348 PeerDistSvc - ok
19:52:34.0181 5348 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
19:52:34.0228 5348 pla - ok
19:52:34.0290 5348 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:52:34.0306 5348 PlugPlay - ok
19:52:34.0368 5348 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
19:52:34.0368 5348 PNRPAutoReg - ok
19:52:34.0384 5348 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
19:52:34.0399 5348 PNRPsvc - ok
19:52:34.0446 5348 [ 60A044879C4FA76314494F5FDDC43B93 ] Point32 C:\Windows\system32\DRIVERS\point32.sys
19:52:34.0462 5348 Point32 - ok
19:52:34.0524 5348 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:52:34.0540 5348 PolicyAgent - ok
19:52:34.0586 5348 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
19:52:34.0602 5348 Power - ok
19:52:34.0664 5348 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:52:34.0680 5348 PptpMiniport - ok
19:52:34.0696 5348 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
19:52:34.0696 5348 Processor - ok
19:52:34.0758 5348 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
19:52:34.0774 5348 ProfSvc - ok
19:52:34.0789 5348 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:52:34.0789 5348 ProtectedStorage - ok
19:52:34.0867 5348 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
19:52:34.0867 5348 Psched - ok
19:52:34.0961 5348 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
19:52:35.0008 5348 ql2300 - ok
19:52:35.0054 5348 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
19:52:35.0070 5348 ql40xx - ok
19:52:35.0117 5348 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
19:52:35.0132 5348 QWAVE - ok
19:52:35.0148 5348 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:52:35.0148 5348 QWAVEdrv - ok
19:52:35.0195 5348 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:52:35.0288 5348 RasAcd - ok
19:52:35.0351 5348 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
19:52:35.0366 5348 RasAgileVpn - ok
19:52:35.0366 5348 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
19:52:35.0382 5348 RasAuto - ok
19:52:35.0398 5348 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:52:35.0398 5348 Rasl2tp - ok
19:52:35.0460 5348 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
19:52:35.0476 5348 RasMan - ok
19:52:35.0507 5348 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:52:35.0522 5348 RasPppoe - ok
19:52:35.0554 5348 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:52:35.0569 5348 RasSstp - ok
19:52:35.0632 5348 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:52:35.0632 5348 rdbss - ok
19:52:35.0647 5348 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
19:52:35.0647 5348 rdpbus - ok
19:52:35.0694 5348 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:52:35.0694 5348 RDPCDD - ok
19:52:35.0741 5348 [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
19:52:35.0741 5348 RDPDR - ok
19:52:35.0788 5348 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:52:35.0788 5348 RDPENCDD - ok
19:52:35.0819 5348 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
19:52:35.0819 5348 RDPREFMP - ok
19:52:35.0866 5348 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:52:35.0881 5348 RDPWD - ok
19:52:35.0944 5348 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
19:52:35.0944 5348 rdyboost - ok
19:52:36.0006 5348 [ D8F61AAAE73A1FBDE6F538BECC891F2F ] RegSrvc C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
19:52:36.0006 5348 RegSrvc - ok
19:52:36.0068 5348 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
19:52:36.0068 5348 RemoteAccess - ok
19:52:36.0131 5348 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:52:36.0131 5348 RemoteRegistry - ok
19:52:36.0162 5348 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
19:52:36.0162 5348 RpcEptMapper - ok
19:52:36.0209 5348 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
19:52:36.0224 5348 RpcLocator - ok
19:52:36.0240 5348 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
19:52:36.0256 5348 RpcSs - ok
19:52:36.0334 5348 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:52:36.0334 5348 rspndr - ok
19:52:36.0380 5348 [ 25F697E3AFA7B337BBCADDBCE38E6934 ] S24EventMonitor C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
19:52:36.0412 5348 S24EventMonitor - ok
19:52:36.0458 5348 [ 2862ADB14481AC28F98105FF33A99EB0 ] s24trans C:\Windows\system32\DRIVERS\s24trans.sys
19:52:36.0458 5348 s24trans - ok
19:52:36.0505 5348 [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
19:52:36.0521 5348 s3cap - ok
19:52:36.0536 5348 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
19:52:36.0536 5348 SamSs - ok
19:52:36.0599 5348 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
19:52:36.0599 5348 sbp2port - ok
19:52:36.0661 5348 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:52:36.0661 5348 SCardSvr - ok
19:52:36.0724 5348 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
19:52:36.0724 5348 scfilter - ok
19:52:36.0786 5348 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
19:52:36.0817 5348 Schedule - ok
19:52:36.0864 5348 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
19:52:36.0864 5348 SCPolicySvc - ok
19:52:36.0911 5348 [ 0328BE1C7F1CBA23848179F8762E391C ] sdbus C:\Windows\system32\drivers\sdbus.sys
19:52:36.0911 5348 sdbus - ok
19:52:36.0973 5348 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:52:36.0973 5348 SDRSVC - ok
19:52:37.0192 5348 [ 206387AB881E93A1A6EB89966C8651F1 ] SDScannerService C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
19:52:37.0192 5348 SDScannerService - ok
19:52:37.0301 5348 [ A529CFE32565C0B145578FFB2B32C9A5 ] SDUpdateService C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
19:52:37.0316 5348 SDUpdateService - ok
19:52:37.0363 5348 [ CB63BDB77BB86549FC3303C2F11EDC18 ] SDWSCService C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
19:52:37.0363 5348 SDWSCService - ok
19:52:37.0426 5348 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:52:37.0441 5348 secdrv - ok
19:52:37.0488 5348 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
19:52:37.0504 5348 seclogon - ok
19:52:37.0519 5348 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
19:52:37.0535 5348 SENS - ok
19:52:37.0582 5348 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
19:52:37.0597 5348 SensrSvc - ok
19:52:37.0644 5348 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
19:52:37.0644 5348 Serenum - ok
19:52:37.0675 5348 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
19:52:37.0675 5348 Serial - ok
19:52:37.0722 5348 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
19:52:37.0722 5348 sermouse - ok
19:52:37.0784 5348 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
19:52:37.0800 5348 SessionEnv - ok
19:52:37.0847 5348 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
19:52:37.0862 5348 sffdisk - ok
19:52:37.0862 5348 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
19:52:37.0862 5348 sffp_mmc - ok
19:52:37.0878 5348 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
19:52:37.0878 5348 sffp_sd - ok
19:52:37.0940 5348 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
19:52:37.0940 5348 sfloppy - ok
19:52:38.0003 5348 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:52:38.0018 5348 SharedAccess - ok
19:52:38.0081 5348 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:52:38.0081 5348 ShellHWDetection - ok
19:52:38.0096 5348 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
19:52:38.0112 5348 sisagp - ok
19:52:38.0174 5348 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:52:38.0174 5348 SiSRaid2 - ok
19:52:38.0206 5348 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
19:52:38.0206 5348 SiSRaid4 - ok
19:52:38.0252 5348 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:52:38.0252 5348 Smb - ok
19:52:38.0330 5348 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:52:38.0346 5348 SNMPTRAP - ok
19:52:38.0362 5348 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
19:52:38.0362 5348 spldr - ok
19:52:38.0424 5348 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
19:52:38.0440 5348 Spooler - ok
19:52:38.0596 5348 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
19:52:38.0720 5348 sppsvc - ok
19:52:38.0767 5348 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
19:52:38.0783 5348 sppuinotify - ok
19:52:38.0830 5348 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
19:52:38.0845 5348 srv - ok
19:52:38.0876 5348 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:52:38.0876 5348 srv2 - ok
19:52:38.0923 5348 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:52:38.0939 5348 srvnet - ok
19:52:39.0001 5348 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:52:39.0001 5348 SSDPSRV - ok
19:52:39.0017 5348 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:52:39.0032 5348 SstpSvc - ok
19:52:39.0079 5348 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
19:52:39.0079 5348 stexstor - ok
19:52:39.0142 5348 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
19:52:39.0157 5348 StiSvc - ok
19:52:39.0204 5348 [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
19:52:39.0204 5348 storflt - ok
19:52:39.0266 5348 [ 0BF669F0A910BEDA4A32258D363AF2A5 ] StorSvc C:\Windows\system32\storsvc.dll
19:52:39.0266 5348 StorSvc - ok
19:52:39.0344 5348 [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc C:\Windows\system32\drivers\storvsc.sys
19:52:39.0344 5348 storvsc - ok
19:52:39.0360 5348 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
19:52:39.0360 5348 swenum - ok
19:52:39.0422 5348 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
19:52:39.0438 5348 swprv - ok
19:52:39.0516 5348 [ 70534D1E4F9AC990536D5FB5B550B3DE ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
19:52:39.0532 5348 SynTP - ok
19:52:39.0625 5348 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
19:52:39.0641 5348 SysMain - ok
19:52:39.0703 5348 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:52:39.0703 5348 TabletInputService - ok
19:52:39.0766 5348 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
19:52:39.0781 5348 TapiSrv - ok
19:52:39.0906 5348 [ 36772B5EAAAF42DB5C5EE6EEB0EC0AF7 ] TAPPSRV C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
19:52:39.0906 5348 TAPPSRV - ok
19:52:40.0015 5348 [ 1F26D86828039C0B594399F7F2FFEF09 ] TBiosDrv C:\WINDOWS\system32\Drivers\Tbiosdrv.sys
19:52:40.0015 5348 TBiosDrv - ok
19:52:40.0062 5348 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
19:52:40.0078 5348 TBS - ok
19:52:40.0156 5348 [ E23A56F843E2AEBBB209D0ACCA73C640 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:52:40.0187 5348 Tcpip - ok
19:52:40.0249 5348 [ E23A56F843E2AEBBB209D0ACCA73C640 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
19:52:40.0265 5348 TCPIP6 - ok
