Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Trojan:JS/iframeref is quarantined on MSE. I want to remove it.


  • Please log in to reply
7 replies to this topic

#1 CloseToHome

CloseToHome

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Local time:12:30 AM

Posted 11 January 2013 - 07:52 PM

Hey guys, so I have a slight problem here <_<

On MSE, it has detected a Severe virus named Trojan:JS/iframeref. Now, MSE has quarantined it, so I know it's is innefective. However, when I remove the virus on MSE, it will return back. I know it was probably some website I visited.

Just wondering how I can remove the virus instead of quarantining it?

Thanks!

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:30 AM

Posted 11 January 2013 - 08:00 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 CloseToHome

CloseToHome
  • Topic Starter

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Local time:12:30 AM

Posted 11 January 2013 - 10:57 PM

Thanks naren!

TDSKiller:

20:07:50.0350 11224 ============================================================
20:07:50.0350 11224 Current date / time: 2013/01/11 20:07:50.0350
20:07:50.0350 11224 SystemInfo:
20:07:50.0350 11224
20:07:50.0350 11224 OS Version: 6.1.7601 ServicePack: 1.0
20:07:50.0350 11224 Product type: Workstation
20:07:50.0350 11224 ComputerName: LANNY
20:07:50.0351 11224 UserName: user
20:07:50.0351 11224 Windows directory: C:\Windows
20:07:50.0351 11224 System windows directory: C:\Windows
20:07:50.0351 11224 Processor architecture: Intel x86
20:07:50.0351 11224 Number of processors: 4
20:07:50.0351 11224 Page size: 0x1000
20:07:50.0351 11224 Boot type: Normal boot
20:07:50.0351 11224 ============================================================
20:07:52.0256 11224 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
20:08:00.0399 11224 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
20:08:00.0422 11224 Drive \Device\Harddisk2\DR2 - Size: 0x1D1C1115E00 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
20:08:00.0499 11224 ============================================================
20:08:00.0499 11224 \Device\Harddisk0\DR0:
20:08:00.0505 11224 MBR partitions:
20:08:00.0505 11224 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xC90D000
20:08:00.0505 11224 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xC90D800, BlocksNum 0x2DA78000
20:08:00.0505 11224 \Device\Harddisk1\DR1:
20:08:00.0505 11224 MBR partitions:
20:08:00.0505 11224 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x74705982
20:08:00.0505 11224 \Device\Harddisk2\DR2:
20:08:00.0506 11224 MBR partitions:
20:08:00.0506 11224 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xE8E074C1
20:08:00.0506 11224 ============================================================
20:08:00.0540 11224 C: <-> \Device\Harddisk0\DR0\Partition1
20:08:00.0554 11224 I: <-> \Device\Harddisk2\DR2\Partition1
20:08:00.0587 11224 J: <-> \Device\Harddisk0\DR0\Partition2
20:08:00.0591 11224 K: <-> \Device\Harddisk1\DR1\Partition1
20:08:00.0591 11224 ============================================================
20:08:00.0591 11224 Initialize success
20:08:00.0591 11224 ============================================================
20:08:22.0723 13040 ============================================================
20:08:22.0723 13040 Scan started
20:08:22.0723 13040 Mode: Manual; TDLFS;
20:08:22.0723 13040 ============================================================
20:08:25.0064 13040 ================ Scan system memory ========================
20:08:25.0065 13040 System memory - ok
20:08:25.0065 13040 ================ Scan services =============================
20:08:25.0202 13040 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
20:08:25.0205 13040 1394ohci - ok
20:08:25.0280 13040 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
20:08:25.0283 13040 ACDaemon - ok
20:08:25.0319 13040 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
20:08:25.0323 13040 ACPI - ok
20:08:25.0343 13040 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
20:08:25.0344 13040 AcpiPmi - ok
20:08:25.0394 13040 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
20:08:25.0443 13040 AdobeARMservice - ok
20:08:25.0485 13040 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
20:08:25.0491 13040 adp94xx - ok
20:08:25.0509 13040 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
20:08:25.0512 13040 adpahci - ok
20:08:25.0526 13040 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
20:08:25.0529 13040 adpu320 - ok
20:08:25.0568 13040 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:08:25.0569 13040 AeLookupSvc - ok
20:08:25.0613 13040 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
20:08:25.0617 13040 AFD - ok
20:08:25.0639 13040 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
20:08:25.0641 13040 agp440 - ok
20:08:25.0664 13040 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
20:08:25.0667 13040 aic78xx - ok
20:08:25.0681 13040 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
20:08:25.0683 13040 ALG - ok
20:08:25.0700 13040 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
20:08:25.0702 13040 aliide - ok
20:08:25.0713 13040 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
20:08:25.0715 13040 amdagp - ok
20:08:25.0740 13040 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
20:08:25.0742 13040 amdide - ok
20:08:25.0767 13040 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
20:08:25.0769 13040 AmdK8 - ok
20:08:25.0777 13040 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
20:08:25.0778 13040 AmdPPM - ok
20:08:25.0793 13040 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
20:08:25.0795 13040 amdsata - ok
20:08:25.0809 13040 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
20:08:25.0812 13040 amdsbs - ok
20:08:25.0830 13040 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
20:08:25.0832 13040 amdxata - ok
20:08:25.0860 13040 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
20:08:25.0862 13040 AppID - ok
20:08:25.0895 13040 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
20:08:25.0897 13040 AppIDSvc - ok
20:08:25.0913 13040 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
20:08:25.0914 13040 Appinfo - ok
20:08:25.0954 13040 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:08:25.0956 13040 Apple Mobile Device - ok
20:08:25.0990 13040 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
20:08:25.0993 13040 AppMgmt - ok
20:08:26.0024 13040 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
20:08:26.0026 13040 arc - ok
20:08:26.0038 13040 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
20:08:26.0040 13040 arcsas - ok
20:08:26.0126 13040 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
20:08:26.0137 13040 aspnet_state - ok
20:08:26.0156 13040 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:08:26.0158 13040 AsyncMac - ok
20:08:26.0182 13040 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
20:08:26.0182 13040 atapi - ok
20:08:26.0217 13040 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:08:26.0222 13040 AudioEndpointBuilder - ok
20:08:26.0230 13040 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
20:08:26.0233 13040 Audiosrv - ok
20:08:26.0258 13040 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
20:08:26.0261 13040 AxInstSV - ok
20:08:26.0284 13040 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
20:08:26.0290 13040 b06bdrv - ok
20:08:26.0305 13040 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
20:08:26.0309 13040 b57nd60x - ok
20:08:26.0337 13040 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
20:08:26.0340 13040 BDESVC - ok
20:08:26.0359 13040 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
20:08:26.0360 13040 Beep - ok
20:08:26.0398 13040 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
20:08:26.0404 13040 BFE - ok
20:08:26.0421 13040 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll
20:08:26.0429 13040 BITS - ok
20:08:26.0443 13040 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
20:08:26.0445 13040 blbdrive - ok
20:08:26.0485 13040 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
20:08:26.0489 13040 Bonjour Service - ok
20:08:26.0509 13040 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:08:26.0511 13040 bowser - ok
20:08:26.0530 13040 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
20:08:26.0531 13040 BrFiltLo - ok
20:08:26.0536 13040 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
20:08:26.0538 13040 BrFiltUp - ok
20:08:26.0554 13040 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
20:08:26.0557 13040 Browser - ok
20:08:26.0573 13040 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
20:08:26.0577 13040 Brserid - ok
20:08:26.0586 13040 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
20:08:26.0588 13040 BrSerWdm - ok
20:08:26.0593 13040 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
20:08:26.0594 13040 BrUsbMdm - ok
20:08:26.0605 13040 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
20:08:26.0607 13040 BrUsbSer - ok
20:08:26.0616 13040 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
20:08:26.0618 13040 BTHMODEM - ok
20:08:26.0661 13040 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
20:08:26.0664 13040 bthserv - ok
20:08:26.0690 13040 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:08:26.0693 13040 cdfs - ok
20:08:26.0762 13040 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
20:08:26.0825 13040 cdrom - ok
20:08:26.0864 13040 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
20:08:26.0865 13040 CertPropSvc - ok
20:08:26.0946 13040 [ 213B6EC3DE19E35373A1906397588429 ] CGVPNCliSrvc C:\Program Files\CyberGhost VPN\CGVPNCliService.exe
20:08:29.0240 13040 CGVPNCliSrvc - ok
20:08:29.0272 13040 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
20:08:29.0274 13040 circlass - ok
20:08:29.0300 13040 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
20:08:29.0303 13040 CLFS - ok
20:08:29.0347 13040 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:08:29.0351 13040 clr_optimization_v2.0.50727_32 - ok
20:08:29.0385 13040 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:08:29.0411 13040 clr_optimization_v4.0.30319_32 - ok
20:08:29.0429 13040 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
20:08:29.0430 13040 CmBatt - ok
20:08:29.0440 13040 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
20:08:29.0441 13040 cmdide - ok
20:08:29.0471 13040 [ 42F158036BD4C2FF3122BF142E60E6FD ] CNG C:\Windows\system32\Drivers\cng.sys
20:08:29.0476 13040 CNG - ok
20:08:29.0493 13040 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
20:08:29.0495 13040 Compbatt - ok
20:08:29.0516 13040 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
20:08:29.0517 13040 CompositeBus - ok
20:08:29.0526 13040 COMSysApp - ok
20:08:29.0545 13040 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
20:08:29.0547 13040 crcdisk - ok
20:08:29.0576 13040 [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:08:29.0578 13040 CryptSvc - ok
20:08:29.0599 13040 [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC C:\Windows\system32\drivers\csc.sys
20:08:29.0604 13040 CSC - ok
20:08:29.0627 13040 [ 15F93B37F6801943360D9EB42485D5D3 ] CscService C:\Windows\System32\cscsvc.dll
20:08:29.0633 13040 CscService - ok
20:08:29.0648 13040 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
20:08:29.0654 13040 DcomLaunch - ok
20:08:29.0687 13040 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
20:08:29.0691 13040 defragsvc - ok
20:08:29.0715 13040 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
20:08:29.0717 13040 DfsC - ok
20:08:29.0747 13040 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
20:08:29.0750 13040 Dhcp - ok
20:08:29.0779 13040 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
20:08:29.0779 13040 discache - ok
20:08:29.0807 13040 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
20:08:29.0809 13040 Disk - ok
20:08:29.0829 13040 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:08:29.0831 13040 Dnscache - ok
20:08:29.0858 13040 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
20:08:29.0862 13040 dot3svc - ok
20:08:29.0872 13040 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
20:08:29.0874 13040 DPS - ok
20:08:29.0906 13040 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:08:29.0907 13040 drmkaud - ok
20:08:29.0936 13040 [ 16C5891C6D1FA0B5D9014F85A482EB20 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
20:08:29.0940 13040 dtsoftbus01 - ok
20:08:29.0971 13040 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:08:29.0979 13040 DXGKrnl - ok
20:08:30.0002 13040 [ 0535BFBEDB9378DDD15BDF9957D57D71 ] e1express C:\Windows\system32\DRIVERS\e1e6232.sys
20:08:30.0005 13040 e1express - ok
20:08:30.0033 13040 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
20:08:30.0036 13040 EapHost - ok
20:08:30.0110 13040 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
20:08:30.0179 13040 ebdrv - ok
20:08:30.0203 13040 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
20:08:30.0206 13040 EFS - ok
20:08:30.0256 13040 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
20:08:30.0264 13040 ehRecvr - ok
20:08:30.0294 13040 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
20:08:30.0296 13040 ehSched - ok
20:08:30.0312 13040 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
20:08:30.0318 13040 elxstor - ok
20:08:30.0342 13040 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
20:08:30.0344 13040 ErrDev - ok
20:08:30.0382 13040 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
20:08:30.0386 13040 EventSystem - ok
20:08:30.0403 13040 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
20:08:30.0405 13040 exfat - ok
20:08:30.0420 13040 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:08:30.0422 13040 fastfat - ok
20:08:30.0450 13040 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
20:08:30.0457 13040 Fax - ok
20:08:30.0468 13040 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
20:08:30.0470 13040 fdc - ok
20:08:30.0483 13040 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
20:08:30.0485 13040 fdPHost - ok
20:08:30.0493 13040 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
20:08:30.0495 13040 FDResPub - ok
20:08:30.0509 13040 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:08:30.0510 13040 FileInfo - ok
20:08:30.0518 13040 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:08:30.0520 13040 Filetrace - ok
20:08:30.0534 13040 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
20:08:30.0535 13040 flpydisk - ok
20:08:30.0553 13040 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:08:30.0555 13040 FltMgr - ok
20:08:30.0577 13040 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\Windows\system32\FntCache.dll
20:08:30.0586 13040 FontCache - ok
20:08:30.0649 13040 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
20:08:30.0652 13040 FontCache3.0.0.0 - ok
20:08:30.0663 13040 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
20:08:30.0664 13040 FsDepends - ok
20:08:30.0688 13040 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:08:30.0690 13040 Fs_Rec - ok
20:08:30.0720 13040 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
20:08:30.0722 13040 fvevol - ok
20:08:30.0736 13040 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
20:08:30.0738 13040 gagp30kx - ok
20:08:30.0758 13040 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
20:08:30.0760 13040 GEARAspiWDM - ok
20:08:30.0788 13040 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
20:08:30.0796 13040 gpsvc - ok
20:08:30.0847 13040 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
20:08:30.0849 13040 gupdate - ok
20:08:30.0861 13040 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
20:08:30.0862 13040 gupdatem - ok
20:08:30.0879 13040 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
20:08:30.0881 13040 hcw85cir - ok
20:08:30.0906 13040 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
20:08:30.0909 13040 HDAudBus - ok
20:08:30.0914 13040 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
20:08:30.0915 13040 HidBatt - ok
20:08:30.0931 13040 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
20:08:30.0933 13040 HidBth - ok
20:08:30.0961 13040 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
20:08:30.0963 13040 HidIr - ok
20:08:30.0989 13040 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
20:08:30.0993 13040 hidserv - ok
20:08:31.0015 13040 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
20:08:31.0017 13040 HidUsb - ok
20:08:31.0041 13040 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
20:08:31.0044 13040 hkmsvc - ok
20:08:31.0066 13040 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:08:31.0069 13040 HomeGroupListener - ok
20:08:31.0090 13040 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:08:31.0094 13040 HomeGroupProvider - ok
20:08:31.0121 13040 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
20:08:31.0123 13040 HpSAMD - ok
20:08:31.0165 13040 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:08:31.0170 13040 HTTP - ok
20:08:31.0196 13040 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
20:08:31.0197 13040 hwpolicy - ok
20:08:31.0224 13040 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
20:08:31.0226 13040 i8042prt - ok
20:08:31.0239 13040 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
20:08:31.0243 13040 iaStorV - ok
20:08:31.0281 13040 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:08:31.0291 13040 idsvc - ok
20:08:31.0322 13040 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
20:08:31.0324 13040 iirsp - ok
20:08:31.0352 13040 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
20:08:31.0360 13040 IKEEXT - ok
20:08:31.0379 13040 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
20:08:31.0381 13040 intelide - ok
20:08:31.0397 13040 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
20:08:31.0399 13040 intelppm - ok
20:08:31.0437 13040 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
20:08:31.0440 13040 IPBusEnum - ok
20:08:31.0457 13040 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:08:31.0460 13040 IpFilterDriver - ok
20:08:31.0488 13040 [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
20:08:31.0494 13040 iphlpsvc - ok
20:08:31.0510 13040 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
20:08:31.0512 13040 IPMIDRV - ok
