Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I E problems after scareware removal


  • Please log in to reply
9 replies to this topic

#1 Mike_K

Mike_K

  • Members
  • 125 posts
  • OFFLINE
  •  
  • Location:SE Pa
  • Local time:12:11 PM

Posted 14 January 2013 - 12:07 PM

Hi All.

Last week my wife opened an e-mail and the computer was hit with one of those scareware programs - "You are infected. Buy this to fix problem". I don't remember exactly which one.

I ran MBAM in safe mode which removed the threat but it returned as soon as I restarted. So next I ran Rkill in safe mode first and then MBAM. This got rid of the scareware but now I keep getting a pop up that "Internet Explorer has stopped working". It must restart right away because I close the pop up and everything seems fine but I keep getting the pop up.

Also I can no longer start Windows Defender. It says Application failed to initialize:0x800106ba. A problem caused this program's service to stop.

So, am I still infected or is there something else going on.

Mike
HP a6009n, windows vista home premium SP2, AMD 64X2 dual core processor 3800+, 2.00GHz, 3G ram, 32 bit operating system, AOL

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:11 PM

Posted 14 January 2013 - 01:13 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 Mike_K

Mike_K
  • Topic Starter

  • Members
  • 125 posts
  • OFFLINE
  •  
  • Location:SE Pa
  • Local time:12:11 PM

