Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Redirection to website with false virus warning


  • Please log in to reply
13 replies to this topic

#1 t644

t644

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:06:37 PM

Posted 11 January 2013 - 03:56 AM

Hi,

I wonder whether anyone can help me. I seem to have picked up some nasty malware in the last couple of days.

The problem came to my attention when, on a couple of occasions now, Internet Explorer has independently opened a new tab redirecting me to a website which has on it graphic purporting to be a virus warning. I know this is a fake. The website also opens a dialogue box which can be closed by clicking the 'x' box. When I shut the tab an 'are you sure?' box appears, but the tab will close.

Having done some ill-informed poking around I also notice that neither Windows Defender or Windows Firewall are switched on and neither will turn on. It seems to me that security updates have been failing for a little while too.

I have endeavoured to look for help on the guides and forum, but haven't been able to identify the problem. I'd be grateful for any assistance.

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:37 PM

Posted 11 January 2013 - 04:46 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 t644

t644
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:06:37 PM

Posted 11 January 2013 - 04:35 PM

Thanks for getting back to me - really appreciate it.

TDSS Log

21:28:40.0523 5772 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
21:28:40.0663 5772 ============================================================
21:28:40.0663 5772 Current date / time: 2013/01/11 21:28:40.0663
21:28:40.0663 5772 SystemInfo:
21:28:40.0663 5772
21:28:40.0663 5772 OS Version: 6.0.6002 ServicePack: 2.0
21:28:40.0663 5772 Product type: Workstation
21:28:40.0663 5772 ComputerName: SANDH-PC
21:28:40.0663 5772 UserName: sandh
21:28:40.0663 5772 Windows directory: C:\Windows
21:28:40.0663 5772 System windows directory: C:\Windows
21:28:40.0663 5772 Processor architecture: Intel x86
21:28:40.0663 5772 Number of processors: 2
21:28:40.0663 5772 Page size: 0x1000
21:28:40.0663 5772 Boot type: Normal boot
21:28:40.0663 5772 ============================================================
21:28:44.0470 5772 Drive \Device\Harddisk1\DR1 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x7E2D, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000050
21:28:44.0470 5772 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
21:28:44.0470 5772 ============================================================
21:28:44.0470 5772 \Device\Harddisk1\DR1:
21:28:44.0470 5772 MBR partitions:
21:28:44.0470 5772 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1BEF7FC1
21:28:44.0470 5772 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x1BEF8000, BlocksNum 0x12CC000
21:28:44.0470 5772 \Device\Harddisk0\DR0:
21:28:44.0470 5772 MBR partitions:
21:28:44.0470 5772 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1D1C4542
21:28:44.0470 5772 ============================================================
21:28:44.0485 5772 C: <-> \Device\Harddisk1\DR1\Partition1
21:28:44.0813 5772 D: <-> \Device\Harddisk0\DR0\Partition1
21:28:44.0891 5772 E: <-> \Device\Harddisk1\DR1\Partition2
21:28:44.0891 5772 ============================================================
21:28:44.0891 5772 Initialize success
21:28:44.0891 5772 ============================================================
21:28:48.0307 5028 ============================================================
21:28:48.0307 5028 Scan started
21:28:48.0307 5028 Mode: Manual;
21:28:48.0307 5028 ============================================================
21:28:55.0265 5028 ================ Scan system memory ========================
21:28:55.0265 5028 System memory - ok
21:28:55.0281 5028 ================ Scan services =============================
21:28:59.0259 5028 [ CC1F1D3D70DC13C2C281488D347D4415 ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys
21:28:59.0259 5028 Accelerometer - ok
21:28:59.0446 5028 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
21:28:59.0446 5028 ACPI - ok
21:29:00.0117 5028 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
21:29:00.0397 5028 AdobeFlashPlayerUpdateSvc - ok
21:29:00.0865 5028 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
21:29:01.0177 5028 adp94xx - ok
21:29:01.0458 5028 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys
21:29:01.0458 5028 adpahci - ok
21:29:01.0599 5028 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
21:29:01.0599 5028 adpu160m - ok
21:29:01.0786 5028 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
21:29:01.0864 5028 adpu320 - ok
21:29:02.0035 5028 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
21:29:02.0067 5028 AeLookupSvc - ok
21:29:02.0347 5028 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
21:29:02.0550 5028 AFD - ok
21:29:02.0737 5028 [ 8ED60797908FD394EEE0D6949F493224 ] AgereModemAudio C:\Windows\system32\agrsmsvc.exe
21:29:02.0769 5028 AgereModemAudio - ok
21:29:03.0549 5028 [ 3712986CC3ABF0DC656B43525B9D1279 ] AgereSoftModem C:\Windows\system32\DRIVERS\AGRSM.sys
21:29:03.0970 5028 AgereSoftModem - ok
21:29:04.0095 5028 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys
21:29:04.0188 5028 agp440 - ok
21:29:04.0313 5028 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
21:29:04.0313 5028 aic78xx - ok
21:29:04.0360 5028 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
21:29:04.0422 5028 ALG - ok
21:29:04.0469 5028 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys
21:29:04.0469 5028 aliide - ok
21:29:04.0687 5028 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys
21:29:04.0719 5028 amdagp - ok
21:29:04.0734 5028 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys
21:29:04.0734 5028 amdide - ok
21:29:04.0781 5028 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
21:29:04.0781 5028 AmdK7 - ok
21:29:04.0828 5028 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
21:29:04.0843 5028 AmdK8 - ok
21:29:04.0968 5028 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
21:29:04.0968 5028 Appinfo - ok
21:29:05.0592 5028 [ D503DF3ABA595F551B98B9BAE017A271 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
21:29:05.0592 5028 Apple Mobile Device - ok
21:29:05.0748 5028 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys
21:29:05.0811 5028 arc - ok
21:29:05.0920 5028 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys
21:29:05.0935 5028 arcsas - ok
21:29:05.0982 5028 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
21:29:05.0998 5028 AsyncMac - ok
21:29:06.0045 5028 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys
21:29:06.0045 5028 atapi - ok
21:29:06.0263 5028 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:29:06.0325 5028 AudioEndpointBuilder - ok
21:29:06.0341 5028 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
21:29:06.0341 5028 Audiosrv - ok
21:29:06.0903 5028 [ CF6A67C90951E3E763D2135DEDE44B85 ] BCM43XV C:\Windows\system32\DRIVERS\bcmwl6.sys
21:29:06.0934 5028 BCM43XV - ok
21:29:06.0981 5028 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
21:29:06.0981 5028 Beep - ok
21:29:07.0137 5028 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
21:29:07.0168 5028 BFE - ok
21:29:07.0355 5028 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\System32\qmgr.dll
21:29:07.0371 5028 BITS - ok
21:29:07.0402 5028 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
21:29:07.0433 5028 blbdrive - ok
21:29:07.0776 5028 [ EBAD0F51D8D4DADE7660B1851ADDBD07 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
21:29:07.0839 5028 Bonjour Service - ok
21:29:07.0917 5028 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
21:29:07.0979 5028 bowser - ok
21:29:08.0151 5028 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
21:29:08.0182 5028 BrFiltLo - ok
21:29:08.0650 5028 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
21:29:10.0881 5028 BrFiltUp - ok
21:29:10.0927 5028 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
21:29:10.0974 5028 Browser - ok
21:29:11.0021 5028 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
21:29:11.0115 5028 Brserid - ok
21:29:11.0146 5028 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
21:29:11.0161 5028 BrSerWdm - ok
21:29:11.0208 5028 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
21:29:11.0224 5028 BrUsbMdm - ok
21:29:11.0302 5028 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
21:29:11.0317 5028 BrUsbSer - ok
21:29:11.0427 5028 [ 6D39C954799B63BA866910234CF7D726 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
21:29:11.0442 5028 BthEnum - ok
21:29:11.0520 5028 [ 9A966A8E86D1771911AE34A20D11BFF3 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
21:29:11.0551 5028 BTHMODEM - ok
21:29:11.0583 5028 [ 5904EFA25F829BF84EA6FB045134A1D8 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
21:29:11.0583 5028 BthPan - ok
21:29:11.0910 5028 [ 611FF3F2F095C8D4A6D4CFD9DCC09793 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
21:29:11.0910 5028 BTHPORT - ok
21:29:11.0973 5028 [ A4C8377FA4A994E07075107DBE2E3DCE ] BthServ C:\Windows\System32\bthserv.dll
21:29:12.0004 5028 BthServ - ok
21:29:12.0051 5028 [ D330803EAB2A15CAEC7F011F1D4CB30E ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
21:29:12.0066 5028 BTHUSB - ok
21:29:12.0160 5028 [ 229B2C1E776062A4033305D5A9D6E28D ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
21:29:12.0175 5028 btwaudio - ok
21:29:12.0238 5028 [ 97062053359F6908E1FB2791BFA54734 ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
21:29:12.0238 5028 btwavdt - ok
21:29:12.0300 5028 [ D9269B0E3E3CF46D677FD071A40FE6CD ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
21:29:12.0300 5028 btwrchid - ok
21:29:12.0472 5028 [ 51B327292408B5F3A42E295BCE055859 ] BVRPMPR5 C:\Windows\system32\drivers\BVRPMPR5.SYS
21:29:12.0503 5028 BVRPMPR5 - ok
21:29:12.0877 5028 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
21:29:12.0877 5028 cdfs - ok
21:29:13.0002 5028 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
21:29:13.0002 5028 cdrom - ok
21:29:13.0111 5028 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
21:29:13.0127 5028 CertPropSvc - ok
21:29:13.0174 5028 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\DRIVERS\circlass.sys
21:29:13.0174 5028 circlass - ok
21:29:13.0345 5028 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
21:29:13.0377 5028 CLFS - ok
21:29:13.0735 5028 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:29:13.0829 5028 clr_optimization_v2.0.50727_32 - ok
21:29:14.0110 5028 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:29:14.0141 5028 clr_optimization_v4.0.30319_32 - ok
21:29:14.0235 5028 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
21:29:14.0266 5028 CmBatt - ok
21:29:14.0297 5028 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys
21:29:14.0297 5028 cmdide - ok
21:29:14.0547 5028 [ A94146208170D78906C93EE39CEBDD9F ] Com4QLBEx C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
21:29:14.0578 5028 Com4QLBEx - ok
21:29:14.0625 5028 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
21:29:14.0625 5028 Compbatt - ok
21:29:14.0640 5028 COMSysApp - ok
21:29:14.0656 5028 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
21:29:14.0656 5028 crcdisk - ok
21:29:14.0827 5028 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys
21:29:14.0827 5028 Crusoe - ok
21:29:14.0952 5028 [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc C:\Windows\system32\cryptsvc.dll
21:29:14.0968 5028 CryptSvc - ok
21:29:15.0217 5028 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
21:29:15.0233 5028 DcomLaunch - ok
21:29:15.0342 5028 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
21:29:15.0342 5028 DfsC - ok
21:29:15.0576 5028 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
21:29:16.0075 5028 DFSR - ok
21:29:16.0356 5028 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
21:29:16.0356 5028 Dhcp - ok
21:29:16.0512 5028 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
21:29:16.0543 5028 disk - ok
21:29:16.0637 5028 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
21:29:16.0731 5028 Dnscache - ok
21:29:16.0902 5028 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
21:29:16.0933 5028 dot3svc - ok
21:29:17.0074 5028 [ 4F59C172C094E1A1D46463A8DC061CBD ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
21:29:17.0105 5028 Dot4 - ok
21:29:17.0167 5028 [ 80BF3BA09F6F2523C8F6B7CC6DBF7BD5 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
21:29:17.0199 5028 Dot4Print - ok
21:29:17.0245 5028 [ C55004CA6B419B6695970DFE849B122F ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
21:29:17.0261 5028 dot4usb - ok
21:29:17.0557 5028 [ DB162274197796AC5B3D54DA7ECA1909 ] DpHost C:\Program Files\DigitalPersona\Bin\DpHostW.exe
21:29:17.0651 5028 DpHost - ok
21:29:17.0823 5028 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
21:29:17.0869 5028 DPS - ok
21:29:17.0963 5028 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
21:29:17.0963 5028 drmkaud - ok
21:29:18.0103 5028 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
21:29:18.0103 5028 DXGKrnl - ok
21:29:18.0135 5028 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
21:29:18.0135 5028 E1G60 - ok
21:29:18.0353 5028 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
21:29:18.0415 5028 EapHost - ok
21:29:18.0649 5028 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
21:29:18.0649 5028 Ecache - ok
21:29:19.0117 5028 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
21:29:19.0227 5028 ehRecvr - ok
21:29:19.0351 5028 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
21:29:19.0461 5028 ehSched - ok
21:29:19.0539 5028 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
21:29:19.0570 5028 ehstart - ok
21:29:19.0788 5028 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys
21:29:19.0929 5028 elxstor - ok
21:29:20.0007 5028 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
21:29:20.0116 5028 EMDMgmt - ok
21:29:20.0209 5028 [ 6C74035909B31F873D85B25E00BEB984 ] enecir C:\Windows\system32\DRIVERS\enecir.sys
21:29:20.0209 5028 enecir - ok
21:29:20.0334 5028 [ 3DB974F3935483555D7148663F726C61 ] ErrDev C:\Windows\system32\drivers\errdev.sys
21:29:20.0350 5028 ErrDev - ok
21:29:20.0412 5028 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
21:29:20.0412 5028 EventSystem - ok
21:29:20.0553 5028 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
21:29:20.0553 5028 exfat - ok
21:29:20.0631 5028 [ 42F721C52EEF2D6DF9372A53813A83EF ] ezSharedSvc C:\Windows\System32\ezsvc7.dll
21:29:20.0755 5028 ezSharedSvc - ok
21:29:20.0802 5028 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
21:29:20.0896 5028 fastfat - ok
21:29:20.0974 5028 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
21:29:20.0989 5028 fdc - ok
21:29:21.0067 5028 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
21:29:21.0083 5028 fdPHost - ok
21:29:21.0114 5028 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
21:29:21.0130 5028 FDResPub - ok
21:29:21.0161 5028 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
21:29:21.0177 5028 FileInfo - ok
21:29:21.0426 5028 [ 54352CBDE8B4ADFCD900255053DE8753 ] FileOpenManagerSvc C:\Program Files\FileOpen\Services\FileOpenManagerSvc32.exe
21:29:21.0504 5028 FileOpenManagerSvc - ok
21:29:21.0535 5028 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
21:29:21.0551 5028 Filetrace - ok
21:29:21.0582 5028 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
21:29:21.0613 5028 flpydisk - ok
21:29:21.0660 5028 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
21:29:21.0660 5028 FltMgr - ok
21:29:21.0801 5028 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
21:29:22.0066 5028 FontCache - ok
21:29:22.0315 5028 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
21:29:22.0331 5028 FontCache3.0.0.0 - ok
21:29:22.0378 5028 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
21:29:22.0393 5028 Fs_Rec - ok
21:29:22.0487 5028 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
21:29:22.0518 5028 gagp30kx - ok
21:29:22.0690 5028 [ 44D07E5A444692E9B6A5CDD7401B4402 ] GameConsoleService C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
21:29:22.0815 5028 GameConsoleService - ok
21:29:22.0861 5028 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
21:29:22.0861 5028 GEARAspiWDM - ok
21:29:23.0205 5028 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
21:29:23.0283 5028 gpsvc - ok
21:29:23.0563 5028 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
21:29:23.0579 5028 gupdate - ok
21:29:23.0626 5028 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
21:29:23.0626 5028 gupdatem - ok
21:29:23.0688 5028 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:29:23.0735 5028 HdAudAddService - ok
21:29:23.0969 5028 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
21:29:23.0969 5028 HDAudBus - ok
21:29:24.0016 5028 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
21:29:24.0047 5028 HidBth - ok
21:29:24.0141 5028 [ D8DF3722D5E961BAA1292AA2F12827E2 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
21:29:24.0141 5028 HidIr - ok
21:29:24.0203 5028 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\system32\hidserv.dll
21:29:24.0234 5028 hidserv - ok
21:29:24.0312 5028 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
21:29:24.0312 5028 HidUsb - ok
21:29:24.0406 5028 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
21:29:24.0437 5028 hkmsvc - ok
21:29:24.0515 5028 [ A19B0BB5A7EB6DF2DD4A0711D36955EE ] HP Health Check Service c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
21:29:24.0515 5028 HP Health Check Service - ok
21:29:24.0577 5028 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
21:29:24.0577 5028 HpCISSs - ok
21:29:24.0702 5028 [ 4EF10B866C62ABBEAF7511CDD05A19BE ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys
21:29:24.0702 5028 hpdskflt - ok
21:29:25.0295 5028 [ CE0FCEC4D4D860F36D972759B11EAF0F ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
21:29:25.0482 5028 hpqcxs08 - ok
21:29:25.0638 5028 [ EE4C7A4CF2316701FFDE90F404520265 ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
21:29:25.0654 5028 hpqddsvc - ok
21:29:25.0732 5028 [ 35956140E686D53BF676CF0C778880FC ] HpqKbFiltr C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
21:29:25.0732 5028 HpqKbFiltr - ok
21:29:25.0950 5028 [ D50FDAD1E57AA60F1973CFC77D905F0E ] hpqwmiex C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
21:29:25.0997 5028 hpqwmiex - ok
21:29:26.0153 5028 [ 6F9CB6539A1B2508BD1C53D29334431A ] HPSLPSVC C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL
21:29:26.0200 5028 HPSLPSVC - ok
21:29:26.0247 5028 [ C0BEB56ED79B59B7B33D0AA6C38A0BA6 ] hpsrv C:\Windows\system32\Hpservice.exe
21:29:26.0247 5028 hpsrv - ok
21:29:26.0356 5028 [ 46D67209550973257601A533E2AC5785 ] HSFHWAZL C:\Windows\system32\DRIVERS\VSTAZL3.SYS
21:29:26.0418 5028 HSFHWAZL - ok
21:29:26.0730 5028 [ EC36F1D542ED4252390D446BF6D4DFD0 ] HSF_DPV C:\Windows\system32\DRIVERS\VSTDPV3.SYS
21:29:26.0902 5028 HSF_DPV - ok
21:29:27.0136 5028 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys
21:29:27.0136 5028 HTTP - ok
21:29:27.0229 5028 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys
21:29:27.0229 5028 i2omp - ok
21:29:27.0323 5028 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
21:29:27.0323 5028 i8042prt - ok
21:29:27.0370 5028 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
21:29:27.0417 5028 iaStorV - ok
21:29:27.0557 5028 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
21:29:27.0573 5028 IDriverT - ok
21:29:27.0775 5028 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
21:29:27.0869 5028 idsvc - ok
21:29:27.0900 5028 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
21:29:27.0963 5028 iirsp - ok
21:29:28.0197 5028 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
21:29:28.0259 5028 IKEEXT - ok
21:29:28.0306 5028 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys
21:29:28.0306 5028 intelide - ok
21:29:28.0602 5028 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
21:29:28.0602 5028 intelppm - ok
21:29:28.0696 5028 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
21:29:28.0743 5028 IPBusEnum - ok
21:29:28.0836 5028 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:29:28.0836 5028 IpFilterDriver - ok
21:29:29.0148 5028 [ 1998BD97F950680BB55F55A7244679C2 ] IpHlpSvc C:\Windows\System32\iphlpsvc.dll
21:29:29.0289 5028 IpHlpSvc - ok
21:29:29.0289 5028 IpInIp - ok
21:29:29.0538 5028 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
21:29:29.0679 5028 IPMIDRV - ok
21:29:29.0819 5028 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
21:29:29.0819 5028 IPNAT - ok
21:29:30.0053 5028 [ 3C30491045DBBD44A42876B3D6F3917D ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
21:29:30.0100 5028 iPod Service - ok
21:29:30.0178 5028 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
21:29:30.0209 5028 IRENUM - ok
21:29:30.0240 5028 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys
21:29:30.0240 5028 isapnp - ok
21:29:30.0349 5028 [ B3C02712CAA7E2949F2D95F9AE99E0F6 ] iscFlash C:\Program Files\sp43867\iscflash.sys
21:29:30.0381 5028 iscFlash - ok
21:29:30.0490 5028 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
21:29:30.0505 5028 iScsiPrt - ok
21:29:30.0537 5028 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
21:29:30.0568 5028 iteatapi - ok
21:29:30.0599 5028 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
21:29:30.0599 5028 iteraid - ok
21:29:30.0708 5028 [ DA971CFC625D13636E04C405948E9D62 ] JMCR C:\Windows\system32\DRIVERS\jmcr.sys
21:29:30.0708 5028 JMCR - ok
21:29:30.0755 5028 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
21:29:30.0755 5028 kbdclass - ok
21:29:30.0849 5028 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
21:29:30.0864 5028 kbdhid - ok
21:29:30.0927 5028 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
21:29:30.0927 5028 KeyIso - ok
21:29:31.0067 5028 [ 566C5FD480FDBCE3BA5CF9FBCFFAEA9A ] KMWDFILTER C:\Windows\system32\DRIVERS\KMWDFILTER.sys
21:29:31.0067 5028 KMWDFILTER - ok
21:29:31.0145 5028 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
21:29:31.0145 5028 KSecDD - ok
21:29:31.0426 5028 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
21:29:31.0535 5028 KtmRm - ok
21:29:31.0597 5028 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\system32\srvsvc.dll
21:29:31.0629 5028 LanmanServer - ok
21:29:31.0707 5028 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:29:31.0722 5028 LanmanWorkstation - ok
21:29:34.0468 5028 [ 4CCC8AABE7880C56BA10043B8FBCA3EB ] LeapFrog Connect Device Service C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe
21:29:38.0290 5028 LeapFrog Connect Device Service - ok
21:29:38.0383 5028 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
21:29:38.0399 5028 lltdio - ok
21:29:38.0508 5028 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
21:29:38.0524 5028 lltdsvc - ok
21:29:38.0555 5028 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
21:29:38.0586 5028 lmhosts - ok
21:29:38.0633 5028 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
21:29:38.0649 5028 LSI_FC - ok
21:29:38.0695 5028 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
21:29:38.0711 5028 LSI_SAS - ok
21:29:38.0773 5028 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
21:29:38.0789 5028 LSI_SCSI - ok
21:29:38.0820 5028 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
21:29:38.0851 5028 luafv - ok
21:29:38.0929 5028 [ 629CABB0421668C9D3D402A3C3D77E14 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
21:29:38.0929 5028 MBAMProtector - ok
21:29:39.0241 5028 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
21:29:39.0335 5028 MBAMScheduler - ok
21:29:39.0787 5028 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
21:29:39.0897 5028 MBAMService - ok
21:29:39.0943 5028 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
21:29:39.0959 5028 Mcx2Svc - ok
21:29:40.0053 5028 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys
21:29:40.0115 5028 megasas - ok
21:29:40.0240 5028 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys
21:29:40.0287 5028 MegaSR - ok
21:29:40.0661 5028 Microsoft SharePoint Workspace Audit Service - ok
21:29:40.0708 5028 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
21:29:40.0723 5028 MMCSS - ok
21:29:40.0755 5028 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
21:29:40.0770 5028 Modem - ok
21:29:40.0817 5028 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
21:29:40.0817 5028 monitor - ok
21:29:40.0879 5028 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
21:29:40.0879 5028 mouclass - ok
21:29:40.0911 5028 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
21:29:40.0926 5028 mouhid - ok
21:29:40.0957 5028 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
21:29:40.0957 5028 MountMgr - ok
21:29:41.0145 5028 [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
21:29:41.0254 5028 MozillaMaintenance - ok
21:29:41.0379 5028 [ EE728AF83850DDAD9A3FCAC0AAB3AD97 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
21:29:41.0379 5028 MpFilter - ok
21:29:41.0472 5028 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys
21:29:41.0503 5028 mpio - ok
21:29:41.0987 5028 [ A69630D039C38018689190234F866D77 ] MpKsla80a88ae C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{5F2847EA-3436-4A25-8B1A-3CE381EC5274}\MpKsla80a88ae.sys
21:29:42.0049 5028 MpKsla80a88ae - ok
21:29:42.0081 5028 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
21:29:42.0096 5028 mpsdrv - ok
21:29:42.0346 5028 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
21:29:42.0393 5028 MpsSvc - ok
21:29:42.0471 5028 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
21:29:42.0471 5028 Mraid35x - ok
21:29:42.0673 5028 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
21:29:42.0673 5028 MRxDAV - ok
21:29:42.0767 5028 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
21:29:42.0767 5028 mrxsmb - ok
21:29:42.0876 5028 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:29:42.0876 5028 mrxsmb10 - ok