20:08:31.0523 13040 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
20:08:31.0525 13040 IPNAT - ok
20:08:31.0568 13040 [ BC0EA61246F8D940FBC5F652D337D6BD ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
20:08:31.0577 13040 iPod Service - ok
20:08:31.0591 13040 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:08:31.0592 13040 IRENUM - ok
20:08:31.0604 13040 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:08:31.0606 13040 isapnp - ok
20:08:31.0617 13040 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
20:08:31.0621 13040 iScsiPrt - ok
20:08:31.0635 13040 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
20:08:31.0637 13040 kbdclass - ok
20:08:31.0657 13040 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
20:08:31.0659 13040 kbdhid - ok
20:08:31.0668 13040 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
20:08:31.0670 13040 KeyIso - ok
20:08:31.0692 13040 [ CF88B4985D957EEE45C9939092E87C92 ] KLIM6 C:\Windows\system32\DRIVERS\klim6.sys
20:08:31.0694 13040 KLIM6 - ok
20:08:31.0714 13040 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:08:31.0716 13040 KSecDD - ok
20:08:31.0733 13040 [ 5FE1ABF1AF591A3458C9CF24ED9A4D35 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
20:08:31.0735 13040 KSecPkg - ok
20:08:31.0765 13040 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
20:08:31.0770 13040 KtmRm - ok
20:08:31.0791 13040 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\system32\srvsvc.dll
20:08:31.0795 13040 LanmanServer - ok
20:08:31.0818 13040 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:08:31.0822 13040 LanmanWorkstation - ok
20:08:31.0849 13040 [ E2F1DCF4A68CC6CF694FBFBA1842F4CD ] libusb0 C:\Windows\system32\drivers\libusb0.sys
20:08:31.0900 13040 libusb0 - ok
20:08:31.0926 13040 [ 8B4B572753419FE601220526205F9455 ] libusbd C:\Windows\system32\libusbd-nt.exe
20:08:31.0929 13040 libusbd - ok
20:08:31.0968 13040 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:08:31.0970 13040 lltdio - ok
20:08:31.0993 13040 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:08:31.0996 13040 lltdsvc - ok
20:08:32.0008 13040 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
20:08:32.0011 13040 lmhosts - ok
20:08:32.0027 13040 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
20:08:32.0029 13040 LSI_FC - ok
20:08:32.0043 13040 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
20:08:32.0046 13040 LSI_SAS - ok
20:08:32.0057 13040 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
20:08:32.0059 13040 LSI_SAS2 - ok
20:08:32.0074 13040 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
20:08:32.0076 13040 LSI_SCSI - ok
20:08:32.0094 13040 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
20:08:32.0096 13040 luafv - ok
20:08:32.0135 13040 [ 629CABB0421668C9D3D402A3C3D77E14 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
20:08:32.0136 13040 MBAMProtector - ok
20:08:32.0199 13040 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler J:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
20:08:32.0285 13040 MBAMScheduler - ok
20:08:32.0309 13040 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService J:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
20:08:32.0399 13040 MBAMService - ok
20:08:32.0425 13040 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
20:08:32.0428 13040 Mcx2Svc - ok
20:08:32.0449 13040 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
20:08:32.0451 13040 megasas - ok
20:08:32.0471 13040 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
20:08:32.0474 13040 MegaSR - ok
20:08:32.0526 13040 Microsoft SharePoint Workspace Audit Service - ok
20:08:32.0554 13040 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
20:08:32.0557 13040 MMCSS - ok
20:08:32.0570 13040 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
20:08:32.0572 13040 Modem - ok
20:08:32.0601 13040 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
20:08:32.0602 13040 monitor - ok
20:08:32.0637 13040 [ 787A5F57812F8B9D76D82C80D077C5CA ] MotioninJoyXFilter C:\Windows\system32\DRIVERS\MijXfilt.sys
20:08:32.0681 13040 MotioninJoyXFilter - ok
20:08:32.0706 13040 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
20:08:32.0707 13040 mouclass - ok
20:08:32.0736 13040 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
20:08:32.0738 13040 mouhid - ok
20:08:32.0756 13040 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
20:08:32.0758 13040 mountmgr - ok
20:08:32.0839 13040 [ 730A519505621DF46BCBF9CDAC9FB6AD ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
20:08:32.0842 13040 MozillaMaintenance - ok
20:08:32.0892 13040 [ EE728AF83850DDAD9A3FCAC0AAB3AD97 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
20:08:32.0895 13040 MpFilter - ok
20:08:32.0917 13040 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
20:08:32.0920 13040 mpio - ok
20:08:32.0946 13040 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:08:32.0948 13040 mpsdrv - ok
20:08:32.0974 13040 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
20:08:32.0982 13040 MpsSvc - ok
20:08:32.0993 13040 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:08:32.0995 13040 MRxDAV - ok
20:08:33.0025 13040 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:08:33.0027 13040 mrxsmb - ok
20:08:33.0041 13040 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:08:33.0044 13040 mrxsmb10 - ok
20:08:33.0050 13040 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:08:33.0052 13040 mrxsmb20 - ok
20:08:33.0070 13040 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
20:08:33.0071 13040 msahci - ok
20:08:33.0096 13040 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
20:08:33.0098 13040 msdsm - ok
20:08:33.0125 13040 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
20:08:33.0129 13040 MSDTC - ok
20:08:33.0159 13040 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:08:33.0161 13040 Msfs - ok
20:08:33.0167 13040 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
20:08:33.0169 13040 mshidkmdf - ok
20:08:33.0177 13040 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:08:33.0178 13040 msisadrv - ok
20:08:33.0197 13040 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:08:33.0201 13040 MSiSCSI - ok
20:08:33.0206 13040 msiserver - ok
20:08:33.0230 13040 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:08:33.0232 13040 MSKSSRV - ok
20:08:33.0276 13040 [ E077FCA2A7E79FB9BF67D3E30B5CE593 ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe
20:08:33.0276 13040 MsMpSvc - ok
20:08:33.0281 13040 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:08:33.0283 13040 MSPCLOCK - ok
20:08:33.0288 13040 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:08:33.0289 13040 MSPQM - ok
20:08:33.0302 13040 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:08:33.0305 13040 MsRPC - ok
20:08:33.0314 13040 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
20:08:33.0316 13040 mssmbios - ok
20:08:33.0322 13040 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:08:33.0324 13040 MSTEE - ok
20:08:33.0341 13040 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
20:08:33.0343 13040 MTConfig - ok
20:08:33.0357 13040 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
20:08:33.0359 13040 Mup - ok
20:08:33.0382 13040 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
20:08:33.0387 13040 napagent - ok
20:08:33.0415 13040 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:08:33.0418 13040 NativeWifiP - ok
20:08:33.0454 13040 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys
20:08:33.0461 13040 NDIS - ok
20:08:33.0479 13040 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
20:08:33.0481 13040 NdisCap - ok
20:08:33.0496 13040 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:08:33.0498 13040 NdisTapi - ok
20:08:33.0527 13040 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:08:33.0529 13040 Ndisuio - ok
20:08:33.0547 13040 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:08:33.0550 13040 NdisWan - ok
20:08:33.0562 13040 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:08:33.0564 13040 NDProxy - ok
20:08:33.0578 13040 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:08:33.0580 13040 NetBIOS - ok
20:08:33.0608 13040 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
20:08:33.0610 13040 NetBT - ok
20:08:33.0625 13040 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
20:08:33.0626 13040 Netlogon - ok
20:08:33.0661 13040 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
20:08:33.0665 13040 Netman - ok
20:08:33.0689 13040 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:08:33.0697 13040 NetMsmqActivator - ok
20:08:33.0701 13040 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:08:33.0702 13040 NetPipeActivator - ok
20:08:33.0719 13040 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
20:08:33.0725 13040 netprofm - ok
20:08:33.0731 13040 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:08:33.0733 13040 NetTcpActivator - ok
20:08:33.0737 13040 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:08:33.0738 13040 NetTcpPortSharing - ok
20:08:33.0777 13040 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
20:08:33.0779 13040 nfrd960 - ok
20:08:33.0805 13040 [ 2CD24A6AF497D0E9B9BF3DA924ED05E6 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
20:08:33.0807 13040 NisDrv - ok
20:08:33.0822 13040 [ 3B846434055F80D9E89D0742F3ADAD34 ] NisSrv C:\Program Files\Microsoft Security Client\NisSrv.exe
20:08:33.0826 13040 NisSrv - ok
20:08:33.0852 13040 [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc C:\Windows\System32\nlasvc.dll
20:08:33.0857 13040 NlaSvc - ok
20:08:33.0864 13040 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:08:33.0866 13040 Npfs - ok
20:08:33.0892 13040 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
20:08:33.0895 13040 nsi - ok
20:08:33.0907 13040 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:08:33.0907 13040 nsiproxy - ok
20:08:33.0947 13040 [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:08:33.0982 13040 Ntfs - ok
20:08:34.0034 13040 nTuneService - ok
20:08:34.0047 13040 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
20:08:34.0049 13040 Null - ok
20:08:34.0076 13040 [ 77F9F9A199B87FE3F852E12F5419240B ] NVHDA C:\Windows\system32\drivers\nvhda32v.sys
20:08:34.0079 13040 NVHDA - ok
20:08:34.0231 13040 [ C1E661888C719FC2E12C057F233FB238 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
20:08:34.0383 13040 nvlddmkm - ok
20:08:34.0415 13040 [ 96C5900331BD17344F338D006888BAE5 ] nvoclock C:\Windows\system32\DRIVERS\nvoclock.sys
20:08:34.0417 13040 nvoclock - ok
20:08:34.0438 13040 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:08:34.0441 13040 nvraid - ok
20:08:34.0460 13040 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:08:34.0463 13040 nvstor - ok
20:08:34.0507 13040 [ 31D7E63B62BC4680B5D1358F91DA104E ] nvsvc C:\Windows\system32\nvvsvc.exe
20:08:34.0516 13040 nvsvc - ok
20:08:34.0549 13040 [ 143B429F2D19A0F123ED8E4BCA8DB751 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
20:08:34.0574 13040 nvUpdatusService - ok
20:08:34.0597 13040 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
20:08:34.0600 13040 nv_agp - ok
20:08:34.0660 13040 [ 58F478FD0115012CEEC75FB73628901C ] OEM05Afx C:\Windows\system32\Drivers\OEM05Afx.sys
20:08:34.0662 13040 OEM05Afx - ok
20:08:34.0671 13040 [ 86326062A90494BDD79CE383511D7D69 ] OEM05Vfx C:\Windows\system32\DRIVERS\OEM05Vfx.sys
20:08:34.0672 13040 OEM05Vfx - ok
20:08:34.0686 13040 [ 3C60C2022CB93073DA2574DA90C962C2 ] OEM05Vid C:\Windows\system32\DRIVERS\OEM05Vid.sys
20:08:34.0689 13040 OEM05Vid - ok
20:08:34.0707 13040 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
20:08:34.0709 13040 ohci1394 - ok
20:08:34.0754 13040 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:08:34.0757 13040 ose - ok
20:08:34.0858 13040 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
20:08:34.0926 13040 osppsvc - ok
20:08:34.0972 13040 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
20:08:34.0977 13040 p2pimsvc - ok
20:08:34.0993 13040 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
20:08:34.0998 13040 p2psvc - ok
20:08:35.0030 13040 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
20:08:35.0032 13040 Parport - ok
20:08:35.0047 13040 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
20:08:35.0049 13040 partmgr - ok
20:08:35.0063 13040 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
20:08:35.0064 13040 Parvdm - ok
20:08:35.0076 13040 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
20:08:35.0080 13040 PcaSvc - ok
20:08:35.0109 13040 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
20:08:35.0112 13040 pci - ok
20:08:35.0122 13040 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
20:08:35.0123 13040 pciide - ok
20:08:35.0137 13040 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
20:08:35.0140 13040 pcmcia - ok
20:08:35.0151 13040 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
20:08:35.0153 13040 pcw - ok
20:08:35.0178 13040 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
20:08:35.0185 13040 PEAUTH - ok
20:08:35.0229 13040 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
20:08:35.0241 13040 PeerDistSvc - ok
20:08:35.0292 13040 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
20:08:35.0318 13040 pla - ok
20:08:35.0342 13040 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
20:08:35.0348 13040 PlugPlay - ok
20:08:35.0386 13040 [ 205E1B699FD3F2F9B036EEA2EC30C620 ] PnkBstrA C:\Windows\system32\PnkBstrA.exe
20:08:35.0389 13040 PnkBstrA - ok
20:08:35.0424 13040 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
20:08:35.0428 13040 PNRPAutoReg - ok
20:08:35.0438 13040 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
20:08:35.0442 13040 PNRPsvc - ok
20:08:35.0459 13040 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
20:08:35.0464 13040 PolicyAgent - ok
20:08:35.0473 13040 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
20:08:35.0477 13040 Power - ok
20:08:35.0510 13040 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
20:08:35.0512 13040 PptpMiniport - ok
20:08:35.0529 13040 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
20:08:35.0531 13040 Processor - ok
20:08:35.0561 13040 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
20:08:35.0565 13040 ProfSvc - ok
20:08:35.0572 13040 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
20:08:35.0574 13040 ProtectedStorage - ok
20:08:35.0585 13040 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
20:08:35.0587 13040 Psched - ok
20:08:35.0625 13040 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
20:08:35.0651 13040 ql2300 - ok
20:08:35.0663 13040 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
20:08:35.0667 13040 ql40xx - ok
20:08:35.0699 13040 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
20:08:35.0704 13040 QWAVE - ok
20:08:35.0713 13040 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
20:08:35.0713 13040 QWAVEdrv - ok
20:08:35.0727 13040 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
20:08:35.0730 13040 RasAcd - ok
20:08:35.0752 13040 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
20:08:35.0753 13040 RasAgileVpn - ok
20:08:35.0768 13040 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
20:08:35.0772 13040 RasAuto - ok
20:08:35.0784 13040 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
20:08:35.0786 13040 Rasl2tp - ok
20:08:35.0816 13040 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
20:08:35.0822 13040 RasMan - ok
20:08:35.0834 13040 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
20:08:35.0836 13040 RasPppoe - ok
20:08:35.0847 13040 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
20:08:35.0849 13040 RasSstp - ok
20:08:35.0858 13040 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
20:08:35.0861 13040 rdbss - ok
20:08:35.0869 13040 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
20:08:35.0870 13040 rdpbus - ok
20:08:35.0886 13040 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
20:08:35.0886 13040 RDPCDD - ok
20:08:35.0899 13040 [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
20:08:35.0902 13040 RDPDR - ok
20:08:35.0911 13040 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
20:08:35.0911 13040 RDPENCDD - ok
20:08:35.0927 13040 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
20:08:35.0929 13040 RDPREFMP - ok
20:08:35.0959 13040 [ 65375DF758CA1872AB7EBBBA457FD5E6 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
20:08:35.0978 13040 RdpVideoMiniport - ok
20:08:36.0005 13040 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
20:08:36.0008 13040 RDPWD - ok
20:08:36.0032 13040 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
20:08:36.0034 13040 rdyboost - ok
20:08:36.0064 13040 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
20:08:36.0067 13040 RemoteAccess - ok
20:08:36.0102 13040 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
20:08:36.0106 13040 RemoteRegistry - ok
20:08:36.0205 13040 [ 7728B6AEDC83BC0DEFD0A53371D4613B ] RichVideo C:\Program Files\CyberLink\Shared files\RichVideo.exe
20:08:36.0209 13040 RichVideo - ok
20:08:36.0232 13040 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
20:08:36.0236 13040 RpcEptMapper - ok
20:08:36.0267 13040 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
20:08:36.0270 13040 RpcLocator - ok
20:08:36.0282 13040 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
20:08:36.0287 13040 RpcSs - ok
20:08:36.0327 13040 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
20:08:36.0329 13040 rspndr - ok
20:08:36.0357 13040 [ D65AFEB11972B68BF6471E6E2A63D004 ] rzdaendpt C:\Windows\system32\DRIVERS\rzdaendpt.sys
20:08:36.0359 13040 rzdaendpt - ok
20:08:36.0380 13040 [ DC9AC446461D7C4143EB89FCB5B263D1 ] rzudd C:\Windows\system32\DRIVERS\rzudd.sys
20:08:36.0382 13040 rzudd - ok
20:08:36.0397 13040 [ 373F9AD32CD82E1A4604FADB7B551474 ] rzvkeyboard C:\Windows\system32\DRIVERS\rzvkeyboard.sys
20:08:36.0399 13040 rzvkeyboard - ok
20:08:36.0416 13040 [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
20:08:36.0417 13040 s3cap - ok
20:08:36.0430 13040 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
20:08:36.0431 13040 SamSs - ok
20:08:36.0461 13040 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
20:08:36.0463 13040 sbp2port - ok
20:08:36.0490 13040 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:08:36.0495 13040 SCardSvr - ok