Posted 15 January 2013 - 03:10 AM

Hi

I followed your instructions. Here are the logs

14:04:07.0540 4376 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
14:04:07.0899 4376 ============================================================
14:04:07.0899 4376 Current date / time: 2013/01/14 14:04:07.0899
14:04:07.0899 4376 SystemInfo:
14:04:07.0899 4376
14:04:07.0899 4376 OS Version: 6.0.6002 ServicePack: 2.0
14:04:07.0899 4376 Product type: Workstation
14:04:07.0899 4376 ComputerName: DAD-PC
14:04:07.0899 4376 UserName: Dad
14:04:07.0899 4376 Windows directory: C:\Windows
14:04:07.0899 4376 System windows directory: C:\Windows
14:04:07.0899 4376 Processor architecture: Intel x86
14:04:07.0899 4376 Number of processors: 2
14:04:07.0899 4376 Page size: 0x1000
14:04:07.0899 4376 Boot type: Normal boot
14:04:07.0899 4376 ============================================================
14:04:08.0850 4376 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x7E2D, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000050
14:04:08.0882 4376 ============================================================
14:04:08.0882 4376 \Device\Harddisk0\DR0:
14:04:08.0882 4376 MBR partitions:
14:04:08.0882 4376 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1C26C711
14:04:08.0882 4376 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1C26C750, BlocksNum 0xF57A80
14:04:08.0882 4376 ============================================================
14:04:08.0913 4376 C: <-> \Device\Harddisk0\DR0\Partition1
14:04:08.0960 4376 D: <-> \Device\Harddisk0\DR0\Partition2
14:04:08.0960 4376 ============================================================
14:04:08.0960 4376 Initialize success
14:04:08.0960 4376 ============================================================
14:04:26.0400 3628 ============================================================
14:04:26.0400 3628 Scan started
14:04:26.0400 3628 Mode: Manual; TDLFS;
14:04:26.0400 3628 ============================================================
14:04:27.0212 3628 ================ Scan system memory ========================
14:04:27.0212 3628 System memory - ok
14:04:27.0212 3628 ================ Scan services =============================
14:04:27.0290 3628 [ C0393EB99A6C72C6BEF9BFC4A72B33A6 ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
14:04:27.0290 3628 !SASCORE - ok
14:04:27.0430 3628 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
14:04:27.0430 3628 ACPI - ok
14:04:27.0508 3628 [ 3FD8DC2C9735C2AA70155102CFB93EDA ] AdobeActiveFileMonitor7.0 C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
14:04:27.0508 3628 AdobeActiveFileMonitor7.0 - ok
14:04:27.0570 3628 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
14:04:27.0570 3628 AdobeFlashPlayerUpdateSvc - ok
14:04:27.0617 3628 [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
14:04:27.0633 3628 adp94xx - ok
14:04:27.0664 3628 [ B84088CA3CDCA97DA44A984C6CE1CCAD ] adpahci C:\Windows\system32\drivers\adpahci.sys
14:04:27.0664 3628 adpahci - ok
14:04:27.0695 3628 [ 7880C67BCCC27C86FD05AA2AFB5EA469 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
14:04:27.0695 3628 adpu160m - ok
14:04:27.0726 3628 [ 9AE713F8E30EFC2ABCCD84904333DF4D ] adpu320 C:\Windows\system32\drivers\adpu320.sys
14:04:27.0726 3628 adpu320 - ok
14:04:27.0773 3628 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
14:04:27.0773 3628 AeLookupSvc - ok
14:04:27.0804 3628 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
14:04:27.0820 3628 AFD - ok
14:04:27.0867 3628 [ EF23439CDD587F64C2C1B8825CEAD7D8 ] agp440 C:\Windows\system32\drivers\agp440.sys
14:04:27.0867 3628 agp440 - ok
14:04:27.0914 3628 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
14:04:27.0914 3628 aic78xx - ok
14:04:27.0945 3628 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
14:04:27.0945 3628 ALG - ok
14:04:27.0960 3628 [ 90395B64600EBB4552E26E178C94B2E4 ] aliide C:\Windows\system32\drivers\aliide.sys
14:04:27.0960 3628 aliide - ok
14:04:27.0992 3628 [ 2B13E304C9DFDFA5EB582F6A149FA2C7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
14:04:27.0992 3628 amdagp - ok
14:04:28.0023 3628 [ 0577DF1D323FE75A739C787893D300EA ] amdide C:\Windows\system32\drivers\amdide.sys
14:04:28.0038 3628 amdide - ok
14:04:28.0070 3628 [ DC487885BCEF9F28EECE6FAC0E5DDFC5 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
14:04:28.0070 3628 AmdK7 - ok
14:04:28.0101 3628 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
14:04:28.0101 3628 AmdK8 - ok
14:04:28.0148 3628 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
14:04:28.0148 3628 Appinfo - ok
14:04:28.0226 3628 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
14:04:28.0226 3628 Apple Mobile Device - ok
14:04:28.0272 3628 [ 5F673180268BB1FDB69C99B6619FE379 ] arc C:\Windows\system32\drivers\arc.sys
14:04:28.0272 3628 arc - ok
14:04:28.0319 3628 [ 957F7540B5E7F602E44648C7DE5A1C05 ] arcsas C:\Windows\system32\drivers\arcsas.sys
14:04:28.0319 3628 arcsas - ok
14:04:28.0350 3628 [ 054DF24C92B55427E0757CFFF160E4F2 ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
14:04:28.0350 3628 aswFsBlk - ok
14:04:28.0382 3628 [ 258143605E77E4008F1758481D6A977D ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
14:04:28.0382 3628 aswMonFlt - ok
14:04:28.0382 3628 [ 352D5A48EBAB35A7693B048679304831 ] aswRdr C:\Windows\system32\drivers\aswRdr.sys
14:04:28.0382 3628 aswRdr - ok
14:04:28.0428 3628 [ 8D34D2B24297E27D93E847319ABFDEC4 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
14:04:28.0428 3628 aswSnx - ok
14:04:28.0460 3628 [ 010012597333DA1F46C3243F33F8409E ] aswSP C:\Windows\system32\drivers\aswSP.sys
14:04:28.0460 3628 aswSP - ok
14:04:28.0491 3628 [ F9F84364416658E9786235904D448D37 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
14:04:28.0491 3628 aswTdi - ok
14:04:28.0522 3628 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
14:04:28.0522 3628 AsyncMac - ok
14:04:28.0553 3628 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys
14:04:28.0553 3628 atapi - ok
14:04:28.0584 3628 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:04:28.0600 3628 AudioEndpointBuilder - ok
14:04:28.0600 3628 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
14:04:28.0600 3628 Audiosrv - ok
14:04:28.0662 3628 [ 996E6D052438E8D8DFD501F31560B2E0 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
14:04:28.0662 3628 avast! Antivirus - ok
14:04:28.0694 3628 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
14:04:28.0694 3628 Beep - ok
14:04:28.0725 3628 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
14:04:28.0725 3628 BFE - ok
14:04:28.0787 3628 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\System32\qmgr.dll
14:04:28.0803 3628 BITS - ok
14:04:28.0803 3628 blbdrive - ok
14:04:28.0865 3628 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
14:04:28.0865 3628 Bonjour Service - ok
14:04:28.0896 3628 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
14:04:28.0896 3628 bowser - ok
14:04:28.0928 3628 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
14:04:28.0928 3628 BrFiltLo - ok
14:04:28.0943 3628 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
14:04:28.0943 3628 BrFiltUp - ok
14:04:28.0974 3628 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
14:04:28.0974 3628 Browser - ok
14:04:28.0990 3628 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
14:04:29.0006 3628 Brserid - ok
14:04:29.0021 3628 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
14:04:29.0021 3628 BrSerWdm - ok
14:04:29.0037 3628 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
14:04:29.0037 3628 BrUsbMdm - ok
14:04:29.0052 3628 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
14:04:29.0052 3628 BrUsbSer - ok
14:04:29.0084 3628 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
14:04:29.0084 3628 BTHMODEM - ok
14:04:29.0130 3628 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
14:04:29.0130 3628 cdfs - ok
14:04:29.0146 3628 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
14:04:29.0162 3628 cdrom - ok
14:04:29.0193 3628 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
14:04:29.0193 3628 CertPropSvc - ok
14:04:29.0255 3628 [ 127D4D0E9F78834FFD1EEEA3FCFB47C1 ] CinemaNow Service C:\Program Files\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe
14:04:29.0255 3628 CinemaNow Service - ok
14:04:29.0286 3628 [ DA8E0AFC7BAA226C538EF53AC2F90897 ] circlass C:\Windows\system32\drivers\circlass.sys
14:04:29.0286 3628 circlass - ok
14:04:29.0318 3628 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
14:04:29.0318 3628 CLFS - ok
14:04:29.0396 3628 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:04:29.0396 3628 clr_optimization_v2.0.50727_32 - ok
14:04:29.0458 3628 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:04:29.0458 3628 clr_optimization_v4.0.30319_32 - ok
14:04:29.0505 3628 [ 45201046C776FFDAF3FC8A0029C581C8 ] cmdide C:\Windows\system32\drivers\cmdide.sys
14:04:29.0505 3628 cmdide - ok
14:04:29.0520 3628 [ 82B8C91D327CFECF76CB58716F7D4997 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
14:04:29.0520 3628 Compbatt - ok
14:04:29.0520 3628 COMSysApp - ok
14:04:29.0536 3628 [ 2A213AE086BBEC5E937553C7D9A2B22C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
14:04:29.0552 3628 crcdisk - ok
14:04:29.0567 3628 [ 22A7F883508176489F559EE745B5BF5D ] Crusoe C:\Windows\system32\drivers\crusoe.sys
14:04:29.0567 3628 Crusoe - ok
14:04:29.0645 3628 [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc C:\Windows\system32\cryptsvc.dll
14:04:29.0661 3628 CryptSvc - ok
14:04:29.0708 3628 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
14:04:29.0723 3628 DcomLaunch - ok
14:04:29.0801 3628 [ 34AE0DFA3EE3B5B9975042D87332D0B7 ] DefaultTabUpdate C:\Users\Dad\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe
14:04:29.0817 3628 DefaultTabUpdate - ok
14:04:29.0848 3628 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
14:04:29.0848 3628 DfsC - ok
14:04:29.0942 3628 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
14:04:29.0973 3628 DFSR - ok
14:04:30.0020 3628 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
14:04:30.0020 3628 Dhcp - ok
14:04:30.0066 3628 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
14:04:30.0066 3628 disk - ok
14:04:30.0098 3628 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
14:04:30.0098 3628 Dnscache - ok
14:04:30.0129 3628 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
14:04:30.0129 3628 dot3svc - ok
14:04:30.0160 3628 [ 4F59C172C094E1A1D46463A8DC061CBD ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
14:04:30.0160 3628 Dot4 - ok
14:04:30.0176 3628 [ 80BF3BA09F6F2523C8F6B7CC6DBF7BD5 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
14:04:30.0176 3628 Dot4Print - ok
14:04:30.0191 3628 [ C55004CA6B419B6695970DFE849B122F ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
14:04:30.0191 3628 dot4usb - ok
14:04:30.0222 3628 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
14:04:30.0222 3628 DPS - ok
14:04:30.0254 3628 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
14:04:30.0254 3628 drmkaud - ok
14:04:30.0285 3628 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
14:04:30.0300 3628 DXGKrnl - ok
14:04:30.0332 3628 [ F88FB26547FD2CE6D0A5AF2985892C48 ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
14:04:30.0332 3628 E1G60 - ok
14:04:30.0363 3628 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
14:04:30.0363 3628 EapHost - ok
14:04:30.0410 3628 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
14:04:30.0410 3628 Ecache - ok
14:04:30.0456 3628 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
14:04:30.0456 3628 ehRecvr - ok
14:04:30.0488 3628 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
14:04:30.0488 3628 ehSched - ok
14:04:30.0503 3628 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
14:04:30.0503 3628 ehstart - ok
14:04:30.0550 3628 [ E8F3F21A71720C84BCF423B80028359F ] elxstor C:\Windows\system32\drivers\elxstor.sys
14:04:30.0550 3628 elxstor - ok
14:04:30.0597 3628 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
14:04:30.0597 3628 EMDMgmt - ok
14:04:30.0644 3628 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
14:04:30.0644 3628 EventSystem - ok
14:04:30.0675 3628 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
14:04:30.0675 3628 exfat - ok
14:04:30.0722 3628 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
14:04:30.0722 3628 fastfat - ok
14:04:30.0737 3628 [ 63BDADA84951B9C03E641800E176898A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
14:04:30.0737 3628 fdc - ok
14:04:30.0768 3628 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
14:04:30.0784 3628 fdPHost - ok
14:04:30.0800 3628 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
14:04:30.0800 3628 FDResPub - ok
14:04:30.0831 3628 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
14:04:30.0831 3628 FileInfo - ok
14:04:30.0846 3628 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
14:04:30.0846 3628 Filetrace - ok
14:04:30.0893 3628 [ F76D04F7413B07DAA029F6520B64B4E8 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
14:04:30.0893 3628 FLEXnet Licensing Service - ok
14:04:30.0924 3628 [ 6603957EFF5EC62D25075EA8AC27DE68 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
14:04:30.0924 3628 flpydisk - ok
14:04:30.0956 3628 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
14:04:30.0956 3628 FltMgr - ok
14:04:31.0018 3628 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
14:04:31.0034 3628 FontCache - ok
14:04:31.0080 3628 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
14:04:31.0096 3628 FontCache3.0.0.0 - ok
14:04:31.0112 3628 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
14:04:31.0112 3628 Fs_Rec - ok
14:04:31.0143 3628 [ 4E1CD0A45C50A8882616CAE5BF82F3C5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
14:04:31.0143 3628 gagp30kx - ok
14:04:31.0205 3628 [ 551D463E4CCEB5240234DA6718C93A44 ] GameConsoleService C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
14:04:31.0205 3628 GameConsoleService - ok
14:04:31.0236 3628 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files\WildTangent Games\App\GamesAppService.exe
14:04:31.0252 3628 GamesAppService - ok
14:04:31.0314 3628 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
14:04:31.0314 3628 GEARAspiWDM - ok
14:04:31.0361 3628 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
14:04:31.0361 3628 gpsvc - ok
14:04:31.0424 3628 [ 626A24ED1228580B9518C01930936DF9 ] gupdate1ca2aaa19d29330 C:\Program Files\Google\Update\GoogleUpdate.exe
14:04:31.0439 3628 gupdate1ca2aaa19d29330 - ok
14:04:31.0455 3628 [ 626A24ED1228580B9518C01930936DF9 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
14:04:31.0455 3628 gupdatem - ok
14:04:31.0470 3628 [ 408DDD80EEDE47175F6844817B90213E ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
14:04:31.0470 3628 gusvc - ok
14:04:31.0517 3628 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:04:31.0517 3628 HdAudAddService - ok
14:04:31.0564 3628 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
14:04:31.0564 3628 HDAudBus - ok
14:04:31.0595 3628 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
14:04:31.0611 3628 HidBth - ok
14:04:31.0626 3628 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
14:04:31.0626 3628 HidIr - ok
14:04:31.0658 3628 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\system32\hidserv.dll
14:04:31.0658 3628 hidserv - ok
14:04:31.0689 3628 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
14:04:31.0689 3628 HidUsb - ok
14:04:31.0704 3628 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
14:04:31.0704 3628 hkmsvc - ok
14:04:31.0736 3628 [ DF353B401001246853763C4B7AAA6F50 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
14:04:31.0736 3628 HpCISSs - ok
14:04:31.0814 3628 [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05 ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
14:04:31.0814 3628 hpqcxs08 - ok
14:04:31.0845 3628 [ F3F72A2A86C22610BCA5439FA789DD52 ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
14:04:31.0845 3628 hpqddsvc - ok
14:04:31.0907 3628 [ 88749FBF8BEB18C90E7D6626C8C1910B ] HSF_DP C:\Windows\system32\DRIVERS\HSX_DP.sys
14:04:31.0923 3628 HSF_DP - ok
14:04:31.0954 3628 [ FE440536BD98AF772130DC3A6FE1915F ] HSXHWBS2 C:\Windows\system32\DRIVERS\HSXHWBS2.sys
14:04:31.0954 3628 HSXHWBS2 - ok
14:04:31.0985 3628 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys
14:04:32.0001 3628 HTTP - ok
14:04:32.0016 3628 [ 324C2152FF2C61ABAE92D09F3CCA4D63 ] i2omp C:\Windows\system32\drivers\i2omp.sys
14:04:32.0032 3628 i2omp - ok
14:04:32.0063 3628 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
14:04:32.0079 3628 i8042prt - ok
14:04:32.0094 3628 [ C957BF4B5D80B46C5017BF0101E6C906 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
14:04:32.0110 3628 iaStorV - ok
14:04:32.0172 3628 [ 6F95324909B502E2651442C1548AB12F ] IDriverT c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
14:04:32.0172 3628 IDriverT - ok
14:04:32.0219 3628 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
14:04:32.0219 3628 idsvc - ok
14:04:32.0250 3628 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
14:04:32.0250 3628 iirsp - ok
14:04:32.0282 3628 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