21:29:42.0970 5028 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:29:42.0970 5028 mrxsmb20 - ok
21:29:43.0079 5028 [ 5457DCFA7C0DA43522F4D9D4049C1472 ] msahci C:\Windows\system32\drivers\msahci.sys
21:29:43.0079 5028 msahci - ok
21:29:43.0141 5028 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys
21:29:43.0141 5028 msdsm - ok
21:29:43.0235 5028 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
21:29:43.0313 5028 MSDTC - ok
21:29:43.0375 5028 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
21:29:43.0391 5028 Msfs - ok
21:29:43.0453 5028 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
21:29:43.0453 5028 msisadrv - ok
21:29:43.0531 5028 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
21:29:43.0547 5028 MSiSCSI - ok
21:29:43.0547 5028 msiserver - ok
21:29:43.0609 5028 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
21:29:43.0625 5028 MSKSSRV - ok
21:29:43.0843 5028 [ E077FCA2A7E79FB9BF67D3E30B5CE593 ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe
21:29:43.0843 5028 MsMpSvc - ok
21:29:43.0921 5028 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
21:29:43.0937 5028 MSPCLOCK - ok
21:29:43.0968 5028 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
21:29:43.0999 5028 MSPQM - ok
21:29:44.0109 5028 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
21:29:44.0109 5028 MsRPC - ok
21:29:44.0233 5028 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
21:29:44.0233 5028 mssmbios - ok
21:29:44.0280 5028 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
21:29:44.0296 5028 MSTEE - ok
21:29:44.0405 5028 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
21:29:44.0405 5028 Mup - ok
21:29:44.0592 5028 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
21:29:44.0639 5028 napagent - ok
21:29:44.0701 5028 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
21:29:44.0733 5028 NativeWifiP - ok
21:29:44.0967 5028 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
21:29:45.0294 5028 NDIS - ok
21:29:45.0357 5028 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
21:29:45.0419 5028 NdisTapi - ok
21:29:45.0450 5028 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
21:29:45.0481 5028 Ndisuio - ok
21:29:45.0559 5028 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
21:29:45.0559 5028 NdisWan - ok
21:29:45.0700 5028 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
21:29:45.0715 5028 NDProxy - ok
21:29:45.0871 5028 [ 2969D26EEE289BE7422AA46FC55F4E38 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
21:29:45.0887 5028 Net Driver HPZ12 - ok
21:29:45.0918 5028 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
21:29:45.0981 5028 NetBIOS - ok
21:29:46.0105 5028 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
21:29:46.0137 5028 netbt - ok
21:29:46.0168 5028 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
21:29:46.0183 5028 Netlogon - ok
21:29:46.0386 5028 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
21:29:46.0402 5028 Netman - ok
21:29:46.0527 5028 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
21:29:46.0573 5028 netprofm - ok
21:29:46.0651 5028 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:29:46.0667 5028 NetTcpPortSharing - ok
21:29:47.0619 5028 [ 8DE67BD902095A13329FD82C85A1FA09 ] NETw5v32 C:\Windows\system32\DRIVERS\NETw5v32.sys
21:29:49.0085 5028 NETw5v32 - ok
21:29:49.0147 5028 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
21:29:49.0381 5028 nfrd960 - ok
21:29:49.0491 5028 [ 2CD24A6AF497D0E9B9BF3DA924ED05E6 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
21:29:49.0491 5028 NisDrv - ok
21:29:50.0068 5028 [ 3B846434055F80D9E89D0742F3ADAD34 ] NisSrv C:\Program Files\Microsoft Security Client\NisSrv.exe
21:29:50.0130 5028 NisSrv - ok
21:29:50.0255 5028 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
21:29:50.0271 5028 NlaSvc - ok
21:29:50.0317 5028 [ C82F4CC10AD315B6D6BCB14D0A7CAD66 ] nmwcd C:\Windows\system32\drivers\ccdcmb.sys
21:29:50.0349 5028 nmwcd - ok
21:29:50.0442 5028 [ 60EF5F5621D7832F00A3F190A0C905E2 ] nmwcdc C:\Windows\system32\drivers\ccdcmbo.sys
21:29:50.0458 5028 nmwcdc - ok
21:29:50.0520 5028 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
21:29:50.0551 5028 Npfs - ok
21:29:50.0661 5028 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
21:29:50.0676 5028 nsi - ok
21:29:50.0754 5028 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
21:29:50.0785 5028 nsiproxy - ok
21:29:51.0207 5028 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
21:29:51.0378 5028 Ntfs - ok
21:29:51.0425 5028 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
21:29:51.0441 5028 ntrigdigi - ok
21:29:51.0472 5028 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
21:29:51.0503 5028 Null - ok
21:29:51.0628 5028 [ 1657F3FBD9061526C14FF37E79306F98 ] NVENETFD C:\Windows\system32\DRIVERS\nvm60x32.sys
21:29:51.0690 5028 NVENETFD - ok
21:29:51.0753 5028 [ A82534D453425F5FEE4B6A583FDCF3EB ] NVHDA C:\Windows\system32\drivers\nvhda32v.sys
21:29:51.0753 5028 NVHDA - ok
21:29:54.0795 5028 [ 24000B817CC84AC1555F41929879AF5A ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
21:29:54.0873 5028 nvlddmkm - ok
21:29:54.0982 5028 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys
21:29:55.0013 5028 nvraid - ok
21:29:55.0044 5028 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys
21:29:55.0075 5028 nvstor - ok
21:29:55.0153 5028 [ C4D17F11526F87BC762F31DA5BD2580B ] nvsvc C:\Windows\system32\nvvsvc.exe
21:29:55.0200 5028 nvsvc - ok
21:29:55.0247 5028 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
21:29:55.0278 5028 nv_agp - ok
21:29:55.0278 5028 NwlnkFlt - ok
21:29:55.0278 5028 NwlnkFwd - ok
21:29:55.0356 5028 [ 6F310E890D46E246E0E261A63D9B36B4 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
21:29:55.0356 5028 ohci1394 - ok
21:29:55.0497 5028 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:29:55.0543 5028 ose - ok
21:29:56.0027 5028 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
21:29:59.0272 5028 osppsvc - ok
21:29:59.0568 5028 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
21:29:59.0833 5028 p2pimsvc - ok
21:29:59.0943 5028 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
21:29:59.0943 5028 p2psvc - ok
21:30:00.0021 5028 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
21:30:00.0021 5028 Parport - ok
21:30:00.0114 5028 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
21:30:00.0114 5028 partmgr - ok
21:30:00.0177 5028 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
21:30:00.0177 5028 Parvdm - ok
21:30:00.0270 5028 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
21:30:00.0286 5028 PcaSvc - ok
21:30:00.0411 5028 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
21:30:00.0411 5028 pci - ok
21:30:00.0504 5028 [ FC175F5DDAB666D7F4D17449A547626F ] pciide C:\Windows\system32\drivers\pciide.sys
21:30:00.0504 5028 pciide - ok
21:30:00.0613 5028 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
21:30:00.0629 5028 pcmcia - ok
21:30:00.0941 5028 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
21:30:01.0113 5028 PEAUTH - ok
21:30:01.0596 5028 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
21:30:01.0768 5028 pla - ok
21:30:01.0861 5028 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
21:30:01.0908 5028 PlugPlay - ok
21:30:02.0017 5028 [ BAFC9706BDF425A02B66468AB2605C59 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
21:30:02.0049 5028 Pml Driver HPZ12 - ok
21:30:02.0220 5028 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
21:30:02.0220 5028 PNRPAutoReg - ok
21:30:02.0267 5028 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
21:30:02.0267 5028 PNRPsvc - ok
21:30:02.0423 5028 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
21:30:02.0439 5028 PolicyAgent - ok
21:30:02.0517 5028 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
21:30:02.0517 5028 PptpMiniport - ok
21:30:02.0579 5028 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\drivers\processr.sys
21:30:02.0579 5028 Processor - ok
21:30:02.0673 5028 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
21:30:02.0688 5028 ProfSvc - ok
21:30:02.0719 5028 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
21:30:02.0719 5028 ProtectedStorage - ok
21:30:02.0813 5028 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
21:30:02.0813 5028 PSched - ok
21:30:03.0250 5028 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
21:30:03.0265 5028 ql2300 - ok
21:30:03.0312 5028 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
21:30:03.0343 5028 ql40xx - ok
21:30:03.0515 5028 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
21:30:03.0531 5028 QWAVE - ok
21:30:03.0562 5028 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
21:30:03.0749 5028 QWAVEdrv - ok
21:30:03.0858 5028 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
21:30:03.0967 5028 RasAcd - ok
21:30:04.0045 5028 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
21:30:04.0045 5028 RasAuto - ok
21:30:04.0108 5028 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
21:30:04.0108 5028 Rasl2tp - ok
21:30:04.0248 5028 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
21:30:04.0326 5028 RasMan - ok
21:30:04.0404 5028 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
21:30:04.0404 5028 RasPppoe - ok
21:30:04.0560 5028 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
21:30:04.0576 5028 RasSstp - ok
21:30:04.0716 5028 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
21:30:04.0716 5028 rdbss - ok
21:30:04.0810 5028 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
21:30:04.0825 5028 RDPCDD - ok
21:30:04.0857 5028 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
21:30:04.0857 5028 rdpdr - ok
21:30:04.0950 5028 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
21:30:04.0981 5028 RDPENCDD - ok
21:30:05.0122 5028 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
21:30:05.0153 5028 RDPWD - ok
21:30:05.0278 5028 [ 431723F23D0E065BEF502389E8FFDC10 ] Recovery Service for Windows C:\Windows\SMINST\BLService.exe
21:30:05.0371 5028 Recovery Service for Windows - ok
21:30:05.0418 5028 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
21:30:05.0418 5028 RemoteAccess - ok
21:30:05.0559 5028 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
21:30:05.0574 5028 RemoteRegistry - ok
21:30:05.0668 5028 [ 6482707F9F4DA0ECBAB43B2E0398A101 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
21:30:05.0699 5028 RFCOMM - ok
21:30:05.0933 5028 [ 17E0BEF5CA5C9CE52CC8082AC6EBC449 ] RichVideo C:\Program Files\CyberLink\Shared Files\RichVideo.exe
21:30:06.0042 5028 RichVideo - ok
21:30:06.0120 5028 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
21:30:06.0136 5028 RpcLocator - ok
21:30:06.0229 5028 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
21:30:06.0229 5028 RpcSs - ok
21:30:06.0276 5028 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
21:30:06.0292 5028 rspndr - ok
21:30:06.0417 5028 [ A1ADC7B4C074744662207DA6EDCDFBB0 ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh86.sys
21:30:06.0526 5028 RTL8169 - ok
21:30:06.0541 5028 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
21:30:06.0557 5028 SamSs - ok
21:30:06.0604 5028 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
21:30:06.0619 5028 sbp2port - ok
21:30:06.0729 5028 [ 1DF62F71BB16F4FD1102B64929438EB3 ] Scan2PC C:\Program Files\Scan2PC\Sc2PCSvc.exe
21:30:06.0931 5028 Scan2PC - ok
21:30:06.0963 5028 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
21:30:06.0978 5028 SCardSvr - ok
21:30:07.0056 5028 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
21:30:07.0056 5028 Schedule - ok
21:30:07.0103 5028 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
21:30:07.0103 5028 SCPolicySvc - ok
21:30:07.0165 5028 [ 126EA89BCC413EE45E3004FB0764888F ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
21:30:07.0165 5028 sdbus - ok
21:30:07.0181 5028 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
21:30:07.0197 5028 SDRSVC - ok
21:30:07.0212 5028 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
21:30:07.0212 5028 secdrv - ok
21:30:07.0228 5028 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
21:30:07.0228 5028 seclogon - ok
21:30:07.0243 5028 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll
21:30:07.0243 5028 SENS - ok
21:30:07.0259 5028 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
21:30:07.0259 5028 Serenum - ok
21:30:07.0290 5028 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
21:30:07.0290 5028 Serial - ok
21:30:07.0321 5028 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
21:30:07.0337 5028 sermouse - ok
21:30:07.0353 5028 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
21:30:07.0368 5028 SessionEnv - ok
21:30:07.0384 5028 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
21:30:07.0384 5028 sffdisk - ok
21:30:07.0399 5028 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
21:30:07.0399 5028 sffp_mmc - ok
21:30:07.0431 5028 [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
21:30:07.0431 5028 sffp_sd - ok
21:30:07.0446 5028 [ C33BFBD6E9E41FCD9FFEF9729E9FAED6 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
21:30:07.0446 5028 sfloppy - ok
21:30:07.0649 5028 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
21:30:07.0680 5028 SharedAccess - ok
21:30:07.0711 5028 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:30:07.0711 5028 ShellHWDetection - ok
21:30:07.0774 5028 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys
21:30:07.0789 5028 sisagp - ok
21:30:07.0805 5028 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
21:30:07.0805 5028 SiSRaid2 - ok
21:30:07.0821 5028 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
21:30:07.0821 5028 SiSRaid4 - ok
21:30:07.0899 5028 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
21:30:07.0914 5028 SkypeUpdate - ok
21:30:08.0117 5028 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
21:30:08.0211 5028 slsvc - ok
21:30:08.0257 5028 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
21:30:08.0289 5028 SLUINotify - ok
21:30:08.0335 5028 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
21:30:08.0335 5028 Smb - ok
21:30:08.0413 5028 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
21:30:08.0413 5028 SNMPTRAP - ok
21:30:08.0445 5028 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
21:30:08.0445 5028 spldr - ok
21:30:08.0569 5028 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
21:30:08.0585 5028 Spooler - ok
21:30:08.0616 5028 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
21:30:08.0616 5028 srv - ok
21:30:08.0663 5028 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
21:30:08.0694 5028 srv2 - ok
21:30:08.0741 5028 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
21:30:08.0741 5028 srvnet - ok
21:30:08.0757 5028 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
21:30:08.0757 5028 SSDPSRV - ok
21:30:08.0819 5028 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
21:30:08.0819 5028 SstpSvc - ok
21:30:10.0348 5028 [ 05AE358CD777BF8857F512A18E1DE7AA ] STacSV C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_e2247046\STacSV.exe
21:30:10.0348 5028 STacSV - ok
21:30:10.0441 5028 [ E69A606872650B46DE54EC15DCC93529 ] STHDA C:\Windows\system32\DRIVERS\stwrt.sys
21:30:10.0441 5028 STHDA - ok
21:30:10.0613 5028 [ EF70B3D22B4BFFDA6EA851ECB063EFAA ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
21:30:10.0644 5028 StillCam - ok
21:30:10.0956 5028 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
21:30:10.0972 5028 stisvc - ok
21:30:11.0097 5028 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
21:30:11.0097 5028 swenum - ok
21:30:11.0253 5028 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
21:30:11.0268 5028 swprv - ok
21:30:11.0299 5028 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
21:30:11.0331 5028 Symc8xx - ok
21:30:11.0393 5028 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
21:30:11.0393 5028 Sym_hi - ok
21:30:11.0424 5028 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
21:30:11.0440 5028 Sym_u3 - ok
21:30:11.0689 5028 [ 067CB9D745407A8C1B26E89A6A2CE152 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
21:30:11.0689 5028 SynTP - ok
21:30:11.0877 5028 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
21:30:12.0033 5028 SysMain - ok
21:30:12.0095 5028 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:30:12.0095 5028 TabletInputService - ok
21:30:12.0157 5028 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
21:30:12.0157 5028 TapiSrv - ok
21:30:12.0173 5028 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
21:30:12.0189 5028 TBS - ok
21:30:12.0313 5028 [ EE7E10BED85C312C1D5D30C435BDDA9F ] Tcpip C:\Windows\system32\drivers\tcpip.sys
21:30:12.0329 5028 Tcpip - ok
21:30:12.0345 5028 [ EE7E10BED85C312C1D5D30C435BDDA9F ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
21:30:12.0360 5028 Tcpip6 - ok
21:30:12.0501 5028 [ 2C2D4CFF5E09C73908F9B5AF49A51365 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
21:30:12.0501 5028 tcpipreg - ok
21:30:12.0594 5028 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
21:30:12.0610 5028 TDPIPE - ok
21:30:12.0703 5028 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
21:30:12.0735 5028 TDTCP - ok
21:30:12.0844 5028 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
21:30:12.0859 5028 tdx - ok
21:30:12.0906 5028 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
21:30:12.0906 5028 TermDD - ok
21:30:13.0156 5028 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
21:30:13.0171 5028 TermService - ok
21:30:13.0312 5028 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
21:30:13.0312 5028 Themes - ok
21:30:13.0359 5028 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
21:30:13.0359 5028 THREADORDER - ok
21:30:13.0468 5028 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
21:30:13.0561 5028 TrkWks - ok
21:30:14.0092 5028 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:30:14.0107 5028 TrustedInstaller - ok
21:30:14.0232 5028 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
21:30:14.0248 5028 tssecsrv - ok
21:30:14.0295 5028 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
21:30:14.0295 5028 tunmp - ok
21:30:14.0326 5028 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
21:30:14.0341 5028 tunnel - ok
21:30:14.0388 5028 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys
21:30:14.0419 5028 uagp35 - ok
21:30:14.0544 5028 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
21:30:14.0544 5028 udfs - ok
21:30:14.0700 5028 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
21:30:14.0731 5028 UI0Detect - ok
21:30:14.0731 5028 UIUSys - ok
21:30:14.0825 5028 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
21:30:14.0872 5028 uliagpkx - ok
21:30:15.0043 5028 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys
21:30:15.0137 5028 uliahci - ok
21:30:15.0215 5028 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
21:30:15.0215 5028 UlSata - ok
21:30:15.0324 5028 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
21:30:15.0387 5028 ulsata2 - ok
21:30:15.0433 5028 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
21:30:15.0433 5028 umbus - ok
21:30:15.0527 5028 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
21:30:15.0745 5028 upnphost - ok
21:30:15.0948 5028 [ BB16932A4189E82D6C455042C11849B6 ] upperdev C:\Windows\system32\DRIVERS\usbser_lowerflt.sys
21:30:15.0979 5028 upperdev - ok
21:30:16.0104 5028 [ E8C1B9EBAC65288E1B51E8A987D98AF6 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
21:30:16.0198 5028 USBAAPL - ok
21:30:16.0323 5028 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
21:30:16.0354 5028 usbccgp - ok
21:30:16.0541 5028 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
21:30:17.0071 5028 usbcir - ok
21:30:17.0243 5028 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
21:30:17.0274 5028 usbehci - ok
21:30:17.0446 5028 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
21:30:17.0602 5028 usbhub - ok
21:30:17.0742 5028 [ 7BDB7B0E7D45AC0402D78B90789EF47C ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
21:30:17.0758 5028 usbohci - ok
21:30:17.0836 5028 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
21:30:17.0836 5028 usbprint - ok
21:30:17.0929 5028 [ A508C9BD8724980512136B039BBA65E9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
21:30:17.0945 5028 usbscan - ok
21:30:17.0992 5028 [ D575246188F63DE0ACCF6EAC5FB59E6A ] usbser C:\Windows\system32\DRIVERS\usbser.sys
21:30:17.0992 5028 usbser - ok
21:30:18.0117 5028 [ E748D50B3B2EC7F40A2BA67FB094CF01 ] UsbserFilt C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys
21:30:18.0132 5028 UsbserFilt - ok
21:30:18.0148 5028 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:30:18.0148 5028 USBSTOR - ok
21:30:18.0179 5028 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
21:30:18.0179 5028 usbuhci - ok
21:30:18.0335 5028 [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
21:30:18.0397 5028 usbvideo - ok
21:30:18.0538 5028 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
21:30:18.0616 5028 UxSms - ok
21:30:18.0834 5028 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
21:30:18.0912 5028 vds - ok
21:30:19.0006 5028 [ 4D45A93A7DD638CA2DB0A86FBFBF42D1 ] vfs101x C:\Windows\system32\drivers\vfs101x.sys
21:30:19.0006 5028 vfs101x - ok
21:30:20.0082 5028 [ 14C9B01B3C2EFA722FBC75286682994E ] vfsFPService C:\Windows\system32\vfsFPService.exe
21:30:20.0082 5028 vfsFPService - ok
21:30:20.0160 5028 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
21:30:20.0160 5028 vga - ok
21:30:20.0207 5028 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
21:30:20.0223 5028 VgaSave - ok
21:30:20.0254 5028 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys
21:30:20.0254 5028 viaagp - ok
21:30:20.0285 5028 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys
21:30:20.0285 5028 ViaC7 - ok
21:30:20.0301 5028 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\Windows\system32\drivers\viaide.sys
21:30:20.0301 5028 viaide - ok
21:30:20.0379 5028 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
21:30:20.0379 5028 volmgr - ok
21:30:20.0457 5028 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
21:30:20.0488 5028 volmgrx - ok
21:30:20.0550 5028 [ 786DB5771F05EF300390399F626BF30A ] volsnap C:\Windows\system32\drivers\volsnap.sys
21:30:20.0550 5028 volsnap - ok
21:30:20.0597 5028 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
21:30:20.0628 5028 vsmraid - ok
21:30:20.0753 5028 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
21:30:20.0784 5028 VSS - ok
21:30:21.0034 5028 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
21:30:21.0112 5028 W32Time - ok
21:30:21.0205 5028 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
21:30:21.0221 5028 WacomPen - ok
21:30:21.0330 5028 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
21:30:21.0330 5028 Wanarp - ok
21:30:21.0346 5028 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
21:30:21.0346 5028 Wanarpv6 - ok
21:30:21.0642 5028 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
21:30:21.0642 5028 wcncsvc - ok
21:30:21.0720 5028 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:30:21.0736 5028 WcsPlugInService - ok
21:30:21.0907 5028 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys
21:30:21.0907 5028 Wd - ok
21:30:22.0063 5028 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
21:30:22.0469 5028 Wdf01000 - ok
21:30:22.0516 5028 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
21:30:22.0594 5028 WdiServiceHost - ok
21:30:22.0641 5028 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
21:30:22.0672 5028 WdiSystemHost - ok
21:30:22.0843 5028 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
21:30:22.0906 5028 WebClient - ok
21:30:23.0015 5028 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
21:30:23.0093 5028 Wecsvc - ok
21:30:23.0233 5028 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
21:30:23.0249 5028 wercplsupport - ok
21:30:23.0327 5028 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
21:30:23.0343 5028 WerSvc - ok
21:30:23.0561 5028 [ 5C7BDCF5864DB00323FE2D90FA26A8A2 ] winachsf C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
21:30:23.0592 5028 winachsf - ok
21:30:23.0904 5028 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
21:30:23.0982 5028 WinDefend - ok
21:30:23.0982 5028 WinHttpAutoProxySvc - ok
21:30:24.0263 5028 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
21:30:24.0279 5028 Winmgmt - ok
21:30:24.0871 5028 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
21:30:25.0433 5028 WinRM - ok
21:30:25.0542 5028 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
21:30:25.0589 5028 Wlansvc - ok
21:30:25.0636 5028 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
21:30:25.0636 5028 WmiAcpi - ok
21:30:25.0776 5028 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
21:30:25.0792 5028 wmiApSrv - ok
21:30:26.0088 5028 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
21:30:26.0135 5028 WMPNetworkSvc - ok
21:30:26.0322 5028 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
21:30:26.0385 5028 WPCSvc - ok
21:30:26.0447 5028 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
21:30:26.0494 5028 WPDBusEnum - ok
21:30:26.0634 5028 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
21:30:26.0697 5028 WpdUsb - ok
21:30:27.0414 5028 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
21:30:27.0586 5028 WPFFontCache_v0400 - ok
21:30:27.0664 5028 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
21:30:27.0695 5028 ws2ifsl - ok
21:30:27.0867 5028 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\System32\wscsvc.dll
21:30:27.0898 5028 wscsvc - ok
21:30:27.0913 5028 WSearch - ok
21:30:28.0647 5028 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
21:30:29.0754 5028 wuauserv - ok
21:30:29.0863 5028 [ 13B5F255E90624A5BA0441D39CFB6BE2 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
21:30:29.0863 5028 WudfPf - ok
21:30:29.0973 5028 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
21:30:30.0004 5028 WUDFRd - ok