19:52:40.0312 5348 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:52:40.0312 5348 tcpipreg - ok
19:52:40.0358 5348 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:52:40.0358 5348 TDPIPE - ok
19:52:40.0405 5348 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:52:40.0405 5348 TDTCP - ok
19:52:40.0452 5348 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:52:40.0468 5348 tdx - ok
19:52:40.0608 5348 [ 839E88DB24D2D8F05B72E12B175951CA ] TeamViewer6 C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
19:52:40.0639 5348 TeamViewer6 - ok
19:52:40.0655 5348 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys
19:52:40.0655 5348 TermDD - ok
19:52:40.0717 5348 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
19:52:40.0733 5348 TermService - ok
19:52:40.0780 5348 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
19:52:40.0795 5348 Themes - ok
19:52:40.0811 5348 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
19:52:40.0811 5348 THREADORDER - ok
19:52:40.0889 5348 [ F779BA4CD37963AB4600C9871B7752A3 ] tifm21 C:\Windows\system32\drivers\tifm21.sys
19:52:40.0904 5348 tifm21 - ok
19:52:40.0936 5348 [ CC069342EE0EAE55B32A0AE99CF6185C ] tosrfec C:\Windows\system32\DRIVERS\tosrfec.sys
19:52:40.0951 5348 tosrfec - ok
19:52:41.0014 5348 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
19:52:41.0029 5348 TrkWks - ok
19:52:41.0123 5348 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:52:41.0123 5348 TrustedInstaller - ok
19:52:41.0185 5348 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:52:41.0185 5348 tssecsrv - ok
19:52:41.0263 5348 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
19:52:41.0263 5348 TsUsbFlt - ok
19:52:41.0341 5348 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:52:41.0341 5348 tunnel - ok
19:52:41.0388 5348 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
19:52:41.0388 5348 uagp35 - ok
19:52:41.0435 5348 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:52:41.0450 5348 udfs - ok
19:52:41.0497 5348 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:52:41.0513 5348 UI0Detect - ok
19:52:41.0560 5348 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:52:41.0560 5348 uliagpkx - ok
19:52:41.0606 5348 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\drivers\umbus.sys
19:52:41.0606 5348 umbus - ok
19:52:41.0653 5348 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
19:52:41.0653 5348 UmPass - ok
19:52:41.0716 5348 [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService C:\Windows\System32\umrdp.dll
19:52:41.0731 5348 UmRdpService - ok
19:52:41.0794 5348 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
19:52:41.0809 5348 upnphost - ok
19:52:41.0856 5348 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\drivers\usbccgp.sys
19:52:41.0856 5348 usbccgp - ok
19:52:41.0918 5348 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
19:52:41.0934 5348 usbcir - ok
19:52:41.0981 5348 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
19:52:41.0981 5348 usbehci - ok
19:52:42.0059 5348 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
19:52:42.0059 5348 usbhub - ok
19:52:42.0106 5348 [ A6FB7957EA7AFB1165991E54CE934B74 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
19:52:42.0106 5348 usbohci - ok
19:52:42.0137 5348 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
19:52:42.0137 5348 usbprint - ok
19:52:42.0184 5348 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:52:42.0184 5348 USBSTOR - ok
19:52:42.0230 5348 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
19:52:42.0230 5348 usbuhci - ok
19:52:42.0293 5348 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
19:52:42.0308 5348 UxSms - ok
19:52:42.0324 5348 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
19:52:42.0324 5348 VaultSvc - ok
19:52:42.0371 5348 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
19:52:42.0386 5348 vdrvroot - ok
19:52:42.0449 5348 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
19:52:42.0464 5348 vds - ok
19:52:42.0511 5348 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:52:42.0511 5348 vga - ok
19:52:42.0542 5348 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
19:52:42.0542 5348 VgaSave - ok
19:52:42.0605 5348 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
19:52:42.0605 5348 vhdmp - ok
19:52:42.0652 5348 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
19:52:42.0652 5348 viaagp - ok
19:52:42.0698 5348 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
19:52:42.0698 5348 ViaC7 - ok
19:52:42.0730 5348 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
19:52:42.0730 5348 viaide - ok
19:52:42.0792 5348 [ C2F2911156FDC7817C52829C86DA494E ] vmbus C:\Windows\system32\drivers\vmbus.sys
19:52:42.0792 5348 vmbus - ok
19:52:42.0839 5348 [ D4D77455211E204F370D08F4963063CE ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
19:52:42.0839 5348 VMBusHID - ok
19:52:42.0870 5348 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:52:42.0886 5348 volmgr - ok
19:52:43.0073 5348 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:52:43.0088 5348 volmgrx - ok
19:52:43.0120 5348 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:52:43.0135 5348 volsnap - ok
19:52:43.0182 5348 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
19:52:43.0198 5348 vsmraid - ok
19:52:43.0276 5348 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
19:52:43.0307 5348 VSS - ok
19:52:43.0338 5348 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
19:52:43.0338 5348 vwifibus - ok
19:52:43.0416 5348 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
19:52:43.0432 5348 W32Time - ok
19:52:43.0463 5348 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
19:52:43.0463 5348 WacomPen - ok
19:52:43.0525 5348 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
19:52:43.0525 5348 WANARP - ok
19:52:43.0525 5348 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:52:43.0541 5348 Wanarpv6 - ok
19:52:43.0650 5348 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
19:52:43.0697 5348 WatAdminSvc - ok
19:52:43.0790 5348 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
19:52:43.0837 5348 wbengine - ok
19:52:43.0900 5348 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
19:52:43.0900 5348 WbioSrvc - ok
19:52:43.0962 5348 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:52:43.0978 5348 wcncsvc - ok
19:52:43.0978 5348 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:52:43.0978 5348 WcsPlugInService - ok
19:52:44.0024 5348 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
19:52:44.0024 5348 Wd - ok
19:52:44.0087 5348 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:52:44.0102 5348 Wdf01000 - ok
19:52:44.0149 5348 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:52:44.0165 5348 WdiServiceHost - ok
19:52:44.0165 5348 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:52:44.0180 5348 WdiSystemHost - ok
19:52:44.0243 5348 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
19:52:44.0243 5348 WebClient - ok
19:52:44.0258 5348 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:52:44.0274 5348 Wecsvc - ok
19:52:44.0274 5348 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:52:44.0290 5348 wercplsupport - ok
19:52:44.0368 5348 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
19:52:44.0368 5348 WerSvc - ok
19:52:44.0430 5348 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
19:52:44.0430 5348 WfpLwf - ok
19:52:44.0493 5348 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
19:52:44.0493 5348 WIMMount - ok
19:52:44.0493 5348 WinHttpAutoProxySvc - ok
19:52:44.0617 5348 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:52:44.0617 5348 Winmgmt - ok
19:52:44.0711 5348 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
19:52:44.0758 5348 WinRM - ok
19:52:44.0851 5348 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
19:52:44.0851 5348 WinUsb - ok
19:52:44.0914 5348 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
19:52:44.0945 5348 Wlansvc - ok
19:52:45.0054 5348 [ 0A70F4022EC2E14C159EFC4F69AA2477 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:52:45.0085 5348 wlidsvc - ok
19:52:45.0117 5348 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
19:52:45.0117 5348 WmiAcpi - ok
19:52:45.0179 5348 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:52:45.0179 5348 wmiApSrv - ok
19:52:45.0460 5348 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
19:52:45.0475 5348 WMPNetworkSvc - ok
19:52:45.0522 5348 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:52:45.0522 5348 WPCSvc - ok
19:52:45.0585 5348 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:52:45.0585 5348 WPDBusEnum - ok
19:52:45.0631 5348 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:52:45.0631 5348 ws2ifsl - ok
19:52:45.0647 5348 WSearch - ok
19:52:45.0787 5348 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
19:52:45.0865 5348 wuauserv - ok
19:52:45.0912 5348 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
19:52:45.0912 5348 WudfPf - ok
19:52:45.0975 5348 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:52:45.0975 5348 WUDFRd - ok
19:52:46.0037 5348 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:52:46.0037 5348 wudfsvc - ok
19:52:46.0099 5348 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
19:52:46.0115 5348 WwanSvc - ok
19:52:46.0131 5348 ================ Scan global ===============================
19:52:46.0177 5348 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
19:52:46.0224 5348 [ D70FE45855CAD4C0C6B1C1426ABDEBA9 ] C:\Windows\system32\winsrv.dll
19:52:46.0240 5348 [ D70FE45855CAD4C0C6B1C1426ABDEBA9 ] C:\Windows\system32\winsrv.dll
19:52:46.0287 5348 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
19:52:46.0349 5348 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
19:52:46.0365 5348 [Global] - ok
19:52:46.0365 5348 ================ Scan MBR ==================================
19:52:46.0380 5348 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:52:46.0692 5348 \Device\Harddisk0\DR0 - ok
19:52:46.0692 5348 ================ Scan VBR ==================================
19:52:46.0708 5348 [ EBFFF371BE4F88B7CD28F4F94A251002 ] \Device\Harddisk0\DR0\Partition1
19:52:46.0708 5348 \Device\Harddisk0\DR0\Partition1 - ok
19:52:46.0739 5348 [ F97AC5EA90932BE3A3B4FF2EC1519EDB ] \Device\Harddisk0\DR0\Partition2
19:52:46.0739 5348 \Device\Harddisk0\DR0\Partition2 - ok
19:52:46.0739 5348 ============================================================
19:52:46.0739 5348 Scan finished
19:52:46.0739 5348 ============================================================
19:52:46.0755 5064 Detected object count: 0
19:52:46.0755 5064 Actual detected object count: 0
19:53:05.0412 3956 Deinitialize success