14:04:32.0297 3628 IKEEXT - ok
14:04:32.0391 3628 [ EDC37B918E583A5A813C53D4F5588255 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
14:04:32.0422 3628 IntcAzAudAddService - ok
14:04:32.0438 3628 [ 97469037714070E45194ED318D636401 ] intelide C:\Windows\system32\drivers\intelide.sys
14:04:32.0438 3628 intelide - ok
14:04:32.0453 3628 [ CE44CC04262F28216DD4341E9E36A16F ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
14:04:32.0469 3628 intelppm - ok
14:04:32.0500 3628 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
14:04:32.0500 3628 IPBusEnum - ok
14:04:32.0531 3628 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:04:32.0531 3628 IpFilterDriver - ok
14:04:32.0562 3628 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
14:04:32.0578 3628 iphlpsvc - ok
14:04:32.0578 3628 IpInIp - ok
14:04:32.0609 3628 [ 40F34F8ABA2A015D780E4B09138B6C17 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
14:04:32.0609 3628 IPMIDRV - ok
14:04:32.0625 3628 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
14:04:32.0640 3628 IPNAT - ok
14:04:32.0703 3628 [ BC0EA61246F8D940FBC5F652D337D6BD ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
14:04:32.0703 3628 iPod Service - ok
14:04:32.0734 3628 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
14:04:32.0734 3628 IRENUM - ok
14:04:32.0796 3628 [ F5CF53D41F5A6B9D66B8C49C2DE43064 ] IS360service C:\Program Files\IObit\IObit Security 360\IS360srv.exe
14:04:32.0796 3628 IS360service - ok
14:04:32.0828 3628 [ 350FCA7E73CF65BCEF43FAE1E4E91293 ] isapnp C:\Windows\system32\drivers\isapnp.sys
14:04:32.0843 3628 isapnp - ok
14:04:32.0874 3628 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
14:04:32.0874 3628 iScsiPrt - ok
14:04:32.0906 3628 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
14:04:32.0906 3628 iteatapi - ok
14:04:32.0952 3628 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
14:04:32.0952 3628 iteraid - ok
14:04:32.0999 3628 [ FE1A970E7CE330BB844E333C374C6599 ] iWinTrusted C:\Program Files\iWin Games\iWinTrusted.exe
14:04:33.0015 3628 iWinTrusted - ok
14:04:33.0030 3628 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
14:04:33.0030 3628 kbdclass - ok
14:04:33.0046 3628 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
14:04:33.0046 3628 kbdhid - ok
14:04:33.0108 3628 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
14:04:33.0108 3628 KeyIso - ok
14:04:33.0140 3628 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
14:04:33.0155 3628 KSecDD - ok
14:04:33.0202 3628 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
14:04:33.0202 3628 KtmRm - ok
14:04:33.0233 3628 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\system32\srvsvc.dll
14:04:33.0249 3628 LanmanServer - ok
14:04:33.0264 3628 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:04:33.0280 3628 LanmanWorkstation - ok
14:04:33.0389 3628 [ 61323B88EFE90F6B144A3611B3ED1D7D ] Lavasoft Ad-Aware Service C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
14:04:33.0405 3628 Lavasoft Ad-Aware Service - ok
14:04:33.0436 3628 [ B7C19EC8B0DD7EFA58AD41FFEB8B8CDA ] Lbd C:\Windows\system32\DRIVERS\Lbd.sys
14:04:33.0436 3628 Lbd - ok
14:04:33.0498 3628 [ 3AF6B73A3AD1FC37C5933441F66CEB91 ] LBTServ C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
14:04:33.0514 3628 LBTServ - ok
14:04:33.0545 3628 [ 7F9C7B28CF1C859E1C42619EEA946DC8 ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
14:04:33.0545 3628 LHidFilt - ok
14:04:33.0592 3628 [ 559C9B7800FAC92FC515CD0003D7C631 ] LightScribeService c:\Program Files\Common Files\LightScribe\LSSrvc.exe
14:04:33.0592 3628 LightScribeService - ok
14:04:33.0623 3628 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
14:04:33.0623 3628 lltdio - ok
14:04:33.0654 3628 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
14:04:33.0654 3628 lltdsvc - ok
14:04:33.0686 3628 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
14:04:33.0701 3628 lmhosts - ok
14:04:33.0717 3628 [ AB33792A87285344F43B5CE23421BAB0 ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys
14:04:33.0717 3628 LMouFilt - ok
14:04:33.0748 3628 [ A2262FB9F28935E862B4DB46438C80D2 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
14:04:33.0764 3628 LSI_FC - ok
14:04:33.0779 3628 [ 30D73327D390F72A62F32C103DAF1D6D ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
14:04:33.0779 3628 LSI_SAS - ok
14:04:33.0795 3628 [ E1E36FEFD45849A95F1AB81DE0159FE3 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
14:04:33.0810 3628 LSI_SCSI - ok
14:04:33.0842 3628 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
14:04:33.0842 3628 luafv - ok
14:04:33.0873 3628 [ 77030525CD86A93F1AF34FA9B96D33CE ] LUsbFilt C:\Windows\system32\Drivers\LUsbFilt.Sys
14:04:33.0873 3628 LUsbFilt - ok
14:04:33.0888 3628 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
14:04:33.0888 3628 Mcx2Svc - ok
14:04:33.0935 3628 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys
14:04:33.0935 3628 mdmxsdk - ok
14:04:33.0951 3628 [ D153B14FC6598EAE8422A2037553ADCE ] megasas C:\Windows\system32\drivers\megasas.sys
14:04:33.0966 3628 megasas - ok
14:04:33.0998 3628 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
14:04:33.0998 3628 MMCSS - ok
14:04:34.0013 3628 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
14:04:34.0013 3628 Modem - ok
14:04:34.0029 3628 [ EC839BA91E45CCE6EADAFC418FFF8206 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
14:04:34.0029 3628 monitor - ok
14:04:34.0044 3628 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
14:04:34.0044 3628 mouclass - ok
14:04:34.0060 3628 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
14:04:34.0076 3628 mouhid - ok
14:04:34.0091 3628 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
14:04:34.0091 3628 MountMgr - ok
14:04:34.0138 3628 [ 583A41F26278D9E0EA548163D6139397 ] mpio C:\Windows\system32\drivers\mpio.sys
14:04:34.0138 3628 mpio - ok
14:04:34.0169 3628 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
14:04:34.0169 3628 mpsdrv - ok
14:04:34.0200 3628 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
14:04:34.0216 3628 MpsSvc - ok
14:04:34.0232 3628 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
14:04:34.0232 3628 Mraid35x - ok
14:04:34.0263 3628 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
14:04:34.0263 3628 MRxDAV - ok
14:04:34.0278 3628 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
14:04:34.0278 3628 mrxsmb - ok
14:04:34.0310 3628 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:04:34.0310 3628 mrxsmb10 - ok
14:04:34.0325 3628 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:04:34.0341 3628 mrxsmb20 - ok
14:04:34.0372 3628 [ 742AED7939E734C36B7E8D6228CE26B7 ] msahci C:\Windows\system32\drivers\msahci.sys
14:04:34.0372 3628 msahci - ok
14:04:34.0388 3628 [ 3FC82A2AE4CC149165A94699183D3028 ] msdsm C:\Windows\system32\drivers\msdsm.sys
14:04:34.0388 3628 msdsm - ok
14:04:34.0419 3628 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
14:04:34.0434 3628 MSDTC - ok
14:04:34.0466 3628 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
14:04:34.0466 3628 Msfs - ok
14:04:34.0481 3628 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
14:04:34.0481 3628 msisadrv - ok
14:04:34.0528 3628 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
14:04:34.0544 3628 MSiSCSI - ok
14:04:34.0544 3628 msiserver - ok
14:04:34.0575 3628 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
14:04:34.0575 3628 MSKSSRV - ok
14:04:34.0606 3628 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
14:04:34.0606 3628 MSPCLOCK - ok
14:04:34.0606 3628 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
14:04:34.0622 3628 MSPQM - ok
14:04:34.0653 3628 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
14:04:34.0653 3628 MsRPC - ok
14:04:34.0684 3628 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
14:04:34.0684 3628 mssmbios - ok
14:04:34.0700 3628 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
14:04:34.0700 3628 MSTEE - ok
14:04:34.0715 3628 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
14:04:34.0715 3628 Mup - ok
14:04:34.0746 3628 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
14:04:34.0762 3628 napagent - ok
14:04:34.0809 3628 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
14:04:34.0809 3628 NativeWifiP - ok
14:04:34.0856 3628 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
14:04:34.0871 3628 NDIS - ok
14:04:34.0887 3628 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
14:04:34.0887 3628 NdisTapi - ok
14:04:34.0918 3628 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
14:04:34.0918 3628 Ndisuio - ok
14:04:34.0934 3628 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
14:04:34.0934 3628 NdisWan - ok
14:04:34.0965 3628 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
14:04:34.0965 3628 NDProxy - ok
14:04:34.0980 3628 [ 510C138564486FF926A3F773205C63D1 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
14:04:34.0980 3628 Net Driver HPZ12 - ok
14:04:35.0012 3628 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
14:04:35.0012 3628 NetBIOS - ok
14:04:35.0043 3628 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
14:04:35.0043 3628 netbt - ok
14:04:35.0058 3628 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
14:04:35.0058 3628 Netlogon - ok
14:04:35.0090 3628 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
14:04:35.0090 3628 Netman - ok
14:04:35.0105 3628 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
14:04:35.0121 3628 netprofm - ok
14:04:35.0136 3628 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:04:35.0136 3628 NetTcpPortSharing - ok
14:04:35.0183 3628 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
14:04:35.0183 3628 nfrd960 - ok
14:04:35.0214 3628 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
14:04:35.0214 3628 NlaSvc - ok
14:04:35.0246 3628 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
14:04:35.0246 3628 Npfs - ok
14:04:35.0277 3628 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
14:04:35.0277 3628 nsi - ok
14:04:35.0292 3628 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
14:04:35.0292 3628 nsiproxy - ok
14:04:35.0339 3628 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
14:04:35.0355 3628 Ntfs - ok
14:04:35.0386 3628 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
14:04:35.0402 3628 ntrigdigi - ok
14:04:35.0448 3628 [ CF7E041663119E09D2E118521ADA9300 ] NuidFltr C:\Windows\system32\DRIVERS\NuidFltr.sys
14:04:35.0448 3628 NuidFltr - ok
14:04:35.0480 3628 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
14:04:35.0480 3628 Null - ok
14:04:35.0542 3628 [ 74C825C573AA6E115590D94E7BF86901 ] NVENETFD C:\Windows\system32\DRIVERS\nvmfdx32.sys
14:04:35.0558 3628 NVENETFD - ok
14:04:35.0854 3628 [ FBBA09782F2FAC5A57619DF378BA9372 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
14:04:36.0010 3628 nvlddmkm - ok
14:04:36.0041 3628 [ E69E946F80C1C31C53003BFBF50CBB7C ] nvraid C:\Windows\system32\drivers\nvraid.sys
14:04:36.0041 3628 nvraid - ok
14:04:36.0072 3628 [ 9E0BA19A28C498A6D323D065DB76DFFC ] nvstor C:\Windows\system32\drivers\nvstor.sys
14:04:36.0088 3628 nvstor - ok
14:04:36.0135 3628 [ CF7769F13B3ECC5E2BF1B3D1C5831AE8 ] nvsvc C:\Windows\system32\nvvsvc.exe
14:04:36.0135 3628 nvsvc - ok
14:04:36.0166 3628 [ 07C186427EB8FCC3D8D7927187F260F7 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
14:04:36.0166 3628 nv_agp - ok
14:04:36.0166 3628 NwlnkFlt - ok
14:04:36.0182 3628 NwlnkFwd - ok
14:04:36.0244 3628 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
14:04:36.0244 3628 odserv - ok
14:04:36.0260 3628 [ 6F310E890D46E246E0E261A63D9B36B4 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
14:04:36.0260 3628 ohci1394 - ok
14:04:36.0291 3628 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:04:36.0291 3628 ose - ok
14:04:36.0338 3628 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
14:04:36.0353 3628 p2pimsvc - ok
14:04:36.0369 3628 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
14:04:36.0369 3628 p2psvc - ok
14:04:36.0431 3628 [ 735640D311D27E0095D748F725B9E507 ] PAC7311 C:\Windows\system32\DRIVERS\PA707UCM.SYS
14:04:36.0431 3628 PAC7311 - ok
14:04:36.0478 3628 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
14:04:36.0478 3628 Parport - ok
14:04:36.0540 3628 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
14:04:36.0540 3628 partmgr - ok
14:04:36.0556 3628 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
14:04:36.0556 3628 Parvdm - ok
14:04:36.0587 3628 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
14:04:36.0587 3628 PcaSvc - ok
14:04:36.0618 3628 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
14:04:36.0634 3628 pci - ok
14:04:36.0634 3628 [ 1636D43F10416AEB483BC6001097B26C ] pciide C:\Windows\system32\drivers\pciide.sys
14:04:36.0650 3628 pciide - ok
14:04:36.0681 3628 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
14:04:36.0681 3628 pcmcia - ok
14:04:36.0728 3628 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
14:04:36.0759 3628 PEAUTH - ok
14:04:36.0837 3628 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
14:04:36.0868 3628 pla - ok
14:04:36.0899 3628 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
14:04:36.0915 3628 PlugPlay - ok
14:04:36.0946 3628 [ 37E5E8FFBAD35605DAEEC3224EA0E465 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
14:04:36.0946 3628 Pml Driver HPZ12 - ok
14:04:36.0977 3628 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
14:04:36.0993 3628 PNRPAutoReg - ok
14:04:37.0008 3628 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
14:04:37.0008 3628 PNRPsvc - ok
14:04:37.0040 3628 [ 5B6F99087CC1342B3D193E8155F26B6F ] Point32 C:\Windows\system32\DRIVERS\point32k.sys
14:04:37.0040 3628 Point32 - ok
14:04:37.0071 3628 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
14:04:37.0086 3628 PolicyAgent - ok
14:04:37.0102 3628 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
14:04:37.0102 3628 PptpMiniport - ok
14:04:37.0133 3628 [ 0E3CEF5D28B40CF273281D620C50700A ] Processor C:\Windows\system32\drivers\processr.sys
14:04:37.0133 3628 Processor - ok
14:04:37.0164 3628 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
14:04:37.0164 3628 ProfSvc - ok
14:04:37.0180 3628 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
14:04:37.0196 3628 ProtectedStorage - ok
14:04:37.0227 3628 [ 390C204CED3785609AB24E9C52054A84 ] Ps2 C:\Windows\system32\DRIVERS\PS2.sys
14:04:37.0227 3628 Ps2 - ok
14:04:37.0258 3628 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
14:04:37.0258 3628 PSched - ok
14:04:37.0289 3628 [ 40FEDD328F98245AD201CF5F9F311724 ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
14:04:37.0289 3628 PxHelp20 - ok
14:04:37.0336 3628 [ CCDAC889326317792480C0A67156A1EC ] ql2300 C:\Windows\system32\drivers\ql2300.sys
14:04:37.0352 3628 ql2300 - ok
14:04:37.0383 3628 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
14:04:37.0383 3628 ql40xx - ok
14:04:37.0414 3628 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
14:04:37.0430 3628 QWAVE - ok
14:04:37.0445 3628 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
14:04:37.0445 3628 QWAVEdrv - ok
14:04:37.0461 3628 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
14:04:37.0461 3628 RasAcd - ok
14:04:37.0476 3628 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
14:04:37.0492 3628 RasAuto - ok
14:04:37.0508 3628 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
14:04:37.0508 3628 Rasl2tp - ok
14:04:37.0539 3628 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
14:04:37.0539 3628 RasMan - ok
14:04:37.0554 3628 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
14:04:37.0554 3628 RasPppoe - ok
14:04:37.0586 3628 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
14:04:37.0586 3628 RasSstp - ok
14:04:37.0601 3628 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
14:04:37.0617 3628 rdbss - ok
14:04:37.0648 3628 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
14:04:37.0648 3628 RDPCDD - ok
14:04:37.0679 3628 [ E8BD98D46F2ED77132BA927FCCB47D8B ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
14:04:37.0695 3628 rdpdr - ok
14:04:37.0695 3628 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
14:04:37.0695 3628 RDPENCDD - ok
14:04:37.0742 3628 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
14:04:37.0742 3628 RDPWD - ok
14:04:37.0788 3628 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
14:04:37.0788 3628 RemoteAccess - ok
14:04:37.0820 3628 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
14:04:37.0820 3628 RemoteRegistry - ok
14:04:37.0898 3628 [ FF578453D3B3ADAAB22D7151D7F9E592 ] RoxMediaDB12 C:\Program Files\Common Files\Roxio Shared\12.0\SharedCOM\RoxMediaDB12.exe
14:04:37.0913 3628 RoxMediaDB12 - ok
14:04:37.0976 3628 [ 00F3E30D63078FC4B543C32FD7337A7B ] RoxMediaDB9 c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
14:04:37.0976 3628 RoxMediaDB9 - ok
14:04:38.0022 3628 [ 71B38B8DF1A9B55FC0FB64958CC7B9DD ] RoxWatch12 C:\Program Files\Common Files\Roxio Shared\12.0\SharedCOM\RoxWatch12.exe
14:04:38.0022 3628 RoxWatch12 - ok
14:04:38.0054 3628 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
14:04:38.0054 3628 RpcLocator - ok
14:04:38.0085 3628 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