21:30:30.0129 5028 [ 575A4190D989F64732119E4114045A4F ] wudfsvc C:\Windows\System32\WUDFSvc.dll
21:30:30.0160 5028 wudfsvc - ok
21:30:30.0987 5028 {22D78859-9CE9-4B77-BF18-AC83E81A9263} - ok
21:30:31.0330 5028 ================ Scan global ===============================
21:30:31.0377 5028 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
21:30:31.0767 5028 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
21:30:31.0829 5028 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
21:30:32.0001 5028 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
21:30:32.0172 5028 [Global] - ok
21:30:32.0172 5028 ================ Scan MBR ==================================
21:30:32.0250 5028 [ 85D751F0E41B8E520AEE8C07A8DA777B ] \Device\Harddisk1\DR1
21:30:35.0901 5028 \Device\Harddisk1\DR1 - ok
21:30:35.0901 5028 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
21:30:35.0901 5028 \Device\Harddisk0\DR0 - ok
21:30:35.0901 5028 ================ Scan VBR ==================================
21:30:35.0994 5028 [ 9595E60C101DB8A2B009FF3A8976008B ] \Device\Harddisk1\DR1\Partition1
21:30:36.0057 5028 \Device\Harddisk1\DR1\Partition1 - ok
21:30:36.0088 5028 [ CDC96D30EEEFB5E8039BC10AE952F9DD ] \Device\Harddisk1\DR1\Partition2
21:30:36.0088 5028 \Device\Harddisk1\DR1\Partition2 - ok
21:30:36.0088 5028 [ 0FA52BA562006A7DC323D7FCBD2D31BF ] \Device\Harddisk0\DR0\Partition1
21:30:36.0103 5028 \Device\Harddisk0\DR0\Partition1 - ok
21:30:36.0103 5028 ============================================================
21:30:36.0103 5028 Scan finished
21:30:36.0103 5028 ============================================================
21:30:36.0103 5036 Detected object count: 0
21:30:36.0103 5036 Actual detected object count: 0
21:33:34.0275 3768 ============================================================
21:33:34.0275 3768 Scan started
21:33:34.0275 3768 Mode: Manual; TDLFS;
21:33:34.0275 3768 ============================================================
21:33:35.0336 3768 ================ Scan system memory ========================
21:33:35.0336 3768 System memory - ok
21:33:35.0336 3768 ================ Scan services =============================
21:33:36.0396 3768 [ CC1F1D3D70DC13C2C281488D347D4415 ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys
21:33:36.0396 3768 Accelerometer - ok
21:33:36.0443 3768 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
21:33:36.0443 3768 ACPI - ok
21:33:36.0568 3768 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
21:33:36.0568 3768 AdobeFlashPlayerUpdateSvc - ok
21:33:36.0646 3768 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
21:33:36.0646 3768 adp94xx - ok
21:33:36.0677 3768 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys
21:33:36.0677 3768 adpahci - ok
21:33:36.0708 3768 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
21:33:36.0724 3768 adpu160m - ok
21:33:36.0786 3768 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
21:33:36.0786 3768 adpu320 - ok
21:33:36.0833 3768 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
21:33:36.0833 3768 AeLookupSvc - ok
21:33:36.0927 3768 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
21:33:36.0927 3768 AFD - ok
21:33:36.0974 3768 [ 8ED60797908FD394EEE0D6949F493224 ] AgereModemAudio C:\Windows\system32\agrsmsvc.exe
21:33:36.0974 3768 AgereModemAudio - ok
21:33:37.0286 3768 [ 3712986CC3ABF0DC656B43525B9D1279 ] AgereSoftModem C:\Windows\system32\DRIVERS\AGRSM.sys
21:33:37.0317 3768 AgereSoftModem - ok
21:33:37.0364 3768 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys
21:33:37.0364 3768 agp440 - ok
21:33:37.0379 3768 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
21:33:37.0379 3768 aic78xx - ok
21:33:37.0395 3768 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
21:33:37.0395 3768 ALG - ok
21:33:37.0410 3768 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys
21:33:37.0410 3768 aliide - ok
21:33:37.0426 3768 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys
21:33:37.0426 3768 amdagp - ok
21:33:37.0442 3768 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys
21:33:37.0442 3768 amdide - ok
21:33:37.0504 3768 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
21:33:37.0504 3768 AmdK7 - ok
21:33:37.0551 3768 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
21:33:37.0551 3768 AmdK8 - ok
21:33:37.0598 3768 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
21:33:37.0598 3768 Appinfo - ok
21:33:37.0785 3768 [ D503DF3ABA595F551B98B9BAE017A271 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
21:33:37.0785 3768 Apple Mobile Device - ok
21:33:37.0800 3768 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys
21:33:37.0800 3768 arc - ok
21:33:37.0832 3768 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys
21:33:37.0832 3768 arcsas - ok
21:33:37.0894 3768 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
21:33:37.0894 3768 AsyncMac - ok
21:33:38.0003 3768 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys
21:33:38.0003 3768 atapi - ok
21:33:38.0066 3768 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:33:38.0066 3768 AudioEndpointBuilder - ok
21:33:38.0112 3768 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
21:33:38.0112 3768 Audiosrv - ok
21:33:38.0206 3768 [ CF6A67C90951E3E763D2135DEDE44B85 ] BCM43XV C:\Windows\system32\DRIVERS\bcmwl6.sys
21:33:38.0206 3768 BCM43XV - ok
21:33:38.0253 3768 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
21:33:38.0253 3768 Beep - ok
21:33:38.0331 3768 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
21:33:38.0331 3768 BFE - ok
21:33:38.0378 3768 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\System32\qmgr.dll
21:33:38.0378 3768 BITS - ok
21:33:38.0487 3768 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
21:33:38.0487 3768 blbdrive - ok
21:33:38.0627 3768 [ EBAD0F51D8D4DADE7660B1851ADDBD07 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
21:33:38.0627 3768 Bonjour Service - ok
21:33:38.0721 3768 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
21:33:38.0721 3768 bowser - ok
21:33:38.0768 3768 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
21:33:38.0768 3768 BrFiltLo - ok
21:33:38.0799 3768 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
21:33:38.0799 3768 BrFiltUp - ok
21:33:38.0846 3768 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
21:33:38.0846 3768 Browser - ok
21:33:38.0892 3768 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
21:33:38.0892 3768 Brserid - ok
21:33:38.0924 3768 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
21:33:38.0924 3768 BrSerWdm - ok
21:33:38.0986 3768 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
21:33:38.0986 3768 BrUsbMdm - ok
21:33:39.0033 3768 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
21:33:39.0033 3768 BrUsbSer - ok
21:33:39.0111 3768 [ 6D39C954799B63BA866910234CF7D726 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
21:33:39.0111 3768 BthEnum - ok
21:33:39.0158 3768 [ 9A966A8E86D1771911AE34A20D11BFF3 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
21:33:39.0173 3768 BTHMODEM - ok
21:33:39.0236 3768 [ 5904EFA25F829BF84EA6FB045134A1D8 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
21:33:39.0236 3768 BthPan - ok
21:33:39.0376 3768 [ 611FF3F2F095C8D4A6D4CFD9DCC09793 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
21:33:39.0376 3768 BTHPORT - ok
21:33:39.0407 3768 [ A4C8377FA4A994E07075107DBE2E3DCE ] BthServ C:\Windows\System32\bthserv.dll
21:33:39.0423 3768 BthServ - ok
21:33:39.0454 3768 [ D330803EAB2A15CAEC7F011F1D4CB30E ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
21:33:39.0454 3768 BTHUSB - ok
21:33:39.0501 3768 [ 229B2C1E776062A4033305D5A9D6E28D ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
21:33:39.0501 3768 btwaudio - ok
21:33:39.0532 3768 [ 97062053359F6908E1FB2791BFA54734 ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
21:33:39.0532 3768 btwavdt - ok
21:33:39.0594 3768 [ D9269B0E3E3CF46D677FD071A40FE6CD ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
21:33:39.0594 3768 btwrchid - ok
21:33:39.0626 3768 [ 51B327292408B5F3A42E295BCE055859 ] BVRPMPR5 C:\Windows\system32\drivers\BVRPMPR5.SYS
21:33:39.0626 3768 BVRPMPR5 - ok
21:33:39.0672 3768 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
21:33:39.0672 3768 cdfs - ok
21:33:39.0704 3768 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
21:33:39.0704 3768 cdrom - ok
21:33:39.0782 3768 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
21:33:39.0782 3768 CertPropSvc - ok
21:33:39.0813 3768 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\DRIVERS\circlass.sys
21:33:39.0813 3768 circlass - ok
21:33:39.0860 3768 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
21:33:39.0875 3768 CLFS - ok
21:33:40.0312 3768 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:33:40.0312 3768 clr_optimization_v2.0.50727_32 - ok
21:33:40.0390 3768 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:33:40.0390 3768 clr_optimization_v4.0.30319_32 - ok
21:33:40.0468 3768 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
21:33:40.0468 3768 CmBatt - ok
21:33:40.0562 3768 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys
21:33:40.0562 3768 cmdide - ok
21:33:40.0780 3768 [ A94146208170D78906C93EE39CEBDD9F ] Com4QLBEx C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
21:33:40.0780 3768 Com4QLBEx - ok
21:33:40.0858 3768 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
21:33:40.0858 3768 Compbatt - ok
21:33:40.0874 3768 COMSysApp - ok
21:33:40.0889 3768 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
21:33:40.0889 3768 crcdisk - ok
21:33:40.0936 3768 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys
21:33:40.0936 3768 Crusoe - ok
21:33:40.0998 3768 [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc C:\Windows\system32\cryptsvc.dll
21:33:40.0998 3768 CryptSvc - ok
21:33:41.0123 3768 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
21:33:41.0123 3768 DcomLaunch - ok
21:33:41.0170 3768 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
21:33:41.0170 3768 DfsC - ok
21:33:41.0466 3768 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
21:33:41.0482 3768 DFSR - ok
21:33:41.0591 3768 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
21:33:41.0591 3768 Dhcp - ok
21:33:41.0654 3768 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
21:33:41.0654 3768 disk - ok
21:33:41.0747 3768 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
21:33:41.0747 3768 Dnscache - ok
21:33:41.0856 3768 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
21:33:41.0856 3768 dot3svc - ok
21:33:42.0075 3768 [ 4F59C172C094E1A1D46463A8DC061CBD ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
21:33:42.0075 3768 Dot4 - ok
21:33:42.0137 3768 [ 80BF3BA09F6F2523C8F6B7CC6DBF7BD5 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
21:33:42.0137 3768 Dot4Print - ok
21:33:42.0200 3768 [ C55004CA6B419B6695970DFE849B122F ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
21:33:42.0200 3768 dot4usb - ok
21:33:42.0293 3768 [ DB162274197796AC5B3D54DA7ECA1909 ] DpHost C:\Program Files\DigitalPersona\Bin\DpHostW.exe
21:33:42.0293 3768 DpHost - ok
21:33:42.0371 3768 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
21:33:42.0371 3768 DPS - ok
21:33:42.0465 3768 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
21:33:42.0465 3768 drmkaud - ok
21:33:42.0558 3768 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
21:33:42.0558 3768 DXGKrnl - ok
21:33:42.0621 3768 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
21:33:42.0621 3768 E1G60 - ok
21:33:42.0668 3768 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
21:33:42.0668 3768 EapHost - ok
21:33:42.0699 3768 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
21:33:42.0699 3768 Ecache - ok
21:33:42.0808 3768 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
21:33:42.0808 3768 ehRecvr - ok
21:33:42.0870 3768 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
21:33:42.0870 3768 ehSched - ok
21:33:42.0917 3768 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
21:33:42.0917 3768 ehstart - ok
21:33:43.0042 3768 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys
21:33:43.0042 3768 elxstor - ok
21:33:43.0229 3768 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
21:33:43.0229 3768 EMDMgmt - ok
21:33:43.0307 3768 [ 6C74035909B31F873D85B25E00BEB984 ] enecir C:\Windows\system32\DRIVERS\enecir.sys
21:33:43.0307 3768 enecir - ok
21:33:43.0354 3768 [ 3DB974F3935483555D7148663F726C61 ] ErrDev C:\Windows\system32\drivers\errdev.sys
21:33:43.0354 3768 ErrDev - ok
21:33:43.0401 3768 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
21:33:43.0416 3768 EventSystem - ok
21:33:43.0510 3768 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
21:33:43.0510 3768 exfat - ok
21:33:43.0604 3768 [ 42F721C52EEF2D6DF9372A53813A83EF ] ezSharedSvc C:\Windows\System32\ezsvc7.dll
21:33:43.0604 3768 ezSharedSvc - ok
21:33:43.0682 3768 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
21:33:43.0682 3768 fastfat - ok
21:33:43.0744 3768 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
21:33:43.0744 3768 fdc - ok
21:33:43.0775 3768 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
21:33:43.0775 3768 fdPHost - ok
21:33:43.0791 3768 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
21:33:43.0806 3768 FDResPub - ok
21:33:43.0822 3768 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
21:33:43.0822 3768 FileInfo - ok
21:33:43.0994 3768 [ 54352CBDE8B4ADFCD900255053DE8753 ] FileOpenManagerSvc C:\Program Files\FileOpen\Services\FileOpenManagerSvc32.exe
21:33:43.0994 3768 FileOpenManagerSvc - ok
21:33:44.0056 3768 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
21:33:44.0056 3768 Filetrace - ok
21:33:44.0103 3768 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
21:33:44.0103 3768 flpydisk - ok
21:33:44.0228 3768 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
21:33:44.0228 3768 FltMgr - ok
21:33:44.0430 3768 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
21:33:44.0446 3768 FontCache - ok
21:33:44.0493 3768 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
21:33:44.0493 3768 FontCache3.0.0.0 - ok
21:33:44.0571 3768 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
21:33:44.0571 3768 Fs_Rec - ok
21:33:44.0602 3768 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
21:33:44.0602 3768 gagp30kx - ok
21:33:44.0774 3768 [ 44D07E5A444692E9B6A5CDD7401B4402 ] GameConsoleService C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
21:33:44.0774 3768 GameConsoleService - ok
21:33:44.0836 3768 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
21:33:44.0836 3768 GEARAspiWDM - ok
21:33:45.0164 3768 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
21:33:45.0164 3768 gpsvc - ok
21:33:45.0460 3768 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
21:33:45.0460 3768 gupdate - ok
21:33:45.0476 3768 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
21:33:45.0476 3768 gupdatem - ok
21:33:45.0569 3768 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:33:45.0569 3768 HdAudAddService - ok
21:33:45.0897 3768 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
21:33:45.0897 3768 HDAudBus - ok
21:33:45.0959 3768 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
21:33:45.0959 3768 HidBth - ok
21:33:46.0068 3768 [ D8DF3722D5E961BAA1292AA2F12827E2 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
21:33:46.0068 3768 HidIr - ok
21:33:46.0193 3768 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\system32\hidserv.dll
21:33:46.0193 3768 hidserv - ok
21:33:46.0302 3768 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
21:33:46.0302 3768 HidUsb - ok
21:33:46.0396 3768 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
21:33:46.0412 3768 hkmsvc - ok
21:33:46.0474 3768 [ A19B0BB5A7EB6DF2DD4A0711D36955EE ] HP Health Check Service c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
21:33:46.0474 3768 HP Health Check Service - ok
21:33:46.0474 3768 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
21:33:46.0474 3768 HpCISSs - ok
21:33:46.0490 3768 [ 4EF10B866C62ABBEAF7511CDD05A19BE ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys
21:33:46.0490 3768 hpdskflt - ok
21:33:46.0911 3768 [ CE0FCEC4D4D860F36D972759B11EAF0F ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
21:33:46.0926 3768 hpqcxs08 - ok
21:33:47.0004 3768 [ EE4C7A4CF2316701FFDE90F404520265 ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
21:33:47.0004 3768 hpqddsvc - ok
21:33:47.0051 3768 [ 35956140E686D53BF676CF0C778880FC ] HpqKbFiltr C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
21:33:47.0051 3768 HpqKbFiltr - ok
21:33:47.0192 3768 [ D50FDAD1E57AA60F1973CFC77D905F0E ] hpqwmiex C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
21:33:47.0207 3768 hpqwmiex - ok
21:33:47.0270 3768 [ 6F9CB6539A1B2508BD1C53D29334431A ] HPSLPSVC C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL
21:33:47.0270 3768 HPSLPSVC - ok
21:33:47.0316 3768 [ C0BEB56ED79B59B7B33D0AA6C38A0BA6 ] hpsrv C:\Windows\system32\Hpservice.exe
21:33:47.0316 3768 hpsrv - ok
21:33:47.0410 3768 [ 46D67209550973257601A533E2AC5785 ] HSFHWAZL C:\Windows\system32\DRIVERS\VSTAZL3.SYS
21:33:47.0410 3768 HSFHWAZL - ok
21:33:47.0488 3768 [ EC36F1D542ED4252390D446BF6D4DFD0 ] HSF_DPV C:\Windows\system32\DRIVERS\VSTDPV3.SYS
21:33:47.0504 3768 HSF_DPV - ok
21:33:47.0644 3768 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys
21:33:47.0660 3768 HTTP - ok
21:33:47.0722 3768 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys
21:33:47.0722 3768 i2omp - ok
21:33:47.0753 3768 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
21:33:47.0753 3768 i8042prt - ok
21:33:47.0769 3768 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
21:33:47.0769 3768 iaStorV - ok
21:33:47.0878 3768 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
21:33:47.0878 3768 IDriverT - ok
21:33:48.0065 3768 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
21:33:48.0081 3768 idsvc - ok
21:33:48.0096 3768 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
21:33:48.0096 3768 iirsp - ok
21:33:48.0221 3768 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
21:33:48.0221 3768 IKEEXT - ok
21:33:48.0268 3768 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys
21:33:48.0268 3768 intelide - ok
21:33:48.0315 3768 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
21:33:48.0315 3768 intelppm - ok
21:33:48.0377 3768 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
21:33:48.0377 3768 IPBusEnum - ok
21:33:48.0393 3768 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:33:48.0393 3768 IpFilterDriver - ok
21:33:48.0486 3768 [ 1998BD97F950680BB55F55A7244679C2 ] IpHlpSvc C:\Windows\System32\iphlpsvc.dll
21:33:48.0486 3768 IpHlpSvc - ok
21:33:48.0486 3768 IpInIp - ok
21:33:48.0518 3768 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
21:33:48.0518 3768 IPMIDRV - ok
21:33:48.0533 3768 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
21:33:48.0533 3768 IPNAT - ok
21:33:48.0658 3768 [ 3C30491045DBBD44A42876B3D6F3917D ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
21:33:48.0658 3768 iPod Service - ok
21:33:48.0689 3768 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
21:33:48.0689 3768 IRENUM - ok
21:33:48.0720 3768 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys
21:33:48.0720 3768 isapnp - ok
21:33:48.0876 3768 [ B3C02712CAA7E2949F2D95F9AE99E0F6 ] iscFlash C:\Program Files\sp43867\iscflash.sys
21:33:48.0876 3768 iscFlash - ok
21:33:48.0986 3768 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
21:33:48.0986 3768 iScsiPrt - ok
21:33:49.0017 3768 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
21:33:49.0017 3768 iteatapi - ok
21:33:49.0079 3768 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
21:33:49.0079 3768 iteraid - ok
21:33:49.0173 3768 [ DA971CFC625D13636E04C405948E9D62 ] JMCR C:\Windows\system32\DRIVERS\jmcr.sys
21:33:49.0173 3768 JMCR - ok
21:33:49.0235 3768 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
21:33:49.0235 3768 kbdclass - ok
21:33:49.0282 3768 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
21:33:49.0298 3768 kbdhid - ok
21:33:49.0329 3768 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
21:33:49.0329 3768 KeyIso - ok
21:33:49.0407 3768 [ 566C5FD480FDBCE3BA5CF9FBCFFAEA9A ] KMWDFILTER C:\Windows\system32\DRIVERS\KMWDFILTER.sys
21:33:49.0407 3768 KMWDFILTER - ok
21:33:49.0500 3768 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
21:33:49.0516 3768 KSecDD - ok
21:33:49.0532 3768 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
21:33:49.0547 3768 KtmRm - ok
21:33:49.0610 3768 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\system32\srvsvc.dll
21:33:49.0610 3768 LanmanServer - ok
21:33:49.0672 3768 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:33:49.0672 3768 LanmanWorkstation - ok
21:33:50.0702 3768 [ 4CCC8AABE7880C56BA10043B8FBCA3EB ] LeapFrog Connect Device Service C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe
21:33:50.0733 3768 LeapFrog Connect Device Service - ok
21:33:50.0780 3768 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
21:33:50.0780 3768 lltdio - ok
21:33:50.0873 3768 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
21:33:50.0873 3768 lltdsvc - ok
21:33:50.0967 3768 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
21:33:50.0967 3768 lmhosts - ok
21:33:50.0982 3768 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
21:33:50.0982 3768 LSI_FC - ok
21:33:51.0045 3768 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
21:33:51.0045 3768 LSI_SAS - ok
21:33:51.0076 3768 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
21:33:51.0076 3768 LSI_SCSI - ok
21:33:51.0092 3768 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
21:33:51.0092 3768 luafv - ok
21:33:51.0185 3768 [ 629CABB0421668C9D3D402A3C3D77E14 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
21:33:51.0185 3768 MBAMProtector - ok
21:33:51.0388 3768 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
21:33:51.0388 3768 MBAMScheduler - ok
21:33:51.0544 3768 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
21:33:51.0560 3768 MBAMService - ok
21:33:51.0591 3768 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
21:33:51.0606 3768 Mcx2Svc - ok
21:33:51.0653 3768 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys
21:33:51.0653 3768 megasas - ok
21:33:51.0716 3768 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys
21:33:51.0731 3768 MegaSR - ok
21:33:51.0856 3768 Microsoft SharePoint Workspace Audit Service - ok
21:33:51.0965 3768 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
21:33:51.0965 3768 MMCSS - ok
21:33:52.0262 3768 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
21:33:52.0262 3768 Modem - ok
21:33:52.0293 3768 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
21:33:52.0293 3768 monitor - ok
21:33:52.0371 3768 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
21:33:52.0371 3768 mouclass - ok
21:33:52.0418 3768 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
21:33:52.0418 3768 mouhid - ok
21:33:52.0449 3768 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
21:33:52.0449 3768 MountMgr - ok
21:33:52.0527 3768 [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
21:33:52.0527 3768 MozillaMaintenance - ok
21:33:52.0574 3768 [ EE728AF83850DDAD9A3FCAC0AAB3AD97 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
21:33:52.0574 3768 MpFilter - ok
21:33:52.0620 3768 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys
21:33:52.0620 3768 mpio - ok
21:33:52.0854 3768 [ A69630D039C38018689190234F866D77 ] MpKsla80a88ae C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{5F2847EA-3436-4A25-8B1A-3CE381EC5274}\MpKsla80a88ae.sys
21:33:52.0854 3768 MpKsla80a88ae - ok
21:33:52.0870 3768 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
21:33:52.0870 3768 mpsdrv - ok
21:33:52.0948 3768 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
21:33:52.0964 3768 MpsSvc - ok
21:33:53.0026 3768 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
21:33:53.0026 3768 Mraid35x - ok
21:33:53.0088 3768 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
21:33:53.0088 3768 MRxDAV - ok
21:33:53.0135 3768 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
21:33:53.0135 3768 mrxsmb - ok
21:33:53.0213 3768 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:33:53.0213 3768 mrxsmb10 - ok
21:33:53.0244 3768 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:33:53.0244 3768 mrxsmb20 - ok
21:33:53.0291 3768 [ 5457DCFA7C0DA43522F4D9D4049C1472 ] msahci C:\Windows\system32\drivers\msahci.sys
21:33:53.0291 3768 msahci - ok
21:33:53.0338 3768 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys
21:33:53.0338 3768 msdsm - ok
21:33:53.0369 3768 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
21:33:53.0369 3768 MSDTC - ok
21:33:53.0369 3768 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
21:33:53.0369 3768 Msfs - ok
21:33:53.0416 3768 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
21:33:53.0416 3768 msisadrv - ok
21:33:53.0478 3768 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
21:33:53.0478 3768 MSiSCSI - ok
21:33:53.0478 3768 msiserver - ok
21:33:53.0525 3768 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
21:33:53.0525 3768 MSKSSRV - ok
21:33:53.0588 3768 [ E077FCA2A7E79FB9BF67D3E30B5CE593 ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe
21:33:53.0588 3768 MsMpSvc - ok
21:33:53.0603 3768 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
21:33:53.0603 3768 MSPCLOCK - ok
21:33:53.0650 3768 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
21:33:53.0650 3768 MSPQM - ok
21:33:53.0697 3768 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
21:33:53.0697 3768 MsRPC - ok
21:33:53.0744 3768 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
21:33:53.0744 3768 mssmbios - ok
21:33:53.0775 3768 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
21:33:53.0775 3768 MSTEE - ok
21:33:53.0806 3768 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
21:33:53.0806 3768 Mup - ok