ESET log

C:\Users\Hartley\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\57\7829a6b9-162f5c3b Java/Agent.FI trojan unable to clean
C:\Documents and Settings\Hartley\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\57\7829a6b9-162f5c3b Java/Agent.FI trojan cleaned by deleting - quarantined
C:\Windows\pss\runctf.lnk.Startup Win32/Reveton.M trojan cleaned by deleting - quarantined

#5 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:36 PM

Posted 11 January 2013 - 11:31 PM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.


Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#6 hobo698

hobo698
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:11:36 PM

Posted 12 January 2013 - 09:15 AM

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org
Database version: v2013.01.12.05
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 8.0.7601.17514
1/12/2013 7:39:37 AM
mbam-log-2013-01-12 (07-39-37).txt
Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 388276
Time elapsed: 1 hour(s), 47 minute(s), 36 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 1
C:\Windows\hosts (Trojan.Agent) -> Quarantined and deleted successfully.
(end)


MiniToolBox by Farbar Version:10-01-2013
Ran by Hartley (administrator) on 12-01-2013 at 09:41:36
Running from "C:\Users\Hartley\Desktop"
Windows 7 Professional Service Pack 1 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

Hosts file not detected in the default directory
========================= IP Configuration: ================================

Intel® PRO/Wireless 3945ABG Network Connection = Wireless Network Connection (Connected)
Intel® PRO/100 VE Network Connection = Local Area Connection (Media disconnected)
The following helper DLL cannot be loaded: IPMONTR.DLL.
The following helper DLL cannot be loaded: IPPROMON.DLL.
The following helper DLL cannot be loaded: IPV6MON.DLL.


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Hartley-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® PRO/Wireless 3945ABG Network Connection
Physical Address. . . . . . . . . : 00-18-DE-4B-AF-71
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::e482:f0ea:bacb:1fa7%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.198(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Saturday, January 12, 2013 9:34:36 AM
Lease Expires . . . . . . . . . . : Sunday, January 13, 2013 9:34:36 AM
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DHCPv6 IAID . . . . . . . . . . . : 218110174
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-9D-B5-A1-00-A0-D1-57-49-1E
DNS Servers . . . . . . . . . . . : 192.168.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : phub.net.cable.rogers.com
Description . . . . . . . . . . . : Intel® PRO/100 VE Network Connection
Physical Address. . . . . . . . . : 00-A0-D1-57-49-1E
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{8648B02D-C253-40EB-9259-98A974EE9481}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.0.1

Name: google.com
Addresses: 2607:f8b0:400b:800::1008
74.125.226.4
74.125.226.5
74.125.226.6
74.125.226.7
74.125.226.8
74.125.226.9
74.125.226.14
74.125.226.0
74.125.226.1
74.125.226.2
74.125.226.3


Pinging google.com [74.125.226.2] with 32 bytes of data:
Reply from 74.125.226.2: bytes=32 time=52ms TTL=57
Reply from 74.125.226.2: bytes=32 time=48ms TTL=57

Ping statistics for 74.125.226.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 48ms, Maximum = 52ms, Average = 50ms
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.0.1

DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
Name: yahoo.com
Addresses: 72.30.38.140
98.138.253.109
98.139.183.24


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=896ms TTL=49
Reply from 98.139.183.24: bytes=32 time=867ms TTL=49

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 867ms, Maximum = 896ms, Average = 881ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
11...00 18 de 4b af 71 ......Intel® PRO/Wireless 3945ABG Network Connection
10...00 a0 d1 57 49 1e ......Intel® PRO/100 VE Network Connection
1...........................Software Loopback Interface 1
14...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.198 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.0.0 255.255.255.0 On-link 192.168.0.198 281
192.168.0.198 255.255.255.255 On-link 192.168.0.198 281
192.168.0.255 255.255.255.255 On-link 192.168.0.198 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.0.198 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.0.198 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
11 281 fe80::/64 On-link
11 281 fe80::e482:f0ea:bacb:1fa7/128
On-link
1 306 ff00::/8 On-link
11 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 07 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

Catalog5 08 C:\Windows\System32\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 mswsock.dll [File not found] ()
Catalog9 02 mswsock.dll [File not found] ()
Catalog9 03 mswsock.dll [File not found] ()
Catalog9 04 mswsock.dll [File not found] ()
Catalog9 05 mswsock.dll [File not found] ()
Catalog9 06 mswsock.dll [File not found] ()
Catalog9 07 mswsock.dll [File not found] ()
Catalog9 08 mswsock.dll [File not found] ()
Catalog9 09 mswsock.dll [File not found] ()
Catalog9 10 mswsock.dll [File not found] ()
Catalog9 11 mswsock.dll [File not found] ()
Catalog9 12 mswsock.dll [File not found] ()
Catalog9 13 mswsock.dll [File not found] ()
Catalog9 14 mswsock.dll [File not found] ()
Catalog9 15 mswsock.dll [File not found] ()
Catalog9 16 mswsock.dll [File not found] ()
Catalog9 17 mswsock.dll [File not found] ()
Catalog9 18 mswsock.dll [File not found] ()
Catalog9 19 mswsock.dll [File not found] ()
Catalog9 20 mswsock.dll [File not found] ()
Catalog9 21 mswsock.dll [File not found] ()
Catalog9 22 mswsock.dll [File not found] ()
Catalog9 23 mswsock.dll [File not found] ()
Catalog9 24 mswsock.dll [File not found] ()

========================= Event log errors: ===============================

Application errors:
==================
Error: (01/12/2013 07:26:33 AM) (Source: Application Error) (User: )
Description: Windows cannot access the file C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\INDEX.002 for one of the following reasons:
there is a problem with the network connection, the disk that the file is stored on, or the storage
drivers installed on this computer; or the disk is missing.
Windows closed the program Microsoft Windows Search Indexer because of this error.

Program: Microsoft Windows Search Indexer
File: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\INDEX.002

The error value is listed in the Additional Data section.
User Action
1. Open the file again.
This situation might be a temporary problem that corrects itself when the program runs again.
2.
If the file still cannot be accessed and
- It is on the network,
your network administrator should verify that there is not a problem with the network and that the server can be contacted.
- It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER.
4. If the problem persists, restore the file from a backup copy.
5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for
further assistance.

Additional Data
Error value: C000009C
Disk type: 3

Error: (01/12/2013 07:26:33 AM) (Source: Application Error) (User: )
Description: Faulting application name: SearchIndexer.exe, version: 7.0.7601.17610, time stamp: 0x4dc0c672
Faulting module name: msvcrt.dll, version: 7.0.7601.17744, time stamp: 0x4eeaf722
Exception code: 0xc0000006
Fault offset: 0x00009b60
Faulting process id: 0xe90
Faulting application start time: 0xSearchIndexer.exe0
Faulting application path: SearchIndexer.exe1
Faulting module path: SearchIndexer.exe2
Report Id: SearchIndexer.exe3

Error: (01/12/2013 07:25:20 AM) (Source: Application Error) (User: )
Description: Windows cannot access the file C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\INDEX.002 for one of the following reasons:
there is a problem with the network connection, the disk that the file is stored on, or the storage
drivers installed on this computer; or the disk is missing.
Windows closed the program Microsoft Windows Search Indexer because of this error.

Program: Microsoft Windows Search Indexer
File: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\INDEX.002

The error value is listed in the Additional Data section.
User Action
1. Open the file again.
This situation might be a temporary problem that corrects itself when the program runs again.
2.
If the file still cannot be accessed and
- It is on the network,
your network administrator should verify that there is not a problem with the network and that the server can be contacted.
- It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER.
4. If the problem persists, restore the file from a backup copy.
5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for
further assistance.

Additional Data
Error value: C000009C
Disk type: 3

Error: (01/12/2013 07:25:20 AM) (Source: Application Error) (User: )
Description: Faulting application name: SearchIndexer.exe, version: 7.0.7601.17610, time stamp: 0x4dc0c672
Faulting module name: msvcrt.dll, version: 7.0.7601.17744, time stamp: 0x4eeaf722
Exception code: 0xc0000006
Fault offset: 0x00009b60
Faulting process id: 0xbf4
Faulting application start time: 0xSearchIndexer.exe0
Faulting application path: SearchIndexer.exe1
Faulting module path: SearchIndexer.exe2
Report Id: SearchIndexer.exe3

Error: (01/11/2013 04:34:56 PM) (Source: Application Error) (User: )
Description: Windows cannot access the file C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\INDEX.002 for one of the following reasons:
there is a problem with the network connection, the disk that the file is stored on, or the storage
drivers installed on this computer; or the disk is missing.
Windows closed the program Microsoft Windows Search Indexer because of this error.

Program: Microsoft Windows Search Indexer
File: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\INDEX.002

The error value is listed in the Additional Data section.
User Action
1. Open the file again.
This situation might be a temporary problem that corrects itself when the program runs again.
2.
If the file still cannot be accessed and
- It is on the network,
your network administrator should verify that there is not a problem with the network and that the server can be contacted.
- It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER.
4. If the problem persists, restore the file from a backup copy.
5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for
further assistance.

Additional Data
Error value: C000009C
Disk type: 3

Error: (01/11/2013 04:34:55 PM) (Source: Application Error) (User: )
Description: Faulting application name: SearchIndexer.exe, version: 7.0.7601.17610, time stamp: 0x4dc0c672
Faulting module name: msvcrt.dll, version: 7.0.7601.17744, time stamp: 0x4eeaf722
Exception code: 0xc0000006
Fault offset: 0x00009b60
Faulting process id: 0xdc0
Faulting application start time: 0xSearchIndexer.exe0
Faulting application path: SearchIndexer.exe1
Faulting module path: SearchIndexer.exe2
Report Id: SearchIndexer.exe3

Error: (01/11/2013 04:24:03 PM) (Source: Application Error) (User: )
Description: Windows cannot access the file C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\INDEX.002 for one of the following reasons:
there is a problem with the network connection, the disk that the file is stored on, or the storage
drivers installed on this computer; or the disk is missing.
Windows closed the program Microsoft Windows Search Indexer because of this error.

Program: Microsoft Windows Search Indexer
File: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\INDEX.002

The error value is listed in the Additional Data section.
User Action
1. Open the file again.
This situation might be a temporary problem that corrects itself when the program runs again.
2.
If the file still cannot be accessed and
- It is on the network,
your network administrator should verify that there is not a problem with the network and that the server can be contacted.
- It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER.
4. If the problem persists, restore the file from a backup copy.
5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for
further assistance.