14:04:38.0100 3628 RpcSs - ok
14:04:38.0116 3628 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
14:04:38.0132 3628 rspndr - ok
14:04:38.0163 3628 SABProcEnum - ok
14:04:38.0163 3628 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
14:04:38.0163 3628 SamSs - ok
14:04:38.0194 3628 [ 39763504067962108505BFF25F024345 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
14:04:38.0194 3628 SASDIFSV - ok
14:04:38.0225 3628 [ 77B9FC20084B48408AD3E87570EB4A85 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
14:04:38.0225 3628 SASKUTIL - ok
14:04:38.0256 3628 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
14:04:38.0256 3628 sbp2port - ok
14:04:38.0350 3628 [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
14:04:38.0366 3628 SBSDWSCService - ok
14:04:38.0397 3628 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
14:04:38.0412 3628 SCardSvr - ok
14:04:38.0444 3628 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
14:04:38.0459 3628 Schedule - ok
14:04:38.0490 3628 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
14:04:38.0490 3628 SCPolicySvc - ok
14:04:38.0506 3628 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
14:04:38.0506 3628 SDRSVC - ok
14:04:38.0522 3628 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
14:04:38.0522 3628 secdrv - ok
14:04:38.0553 3628 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
14:04:38.0553 3628 seclogon - ok
14:04:38.0568 3628 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll
14:04:38.0584 3628 SENS - ok
14:04:38.0600 3628 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
14:04:38.0600 3628 Serenum - ok
14:04:38.0631 3628 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
14:04:38.0631 3628 Serial - ok
14:04:38.0662 3628 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
14:04:38.0662 3628 sermouse - ok
14:04:38.0709 3628 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
14:04:38.0709 3628 SessionEnv - ok
14:04:38.0740 3628 [ 103B79418DA647736EE95645F305F68A ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
14:04:38.0740 3628 sffdisk - ok
14:04:38.0756 3628 [ 8FD08A310645FE872EEEC6E08C6BF3EE ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
14:04:38.0756 3628 sffp_mmc - ok
14:04:38.0771 3628 [ 9CFA05FCFCB7124E69CFC812B72F9614 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
14:04:38.0771 3628 sffp_sd - ok
14:04:38.0787 3628 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
14:04:38.0787 3628 sfloppy - ok
14:04:38.0818 3628 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
14:04:38.0818 3628 SharedAccess - ok
14:04:38.0849 3628 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:04:38.0865 3628 ShellHWDetection - ok
14:04:38.0896 3628 [ D2A595D6EEBEEAF4334F8E50EFBC9931 ] sisagp C:\Windows\system32\drivers\sisagp.sys
14:04:38.0896 3628 sisagp - ok
14:04:38.0912 3628 [ CEDD6F4E7D84E9F98B34B3FE988373AA ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
14:04:38.0912 3628 SiSRaid2 - ok
14:04:38.0943 3628 [ DF843C528C4F69D12CE41CE462E973A7 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
14:04:38.0943 3628 SiSRaid4 - ok
14:04:39.0036 3628 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
14:04:39.0099 3628 slsvc - ok
14:04:39.0114 3628 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
14:04:39.0114 3628 SLUINotify - ok
14:04:39.0161 3628 [ 46B40982AF166BF89C3F51FB13E60D6D ] SmartDefragDriver C:\Windows\system32\Drivers\SmartDefragDriver.sys
14:04:39.0161 3628 SmartDefragDriver - ok
14:04:39.0192 3628 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
14:04:39.0192 3628 Smb - ok
14:04:39.0224 3628 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
14:04:39.0224 3628 SNMPTRAP - ok
14:04:39.0255 3628 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
14:04:39.0255 3628 spldr - ok
14:04:39.0286 3628 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
14:04:39.0286 3628 Spooler - ok
14:04:39.0333 3628 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
14:04:39.0333 3628 srv - ok
14:04:39.0364 3628 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
14:04:39.0364 3628 srv2 - ok
14:04:39.0395 3628 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
14:04:39.0395 3628 srvnet - ok
14:04:39.0426 3628 [ FFE42941E0326C322F40B0B79A46493C ] sscdbus C:\Windows\system32\DRIVERS\sscdbus.sys
14:04:39.0426 3628 sscdbus - ok
14:04:39.0473 3628 [ A68E7D87ADFBB8C50D88CD58230C6819 ] sscdmdfl C:\Windows\system32\DRIVERS\sscdmdfl.sys
14:04:39.0473 3628 sscdmdfl - ok
14:04:39.0520 3628 [ B534B24151281856EC2F69ED3D6D60DD ] sscdmdm C:\Windows\system32\DRIVERS\sscdmdm.sys
14:04:39.0520 3628 sscdmdm - ok
14:04:39.0567 3628 [ D04BD59F28C78E2E66632092CAFC0A2B ] sscdserd C:\Windows\system32\DRIVERS\sscdserd.sys
14:04:39.0567 3628 sscdserd - ok
14:04:39.0614 3628 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
14:04:39.0614 3628 SSDPSRV - ok
14:04:39.0629 3628 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
14:04:39.0645 3628 SstpSvc - ok
14:04:39.0676 3628 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
14:04:39.0692 3628 stisvc - ok
14:04:39.0738 3628 [ D4CE4D370A26AE1BF41BE9F69D24D049 ] stllssvr c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
14:04:39.0738 3628 stllssvr - ok
14:04:39.0770 3628 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
14:04:39.0770 3628 swenum - ok
14:04:39.0801 3628 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
14:04:39.0816 3628 swprv - ok
14:04:39.0848 3628 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
14:04:39.0848 3628 Symc8xx - ok
14:04:39.0863 3628 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
14:04:39.0863 3628 Sym_hi - ok
14:04:39.0894 3628 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
14:04:39.0894 3628 Sym_u3 - ok
14:04:39.0941 3628 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
14:04:39.0957 3628 SysMain - ok
14:04:39.0972 3628 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:04:39.0972 3628 TabletInputService - ok
14:04:40.0004 3628 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
14:04:40.0019 3628 TapiSrv - ok
14:04:40.0035 3628 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
14:04:40.0050 3628 TBS - ok
14:04:40.0128 3628 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
14:04:40.0128 3628 Tcpip - ok
14:04:40.0160 3628 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
14:04:40.0160 3628 Tcpip6 - ok
14:04:40.0191 3628 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
14:04:40.0191 3628 tcpipreg - ok
14:04:40.0222 3628 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
14:04:40.0238 3628 TDPIPE - ok
14:04:40.0253 3628 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
14:04:40.0253 3628 TDTCP - ok
14:04:40.0284 3628 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
14:04:40.0284 3628 tdx - ok
14:04:40.0316 3628 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
14:04:40.0316 3628 TermDD - ok
14:04:40.0347 3628 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
14:04:40.0362 3628 TermService - ok
14:04:40.0362 3628 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
14:04:40.0378 3628 Themes - ok
14:04:40.0394 3628 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
14:04:40.0394 3628 THREADORDER - ok
14:04:40.0409 3628 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
14:04:40.0425 3628 TrkWks - ok
14:04:40.0440 3628 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:04:40.0440 3628 TrustedInstaller - ok
14:04:40.0472 3628 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
14:04:40.0472 3628 tssecsrv - ok
14:04:40.0503 3628 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
14:04:40.0503 3628 tunmp - ok
14:04:40.0550 3628 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
14:04:40.0550 3628 tunnel - ok
14:04:40.0581 3628 [ C3ADE15414120033A36C0F293D4A4121 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
14:04:40.0581 3628 uagp35 - ok
14:04:40.0612 3628 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
14:04:40.0612 3628 udfs - ok
14:04:40.0643 3628 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
14:04:40.0643 3628 UI0Detect - ok
14:04:40.0674 3628 [ 75E6890EBFCE0841D3291B02E7A8BDB0 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
14:04:40.0674 3628 uliagpkx - ok
14:04:40.0690 3628 [ 3CD4EA35A6221B85DCC25DAA46313F8D ] uliahci C:\Windows\system32\drivers\uliahci.sys
14:04:40.0706 3628 uliahci - ok
14:04:40.0721 3628 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
14:04:40.0721 3628 UlSata - ok
14:04:40.0737 3628 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
14:04:40.0752 3628 ulsata2 - ok
14:04:40.0784 3628 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
14:04:40.0784 3628 umbus - ok
14:04:40.0815 3628 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
14:04:40.0830 3628 upnphost - ok
14:04:40.0862 3628 [ 73B41F4EAD65F355962168D766AF0F2E ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
14:04:40.0862 3628 USBAAPL - ok
14:04:40.0908 3628 [ 32DB9517628FF0D070682AAB61E688F0 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
14:04:40.0908 3628 usbaudio - ok
14:04:40.0955 3628 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
14:04:40.0955 3628 usbccgp - ok
14:04:40.0986 3628 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
14:04:40.0986 3628 usbcir - ok
14:04:41.0033 3628 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
14:04:41.0033 3628 usbehci - ok
14:04:41.0064 3628 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
14:04:41.0064 3628 usbhub - ok
14:04:41.0080 3628 [ CE697FEE0D479290D89BEC80DFE793B7 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
14:04:41.0080 3628 usbohci - ok
14:04:41.0096 3628 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
14:04:41.0096 3628 usbprint - ok
14:04:41.0111 3628 [ A508C9BD8724980512136B039BBA65E9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
14:04:41.0111 3628 usbscan - ok
14:04:41.0142 3628 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:04:41.0142 3628 USBSTOR - ok
14:04:41.0174 3628 [ 325DBBACB8A36AF9988CCF40EAC228CC ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
14:04:41.0174 3628 usbuhci - ok
14:04:41.0205 3628 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
14:04:41.0205 3628 UxSms - ok
14:04:41.0236 3628 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
14:04:41.0236 3628 vds - ok
14:04:41.0252 3628 [ 7D92BE0028ECDEDEC74617009084B5EF ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
14:04:41.0267 3628 vga - ok
14:04:41.0298 3628 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
14:04:41.0298 3628 VgaSave - ok
14:04:41.0314 3628 [ 045D9961E591CF0674A920B6BA3BA5CB ] viaagp C:\Windows\system32\drivers\viaagp.sys
14:04:41.0314 3628 viaagp - ok
14:04:41.0345 3628 [ 56A4DE5F02F2E88182B0981119B4DD98 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
14:04:41.0345 3628 ViaC7 - ok
14:04:41.0376 3628 [ FD2E3175FCADA350C7AB4521DCA187EC ] viaide C:\Windows\system32\drivers\viaide.sys
14:04:41.0376 3628 viaide - ok
14:04:41.0392 3628 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
14:04:41.0392 3628 volmgr - ok
14:04:41.0423 3628 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
14:04:41.0423 3628 volmgrx - ok
14:04:41.0486 3628 [ 786DB5771F05EF300390399F626BF30A ] volsnap C:\Windows\system32\drivers\volsnap.sys
14:04:41.0501 3628 volsnap - ok
14:04:41.0532 3628 [ D984439746D42B30FC65A4C3546C6829 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
14:04:41.0532 3628 vsmraid - ok
14:04:41.0579 3628 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
14:04:41.0610 3628 VSS - ok
14:04:41.0626 3628 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
14:04:41.0626 3628 W32Time - ok
14:04:41.0657 3628 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
14:04:41.0657 3628 WacomPen - ok
14:04:41.0688 3628 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
14:04:41.0688 3628 Wanarp - ok
14:04:41.0704 3628 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
14:04:41.0704 3628 Wanarpv6 - ok
14:04:41.0735 3628 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
14:04:41.0751 3628 wcncsvc - ok
14:04:41.0766 3628 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:04:41.0782 3628 WcsPlugInService - ok
14:04:41.0813 3628 [ AFC5AD65B991C1E205CF25CFDBF7A6F4 ] Wd C:\Windows\system32\drivers\wd.sys
14:04:41.0813 3628 Wd - ok
14:04:41.0891 3628 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
14:04:41.0891 3628 Wdf01000 - ok
14:04:41.0922 3628 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
14:04:41.0922 3628 WdiServiceHost - ok
14:04:41.0938 3628 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
14:04:41.0938 3628 WdiSystemHost - ok
14:04:41.0985 3628 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
14:04:41.0985 3628 WebClient - ok
14:04:42.0016 3628 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
14:04:42.0032 3628 Wecsvc - ok
14:04:42.0047 3628 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
14:04:42.0047 3628 wercplsupport - ok
14:04:42.0078 3628 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
14:04:42.0078 3628 WerSvc - ok
14:04:42.0125 3628 [ 72CC6A8CA7891031D6380DB5025C773C ] winachsf C:\Windows\system32\DRIVERS\HSX_CNXT.sys
14:04:42.0141 3628 winachsf - ok
14:04:42.0172 3628 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
14:04:42.0188 3628 WinDefend - ok
14:04:42.0188 3628 WinHttpAutoProxySvc - ok
14:04:42.0234 3628 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
14:04:42.0234 3628 Winmgmt - ok
14:04:42.0281 3628 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
14:04:42.0312 3628 WinRM - ok
14:04:42.0344 3628 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
14:04:42.0359 3628 Wlansvc - ok
14:04:42.0437 3628 [ 0A70F4022EC2E14C159EFC4F69AA2477 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:04:42.0468 3628 wlidsvc - ok
14:04:42.0484 3628 [ 701A9F884A294327E9141D73746EE279 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
14:04:42.0484 3628 WmiAcpi - ok
14:04:42.0531 3628 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
14:04:42.0531 3628 wmiApSrv - ok
14:04:42.0578 3628 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
14:04:42.0593 3628 WMPNetworkSvc - ok
14:04:42.0609 3628 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
14:04:42.0624 3628 WPCSvc - ok
14:04:42.0656 3628 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
14:04:42.0656 3628 WPDBusEnum - ok
14:04:42.0702 3628 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
14:04:42.0702 3628 WpdUsb - ok
14:04:42.0796 3628 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
14:04:42.0796 3628 WPFFontCache_v0400 - ok
14:04:42.0827 3628 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
14:04:42.0827 3628 ws2ifsl - ok
14:04:42.0858 3628 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\System32\wscsvc.dll
14:04:42.0858 3628 wscsvc - ok
14:04:42.0874 3628 WSearch - ok
14:04:42.0952 3628 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
14:04:42.0983 3628 wuauserv - ok
14:04:43.0046 3628 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
14:04:43.0046 3628 WudfPf - ok
14:04:43.0092 3628 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
14:04:43.0092 3628 WUDFRd - ok
14:04:43.0155 3628 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
14:04:43.0170 3628 wudfsvc - ok
14:04:43.0217 3628 [ DAB33CFA9DD24251AAA389FF36B64D4B ] XAudio C:\Windows\system32\DRIVERS\xaudio.sys
14:04:43.0217 3628 XAudio - ok
14:04:43.0248 3628 [ CD5F291A1161F15896D1A4D63DAFF5DF ] XAudioService C:\Windows\system32\DRIVERS\xaudio.exe
14:04:43.0264 3628 XAudioService - ok
14:04:43.0264 3628 ================ Scan global ===============================
14:04:43.0295 3628 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
14:04:43.0326 3628 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
14:04:43.0358 3628 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
14:04:43.0389 3628 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
14:04:43.0404 3628 [Global] - ok
14:04:43.0404 3628 ================ Scan MBR ==================================
14:04:43.0404 3628 [ 8913823FF508CCF109DB74B636C301DA ] \Device\Harddisk0\DR0
14:04:43.0607 3628 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
14:04:43.0607 3628 \Device\Harddisk0\DR0 - detected TDSS File System (1)
14:04:43.0607 3628 ================ Scan VBR ==================================
14:04:43.0607 3628 [ 1165717DDD357B5A5D1C658F4CF732A1 ] \Device\Harddisk0\DR0\Partition1
14:04:43.0607 3628 \Device\Harddisk0\DR0\Partition1 - ok
14:04:43.0623 3628 [ 8E01FF2E8987A014C0C2492843830B75 ] \Device\Harddisk0\DR0\Partition2
14:04:43.0623 3628 \Device\Harddisk0\DR0\Partition2 - ok
14:04:43.0623 3628 ============================================================
14:04:43.0623 3628 Scan finished
14:04:43.0623 3628 ============================================================
14:04:43.0638 3908 Detected object count: 1
14:04:43.0638 3908 Actual detected object count: 1
14:12:39.0190 3908 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
14:12:39.0190 3908 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
14:13:01.0841 5956 Deinitialize success