21:33:53.0915 3768 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
21:33:53.0915 3768 napagent - ok
21:33:54.0009 3768 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
21:33:54.0009 3768 NativeWifiP - ok
21:33:54.0227 3768 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
21:33:54.0227 3768 NDIS - ok
21:33:54.0290 3768 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
21:33:54.0290 3768 NdisTapi - ok
21:33:54.0321 3768 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
21:33:54.0321 3768 Ndisuio - ok
21:33:54.0368 3768 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
21:33:54.0383 3768 NdisWan - ok
21:33:54.0414 3768 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
21:33:54.0414 3768 NDProxy - ok
21:33:54.0477 3768 [ 2969D26EEE289BE7422AA46FC55F4E38 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
21:33:54.0477 3768 Net Driver HPZ12 - ok
21:33:54.0492 3768 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
21:33:54.0508 3768 NetBIOS - ok
21:33:54.0586 3768 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
21:33:54.0586 3768 netbt - ok
21:33:54.0602 3768 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
21:33:54.0602 3768 Netlogon - ok
21:33:54.0633 3768 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
21:33:54.0633 3768 Netman - ok
21:33:54.0664 3768 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
21:33:54.0664 3768 netprofm - ok
21:33:54.0711 3768 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:33:54.0711 3768 NetTcpPortSharing - ok
21:33:55.0584 3768 [ 8DE67BD902095A13329FD82C85A1FA09 ] NETw5v32 C:\Windows\system32\DRIVERS\NETw5v32.sys
21:33:55.0616 3768 NETw5v32 - ok
21:33:55.0631 3768 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
21:33:55.0647 3768 nfrd960 - ok
21:33:55.0678 3768 [ 2CD24A6AF497D0E9B9BF3DA924ED05E6 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
21:33:55.0678 3768 NisDrv - ok
21:33:55.0803 3768 [ 3B846434055F80D9E89D0742F3ADAD34 ] NisSrv C:\Program Files\Microsoft Security Client\NisSrv.exe
21:33:55.0803 3768 NisSrv - ok
21:33:55.0881 3768 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
21:33:55.0881 3768 NlaSvc - ok
21:33:55.0959 3768 [ C82F4CC10AD315B6D6BCB14D0A7CAD66 ] nmwcd C:\Windows\system32\drivers\ccdcmb.sys
21:33:55.0959 3768 nmwcd - ok
21:33:56.0021 3768 [ 60EF5F5621D7832F00A3F190A0C905E2 ] nmwcdc C:\Windows\system32\drivers\ccdcmbo.sys
21:33:56.0021 3768 nmwcdc - ok
21:33:56.0052 3768 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
21:33:56.0052 3768 Npfs - ok
21:33:56.0099 3768 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
21:33:56.0099 3768 nsi - ok
21:33:56.0177 3768 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
21:33:56.0177 3768 nsiproxy - ok
21:33:56.0552 3768 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
21:33:56.0552 3768 Ntfs - ok
21:33:56.0583 3768 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
21:33:56.0583 3768 ntrigdigi - ok
21:33:56.0614 3768 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
21:33:56.0614 3768 Null - ok
21:33:56.0770 3768 [ 1657F3FBD9061526C14FF37E79306F98 ] NVENETFD C:\Windows\system32\DRIVERS\nvm60x32.sys
21:33:56.0770 3768 NVENETFD - ok
21:33:56.0832 3768 [ A82534D453425F5FEE4B6A583FDCF3EB ] NVHDA C:\Windows\system32\drivers\nvhda32v.sys
21:33:56.0832 3768 NVHDA - ok
21:33:57.0722 3768 [ 24000B817CC84AC1555F41929879AF5A ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
21:33:57.0768 3768 nvlddmkm - ok
21:33:57.0846 3768 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys
21:33:57.0846 3768 nvraid - ok
21:33:57.0924 3768 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys
21:33:57.0924 3768 nvstor - ok
21:33:57.0987 3768 [ C4D17F11526F87BC762F31DA5BD2580B ] nvsvc C:\Windows\system32\nvvsvc.exe
21:33:58.0002 3768 nvsvc - ok
21:33:58.0034 3768 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
21:33:58.0034 3768 nv_agp - ok
21:33:58.0034 3768 NwlnkFlt - ok
21:33:58.0049 3768 NwlnkFwd - ok
21:33:58.0080 3768 [ 6F310E890D46E246E0E261A63D9B36B4 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
21:33:58.0080 3768 ohci1394 - ok
21:33:58.0268 3768 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:33:58.0268 3768 ose - ok
21:33:58.0626 3768 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
21:33:58.0658 3768 osppsvc - ok
21:33:58.0814 3768 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
21:33:58.0814 3768 p2pimsvc - ok
21:33:58.0892 3768 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
21:33:58.0892 3768 p2psvc - ok
21:33:58.0938 3768 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
21:33:58.0938 3768 Parport - ok
21:33:59.0001 3768 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
21:33:59.0001 3768 partmgr - ok
21:33:59.0016 3768 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
21:33:59.0016 3768 Parvdm - ok
21:33:59.0079 3768 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
21:33:59.0079 3768 PcaSvc - ok
21:33:59.0219 3768 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
21:33:59.0219 3768 pci - ok
21:33:59.0266 3768 [ FC175F5DDAB666D7F4D17449A547626F ] pciide C:\Windows\system32\drivers\pciide.sys
21:33:59.0266 3768 pciide - ok
21:33:59.0360 3768 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
21:33:59.0360 3768 pcmcia - ok
21:33:59.0547 3768 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
21:33:59.0547 3768 PEAUTH - ok
21:33:59.0672 3768 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
21:33:59.0672 3768 pla - ok
21:33:59.0765 3768 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
21:33:59.0765 3768 PlugPlay - ok
21:33:59.0874 3768 [ BAFC9706BDF425A02B66468AB2605C59 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
21:33:59.0874 3768 Pml Driver HPZ12 - ok
21:34:00.0124 3768 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
21:34:00.0124 3768 PNRPAutoReg - ok
21:34:00.0249 3768 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
21:34:00.0249 3768 PNRPsvc - ok
21:34:00.0389 3768 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
21:34:00.0389 3768 PolicyAgent - ok
21:34:00.0483 3768 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
21:34:00.0483 3768 PptpMiniport - ok
21:34:00.0545 3768 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\drivers\processr.sys
21:34:00.0561 3768 Processor - ok
21:34:00.0608 3768 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
21:34:00.0608 3768 ProfSvc - ok
21:34:00.0639 3768 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
21:34:00.0639 3768 ProtectedStorage - ok
21:34:00.0701 3768 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
21:34:00.0701 3768 PSched - ok
21:34:00.0920 3768 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
21:34:00.0920 3768 ql2300 - ok
21:34:00.0951 3768 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
21:34:00.0951 3768 ql40xx - ok
21:34:00.0998 3768 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
21:34:00.0998 3768 QWAVE - ok
21:34:01.0029 3768 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
21:34:01.0029 3768 QWAVEdrv - ok
21:34:01.0076 3768 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
21:34:01.0076 3768 RasAcd - ok
21:34:01.0091 3768 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
21:34:01.0091 3768 RasAuto - ok
21:34:01.0122 3768 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
21:34:01.0122 3768 Rasl2tp - ok
21:34:01.0169 3768 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
21:34:01.0185 3768 RasMan - ok
21:34:01.0216 3768 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
21:34:01.0216 3768 RasPppoe - ok
21:34:01.0263 3768 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
21:34:01.0263 3768 RasSstp - ok
21:34:01.0341 3768 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
21:34:01.0341 3768 rdbss - ok
21:34:01.0388 3768 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
21:34:01.0388 3768 RDPCDD - ok
21:34:01.0466 3768 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
21:34:01.0466 3768 rdpdr - ok
21:34:01.0481 3768 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
21:34:01.0481 3768 RDPENCDD - ok
21:34:01.0544 3768 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
21:34:01.0544 3768 RDPWD - ok
21:34:01.0606 3768 [ 431723F23D0E065BEF502389E8FFDC10 ] Recovery Service for Windows C:\Windows\SMINST\BLService.exe
21:34:01.0606 3768 Recovery Service for Windows - ok
21:34:01.0637 3768 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
21:34:01.0637 3768 RemoteAccess - ok
21:34:01.0668 3768 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
21:34:01.0668 3768 RemoteRegistry - ok
21:34:01.0778 3768 [ 6482707F9F4DA0ECBAB43B2E0398A101 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
21:34:01.0778 3768 RFCOMM - ok
21:34:01.0902 3768 [ 17E0BEF5CA5C9CE52CC8082AC6EBC449 ] RichVideo C:\Program Files\CyberLink\Shared Files\RichVideo.exe
21:34:01.0902 3768 RichVideo - ok
21:34:01.0949 3768 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
21:34:01.0949 3768 RpcLocator - ok
21:34:02.0121 3768 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
21:34:02.0121 3768 RpcSs - ok
21:34:02.0324 3768 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
21:34:02.0324 3768 rspndr - ok
21:34:02.0480 3768 [ A1ADC7B4C074744662207DA6EDCDFBB0 ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh86.sys
21:34:02.0480 3768 RTL8169 - ok
21:34:02.0511 3768 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
21:34:02.0526 3768 SamSs - ok
21:34:02.0542 3768 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
21:34:02.0542 3768 sbp2port - ok
21:34:02.0682 3768 [ 1DF62F71BB16F4FD1102B64929438EB3 ] Scan2PC C:\Program Files\Scan2PC\Sc2PCSvc.exe
21:34:02.0698 3768 Scan2PC - ok
21:34:02.0807 3768 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
21:34:02.0807 3768 SCardSvr - ok
21:34:02.0885 3768 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
21:34:02.0901 3768 Schedule - ok
21:34:02.0916 3768 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
21:34:02.0916 3768 SCPolicySvc - ok
21:34:02.0979 3768 [ 126EA89BCC413EE45E3004FB0764888F ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
21:34:02.0979 3768 sdbus - ok
21:34:03.0041 3768 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
21:34:03.0041 3768 SDRSVC - ok
21:34:03.0057 3768 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
21:34:03.0057 3768 secdrv - ok
21:34:03.0088 3768 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
21:34:03.0088 3768 seclogon - ok
21:34:03.0104 3768 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll
21:34:03.0119 3768 SENS - ok
21:34:03.0150 3768 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
21:34:03.0150 3768 Serenum - ok
21:34:03.0197 3768 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
21:34:03.0197 3768 Serial - ok
21:34:03.0260 3768 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
21:34:03.0260 3768 sermouse - ok
21:34:03.0322 3768 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
21:34:03.0322 3768 SessionEnv - ok
21:34:03.0369 3768 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
21:34:03.0369 3768 sffdisk - ok
21:34:03.0400 3768 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
21:34:03.0400 3768 sffp_mmc - ok
21:34:03.0431 3768 [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
21:34:03.0431 3768 sffp_sd - ok
21:34:03.0478 3768 [ C33BFBD6E9E41FCD9FFEF9729E9FAED6 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
21:34:03.0478 3768 sfloppy - ok
21:34:03.0556 3768 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
21:34:03.0556 3768 SharedAccess - ok
21:34:03.0603 3768 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:34:03.0618 3768 ShellHWDetection - ok
21:34:03.0634 3768 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys
21:34:03.0634 3768 sisagp - ok
21:34:03.0665 3768 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
21:34:03.0681 3768 SiSRaid2 - ok
21:34:03.0681 3768 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
21:34:03.0681 3768 SiSRaid4 - ok
21:34:03.0837 3768 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
21:34:03.0837 3768 SkypeUpdate - ok
21:34:04.0367 3768 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
21:34:04.0398 3768 slsvc - ok
21:34:04.0445 3768 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
21:34:04.0445 3768 SLUINotify - ok
21:34:04.0508 3768 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
21:34:04.0508 3768 Smb - ok
21:34:04.0554 3768 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
21:34:04.0554 3768 SNMPTRAP - ok
21:34:04.0601 3768 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
21:34:04.0601 3768 spldr - ok
21:34:04.0632 3768 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
21:34:04.0632 3768 Spooler - ok
21:34:04.0679 3768 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
21:34:04.0679 3768 srv - ok
21:34:04.0710 3768 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
21:34:04.0710 3768 srv2 - ok
21:34:04.0742 3768 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
21:34:04.0742 3768 srvnet - ok
21:34:04.0757 3768 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
21:34:04.0757 3768 SSDPSRV - ok
21:34:04.0788 3768 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
21:34:04.0788 3768 SstpSvc - ok
21:34:05.0631 3768 [ 05AE358CD777BF8857F512A18E1DE7AA ] STacSV C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_e2247046\STacSV.exe
21:34:05.0631 3768 STacSV - ok
21:34:05.0678 3768 [ E69A606872650B46DE54EC15DCC93529 ] STHDA C:\Windows\system32\DRIVERS\stwrt.sys
21:34:05.0678 3768 STHDA - ok
21:34:05.0693 3768 [ EF70B3D22B4BFFDA6EA851ECB063EFAA ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
21:34:05.0693 3768 StillCam - ok
21:34:05.0849 3768 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
21:34:05.0849 3768 stisvc - ok
21:34:05.0912 3768 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
21:34:05.0912 3768 swenum - ok
21:34:06.0068 3768 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
21:34:06.0068 3768 swprv - ok
21:34:06.0114 3768 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
21:34:06.0114 3768 Symc8xx - ok
21:34:06.0177 3768 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
21:34:06.0177 3768 Sym_hi - ok
21:34:06.0224 3768 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
21:34:06.0224 3768 Sym_u3 - ok
21:34:06.0333 3768 [ 067CB9D745407A8C1B26E89A6A2CE152 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
21:34:06.0333 3768 SynTP - ok
21:34:06.0582 3768 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
21:34:06.0582 3768 SysMain - ok
21:34:06.0629 3768 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:34:06.0629 3768 TabletInputService - ok
21:34:06.0676 3768 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
21:34:06.0676 3768 TapiSrv - ok
21:34:06.0707 3768 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
21:34:06.0707 3768 TBS - ok
21:34:07.0004 3768 [ EE7E10BED85C312C1D5D30C435BDDA9F ] Tcpip C:\Windows\system32\drivers\tcpip.sys
21:34:07.0019 3768 Tcpip - ok
21:34:07.0097 3768 [ EE7E10BED85C312C1D5D30C435BDDA9F ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
21:34:07.0113 3768 Tcpip6 - ok
21:34:07.0175 3768 [ 2C2D4CFF5E09C73908F9B5AF49A51365 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
21:34:07.0175 3768 tcpipreg - ok
21:34:07.0238 3768 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
21:34:07.0238 3768 TDPIPE - ok
21:34:07.0269 3768 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
21:34:07.0284 3768 TDTCP - ok
21:34:07.0347 3768 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
21:34:07.0347 3768 tdx - ok
21:34:07.0394 3768 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
21:34:07.0394 3768 TermDD - ok
21:34:07.0596 3768 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
21:34:07.0612 3768 TermService - ok
21:34:07.0628 3768 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
21:34:07.0643 3768 Themes - ok
21:34:07.0659 3768 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
21:34:07.0659 3768 THREADORDER - ok
21:34:07.0674 3768 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
21:34:07.0674 3768 TrkWks - ok
21:34:07.0752 3768 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:34:07.0752 3768 TrustedInstaller - ok
21:34:07.0799 3768 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
21:34:07.0799 3768 tssecsrv - ok
21:34:07.0846 3768 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
21:34:07.0846 3768 tunmp - ok
21:34:07.0877 3768 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
21:34:07.0877 3768 tunnel - ok
21:34:07.0908 3768 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys
21:34:07.0908 3768 uagp35 - ok
21:34:08.0018 3768 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
21:34:08.0018 3768 udfs - ok
21:34:08.0080 3768 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
21:34:08.0080 3768 UI0Detect - ok
21:34:08.0096 3768 UIUSys - ok
21:34:08.0127 3768 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
21:34:08.0127 3768 uliagpkx - ok
21:34:08.0189 3768 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys
21:34:08.0189 3768 uliahci - ok
21:34:08.0236 3768 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
21:34:08.0236 3768 UlSata - ok
21:34:08.0314 3768 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
21:34:08.0314 3768 ulsata2 - ok
21:34:08.0361 3768 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
21:34:08.0361 3768 umbus - ok
21:34:08.0501 3768 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
21:34:08.0501 3768 upnphost - ok
21:34:08.0579 3768 [ BB16932A4189E82D6C455042C11849B6 ] upperdev C:\Windows\system32\DRIVERS\usbser_lowerflt.sys
21:34:08.0579 3768 upperdev - ok
21:34:08.0642 3768 [ E8C1B9EBAC65288E1B51E8A987D98AF6 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
21:34:08.0642 3768 USBAAPL - ok
21:34:08.0688 3768 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
21:34:08.0688 3768 usbccgp - ok
21:34:08.0735 3768 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
21:34:08.0735 3768 usbcir - ok
21:34:08.0782 3768 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
21:34:08.0782 3768 usbehci - ok
21:34:08.0798 3768 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
21:34:08.0798 3768 usbhub - ok
21:34:08.0844 3768 [ 7BDB7B0E7D45AC0402D78B90789EF47C ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
21:34:08.0844 3768 usbohci - ok
21:34:08.0969 3768 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
21:34:08.0969 3768 usbprint - ok
21:34:09.0063 3768 [ A508C9BD8724980512136B039BBA65E9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
21:34:09.0063 3768 usbscan - ok
21:34:09.0125 3768 [ D575246188F63DE0ACCF6EAC5FB59E6A ] usbser C:\Windows\system32\DRIVERS\usbser.sys
21:34:09.0125 3768 usbser - ok
21:34:09.0203 3768 [ E748D50B3B2EC7F40A2BA67FB094CF01 ] UsbserFilt C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys
21:34:09.0203 3768 UsbserFilt - ok
21:34:09.0266 3768 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:34:09.0266 3768 USBSTOR - ok
21:34:09.0359 3768 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
21:34:09.0359 3768 usbuhci - ok
21:34:09.0406 3768 [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
21:34:09.0406 3768 usbvideo - ok
21:34:09.0468 3768 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
21:34:09.0468 3768 UxSms - ok
21:34:09.0531 3768 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
21:34:09.0531 3768 vds - ok
21:34:09.0578 3768 [ 4D45A93A7DD638CA2DB0A86FBFBF42D1 ] vfs101x C:\Windows\system32\drivers\vfs101x.sys
21:34:09.0578 3768 vfs101x - ok
21:34:09.0671 3768 [ 14C9B01B3C2EFA722FBC75286682994E ] vfsFPService C:\Windows\system32\vfsFPService.exe
21:34:09.0687 3768 vfsFPService - ok
21:34:09.0702 3768 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
21:34:09.0702 3768 vga - ok
21:34:09.0765 3768 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
21:34:09.0765 3768 VgaSave - ok
21:34:09.0780 3768 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys
21:34:09.0796 3768 viaagp - ok
21:34:09.0812 3768 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys
21:34:09.0812 3768 ViaC7 - ok
21:34:09.0890 3768 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\Windows\system32\drivers\viaide.sys
21:34:09.0890 3768 viaide - ok
21:34:09.0983 3768 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
21:34:09.0983 3768 volmgr - ok
21:34:10.0108 3768 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
21:34:10.0108 3768 volmgrx - ok
21:34:10.0202 3768 [ 786DB5771F05EF300390399F626BF30A ] volsnap C:\Windows\system32\drivers\volsnap.sys
21:34:10.0202 3768 volsnap - ok
21:34:10.0295 3768 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
21:34:10.0295 3768 vsmraid - ok
21:34:10.0529 3768 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
21:34:10.0545 3768 VSS - ok
21:34:10.0685 3768 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
21:34:10.0701 3768 W32Time - ok
21:34:10.0716 3768 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
21:34:10.0716 3768 WacomPen - ok
21:34:10.0763 3768 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
21:34:10.0763 3768 Wanarp - ok
21:34:10.0779 3768 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
21:34:10.0779 3768 Wanarpv6 - ok
21:34:10.0888 3768 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
21:34:10.0888 3768 wcncsvc - ok
21:34:10.0935 3768 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:34:10.0935 3768 WcsPlugInService - ok
21:34:10.0997 3768 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys
21:34:10.0997 3768 Wd - ok
21:34:11.0122 3768 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
21:34:11.0122 3768 Wdf01000 - ok
21:34:11.0153 3768 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
21:34:11.0153 3768 WdiServiceHost - ok
21:34:11.0184 3768 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
21:34:11.0200 3768 WdiSystemHost - ok
21:34:11.0278 3768 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
21:34:11.0294 3768 WebClient - ok
21:34:11.0356 3768 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
21:34:11.0356 3768 Wecsvc - ok
21:34:11.0403 3768 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
21:34:11.0403 3768 wercplsupport - ok
21:34:11.0481 3768 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
21:34:11.0481 3768 WerSvc - ok
21:34:11.0730 3768 [ 5C7BDCF5864DB00323FE2D90FA26A8A2 ] winachsf C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
21:34:11.0746 3768 winachsf - ok
21:34:11.0793 3768 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
21:34:11.0808 3768 WinDefend - ok
21:34:11.0808 3768 WinHttpAutoProxySvc - ok
21:34:12.0557 3768 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
21:34:12.0557 3768 Winmgmt - ok
21:34:12.0713 3768 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
21:34:12.0729 3768 WinRM - ok
21:34:12.0854 3768 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
21:34:12.0854 3768 Wlansvc - ok
21:34:12.0978 3768 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
21:34:12.0978 3768 WmiAcpi - ok
21:34:13.0041 3768 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
21:34:13.0041 3768 wmiApSrv - ok
21:34:13.0103 3768 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
21:34:13.0103 3768 WMPNetworkSvc - ok
21:34:13.0134 3768 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
21:34:13.0134 3768 WPCSvc - ok
21:34:13.0197 3768 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
21:34:13.0212 3768 WPDBusEnum - ok
21:34:13.0259 3768 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
21:34:13.0259 3768 WpdUsb - ok
21:34:13.0524 3768 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
21:34:13.0524 3768 WPFFontCache_v0400 - ok
21:34:13.0587 3768 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
21:34:13.0587 3768 ws2ifsl - ok
21:34:13.0634 3768 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\System32\wscsvc.dll
21:34:13.0634 3768 wscsvc - ok
21:34:13.0649 3768 WSearch - ok
21:34:13.0805 3768 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
21:34:13.0821 3768 wuauserv - ok
21:34:13.0868 3768 [ 13B5F255E90624A5BA0441D39CFB6BE2 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
21:34:13.0868 3768 WudfPf - ok
21:34:13.0914 3768 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
21:34:13.0914 3768 WUDFRd - ok
21:34:14.0008 3768 [ 575A4190D989F64732119E4114045A4F ] wudfsvc C:\Windows\System32\WUDFSvc.dll
21:34:14.0008 3768 wudfsvc - ok
21:34:14.0086 3768 {22D78859-9CE9-4B77-BF18-AC83E81A9263} - ok
21:34:14.0102 3768 ================ Scan global ===============================
21:34:14.0164 3768 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
21:34:14.0226 3768 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
21:34:14.0273 3768 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
21:34:14.0336 3768 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
21:34:14.0336 3768 [Global] - ok
21:34:14.0336 3768 ================ Scan MBR ==================================
21:34:14.0351 3768 [ 85D751F0E41B8E520AEE8C07A8DA777B ] \Device\Harddisk1\DR1
21:34:16.0863 3768 \Device\Harddisk1\DR1 - ok
21:34:16.0863 3768 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
21:34:17.0268 3768 \Device\Harddisk0\DR0 - ok
21:34:17.0268 3768 ================ Scan VBR ==================================
21:34:17.0284 3768 [ 9595E60C101DB8A2B009FF3A8976008B ] \Device\Harddisk1\DR1\Partition1
21:34:17.0331 3768 \Device\Harddisk1\DR1\Partition1 - ok
21:34:17.0378 3768 [ CDC96D30EEEFB5E8039BC10AE952F9DD ] \Device\Harddisk1\DR1\Partition2
21:34:17.0440 3768 \Device\Harddisk1\DR1\Partition2 - ok
21:34:17.0456 3768 [ 0FA52BA562006A7DC323D7FCBD2D31BF ] \Device\Harddisk0\DR0\Partition1
21:34:17.0456 3768 \Device\Harddisk0\DR0\Partition1 - ok
21:34:17.0456 3768 ============================================================
21:34:17.0456 3768 Scan finished
21:34:17.0456 3768 ============================================================
21:34:17.0471 4456 Detected object count: 0
21:34:17.0471 4456 Actual detected object count: 0