20:08:36.0510 13040 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
20:08:36.0511 13040 scfilter - ok
20:08:36.0540 13040 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
20:08:36.0549 13040 Schedule - ok
20:08:36.0569 13040 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
20:08:36.0570 13040 SCPolicySvc - ok
20:08:36.0585 13040 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
20:08:36.0589 13040 SDRSVC - ok
20:08:36.0626 13040 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
20:08:36.0628 13040 secdrv - ok
20:08:36.0643 13040 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
20:08:36.0646 13040 seclogon - ok
20:08:36.0664 13040 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
20:08:36.0667 13040 SENS - ok
20:08:36.0697 13040 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
20:08:36.0700 13040 SensrSvc - ok
20:08:36.0717 13040 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
20:08:36.0718 13040 Serenum - ok
20:08:36.0733 13040 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
20:08:36.0735 13040 Serial - ok
20:08:36.0764 13040 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
20:08:36.0766 13040 sermouse - ok
20:08:36.0801 13040 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
20:08:36.0806 13040 SessionEnv - ok
20:08:36.0818 13040 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
20:08:36.0821 13040 sffdisk - ok
20:08:36.0829 13040 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
20:08:36.0831 13040 sffp_mmc - ok
20:08:36.0840 13040 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
20:08:36.0842 13040 sffp_sd - ok
20:08:36.0853 13040 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
20:08:36.0854 13040 sfloppy - ok
20:08:36.0883 13040 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
20:08:36.0889 13040 SharedAccess - ok
20:08:36.0903 13040 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:08:36.0935 13040 ShellHWDetection - ok
20:08:36.0975 13040 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
20:08:37.0007 13040 sisagp - ok
20:08:37.0075 13040 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
20:08:37.0111 13040 SiSRaid2 - ok
20:08:37.0123 13040 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
20:08:37.0125 13040 SiSRaid4 - ok
20:08:37.0154 13040 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
20:08:37.0156 13040 Smb - ok
20:08:37.0202 13040 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:08:37.0205 13040 SNMPTRAP - ok
20:08:37.0219 13040 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
20:08:37.0221 13040 spldr - ok
20:08:37.0242 13040 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
20:08:37.0247 13040 Spooler - ok
20:08:37.0301 13040 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
20:08:37.0353 13040 sppsvc - ok
20:08:37.0372 13040 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
20:08:37.0376 13040 sppuinotify - ok
20:08:37.0398 13040 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
20:08:37.0402 13040 srv - ok
20:08:37.0412 13040 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:08:37.0416 13040 srv2 - ok
20:08:37.0431 13040 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:08:37.0433 13040 srvnet - ok
20:08:37.0449 13040 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:08:37.0453 13040 SSDPSRV - ok
20:08:37.0463 13040 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
20:08:37.0467 13040 SstpSvc - ok
20:08:37.0501 13040 [ B218068EBA6F46F102B4218BDB81BE0B ] STacSV C:\Windows\system32\STacSV.exe
20:08:37.0505 13040 STacSV - ok
20:08:37.0526 13040 Steam Client Service - ok
20:08:37.0570 13040 [ 0632004181860960CF6E10DE8DDEF78B ] Stereo Service C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
20:08:37.0575 13040 Stereo Service - ok
20:08:37.0595 13040 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
20:08:37.0596 13040 stexstor - ok
20:08:37.0624 13040 [ 167909A1C36AA3E8F2582962F0CCC748 ] STHDA C:\Windows\system32\drivers\stwrt.sys
20:08:37.0629 13040 STHDA - ok
20:08:37.0653 13040 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
20:08:37.0660 13040 StiSvc - ok
20:08:37.0670 13040 [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
20:08:37.0672 13040 storflt - ok
20:08:37.0704 13040 [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc C:\Windows\system32\drivers\storvsc.sys
20:08:37.0706 13040 storvsc - ok
20:08:37.0728 13040 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
20:08:37.0730 13040 swenum - ok
20:08:37.0761 13040 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
20:08:37.0767 13040 swprv - ok
20:08:37.0777 13040 Synth3dVsc - ok
20:08:37.0812 13040 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
20:08:37.0831 13040 SysMain - ok
20:08:37.0848 13040 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:08:37.0852 13040 TabletInputService - ok
20:08:37.0876 13040 [ 8CF6E2AE1707D82E904ECCA68CEF8B87 ] tap0901 C:\Windows\system32\DRIVERS\tap0901.sys
20:08:37.0905 13040 tap0901 - ok
20:08:37.0933 13040 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
20:08:37.0939 13040 TapiSrv - ok
20:08:37.0975 13040 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
20:08:37.0980 13040 TBS - ok
20:08:38.0016 13040 [ E23A56F843E2AEBBB209D0ACCA73C640 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:08:38.0044 13040 Tcpip - ok
20:08:38.0083 13040 [ E23A56F843E2AEBBB209D0ACCA73C640 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
20:08:38.0092 13040 TCPIP6 - ok
20:08:38.0129 13040 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:08:38.0131 13040 tcpipreg - ok
20:08:38.0155 13040 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
20:08:38.0157 13040 TDPIPE - ok
20:08:38.0180 13040 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
20:08:38.0182 13040 TDTCP - ok
20:08:38.0192 13040 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:08:38.0195 13040 tdx - ok
20:08:38.0205 13040 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys
20:08:38.0208 13040 TermDD - ok
20:08:38.0237 13040 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
20:08:38.0246 13040 TermService - ok
20:08:38.0259 13040 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
20:08:38.0262 13040 Themes - ok
20:08:38.0273 13040 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
20:08:38.0274 13040 THREADORDER - ok
20:08:38.0293 13040 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
20:08:38.0297 13040 TrkWks - ok
20:08:38.0332 13040 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:08:38.0336 13040 TrustedInstaller - ok
20:08:38.0346 13040 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
20:08:38.0347 13040 tssecsrv - ok
20:08:38.0373 13040 [ 9CE253214ACAA5A7D323327D2055EFAA ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
20:08:38.0397 13040 TsUsbFlt - ok
20:08:38.0402 13040 tsusbhub - ok
20:08:38.0435 13040 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
20:08:38.0438 13040 tunnel - ok
20:08:38.0464 13040 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
20:08:38.0466 13040 uagp35 - ok
20:08:38.0493 13040 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:08:38.0497 13040 udfs - ok
20:08:38.0528 13040 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:08:38.0532 13040 UI0Detect - ok
20:08:38.0557 13040 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
20:08:38.0559 13040 uliagpkx - ok
20:08:38.0580 13040 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\DRIVERS\umbus.sys
20:08:38.0581 13040 umbus - ok
20:08:38.0604 13040 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
20:08:38.0606 13040 UmPass - ok
20:08:38.0642 13040 [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService C:\Windows\System32\umrdp.dll
20:08:38.0647 13040 UmRdpService - ok
20:08:38.0683 13040 [ BB879DCFD22926EFBEB3298129898CBB ] UnlockerDriver5 J:\Program Files\Unlocker\UnlockerDriver5.sys
20:08:38.0710 13040 UnlockerDriver5 - ok
20:08:38.0745 13040 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
20:08:38.0750 13040 upnphost - ok
20:08:38.0783 13040 [ 73B41F4EAD65F355962168D766AF0F2E ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
20:08:38.0785 13040 USBAAPL - ok
20:08:38.0813 13040 [ 1D9F2BD026E8E2D45033A4DF3F16B78C ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
20:08:38.0815 13040 usbaudio - ok
20:08:38.0843 13040 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
20:08:38.0845 13040 usbccgp - ok
20:08:38.0862 13040 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
20:08:38.0864 13040 usbcir - ok
20:08:38.0879 13040 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\drivers\usbehci.sys
20:08:38.0880 13040 usbehci - ok
20:08:38.0893 13040 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
20:08:38.0897 13040 usbhub - ok
20:08:38.0907 13040 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\drivers\usbohci.sys
20:08:38.0909 13040 usbohci - ok
20:08:38.0930 13040 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
20:08:38.0932 13040 usbprint - ok
20:08:38.0953 13040 [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
20:08:38.0955 13040 usbscan - ok
20:08:38.0969 13040 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:08:38.0971 13040 USBSTOR - ok
20:08:38.0980 13040 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
20:08:38.0981 13040 usbuhci - ok
20:08:39.0003 13040 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
20:08:39.0007 13040 UxSms - ok
20:08:39.0019 13040 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
20:08:39.0021 13040 VaultSvc - ok
20:08:39.0031 13040 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
20:08:39.0033 13040 vdrvroot - ok
20:08:39.0052 13040 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
20:08:39.0060 13040 vds - ok
20:08:39.0074 13040 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
20:08:39.0076 13040 vga - ok
20:08:39.0088 13040 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
20:08:39.0090 13040 VgaSave - ok
20:08:39.0094 13040 VGPU - ok
20:08:39.0112 13040 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
20:08:39.0116 13040 vhdmp - ok
20:08:39.0135 13040 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
20:08:39.0137 13040 viaagp - ok
20:08:39.0151 13040 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
20:08:39.0153 13040 ViaC7 - ok
20:08:39.0163 13040 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
20:08:39.0165 13040 viaide - ok
20:08:39.0201 13040 [ 07C20E596A0838809BC5FF5DE5A65973 ] VKbms C:\Windows\system32\DRIVERS\VKbms.sys
20:08:39.0224 13040 VKbms - ok
20:08:39.0241 13040 [ C2F2911156FDC7817C52829C86DA494E ] vmbus C:\Windows\system32\drivers\vmbus.sys
20:08:39.0244 13040 vmbus - ok
20:08:39.0258 13040 [ D4D77455211E204F370D08F4963063CE ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
20:08:39.0260 13040 VMBusHID - ok
20:08:39.0275 13040 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
20:08:39.0277 13040 volmgr - ok
20:08:39.0294 13040 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
20:08:39.0297 13040 volmgrx - ok
20:08:39.0310 13040 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
20:08:39.0313 13040 volsnap - ok
20:08:39.0337 13040 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
20:08:39.0340 13040 vsmraid - ok
20:08:39.0373 13040 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
20:08:39.0386 13040 VSS - ok
20:08:39.0425 13040 [ 682FCF7D2EB5158CD30408E976562408 ] VSTHWBS2 C:\Windows\system32\DRIVERS\VSTBS23.SYS
20:08:39.0429 13040 VSTHWBS2 - ok
20:08:39.0456 13040 [ CEB4E3B6890E1E42DCA6694D9E59E1A0 ] VST_DPV C:\Windows\system32\DRIVERS\VSTDPV3.SYS
20:08:39.0466 13040 VST_DPV - ok
20:08:39.0474 13040 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
20:08:39.0476 13040 vwifibus - ok
20:08:39.0510 13040 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
20:08:39.0516 13040 W32Time - ok
20:08:39.0544 13040 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
20:08:39.0545 13040 WacomPen - ok
20:08:39.0577 13040 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
20:08:39.0579 13040 WANARP - ok
20:08:39.0583 13040 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
20:08:39.0583 13040 Wanarpv6 - ok
20:08:39.0639 13040 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
20:08:39.0665 13040 WatAdminSvc - ok
20:08:39.0700 13040 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
20:08:39.0725 13040 wbengine - ok
20:08:39.0756 13040 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
20:08:39.0762 13040 WbioSrvc - ok
20:08:39.0783 13040 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:08:39.0789 13040 wcncsvc - ok
20:08:39.0795 13040 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:08:39.0799 13040 WcsPlugInService - ok
20:08:39.0819 13040 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
20:08:39.0821 13040 Wd - ok
20:08:39.0848 13040 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
20:08:39.0854 13040 Wdf01000 - ok
20:08:39.0862 13040 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
20:08:39.0866 13040 WdiServiceHost - ok
20:08:39.0869 13040 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
20:08:39.0872 13040 WdiSystemHost - ok
20:08:39.0883 13040 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
20:08:39.0889 13040 WebClient - ok
20:08:39.0899 13040 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
20:08:39.0904 13040 Wecsvc - ok
20:08:39.0916 13040 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
20:08:39.0920 13040 wercplsupport - ok
20:08:39.0937 13040 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
20:08:39.0942 13040 WerSvc - ok
20:08:40.0021 13040 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
20:08:40.0024 13040 WfpLwf - ok
20:08:40.0040 13040 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
20:08:40.0042 13040 WIMMount - ok
20:08:40.0064 13040 [ BC0C7EA89194C299F051C24119000E17 ] winachsf C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
20:08:40.0071 13040 winachsf - ok
20:08:40.0132 13040 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
20:08:40.0139 13040 WinDefend - ok
20:08:40.0147 13040 WinHttpAutoProxySvc - ok
20:08:40.0204 13040 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
20:08:40.0206 13040 Winmgmt - ok
20:08:40.0241 13040 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
20:08:40.0267 13040 WinRM - ok
20:08:40.0309 13040 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
20:08:40.0310 13040 WinUsb - ok
20:08:40.0348 13040 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
20:08:40.0359 13040 Wlansvc - ok
20:08:40.0408 13040 [ FB01D4AE207B9EFDBABFC55DC95C7E31 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:08:40.0435 13040 wlidsvc - ok
20:08:40.0457 13040 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
20:08:40.0459 13040 WmiAcpi - ok
20:08:40.0487 13040 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
20:08:40.0490 13040 wmiApSrv - ok
20:08:40.0552 13040 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
20:08:40.0570 13040 WMPNetworkSvc - ok
20:08:40.0598 13040 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
20:08:40.0602 13040 WPCSvc - ok
20:08:40.0622 13040 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
20:08:40.0626 13040 WPDBusEnum - ok
20:08:40.0648 13040 WPFFontCache_v0400 - ok
20:08:40.0668 13040 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
20:08:40.0670 13040 ws2ifsl - ok
20:08:40.0684 13040 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\System32\wscsvc.dll
20:08:40.0688 13040 wscsvc - ok
20:08:40.0692 13040 WSearch - ok
20:08:40.0745 13040 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
20:08:40.0788 13040 wuauserv - ok
20:08:40.0816 13040 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
20:08:40.0819 13040 WudfPf - ok
20:08:40.0845 13040 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
20:08:40.0848 13040 WUDFRd - ok
20:08:40.0878 13040 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
20:08:40.0882 13040 wudfsvc - ok
20:08:40.0910 13040 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
20:08:40.0915 13040 WwanSvc - ok
20:08:40.0944 13040 [ EE9144207EE0211EB5656BA6808AC4A0 ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys
20:08:40.0975 13040 xusb21 - ok
20:08:41.0021 13040 [ 74EC37B9EAF9FCA015B933A526825C7A ] {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC} C:\Program Files\CyberLink\PowerDVD10\NavFilter\000.fcl
20:08:41.0024 13040 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC} - ok
20:08:41.0029 13040 ================ Scan global ===============================
20:08:41.0051 13040 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
20:08:41.0070 13040 [ D70FE45855CAD4C0C6B1C1426ABDEBA9 ] C:\Windows\system32\winsrv.dll
20:08:41.0121 13040 [ D70FE45855CAD4C0C6B1C1426ABDEBA9 ] C:\Windows\system32\winsrv.dll
20:08:41.0153 13040 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
20:08:41.0178 13040 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
20:08:41.0183 13040 [Global] - ok
20:08:41.0183 13040 ================ Scan MBR ==================================
20:08:41.0195 13040 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
20:08:41.0591 13040 \Device\Harddisk0\DR0 - ok
20:08:41.0619 13040 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
20:08:41.0736 13040 \Device\Harddisk1\DR1 - ok
20:08:41.0759 13040 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk2\DR2
20:08:41.0911 13040 \Device\Harddisk2\DR2 - ok
20:08:41.0911 13040 ================ Scan VBR ==================================
20:08:41.0918 13040 [ 91B5BE93964B44AFBA10ECF51B4BD741 ] \Device\Harddisk0\DR0\Partition1
20:08:41.0920 13040 \Device\Harddisk0\DR0\Partition1 - ok
20:08:41.0934 13040 [ 67319CCB8CE77BC4D89CCB8E85756D92 ] \Device\Harddisk0\DR0\Partition2
20:08:41.0937 13040 \Device\Harddisk0\DR0\Partition2 - ok
20:08:41.0940 13040 [ 11D6C4BCA104C122AB9469BDDDE90420 ] \Device\Harddisk1\DR1\Partition1
20:08:41.0943 13040 \Device\Harddisk1\DR1\Partition1 - ok
20:08:41.0946 13040 [ C20BF30272BB7F357EC88156EEBEBFF9 ] \Device\Harddisk2\DR2\Partition1
20:08:41.0948 13040 \Device\Harddisk2\DR2\Partition1 - ok
20:08:41.0948 13040 ============================================================
20:08:41.0948 13040 Scan finished
20:08:41.0948 13040 ============================================================
20:08:41.0959 8316 Detected object count: 0
20:08:41.0959 8316 Actual detected object count: 0