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-01-14 14:37:14
-----------------------------
14:37:14.285 OS Version: Windows 6.0.6002 Service Pack 2
14:37:14.285 Number of processors: 2 586 0x4B02
14:37:14.285 ComputerName: DAD-PC UserName: Dad
14:37:35.657 Initialize success
14:37:38.777 AVAST engine defs: 13011401
14:37:44.268 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-4
14:37:44.268 Disk 0 Vendor: Hitachi_HDT725025VLA380 V5DOA58A Size: 238475MB BusType: 3
14:37:44.283 Disk 0 MBR read successfully
14:37:44.283 Disk 0 MBR scan
14:37:44.829 Disk 0 unknown MBR code
14:37:44.845 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 230616 MB offset 63
14:37:45.360 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 7855 MB offset 472303440
14:37:45.641 Disk 0 scanning sectors +488391120
14:37:48.386 Disk 0 scanning C:\Windows\system32\drivers
14:38:22.566 Service scanning
14:38:48.649 Modules scanning
14:38:52.034 Disk 0 trace - called modules:
14:38:52.050 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys tcpip.sys NETIO.SYS USBPORT.SYS usbohci.sys
14:38:52.050 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85f6a310]
14:38:52.065 3 CLASSPNP.SYS[8abab8b3] -> nt!IofCallDriver -> [0x854a74b8]
14:38:52.065 5 acpi.sys[806106bc] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-4[0x854a78d8]
14:38:52.689 AVAST engine scan C:\Windows
14:38:55.466 AVAST engine scan C:\Windows\system32
14:41:33.135 AVAST engine scan C:\Windows\system32\drivers
14:41:43.681 AVAST engine scan C:\Users\Dad
15:15:47.063 AVAST engine scan C:\ProgramData
15:32:29.051 Scan finished successfully
15:37:42.065 Disk 0 MBR has been saved successfully to "C:\Users\Dad\Desktop\MBR.dat"
15:37:42.065 The log file has been saved successfully to "C:\Users\Dad\Desktop\aswMBR.txt"