#4 t644

t644
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:06:37 PM

Posted 11 January 2013 - 05:53 PM

aswMBR Log

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-01-11 21:41:04
-----------------------------
21:41:04.059 OS Version: Windows 6.0.6002 Service Pack 2
21:41:04.059 Number of processors: 2 586 0x1706
21:41:04.059 ComputerName: SANDH-PC UserName: sandh
21:41:05.697 Initialize success
21:41:14.121 AVAST engine defs: 13011101
21:41:21.250 Disk 0 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-1
21:41:21.266 Disk 0 Vendor: WDC_WD2500BEVS-60UST0 01.01A01 Size: 238475MB BusType: 3
21:41:21.266 Disk 1 (boot) \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP0T0L0-0
21:41:21.266 Disk 1 Vendor: WDC_WD2500BEVS-60UST0 01.01A01 Size: 238475MB BusType: 3
21:41:21.297 Disk 1 MBR read successfully
21:41:21.297 Disk 1 MBR scan
21:41:21.313 Disk 1 unknown MBR code
21:41:21.313 Disk 1 Partition 1 80 (A) 07 HPFS/NTFS NTFS 228847 MB offset 63
21:41:21.359 Disk 1 Partition 2 00 07 HPFS/NTFS NTFS 9624 MB offset 468680704
21:41:21.406 Disk 1 scanning sectors +488390656
21:41:21.500 Disk 1 scanning C:\Windows\system32\drivers
21:41:42.763 Service scanning
21:42:01.795 Service MpKsla80a88ae C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{5F2847EA-3436-4A25-8B1A-3CE381EC5274}\MpKsla80a88ae.sys **LOCKED** 32
21:42:42.620 Modules scanning
21:42:54.195 Disk 1 trace - called modules:
21:42:54.226 ntkrnlpa.exe CLASSPNP.SYS disk.sys hpdskflt.sys hal.dll ataport.SYS PCIIDEX.SYS msahci.sys
21:42:54.226 1 nt!IofCallDriver -> \Device\Harddisk1\DR1[0x87945ac8]
21:42:54.242 3 CLASSPNP.SYS[805db8b3] -> nt!IofCallDriver -> [0x87842120]
21:42:54.257 5 hpdskflt.sys[8c7b3f92] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x86f4c230]
21:42:55.724 AVAST engine scan C:\Windows
21:43:02.011 AVAST engine scan C:\Windows\system32
21:48:43.105 AVAST engine scan C:\Windows\system32\drivers
21:49:05.849 AVAST engine scan C:\Users\sandh
22:39:28.587 AVAST engine scan C:\ProgramData
22:50:15.940 Scan finished successfully
22:50:35.440 Disk 1 MBR has been saved successfully to "C:\Users\sandh\Desktop\MBR.dat"
22:50:35.456 The log file has been saved successfully to "C:\Users\sandh\Desktop\aswMBR.txt"

#5 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:37 PM

Posted 11 January 2013 - 07:37 PM

ESET log?

#6 t644

t644
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:06:37 PM

Posted 11 January 2013 - 08:05 PM

Just finishing up now

#7 t644

t644
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:06:37 PM

Posted 11 January 2013 - 08:07 PM

ESET

C:\Users\sandh\AppData\Local\Temp\plugtmp-6\plugin-WOwSFfuznZbUq JS/Exploit.Pdfka.PVC trojan cleaned by deleting - quarantined
C:\Users\sandh\AppData\Local\Temp\plugtmp-7\plugin-fYScGo JS/Exploit.Pdfka.PVN trojan cleaned by deleting - quarantined

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:37 PM

Posted 11 January 2013 - 08:17 PM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.



Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#9 t644

t644
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:06:37 PM

Posted 13 January 2013 - 07:50 AM

Thanks again, logs as follows.

Malwarebytes

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Database version: v2013.01.12.09

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
sandh :: SANDH-PC [administrator]

12/01/2013 22:45:38
mbam-log-2013-01-12 (22-45-38).txt

Scan type: Full scan (C:\|D:\|E:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 452696
Time elapsed: 2 hour(s), 19 minute(s), 20 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)



Minitoolbox

MiniToolBox by Farbar Version:10-01-2013
Ran by sandh (administrator) on 13-01-2013 at 12:11:42
Running from "C:\Users\sandh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E59Q0EHL"
Windows Vista ™ Home Premium Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

::1 localhost

127.0.0.1 localhost

========================= IP Configuration: ================================

Intel® WiFi Link 5100 AGN = Wireless Network Connection (Connected)
Realtek PCIe GBE Family Controller = Local Area Connection (Media disconnected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : sandh-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® WiFi Link 5100 AGN
Physical Address. . . . . . . . . : 00-21-5D-9D-09-38
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::3c99:d2fc:86ff:2bab%13(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.4(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : 13 January 2013 11:28:28
Lease Expires . . . . . . . . . . : 13 January 2013 12:58:29
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DHCPv6 IAID . . . . . . . . . . . : 285221213
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-10-8A-7B-D3-00-21-5D-9D-09-38
DNS Servers . . . . . . . . . . . : 194.168.4.100
194.168.8.100
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Bluetooth Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
Physical Address. . . . . . . . . : 00-21-86-B9-74-10
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 00-1E-EC-E9-DE-F1
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{D48C76B8-6977-47E0-80CF-E529F1E9A39A}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 12:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{E2F02E38-6F1C-4CDA-A265-C6FB858AACA7}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 13:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : 6TO4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 14:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:2891:1851:3f57:fffb(Preferred)
Link-local IPv6 Address . . . . . : fe80::2891:1851:3f57:fffb%15(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Local Area Connection* 15:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{BB3C17D4-5A11-4480-A6C8-BEC0DDA4E10E}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: cache1.service.virginmedia.net
Address: 194.168.4.100

Name: google.com
Addresses: 2a00:1450:4009:806::1003
173.194.41.64
173.194.41.70
173.194.41.65
173.194.41.72
173.194.41.66
173.194.41.69
173.194.41.67
173.194.41.68
173.194.41.78
173.194.41.73
173.194.41.71



Pinging google.com [173.194.41.70] with 32 bytes of data:

Reply from 173.194.41.70: bytes=32 time=18ms TTL=57

Reply from 173.194.41.70: bytes=32 time=15ms TTL=57



Ping statistics for 173.194.41.70:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 15ms, Maximum = 18ms, Average = 16ms

Server: cache1.service.virginmedia.net
Address: 194.168.4.100

Name: yahoo.com
Addresses: 98.138.253.109
72.30.38.140
98.139.183.24



Pinging yahoo.com [72.30.38.140] with 32 bytes of data:

Reply from 72.30.38.140: bytes=32 time=237ms TTL=48

Reply from 72.30.38.140: bytes=32 time=250ms TTL=48



Ping statistics for 72.30.38.140:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 237ms, Maximum = 250ms, Average = 243ms



Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
13 ...00 21 5d 9d 09 38 ...... Intel® WiFi Link 5100 AGN
12 ...00 21 86 b9 74 10 ...... Bluetooth Device (Personal Area Network)
10 ...00 1e ec e9 de f1 ...... Realtek PCIe GBE Family Controller
1 ........................... Software Loopback Interface 1
19 ...00 00 00 00 00 00 00 e0 isatap.{D48C76B8-6977-47E0-80CF-E529F1E9A39A}
18 ...00 00 00 00 00 00 00 e0 isatap.{E2F02E38-6F1C-4CDA-A265-C6FB858AACA7}
14 ...00 00 00 00 00 00 00 e0 6TO4 Adapter
15 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
16 ...00 00 00 00 00 00 00 e0 isatap.{BB3C17D4-5A11-4480-A6C8-BEC0DDA4E10E}
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.4 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.0.0 255.255.255.0 On-link 192.168.0.4 281
192.168.0.4 255.255.255.255 On-link 192.168.0.4 281
192.168.0.255 255.255.255.255 On-link 192.168.0.4 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.0.4 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.0.4 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
15 18 ::/0 On-link
1 306 ::1/128 On-link
15 18 2001::/32 On-link
15 266 2001:0:4137:9e76:2891:1851:3f57:fffb/128
On-link
13 281 fe80::/64 On-link
15 266 fe80::/64 On-link
15 266 fe80::2891:1851:3f57:fffb/128
On-link
13 281 fe80::3c99:d2fc:86ff:2bab/128
On-link
1 306 ff00::/8 On-link
15 266 ff00::/8 On-link
13 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\System32\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\System32\winrnr.dll [19968] (Microsoft Corporation)
Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [152864] (Apple Inc.)
Catalog5 08 C:\Windows\system32\wshbth.dll [34304] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 29 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 30 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 31 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 32 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 33 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (01/12/2013 10:38:49 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/11/2013 09:23:21 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/11/2013 06:57:35 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/11/2013 06:34:37 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/11/2013 06:33:48 AM) (Source: EventSystem) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (01/10/2013 10:54:03 PM) (Source: Application Error) (User: )
Description: Faulting application mobsync.exe, version 6.0.6001.18000, time stamp 0x47918e41, faulting module ntdll.dll, version 6.0.6002.18541, time stamp 0x4ec3e3d5, exception code 0xc0000374, fault offset 0x000b06b7,
process id 0xb88, application start time 0xmobsync.exe0.