Additional Data
Error value: C000009C
Disk type: 3

Error: (01/11/2013 04:24:03 PM) (Source: Application Error) (User: )
Description: Faulting application name: SearchIndexer.exe, version: 7.0.7601.17610, time stamp: 0x4dc0c672
Faulting module name: msvcrt.dll, version: 7.0.7601.17744, time stamp: 0x4eeaf722
Exception code: 0xc0000006
Fault offset: 0x0000a05b
Faulting process id: 0xdd8
Faulting application start time: 0xSearchIndexer.exe0
Faulting application path: SearchIndexer.exe1
Faulting module path: SearchIndexer.exe2
Report Id: SearchIndexer.exe3

Error: (01/11/2013 00:56:17 PM) (Source: FSecure-FSecure-F-Secure Anti-Virus) (User: )
Description: 3 2013-01-11 12:56:17-03:00 HARTLEY-PC Hartley-PC\Hartley F-Secure Anti-Virus
Malicious code found in file C:\Users\Hartley\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\28\c7d81c-5dce05fc.
Infection: Trojan.Generic.KDV.824832
Action: The file was quarantined.

Error: (01/11/2013 11:43:02 AM) (Source: FSecure-FSecure-F-Secure Anti-Virus) (User: )
Description: 2 2013-01-11 11:43:01-03:00 HARTLEY-PC Hartley-PC\Hartley F-Secure Anti-Virus
Malicious code found in file C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0B11H23E\index[1].htm.
Infection: Trojan.JS.Agent.FRN


System errors:
=============
Error: (01/12/2013 09:42:04 AM) (Source: Disk) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (01/12/2013 09:39:20 AM) (Source: Disk) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (01/12/2013 09:39:18 AM) (Source: Disk) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (01/12/2013 09:39:15 AM) (Source: Disk) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (01/12/2013 09:39:13 AM) (Source: Disk) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (01/12/2013 09:39:10 AM) (Source: Disk) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (01/12/2013 09:39:07 AM) (Source: Disk) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (01/12/2013 09:39:05 AM) (Source: Disk) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (01/12/2013 09:39:02 AM) (Source: Disk) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (01/12/2013 09:34:55 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
ElbyCDIO


Microsoft Office Sessions:
=========================
Error: (12/16/2012 11:18:58 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 8 seconds with 0 seconds of active time. This session ended with a crash.

Error: (11/15/2012 04:49:04 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6661.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 6828 seconds with 60 seconds of active time. This session ended with a crash.

Error: (08/09/2012 11:23:50 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6661.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 3 seconds with 0 seconds of active time. This session ended with a crash.


=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
2007 Microsoft Office Suite Service Pack 3 (SP3)
Adobe Flash Player 11 ActiveX (Version: 11.5.502.146)
Adobe Flash Player 11 Plugin (Version: 11.5.502.146)
Adobe Reader X (10.1.3) (Version: 10.1.3)
AnyDVD (Version: 6.6.8.0)
ArcSoft VideoImpression 1.6FP
Bluetooth Stack for Windows by Toshiba (Version: v4.00.40(T))
CamStudio
CD/DVD Drive Acoustic Silencer (Version: 1.00.008)
CloneDVD2
Computer Security 12.56.100.0 (release) (Version: 12.56.100.0)
D3DX10 (Version: 15.4.2368.0902)
DVD-RAM Driver (Version: 5.0.2.5)
F-Secure CCF Reputation (Version: 1.0.25.1646)
F-Secure Launch pad (Version: 1.57.391.0)
F-Secure Network CCF 1.02.111 (Version: 1.02.111)
FinePixViewer Ver.2.0
FLV Player 2.0 (build 25) (Version: 2.0 (build 25))
FreeTorrentViewer (Version: 1.0.0.1)
FUJIFILM USB Driver
Garmin BaseCamp (Version: 3.1.3)
Garmin MapSource (Version: 6.16.3)
Garmin TOPO Canada v4 (Version: 4.0.0.0)
Garmin USB Drivers (Version: 1.0.0.0)
Garmin USB Drivers (Version: 2.3.0.0)
Google Earth (Version: 6.1.0.5001)
Google SketchUp 8 (Version: 3.0.14346)
Google Update Helper (Version: 1.3.21.123)
GPS TrackMaker (Version: 13.8.0000)
HydroBuddy (Version: 1.40)
Intel® PROSet/Wireless Software (Version: 10.50.0000)
InterVideo WinDVD Creator 2 (Version: 2.0.14.400)
InterVideo WinDVD for TOSHIBA (Version: 5.0-B11.561)
Java 7 Update 9 (Version: 7.0.90)
Java Auto Updater (Version: 2.1.9.0)
K-Lite Codec Pack 7.0.0 (Standard) (Version: 7.0.0)
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
mCore (Version: 7.05.0000)
mDrWiFi (Version: 7.05.0000)
mHelp (Version: 7.05.0000)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft IntelliPoint 8.0 (Version: 8.0.225.0)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Ultimate 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
mIWA (Version: 7.05.0000)
mLogView (Version: 7.05.0000)
mMHouse (Version: 7.05.0000)
Mozilla Firefox 18.0 (x86 en-US) (Version: 18.0)
Mozilla Maintenance Service (Version: 18.0)
mPfMgr (Version: 7.05.0000)
mPfWiz (Version: 7.05.0000)
mProSafe (Version: 9.00.0000)
MSVCRT (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 6.0 Parser (KB933579) (Version: 6.10.1200.0)
mWlsSafe (Version: 7.05.0000)
mXML (Version: 7.05.0000)
mZConfig (Version: 7.05.0000)
Nero 7 Ultra Edition (Version: 7.01.0741)
NVIDIA Drivers (Version: 1.3)
Online Safety 1.57.21440.0 (Version: 1.57.21440.0)
Open Freely (Version: 1.0)
OutBack Plus 7.0 (Version: 7.0)
Paint Shop Pro 7 (Version: 7.0.0.0000)
PCmover Professional (Version: 6.00.620.0)
QuickTime (Version: 7.4.1.14)
Realtek High Definition Audio Driver
SD Secure Module (Version: 1.0.4)
SolidWorks eDrawings 2012 (Version: 12.2.110)
Sonic Encoders (Version: 1.00)
Sony Noise Reduction Plug-In 2.0h (Version: 2.0.451)
Sony Sound Forge 9.0 (Version: 9.0.433)
Spybot - Search & Destroy (Version: 2.0.12)
SpywareBlaster 4.6 (Version: 4.6.0)
SuperCleaner
Synaptics Pointing Device Driver (Version: 11.2.4.0)
Tansee iPod Transfer v3.0
TeamViewer 6 (Version: 6.0.9947)
Texas Instruments PCIxx21/x515/xx12 drivers. (Version: 1.23.0000)
TIPCI (Version: 1.23.0000)
TOSHIBA ConfigFree (Version: 5.90.07)
TOSHIBA Controls
TOSHIBA Hotkey Utility (Version: 1.00.01ST)
TOSHIBA PC Diagnostic Tool (Version: 3.2.3)
TOSHIBA Power Saver (Version: 7.03.07.I)
TOSHIBA SD Memory Card Format (Version: 2.2.0.0)
TOSHIBA Software Modem (Version: 2.1.63 (SM2163ALD04))
TOSHIBA Speech System Applications
TOSHIBA Speech System SR Engine(U.S.) Version1.0
TOSHIBA Speech System TTS Engine(U.S.) Version1.0
Toshiba Tbiosdrv Driver
TOSHIBA TouchPad ON/Off Utility (Version: 1.00.01ST)
TOSHIBA Utilities (Version: 1.00.08ST)
TOSHIBA Virtual Sound
TOSHIBA Zooming Utility
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2760586) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VC 9.0 Runtime (Version: 1.0.0)
WebFldrs XP (Version: 9.50.7523)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0) (Version: 06/03/2009 2.3.0.0)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3508.1109)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Media Format 11 runtime
Windows Media Player 11
WinRAR archiver
WinZip (Version: 11.0 (7313))

========================= Memory info: ===================================

Percentage of memory in use: 38%
Total physical RAM: 2046.05 MB
Available physical RAM: 1262.95 MB
Total Pagefile: 4092.11 MB
Available Pagefile: 2848 MB
Total Virtual: 2047.88 MB
Available Virtual: 1936.09 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:148.95 GB) (Free:70.4 GB) NTFS

========================= Users: ========================================

User accounts for \\HARTLEY-PC

Administrator Guest Hartley
HelpAssistant SUPPORT_388945a0

========================= Restore Points ==================================

01-12-2012 22:49:08 Windows Update
11-12-2012 23:29:28 Windows Update
23-12-2012 06:42:18 Windows Update
09-01-2013 14:40:47 Windows Update
09-01-2013 23:16:54 Restore Operation
11-01-2013 09:19:59 S
11-01-2013 09:29:44 S

**** End of log ****


Farbar Service Scanner Version: 05-01-2013
Ran by Hartley (administrator) on 12-01-2013 at 09:52:46
Running from "C:\Users\Hartley\Desktop"
Windows 7 Professional Service Pack 1 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error. Google IP is offline
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.


Other Services:
==============
Checking Start type of iphlpsvc: ATTENTION!=====> Unable to retrieve start type of iphlpsvc. The value does not exist.
Checking ImagePath of iphlpsvc: ATTENTION!=====> Unable to retrieve ImagePath of iphlpsvc. The value does not exist.
Checking ServiceDll of iphlpsvc: ATTENTION!=====> Unable to retrieve ServiceDll of iphlpsvc. The value does not exist.


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcore.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys
[2012-11-15 18:08] - [2012-10-03 12:58] - 1293680 ____A (Microsoft Corporation) E23A56F843E2AEBBB209D0ACCA73C640

C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\ipnathlp.dll => MD5 is legit
C:\Windows\system32\iphlpsvc.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****


# AdwCleaner v2.105 - Logfile created 01/12/2013 at 09:55:12
# Updated 08/01/2013 by Xplode
# Operating system : Windows 7 Professional Service Pack 1 (32 bits)
# User : Hartley - HARTLEY-PC
# Boot Mode : Normal
# Running from : C:\Users\Hartley\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Program Files\Ask.com
Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\Users\Hartley\AppData\Local\Conduit
Folder Deleted : C:\Users\Hartley\AppData\Local\SanctionedMedia

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\AskToolbar
Key Deleted : HKCU\Software\SanctionedMedia
Key Deleted : HKLM\Software\Freeze.com
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.7601.17514

[OK] Registry is clean.