AswMBR

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-01-11 20:15:39
-----------------------------
20:15:39.364 OS Version: Windows 6.1.7601 Service Pack 1
20:15:39.364 Number of processors: 4 586 0xF0B
20:15:39.366 ComputerName: LANNY UserName: user
20:15:40.077 Initialize success
20:19:03.778 AVAST engine defs: 13011101
20:19:41.909 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
20:19:41.911 Disk 0 Vendor: ST3500413AS JC45 Size: 476940MB BusType: 3
20:19:41.924 Disk 0 MBR read successfully
20:19:41.927 Disk 0 MBR scan
20:19:41.945 Disk 0 Windows 7 default MBR code
20:19:41.955 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 102938 MB offset 2048
20:19:42.004 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 374000 MB offset 210819072
20:19:42.020 Disk 0 scanning sectors +976771072
20:19:42.139 Disk 0 scanning C:\Windows\system32\drivers
20:19:58.951 Service scanning
20:20:13.951 Service MpKsldb5994dd C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F1B1AAE3-F5DD-4F14-AA88-23112BF2C1B7}\MpKsldb5994dd.sys **LOCKED** 32
20:20:36.092 Modules scanning
20:20:44.037 Disk 0 trace - called modules:
20:20:44.390 ntkrnlpa.exe CLASSPNP.SYS disk.sys ataport.SYS halmacpi.dll pciide.sys PCIIDEX.SYS atapi.sys
20:20:44.395 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x9e80c790]
20:20:44.401 3 CLASSPNP.SYS[a420459e] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x9d9e2908]
20:20:46.913 AVAST engine scan C:\Windows
20:20:49.162 AVAST engine scan C:\Windows\system32
20:25:21.877 AVAST engine scan C:\Windows\system32\drivers
20:25:41.430 AVAST engine scan C:\Users\user
21:05:57.075 AVAST engine scan C:\ProgramData
21:08:36.036 Scan finished successfully
21:11:01.253 Disk 0 MBR has been saved successfully to "J:\Documents\MBR.dat"
21:11:01.260 The log file has been saved successfully to "J:\Documents\aswMBR1.txt"


ESET

I forgot to save the list. But it said No threats found and I'm positive. I scanned for about 2 hours.


Edited by CloseToHome, 11 January 2013 - 10:57 PM.


#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:30 AM

Posted 11 January 2013 - 11:32 PM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.


Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

Edited by narenxp, 11 January 2013 - 11:33 PM.