C:\Users\Dad\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdjbnddbclciabnckgeahmneohjlahdm\1.0_0\manager.js JS/Redirector.NCG trojan cleaned by deleting - quarantined
C:\Users\Dad\AppData\Roaming\pobung.dll a variant of Win32/Medfos.HY trojan cleaned by deleting (after the next restart) - quarantined

Edited by Mike_K, 15 January 2013 - 03:12 AM.

HP a6009n, windows vista home premium SP2, AMD 64X2 dual core processor 3800+, 2.00GHz, 3G ram, 32 bit operating system, AOL

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:11 PM

Posted 15 January 2013 - 08:15 AM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.


Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#5 Mike_K

Mike_K
  • Topic Starter

  • Members
  • 125 posts
  • OFFLINE
  •  
  • Location:SE Pa
  • Local time:12:11 PM

Posted 16 January 2013 - 10:58 AM

scan results



Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Database version: v2013.01.16.02

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Dad :: DAD-PC [administrator]

1/16/2013 1:39:45 AM
mbam-log-2013-01-16 (01-39-45).txt

Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 487299
Time elapsed: 2 hour(s), 3 minute(s), 34 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 5
C:\Program Files\PC-Doctor 5 for Windows\xjre\jetrt\XLDB41058.dll (Backdoor.Agent.FU) -> Quarantined and deleted successfully.
C:\Program Files\PC-Doctor 5 for Windows\xjre\jetrt\XLXT41058.dll (Backdoor.Agent.FU) -> Quarantined and deleted successfully.
C:\Program Files\CouponXplorer_5z\bar\1.bin\5zimpipe.exe (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\CouponXplorer_5z\bar\1.bin\5zPlugin.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\CouponXplorer_5z\bar\1.bin\NP5zStub.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.

(end)

MiniToolBox by Farbar Version:10-01-2013
Ran by Dad (administrator) on 16-01-2013 at 07:04:08
Running from "C:\Users\Dad\Desktop"
Windows Vista ™ Home Premium Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

::1 localhost

127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1001namen.com
127.0.0.1 1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com

There are 13651 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================

NVIDIA nForce Networking Controller = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Dad-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : NVIDIA nForce Networking Controller
Physical Address. . . . . . . . . : 00-1A-92-B5-5F-04
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 10.0.0.6(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Wednesday, January 16, 2013 6:59:09 AM
Lease Expires . . . . . . . . . . : Thursday, January 17, 2013 1:02:52 AM
Default Gateway . . . . . . . . . : 10.0.0.1
DHCP Server . . . . . . . . . . . : 10.0.0.1
DNS Servers . . . . . . . . . . . : 10.0.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled
Server: UnKnown
Address: 10.0.0.1

Name: google.com
Addresses: 2607:f8b0:4006:803::1007
74.125.226.238
74.125.226.233
74.125.226.225
74.125.226.230
74.125.226.226
74.125.226.227
74.125.226.231
74.125.226.228
74.125.226.232
74.125.226.229
74.125.226.224



Pinging google.com [74.125.226.206] with 32 bytes of data:

Reply from 74.125.226.206: bytes=32 time=19ms TTL=53

Reply from 74.125.226.206: bytes=32 time=19ms TTL=53



Ping statistics for 74.125.226.206:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 19ms, Maximum = 19ms, Average = 19ms

Server: UnKnown
Address: 10.0.0.1

Name: yahoo.com
Addresses: 98.138.253.109
206.190.36.45
98.139.183.24



Pinging yahoo.com [98.139.183.24] with 32 bytes of data:

Reply from 98.139.183.24: bytes=32 time=253ms TTL=50

Reply from 98.139.183.24: bytes=32 time=261ms TTL=50



Ping statistics for 98.139.183.24:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 253ms, Maximum = 261ms, Average = 257ms



Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
8 ...00 1a 92 b5 5f 04 ...... NVIDIA nForce Networking Controller
1 ........................... Software Loopback Interface 1
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 10.0.0.1 10.0.0.6 20
10.0.0.0 255.255.255.0 On-link 10.0.0.6 276
10.0.0.6 255.255.255.255 On-link 10.0.0.6 276
10.0.0.255 255.255.255.255 On-link 10.0.0.6 276
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 10.0.0.6 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 10.0.0.6 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
1 306 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\System32\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\System32\winrnr.dll [19968] (Microsoft Corporation)
Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (01/16/2013 00:58:43 AM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 9.0.8112.16457, time stamp 0x50a2f9e3, faulting module Cartwheel.dll, version 1.1.0.1422, time stamp 0x507f129c, exception code 0xc0000005, fault offset 0x0001ab8c,
process id 0x5e4, application start time 0xiexplore.exe0.

Error: (01/16/2013 00:58:20 AM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 9.0.8112.16457, time stamp 0x50a2f9e3, faulting module Cartwheel.dll, version 1.1.0.1422, time stamp 0x507f129c, exception code 0xc0000005, fault offset 0x0001ab8c,
process id 0x1510, application start time 0xiexplore.exe0.

Error: (01/15/2013 03:25:38 AM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 9.0.8112.16457, time stamp 0x50a2f9e3, faulting module Cartwheel.dll, version 1.1.0.1422, time stamp 0x507f129c, exception code 0xc0000005, fault offset 0x000160f0,
process id 0x1510, application start time 0xiexplore.exe0.

Error: (01/15/2013 03:25:27 AM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 9.0.8112.16457, time stamp 0x50a2f9e3, faulting module Cartwheel.dll, version 1.1.0.1422, time stamp 0x507f129c, exception code 0xc0000005, fault offset 0x000160f0,
process id 0x14e8, application start time 0xiexplore.exe0.

Error: (01/15/2013 03:15:02 AM) (Source: IS360service) (User: )
Description: The handle is invalid

Error: (01/15/2013 03:15:02 AM) (Source: IS360service) (User: )
Description: The handle is invalid

Error: (01/15/2013 00:59:28 AM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 9.0.8112.16457, time stamp 0x50a2f9e3, faulting module Cartwheel.dll, version 1.1.0.1422, time stamp 0x507f129c, exception code 0xc0000005, fault offset 0x000160f0,
process id 0xe84, application start time 0xiexplore.exe0.

Error: (01/15/2013 00:59:24 AM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 9.0.8112.16457, time stamp 0x50a2f9e3, faulting module Cartwheel.dll, version 1.1.0.1422, time stamp 0x507f129c, exception code 0xc0000005, fault offset 0x000160f0,
process id 0xe54, application start time 0xiexplore.exe0.

Error: (01/15/2013 00:49:44 AM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 9.0.8112.16457, time stamp 0x50a2f9e3, faulting module Cartwheel.dll, version 1.1.0.1422, time stamp 0x507f129c, exception code 0xc0000005, fault offset 0x000160f0,
process id 0x120, application start time 0xiexplore.exe0.

Error: (01/15/2013 00:49:40 AM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 9.0.8112.16457, time stamp 0x50a2f9e3, faulting module Cartwheel.dll, version 1.1.0.1422, time stamp 0x507f129c, exception code 0xc0000005, fault offset 0x000160f0,
process id 0x12dc, application start time 0xiexplore.exe0.


System errors:
=============
Error: (01/16/2013 07:00:18 AM) (Source: Service Control Manager) (User: )
Description: i8042prt

Error: (01/16/2013 07:00:18 AM) (Source: Service Control Manager) (User: )
Description: SBSD Security Center ServiceSecurity Center%%1058

Error: (01/16/2013 07:00:18 AM) (Source: Service Control Manager) (User: )
Description: 30000Roxio Hard Drive Watcher 12

Error: (01/16/2013 07:00:18 AM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Error: (01/16/2013 06:58:56 AM) (Source: volmgr) (User: )
Description: Crash dump initialization failed!

Error: (01/16/2013 06:58:45 AM) (Source: volmgr) (User: )
Description: Crash dump initialization failed!

Error: (01/16/2013 06:57:17 AM) (Source: DCOM) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (01/15/2013 03:17:23 AM) (Source: Service Control Manager) (User: )
Description: i8042prt

Error: (01/15/2013 03:17:23 AM) (Source: Service Control Manager) (User: )
Description: SBSD Security Center ServiceSecurity Center%%1058

Error: (01/15/2013 03:17:23 AM) (Source: Service Control Manager) (User: )
Description: 30000Roxio Hard Drive Watcher 12


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
Date: 2013-01-16 03:35:19.775
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-01-16 03:35:19.213
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-01-16 03:35:18.605
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-01-16 03:35:18.012
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-01-16 03:35:17.482
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-01-16 03:35:16.920
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-01-16 03:35:16.359
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-01-16 03:35:15.797
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-01-16 03:35:15.251
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-01-16 03:11:44.457
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\vsdatant.sys because the set of per-page image hashes could not be found on the system.


=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
32 Bit HP CIO Components Installer (Version: 6.1.1)
Action Replay Code Manager
Ad-Aware
Ad-Aware (Version: 8.3.0)
Adobe AIR (Version: 1.1.0.5790)
Adobe Flash Player 11 ActiveX (Version: 11.5.502.146)
Adobe Flash Player 11 Plugin (Version: 11.5.502.146)
Adobe Photoshop Elements 7.0 (Version: 7.0)
Adobe Photoshop Elements 7.0 (Version: 7.0.0.3)
Adobe Photoshop.com Inspiration Browser (Version: 2.61)
Adobe Reader 7.0.8 (Version: 7.0.8)
Adobe Reader Chinese Traditional Fonts (Version: 7.0.5)
Adobe SVG Viewer 3.0 (Version: 3.0)
Advanced SystemCare 3 (Version: 3.7.3)
Apple Application Support (Version: 2.2.2)
Apple Mobile Device Support (Version: 6.0.0.59)
Apple Software Update (Version: 2.1.3.127)
avast! Free Antivirus (Version: 6.0.1367.0)
Back to the Future Episode 1 (Version: 1.0)
Back to the Future The Game - Episode 2 (Version: 1.0.0.0)
Bejeweled 3
Bejeweled Blitz
Big Fish Games: Game Manager (Version: 3.0.1.60)
Bonjour (Version: 3.0.0.10)
Bounce Out Blitz (Version: 1.0.3.2)
BufferChm (Version: 130.0.331.000)
Burger Shop 2 (Version: 2.2.0.65)
Cartwheel Shopping (Version: 1.1.0.1405)
Cash Cow
Cash Cow (remove only)
CCleaner (Version: 3.26)
CDDRV_Installer (Version: 4.60)
CinemaNow Media Manager (Version: 1.9.0.63)
CodeStuff Starter (Version: 5.6.2.8)
Comcast High-Speed Internet Install Wizard
Copy (Version: 130.0.366.000)
Coupon Printer for Windows (Version: 5.0.0.1)
Cradle of Rome 2 (Version: 2.2.0.95)
D3DX10 (Version: 15.4.2368.0902)
DefaultTab (Version: 1.3.1.0)
Destinations (Version: 130.0.0.0)
DeviceDiscovery (Version: 130.0.372.000)
DirectX 9 Runtime (Version: 1.00.0000)
DivX Author 1.5 (Version: 1.5.0)
DivX Plus Web Player (Version: 2.0.0)
DivX Version Checker (Version: 7.0.0.19)
DJ_AIO_05_F4400_Software_Min (Version: 130.0.448.000)
Download Updater (AOL LLC)
Dream Day Wedding
EA Download Manager (Version: 5.0.0.255)
Enhanced Multimedia Keyboard Solution
erLT (Version: 1.20.0137)
ESET Online Scanner v3
F4400 (Version: 130.0.448.000)
Fish Tycoon
GameSpy Arcade
Gardenscapes: Mansion Makeover™
Google Chrome (Version: 24.0.1312.52)
Google Earth (Version: 6.1.0.5001)
Google Update Helper (Version: 1.3.21.123)
Google Updater (Version: 2.4.2432.1652)
GPBaseService2 (Version: 130.0.371.000)
Hardware Diagnostic Tools (Version: 5.00.4323.13)
Harry Potter
Harry Potter - Quidditch World Cup
Haunted Past: Realm of Ghosts (Version: 2.2.0.98)
Hidden in Time: Mirror Mirror
HP Customer Feedback (Version: 1.0.0)
HP Customer Participation Program 13.0 (Version: 13.0)
HP Deskjet F4400 Printer Driver Software 13.0 Rel .5 (Version: 13.0)
HP Driver Diagnostics (Version: 1.03.0005)
HP Easy Setup - Core (Version: 1.00.0000)
HP Easy Setup - Frontend (Version: 5.00.0000)
HP Games (Version: 1.0.3.0)
HP Imaging Device Functions 13.0 (Version: 13.0)
HP On-Screen Caps/Num/Scroll Lock Indicator
HP Picasso Media Center Add-In (Version: 1.0.0)
HP Print Projects 1.0 (Version: 1.0)
HP Smart Web Printing 4.5 (Version: 4.5)
HP Solution Center 13.0 (Version: 13.0)
HP Total Care Advisor (Version: 1.0.95)
HP Update (Version: 4.000.012.001)
HPPhotoGadget (Version: 130.0.282.000)
hpPrintProjects (Version: 130.0.303.000)
HPProductAssistant (Version: 130.0.371.000)
hpWLPGInstaller (Version: 130.0.303.000)
I SPY Treasure Hunt (Version: 2.2.0.97)
IObit Security 360 (Version: 1.0)
iTunes (Version: 10.7.0.21)
Java Auto Updater (Version: 2.0.2.4)
Java™ 6 Update 23 (Version: 6.0.230)
Java™ SE Runtime Environment 6 Update 1 (Version: 1.6.0.10)
Junk Mail filter update (Version: 15.4.3502.0922)
KhalInstallWrapper (Version: 2.00.0000)
LightScribe 1.4.136.1 (Version: 1.4.136.1)
Logitech SetPoint (Version: 4.80)
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
MarketResearch (Version: 130.0.374.000)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft IntelliPoint 6.3 (Version: 6.30.191.0)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Points Codes version 1.5 (Version: 1.5)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft VC9 runtime libraries (Version: 1.0.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Works (Version: 08.05.0818)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
Microsoft Zoo Tycoon
MobileMe Control Panel (Version: 3.1.5.0)
MONOPOLY CASINO Vegas Edition
Move Media Player
MP3 Rocket
MSVCRT (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0)
My HP Games (Version: HPCMPQ1601)
Mystery P.I. - The Lottery Ticket
Mystery P.I.: The New York Fortune
Mystery P.I.: The Vegas Heist
Mysteryville 2 (remove only)
NVIDIA Drivers
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
PC VGA Camer@ (Version: 1.0.2.13)
PhoTags Express (Version: )
PhotoshopdotcomInspirationBrowser (Version: 0.0.0)
Pirateville (remove only)
Plant Tycoon
Pokemon World Online 1.51
PopCap Browser Plugin
Python 2.4.3 (Version: 2.4.3150)
QuickTime (Version: 7.70.80.34)
RealPlayer
Realtek High Definition Audio Driver (Version: 6.0.1.5548)
Rhapsody
Rhapsody Player Engine (Version: 1.0.604)
Roxio Activation Module (Version: 1.0)
Roxio BackOnTrack (Version: 1.3.1)
Roxio Burn (Version: 1.0.0)
Roxio Burn Manager (Version: 1.0.0)
Roxio Burn Manager CDB (Version: 1.0)
Roxio CinePlayer (Version: 5.3)
Roxio CinePlayer Decoder Pack (Version: 4.3.0)
Roxio Creator 2010 (Version: 1.2.193)
Roxio Creator 2010 (Version: 12.0)
Roxio Creator 2010 (Version: 5.0.0)
Roxio Creator 2010 Content (Version: 12.0.013)
Roxio Creator Audio (Version: 3.3.0)
Roxio Creator Basic v9 (Version: 3.3.0)
Roxio Creator Copy (Version: 3.3.0)
Roxio Creator Data (Version: 3.3.0)
Roxio Creator Tools (Version: 3.3.0)
Roxio Express Labeler 3 (Version: 2.1.0)
Roxio File Backup (Version: 1.3.0)
Roxio MyDVD Basic v9 (Version: 9.0.095)
Roxio PhotoShow (Version: 6.0)
Roxio Venue (Version: 2.2.170)
Roxio Video Capture USB (Version: 1.22.0000)
Safari (Version: 5.34.50.0)
SAMSUNG USB Driver for Mobile Phones (Version: 1.3.550.0)
Scan (Version: 13.0.0.0)
Segoe UI (Version: 15.4.2271.0615)
SimSafari
Smart Defrag 2 (Version: Beta 2.0)
SmartSound Quicktracks Plugin (Version: 3.0.8.0)
SmartWebPrinting (Version: 130.0.373.000)
Soft Data Fax Modem with SmartCP (Version: 7.74.00)
SolutionCenter (Version: 130.0.373.000)
Spybot - Search & Destroy (Version: 1.6.2)
SpywareBlaster 4.2 (Version: 4.2.0)
Status (Version: 130.0.373.000)
SUPERAntiSpyware (Version: 5.0.1148)
The Office (Version: 1.1.0.0)
The Sims™ 3 (Version: 1.19.44)
The Sims™ 3 Ambitions (Version: 4.0.87)
The Sims™ 3 High-End Loft Stuff (Version: 3.0.38)
The Sims™ 3 World Adventures (Version: 2.14.4)
Toolbox (Version: 130.0.648.000)
TrayApp (Version: 130.0.376.000)
Unity Web Player (Version: 2.6.1f3_31223)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update Installer for WildTangent Games App
Vacation Quest - The Hawaiian Islands (Version: 2.2.0.97)
VC 9.0 Runtime (Version: 1.0.0)
VC80CRTRedist - 8.0.50727.4053 (Version: 1.1.0)
Verizon Wireless Software Upgrade Assistant - Samsung (Version: 1.11.0808)
Viewpoint Media Player
Visual C++ 2008 x86 Runtime - (v9.0.30729) (Version: 9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (Version: 9.0.30729.01)
VLC media player 1.1.5 (Version: 1.1.5)
WebReg (Version: 130.0.132.017)
WildTangent Games App (HP Games) (Version: 4.0.5.37)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3502.0922)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
Windows Movie Maker 2.6 (Version: 2.6.4040.0)
Zoo Tycoon 2 Endangered Species Trial
Zoo Vet