Error: (01/10/2013 10:13:33 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/10/2013 00:27:08 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/09/2013 11:32:48 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/09/2013 09:29:59 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (01/13/2013 11:44:13 AM) (Source: Service Control Manager) (User: )
Description: Windows Firewall5 (0x5)

Error: (01/13/2013 11:43:28 AM) (Source: Service Control Manager) (User: )
Description: Windows Firewall5 (0x5)

Error: (01/12/2013 10:40:24 PM) (Source: Service Control Manager) (User: )
Description: iPod Service%%1053

Error: (01/12/2013 10:40:24 PM) (Source: Service Control Manager) (User: )
Description: 30000iPod Service

Error: (01/12/2013 10:40:24 PM) (Source: DCOM) (User: )
Description: 1053iPod Service{063D34A4-BF84-4B8D-B699-E8CA06504DDE}

Error: (01/12/2013 10:39:11 PM) (Source: Service Control Manager) (User: )
Description: HP CUE DeviceDiscovery Service

Error: (01/12/2013 10:38:50 PM) (Source: Service Control Manager) (User: )
Description: {22D78859-9CE9-4B77-BF18-AC83E81A9263}%%2

Error: (01/12/2013 10:38:50 PM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Error: (01/12/2013 10:38:50 PM) (Source: Service Control Manager) (User: )
Description: Windows Firewall5 (0x5)

Error: (01/11/2013 09:23:44 PM) (Source: Service Control Manager) (User: )
Description: HP CUE DeviceDiscovery Service


Microsoft Office Sessions:
=========================
Error: (01/12/2013 10:38:49 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/11/2013 09:23:21 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/11/2013 06:57:35 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/11/2013 06:34:37 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/11/2013 06:33:48 AM) (Source: EventSystem)(User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (01/10/2013 10:54:03 PM) (Source: Application Error)(User: )
Description: mobsync.exe6.0.6001.1800047918e41ntdll.dll6.0.6002.185414ec3e3d5c0000374000b06b7b8801cdef855e60db21

Error: (01/10/2013 10:13:33 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/10/2013 00:27:08 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/09/2013 11:32:48 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/09/2013 09:29:59 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


CodeIntegrity Errors:
===================================
Date: 2013-01-13 11:58:33.649
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-01-13 11:58:33.462
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-01-13 11:58:33.228
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-01-13 11:58:32.994
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-01-13 11:58:32.791
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-01-13 11:58:32.588
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-01-13 11:58:32.354
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22665_none_b36bda857faff8dc\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-01-13 11:58:32.167
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22665_none_b36bda857faff8dc\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-01-13 11:58:31.933
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22665_none_b36bda857faff8dc\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-01-13 11:58:31.714
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22665_none_b36bda857faff8dc\tcpip.sys because the set of per-page image hashes could not be found on the system.


=========================== Installed Programs ============================

32 Bit HP CIO Components Installer (Version: 2.1.5)
ActiveCheck component for HP Active Support Library (Version: 3.0.0.2)
Adobe Flash Player 11 ActiveX (Version: 11.5.502.146)
Adobe Flash Player 11 Plugin (Version: 11.5.502.146)
Adobe Reader 8.1.6 (Version: 8.1.6)
Adobe Shockwave Player (Version: 10.2.0.023)
Adobe Shockwave Player 11 (Version: 11)
Agere Systems HDA Modem
AIO_Scan (Version: 90.0.222.000)
Apple Application Support (Version: 1.4.1)
Apple Mobile Device Support (Version: 3.0.1.3)
Apple Software Update (Version: 2.1.1.116)
Bonjour (Version: 2.0.1.2)
Boots F2CD Picture Suite (Version: 1.0.0.13)
BufferChm (Version: 100.0.170.000)
C4380 (Version: 90.0.222.000)
C4380_doccd (Version: 90.0.222.000)
C4380_Help (Version: 90.0.222.000)
Championship Manager 00-01
Championship Manager 01-02
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Copy (Version: 90.0.146.000)
CustomerResearchQFolder (Version: 1.00.0000)
CyberLink DVD Suite (Version: 5.5.1519)
CyberLink YouCam (Version: 2.0.1616)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Destination Component (Version: 090.000.091.086)
DeviceDiscovery (Version: 110.0.180.000)
DeviceManagementQFolder (Version: 1.00.0000)
DigitalPersona Personal 3.0.1 (Version: 3.0.1)
DocProc (Version: 9.0.0.0)
DocProcQFolder (Version: 1.00.0000)
Dropbox (Version: 1.6.10)
ESET Online Scanner v3
ESU for Microsoft Vista (Version: 1.0.0)
eSupportQFolder (Version: 1.00.0000)
Fax (Version: 120.0.194.000)
FileOpen Client (Version: 3.0.73.917)
Google Earth (Version: 6.2.2.6613)
Google Update Helper (Version: 1.3.21.123)
HP Active Support Library (Version: 3.1.9.1)
HP Customer Experience Enhancements (Version: 5.7.0.2630)
HP Customer Participation Program 9.0 (Version: 9.0)
HP Doc Viewer (Version: 1.01.0005)
HP Driver Diagnostics (Version: 1.03.0005)
HP DVD Play 3.7 (Version: 3.7.0.5723)
HP Easy Setup - Frontend (Version: 5.7.0.2630)
HP Help and Support (Version: 2.1.3.0)
HP Imaging Device Functions 9.0 (Version: 9.0)
HP Integrated Module with Bluetooth wireless technology 6.0.1.6204 (Version: 6.0.1.6204)
HP MULTIPLE MODEM INSTALLER for VISTA (Version: 1.0.0.30)
HP OCR Software 9.0 (Version: 9.0)
HP Photosmart All-In-One Software 9.0 (Version: 9.0)
HP Photosmart Essential 2.01 (Version: 2.01)
HP Photosmart Essential2.01 (Version: 1.01.0000)
HP Product Assistant (Version: 100.000.001.000)
HP Quick Launch Buttons 6.40 D1 (Version: 6.40 D1)
HP QuickTouch 1.00 D2 (Version: 1.0.9)
HP Smart Web Printing (Version: 3.5)
HP Solution Center 9.0 (Version: 9.0)
HP Total Care Advisor (Version: 2.1.3359.2635)
HP Update (Version: 4.000.010.008)
HP User Guides 0103 (Version: 1.01.0000)
HP Wireless Assistant (Version: 3.00 J1)
HP_Network_UserGuide (Version: 1.00.0000)
HPAsset component for HP Active Support Library (Version: 3.0.1.0)
HPDiagnosticAlert (Version: 1.00.0000)
HPNetworkAssistant (Version: 1.1.70)
HPProductAssistant (Version: 90.0.146.000)
HPSSupply (Version: 100.0.170.000)
IDT Audio (Version: 1.0.6017.13)
iSpring Free 4.3
iTunes (Version: 9.1.1.12)
Japanese Fonts Support For Adobe Reader 8 (Version: 8.0)
Java Auto Updater (Version: 2.0.7.2)
Java™ 6 Update 37 (Version: 6.0.370)
Java™ 6 Update 6 (Version: 1.6.0.60)
JMicron JMB38X Flash Media Controller (Version: 1.00.16.01)
Juniper Networks Setup Client (Version: 1.1.0.0)
LabelPrint (Version: 2.20.2719)
LeapFrog Connect (Version: 4.0.33.15045)
LeapFrog LeapPad Explorer Plugin (Version: 4.0.33.15045)
LeapFrog My Pals Plugin (Version: 4.0.33.15045)
Magic Desktop (Version: 3.0)
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
MarketResearch (Version: 90.0.146.000)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Live Add-in 1.5 (Version: 2.0.4024.1)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook Connector (Version: 14.0.6106.5001)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (Version: 14.0.5120.5000)
Microsoft Security Client (Version: 4.1.0522.0)
Microsoft Security Essentials (Version: 4.1.522.0)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Works (Version: 9.7.0621)
MobileMe Control Panel (Version: 3.0.1.1)
Mozilla Firefox 17.0.1 (x86 en-GB) (Version: 17.0.1)
Mozilla Maintenance Service (Version: 17.0.1)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
muvee autoProducer 6.1 (Version: 6.10.050)
My HP Games (Version: 1.0.0.43)
Network (Version: 110.0.180.000)
Nokia Connectivity Cable Driver (Version: 6.80.5.1)
NVIDIA Drivers (Version: 1.10)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
PanoStandAlone (Version: 90.0.146.000)
PDF reDirect (remove only) (Version: v2.2.8)
PhotoNow! (Version: 1.1.4518)
Power2Go (Version: 5.6.3919)
PowerDirector (Version: 6.5.2719)
ProtectSmart Hard Drive Protection (Version: 3.10 A7)
PS_AIO_02_ProductContext (Version: 90.0.222.000)
PS_AIO_02_Software (Version: 90.0.222.000)
PS_AIO_02_Software_min (Version: 90.0.222.000)
PSSWCORE (Version: 2.01.0000)
PVSonyDll (Version: 1.00.0001)
QuickPlay SlingPlayer 0.4.6 (Version: 0.4.6)
QuickTime (Version: 7.69.80.9)
RealPlayer
Realtek 8169 8168 8101E 8102E Ethernet Driver (Version: 1.00.0000)
Scan (Version: 9.0.0.0)
Scan2PC (Version: 1.3.0.15)
Shop for HP Supplies (Version: 10.0)
Skype™ 5.10 (Version: 5.10.116)
SmartWebPrintingOC (Version: 100.0.189.000)
SolutionCenter (Version: 90.0.146.000)
Spotify (Version: 0.8.4.124.ga3559d86)
SpyHunter (Version: 4.10.5.4085)
Star Wars Empire at War (Version: 1.0)
Status (Version: 110.0.180.000)
Synaptics Pointing Device Driver (Version: 15.0.17.4)
Toolbox (Version: 90.0.146.000)
TrayApp (Version: 110.0.180.000)
UnloadSupport (Version: 10.0.0)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
Use the entry named LeapFrog Connect to uninstall (LeapFrog LeapPad Explorer Plugin)
Use the entry named LeapFrog Connect to uninstall (LeapFrog My Pals Plugin)
Validity Sensors software (Version: 2.7.39)
VideoToolkit01 (Version: 90.0.146.000)
Viewpoint Media Player
WD Diagnostics (Version: 1.09.0002)
WebReg (Version: 90.0.146.000)
Windows Driver Package - ENE (enecir) HIDClass (04/29/2008 2.5.0.0) (Version: 04/29/2008 2.5.0.0)
Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012) (Version: 09/10/2009 02.03.05.012)
Windows Live Sync (Version: 14.0.8089.726)
Yahoo! Detect

========================= Memory info: ===================================

Percentage of memory in use: 53%
Total physical RAM: 3068.03 MB
Available physical RAM: 1419.88 MB
Total Pagefile: 6339.03 MB
Available Pagefile: 4429.37 MB
Total Virtual: 2047.88 MB
Available Virtual: 1946.66 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:223.48 GB) (Free:41.24 GB) NTFS
2 Drive d: (DATA) (Fixed) (Total:232.88 GB) (Free:226.36 GB) NTFS
3 Drive e: (HP_RECOVERY) (Fixed) (Total:9.4 GB) (Free:1.19 GB) NTFS
4 Drive f: (CM0102) (CDROM) (Total:0.32 GB) (Free:0 GB) CDFS

========================= Users: ========================================

User accounts for \\SANDH-PC

Administrator Guest sandh

========================= Restore Points ==================================

31-10-2012 11:19:17 Scheduled Checkpoint
03-11-2012 19:46:07 Windows Update
07-11-2012 20:58:54 Windows Update
11-11-2012 11:01:08 Windows Update
14-11-2012 20:51:20 Windows Update
26-11-2012 14:04:46 Windows Update
28-11-2012 11:52:52 Windows Update
02-12-2012 21:22:05 Windows Update
03-12-2012 10:24:52 Scheduled Checkpoint
07-12-2012 14:39:26 Windows Update
12-12-2012 22:17:56 Windows Update
12-12-2012 23:50:23 Windows Update
15-12-2012 21:16:23 Windows Update
21-12-2012 20:05:35 Windows Update
22-12-2012 10:56:27 Windows Update
26-12-2012 08:47:40 Windows Update
30-12-2012 12:01:07 Windows Update
02-01-2013 15:56:16 Windows Update
06-01-2013 21:47:18 Windows Update
09-01-2013 23:43:23 Windows Update
10-01-2013 00:07:26 Windows Update

**** End of log ****



Farbar Service Scanner

Farbar Service Scanner Version: 05-01-2013
Ran by sandh (administrator) on 13-01-2013 at 12:19:26
Running from "C:\Users\sandh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E59Q0EHL"
Windows Vista ™ Home Premium Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error. Google IP is offline
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
MpsSvc Service is not running. Checking service configuration:
The start type of MpsSvc service is OK.
The ImagePath of MpsSvc service is OK.
The ServiceDll of MpsSvc service is OK.
Checking LEGACY_MpsSvc: ATTENTION!=====> Unable to open LEGACY_MpsSvc\0000 registry key. The key does not exist.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is OK.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcsvc.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\ipnathlp.dll => MD5 is legit
C:\Windows\system32\iphlpsvc.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****



Adware Cleaner

# AdwCleaner v2.105 - Logfile created 01/13/2013 at 12:21:34
# Updated 08/01/2013 by Xplode
# Operating system : Windows Vista ™ Home Premium Service Pack 2 (32 bits)
# User : sandh - SANDH-PC
# Boot Mode : Normal
# Running from : C:\Users\sandh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E59Q0EHL\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Program Files\Viewpoint
Folder Deleted : C:\ProgramData\Viewpoint

***** [Registry] *****

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ViewpointMediaPlayer
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{761F6A83-F007-49E4-8EAC-CDB6808EF06F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{97D69524-BB57-4185-9C7F-5F05593B771A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\Software\MetaStream
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
Key Deleted : HKLM\Software\Viewpoint

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16455

[OK] Registry is clean.

-\\ Mozilla Firefox v17.0.1 (en-GB)

File : C:\Users\sandh\AppData\Roaming\Mozilla\Firefox\Profiles\c22fppgv.default\prefs.js

C:\Users\sandh\AppData\Roaming\Mozilla\Firefox\Profiles\c22fppgv.default\user.js ... Deleted !

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [2231 octets] - [13/01/2013 12:21:34]

########## EOF - C:\AdwCleaner[S1].txt - [2291 octets] ##########



Junkware Removal Tool

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.4.2 (01.08.2013:1)
OS: Windows Vista ™ Home Premium x86
Ran by sandh on 13/01/2013 at 12:34:33.06
Blog: http://thisisudax.blogspot.com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_current_user\software\microsoft\internet explorer\searchscopes\\DefaultScope
Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\\DefaultScope
Successfully repaired: [Registry Value] hkey_users\.default\software\microsoft\internet explorer\searchscopes\\DefaultScope
Successfully repaired: [Registry Value] hkey_users\s-1-5-18\software\microsoft\internet explorer\searchscopes\\DefaultScope
Successfully repaired: [Registry Value] hkey_users\s-1-5-19\software\microsoft\internet explorer\searchscopes\\DefaultScope
Successfully repaired: [Registry Value] hkey_users\s-1-5-20\software\microsoft\internet explorer\searchscopes\\DefaultScope
Successfully repaired: [Registry Value] hkey_users\S-1-5-21-4259369688-2104464776-3807960976-1000\software\microsoft\internet explorer\searchscopes\\DefaultScope



~~~ Registry Keys

Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{02478d38-c3f9-4efb-9b51-7695eca05670}



~~~ Files



~~~ Folders



~~~ FireFox

Successfully deleted the following from C:\Users\sandh\AppData\Roaming\mozilla\firefox\profiles\c22fppgv.default\prefs.js

user_pref("yahoo.ytff.search.searchhistory", false);
Emptied folder: C:\Users\sandh\AppData\Roaming\mozilla\firefox\profiles\c22fppgv.default\minidumps [22 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 13/01/2013 at 12:36:59.62
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




RKill

Rkill 2.4.5 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 01/13/2013 12:40:37 PM in x86 mode.
Windows Version: Windows Vista ™ Home Premium Service Pack 2

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* Windows Firewall (MpsSvc) is not Running.
Startup Type set to: Automatic

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 localhost
::1 localhost

Program finished at: 01/13/2013 12:40:48 PM
Execution time: 0 hours(s), 0 minute(s), and 10 seconds(s)