-\\ Mozilla Firefox v18.0 (en-US)

I couldn't get Junkware to download but everything else it here....



File : C:\Users\Hartley\AppData\Roaming\Mozilla\Firefox\Profiles\c7qgpf7k.default-1350080993632\prefs.js

[OK] File is clean.

File : C:\Users\Hartley\AppData\Roaming\Mozilla\Firefox\Profiles\yfh98m4t.default\prefs.js

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [1377 octets] - [12/01/2013 09:55:12]


Rkill 2.4.5 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 01/12/2013 10:08:40 AM in x86 mode.
Windows Version: Windows 7 Professional Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\Windows\SOUNDMAN.EXE (PID: 1764) [WD-HEUR]
* C:\Windows\RTHDCPL.EXE (PID: 1868) [WD-HEUR]
* C:\Windows\agrsmmsg.exe (PID: 2856) [WD-HEUR]

3 proccesses terminated!

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* WinDefend [Missing Service]
* wscsvc [Missing Service]

* iphlpsvc [Missing ImagePath]

Searching for Missing Digital Signatures:

* C:\Windows\System32\clipsrv.exe [NoSig]
+-> C:\Windows\System32\dllcache\clipsrv.exe : 33,280 : 04/13/2008 09:12 PM : 34cbe729f38138217f9c80212a2a0c82 [Pos Repl]

* C:\Windows\System32\eventlog.dll [NoSig]
+-> C:\Windows\ERDNT\cache\eventlog.dll : 56,320 : 04/13/2008 09:11 PM : 6d4feb43ee538fc5428cc7f0565aa656 [Pos Repl]
+-> C:\Windows\System32\dllcache\eventlog.dll : 56,320 : 04/13/2008 09:11 PM : 6d4feb43ee538fc5428cc7f0565aa656 [Pos Repl]

* C:\Windows\System32\msgsvc.dll [NoSig]
+-> C:\Windows\ERDNT\cache\msgsvc.dll : 33,792 : 04/13/2008 09:11 PM : 986b1ff5814366d71e0ac5755c88f2d3 [Pos Repl]
+-> C:\Windows\System32\dllcache\msgsvc.dll : 33,792 : 04/13/2008 09:11 PM : 986b1ff5814366d71e0ac5755c88f2d3 [Pos Repl]

* C:\Windows\System32\mspmsnsv.dll [NoSig]
+-> C:\Windows\ERDNT\cache\mspmsnsv.dll : 27,136 : 10/18/2006 10:47 PM : c51b4a5c05a5475708e3c81c7765b71d [Pos Repl]
+-> C:\Windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}\MsPMSNSv.dll : 25,088 : 08/03/2005 11:29 PM : b9715b9c18bc6c8f4b66733d208cc9f7 [Pos Repl]
+-> C:\Windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}$BACKUP$\System\MsPMSNSv.dll : 25,088 : 08/10/2004 00:00 AM : 6eaa72fd9ef993ec1fa9a06de65105da [Pos Repl]
+-> C:\Windows\System32\dllcache\mspmsnsv.dll : 27,136 : 10/18/2006 10:47 PM : c51b4a5c05a5475708e3c81c7765b71d [Pos Repl]

* C:\Windows\System32\ntmssvc.dll [NoSig]
+-> C:\Windows\ERDNT\cache\ntmssvc.dll : 435,200 : 04/13/2008 09:12 PM : 156f64a3345bd23c600655fb4d10bc08 [Pos Repl]
+-> C:\Windows\System32\dllcache\ntmssvc.dll : 435,200 : 04/13/2008 09:12 PM : 156f64a3345bd23c600655fb4d10bc08 [Pos Repl]

* C:\Windows\System32\oakley.dll [NoSig]
+-> C:\Windows\System32\dllcache\oakley.dll : 270,336 : 10/13/2009 09:30 AM : c5ff8682eada5b3b27a865f1c3ef9270 [Pos Repl]

* C:\Windows\System32\sfcfiles.dll [NoSig]
+-> C:\Windows\ERDNT\cache\sfcfiles.dll : 1,614,848 : 04/13/2008 09:12 PM : 9dd07af82244867ca36681ea2d29ce79 [Pos Repl]
+-> C:\Windows\System32\dllcache\sfcfiles.dll : 1,614,848 : 04/13/2008 09:12 PM : 9dd07af82244867ca36681ea2d29ce79 [Pos Repl]

* C:\Windows\System32\srsvc.dll [NoSig]
+-> C:\Windows\ERDNT\cache\srsvc.dll : 171,008 : 04/13/2008 09:12 PM : 3805df0ac4296a34ba4bf93b346cc378 [Pos Repl]
+-> C:\Windows\System32\dllcache\srsvc.dll : 171,008 : 04/13/2008 09:12 PM : 3805df0ac4296a34ba4bf93b346cc378 [Pos Repl]

* C:\Windows\System32\wscntfy.exe [NoSig]
+-> C:\Windows\ERDNT\cache\wscntfy.exe : 13,824 : 04/13/2008 09:12 PM : f92e1076c42fcd6db3d72d8cfe9816d5 [Pos Repl]
+-> C:\Windows\System32\dllcache\wscntfy.exe : 13,824 : 04/13/2008 09:12 PM : f92e1076c42fcd6db3d72d8cfe9816d5 [Pos Repl]

* C:\Windows\System32\xmlprov.dll [NoSig]
+-> C:\Windows\ERDNT\cache\xmlprov.dll : 129,024 : 04/13/2008 09:12 PM : 295d21f14c335b53cb8154e5b1f892b9 [Pos Repl]
+-> C:\Windows\System32\dllcache\xmlprov.dll : 129,024 : 04/13/2008 09:12 PM : 295d21f14c335b53cb8154e5b1f892b9 [Pos Repl]

Checking HOSTS File:

* No issues found.

Program finished at: 01/12/2013 10:10:55 AM
Execution time: 0 hours(s), 2 minute(s), and 15 seconds(s)