#5 CloseToHome

CloseToHome
  • Topic Starter

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Local time:12:30 AM

Posted 12 January 2013 - 12:18 PM

Yes sir, here; it goes :)

mbam:

kmMalwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Database version: v2013.01.12.05

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
user :: LANNY [administrator]

1/12/2013 3:11:11 AM
mbam-log-2013-01-12 (03-11-11).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 399217
Time elapsed: 57 minute(s), 22 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


minitookbox:

MiniToolBox by Farbar Version:10-01-2013
Ran by user (administrator) on 11-01-2013 at 23:52:42
Running from "J:\Documents\Flashget Download"
Windows 7 Ultimate Service Pack 1 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

::1 localhost

127.0.0.1 localhost

========================= IP Configuration: ================================

Intel® 82566DC-2 Gigabit Network Connection = Local Area Connection (Connected)
TAP-Win32 Adapter V9 = Local Area Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Lanny
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : TAP-Win32 Adapter V9
Physical Address. . . . . . . . . : 00-FF-BA-0A-3D-F0
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® 82566DC-2 Gigabit Network Connection
Physical Address. . . . . . . . . : 00-1D-09-1E-3B-09
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::ad85:4b50:eb18:32d5%9(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.4(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Wednesday, January 09, 2013 5:18:11 AM
Lease Expires . . . . . . . . . . : Saturday, January 12, 2013 5:18:11 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 167779593
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-E6-F5-07-00-1D-09-1E-3B-09
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{32A6A4E1-E53D-4336-A8CB-49A1A0494681}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:953c:2c02:2381:bdf4:55ac(Preferred)
Link-local IPv6 Address . . . . . : fe80::2c02:2381:bdf4:55ac%11(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{BA0A3DF0-391E-4BC2-A604-37201236146F}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: 192.168.1.1

DNS request timed out.
timeout was 2 seconds.
Name: google.com
Address: 2607:f8b0:400b:800::1001


Pinging google.com [74.125.226.3] with 32 bytes of data:
Reply from 74.125.226.3: bytes=32 time=14ms TTL=56
Reply from 74.125.226.3: bytes=32 time=15ms TTL=56

Ping statistics for 74.125.226.3:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 14ms, Maximum = 15ms, Average = 14ms
Server: UnKnown
Address: 192.168.1.1

Name: yahoo.com
Addresses: 98.138.253.109
98.139.183.24
72.30.38.140


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=210ms TTL=53
Reply from 72.30.38.140: bytes=32 time=130ms TTL=53

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 130ms, Maximum = 210ms, Average = 170ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
14...00 ff ba 0a 3d f0 ......TAP-Win32 Adapter V9
9...00 1d 09 1e 3b 09 ......Intel® 82566DC-2 Gigabit Network Connection
1...........................Software Loopback Interface 1
10...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
11...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.4 10
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.4 266
192.168.1.4 255.255.255.255 On-link 192.168.1.4 266
192.168.1.255 255.255.255.255 On-link 192.168.1.4 266
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.4 266
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.4 266
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
11 58 ::/0 On-link
1 306 ::1/128 On-link
11 58 2001::/32 On-link
11 306 2001:0:9d38:953c:2c02:2381:bdf4:55ac/128
On-link
9 266 fe80::/64 On-link
11 306 fe80::/64 On-link
11 306 fe80::2c02:2381:bdf4:55ac/128
On-link
9 266 fe80::ad85:4b50:eb18:32d5/128
On-link
1 306 ff00::/8 On-link
11 306 ff00::/8 On-link
9 266 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\System32\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\System32\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (01/11/2013 08:14:40 PM) (Source: Application Error) (User: )
Description: Faulting application name: aswMBR(1).exe, version: 0.9.9.1707, time stamp: 0x509be8bf
Faulting module name: kernel32.dll, version: 6.1.7601.18015, time stamp: 0x50b83b15
Exception code: 0xc0000005
Fault offset: 0x0004c35d
Faulting process id: 0x2c38
Faulting application start time: 0xaswMBR(1).exe0
Faulting application path: aswMBR(1).exe1
Faulting module path: aswMBR(1).exe2
Report Id: aswMBR(1).exe3

Error: (01/11/2013 00:48:28 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (01/11/2013 00:48:28 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (01/11/2013 00:48:28 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (01/11/2013 00:48:27 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (01/11/2013 00:48:27 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (01/11/2013 00:48:27 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (01/11/2013 00:48:27 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (01/11/2013 00:48:26 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (01/11/2013 00:48:26 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.


System errors:
=============
Error: (01/11/2013 10:39:04 PM) (Source: volsnap) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (01/09/2013 09:15:45 AM) (Source: volsnap) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (01/09/2013 05:18:15 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
KLIM6

Error: (01/06/2013 07:06:02 PM) (Source: volsnap) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (01/02/2013 04:32:50 AM) (Source: volsnap) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (12/31/2012 05:12:35 PM) (Source: volsnap) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (12/30/2012 03:18:58 AM) (Source: volsnap) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (12/30/2012 01:06:52 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
KLIM6

Error: (12/28/2012 01:57:32 PM) (Source: volsnap) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (12/26/2012 03:27:07 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
KLIM6


Microsoft Office Sessions:
=========================
Error: (01/11/2013 08:14:40 PM) (Source: Application Error)(User: )
Description: aswMBR(1).exe0.9.9.1707509be8bfkernel32.dll6.1.7601.1801550b83b15c00000050004c35d2c3801cdf06214f14044J:\Documents\Flashget Download\aswMBR(1).exeC:\Windows\system32\kernel32.dll6fbc3313-5c55-11e2-b3db-001d091e3b09

Error: (01/11/2013 00:48:28 AM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\Razer\razer_common_driver\Vista_XP\DPInst_amd64.exe

Error: (01/11/2013 00:48:28 AM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\Razer\razer_common_driver\Drivers\DPInst_amd64.exe

Error: (01/11/2013 00:48:28 AM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\Razer\imperator\firmware updater\bootloader\DPInst_amd64.exe

Error: (01/11/2013 00:48:27 AM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\Razer\deathadder\DriverN\x64\DPInst.exe

Error: (01/11/2013 00:48:27 AM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\Razer\deathadder\DriverN\vista64\DPInst.exe

Error: (01/11/2013 00:48:27 AM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\Razer\deathadder\DriverN\Win764\DPInst.exe

Error: (01/11/2013 00:48:27 AM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\Razer\deathadder\Driver\x64\DPInst.exe

Error: (01/11/2013 00:48:26 AM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\Razer\deathadder\Driver\vista64\DPInst.exe

Error: (01/11/2013 00:48:26 AM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\Razer\deathadder\Driver\Win764\DPInst.exe


CodeIntegrity Errors:
===================================
Date: 2011-08-25 16:46:12.460
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\KLIFX86\klif.sys because the set of per-page image hashes could not be found on the system.

Date: 2011-08-25 16:46:12.368
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\KLIFX86\klif.sys because the set of per-page image hashes could not be found on the system.

Date: 2011-08-25 16:46:12.262
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\KLIFX86\klif.sys because the set of per-page image hashes could not be found on the system.

Date: 2011-08-25 16:46:12.169
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\KLIFX86\klif.sys because the set of per-page image hashes could not be found on the system.

Date: 2011-08-25 16:45:59.373
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\KLIFX86\klmouflt.sys because the set of per-page image hashes could not be found on the system.

Date: 2011-08-25 16:45:59.291
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\KLIFX86\klmouflt.sys because the set of per-page image hashes could not be found on the system.

Date: 2011-08-25 16:45:59.211
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\KLIFX86\klmouflt.sys because the set of per-page image hashes could not be found on the system.

Date: 2011-08-25 16:45:59.130
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\KLIFX86\klmouflt.sys because the set of per-page image hashes could not be found on the system.

Date: 2011-08-25 16:45:59.049
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\KLIFX86\klmouflt.sys because the set of per-page image hashes could not be found on the system.

Date: 2011-08-25 16:45:58.904
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\KLIFX86\klif.sys because the set of per-page image hashes could not be found on the system.


=========================== Installed Programs ============================

µTorrent (Version: 3.1.3)
32 bit Windows Card Reader Driver (Version: 1.1.0.0)
ABBYY FineReader 6.0 Sprint (Version: 6.00.1395.4512)
abgx360 v1.0.6
Adobe Flash Player 11 ActiveX (Version: 11.4.402.287)
Adobe Flash Player 11 Plugin (Version: 11.5.502.135)
Adobe Reader X (10.1.5) (Version: 10.1.5)
Adobe Shockwave Player 11.6 (Version: 11.6.8.638)
All Sound Recorder Vista 1.30
Apple Application Support (Version: 2.3)
Apple Mobile Device Support (Version: 6.0.0.59)
Apple Software Update (Version: 2.1.3.127)
ArcSoft Print Creations
ArcSoft Print Creations - Greeting Card
ArcSoft Print Creations - Photo Book
ArcSoft Print Creations - Photo Calendar
ArcSoft Print Creations - Photo Prints
Assassin's Creed ® III (Version: 1.01)
Assassin's Creed Revelations (Version: 1.01)
Audacity 1.3.13 (Unicode)
AVS Update Manager 1.0
AVS Video Converter 8
AVS4YOU Software Navigator 1.4
Back to the Future The Game - Episode 1 (Version: 1.0.0.0)
Back to the Future The Game - Episode 2 (Version: 1.0.0.0)
Back to the Future The Game - Episode 3 (Version: 1.0.0.0)
Back to the Future The Game - Episode 4 (Version: 1.0.0.15)
Back to the Future The Game - Episode 5 (Version: 1.0.0.15)
Batman Arkham City version 1.0 (Version: 1.0)
Battlefield 3™ (Version: 1.4.0.0)
Battlelog Web Plugins (Version: 2.1.2)
Bonjour (Version: 3.0.0.10)
Call of Duty: Black Ops II
Call of Duty: Black Ops II - Multiplayer
Call of Duty: Modern Warfare 3 - Multiplayer
Call of Juarez The Cartel
CCleaner (Version: 3.23)
Cheat Engine 6.1
Counter-Strike: Source
CyberGhost VPN Patch 4.7.19
CyberLink PowerDirector (Version: 9.0.0.2316)
CyberLink PowerDVD 10 (Version: 10.0.2325.51)
CyberLink WaveEditor (Version: 1.0.1.2228b)
D3DX10 (Version: 15.4.2368.0902)
DAEMON Tools Pro (Version: 4.41.0314.0232)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
DiRT 3 (Version: 1.0.0001.130)
Dropbox (Version: 1.1.45)
EPSON Artisan 800 Series Printer Uninstall
Epson Event Manager (Version: 2.01.00)
Epson Print CD (Version: 2.00.00)
EPSON Scan
ESET Online Scanner v3
ESN Sonar (Version: 0.70.4)
FileZilla Client 3.5.0 (Version: 3.5.0)
FlashGet 1.9.6.1073 (Version: 1.9.6.1073)
Fraps
Google Chrome (Version: 24.0.1312.52)
Google Update Helper (Version: 1.3.21.123)
HyperCam 3 (Version: 3.0.912.18)
HyperSnap 7 (Version: 7.06.01)
ImgBurn (Version: 2.5.7.0)
InfraRecorder
Intel® PRO Network Connections 12.1.12.4 (Version: )
iTunes (Version: 10.7.0.21)
Java 7 Update 10 (Version: 7.0.100)
Java Auto Updater (Version: 2.1.9.0)
JavaFX 2.1.1 (Version: 2.1.1)
L.A. Noire (Version: 1.00.0000)
LAME v3.98.3 for Audacity
LibUSB-Win32-0.1.10.1 (Version: 0.1.10.1)
LIMBO
London 2012: The Official Video Game of the Olympic Games
Lucius 1.01.3173 (Version: 1.01.3173)
Major League Baseball 2K12 (Version: 1.0.0)
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
Max Payne 3 (Version: 1.0.0.0)
Metro 2033
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Games for Windows - LIVE Redistributable (Version: 3.5.88.0)
Microsoft Games for Windows Marketplace (Version: 3.5.50.0)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Security Client (Version: 4.1.0522.0)
Microsoft Security Essentials (Version: 4.1.522.0)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Midnight Club II
mIRC (Version: 7.22)
Monitor Webcam (SP2208WFP) Driver (1.00.08.0720)
Monopoly
MotioninJoy ds3 driver version 0.6.0004 (Version: 0.6.00001)
Mozilla Firefox 18.0 (x86 en-US) (Version: 18.0)
Mozilla Maintenance Service (Version: 18.0)
MSN Connection Center (Version: 1.8)
MSVCRT (Version: 15.4.2862.0708)
Need for Speed™ The Run (Version: 1.0.0.0)
NetWaiting (Version: 2.5.47)
Nexus Mod Manager (Version: 0.13.1)
NVIDIA 3D Vision Controller Driver (Version: 280.19)
NVIDIA 3D Vision Controller Driver 310.70 (Version: 310.70)
NVIDIA 3D Vision Driver 310.70 (Version: 310.70)
NVIDIA Control Panel 310.70 (Version: 310.70)
NVIDIA Drivers (Version: 1.10)
NVIDIA Graphics Driver 310.70 (Version: 310.70)
NVIDIA HD Audio Driver 1.3.18.0 (Version: 1.3.18.0)
NVIDIA Install Application (Version: 2.1002.95.599)
NVIDIA Performance (Version: 6.5)
NVIDIA PhysX (Version: 9.12.1031)
NVIDIA PhysX System Software 9.12.1031 (Version: 9.12.1031)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.1070)
NVIDIA Update 1.11.3 (Version: 1.11.3)
NVIDIA Update Components (Version: 1.11.3)
Octoshape Streaming Services
OpenAL
Origin (Version: 9.0.15.65)
PAYDAY: The Heist
Pod to PC 4.027
Power Challenge Game Plugin
PunkBuster Services (Version: 0.991)
QuickTime (Version: 7.73.80.64)
Rapture3D 2.4.8 Game
Razer DeathAdder™ Mouse (Version: 3.05)
Razer Imperator (Version: 2.02.00)
Razer Imperator Firmware Updater (Version: 1.16.00)
Razer Synapse 2.0 (Version: 1.6.1)
Rockstar Games Social Club (Version: 1.0.9.5)
Safari (Version: 5.34.57.2)
Saints Row The Third
Segoe UI (Version: 15.4.2271.0615)
SigmaTel Audio (Version: 5.10.5102.0)
SKTimeStamp (Version: 1.3.3)
Sleeping Dogs
Sniper Elite V2
Steam (Version: 1.0.0.0)
swMSM (Version: 12.0.0.1)
System Requirements Lab
System Requirements Lab CYRI (Version: 5.0.6.0)
The Amazing Spider-Man
The Darkness II
The Walking Dead © 3 version 1 (Version: 1)
The Walking Dead Episode 4 © Telltale Games version 1 (Version: 1)
The Walking Dead Episode 5 © Telltales version 1 (Version: 1)
Toy Soldiers
Ubisoft Game Launcher (Version: 1.0.0.0)
Unity Web Player (Version: )
Unlocker 1.9.1 (Version: 1.9.1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
Uplay (Version: 2.0)
VLC media player 2.0.4 (Version: 2.0.4)
Windows 7 Upgrade Advisor (Version: 2.0.5000.0)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
WinRAR 4.01 (32-bit) (Version: 4.01.0)
Xvid Video Codec (Version: 1.3.2)