Autoruns

"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" ""
+ "rdpclip" "" "" "File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Adobe Reader Speed Launcher" "Adobe Acrobat SpeedLauncher" "Adobe Systems Incorporated" "c:\program files\adobe\reader 8.0\reader\reader_sl.exe"
+ "AppleSyncNotifier" "AppleSyncNotifier" "Apple Inc." "c:\program files\common files\apple\mobile device support\applesyncnotifier.exe"
+ "avast5" "" "" "File not found: C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui"
+ "BCSSync" "Microsoft Office 2010 component" "Microsoft Corporation" "c:\program files\microsoft office\office14\bcssync.exe"
+ "DpAgent" "DigitalPersona Local Agent" "DigitalPersona, Inc." "c:\program files\digitalpersona\bin\dpagent.exe"
+ "FileOpenBroker" "FileOpen Broker" "FileOpen Systems Inc." "c:\program files\fileopen\services\fileopenbroker32.exe"
+ "HP Health Check Scheduler" "HP Health Check Scheduler" "Hewlett-Packard" "c:\program files\hewlett-packard\hp health check\hphc_scheduler.exe"
+ "HP Software Update" "hpwuSchd Application" "Hewlett-Packard" "c:\program files\hp\hp software update\hpwuschd2.exe"
+ "hpWirelessAssistant" "HPWAMain Module" "Hewlett-Packard Development Company, L.P." "c:\program files\hewlett-packard\hp wireless assistant\hpwamain.exe"
+ "iTunesHelper" "iTunesHelper" "Apple Inc." "c:\program files\itunes\ituneshelper.exe"
+ "Monitor" "Monitor Application" "LeapFrog Enterprises, Inc." "c:\program files\leapfrog\leapfrog connect\monitor.exe"
+ "MSC" "" "" "File not found: C:\Program Files\Microsoft Security Client\mssecex.exe"
+ "OnScreenDisplay" "HP QuickTouch On Screen Display" " Hewlett-Packard Development Company, L.P." "c:\program files\hewlett-packard\hp quicktouch\hpkbdapp.exe"
+ "QlbCtrl.exe" "Quick Launch Buttons" " Hewlett-Packard Development Company, L.P." "c:\program files\hewlett-packard\hp quick launch buttons\qlbctrl.exe"
+ "QPService" "HP QuickPlay Resident Program" "CyberLink Corp." "c:\program files\hp\quickplay\qpservice.exe"
+ "QuickTime Task" "QuickTime Task" "Apple Inc." "c:\program files\quicktime\qttask.exe"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files\common files\java\java update\jusched.exe"
+ "SynTPEnh" "Synaptics TouchPad Enhancements" "Synaptics Incorporated" "c:\program files\synaptics\syntp\syntpenh.exe"
+ "SysTrayApp" "IDT PC Audio" "IDT, Inc." "c:\program files\idt\wdm\sttray.exe"
+ "TkBellExe" "RealNetworks Scheduler" "RealNetworks, Inc." "c:\program files\common files\real\update_ob\realsched.exe"
+ "UCam_Menu" "StartMen Application" "CyberLink Corp." "c:\program files\cyberlink\youcam\muitransfer\muistartmenu.exe"
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "Bluetooth.lnk" "Bluetooth Tray Application" "Broadcom Corporation." "c:\program files\widcomm\bluetooth software\bttray.exe"
+ "HP Digital Imaging Monitor.lnk" "HP Digital Imaging Monitor" "Hewlett-Packard Co." "c:\program files\hp\digital imaging\bin\hpqtra08.exe"
+ "Scan2PC.lnk" "Scan2PC MFC Application" "" "c:\program files\scan2pc\scan2pc.exe"
"C:\Users\sandh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "Dropbox.lnk" "Dropbox" "Dropbox, Inc." "c:\users\sandh\appdata\roaming\dropbox\bin\dropbox.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows Mail 7" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "ISUSPM" "Macrovision Software Manager" "Macrovision Corporation" "c:\programdata\macrovision\flexnet connect\6\isuspm.exe"
+ "Spotify Web Helper" "" "" "c:\users\sandh\appdata\roaming\spotify\data\spotifywebhelper.exe"
+ "Update" "" "" "File not found: C:\Users\sandh\AppData\Roaming\cccccc.exe"
"HKLM\SOFTWARE\Microsoft\Windows CE Services\AutoStartOnConnect" "" "" ""
+ "BTW Setup Wizard" "BtWizard Module" "Broadcom Corporation." "c:\windows\system32\btwizard.dll"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office14\msoxmlmf.dll"
"HKLM\SOFTWARE\Classes\Protocols\Handler" "" "" ""
+ "ms-help" "Microsoft® Help Data Services Module" "Microsoft Corporation" "c:\program files\common files\microsoft shared\help\hxds.dll"
+ "ms-itss" "Microsoft® InfoTech Storage System Library" "Microsoft Corporation" "c:\program files\common files\microsoft shared\information retrieval\msitss.dll"
+ "skype4com" "Skype for COM API" "Skype Technologies" "c:\program files\common files\skype\skype4com.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks" "" "" ""
+ "EasyBits Security Shield Hook - prevents launching insecure programs by kids" "EasyBits Security Shield component" "EasyBits Software Corp." "c:\windows\system32\ezupbhook.dll"
+ "Groove GFS Stub Execution Hook" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKCU\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "DropboxExt" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\sandh\appdata\roaming\dropbox\bin\dropboxext.17.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKCU\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "DropboxExt" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\sandh\appdata\roaming\dropbox\bin\dropboxext.17.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\Directory\Shellex\CopyHookHandlers" "" "" ""
+ "Monitor" "BTNCopy Module" "Broadcom Corporation." "c:\windows\system32\btncopy.dll"
"HKCU\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "DropboxExt" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\sandh\appdata\roaming\dropbox\bin\dropboxext.17.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "NvCplDesktopContext" "" "NVIDIA Corporation" "c:\windows\system32\nvshext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "DropboxExt1" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\sandh\appdata\roaming\dropbox\bin\dropboxext.17.dll"
+ "DropboxExt2" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\sandh\appdata\roaming\dropbox\bin\dropboxext.17.dll"
+ "DropboxExt3" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\sandh\appdata\roaming\dropbox\bin\dropboxext.17.dll"
+ "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2 (GFS Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 3 (GFS Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Reader Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files\common files\adobe\acrobat\activex\acroiehelper.dll"
+ "Groove GFS Browser Helper" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "HP Smart BHO Class" "HP Smart Web Printing add-on for Internet Explorer" "Hewlett-Packard Co." "c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files\java\jre6\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files\java\jre6\bin\ssv.dll"
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files\microsoft office\office14\urlredir.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "HP Smart Select" "HP Smart Web Printing add-on for Internet Explorer" "Hewlett-Packard Co." "c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll"
+ "OneNote Lin&ked Notes" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office14\onbttnielinkednotes.dll"
+ "Se&nd to OneNote" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office14\onbttnie.dll"
+ "Send to &Bluetooth Device..." "" "" "c:\program files\widcomm\bluetooth software\btsendto_ie.htm"
"Task Scheduler" "" "" ""
+ "\Adobe Flash Player Updater" "Adobe® Flash® Player Update Service 11.5 r502" "Adobe Systems Incorporated" "c:\windows\system32\macromed\flash\flashplayerupdateservice.exe"
+ "\Apple\AppleSoftwareUpdate" "Apple Software Update" "Apple Inc." "c:\program files\apple software update\softwareupdate.exe"
+ "\GoogleUpdateTaskMachineCore" "Google Installer" "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskMachineUA" "Google Installer" "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "\HP Health Check" "HP Health Check Scheduler" "Hewlett-Packard" "c:\program files\hewlett-packard\hp health check\hphc_scheduler.exe"
+ "\HPCeeScheduleForsandh" "CEEment" "Hewlett-Packard" "c:\program files\hewlett-packard\sdp\ceement\hpcee.exe"
+ "\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\microsoft security client\mpcmdrun.exe"
+ "\Microsoft\Microsoft Antimalware\MpIdleTask" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\microsoft security client\mpcmdrun.exe"
+ "\Microsoft\Windows\WindowsCalendar\Reminders - sandh" "Windows Calendar" "Microsoft Corporation" "c:\program files\windows calendar\wincal.exe"
+ "\Microsoft\Windows\Wired\GatherWiredInfo" "" "" "c:\windows\system32\gatherwiredinfo.vbs"
+ "\Microsoft\Windows\Wireless\GatherWirelessInfo" "" "" "c:\windows\system32\gatherwirelessinfo.vbs"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\system32\macromed\flash\flashplayerupdateservice.exe"
+ "AgereModemAudio" "Agere Soft Modem Call Progress Service" "Agere Systems" "c:\windows\system32\agrsmsvc.exe"
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "Bonjour Service" "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence." "Apple Inc." "c:\program files\bonjour\mdnsresponder.exe"
+ "Com4QLBEx" "Com for QLB application" "Hewlett-Packard Development Company, L.P." "c:\program files\hewlett-packard\hp quick launch buttons\com4qlbex.exe"
+ "DpHost" "Provides fingerprint authentication of account logon." "DigitalPersona, Inc." "c:\program files\digitalpersona\bin\dphostw.exe"
+ "ezSharedSvc" "Provides various services to Magic Desktop and other Easybits applications." "EasyBits Sofware AS" "c:\windows\system32\ezsvc7.dll"
+ "FileOpenManagerSvc" "FileOpen client manager" "FileOpen Systems Inc." "c:\program files\fileopen\services\fileopenmanagersvc32.exe"
+ "GameConsoleService" "GameConsole management services" "WildTangent, Inc." "c:\program files\hp games\my hp game console\gameconsoleservice.exe"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "HP Health Check Service" "HP Health Check Service" "Hewlett-Packard" "c:\program files\hewlett-packard\hp health check\hphc_service.exe"
+ "hpqcxs08" "HP CUE Context Manager Objects" "Hewlett-Packard Co." "c:\program files\hp\digital imaging\bin\hpqcxs08.dll"
+ "hpqddsvc" "This service detects and monitors CUE devices on the system." "Hewlett-Packard Co." "c:\program files\hp\digital imaging\bin\hpqddsvc.dll"
+ "hpqwmiex" "hpqwmiex Module" "Hewlett-Packard Development Company, L.P." "c:\program files\hewlett-packard\shared\hpqwmiex.exe"
+ "HPSLPSVC" "Discovers and monitors the state and the configuration of the HP devices attached to your network. If the service is stopped, and your network devices change IP addresses, they might become unavailable" "Hewlett-Packard Co." "c:\program files\hp\digital imaging\bin\hpslpsvc32.dll"
+ "hpsrv" "HpService" "Hewlett-Packard Company" "c:\windows\system32\hpservice.exe"
+ "IDriverT" "Provides support for the Running Object Table for InstallShield Drivers" "Macrovision Corporation" "c:\program files\common files\installshield\driver\1050\intel 32\idrivert.exe"
+ "iPod Service" "iPod hardware management services" "Apple Inc." "c:\program files\ipod\bin\ipodservice.exe"
+ "LeapFrog Connect Device Service" "Manages LeapFrog Connect devices." "LeapFrog Enterprises, Inc." "c:\program files\leapfrog\leapfrog connect\commandservice.exe"
+ "MBAMScheduler" "Malwarebytes Anti-Malware scheduler" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamscheduler.exe"
+ "MBAMService" "Malwarebytes Anti-Malware service" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamservice.exe"
+ "Microsoft SharePoint Workspace Audit Service" "Microsoft SharePoint Workspace" "Microsoft Corporation" "c:\program files\microsoft office\office14\groove.exe"
+ "MozillaMaintenance" "The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled." "Mozilla Foundation" "c:\program files\mozilla maintenance service\maintenanceservice.exe"
+ "MsMpSvc" "Helps protect users from malware and other potentially unwanted software" "Microsoft Corporation" "c:\program files\microsoft security client\msmpeng.exe"
+ "Net Driver HPZ12" "Dot4Net Module" "Hewlett-Packard" "c:\windows\system32\hpzinw12.dll"
+ "NisSrv" "Helps guard against intrusion attempts targeting known and newly discovered vulnerabilities in network protocols" "Microsoft Corporation" "c:\program files\microsoft security client\nissrv.exe"
+ "nvsvc" "Provides system and desktop level support to the NVIDIA display driver" "NVIDIA Corporation" "c:\windows\system32\nvvsvc.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files\common files\microsoft shared\source engine\ose.exe"
+ "osppsvc" "Office Software Protection Platform Service (unlocalized description)" "Microsoft Corporation" "c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe"
+ "Pml Driver HPZ12" "PmlDrv Module" "Hewlett-Packard" "c:\windows\system32\hpzipm12.dll"
+ "Recovery Service for Windows" "Manages background tasks to ensure compatibility with your system configuration and the capability to recover" "" "c:\windows\sminst\blservice.exe"
+ "RichVideo" "RichVideo Module" "" "c:\program files\cyberlink\shared files\richvideo.exe"
+ "Scan2PC" "Work with Scan2PC to control scanner." "" "c:\program files\scan2pc\sc2pcsvc.exe"
+ "SkypeUpdate" "Enables the detection, download and installation of updates for Skype." "Skype Technologies" "c:\program files\skype\updater\updater.exe"
+ "STacSV" "Manages audio jack configurations." "IDT, Inc." "c:\windows\system32\driverstore\filerepository\stwrt.inf_e2247046\stacsv.exe"
+ "vfsFPService" "Validity Fingerprint Service" "Validity Sensors, Inc." "c:\windows\system32\vfsfpservice.exe"
+ "WinDefend" "Scan your computer for unwanted software, schedule scans, and get the latest unwanted software definitions." "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "Accelerometer" "HP Accelerometer" "Hewlett-Packard Company" "c:\windows\system32\drivers\accelerometer.sys"
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu160m" "Adaptec LH Ultra160 Driver (x86)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu160m.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "AgereSoftModem" "SoftModem Device Driver" "Agere Systems" "c:\windows\system32\drivers\agrsm.sys"
+ "aic78xx" "Adaptec Ultra SCSI miniport" "Adaptec, Inc." "c:\windows\system32\drivers\djsvs.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "BCM43XV" "BCM 802.11g Network Adapter wireless driver" "Broadcom Corporation" "c:\windows\system32\drivers\bcmwl6.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "btwaudio" "Bluetooth Audio Device" "Broadcom Corporation." "c:\windows\system32\drivers\btwaudio.sys"
+ "btwavdt" "Broadcom Bluetooth AVDT Service" "Broadcom Corporation." "c:\windows\system32\drivers\btwavdt.sys"
+ "btwrchid" "Bluetooth Remote Control HID Minidriver" "Broadcom Corporation." "c:\windows\system32\drivers\btwrchid.sys"
+ "BVRPMPR5" "BVRP NDIS 5.0 MPR Protocol Driver" "Avanquest Software" "c:\windows\system32\drivers\bvrpmpr5.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "E1G60" "Intel® PRO/1000 Adapter NDIS 6 deserialized driver" "Intel Corporation" "c:\windows\system32\drivers\e1g60i32.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "enecir" "ENE CIR Driver for eHome" "ENE TECHNOLOGY INC." "c:\windows\system32\drivers\enecir.sys"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "HpCISSs" "Smart Array Storport Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpcisss.sys"
+ "hpdskflt" "HP Disk Filter - SATA/RAID" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpdskflt.sys"
+ "HpqKbFiltr" "HpqKbFiltr Keyboard Filter Driver" "Hewlett-Packard Development Company, L.P." "c:\windows\system32\drivers\hpqkbfiltr.sys"
+ "HSF_DPV" "HSF_DP driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\vstdpv3.sys"
+ "HSFHWAZL" "HSF_HWAZL WDM driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\vstazl3.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver (base)" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "IpInIp" "IP in IP Tunnel Driver" "" "File not found: system32\DRIVERS\ipinip.sys"
+ "iscFlash" "iscflash.sys" "Insyde Software" "c:\program files\sp43867\iscflash.sys"
+ "iteatapi" "ITE IT8211 ATA/ATAPI SCSI miniport" "Integrated Technology Express, Inc." "c:\windows\system32\drivers\iteatapi.sys"
+ "iteraid" "ITE IT8212 ATA RAID SCSI miniport" "Integrated Technology Express, Inc." "c:\windows\system32\drivers\iteraid.sys"
+ "JMCR" "JMicron JMB38X Flash Media Controller Driver" "JMicron Technology Corporation" "c:\windows\system32\drivers\jmcr.sys"
+ "KMWDFILTER" "KMWDFilter Driver from UASSOFT.COM" "Windows ® Codename Longhorn DDK provider" "c:\windows\system32\drivers\kmwdfilter.sys"
+ "LSI_FC" "LSI Logic Fusion-MPT FC Driver (StorPort)" "LSI Logic" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Logic Fusion-MPT SAS Driver (StorPort)" "LSI Logic" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SCSI" "LSI Logic Fusion-MPT SCSI Driver (StorPort)" "LSI Logic" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "MBAMProtector" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\windows\system32\drivers\mbam.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows Vista/Longhorn for x86" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "MpKsl0919b8f3" "KSLDriver" "Microsoft Corporation" "c:\programdata\microsoft\microsoft antimalware\definition updates\{38dee488-8ade-4274-9378-def27cdf3b40}\mpksl0919b8f3.sys"
+ "Mraid35x" "MegaRAID RAID Controller Driver for Windows Vista/Longhorn for x86" "LSI Logic Corporation" "c:\windows\system32\drivers\mraid35x.sys"
+ "NETw5v32" "Intel® Wireless WiFi Link Driver" "Intel Corporation" "c:\windows\system32\drivers\netw5v32.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "nmwcd" "Nokia USB Phone Bus Driver" "Nokia" "c:\windows\system32\drivers\ccdcmb.sys"
+ "nmwcdc" "Nokia USB Phone Bus Driver" "Nokia" "c:\windows\system32\drivers\ccdcmbo.sys"
+ "ntrigdigi" "N-trig tablet digitizer in-box driver" "N-trig Innovative Technologies" "c:\windows\system32\drivers\ntrigdigi.sys"
+ "NVENETFD" "NVIDIA MCP Networking Function Driver." "NVIDIA Corporation" "c:\windows\system32\drivers\nvm60x32.sys"
+ "NVHDA" "NVIDIA HDMI Audio Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvhda32v.sys"
+ "nvlddmkm" "NVIDIA Windows Kernel Mode Driver, Version 187.66 " "NVIDIA Corporation" "c:\windows\system32\drivers\nvlddmkm.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "NwlnkFlt" "IPX Traffic Filter Driver" "" "File not found: system32\DRIVERS\nwlnkflt.sys"
+ "NwlnkFwd" "IPX Traffic Forwarder Driver" "" "File not found: system32\DRIVERS\nwlnkfwd.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "RTL8169" "Realtek 8136/8168/8169 NDIS6 32-bit Driver " "Realtek " "c:\windows\system32\drivers\rtlh86.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "STHDA" "IDT PC Audio" "IDT, Inc." "c:\windows\system32\drivers\stwrt.sys"
+ "Sym_hi" "LSI Logic Hi-Perf SCSI Miniport Driver" "LSI Logic" "c:\windows\system32\drivers\sym_hi.sys"
+ "Sym_u3" "LSI Logic Ultra160 SCSI Miniport Driver" "LSI Logic" "c:\windows\system32\drivers\sym_u3.sys"
+ "Symc8xx" "LSI Logic 8XX SCSI Miniport Driver" "LSI Logic" "c:\windows\system32\drivers\symc8xx.sys"
+ "SynTP" "Synaptics Touchpad Driver" "Synaptics Incorporated" "c:\windows\system32\drivers\syntp.sys"
+ "UIUSys" "" "" "File not found: system32\DRIVERS\UIUSYS.SYS"
+ "uliahci" "ULi SATA Controller Driver" "ULi Electronics Inc." "c:\windows\system32\drivers\uliahci.sys"
+ "UlSata" "Promise Ultra/Sata Series Driver for Win2003" "Promise Technology, Inc." "c:\windows\system32\drivers\ulsata.sys"
+ "ulsata2" "Promise SATAII150 Series Windows Drivers" "Promise Technology, Inc." "c:\windows\system32\drivers\ulsata2.sys"
+ "upperdev" "Filter Driver for the Toaster Stack" "Windows ® Codename Longhorn DDK provider" "c:\windows\system32\drivers\usbser_lowerflt.sys"
+ "USBAAPL" "Apple Mobile Device USB Driver" "Apple, Inc." "c:\windows\system32\drivers\usbaapl.sys"
+ "UsbserFilt" "Filter Driver for the Toaster Stack" "Windows ® Codename Longhorn DDK provider" "c:\windows\system32\drivers\usbser_lowerfltj.sys"
+ "vfs101x" "Validity Fingerprint Scanner USB Driver" "Validity Sensors, Inc." "c:\windows\system32\drivers\vfs101x.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
+ "winachsf" "HSF_CNXT driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\vstcnxt3.sys"
+ "{22D78859-9CE9-4B77-BF18-AC83E81A9263}" "" "" "File not found: C:\Program Files\HP\QuickPlay\000.fcl"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
+ "msacm.l3codecp" "MPEG Audio Layer-3 Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codecp.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\system32\iccvid.dll"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "9x8Resize" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Allocator Fix" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Audio Destination" "WAVDest Filter (Sample)" "Microsoft Corporation" "c:\program files\google\google earth\client\wavdest.ax"
+ "Bitmap" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Capture ASF Writer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "CyberLink AudAna Filter" "CLAudAna" "CyberLink" "c:\program files\cyberlink\powerdirector\pdaudana.dll"
+ "CyberLink Audio Decoder (HP_NB22)" "" "" "File not found: C:\Program Files\HP\QuickPlay\Kernel\HDDVD\claud.ax"
+ "CyberLink Audio Decoder (QP)" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files\hp\quickplay\kernel\movie\claud.ax"
+ "CyberLink Audio Digital Transcoder (HP_NB22)" "" "" "File not found: C:\Program Files\HP\QuickPlay\Kernel\HDDVD\CLADT.ax"
+ "CyberLink Audio Effect (HP_NB22)" "" "" "File not found: C:\Program Files\HP\QuickPlay\Kernel\HDDVD\CLAudFx.ax"
+ "CyberLink Audio Noise Reduction" "CLAuNR" "CyberLink Corp." "c:\program files\cyberlink\power2go\p2gaunrwrapper.ax"
+ "CyberLink Audio Resampler" "CLAuRsmpl.ax" "CyberLink Corp." "c:\program files\cyberlink\powerdirector\pdaursmpl.ax"
+ "CyberLink Audio Resampler" "CLAuRsmpl.ax" "CyberLink Corp." "c:\program files\cyberlink\power2go\p2gaursmpl.ax"
+ "CyberLink Audio VolumeBooster" "CyberLink Audio Volume Booster Filter" "CyberLink Corp." "c:\program files\cyberlink\power2go\p2gvb.ax"
+ "CyberLink AudioCD Filter" "CyberLink AudioCD Filter" "CyberLink Corp." "c:\program files\cyberlink\power2go\p2gaudiocd.ax"
+ "CyberLink AudioCD Filter" "CyberLink AudioCD Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdirector\pdaudiocd.ax"
+ "CyberLink AudioCD Filter" "CyberLink AudioCD Filter" "CyberLink Corp." "c:\program files\hp\quickplay\kernel\movie\claudiocd.ax"
+ "Cyberlink Byte Counter Filter" "Cyberlink Byte Counter Filter" "CyberLink Corporation" "c:\program files\cyberlink\powerdirector\pdbytecounter.ax"
+ "CyberLink DDR" "CyberLink DDR" "CyberLink Corp." "c:\program files\cyberlink\powerdirector\pdrender.ax"
+ "CyberLink Double Pin Tee" "Cyberlink Double Tee Filter" "CtberLink Corporation" "c:\program files\cyberlink\powerdirector\pddoubletee.ax"
+ "Cyberlink Dump Dispatch Filter" "Cyberlink File Dump Dispatch Filter" "CyberLink Corp." "c:\program files\cyberlink\power2go\p2gdumpdispatch.ax"
+ "Cyberlink Dump Filter" "Cyberlink File Dump Filter" "CyberLink Corp." "c:\program files\cyberlink\power2go\p2gdump.ax"
+ "CyberLink DV Buffer" "CLDVBuffer Filter" "CyberLink" "c:\program files\cyberlink\powerdirector\pddvbuffer.ax"
+ "CyberLink DV Dump Filter" "DV dump Filter" "CyberLink Corporation" "c:\program files\cyberlink\powerdirector\pddvdump.ax"
+ "CyberLink DV Filter" "DVTCR" "CyberLink" "c:\program files\cyberlink\powerdirector\pddvtcr.ax"
+ "CyberLink DV Reader Filter" "DVMultReader Filter" "CyberLink" "c:\program files\cyberlink\powerdirector\pddvmrd.ax"
+ "Cyberlink DV Scene Detect Filter" "CLDVScnDt" "CyberLink" "c:\program files\cyberlink\powerdirector\pddvscndt.ax"
+ "CyberLink DVD Navigator (QP3)" "CyberLink DVD Navigation Filter" "CyberLink Corp." "c:\program files\hp\quickplay\kernel\movie\clnavx.ax"
+ "CyberLink Editing Service 3.0 (Source)" "CES Kernel" "CyberLink Corp." "c:\program files\cyberlink\power2go\p2gedtkrn.dll"
+ "CyberLink Editing Service 4.0 (Source)" "CES Kernel (LT15)" "CyberLink Corp." "c:\program files\cyberlink\powerdirector\cledtkrn.dll"
+ "Cyberlink File Reader (Async.)" "Cyberlink MPEG File Reader" "CyberLink Corp." "c:\program files\cyberlink\power2go\p2greader.ax"
+ "Cyberlink Gate Filter" "CLGate" "CyberLink" "c:\program files\cyberlink\powerdirector\pdgate.ax"
+ "CyberLink H.264/AVC Decoder (HP_NB22)" "" "" "File not found: C:\Program Files\HP\QuickPlay\Kernel\HDDVD\cl264dec.ax"
+ "CyberLink HD/BD Mixer" "" "" "File not found: C:\Program Files\HP\QuickPlay\Kernel\HDDVD\CLHBMixer.ax"
+ "CyberLink HDV Source Filter" "CLImage" "CyberLink" "c:\program files\cyberlink\powerdirector\pdhdvsrc.ax"
+ "CyberLink Line21 Decoder Filter (HP_NB22)" "" "" "File not found: C:\Program Files\HP\QuickPlay\Kernel\HDDVD\CLLine21.ax"
+ "CyberLink Line21 Decoder Filter (QP)" "CyberLink Line21 Decoder Filter" "CyberLink Corp." "c:\program files\hp\quickplay\kernel\movie\clline21.ax"
+ "CyberLink Load Image Filter" "CLImage (LT15)" "CyberLink" "c:\program files\cyberlink\shared files\climage.ax"
+ "CyberLink M2V Writer" "CLM2VWriter" "CyberLink" "c:\program files\cyberlink\power2go\p2gm2vwriter.ax"
+ "CyberLink MP3/WAV Wrapper" "CyberLink MP3 Wrapper" "CyberLink Corp." "c:\program files\cyberlink\power2go\p2gmp3wrap.ax"
+ "CyberLink MPEG Decoder" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files\cyberlink\power2go\p2gmvd.ax"
+ "CyberLink MPEG Muxer" "MpgMux" "CyberLink" "c:\program files\cyberlink\power2go\p2gmpgmux.ax"
+ "CyberLink MPEG Video Encoder" "CyberLink MPEG Video Encoder " "CyberLink Corp. " "c:\program files\cyberlink\power2go\p2gvidenc.ax"
+ "CyberLink MPEG-1 Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files\cyberlink\power2go\p2gm1spliter.ax"
+ "CyberLink MPEG-2 Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files\cyberlink\power2go\p2gm2spliter.ax"
+ "CyberLink PCM Wrapper" "CyberLink PCM Wrapper" "CyberLink Corp." "c:\program files\cyberlink\power2go\p2gpcmenc.ax"
+ "Cyberlink Scene Detect Filter" "CLScnDt" "CyberLink" "c:\program files\cyberlink\powerdirector\pdscndt.ax"
+ "CyberLink Scene Detect Filter 2" "CLScnDt2" "訊連科技" "c:\program files\cyberlink\powerdirector\pdscndt2.dll"
+ "CyberLink SnapShot Filter" "CLSnapShot Filter" "CyberLink" "c:\program files\cyberlink\powerdirector\pdsnapshot.ax"
+ "CyberLink Stamp Effect" "" "CyberLink corporate" "c:\program files\cyberlink\powerdirector\pdstampeffect.ax"
+ "Cyberlink Sub-Picture Filter" "Cyberlink Sub-Picture Filter" "Cyberlink" "c:\program files\cyberlink\powerdirector\pdsubpic.ax"
+ "Cyberlink SubTitle(HP_NB22)" "" "" "File not found: C:\Program Files\HP\QuickPlay\Kernel\HDDVD\CLSubTitle.ax"
+ "CyberLink TimeStretch Filter" "CLAuTS.ax" "CyberLink Corp." "c:\program files\hp\quickplay\kernel\movie\clauts.ax"
+ "CyberLink TimeStretch Filter (CES)" "CLAuTS.ax" "CyberLink Corp." "c:\program files\cyberlink\power2go\p2gauts.ax"
+ "CyberLink TimeStretch Filter (HP_NB22)" "" "" "File not found: C:\Program Files\HP\QuickPlay\Kernel\HDDVD\clauts.ax"
+ "CyberLink TL MPEG Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files\cyberlink\youcam\yctlmsplter.ax"
+ "CyberLink TL MPEG Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files\cyberlink\power2go\p2gtlmsplter.ax"
+ "Cyberlink Track Filter" "Cyberlink Track Filter" "CyberLink Corp." "c:\program files\cyberlink\youcam\yctrack.ax"
+ "CyberLink Transform Tee" "CyberLink Transform Tee" "CyberLink Corp." "c:\program files\cyberlink\powerdirector\pdtee.ax"
+ "CyberLink VAudAna Filter" "CLVAudAna" "CyberLink" "c:\program files\cyberlink\powerdirector\pdvaudana.dll"
+ "CyberLink VC-1 Decoder (HP_NB22)" "" "" "File not found: C:\Program Files\HP\QuickPlay\Kernel\HDDVD\clvc1dec.ax"
+ "CyberLink VidAna Filter" "CLVidAna" "CyberLink" "c:\program files\cyberlink\powerdirector\pdvidana.dll"
+ "CyberLink Video Effect" "CLVidFx" "CyberLink" "c:\program files\cyberlink\power2go\p2gvidfx.ax"
+ "CyberLink Video Effect" "CLVidFx" "CyberLink" "c:\program files\hp\quickplay\kernel\movie\clvidfx.ax"
+ "CyberLink Video Regulator" "CLRGL" "Cyberlink" "c:\program files\cyberlink\power2go\p2grgl.ax"
+ "CyberLink Video Regulator" "Video Regulator" "Cyberlink" "c:\program files\cyberlink\youcam\ycrgl.ax"
+ "Cyberlink Video Regulator" "CyberLink Video Regulator" "CyberLink" "c:\program files\cyberlink\powerdirector\pdresample.ax"
+ "CyberLink Video Stabilizer" "CLVideoDeShaking" "CyberLink" "c:\program files\cyberlink\power2go\p2gvideostabilizer.ax"
+ "CyberLink Video/SP Decoder (HP_NB22)" "" "" "File not found: C:\Program Files\HP\QuickPlay\Kernel\HDDVD\CLVSD.ax"
+ "CyberLink Video/SP Decoder (QP)" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files\hp\quickplay\kernel\movie\clvsd.ax"
+ "CyberLink WebCamera NULL Render" "CLWEBCAMERARENDER" "CyberLink" "c:\program files\cyberlink\youcam\ycwebcamerarender.ax"
+ "CyberLink WMV Dumper (YouCam)" "CLWMVDum Dynamic Link Library" "" "c:\program files\cyberlink\youcam\ycwmvdump.ax"
+ "CyberLink YUY2 DeInterlace" "DitlYuY2" "CyberLink" "c:\program files\cyberlink\powerdirector\pdditlyuy2.ax"
+ "CyberLink YUY2 Sub-Sampling" "SubYUY2 Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdirector\pdsubyuy2.ax"
+ "Frame Drop Filter" "TODO: <File description>" "TODO: <Company name>" "c:\program files\cyberlink\powerdirector\pdframedrop.ax"
+ "Frame Eater" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "HP VTK Frame Grabber Filter" "HP Video Toolkit" "Hewlett-Packard Co." "c:\program files\common files\hp\digital imaging\bin\hpqvtk01.dll"
+ "HP VTK MPEG-1 Encoder" "HP Video Toolkit" "Hewlett-Packard Co." "c:\program files\common files\hp\digital imaging\bin\hpqvtk01.dll"
+ "HP VTK Resize Filter" "HP Video Toolkit" "Hewlett-Packard Co." "c:\program files\common files\hp\digital imaging\bin\hpqvtk01.dll"
+ "HP VTK Rotate Filter" "HP Video Toolkit" "Hewlett-Packard Co." "c:\program files\common files\hp\digital imaging\bin\hpqvtk01.dll"
+ "IDM Filter" "idmf" "Cyberlink" "c:\program files\cyberlink\powerdirector\pdidmf.ax"
+ "MainConcept (Muvee) MPEG Audio Decoder" "MPEG Video and Audio Decoder" "MainConcept AG" "c:\program files\common files\muvee technologies\mainconcept2\muveedsmpeg.ax"
+ "MainConcept (Muvee) MPEG Splitter" "Mpeg I/II Splitter" "MainConcept AG" "c:\program files\common files\muvee technologies\mainconcept2\muveespmpeg.ax"
+ "MainConcept (Muvee) MPEG Video Decoder" "MPEG Video and Audio Decoder" "MainConcept AG" "c:\program files\common files\muvee technologies\mainconcept2\muveedsmpeg.ax"
+ "MainConcept (Muvee) MPEG-2 Video Decoder" "MPEG-2 Video Decoder" "MainConcept AG" "c:\program files\common files\muvee technologies\mainconcept3\muveem2vd.ax"
+ "MainConcept MPEG Audio Decoder" "MPEG Video and Audio Decoder" "MainConcept AG" "c:\program files\muvee technologies\muvee autoproducer 6.1 - se\mvburnerdll\mcdsmpeg.ax"
+ "MainConcept MPEG Audio Encoder" "MPEG Audio Encoder" "MainConcept AG" "c:\program files\muvee technologies\muvee autoproducer 6.1 - se\mvburnerdll\mceampeg.ax"
+ "MainConcept MPEG Encoder" "MPEG Encoder and Muxer" "MainConcept AG" "c:\program files\muvee technologies\muvee autoproducer 6.1 - se\mvburnerdll\mcesmpeg.ax"
+ "MainConcept MPEG Multiplexer" "MPEG Multiplexer" "MainConcept AG" "c:\program files\muvee technologies\muvee autoproducer 6.1 - se\mvburnerdll\mcmuxmpeg.ax"
+ "MainConcept MPEG Multiplexer-Plus" "MPEG Multiplexer-Plus DS Filter" "MainConcept AG" "c:\program files\common files\muvee technologies\mainconcept3\mcmpeg2mux.ax"
+ "MainConcept MPEG Splitter" "Mpeg I/II Splitter" "MainConcept AG" "c:\program files\muvee technologies\muvee autoproducer 6.1 - se\mvburnerdll\mcspmpeg.ax"
+ "MainConcept MPEG Video Decoder" "MPEG Video and Audio Decoder" "MainConcept AG" "c:\program files\muvee technologies\muvee autoproducer 6.1 - se\mvburnerdll\mcdsmpeg.ax"
+ "MainConcept MPEG Video Encoder" "MPEG Video Encoder" "MainConcept AG" "c:\program files\muvee technologies\muvee autoproducer 6.1 - se\mvburnerdll\mcevmpeg.ax"
+ "MediaWriter Filter" "MediaWriter Filter" "muvee Technologies Pte Ltd" "c:\program files\common files\muvee technologies\030625\mediawriter.ax"
+ "Multiple File Output" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "muvee Audio Scope" "Audio Scope Filter for muvee autoProducer" "muvee Technologies Pte Ltd" "c:\program files\common files\muvee technologies\030625\mvaudioscope.ax"
+ "muvee HXImage Filter" "HXImage Filter for muvee autoProducer" "muvee Technologies Pte Ltd" "c:\program files\common files\muvee technologies\030625\hximagefilter.ax"
+ "muvee MediaProgress Filter" "MediaProgress Filter for muvee autoProducer" "muvee Technologies Pte Ltd" "c:\program files\common files\muvee technologies\030625\mvmediaprogress.ax"
+ "muvee Music Analyser" "Music Analyser Filter for muvee autoProducer" "muvee Technologies Pte Ltd" "c:\program files\common files\muvee technologies\030625\mvmanalyse.ax"
+ "muvee Source Filter" "muveeSource Module" "muvee Technologies Pte Ltd" "c:\program files\common files\muvee technologies\030625\muveesource.ax"
+ "muvee Video Analyser" "Video Analyser Filter for muvee autoProducer" "muvee Technologies Pte Ltd" "c:\program files\common files\muvee technologies\030625\mvvanalyse.ax"
+ "P2G Audio Decoder" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files\cyberlink\power2go\p2gaud.ax"
+ "P2G Audio Encoder" "CyberLink Audio Encoder Filter" "Cyberlink Corp." "c:\program files\cyberlink\power2go\p2gaudenc.ax"
+ "P2G Video Decoder" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files\cyberlink\power2go\p2gvsd.ax"
+ "P2G Video Regulator" "CyberLink Video Regulator" "CyberLink" "c:\program files\cyberlink\power2go\p2gresample.ax"
+ "PDR Audio Decoder" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdirector\pdaud.ax"
+ "PDR Audio Effect" "CyberLink Audio Effect Filter" "CyberLink Corporation" "c:\program files\cyberlink\powerdirector\pdaudfx.ax"
+ "PDR Audio Encoder" "CyberLink Audio Encoder Filter" "Cyberlink Corp." "c:\program files\cyberlink\powerdirector\pdaudenc.ax"
+ "PDR Audio Noise Reduction" "CLAuNR" "CyberLink Corp." "c:\program files\cyberlink\powerdirector\claunrwrapper.ax"
+ "PDR Demultiplexer" "MPEG-2 Dempltiplexer" "CyberLink Corp." "c:\program files\cyberlink\powerdirector\pddemuxer.ax"
+ "PDR Dump Dispatch Filter" "Cyberlink File Dump Dispatch Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdirector\pddumpdispatch.ax"
+ "PDR Dump Filter" "Cyberlink File Dump Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdirector\pddump.ax"
+ "PDR DVSD Modifier" "Cyberlink DVSD Modifier" "Cyberlink Corp." "c:\program files\cyberlink\powerdirector\dvsdmodifier.ax"
+ "PDR File Reader (Async)" "Cyberlink MPEG File Reader" "CyberLink Corp." "c:\program files\cyberlink\powerdirector\pdreader.ax"
+ "PDR H.264/AVC Decoder" "CyberLink 264 Decoder Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdirector\pd264dec.ax"
+ "PDR M2V Writer" "CLM2VWriter" "CyberLink" "c:\program files\cyberlink\powerdirector\pdm2vwriter.ax"
+ "PDR MPEG Muxer" "MpgMux" "CyberLink" "c:\program files\cyberlink\powerdirector\pdmpgmux.ax"
+ "PDR MPEG Video Encoder" "CyberLink MPEG Video Encoder " "CyberLink Corp. " "c:\program files\cyberlink\powerdirector\pdvidenc.ax"
+ "PDR MPEG-1 Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files\cyberlink\powerdirector\pdm1splter.ax"
+ "PDR MPEG-2 Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files\cyberlink\powerdirector\pdm2splter.ax"
+ "PDR MPEG-4 Muxer" "PDR MPEG-4 Muxer" "CyberLink Corp." "c:\program files\cyberlink\powerdirector\pdm4muxer.ax"
+ "PDR MPEG-4 Splitter" "PDR MPEG-4 Splitter" "CyberLink Corp." "c:\program files\cyberlink\powerdirector\pdm4splt.ax"
+ "PDR MPEG1/2 Video Decoder" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdirector\pdvsd.ax"
+ "PDR SnapShotTIP Filter" "CLSShot" "CyberLink" "c:\program files\cyberlink\powerdirector\pdsshot.ax"
+ "PDR TimeStretch Filter(CES)" "CLAuTS.ax" "CyberLink Corp." "c:\program files\cyberlink\powerdirector\clauts.ax"
+ "PDR TL MPEG Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files\cyberlink\powerdirector\pdtlmsplter.ax"
+ "PDR TS Information" "CLTSInfo" "Cyberlink" "c:\program files\cyberlink\powerdirector\pdtsinfo.ax"
+ "PDR Video Effect" "CLVidFx" "CyberLink" "c:\program files\cyberlink\powerdirector\clvidfx.ax"
+ "PDR Video Regulator" "CLRGL" "Cyberlink" "c:\program files\cyberlink\powerdirector\clrgl.ax"
+ "PDR Video Stabilizer" "CLVideoDeShaking" "CyberLink" "c:\program files\cyberlink\powerdirector\clvideostabilizer.ax"
+ "PDR WAV Dest" "CLWavDest" "CyberLink" "c:\program files\cyberlink\powerdirector\pdwavdest.ax"
+ "Proxy Sink" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Proxy Source" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "QTSrc" "QuickTime Source Filter" "CyberLink Corp" "c:\program files\cyberlink\shared files\clqtsrc.ax"
+ "QTWriter" "CLQTFileWriter" "Cyberlink" "c:\program files\cyberlink\powerdirector\pdqtfilewriter.ax"
+ "QuickPlay Audio Wizard (HP)" "CyberLink Audio Wizard Filter" "CyberLink Corp." "c:\program files\hp\quickplay\kernel\movie\claudwizard.ax"
+ "QuickPlay Demultiplexer" "MPEG-2 Dempltiplexer" "CyberLink Corp." "c:\program files\hp\quickplay\kernel\movie\cldemuxer.ax"
+ "QuickTime Encoder" "QuickTime Encoder" "muvee Technologies" "c:\program files\common files\muvee technologies\030625\quicktimesink.ax"
+ "QuickTime Source Filter" "QuickTimeSource Module" "" "c:\program files\common files\muvee technologies\030625\quicktimesource.dll"
+ "RealPlayer Audio Filter" "Audio Filter Plugin" "RealNetworks, Inc." "c:\program files\real\realplayer\rdsf3260.dll"
+ "Record Queue" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "RMWriter" "CLRMFileWriter" "Cyberlink" "c:\program files\cyberlink\powerdirector\pdrmfilewriter.ax"
+ "ShotDetect" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Stetch" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Time Regulator" "TimeRegulator" "cyberlink" "c:\program files\cyberlink\powerdirector\pdavi_audtr.ax"
+ "WM VIH2 Fix" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Audio Analyzer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Black Frame Generator" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT DV Extract Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT FormatConversion" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Import Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Interlacer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Log Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT MuxDeMux Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Sample Info Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Switch Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Renderer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Source" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Volume" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "YC_EVRWindow" "CLEvr" "CyberLink Corp." "c:\program files\cyberlink\youcam\ycevr.dll"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" "" "" ""
+ "FingerProv Class" "Biometric Credential Provider" "DigitalPersona, Inc." "c:\windows\system32\dpcrprov.dll"
+ "KioskProv Class" "Biometric Credential Provider" "DigitalPersona, Inc." "c:\windows\system32\dpcrprov.dll"
+ "PswWrapProv Class" "Biometric Credential Provider" "DigitalPersona, Inc." "c:\windows\system32\dpcrprov.dll"
+ "SCardWrapProv Class" "Biometric Credential Provider" "DigitalPersona, Inc." "c:\windows\system32\dpcrprov.dll"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Provider Filters" "" "" ""
+ "ProvFilter Class" "Biometric Credential Provider" "DigitalPersona, Inc." "c:\windows\system32\dpcrprov.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "PCL hpz3l5ha" "LanguageMonitor" "Hewlett-Packard Company" "c:\windows\system32\hpz3l5ha.dll"
+ "PDF reDirect Monitor" "" "" "c:\windows\system32\pdfredirectmonnt.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Notification Packages" "" "" ""
+ "DPPWDFLT" "DPPwdFlt Module" "DigitalPersona, Inc." "c:\windows\system32\dppwdflt.dll"