"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "AGRSMMSG" "SoftModem Messaging Applet" "Agere Systems" "c:\windows\agrsmmsg.exe"
+ "Alcmtr" "Realtek Azalia Audio - Event Monitor" "Realtek Semiconductor Corp." "c:\windows\alcmtr.exe"
+ "AlcWzrd" "RealTek AlcWzrd Application" "RealTek Semicoductor Corp." "c:\windows\alcwzrd.exe"
+ "CFSServ.exe" "ConfigFree™ Search for Wireless Devices Version 5.90" "TOSHIBA CORPORATION" "C:\Program Files\TOSHIBA\ConfigFree\CFSServ.exe"
+ "DLA" "" "" "File not found: C:\WINDOWS\System32\DLA\DLACTRLW.EXE"
+ "F-Secure Hoster (666)" "F-Secure Host Process" "F-Secure Corporation" "c:\program files\f-secure\fshoster32.exe"
+ "F-Secure Manager" "F-Secure Settings and Statistics" "F-Secure Corporation" "c:\program files\f-secure\apps\computersecurity\common\fsm32.exe"
+ "IntelliPoint" "IPoint.exe" "Microsoft Corporation" "c:\program files\microsoft intellipoint\ipoint.exe"
+ "IntelWireless" "Intel Framework MFC Application" "Intel Corporation" "c:\program files\intel\wireless\bin\ifrmewrk.exe"
+ "IntelZeroConfig" "ZeroCfgSvc MFC Application" "Intel Corporation" "c:\program files\intel\wireless\bin\zcfgsvc.exe"
+ "LtMoh" "LtMoh MFC Application" "Agere Systems" "c:\program files\ltmoh\ltmoh.exe"
+ "NvCplDaemon" "NVIDIA Display Properties Extension" "NVIDIA Corporation" "c:\windows\system32\nvcpl.dll"
+ "NvMediaCenter" "NVIDIA Media Center Library" "NVIDIA Corporation" "c:\windows\system32\nvmctray.dll"
+ "NVRotateSysTray" "NVIDIA nView Control Panel, Version 84.68 " "NVIDIA Corporation" "c:\windows\system32\nvsysrot.dll"
+ "nwiz" "NVIDIA nView Wizard, Version 110.33 " "NVIDIA Corporation" "c:\windows\system32\nwiz.exe"
+ "REGSHAVE" "Shaving Registry" "FUJI PHOTO FILM CO., LTD." "c:\program files\regshave\regshave.exe"
+ "RTHDCPL" "Realtek HD Audio Control Panel" "Realtek Semiconductor Corp." "c:\windows\rthdcpl.exe"
+ "SDTray" "Spybot - Search & Destroy tray access" "Safer-Networking Ltd." "c:\program files\spybot - search & destroy 2\sdtray.exe"
+ "SmoothView" "SmoothView" "TOSHIBA Corporation" "c:\program files\toshiba\toshiba zooming utility\smoothview.exe"
+ "SoundMan" "Realtek Sound Manager" "Realtek Semiconductor Corp." "c:\windows\soundman.exe"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files\common files\java\java update\jusched.exe"
+ "SynTPEnh" "Synaptics TouchPad Enhancements" "Synaptics, Inc." "c:\program files\synaptics\syntp\syntpenh.exe"
+ "THotkey" "Hotkey Utility" "TOSHIBA" "c:\program files\toshiba\toshiba applet\thotkey.exe"
+ "TPSMain" "" "" ""
+ "Tvs" "TOSHIBA Virtual Sound Taskbar Module" "TOSHIBA Corporation" "c:\program files\toshiba\tvs\tvstray.exe"
+ "Windows Defender" "Windows Defender User Interface" "Microsoft Corporation" "c:\program files\windows defender\msascui.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "EazyScheduler" "AJSystems Backup Scheduler" "AJSystems.com Inc." "c:\program files\eazy-ware\ezsched.exe"
+ "Spybot-S&D Cleaning" "Search results cleaner" "Safer-Networking Ltd." "c:\program files\spybot - search & destroy 2\sdcleaner.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office12\msoxmlmf.dll"
"HKLM\SOFTWARE\Classes\Protocols\Handler" "" "" ""
+ "ms-help" "Microsoft® Help Data Services Module" "Microsoft Corporation" "c:\program files\common files\microsoft shared\help\hxds.dll"
+ "wlpg" "Windows Live Album Download Protocol Handler" "Microsoft Corporation" "c:\program files\windows live\photo gallery\albumdownloadprotocolhandler.dll"
"HKCU\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components" "" "" ""
+ "0" "" "" "File not found: About:Home"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "FSAV Shell Extension" "FSAV Shell Extension Dll" "F-Secure Corporation" "c:\program files\f-secure\apps\computersecurity\common\fpshx.dll"
+ "NBShellHook Class" "Nero BackItUp Application" "Nero AG" "c:\program files\nero\nero 7\nero backitup\nbshell.dll"
+ "SDECon32" "Windows Explorer context menu integration" "Safer-Networking Ltd." "c:\program files\spybot - search & destroy 2\sdecon32.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing LP" "c:\program files\winzip\wzshlstb.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing LP" "c:\program files\winzip\wzshlstb.dll"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing LP" "c:\program files\winzip\wzshlstb.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
+ "NvCplDesktopContext" "NVIDIA Display Properties Extension" "NVIDIA Corporation" "c:\windows\system32\nvcpl.dll"
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "NeroDigitalColumnHandler Class" "Nero Digital Shell Extension" "Nero AG" "c:\program files\common files\ahead\lib\nerodigitalext.dll"
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "FSAV Shell Extension" "FSAV Shell Extension Dll" "F-Secure Corporation" "c:\program files\f-secure\apps\computersecurity\common\fpshx.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
+ "NBShellHook Class" "Nero BackItUp Application" "Nero AG" "c:\program files\nero\nero 7\nero backitup\nbshell.dll"
+ "SDECon32" "Windows Explorer context menu integration" "Safer-Networking Ltd." "c:\program files\spybot - search & destroy 2\sdecon32.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing LP" "c:\program files\winzip\wzshlstb.dll"
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "NBShellHook" "Nero BackItUp Application" "Nero AG" "c:\program files\nero\nero 7\nero backitup\nbshell.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing LP" "c:\program files\winzip\wzshlstb.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "Browsing Protection Class" "Litmus" "F-Secure Corporation" "c:\program files\f-secure\apps\onlinesafety\bpp\iescript\baselitmus.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files\java\jre7\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files\java\jre7\bin\ssv.dll"
+ "Spybot-S&D IE Protection" "Blocks URLs that could install spyware, malware etc." "Safer-Networking Ltd." "c:\program files\spybot - search & destroy 2\sdhelper.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "Browsing Protection Bar" "Litmus" "F-Secure Corporation" "c:\program files\f-secure\apps\onlinesafety\bpp\iescript\baselitmus.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "Spybot - Search && Destroy Configuration" "Blocks URLs that could install spyware, malware etc." "Safer-Networking Ltd." "c:\program files\spybot - search & destroy 2\sdhelper.dll"
"Task Scheduler" "" "" ""
+ "\elbyExecuteWithUAC" "ElbyCDIO install helper process" "" "c:\program files\elaborate bytes\clonedvd2\executewithuac.exe"
+ "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task" "Windows Live Social Object Extractor Engine" "Microsoft Corporation" "c:\program files\windows live\soxe\wlsoxe.dll"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
+ "\Microsoft_Hardware_Launch_IPoint_exe" "IPoint.exe" "Microsoft Corporation" "c:\program files\microsoft intellipoint\ipoint.exe"
+ "\OutBack_Plus_Update_Check" "Live Update Utility" "AJSystems.com Inc." "c:\program files\ajsystems common\liveupd4.exe"
+ "\Safer-Networking\Spybot - Search and Destroy\Refresh immunization" "Pro-active browser protection" "Safer-Networking Ltd." "c:\program files\spybot - search & destroy 2\sdimmunize.exe"
+ "\Safer-Networking\Spybot - Search and Destroy\Scan the system" "Malware Scanner" "Safer-Networking Ltd." "c:\program files\spybot - search & destroy 2\sdscan.exe"
+ "\SpyHunter4" "" "" "File not found: C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe"
+ "\{4A505AAF-B2B2-4025-A039-85C6E076E66D}" "" "" "c:\program files\hydrobuddy\hydrobuddy.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AdobeARMservice" "Adobe Acrobat Updater keeps your Adobe software up to date." "Adobe Systems Incorporated" "c:\program files\common files\adobe\arm\1.0\armsvc.exe"
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\system32\macromed\flash\flashplayerupdateservice.exe"
+ "CFSvcs" "Service of ConfigFree." "TOSHIBA CORPORATION" "c:\program files\toshiba\configfree\cfsvcs.exe"
+ "EvtEng" "Manages the event trace messages for all the components of Intel® PROSet/Wireless software." "Intel Corporation" "c:\program files\intel\wireless\bin\evteng.exe"
+ "FSDFWD" "F-Secure Anti-Virus Firewall Daemon" "F-Secure Corporation" "c:\program files\f-secure\apps\computersecurity\fwes\program\fsdfwd.exe"
+ "fshoster" "F-Secure Dll Hoster Service" "F-Secure Corporation" "c:\program files\f-secure\fshoster32.exe"
+ "FSMA" "F-Secure Management Agent" "F-Secure Corporation" "c:\program files\f-secure\apps\computersecurity\common\fsma32.exe"
+ "FSORSPClient" "F-Secure ORSP Service" "F-Secure Corporation" "c:\program files\f-secure\apps\ccf_reputation\fsorsp.exe"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "MBAMScheduler" "Malwarebytes Anti-Malware scheduler" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamscheduler.exe"
+ "MBAMService" "Malwarebytes Anti-Malware service" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamservice.exe"
+ "MozillaMaintenance" "The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled." "Mozilla Foundation" "c:\program files\mozilla maintenance service\maintenanceservice.exe"
+ "nvsvc" "Provides system and desktop level support to the NVIDIA display driver" "NVIDIA Corporation" "c:\windows\system32\nvvsvc.exe"
+ "odserv" "Run portions of Microsoft Office Diagnostics." "Microsoft Corporation" "c:\program files\common files\microsoft shared\office12\odserv.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files\common files\microsoft shared\source engine\ose.exe"
+ "RegSrvc" "Intel® PROSet/Wireless Registry Service" "Intel Corporation" "c:\program files\intel\wireless\bin\regsrvc.exe"
+ "S24EventMonitor" "Wireless Management Service for Intel® PROSet/Wireless" "Intel Corporation " "c:\program files\intel\wireless\bin\s24evmon.exe"
+ "SDScannerService" "Offers malware scanning services to Spybot-S&D modules." "Safer-Networking Ltd." "c:\program files\spybot - search & destroy 2\sdfssvc.exe"
+ "SDUpdateService" "Downloads Spybot updates and installs them." "Safer-Networking Ltd." "c:\program files\spybot - search & destroy 2\sdupdsvc.exe"
+ "SDWSCService" "Integrates Spybot into the Windows Security Center." "Safer-Networking Ltd." "c:\program files\spybot - search & destroy 2\sdwscsvc.exe"
+ "TAPPSRV" "TOSHIBA Application Service for Common Module" "TOSHIBA Corp." "c:\program files\toshiba\toshiba applet\tappsrv.exe"
+ "TeamViewer6" "TeamViewer Remote Software" "TeamViewer GmbH" "c:\program files\teamviewer\version6\teamviewer_service.exe"
+ "wlidsvc" "Enables Windows Live ID authentication." "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "AgereSoftModem" "SoftModem Device Driver" "LSI Corp" "c:\windows\system32\drivers\agrsm.sys"
+ "aic78xx" "Adaptec Ultra SCSI miniport" "Adaptec, Inc." "c:\windows\system32\drivers\djsvs.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows family" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "AnyDVD" "AnyDVD Filter Driver" "SlySoft, Inc." "c:\windows\system32\drivers\anydvd.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbdx.sys"
+ "b57nd60x" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60x.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "E100B" "Intel® PRO/100 Adapter NDIS 5.1 driver" "Intel Corporation" "c:\windows\system32\drivers\e100b325.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbdx.sys"
+ "ElbyCDIO" "ElbyCD Windows NT/2000/XP I/O driver" "Elaborate Bytes AG" "c:\windows\system32\drivers\elbycdio.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "esgiguard" "" "" "File not found: C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys"
+ "F-Secure Gatekeeper" "F-Secure Gatekeeper" "F-Secure Corporation" "c:\program files\f-secure\apps\computersecurity\anti-virus\minifilter\fsgk.sys"
+ "F-Secure HIPS" "F-Secure HIPS Driver" "F-Secure Corporation" "c:\program files\f-secure\apps\computersecurity\hips\drivers\fshs.sys"
+ "fsbts" "fsbts" "F-Secure Corporation" "c:\windows\system32\drivers\fsbts.sys"
+ "fsccsys1346933087" "F-Secure Content Control Driver, 32 bit" "F-Secure Corporation" "c:\windows\system32\drivers\fsccsys.sys"
+ "FSES" "F-Secure Email Scanning Driver (32 bit)" "F-Secure Corporation" "c:\windows\system32\drivers\fses.sys"
+ "FSFW" "F-Secure Internet Shield Driver (32 bit)" "F-Secure Corporation" "c:\windows\system32\drivers\fsdfw.sys"
+ "fsvista" "F-Secure Vista Support Driver" "F-Secure Corporation" "c:\program files\f-secure\apps\computersecurity\anti-virus\minifilter\fsvista.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - ia32" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "MBAMProtector" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\windows\system32\drivers\mbam.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7 for x86" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "netw5v32" "Intel® Wireless WiFi Link Driver" "Intel Corporation" "c:\windows\system32\drivers\netw5v32.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "nvlddmkm" "NVIDIA Compatible Windows Vista Kernel Mode Driver, Version 179.67 " "NVIDIA Corporation" "c:\windows\system32\drivers\nvlddmkm.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "s24trans" "WLAN Transport" "Intel Corporation" "c:\windows\system32\drivers\s24trans.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "SynTP" "Synaptics Touchpad Driver" "Synaptics, Inc." "c:\windows\system32\drivers\syntp.sys"
+ "TBiosDrv" "" "" "c:\windows\system32\drivers\tbiosdrv.sys"
+ "tifm21" "tifm21.sys" "Texas Instruments" "c:\windows\system32\drivers\tifm21.sys"
+ "tosrfec" "TOSHIBA Bluetooth EC Driver" "TOSHIBA Corporation" "c:\windows\system32\drivers\tosrfec.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.iac2" "Indeo® audio software" "Intel Corporation" "c:\windows\system32\iac25_32.ax"
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
+ "msacm.sl_anet" "Audio codec for MS ACM" "Sipro Lab Telecom Inc." "c:\windows\system32\sl_anet.acm"