========================= Memory info: ===================================

Percentage of memory in use: 40%
Total physical RAM: 2941.82 MB
Available physical RAM: 1743.58 MB
Total Pagefile: 6112.14 MB
Available Pagefile: 4921.41 MB
Total Virtual: 2047.88 MB
Available Virtual: 1943.85 MB

========================= Partitions: =====================================

1 Drive c: (HP) (Fixed) (Total:225.21 GB) (Free:86.07 GB) NTFS
2 Drive d: (Recovery) (Fixed) (Total:7.67 GB) (Free:0.67 GB) NTFS

========================= Users: ========================================

User accounts for \\DAD-PC

Administrator Dad Guest

========================= Restore Points ==================================

05-01-2013 06:29:17 Scheduled Checkpoint
06-01-2013 06:48:57 Scheduled Checkpoint
08-01-2013 06:20:29 Windows Update
09-01-2013 08:00:25 Windows Update
10-01-2013 09:18:35 Scheduled Checkpoint
11-01-2013 00:33:16 Scheduled Checkpoint
11-01-2013 15:51:38 Scheduled Checkpoint
12-01-2013 06:05:34 Scheduled Checkpoint
13-01-2013 06:10:07 Scheduled Checkpoint
13-01-2013 22:54:23 Scheduled Checkpoint
15-01-2013 00:05:17 Scheduled Checkpoint
16-01-2013 05:24:07 Scheduled Checkpoint

**** End of log ****

Farbar Service Scanner Version: 16-01-2013
Ran by Dad (administrator) on 16-01-2013 at 07:12:02
Running from "C:\Users\Dad\Desktop"
Windows Vista ™ Home Premium Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error. Google IP is offline
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is set to Disabled. The default start type is Auto.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.
Checking LEGACY_wscsvc: ATTENTION!=====> Unable to open LEGACY_wscsvc\0000 registry key. The key does not exist.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is set to Disabled. The default start type is Auto.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Disabled. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Other Services:
==============


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcsvc.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\ipnathlp.dll => MD5 is legit
C:\Windows\system32\iphlpsvc.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****

# AdwCleaner v2.105 - Logfile created 01/16/2013 at 07:13:18
# Updated 08/01/2013 by Xplode
# Operating system : Windows Vista ™ Home Premium Service Pack 2 (32 bits)
# User : Dad - DAD-PC
# Boot Mode : Normal
# Running from : C:\Users\Dad\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****

Stopped & Deleted : DefaultTabUpdate

***** [Files / Folders] *****

Folder Deleted : C:\Program Files\Ask.com
Folder Deleted : C:\Program Files\Common Files\Software Update Utility
Folder Deleted : C:\Program Files\Common Files\spigot
Folder Deleted : C:\Program Files\Viewpoint
Folder Deleted : C:\ProgramData\APN
Folder Deleted : C:\ProgramData\Viewpoint
Folder Deleted : C:\Users\Dad\AppData\Local\APN
Folder Deleted : C:\Users\Dad\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\Dad\AppData\LocalLow\Search Settings
Folder Deleted : C:\Users\Dad\AppData\Roaming\DefaultTab
Folder Deleted : C:\Users\Dad\AppData\Roaming\iWin

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\DefaultTab
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Default Tab
Key Deleted : HKCU\Software\DefaultTab
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\DefaultTab
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SoftwareUpdUtility
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ViewpointMediaPlayer
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\dnu.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{13119113-0854-469D-807A-171568457991}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{33119133-0854-469D-807A-171568457991}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdate
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2418376
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2438727
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{03119103-0854-469D-807A-171568457991}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\Default Tab
Key Deleted : HKLM\Software\MetaStream
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C2D64FF7-0AB8-4263-89C9-EA3B0F8F050C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
Key Deleted : HKLM\Software\Viewpoint
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Registry is clean.

-\\ Google Chrome v24.0.1312.52

File : C:\Users\Dad\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [7047 octets] - [16/01/2013 07:13:18]

########## EOF - C:\AdwCleaner[S1].txt - [7107 octets] ##########

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.4.3 (01.15.2013:1)
OS: Windows Vista ™ Home Premium x86
Ran by Dad on Wed 01/16/2013 at 7:49:49.98
Blog: http://thisisudax.blogspot.com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{02478d38-c3f9-4efb-9b51-7695eca05670}
Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{36377dd7-b3eb-42f5-986f-680baf59ba9d}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{7f6afbf1-e065-4627-a2fd-810366367d01}
Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{9bb47c17-9c68-4bb3-b188-dd9af0fd2a69}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{9bb47c17-9c68-4bb3-b188-dd9af0fd2a69}



~~~ Files

Successfully deleted: [File] "C:\Windows\couponprinter.ocx"



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\aol toolbar"
Successfully deleted: [Folder] "C:\ProgramData\pc optimizer pro"
Successfully deleted: [Folder] "C:\Users\Dad\appdata\local\aol toolbar"
Successfully deleted: [Folder] "C:\Program Files\aol toolbar"
Successfully deleted: [Folder] "C:\Program Files\coupons"



~~~ Chrome

Successfully deleted: [Folder] C:\Users\Dad\appdata\local\Google\Chrome\User Data\Default\Extensions\cdjbnddbclciabnckgeahmneohjlahdm
Successfully deleted: [Registry Key] hkey_local_machine\software\google\chrome\extensions\cdjbnddbclciabnckgeahmneohjlahdm



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 01/16/2013 at 8:41:19.94
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


Rkill 2.4.5 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 01/16/2013 09:36:26 AM in x86 mode.
Windows Version: Windows Vista ™ Home Premium Service Pack 2

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Disabled

* Security Center (wscsvc) is not Running.
Startup Type set to: Disabled

* Windows Update (wuauserv) is not Running.
Startup Type set to: Disabled

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* Cannot edit the HOSTS file.
* Permissions Fixed. Administrators can now edit the HOSTS file.

* HOSTS file entries found:

127.0.0.1 localhost
::1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1001namen.com
127.0.0.1 1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com

20 out of 13672 HOSTS entries shown.
Please review HOSTS file for further entries.

Program finished at: 01/16/2013 09:36:41 AM
Execution time: 0 hours(s), 0 minute(s), and 15 seconds(s)