========================= Memory info: ===================================

Percentage of memory in use: 51%
Total physical RAM: 3069.94 MB
Available physical RAM: 1502.23 MB
Total Pagefile: 6138.17 MB
Available Pagefile: 3003.53 MB
Total Virtual: 2499.88 MB
Available Virtual: 2380.61 MB

========================= Partitions: =====================================

1 Drive c: (Partition Drive) (Fixed) (Total:100.53 GB) (Free:16.6 GB) NTFS
7 Drive i: (FreeAgentGoFlex Drive) (Fixed) (Total:1863.01 GB) (Free:1004.37 GB) NTFS
8 Drive j: (Local Disk) (Fixed) (Total:365.23 GB) (Free:262.35 GB) NTFS
9 Drive k: (IMATION) (Fixed) (Total:931.51 GB) (Free:5.88 GB) NTFS
10 Drive l: (rld-twdep5) (CDROM) (Total:3.5 GB) (Free:0 GB) CDFS
11 Drive m: (AssassinsCreed3_1) (CDROM) (Total:8.01 GB) (Free:0 GB) UDF
12 Drive n: (AssassinsCreed3_2) (CDROM) (Total:7.3 GB) (Free:0 GB) UDF

========================= Users: ========================================

User accounts for \\LANNY

Administrator Guest Mcx1-LANNY
UpdatusUser user

========================= Restore Points ==================================


**** End of log ****


Farbar:

Farbar Service Scanner Version: 05-01-2013
Ran by user (administrator) on 11-01-2013 at 23:54:53
Running from "J:\Documents\Flashget Download"
Windows 7 Ultimate Service Pack 1 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error. Google IP is offline
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Other Services:
==============


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcore.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys
[2012-11-13 17:57] - [2012-10-03 11:58] - 1293680 ____A (Microsoft Corporation) E23A56F843E2AEBBB209D0ACCA73C640

C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****


Adware Cleaner:

# AdwCleaner v2.105 - Logfile created 01/11/2013 at 23:57:53
# Updated 08/01/2013 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (32 bits)
# User : user - LANNY
# Boot Mode : Normal
# Running from : C:\Users\user\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\Software\ImInstaller

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Registry is clean.

-\\ Mozilla Firefox v18.0 (en-US)

-\\ Google Chrome v24.0.1312.52

*************************

AdwCleaner[S3].txt - [2100 octets] - [28/08/2012 22:22:03]
AdwCleaner[S5].txt - [767 octets] - [11/01/2013 23:57:53]

########## EOF - C:\AdwCleaner[S5].txt - [826 octets] ##########


JunkwareTool Removal:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.4.2 (01.08.2013:1)
OS: Windows 7 Ultimate x86
Ran by user on Sat 01/12/2013 at 0:03:45.43
Blog: http://thisisudax.blogspot.com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] hkey_current_user\software\appdatalow\software\utorrentbar