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:37 PM

Posted 13 January 2013 - 11:07 AM

Run the services repair tool

http://kb.eset.com/library/ESET/KB%20Team%20Only/Malware/ServicesRepair.exe

Run Farbar service scanner again and post the new log

Current issues?

#11 t644

t644
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:06:37 PM

Posted 13 January 2013 - 11:28 AM

Thanks - here's the log:

Farbar Service Scanner Version: 05-01-2013
Ran by sandh (administrator) on 13-01-2013 at 16:23:27
Running from "C:\Users\sandh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EWSD40MR"
Windows Vista ™ Home Premium Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error. Google IP is offline
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is OK.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcsvc.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\ipnathlp.dll => MD5 is legit
C:\Windows\system32\iphlpsvc.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****


My firewall is no back up, but Windows defender is still turned off - when I try to turn it back on I get a window with the message:

"Windows Defender encountered an error: 0x800705b4. This exception returned because the timeout period expired."

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:37 PM

Posted 13 January 2013 - 11:44 AM

You cannot use windows defender as you already have microsoft security essentials.

Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

XP- http://support.microsoft.com/kb/310405

Vista & windows 7- http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing :)

#13 t644

t644
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:06:37 PM

Posted 13 January 2013 - 06:49 PM

Thanks so much - really appreciate the help - will try and keep my nose clean from now on!

#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:37 PM

Posted 13 January 2013 - 08:03 PM

You're most welcome :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users