+ "msacm.trspch" "DSP Group TrueSpeech™ Audio Codec for MSACM V3.50" "DSP GROUP, INC." "c:\windows\system32\tssoft32.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\system32\iccvid.dll"
+ "vidc.iv31" "" "Intel® Corporation" "c:\windows\system32\ir32_32.dll"
+ "vidc.iv32" "" "Intel® Corporation" "c:\windows\system32\ir32_32.dll"
+ "vidc.iv41" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "vidc.iv50" "Intel Indeo® video 5.10" "Intel Corporation" "c:\windows\system32\ir50_32.dll"
"HKLM\Software\Classes\Filter" "" "" ""
+ "Indeo® video 4.4 Compression Filter" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "Indeo® video 4.4 Compression Filter" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "Indeo® video 4.4 Decompression Filter" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "Indeo® video 4.4 Decompression Filter" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "Sony Acoustic Mirror" "Sony Acoustic Mirror" "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfmirror.dll"
+ "Sony Acoustic Mirror" "Sony Acoustic Mirror" "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfmirror.dll"
+ "Sony Amplitude Modulation" "Sony XFX 3 Plug-In Pack" "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfppack3.dll"
+ "Sony Amplitude Modulation" "Sony XFX 3 Plug-In Pack" "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfppack3.dll"
+ "Sony Audio Restoration" "Sony Noise Reduction Plug-In Pack" "Sony Creative Software Inc." "c:\program files\sony\noise reduction plug-in\sfnrpack.dll"
+ "Sony Audio Restoration" "Sony Noise Reduction Plug-In Pack" "Sony Creative Software Inc." "c:\program files\sony\noise reduction plug-in\sfnrpack.dll"
+ "Sony Chorus" "Sony XFX 1 Plug-In Pack " "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfppack1.dll"
+ "Sony Chorus" "Sony XFX 1 Plug-In Pack " "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfppack1.dll"
+ "Sony Click and Crackle Removal" "Sony Noise Reduction Plug-In Pack" "Sony Creative Software Inc." "c:\program files\sony\noise reduction plug-in\sfnrpack.dll"
+ "Sony Click and Crackle Removal" "Sony Noise Reduction Plug-In Pack" "Sony Creative Software Inc." "c:\program files\sony\noise reduction plug-in\sfnrpack.dll"
+ "Sony Clipped Peak Restoration" "Sony Noise Reduction Plug-In Pack" "Sony Creative Software Inc." "c:\program files\sony\noise reduction plug-in\sfnrpack.dll"
+ "Sony Clipped Peak Restoration" "Sony Noise Reduction Plug-In Pack" "Sony Creative Software Inc." "c:\program files\sony\noise reduction plug-in\sfnrpack.dll"
+ "Sony Distortion" "Sony XFX 3 Plug-In Pack" "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfppack3.dll"
+ "Sony Distortion" "Sony XFX 3 Plug-In Pack" "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfppack3.dll"
+ "Sony ExpressFX Amplitude Modulation" "Sony ExpressFX 2 " "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfxpfx2.dll"
+ "Sony ExpressFX Amplitude Modulation" "Sony ExpressFX 2 " "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfxpfx2.dll"
+ "Sony ExpressFX Chorus" "Sony ExpressFX 2 " "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfxpfx2.dll"
+ "Sony ExpressFX Chorus" "Sony ExpressFX 2 " "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfxpfx2.dll"
+ "Sony ExpressFX Delay" "Sony ExpressFX 2 " "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfxpfx2.dll"
+ "Sony ExpressFX Delay" "Sony ExpressFX 2 " "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfxpfx2.dll"
+ "Sony ExpressFX Distortion" "Sony ExpressFX 1" "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfxpfx1.dll"
+ "Sony ExpressFX Distortion" "Sony ExpressFX 1" "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfxpfx1.dll"
+ "Sony ExpressFX Dynamics" "Sony ExpressFX 3 " "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfxpfx3.dll"
+ "Sony ExpressFX Dynamics" "Sony ExpressFX 3 " "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfxpfx3.dll"
+ "Sony ExpressFX Equalization" "Sony ExpressFX 2 " "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfxpfx2.dll"
+ "Sony ExpressFX Equalization" "Sony ExpressFX 2 " "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfxpfx2.dll"
+ "Sony ExpressFX Flange/Wah-Wah" "Sony ExpressFX 1" "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfxpfx1.dll"
+ "Sony ExpressFX Flange/Wah-Wah" "Sony ExpressFX 1" "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfxpfx1.dll"
+ "Sony ExpressFX Graphic EQ" "Sony ExpressFX 3 " "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfxpfx3.dll"
+ "Sony ExpressFX Graphic EQ" "Sony ExpressFX 3 " "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfxpfx3.dll"
+ "Sony ExpressFX Noise Gate" "Sony ExpressFX 3 " "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfxpfx3.dll"
+ "Sony ExpressFX Noise Gate" "Sony ExpressFX 3 " "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfxpfx3.dll"
+ "Sony ExpressFX Reverb" "Sony ExpressFX 1" "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfxpfx1.dll"
+ "Sony ExpressFX Reverb" "Sony ExpressFX 1" "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfxpfx1.dll"
+ "Sony ExpressFX Stutter" "Sony ExpressFX 1" "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfxpfx1.dll"
+ "Sony ExpressFX Stutter" "Sony ExpressFX 1" "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfxpfx1.dll"
+ "Sony ExpressFX Time Stretch" "Sony ExpressFX 3 " "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfxpfx3.dll"
+ "Sony ExpressFX Time Stretch" "Sony ExpressFX 3 " "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfxpfx3.dll"
+ "Sony Flange/Wah-wah" "Sony XFX 3 Plug-In Pack" "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfppack3.dll"
+ "Sony Flange/Wah-wah" "Sony XFX 3 Plug-In Pack" "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfppack3.dll"
+ "Sony Gapper/Snipper" "Sony XFX 3 Plug-In Pack" "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfppack3.dll"
+ "Sony Gapper/Snipper" "Sony XFX 3 Plug-In Pack" "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfppack3.dll"
+ "Sony Graphic Dynamics" "Sony XFX 2 Plug-In Pack" "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfppack2.dll"
+ "Sony Graphic Dynamics" "Sony XFX 2 Plug-In Pack" "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfppack2.dll"
+ "Sony Graphic EQ" "Sony XFX 2 Plug-In Pack" "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfppack2.dll"
+ "Sony Graphic EQ" "Sony XFX 2 Plug-In Pack" "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfppack2.dll"
+ "Sony Multi-Band Dynamics" "Sony XFX 2 Plug-In Pack" "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfppack2.dll"
+ "Sony Multi-Band Dynamics" "Sony XFX 2 Plug-In Pack" "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfppack2.dll"
+ "Sony Multi-Tap Delay" "Sony XFX 1 Plug-In Pack " "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfppack1.dll"
+ "Sony Multi-Tap Delay" "Sony XFX 1 Plug-In Pack " "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfppack1.dll"
+ "Sony Noise Gate" "Sony XFX 2 Plug-In Pack" "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfppack2.dll"
+ "Sony Noise Gate" "Sony XFX 2 Plug-In Pack" "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfppack2.dll"
+ "Sony Noise Reduction" "Sony Noise Reduction Plug-In Pack" "Sony Creative Software Inc." "c:\program files\sony\noise reduction plug-in\sfnrpack.dll"
+ "Sony Noise Reduction" "Sony Noise Reduction Plug-In Pack" "Sony Creative Software Inc." "c:\program files\sony\noise reduction plug-in\sfnrpack.dll"
+ "Sony Pan" "Sound Forge Pan and Volume 1" "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sffrgpnv.dll"
+ "Sony Pan" "Sound Forge Pan and Volume 1" "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sffrgpnv.dll"
+ "Sony Paragraphic EQ" "Sony XFX 2 Plug-In Pack" "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfppack2.dll"
+ "Sony Paragraphic EQ" "Sony XFX 2 Plug-In Pack" "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfppack2.dll"
+ "Sony Parametric EQ" "Sony XFX 2 Plug-In Pack" "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfppack2.dll"
+ "Sony Parametric EQ" "Sony XFX 2 Plug-In Pack" "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfppack2.dll"
+ "Sony Pitch Shift" "Sony XFX 1 Plug-In Pack " "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfppack1.dll"
+ "Sony Pitch Shift" "Sony XFX 1 Plug-In Pack " "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfppack1.dll"
+ "Sony Reverb" "Sony XFX 1 Plug-In Pack " "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfppack1.dll"
+ "Sony Reverb" "Sony XFX 1 Plug-In Pack " "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfppack1.dll"
+ "Sony Simple Delay" "Sony XFX 1 Plug-In Pack " "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfppack1.dll"
+ "Sony Simple Delay" "Sony XFX 1 Plug-In Pack " "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfppack1.dll"
+ "Sony Smooth/Enhance" "Sony XFX 3 Plug-In Pack" "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfppack3.dll"
+ "Sony Smooth/Enhance" "Sony XFX 3 Plug-In Pack" "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfppack3.dll"
+ "Sony Time Stretch" "Sony XFX 1 Plug-In Pack " "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfppack1.dll"
+ "Sony Time Stretch" "Sony XFX 1 Plug-In Pack " "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfppack1.dll"
+ "Sony Vibrato" "Sony XFX 3 Plug-In Pack" "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfppack3.dll"
+ "Sony Vibrato" "Sony XFX 3 Plug-In Pack" "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfppack3.dll"
+ "Sony Volume" "Sound Forge Pan and Volume 1" "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sffrgpnv.dll"
+ "Sony Volume" "Sound Forge Pan and Volume 1" "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sffrgpnv.dll"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "Audio Destination" "WAVDest Filter (Sample)" "Microsoft Corporation" "c:\program files\google\google earth\client\wavdest.ax"
+ "Capture File Writer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "DirectVobSub" "VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth" "Gabest" "c:\program files\k-lite codec pack\filters\vsfilter.dll"
+ "DirectVobSub (auto-loading version)" "VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth" "Gabest" "c:\program files\k-lite codec pack\filters\vsfilter.dll"
+ "ffdshow Audio Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\k-lite codec pack\ffdshow\ffdshow.ax"
+ "ffdshow Audio Processor" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\k-lite codec pack\ffdshow\ffdshow.ax"
+ "ffdshow DXVA Video Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\k-lite codec pack\ffdshow\ffdshow.ax"
+ "ffdshow raw video filter" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\k-lite codec pack\ffdshow\ffdshow.ax"
+ "ffdshow subtitles filter" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\k-lite codec pack\ffdshow\ffdshow.ax"
+ "ffdshow Video Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\k-lite codec pack\ffdshow\ffdshow.ax"
+ "Haali Matroska Muxer" "Haali Media Splitter" "" "c:\program files\k-lite codec pack\filters\haali\splitter.ax"
+ "Haali Media Splitter" "Haali Media Splitter" "" "c:\program files\k-lite codec pack\filters\haali\splitter.ax"
+ "Haali Media Splitter (AR)" "Haali Media Splitter" "" "c:\program files\k-lite codec pack\filters\haali\splitter.ax"
+ "Haali Simple Media Splitter" "Haali Media Splitter" "" "c:\program files\k-lite codec pack\filters\haali\splitter.ax"
+ "Haali Video Renderer" "" "" "c:\program files\k-lite codec pack\filters\haali\dxr.dll"
+ "Haali Video Sink" "Haali Media Splitter" "" "c:\program files\k-lite codec pack\filters\haali\splitter.ax"
+ "madFlac Decoder" "DirectShow FLAC Decoder" "www.madshi.net" "c:\program files\k-lite codec pack\filters\madflac.ax"
+ "madFlac Source" "DirectShow FLAC Decoder" "www.madshi.net" "c:\program files\k-lite codec pack\filters\madflac.ax"
+ "MPC - FLV Source (Gabest)" "FLV Splitter" "MPC-HC Team" "c:\program files\k-lite codec pack\filters\flvsplitter.ax"
+ "MPC - FLV Splitter (Gabest)" "FLV Splitter" "MPC-HC Team" "c:\program files\k-lite codec pack\filters\flvsplitter.ax"
+ "MPC - MP4 Source" "MP4 Splitter" "MPC-HC Team" "c:\program files\k-lite codec pack\filters\mp4splitter.ax"
+ "MPC - MP4 Splitter" "MP4 Splitter" "MPC-HC Team" "c:\program files\k-lite codec pack\filters\mp4splitter.ax"
+ "MPC - Mpeg Source (Gabest)" "Mpeg Splitter" "MPC-HC Team" "c:\program files\k-lite codec pack\filters\mpegsplitter.ax"
+ "MPC - Mpeg Splitter (Gabest)" "Mpeg Splitter" "MPC-HC Team" "c:\program files\k-lite codec pack\filters\mpegsplitter.ax"
+ "MPC - MPEG4 Video Source" "MP4 Splitter" "MPC-HC Team" "c:\program files\k-lite codec pack\filters\mp4splitter.ax"
+ "MPC - MPEG4 Video Splitter" "MP4 Splitter" "MPC-HC Team" "c:\program files\k-lite codec pack\filters\mp4splitter.ax"
+ "Record Queue" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WavPack Audio Decoder" "WavPack Audio DirectShow Decoder" "-" "c:\program files\k-lite codec pack\filters\wavpackdsdecoder.ax"
+ "WavPack Audio Splitter" "WavPack Audio DirectShow Splitter" "-" "c:\program files\k-lite codec pack\filters\wavpackdssplitter.ax"
+ "WM VIH2 Fix" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT DV Extract Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options" "" "" ""
+ "Your Image File Name Here without a path" "" "" ""
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" "" "" ""
+ "WLIDCredentialProvider" "Microsoft® Windows Live ID Credential Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "SDWinLogon" "" "" "File not found: SDWinLogon.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
"C:\Users\Hartley\AppData\Local\Microsoft\Windows Sidebar\Settings.ini" "" "" ""
+ "Protection Status" "See your computer's protection status. This requires supported security software." "F-secure Corporation" "C:\Program Files\windows sidebar\gadgets\F-Secure.Gadget\Gadget.xml"