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\user\appdata\local\conduit"
Successfully deleted: [Folder] "C:\Users\user\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Users\user\appdata\locallow\conduitengine"
Successfully deleted: [Folder] "C:\Users\user\appdata\locallow\utorrentbar"



~~~ FireFox

Successfully deleted: [File] C:\Users\user\AppData\Roaming\mozilla\firefox\profiles\hludjtbw.default\user.js
Successfully deleted: [File] C:\Users\user\AppData\Roaming\mozilla\firefox\profiles\hludjtbw.default\searchplugins\conduit.xml
Successfully deleted: [Folder] C:\Users\user\AppData\Roaming\mozilla\firefox\profiles\hludjtbw.default\conduitcommon
Successfully deleted the following from C:\Users\user\AppData\Roaming\mozilla\firefox\profiles\hludjtbw.default\prefs.js

user_pref("CT2966884..clientLogIsEnabled", false);
user_pref("CT2966884..clientLogServiceUrl", "http://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
user_pref("CT2966884..uninstallLogServiceUrl", "http://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
user_pref("CT2966884.AboutPrivacyUrl", "http://www.conduit.com/privacy/Default.aspx");
user_pref("CT2966884.CTID", "CT2966884");
user_pref("CT2966884.CurrentServerDate", "25-8-2011");
user_pref("CT2966884.DialogsAlignMode", "LTR");
user_pref("CT2966884.DialogsGetterLastCheckTime", "Wed Aug 24 2011 20:33:26 GMT-0400 (Eastern Daylight Time)");
user_pref("CT2966884.DownloadReferralCookieData", "");
user_pref("CT2966884.FirstServerDate", "25-8-2011");
user_pref("CT2966884.FirstTime", true);
user_pref("CT2966884.FirstTimeFF3", true);
user_pref("CT2966884.FixPageNotFoundErrors", true);
user_pref("CT2966884.GroupingServerCheckInterval", 1440);
user_pref("CT2966884.GroupingServiceUrl", "http://grouping.services.conduit.com/");
user_pref("CT2966884.HasUserGlobalKeys", true);
user_pref("CT2966884.Initialize", true);
user_pref("CT2966884.InitializeCommonPrefs", true);
user_pref("CT2966884.InstallationAndCookieDataSentCount", 1);
user_pref("CT2966884.InstallationType", "UnknownIntegration");
user_pref("CT2966884.InstalledDate", "Wed Aug 24 2011 20:33:25 GMT-0400 (Eastern Daylight Time)");
user_pref("CT2966884.InvalidateCache", false);
user_pref("CT2966884.IsGrouping", false);
user_pref("CT2966884.IsInitSetupIni", true);
user_pref("CT2966884.IsMulticommunity", false);
user_pref("CT2966884.IsOpenThankYouPage", false);
user_pref("CT2966884.IsOpenUninstallPage", true);
user_pref("CT2966884.LanguagePackLastCheckTime", "Wed Aug 24 2011 20:33:27 GMT-0400 (Eastern Daylight Time)");
user_pref("CT2966884.LanguagePackReloadIntervalMM", 1440);
user_pref("CT2966884.LanguagePackServiceUrl", "http://translation.users.conduit.com/Translation.ashx");
user_pref("CT2966884.LastLogin_3.6.0.10", "Wed Aug 24 2011 20:33:25 GMT-0400 (Eastern Daylight Time)");
user_pref("CT2966884.LatestVersion", "3.6.0.10");
user_pref("CT2966884.Locale", "en");
user_pref("CT2966884.MCDetectTooltipHeight", "83");
user_pref("CT2966884.MCDetectTooltipUrl", "http://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
user_pref("CT2966884.MCDetectTooltipWidth", "295");
user_pref("CT2966884.MyStuffEnabledAtInstallation", true);
user_pref("CT2966884.OriginalFirstVersion", "3.6.0.10");
user_pref("CT2966884.RadioLastCheckTime", "Wed Aug 24 2011 20:33:28 GMT-0400 (Eastern Daylight Time)");
user_pref("CT2966884.RadioLastUpdateIPServer", "3");
user_pref("CT2966884.RadioLastUpdateServer", "129446697138670000");
user_pref("CT2966884.RadioShrinkedFromSetup", false);
user_pref("CT2966884.SavedHomepage", "msn.com");
user_pref("CT2966884.SearchFromAddressBarIsInit", true);
user_pref("CT2966884.SearchFromAddressBarUrl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2966884&SearchSource=2&q=");
user_pref("CT2966884.SearchInNewTabEnabled", true);
user_pref("CT2966884.SearchInNewTabIntervalMM", 1440);
user_pref("CT2966884.SearchInNewTabLastCheckTime", "Wed Aug 24 2011 20:33:26 GMT-0400 (Eastern Daylight Time)");
user_pref("CT2966884.SearchInNewTabServiceUrl", "http://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID");
user_pref("CT2966884.SearchInNewTabUsageUrl", "http://Usage.Hosting.conduit-services.com/UsageService.asmx/UsersRequests?ctid=EB_TOOLBAR_ID");
user_pref("CT2966884.ServiceMapLastCheckTime", "Wed Aug 24 2011 20:33:24 GMT-0400 (Eastern Daylight Time)");
user_pref("CT2966884.SettingsLastCheckTime", "Wed Aug 24 2011 20:33:24 GMT-0400 (Eastern Daylight Time)");
user_pref("CT2966884.SettingsLastUpdate", "1313595579");
user_pref("CT2966884.ThirdPartyComponentsInterval", 504);
user_pref("CT2966884.ThirdPartyComponentsLastCheck", "Wed Aug 24 2011 20:33:24 GMT-0400 (Eastern Daylight Time)");
user_pref("CT2966884.ThirdPartyComponentsLastUpdate", "1312887586");
user_pref("CT2966884.ToolbarShrinkedFromSetup", false);
user_pref("CT2966884.TrusteLinkUrl", "http://trust.conduit.com/CT2966884");
user_pref("CT2966884.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,client.conduit-storage.com,OurToolbar.com,CommunityToolbars.com,ForumToolbar.com
user_pref("CT2966884.UserID", "UN05765672187978588");
user_pref("CT2966884.WeatherNetwork", "");
user_pref("CT2966884.WeatherPollDate", "Wed Aug 24 2011 20:33:27 GMT-0400 (Eastern Daylight Time)");
user_pref("CT2966884.WeatherUnit", "C");
user_pref("CT2966884.alertChannelId", "1358609");
user_pref("CT2966884.backendstorage.did", "3130353435");
user_pref("CT2966884.backendstorage.installerproductid", "3230");
user_pref("CT2966884.backendstorage.productid", "3137");
user_pref("CT2966884.backendstorage.toolbarid", "435432393636383834");
user_pref("CT2966884.backendstorage.upn2", "3932353431333931323138303238343132");
user_pref("CT2966884.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.conduit.com;apps.conduit.com;services.apps.conduit.com\",\"AppsDetectionUrlP
user_pref("CT2966884.globalFirstTimeInfoLastCheckTime", "Wed Aug 24 2011 20:33:26 GMT-0400 (Eastern Daylight Time)");
user_pref("CT2966884.homepageProtectorEnableByLogin", true);
user_pref("CT2966884.initDone", true);
user_pref("CT2966884.isAppTrackingManagerOn", true);
user_pref("CT2966884.isFirstRadioInstallation", false);
user_pref("CT2966884.myStuffEnabled", true);
user_pref("CT2966884.myStuffPublihserMinWidth", 400);
user_pref("CT2966884.myStuffSearchUrl", "http://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
user_pref("CT2966884.myStuffServiceIntervalMM", 1440);
user_pref("CT2966884.myStuffServiceUrl", "http://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
user_pref("CT2966884.searchProtectorDialogDelayInSec", 10);
user_pref("CT2966884.searchProtectorEnableByLogin", true);
user_pref("CT2966884.testingCtid", "");
user_pref("CT2966884.toolbarAppMetaDataLastCheckTime", "Wed Aug 24 2011 20:33:26 GMT-0400 (Eastern Daylight Time)");
user_pref("CT2966884.toolbarContextMenuLastCheckTime", "Wed Aug 24 2011 20:33:27 GMT-0400 (Eastern Daylight Time)");
user_pref("CommunityToolbar.ConduitHomepagesList", "http://search.conduit.com/?ctid=CT2966884&SearchSource=13");
user_pref("CommunityToolbar.ConduitSearchList", "PhotoJoy Bar Customized Web Search");
user_pref("CommunityToolbar.ETag.http://alerts.conduit-services.com/root/1358609/1354269/CA", "\"0\"");
user_pref("CommunityToolbar.ETag.http://appsmetadata.toolbar.conduit-services.com/?ctid=CT2966884", "\"1300196052\"");
user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=en", "wVmmvqqOMqrv5xct1cJIHg==");
user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=en", "0uSPYx+Kl2jpu8sJZMeHjw==");
user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=en", "Dclc8oo4TTv7+mAkSlUSWg==");
user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=en", "K4Vqu91uAzWURlxJRdXJOg==");
user_pref("CommunityToolbar.ETag.http://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\"07879643d3acc1:10e4\"");
user_pref("CommunityToolbar.ETag.http://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.6.0.10", "\"80ee9485875dcc1:10e4\"");
user_pref("CommunityToolbar.ETag.http://servicemap.conduit-services.com/Toolbar/?ownerId=CT2966884", "\"634485749189530000\"");
user_pref("CommunityToolbar.ETag.http://settings.toolbar.conduit-services.com/?ctid=CT2966884&octid=CT2966884", "\"1313595579\"");
user_pref("CommunityToolbar.ETag.http://storage.conduit.com/BankImages/RadioSkins/Midnight/equalizer_dead.gif", "\"03e383867bc91:0\"");
user_pref("CommunityToolbar.ETag.http://storage.conduit.com/BankImages/RadioSkins/Midnight/minimize.gif", "\"0e685fa27bc91:0\"");
user_pref("CommunityToolbar.ETag.http://storage.conduit.com/BankImages/RadioSkins/Midnight/play.gif", "\"02faea337c7c91:0\"");
user_pref("CommunityToolbar.ETag.http://storage.conduit.com/BankImages/RadioSkins/Midnight/stop.gif", "\"03a54d7f47ac91:0\"");
user_pref("CommunityToolbar.ETag.http://storage.conduit.com/BankImages/RadioSkins/Midnight/vol.gif", "\"049b47644c7c91:0\"");
user_pref("CommunityToolbar.ETag.http://translation.toolbar.conduit-services.com/?locale=en", "\"634492029952000000\"");
user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\user\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\hludjtbw.default\\conduitCommon\\modules\\3.6.0.10");
user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.6.0.10");
user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "");
user_pref("CommunityToolbar.ToolbarsList", "CT2966884");
user_pref("CommunityToolbar.ToolbarsList2", "CT2966884");
user_pref("CommunityToolbar.ToolbarsList4", "CT2966884");
user_pref("CommunityToolbar.globalUserId", "dbac566e-bc1b-491d-8237-11df040350f9");
user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2966884");
user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Wed Aug 24 2011 20:33:28 GMT-0400 (Eastern Daylight Time)");
user_pref("CommunityToolbar.notifications.alertInfoInterval", 60);
user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Wed Aug 24 2011 20:33:37 GMT-0400 (Eastern Daylight Time)");
user_pref("CommunityToolbar.notifications.clientsServerUrl", "http://alert.client.conduit.com");
user_pref("CommunityToolbar.notifications.locale", "en");
user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Wed Aug 24 2011 20:33:26 GMT-0400 (Eastern Daylight Time)");
user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
user_pref("CommunityToolbar.notifications.servicesServerUrl", "http://alert.services.conduit.com");
user_pref("CommunityToolbar.notifications.showTrayIcon", false);
user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
user_pref("CommunityToolbar.notifications.userId", "47471d61-211a-4216-bdc5-0720481b266b");
user_pref("browser.search.defaultthis.engineName", "PhotoJoy Bar Customized Web Search");
user_pref("browser.search.defaulturl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2966884&SearchSource=3&q={searchTerms}");
user_pref("keyword.URL", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2966884&SearchSource=2&q=");
Emptied folder: C:\Users\user\AppData\Roaming\mozilla\firefox\profiles\hludjtbw.default\minidumps [205 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sat 01/12/2013 at 0:06:41.93
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


RKILL Log:

Rkill 2.4.5 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 01/12/2013 12:08:25 AM in x86 mode.
Windows Version: Windows 7 Ultimate Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\Windows\system32\libusbd-nt.exe (PID: 344) [WD-HEUR]

1 proccess terminated!

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 localhost
::1 localhost

Program finished at: 01/12/2013 12:08:41 AM
Execution time: 0 hours(s), 0 minute(s), and 16 seconds(s)


Autoruns:

"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files\common files\adobe\arm\1.0\adobearm.exe"
+ "APSDaemon" "Apple Push" "Apple Inc." "c:\program files\common files\apple\apple application support\apsdaemon.exe"
+ "ArcSoft Connection Service" "ArcSoft Connect Daemon" "ArcSoft Inc." "c:\program files\common files\arcsoft\connection service\bin\acdaemon.exe"
+ "BCSSync" "Microsoft Office 2010 component" "Microsoft Corporation" "c:\program files\microsoft office\office14\bcssync.exe"
+ "BDRegion" "brs" "cyberlink" "c:\program files\cyberlink\shared files\brs.exe"
+ "DeathAdder" "razerhid MFC Application" "" "c:\program files\razer\deathadder\razerhid.exe"
+ "EEventManager" "EEventManager MFC Application" "SEIKO EPSON CORPORATION" "c:\program files\epson software\event manager\eeventmanager.exe"
+ "Flashget" "FlashGet" "FlashGet.com" "j:\program files\flashget\flashget.exe"
+ "iTunesHelper" "iTunesHelper" "Apple Inc." "j:\program files\itunes\ituneshelper.exe"
+ "MSC" "Microsoft Security Client User Interface" "Microsoft Corporation" "c:\program files\microsoft security client\msseces.exe"
+ "OEM05Mon.exe" "Live! Cam Console Auto Launcher" "Creative Technology Ltd." "c:\windows\oem05mon.exe"
+ "QuickTime Task" "QuickTime Task" "Apple Inc." "c:\program files\quicktime\qttask.exe"
+ "Razer Synapse" "Razer Synapse" "Razer USA Ltd" "c:\program files\razer\synapse\rzsynapse.exe"
+ "RemoteControl10" "PowerDVD RC Service" "CyberLink Corp." "c:\program files\cyberlink\powerdvd10\pdvd10serv.exe"
+ "SigmatelSysTrayApp" "Sigmatel Audio system tray application" "SigmaTel, Inc." "c:\program files\sigmatel\c-major audio\wdm\sttray.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Google Chrome" "Google Chrome" "Google Inc." "c:\program files\google\chrome\application\24.0.1312.52\installer\setup.exe"
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "DAEMON Tools Pro Agent" "DAEMON Tools Pro Agent" "DT Soft Ltd" "j:\program files\daemon tools\daemon tools pro\dtagent.exe"
+ "EPSON Artisan 800 Series" "EPSON Status Monitor 3" "SEIKO EPSON CORPORATION" "c:\windows\system32\spool\drivers\w32x86\3\e_fatiema.exe"
+ "msnmsgr" "Windows Live Messenger" "Microsoft Corporation" "c:\program files\windows live\messenger\msnmsgr.exe"
+ "Octoshape Streaming Services" "Main program for Octoshape client" "Octoshape ApS" "c:\users\user\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe"
+ "Policies" "" "" "File not found: C:\Users\user\AppData\Roaming\870CB4.exe"
+ "Sidebar" "Windows Desktop Gadgets" "Microsoft Corporation" "c:\program files\windows sidebar\sidebar.exe"
+ "Steam" "Steam" "Valve Corporation" "j:\program files\steam\steam.exe"
+ "uTorrent" "µTorrent" "BitTorrent, Inc." "c:\program files\utorrent\utorrent.exe"
+ "Xvid" "" "" "File not found: J:\Program Files\CheckUpdate.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office14\msoxmlmf.dll"
"HKLM\SOFTWARE\Classes\Protocols\Handler" "" "" ""
+ "livecall" "Windows Live Messenger Protocol Handler Module" "Microsoft Corporation" "c:\program files\windows live\messenger\msgrapp.dll"
+ "ms-help" "Microsoft® Help Data Services Module" "Microsoft Corporation" "c:\program files\common files\microsoft shared\help\hxds.dll"
+ "msnim" "Windows Live Messenger Protocol Handler Module" "Microsoft Corporation" "c:\program files\windows live\messenger\msgrapp.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks" "" "" ""
+ "Groove GFS Stub Execution Hook" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKCU\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "DropboxExt" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\user\appdata\roaming\dropbox\bin\dropboxext.14.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll"
+ "WinRAR" "" "" "j:\program files\winrar\rarext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\*\ShellEx\PropertySheetHandlers" "" "" ""
+ "SKTimeStamp" "file/directory time stamp changer" "tools.tortoisesvn.net" "c:\program files\sktimestamp\sktimestamp.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "j:\program files\malwarebytes' anti-malware\mbamext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKCU\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "DropboxExt" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\user\appdata\roaming\dropbox\bin\dropboxext.14.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll"
+ "WinRAR" "" "" "j:\program files\winrar\rarext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "WinRAR" "" "" "j:\program files\winrar\rarext.dll"
"HKLM\Software\Classes\Directory\Shellex\PropertySheetHandlers" "" "" ""
+ "SKTimeStamp" "file/directory time stamp changer" "tools.tortoisesvn.net" "c:\program files\sktimestamp\sktimestamp.dll"
"HKLM\Software\Classes\Directory\Shellex\CopyHookHandlers" "" "" ""
+ "FileZilla3CopyHook" "fzshellext Dynamic Link Library" "" "j:\program files\filezilla\filezilla ftp client\fzshellext.dll"
"HKCU\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "DropboxExt" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\user\appdata\roaming\dropbox\bin\dropboxext.14.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
+ "NvCplDesktopContext" "NVIDIA Display Shell Extension" "NVIDIA Corporation" "c:\windows\system32\nvshext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "j:\program files\malwarebytes' anti-malware\mbamext.dll"
+ "WinRAR" "" "" "j:\program files\winrar\rarext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "WinRAR" "" "" "j:\program files\winrar\rarext.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "DropboxExt1" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\user\appdata\roaming\dropbox\bin\dropboxext.14.dll"
+ "DropboxExt2" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\user\appdata\roaming\dropbox\bin\dropboxext.14.dll"
+ "DropboxExt3" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\user\appdata\roaming\dropbox\bin\dropboxext.14.dll"
+ "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2 (GFS Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 3 (GFS Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "FGCatchUrl" "Flashget CatchUrl Module" "www.flashget.com" "j:\program files\flashget\jccatch.dll"
+ "FlashGet GetFlash Class" "Flashget GetFlash Module" "www.flashget.com" "j:\program files\flashget\getflash.dll"
+ "Groove GFS Browser Helper" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files\java\jre7\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files\java\jre7\bin\ssv.dll"
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files\microsoft office\office14\urlredir.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "FlashGet" "FlashGet" "FlashGet.com" "j:\program files\flashget\flashget.exe"
+ "OneNote Lin&ked Notes" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office14\onbttnielinkednotes.dll"
+ "Se&nd to OneNote" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office14\onbttnie.dll"
"Task Scheduler" "" "" ""
+ "\Apple\AppleSoftwareUpdate" "Apple Software Update" "Apple Inc." "c:\program files\apple software update\softwareupdate.exe"
+ "\CCleanerSkipUAC" "CCleaner" "Piriform Ltd" "c:\program files\ccleaner\ccleaner.exe"
+ "\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\microsoft security client\mpcmdrun.exe"
+ "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task" "Windows Live Social Object Extractor Engine" "Microsoft Corporation" "c:\program files\windows live\soxe\wlsoxe.dll"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
+ "\Microsoft\Windows\Wired\GatherWiredInfo" "" "" "File not found: C:\Windows\system32\gatherWiredInfo.vbs"
+ "\Microsoft\Windows\Wireless\GatherWirelessInfo" "" "" "File not found: C:\Windows\system32\gatherWirelessInfo.vbs"
+ "\{CACDEBF4-1566-4BB9-BA64-A457875EB154}" "Firefox" "Mozilla Corporation" "c:\program files\mozilla firefox\firefox.exe"
+ "\{DC8352D5-4052-4825-A0BF-C9D3DCF00AFD}" "" "" "File not found: I:\Games\Dirt 3\Dirt.3-SKIDROW\dirt3.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "ACDaemon" "ArcSoft Connect Service" "ArcSoft Inc." "c:\program files\common files\arcsoft\connection service\bin\acservice.exe"
+ "AdobeARMservice" "Adobe Acrobat Updater keeps your Adobe software up to date." "Adobe Systems Incorporated" "c:\program files\common files\adobe\arm\1.0\armsvc.exe"
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "Bonjour Service" "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence." "Apple Inc." "c:\program files\bonjour\mdnsresponder.exe"
+ "CGVPNCliSrvc" "CyberGhost VPN Client Service" "mobile concepts GmbH" "c:\program files\cyberghost vpn\cgvpncliservice.exe"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "iPod Service" "iPod hardware management services" "Apple Inc." "c:\program files\ipod\bin\ipodservice.exe"
+ "libusbd" "LibUsb-Win32 - Generic USB Library" "http://libusb-win32.sourceforge.net" "c:\windows\system32\libusbd-nt.exe"
+ "MBAMScheduler" "Malwarebytes Anti-Malware scheduler" "Malwarebytes Corporation" "j:\program files\malwarebytes' anti-malware\mbamscheduler.exe"
+ "MBAMService" "Malwarebytes Anti-Malware service" "Malwarebytes Corporation" "j:\program files\malwarebytes' anti-malware\mbamservice.exe"
+ "Microsoft SharePoint Workspace Audit Service" "Microsoft SharePoint Workspace" "Microsoft Corporation" "c:\program files\microsoft office\office14\groove.exe"
+ "MozillaMaintenance" "The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled." "Mozilla Foundation" "c:\program files\mozilla maintenance service\maintenanceservice.exe"
+ "MsMpSvc" "Helps protect users from malware and other potentially unwanted software" "Microsoft Corporation" "c:\program files\microsoft security client\msmpeng.exe"
+ "NisSrv" "Helps guard against intrusion attempts targeting known and newly discovered vulnerabilities in network protocols" "Microsoft Corporation" "c:\program files\microsoft security client\nissrv.exe"
+ "nTuneService" "Service to allow a remote administrator to access this machine for gathering information, and performing performance updates" "NVIDIA" "c:\program files\nvidia corporation\ntune\ntuneservice.exe"
+ "nvsvc" "Provides system and desktop level support to the NVIDIA display driver" "NVIDIA Corporation" "c:\windows\system32\nvvsvc.exe"
+ "nvUpdatusService" "NVIDIA Settings Update Manager service, used to check new updates from NVIDIA server." "NVIDIA Corporation" "c:\program files\nvidia corporation\nvidia update core\daemonu.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files\common files\microsoft shared\source engine\ose.exe"
+ "osppsvc" "Office Software Protection Platform Service (unlocalized description)" "Microsoft Corporation" "c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe"
+ "PnkBstrA" "PunkBuster Service Component [v1036] http://www.evenbalance.com" "" "c:\windows\system32\pnkbstra.exe"
+ "RichVideo" "RichVideo Module" "" "c:\program files\cyberlink\shared files\richvideo.exe"
+ "STacSV" "Manages SigmaTel Audio Universal Jack configurations." "SigmaTel, Inc." "c:\windows\system32\stacsv.exe"
+ "Steam Client Service" "Steam Client Service monitors and updates Steam content" "Valve Corporation" "c:\program files\common files\steam\steamservice.exe"
+ "Stereo Service" "Provides system support for NVIDIA Stereoscopic 3D driver" "NVIDIA Corporation" "c:\program files\nvidia corporation\3d vision\nvscpapisvr.exe"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "wlidsvc" "Enables Windows Live ID authentication." "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
+ "WPFFontCache_v0400" "@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-101" "" "File not found: C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aic78xx" "Adaptec Ultra SCSI miniport" "Adaptec, Inc." "c:\windows\system32\drivers\djsvs.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows family" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbdx.sys"
+ "b57nd60x" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60x.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "dtsoftbus01" "DAEMON Tools Virtual Bus Driver" "DT Soft Ltd" "c:\windows\system32\drivers\dtsoftbus01.sys"
+ "e1express" "Intel® PRO/1000 Adapter NDIS 6 deserialized driver" "Intel Corporation" "c:\windows\system32\drivers\e1e6232.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbdx.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - ia32" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "KLIM6" "Kaspersky Anti-Virus NDIS 6 Filter" "Kaspersky Lab ZAO" "c:\windows\system32\drivers\klim6.sys"
+ "libusb0" "" "" "c:\windows\system32\drivers\libusb0.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "MBAMProtector" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\windows\system32\drivers\mbam.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7 for x86" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "MotioninJoyXFilter" "MotioninJoy DS3 driver" "MotioninJoy" "c:\windows\system32\drivers\mijxfilt.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "NVHDA" "NVIDIA HDMI Audio Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvhda32v.sys"
+ "nvlddmkm" "NVIDIA Windows Kernel Mode Driver, Version 310.70 " "NVIDIA Corporation" "c:\windows\system32\drivers\nvlddmkm.sys"
+ "nvoclock" "NVIDIA System Utility Driver" "NVIDIA Corp." "c:\windows\system32\drivers\nvoclock.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "OEM05Afx" "Advanced Audio FX Driver" "Creative Technology Ltd." "c:\windows\system32\drivers\oem05afx.sys"
+ "OEM05Vfx" "Provides a software interface to control video effects of Monitor Webcam (SP2208WFP)." "EyePower Games Pte. Ltd." "c:\windows\system32\drivers\oem05vfx.sys"
+ "OEM05Vid" "Provides a software interface to control Monitor Webcam (SP2208WFP)." "Creative Technology Ltd." "c:\windows\system32\drivers\oem05vid.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "rzdaendpt" "Razer RzEndPt" "Razer USA Ltd" "c:\windows\system32\drivers\rzdaendpt.sys"
+ "rzudd" "Razer Rzudd Engine" "Razer USA Ltd" "c:\windows\system32\drivers\rzudd.sys"
+ "rzvkeyboard" "Razer Keyboard Device" "Razer USA Ltd" "c:\windows\system32\drivers\rzvkeyboard.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "STHDA" "NDRC" "SigmaTel, Inc." "c:\windows\system32\drivers\stwrt.sys"
+ "Synth3dVsc" "" "" "File not found: System32\drivers\synth3dvsc.sys"
+ "tap0901" "TAP-Win32 Virtual Network Driver" "The OpenVPN Project" "c:\windows\system32\drivers\tap0901.sys"
+ "tsusbhub" "@%SystemRoot%\system32\drivers\tsusbhub.sys,-2" "" "File not found: system32\drivers\tsusbhub.sys"
+ "USBAAPL" "Apple Mobile Device USB Driver" "Apple, Inc." "c:\windows\system32\drivers\usbaapl.sys"
+ "VGPU" "" "" "File not found: System32\drivers\rdvgkmd.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "VKbms" "HID mini driver for USB Fx2 Device" "Windows ® Win 7 DDK provider" "c:\windows\system32\drivers\vkbms.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
+ "VST_DPV" "HSF_DP driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\vstdpv3.sys"
+ "VSTHWBS2" "HSF_HWB2 WDM driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\vstbs23.sys"
+ "winachsf" "HSF_CNXT driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\vstcnxt3.sys"
+ "{1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}" "" "CyberLink Corp." "c:\program files\cyberlink\powerdvd10\navfilter\000.fcl"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Audio Layer-3 Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codecp.acm"
+ "msacm.l3codecp" "MPEG Audio Layer-3 Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codecp.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\system32\iccvid.dll"
+ "VIDC.FPS1" "Fraps" "Beepa P/L" "c:\windows\system32\frapsvid.dll"
+ "vidc.XVID" "" "" "c:\windows\system32\xvidvfw.dll"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "AVS Video Out" "AVSVideoOutFilter DirectShow Filter" "Online Media Technologies Ltd" "c:\program files\common files\avsmedia\activex\avsvideooutfilter3.ax"
+ "CyberLink Audio Decoder (PDVD10)" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd10\audiofilter\claud.ax"
+ "CyberLink Audio Decoder(PDVD10 UPnP)" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd10\upnp\claud.ax"
+ "CyberLink Audio Effect (PDVD10)" "CyberLink Audio Effect Filter" "CyberLink Corporation" "c:\program files\cyberlink\powerdvd10\audiofilter\claudfx.ax"
+ "CyberLink Audio Spectrum Analyzer(PDVD10 UPnP)" "CLAudSpa.ax" "CyberLink Corp." "c:\program files\cyberlink\powerdvd10\upnp\claudspa.ax"
+ "CyberLink Audio Wizard" "CyberLink Audio Wizard Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd10\audiofilter\claudwizard.ax"
+ "CyberLink AudioCD Filter (PDVD10)" "CyberLink AudioCD Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd10\audiofilter\claudiocd.ax"
+ "CyberLink AVCHD Navigator" "CLBDROMNav" "cyberlink" "c:\program files\cyberlink\powerdvd10\navfilter\clavchdnav.ax"
+ "CyberLink Demultiplexer(PDVD10 UPnP)" "MPEG-2 Dempltiplexer" "CyberLink Corp." "c:\program files\cyberlink\powerdvd10\upnp\cldemuxer.ax"
+ "Cyberlink Demuxer 2.0" "CLDemuxer2" "Cyberlink" "c:\program files\cyberlink\powerdvd10\navfilter\cldemuxer2.ax"
+ "CyberLink Digest Filter (PDVD10)" "DigestFilter Dynamic Link Library" "" "c:\program files\cyberlink\powerdvd10\digestfilter.dll"
+ "CyberLink DVD Navigator (PDVD10)" "CyberLink DVD Navigation Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd10\navfilter\clnavx.ax"
+ "CyberLink FLV Splitter(PDVD10)" "CyberLink FLV Splitter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd10\navfilter\clflvsplitter.ax"
+ "CyberLink HAM Decoder" "CyberLink 264 Decoder Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd10\videofilter\clcvd.ax"
+ "CyberLink HD/BD Mixer (PDVD10)" "CLHBMixer" " " "c:\program files\cyberlink\powerdvd10\audiofilter\clhbmixer.ax"
+ "CyberLink Line21 Decoder (PDVD10)" "CyberLink Line21 Decoder Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd10\videofilter\clline21.ax"
+ "CyberLink Matroska Splitter(PDVD10)" "CyberLink Matroska Splitter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd10\navfilter\clmkvsplter.ax"
+ "CyberLink MPEG Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd10\upnp\clsplter.ax"
+ "CyberLink MPEG Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd10\navfilter\clsplter.ax"
+ "CyberLink MPEG-4 Splitter (PDVD10)" "CyberLink MPEG-4 Splitter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd10\navfilter\clm4splt.ax"
+ "CyberLink Push-Mode CLStream(PDVD10)" "CLStream" "CyberLink" "c:\program files\cyberlink\powerdvd10\upnp\clstream(pushmode).ax"
+ "CyberLink RealAudio Decoder(PDVD10)" "CyberLink RealMedia Audio Decoder" "CyberLink Corp." "c:\program files\cyberlink\powerdvd10\audiofilter\clrmaud.ax"
+ "CyberLink RealMedia Splitter(PDVD10)" "CyberLink RealMedia Splitter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd10\navfilter\clrmsplitter.ax"
+ "CyberLink RealVideo Decoder(PDVD10)" "CyberLink RealMedia Video Decoder" "CyberLink Corp." "c:\program files\cyberlink\powerdvd10\videofilter\clrmvd.ax"
+ "CyberLink Streamming Filter(PDVD10)" "Cyberlink Streaming Source Filter(Scramble)" "CyberLink Corp." "c:\program files\cyberlink\powerdvd10\upnp\clstream.ax"
+ "Cyberlink SubTitle Importor (PDVD10)" "CLSubTitle.ax" "CyberLink Corp." "c:\program files\cyberlink\powerdvd10\videofilter\clsubtitle.ax"
+ "Cyberlink SubTitle Importor 2.0 (PDVD10)" "CLSubTitle.ax" "CyberLink Corp." "c:\program files\cyberlink\powerdvd10\videofilter\clsubtitle.ax"
+ "CyberLink TimeStretch Filter (PDVD10)" "CLAuTS.ax" "CyberLink Corp." "c:\program files\cyberlink\powerdvd10\audiofilter\clauts.ax"
+ "CyberLink Tzan Filter (PDVD10)" "Cyberlink Tzan Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd10\videofilter\cltzan.ax"
+ "CyberLink Video Decoder (PDVD10)" "CyberLink 264 Decoder Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd10\videofilter\clcvd.ax"
+ "CyberLink Video/SP Decoder (PDVD10)" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd10\videofilter\clvsd.ax"
+ "CyberLink Video/SP Decoder(PDVD10 UPnP)" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd10\upnp\clvsd.ax"
+ "CyberLink WMV/WMA Demux(PDVD10)" "WMV/WMA Demux" "CyberLink" "c:\program files\cyberlink\powerdvd10\upnp\clwmfdemux.ax"
+ "Key Frame Manager" "Key Frame Manager DS Filter" "Solveig Multimedia" "c:\program files\common files\solveig multimedia\smm_kfrmanager.ax"
+ "SMM Media Jointer" "Media Joiner Filter" "Solveig Multimedia" "c:\program files\common files\solveig multimedia\smm_mediajointer.ax"
+ "SolveigMM Audio Mixer" "Audio Mixing DirectShow filter" "Solveig Multimedia" "j:\program files\hypercam\smm_audiomixer.ax"
+ "SolveigMM File Writer" "SolveigMM File Writer" "Solveig Multimedia" "c:\program files\common files\solveig multimedia\smm_filewriter.ax"
+ "SolveigMM PushSource Desktop Filter" "SMM_ScrCapture.ax" "Solveig Multimedia" "j:\program files\hypercam\smm_scrcapture.ax"
+ "SolveigMM Trimmer Filter" "Trimmer DS Filter" "Solveig Multimedia" "c:\program files\common files\solveig multimedia\smm_trimmer.ax"
+ "Xvid MPEG-4 Video Decoder" "" "" "c:\windows\system32\xvid.ax"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "EPSON Artisan 800 Series 32MonitorBA" "EPSON Bi-directional Monitor x86" "SEIKO EPSON CORPORATION" "c:\windows\system32\e_flbema.dll"
+ "Epson Inbox Language Monitor01" "Epson Printer Driver" "SEIKO EPSON CORPORATION" "c:\windows\system32\ep0slm01.dll"
"C:\Users\user\AppData\Local\Microsoft\Windows Sidebar\Settings.ini" "" "" ""
+ "Feed Headlines" "Track the latest news, sports, and entertainment headlines." "Microsoft Corporation" "C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\Gadget.xml"
+ "Weather" "See what the weather looks like around the world." "Microsoft Corporation" "C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\Gadget.xml"



#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:30 AM

Posted 12 January 2013 - 01:56 PM

Any more issues.Logs looks clean

#7 CloseToHome

CloseToHome
  • Topic Starter

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Local time:12:30 AM

Posted 12 January 2013 - 08:56 PM

thanks naren!

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:30 AM

Posted 12 January 2013 - 09:09 PM

Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

XP- http://support.microsoft.com/kb/310405

Vista & windows 7- http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users