########## EOF - C:\AdwCleaner[S1].txt - [1437 octets] ##########

#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:36 PM

Posted 12 January 2013 - 09:20 AM

Run the services repair tool

http://kb.eset.com/library/ESET/KB%20Team%20Only/Malware/ServicesRepair.exe

Run Farbar service scanner again and post the new log

I could find lot of disk errors which relates to a failing harddrive.

Error: (01/12/2013 09:42:04 AM) (Source: Disk) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.


You should test it using your manufacturer testing tools.You can read about it here

http://www.bleepingcomputer.com/forums/topic28744.html

If you have any more issues let me know.

#8 hobo698

hobo698
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:11:36 PM

Posted 12 January 2013 - 10:35 AM

I'll check out the tools and see what happens and post it back here after.
For now I think I'll back everything up again and look and see if I can find a hard drive and some ram for it at a decent price.
If not, I'll just scrap it and get a new laptop.
This one has been almost bulletproof until now so I kind of hate to do that.

Defender still comes up on a reboot for some reason and I can't seem to figure out what it is missing.
Also, I have to run outlook as admin now to get it to open.

Farbar Service Scanner Version: 05-01-2013
Ran by Hartley (administrator) on 12-01-2013 at 11:24:00
Running from "C:\Users\Hartley\Desktop"
Windows 7 Professional Service Pack 1 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error. Google IP is offline
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcore.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys
[2012-11-15 18:08] - [2012-10-03 12:58] - 1293680 ____A (Microsoft Corporation) E23A56F843E2AEBBB209D0ACCA73C640

C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\ipnathlp.dll => MD5 is legit
C:\Windows\system32\iphlpsvc.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****

#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:36 PM

Posted 12 January 2013 - 10:54 AM

Did you reboot after running services repair tool?

I dont find any issues with windows defender now.

Windows defender is basically a crap one and you can disable it

Press Windows+R key and type

services.msc and click ok

Right click on windows defender and disable it.

Regarding outlook issue,does that happen in any other accounts?

Can you reinstall microsoft office 2007 again see if that helps?

Edited by narenxp, 12 January 2013 - 10:55 AM.


#10 hobo698

hobo698
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:11:36 PM

Posted 12 January 2013 - 11:33 AM

I had disabled defender a while back because as you say, it is crap.
It just started coming up again at boot up.
It says a problem has caused the service to start.
So when I try to start it I get an error code.
I just disabled it again and will try another restart and see what happens.

I was getting an error with Word as well but when I clicked on OK it opened and worked fine.
It doesn't do that now.

If I figure out how to change from admin on outlook it may work ok now as well.
If not, I'll reinstall it and try that.

Nvidia and hotkey are still showing up in the taskbar and I can't shut them off....hotkey still has a circle with a line through it.
They don't really matter as long as they are not doing anything.

Just one other thing that doesn't seem to be working....
When I try to clear recent history in firefox it doesn't come up and it doesn't work if I try it in options either.
Maybe I should uninstall and reinstall that too?


The only thing is I'm not sure how to save my bookmarks.

Other than that, everything seems to be working

#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:36 PM

Posted 12 January 2013 - 01:54 PM

Try this

Export your bookmarks from firefox

http://support.mozilla.org/en-US/kb/export-firefox-bookmarks-to-backup-or-transfer

After exporting it

Uninstall firefox

Makesure to checkmark Remove my personal data option

Reinstall firefox and import your bookmarks

Let me know if that helps

#12 hobo698

hobo698
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:11:36 PM

Posted 12 January 2013 - 06:33 PM

Uninstalled Firefox, reinstalled and everything seems fine with it and once I took a look, I remembered how to export and import the bookmarks.
Defender was off so I started it again and it still comes up so I updated it, ran a scan, bleep it off and restarted the computer and it STILL comes up at start-up for some reason.
Whatever, I'll live with it until I find a way to axe it.
It's only at start-up anyway and it closes out.
I've yet to redo office just because I haven't gotten around to digging for the disc yet.

Other than that, everything works fine.
Thanks so much, I was almost ready to give up on it.

I wonder what I would run that may have prevented the virus in the first place?
I've got F-secure and spybot and both are always up to date.
Plus I leave windows firewall on.
I used to have malwarebytes but it let stuff in a year or so back so I let it run out.
Maybe nothing is secure all the time.

Anyway, again....THANK-YOU :thumbsup:
I'll not forget.

#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:36 PM

Posted 12 January 2013 - 06:48 PM

Launch Autoruns and uncheck this entry

"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Windows Defender" "Windows Defender User Interface" "Microsoft Corporation" "c:\program files\windows defender\msascui.exe"

Restart the PC.This should stop the pop up

#14 hobo698

hobo698
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:11:36 PM

Posted 15 January 2013 - 02:24 PM

Yup, worked like a charm
Thanks again.
Cheers

#15 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:36 PM

Posted 15 January 2013 - 05:09 PM

If you dont have any more issues


Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

XP- http://support.microsoft.com/kb/310405

Vista & windows 7- http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users