"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" ""
+ "rdpclip" "" "" "File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "avast" "avast! Antivirus" "AVAST Software" "c:\program files\avast software\avast\avastui.exe"
+ "CPMonitor" "CPMonitor Application" "" "c:\program files\roxio 2010\5.0\cpmonitor.exe"
+ "HP Software Update" "hpwuSchd Application" "Hewlett-Packard" "c:\program files\hp\hp software update\hpwuschd2.exe"
+ "hpsysdrv" "hpsysdrv" "Hewlett-Packard Company" "c:\hp\support\hpsysdrv.exe"
+ "ISUSScheduler" "InstallShield Update Service Scheduler" "InstallShield Software Corporation" "c:\program files\common files\installshield\updateservice\issch.exe"
+ "KBD" "" "" "c:\hp\kbd\kbdstub.exe"
+ "Kernel and Hardware Abstraction Layer" "Logitech KHAL Main Process" "Logitech, Inc." "c:\windows\khalmnpr.exe"
+ "NvCplDaemon" "NVIDIA Display Properties Extension" "NVIDIA Corporation" "c:\windows\system32\nvcpl.dll"
+ "NvMediaCenter" "NVIDIA Media Center Library" "NVIDIA Corporation" "c:\windows\system32\nvmctray.dll"
+ "OsdMaestro" "OsdMaestro main program" "OsdMaestro" "c:\program files\hewlett-packard\on-screen osd indicator\osd.exe"
+ "PAC7311_Monitor" "Registry Monitor" "PixArt Imaging Incorporation" "c:\windows\pixart\pac7311\monitor.exe"
+ "RtHDVCpl" "HD Audio Control Panel" "Realtek Semiconductor" "c:\windows\rthdvcpl.exe"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files\common files\java\java update\jusched.exe"
+ "TkBellExe" "RealNetworks Scheduler" "RealNetworks, Inc." "c:\program files\common files\real\update_ob\realsched.exe"
+ "Windows Defender" "Windows Defender User Interface" "Microsoft Corporation" "c:\program files\windows defender\msascui.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Google Chrome" "Google Chrome" "Google Inc." "c:\program files\google\chrome\application\24.0.1312.52\installer\setup.exe"
+ "Microsoft Windows Mail 7" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "SpybotSD TeaTimer" "System settings protector" "Safer-Networking Ltd." "c:\program files\spybot - search & destroy\teatimer.exe"
+ "WMPNSCFG" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
+ "xfwjhgdn" "" "" "File not found: C:\Users\Dad\AppData\Local\flemijvq.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office12\msoxmlmf.dll"
"HKLM\SOFTWARE\Classes\Protocols\Handler" "" "" ""
+ "ms-help" "Microsoft® Help Data Services Module" "Microsoft Corporation" "c:\program files\common files\microsoft shared\help\hxds.dll"
+ "ms-itss" "Microsoft® InfoTech Storage System Library" "Microsoft Corporation" "c:\program files\common files\microsoft shared\information retrieval\msitss.dll"
+ "wlmailhtml" "Windows Live Mail" "Microsoft Corporation" "c:\program files\windows live\mail\mailcomm.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks" "" "" ""
+ "SABShellExecuteHook Class" "ShellExecuteHook" "SuperAdBlocker.com" "c:\program files\superantispyware\sasseh.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "00avast" "avast! Shell Extension" "AVAST Software" "c:\program files\avast software\avast\ashshell.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "NvCplDesktopContext" "NVIDIA Display Properties Extension" "NVIDIA Corporation" "c:\windows\system32\nvcpl.dll"
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files\adobe\acrobat 7.0\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "avast" "avast! Shell Extension" "AVAST Software" "c:\program files\avast software\avast\ashshell.dll"
+ "IObit Security 360" "IS360Ext" "IObit" "c:\program files\iobit\iobit security 360\is360ext.dll"
+ "LavasoftShellExt" "Shell Extension " "Lavasoft Limited" "c:\program files\lavasoft\ad-aware\shellext.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
+ "PhotagSearch" "PWSSearchHandler Module" "" "c:\program files\photags express\pwssearchhandler.dll"
+ "RXDCExtSvr12" "Roxio Creator Shell Extension" "Sonic Solutions" "c:\program files\roxio 2010\virtual drive 12\dc_shellext.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "00avast" "avast! Shell Extension" "AVAST Software" "c:\program files\avast software\avast\ashshell.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Reader Link Helper" "Adobe Acrobat IE Helper Version 7.0 for ActiveX" "Adobe Systems Incorporated" "c:\program files\adobe\acrobat 7.0\activex\acroiehelper.dll"
+ "avast! WebRep" "avast! WebRep Plugin" "AVAST Software" "c:\program files\avast software\avast\aswwebrepie.dll"
+ "Cartwheel" "Cartwheel Shopping" "Cartwheel, Inc." "c:\users\dad\appdata\roaming\cartwheel\cartwheel.dll"
+ "Google Toolbar Notifier BHO" "GoogleToolbarNotifier" "Google Inc." "c:\program files\google\googletoolbarnotifier\5.6.5612.1312\swg.dll"
+ "HP Print Enhancer" "HP Smart Web Printing add-on for Internet Explorer" "Hewlett-Packard Co." "c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll"
+ "HP Smart BHO Class" "HP Smart Web Printing add-on for Internet Explorer" "Hewlett-Packard Co." "c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files\java\jre6\bin\jp2ssv.dll"
+ "Spybot-S&D IE Protection" "SBSD IE Protection" "Safer Networking Limited" "c:\program files\spybot - search & destroy\sdhelper.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKCU\Software\Microsoft\Internet Explorer\UrlSearchHooks" "" "" ""
+ "5zSrcAs.dll" "" "" "File not found: C:\Program Files\CouponXplorer_5z\bar\1.bin\5zSrcAs.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "avast! WebRep" "avast! WebRep Plugin" "AVAST Software" "c:\program files\avast software\avast\aswwebrepie.dll"
+ "CouponXplorer" "" "" "File not found: C:\Program Files\CouponXplorer_5z\bar\1.bin\5zbar.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "S&end to OneNote" "Microsoft Office OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office12\onbttnie.dll"
+ "Show or hide HP Smart Web Printing" "HP Smart Web Printing add-on for Internet Explorer" "Hewlett-Packard Co." "c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll"
+ "Spybot - Search & Destroy Configuration" "SBSD IE Protection" "Safer Networking Limited" "c:\program files\spybot - search & destroy\sdhelper.dll"
"Task Scheduler" "" "" ""
+ "\0" "Internet Explorer" "Microsoft Corporation" "c:\program files\internet explorer\iexplore.exe"
+ "\4446" "" "" "File not found: C:\Users\Dad\AppData\Local\Temp\launchie.vbs"
+ "\Ad-Aware Update (Weekly)" "Ad-Aware Admin Application " "Lavasoft Limited " "c:\program files\lavasoft\ad-aware\ad-awareadmin.exe"
+ "\Adobe Flash Player Updater" "Adobe® Flash® Player Update Service 11.5 r502" "Adobe Systems Incorporated" "c:\windows\system32\macromed\flash\flashplayerupdateservice.exe"
+ "\Apple\AppleSoftwareUpdate" "Apple Software Update" "Apple Inc." "c:\program files\apple software update\softwareupdate.exe"
+ "\AWC Startup" "Advanced SystemCare 3" "IObit" "c:\program files\iobit\advanced systemcare 3\awc.exe"
+ "\CCleanerSkipUAC" "CCleaner" "Piriform Ltd" "c:\program files\ccleaner\ccleaner.exe"
+ "\Game_Booster_Startup" "" "" "File not found: C:\Program Files\IObit\Game Booster\gbtray.exe"
+ "\Google Software Updater" "gusvc" "Google" "c:\program files\google\common\google updater\googleupdaterservice.exe"
+ "\GoogleUpdateTaskMachineCore" "Google Installer" "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskMachineUA" "Google Installer" "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "\IntenetServiceOffers" "ESAdvRemIntegrator" "" "c:\program files\hewlett-packard\sdp\remengine.exe"
+ "\Microsoft\Windows Defender\MP Scheduled Scan" "Windows Defender Command Line Utility" "Microsoft Corporation" "c:\program files\windows defender\mpcmdrun.exe"
+ "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task" "Windows Live Social Object Extractor Engine" "Microsoft Corporation" "c:\program files\windows live\soxe\wlsoxe.dll"
+ "\Microsoft\Windows\Wired\GatherWiredInfo" "" "" "c:\windows\system32\gatherwiredinfo.vbs"
+ "\Microsoft\Windows\Wireless\GatherWirelessInfo" "" "" "c:\windows\system32\gatherwirelessinfo.vbs"
+ "\Microsoft_Hardware_Launch_IPoint_exe" "IPoint.exe" "Microsoft Corporation" "c:\program files\microsoft intellipoint\ipoint.exe"
+ "\ReclaimerUpdateFiles_Dad" "RealNetworks Installer" "RealNetworks, Inc." "c:\users\dad\appdata\roaming\real\update\upgradehelper\realplayer\10.30\agent\rnupgagent.exe"
+ "\ReclaimerUpdateXML_Dad" "RealNetworks Installer" "RealNetworks, Inc." "c:\users\dad\appdata\roaming\real\update\upgradehelper\realplayer\10.30\agent\rnupgagent.exe"
+ "\RNUpgradeHelperLogonPrompt_Dad" "RealNetworks Installer" "RealNetworks, Inc." "c:\users\dad\appdata\roaming\real\update\upgradehelper\realplayer\10.30\agent\rnupgagent.exe"
+ "\RNUpgradeHelperResumePrompt_Dad" "RealNetworks Installer" "RealNetworks, Inc." "c:\users\dad\appdata\roaming\real\update\upgradehelper\realplayer\10.30\agent\rnupgagent.exe"
+ "\RunAsStdUser Task" "iWin Games Manager application" "iWin Inc." "c:\program files\iwin games\iwingames.exe"
+ "\SmartDefrag_Startup" "Defragments your hard drives more powerfully and more efficiently." "IObit" "c:\program files\iobit\smart defrag 2\smartdefrag.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "!SASCORE" "SUPERAntiSpyware Core Service" "SUPERAntiSpyware.com" "c:\program files\superantispyware\sascore.exe"
+ "AdobeActiveFileMonitor7.0" "Tracks files that are managed by Adobe Photoshop Elements" "Adobe Systems Incorporated" "c:\program files\adobe\photoshop elements 7.0\photoshopelementsfileagent.exe"
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\system32\macromed\flash\flashplayerupdateservice.exe"
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "avast! Antivirus" "Manages and implements avast! antivirus services for this computer. This includes the resident protection, the virus chest and the scheduler." "AVAST Software" "c:\program files\avast software\avast\avastsvc.exe"
+ "Bonjour Service" "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence." "Apple Inc." "c:\program files\bonjour\mdnsresponder.exe"
+ "CinemaNow Service" "CinemaNow Service Application" "CinemaNow, Inc." "c:\program files\cinemanow\cinemanow media manager\cinemanowsvc.exe"
+ "FLEXnet Licensing Service" "This service performs licensing functions on behalf of FLEXnet enabled products." "Macrovision Europe Ltd." "c:\program files\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe"
+ "GameConsoleService" "GameConsole management services" "WildTangent, Inc." "c:\program files\hp games\my hp game console\gameconsoleservice.exe"
+ "GamesAppService" "WT Games App Services" "WildTangent, Inc." "c:\program files\wildtangent games\app\gamesappservice.exe"
+ "gupdate1ca2aaa19d29330" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "gusvc" "Google Updater keeps your Google software up to date. If Google Updater Service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work." "Google" "c:\program files\google\common\google updater\googleupdaterservice.exe"
+ "hpqcxs08" "HP CUE Context Manager Objects" "Hewlett-Packard Co." "c:\program files\hp\digital imaging\bin\hpqcxs08.dll"
+ "hpqddsvc" "This service detects and monitors CUE devices on the system." "Hewlett-Packard Co." "c:\program files\hp\digital imaging\bin\hpqddsvc.dll"
+ "IDriverT" "Provides support for the Running Object Table for InstallShield Drivers" "Macrovision Corporation" "c:\program files\common files\installshield\driver\1050\intel 32\idrivert.exe"
+ "iPod Service" "iPod hardware management services" "Apple Inc." "c:\program files\ipod\bin\ipodservice.exe"
+ "IS360service" "IObit Security 360 Service" "IObit" "c:\program files\iobit\iobit security 360\is360srv.exe"
+ "iWinTrusted" "iWin Trusted Game Service" "iWin Inc." "c:\program files\iwin games\iwintrusted.exe"
+ "Lavasoft Ad-Aware Service" "Ad-Aware Service Application " "Lavasoft Limited " "c:\program files\lavasoft\ad-aware\aawservice.exe"
+ "LBTServ" "Logitech Bluetooth Service" "Logitech, Inc." "c:\program files\common files\logishrd\bluetooth\lbtserv.exe"
+ "LightScribeService" "Used by the LightScribe software components to support 3rd party disc labeling applications using the LightScribe COM Application Programming Interface (LSCAPI). This service needs to run for LightScribe direct disc labeling to work." "Hewlett-Packard Company" "c:\program files\common files\lightscribe\lssrvc.exe"
+ "Net Driver HPZ12" "Dot4Net Module" "Hewlett-Packard" "c:\windows\system32\hpzinw12.dll"
+ "nvsvc" "Provides system and desktop level support to the NVIDIA display driver" "NVIDIA Corporation" "c:\windows\system32\nvvsvc.exe"
+ "odserv" "Run portions of Microsoft Office Diagnostics." "Microsoft Corporation" "c:\program files\common files\microsoft shared\office12\odserv.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files\common files\microsoft shared\source engine\ose.exe"
+ "Pml Driver HPZ12" "PmlDrv Module" "Hewlett-Packard" "c:\windows\system32\hpzipm12.dll"
+ "RoxMediaDB12" "Roxio RoxMediaDB12 Service" "Sonic Solutions" "c:\program files\common files\roxio shared\12.0\sharedcom\roxmediadb12.exe"
+ "RoxMediaDB9" "Roxio RoxMediaDB9 Service" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\sharedcom\roxmediadb9.exe"
+ "RoxWatch12" "RoxWatch12 Module" "Sonic Solutions" "c:\program files\common files\roxio shared\12.0\sharedcom\roxwatch12.exe"
+ "SBSDWSCService" "Spybot-S&D Security Center integration" "Safer Networking Ltd." "c:\program files\spybot - search & destroy\sdwinsec.exe"
+ "stllssvr" "SureThing Labelflash Disc Printer Service Module" "MicroVision Development, Inc." "c:\program files\common files\surething shared\stllssvr.exe"
+ "wlidsvc" "Enables Windows Live ID authentication." "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
+ "XAudioService" "User-mode gate for Modem Speakerphone" "Conexant Systems, Inc." "c:\windows\system32\drivers\xaudio.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "aswFsBlk" "avast! mini-filter driver (aswFsBlk)" "AVAST Software" "c:\windows\system32\drivers\aswfsblk.sys"
+ "aswMonFlt" "avast! mini-filter driver (aswMonFlt)" "AVAST Software" "c:\windows\system32\drivers\aswmonflt.sys"
+ "aswRdr" "avast! TDI Redirect driver" "AVAST Software" "c:\windows\system32\drivers\aswrdr.sys"
+ "aswSnx" "avast! virtualization driver (aswSnx)" "AVAST Software" "c:\windows\system32\drivers\aswsnx.sys"
+ "aswSP" "avast! Self Protection" "AVAST Software" "c:\windows\system32\drivers\aswsp.sys"
+ "aswTdi" "avast! Network Shield TDI driver" "AVAST Software" "c:\windows\system32\drivers\aswtdi.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "E1G60" "Intel® PRO/1000 Adapter NDIS 6 deserialized driver" "Intel Corporation" "c:\windows\system32\drivers\e1g60i32.sys"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "HSF_DP" "HSF_DP driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\hsx_dp.sys"
+ "HSXHWBS2" "HSF_HWB2 WDM driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\hsxhwbs2.sys"
+ "IntcAzAudAddService" "Realtek® High Definition Audio Function Driver" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtkvhda.sys"
+ "IpInIp" "IP in IP Tunnel Driver" "" "File not found: system32\DRIVERS\ipinip.sys"
+ "Lavasoft Kernexplorer" "" "" "c:\program files\lavasoft\ad-aware\kernexplorer.sys"
+ "Lbd" "Ad-Aware mini-filter driver" "Lavasoft AB" "c:\windows\system32\drivers\lbd.sys"
+ "LHidFilt" "Logitech HID Filter Driver." "Logitech, Inc." "c:\windows\system32\drivers\lhidfilt.sys"
+ "LMouFilt" "Logitech Mouse Filter Driver." "Logitech, Inc." "c:\windows\system32\drivers\lmoufilt.sys"
+ "LUsbFilt" "Logitech USB Filter Driver." "Logitech, Inc." "c:\windows\system32\drivers\lusbfilt.sys"
+ "mdmxsdk" "Diagnostic Interface x86 Driver" "Conexant" "c:\windows\system32\drivers\mdmxsdk.sys"
+ "NVENETFD" "NVIDIA MCP Networking Function Driver." "NVIDIA Corporation" "c:\windows\system32\drivers\nvmfdx32.sys"
+ "nvlddmkm" "NVIDIA Compatible Windows Vista Kernel Mode Driver, Version 175.21 " "NVIDIA Corporation" "c:\windows\system32\drivers\nvlddmkm.sys"
+ "NwlnkFlt" "IPX Traffic Filter Driver" "" "File not found: system32\DRIVERS\nwlnkflt.sys"
+ "NwlnkFwd" "IPX Traffic Forwarder Driver" "" "File not found: system32\DRIVERS\nwlnkfwd.sys"
+ "PAC7311" "PA707UCM" "PixArt Imaging Inc." "c:\windows\system32\drivers\pa707ucm.sys"
+ "Ps2" "PS2 SYS" "Hewlett-Packard Company" "c:\windows\system32\drivers\ps2.sys"
+ "PxHelp20" "Px Engine Device Driver for Windows 2000/XP" "Sonic Solutions" "c:\windows\system32\drivers\pxhelp20.sys"
+ "SABProcEnum" "" "" "File not found: C:\Program Files\Internet Explorer\SABProcEnum.sys"
+ "SASDIFSV" "SASDIFSV.SYS" "SUPERAdBlocker.com and SUPERAntiSpyware.com" "c:\program files\superantispyware\sasdifsv.sys"
+ "SASKUTIL" "SASKUTIL.SYS" "SUPERAdBlocker.com and SUPERAntiSpyware.com" "c:\program files\superantispyware\saskutil.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SmartDefragDriver" "File driver of SmartDefrag" "" "c:\windows\system32\drivers\smartdefragdriver.sys"
+ "sscdbus" "SAMSUNG USB Composite Device Driver" "MCCI Corporation" "c:\windows\system32\drivers\sscdbus.sys"
+ "sscdmdfl" "SAMSUNG Mobile Modem Filter" "MCCI Corporation" "c:\windows\system32\drivers\sscdmdfl.sys"
+ "sscdmdm" "SAMSUNG Mobile Modem Drivers" "MCCI Corporation" "c:\windows\system32\drivers\sscdmdm.sys"
+ "sscdserd" "SAMSUNG Mobile Modem Diagnostic Serial Port (WDM)" "MCCI Corporation" "c:\windows\system32\drivers\sscdserd.sys"
+ "USBAAPL" "Apple Mobile Device USB Driver" "Apple, Inc." "c:\windows\system32\drivers\usbaapl.sys"
+ "winachsf" "HSF_CNXT driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\hsx_cnxt.sys"
+ "XAudio" "Modem Audio Device Driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\xaudio.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\system32\iccvid.dll"
+ "vidc.VP60" "VP6 VIDEO FOR WINDOWS CODEC " "On2.com" "c:\windows\system32\vp6vfw.dll"
+ "vidc.VP61" "VP6 VIDEO FOR WINDOWS CODEC " "On2.com" "c:\windows\system32\vp6vfw.dll"
"HKLM\Software\Classes\Filter" "" "" ""
+ "Sonic AMR Decoder" "AMR Decoder" "Sonic Solutions Inc." "c:\program files\common files\sonic shared\sonicmc02\sonic765amrd.ax"
+ "Sonic AMR Decoder" "AMR Decoder" "Sonic Solutions Inc." "c:\program files\common files\sonic shared\sonicmc02\sonic765amrd.ax"
+ "Sonic MP4 Demultiplexer" "MPEG-4 Demultiplexer Direct Show Filter" "Sonic Solutions Inc." "c:\program files\common files\sonic shared\sonicmc02\sonic765mp4demux.ax"
+ "Sonic MP4 Demultiplexer" "MPEG-4 Demultiplexer Direct Show Filter" "Sonic Solutions Inc." "c:\program files\common files\sonic shared\sonicmc02\sonic765mp4demux.ax"
+ "Sonic MPEG Demultiplexer" "MPEG-1/2 Demultiplexer" "Sonic Solutions Inc." "c:\program files\common files\sonic shared\sonicmc02\sonic765mpgdmx.ax"
+ "Sonic MPEG Demultiplexer" "MPEG-1/2 Demultiplexer" "Sonic Solutions Inc." "c:\program files\common files\sonic shared\sonicmc02\sonic765mpgdmx.ax"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "9x8Resize" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "9x8Resize" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker 2.6\wmm2filt.dll"
+ "Allocator Fix" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Allocator Fix" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker 2.6\wmm2filt.dll"
+ "AMR Writer" "Roxio AMR Writer Filter" "Sonic Solutions" "c:\program files\roxio 2010\audiocodec\rxdsamrwriter.dll"
+ "Audio Destination" "WAVDest Filter (Sample)" "Microsoft Corporation" "c:\program files\google\google earth\client\wavdest.ax"
+ "Bitmap" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker 2.6\wmm2filt.dll"
+ "Bitmap" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Capture ASF Writer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Essien R&D MPEG Writer Filter v3" "DirectShow MPEG Writing and Multiplexing DirectShow Filter" "Essien Research & Development" "c:\program files\photags express\vcdtools\mpgfiltr.ax"
+ "Frame Eater" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Frame Eater" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker 2.6\wmm2filt.dll"
+ "LVMWriter" "LVMWriter" "Sonic Solutions" "c:\program files\roxio 2010\videocore 12\lvmwriter.ax"
+ "LVMWriter" "LVMWriter" "Sonic Solutions" "c:\program files\roxio\videocore 9\lvmwriter.ax"
+ "MainConcept (Sonic) DV Video Decoder" "DirectShow DV Video Encoder and Decoder" "MainConcept AG (Sonic)" "c:\program files\roxio 2010\videocore 12\sonicmcdsdv.ax"
+ "MainConcept (Sonic) DV Video Encoder" "DirectShow DV Video Encoder and Decoder" "MainConcept AG (Sonic)" "c:\program files\roxio 2010\videocore 12\sonicmcdsdv.ax"
+ "Media Analyser" "analyse Filter (Sample)" "Sonic Solutions" "c:\program files\roxio 2010\videocore 12\mediaanalyser.ax"
+ "Media Analyser" "analyse Filter (Sample)" "Sonic Solutions" "c:\program files\roxio\videocore 9\mediaanalyser.ax"
+ "Menu Source Bitmap Filter" "Roxio Menu DShow Filter" "Sonic Solutions" "c:\program files\roxio 2010\video convert 12\menudshowsource11.ax"
+ "Multiple File Output" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Proxy Sink" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Proxy Source" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "PSI Parser" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio 2010\videocore 12\roxvideo.ax"
+ "PSI Parser" "" "" "c:\program files\roxio\videocore 9\psiparser.ax"
+ "RealPlayer Audio Filter" "Audio Filter Plugin" "RealNetworks, Inc." "c:\program files\real\realplayer\rdsf3260.dll"
+ "Record Queue" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker 2.6\wmm2filt.dll"
+ "Record Queue" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "ROXIO AC3 (5.1) Encoder" "AC3Encoder Filter" "Sonic Solutions, Inc." "c:\program files\common files\sonic shared\plugincodecs\roxioac3encemc12.dll"
+ "Roxio AMR Splitter" "Roxio AMR Splitter Filter" "Sonic Solutions" "c:\program files\roxio 2010\audiocodec\rxdsamrsplitter.ax"
+ "Roxio Audio Decoder (DVD)" "ROXIO Audio Decoder" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\roxiodvdaudio.dll"
+ "ROXIO Audio Source 3.0" "VW Audio Source" "Sonic Solutions" "c:\program files\roxio\videocore 9\audiosrc.ax"
+ "ROXIO Audio Source 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files\roxio 2010\videocore 12\roxaudio.ax"
+ "Roxio Audio Source Filter" "Roxio Audio Source Filter" "Sonic Solutions" "c:\program files\roxio 2010\audiocodec\rxdsaudiosource.ax"
+ "Roxio Audio Stream Reader Filter" "Roxio Audio Stream Reader Filter" "Sonic Solutions" "c:\program files\roxio 2010\audiocodec\rxdsaudiostreamreader.ax"
+ "Roxio Audio Stream Writer Filter" "Roxio Audio Stream Writer Filter" "Sonic Solutions" "c:\program files\roxio 2010\audiocodec\rxdsaudiostreamwriter.ax"
+ "ROXIO Audio VCFChunker 3.0" "Chunker Filter (Sample)" "Sonic Solutions" "c:\program files\roxio\videocore 9\chunker.ax"
+ "ROXIO Audio VCFChunker 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files\roxio 2010\videocore 12\roxaudio.ax"
+ "ROXIO Audio VCFLooper 3.0" "Looper Filter (Sample)" "Sonic Solutions" "c:\program files\roxio\videocore 9\looper.ax"
+ "ROXIO Audio VCFLooper 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files\roxio 2010\videocore 12\roxaudio.ax"
+ "ROXIO AudioConvert 3.0" "AudioConvert Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\audconv.ax"
+ "ROXIO AudioConvert 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files\roxio 2010\videocore 12\roxaudio.ax"
+ "ROXIO AudioGrabber 3.0" "VideoWave Frame Grabber" "Sonic Solutions" "c:\program files\roxio\videocore 9\thumbnailgraber.ax"
+ "ROXIO AudioGrabber 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio 2010\videocore 12\roxvideo.ax"
+ "ROXIO BDAV Smart Render 1.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio 2010\videocore 12\roxvideo.ax"
+ "ROXIO ColorSpace Converter 3.0" "ROXIO Color Space Converter" "Sonic Solutions" "c:\program files\roxio\videocore 9\colorspconv.dll"
+ "ROXIO ColorSpace Converter 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio 2010\videocore 12\roxvideo.ax"
+ "ROXIO CPU Regulator" "CPURegulator.ax" "Sonic Solutions" "c:\program files\roxio 2010\videocore 12\cpuregulator.ax"
+ "ROXIO CrossGraphEx Renderer 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\videocore 9\crossgraphex.ax"
+ "ROXIO CrossGraphEx Renderer 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio 2010\videocore 12\roxvideo.ax"
+ "ROXIO CrossGraphEx Source 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\videocore 9\crossgraphex.ax"
+ "ROXIO CrossGraphEx Source 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio 2010\videocore 12\roxvideo.ax"
+ "roxio DCFilters Audio Sync Filter 2" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\dllshared\dcfilters9.dll"
+ "roxio DCFilters Audio Sync Filter 2 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files\common files\roxio shared\12.0\dllshared\dcfilters12.dll"
+ "roxio DCFilters Dragons Lair" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\dllshared\dcfilters9.dll"
+ "roxio DCFilters Dragons Lair 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files\common files\roxio shared\12.0\dllshared\dcfilters12.dll"
+ "roxio DCFilters DVD Muxer" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\dllshared\dcfilters9.dll"
+ "roxio DCFilters DVD Muxer 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files\common files\roxio shared\12.0\dllshared\dcfilters12.dll"
+ "roxio DCFilters DVDStream Reader" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\dllshared\dcfilters9.dll"
+ "roxio DCFilters DVDStream Reader 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files\common files\roxio shared\12.0\dllshared\dcfilters12.dll"
+ "roxio DCFilters DVDStream Splitter" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\dllshared\dcfilters9.dll"
+ "roxio DCFilters DVDStream Splitter 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files\common files\roxio shared\12.0\dllshared\dcfilters12.dll"
+ "roxio DCFilters Mpeg I/II Decoder" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\dllshared\dcfilters9.dll"
+ "roxio DCFilters Mpeg I/II Decoder 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files\common files\roxio shared\12.0\dllshared\dcfilters12.dll"
+ "roxio DCFilters MPEG Transcoder" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files\common files\roxio shared\12.0\dllshared\dcfilters12.dll"
+ "roxio DCFilters Smart Resizer" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\dllshared\dcfilters9.dll"
+ "roxio DCFilters Smart Resizer 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files\common files\roxio shared\12.0\dllshared\dcfilters12.dll"
+ "roxio DCFilters Subpicture Mixer" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\dllshared\dcfilters9.dll"
+ "roxio DCFilters Subpicture Mixer 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files\common files\roxio shared\12.0\dllshared\dcfilters12.dll"
+ "ROXIO Deinterlace 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio 2010\videocore 12\roxvideo.ax"
+ "ROXIO Deinterlace 3.0" "Video Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\deinter.ax"
+ "ROXIO DV Scene Detector Tee 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio 2010\videocore 12\roxvideo.ax"
+ "ROXIO DVDCrossGraphEx Renderer 3.0" "DVDCrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\videocore 9\dvdcrossgraphex.ax"
+ "ROXIO DVDCrossGraphEx Renderer 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio 2010\videocore 12\roxvideo.ax"
+ "ROXIO DVDCrossGraphEx Source 3.0" "DVDCrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\videocore 9\dvdcrossgraphex.ax"
+ "ROXIO DVDCrossGraphEx Source 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio 2010\videocore 12\roxvideo.ax"
+ "ROXIO Field Combiner 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio 2010\videocore 12\roxvideo.ax"
+ "ROXIO Field Splitter 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio 2010\videocore 12\roxvideo.ax"
+ "Roxio File Writer Wrapper" "Roxio File Writer Wrapper" "Sonic" "c:\program files\roxio 2010\videocore 12\roxfilewriterwrapper.ax"
+ "ROXIO FLV Splitter" "FLV Splitter" "Roxio" "c:\program files\roxio 2010\videocore 12\roxflvsplitter.ax"
+ "Roxio FLV Video Decoder" "Roxio FLV Decoder" "Sonic" "c:\program files\roxio 2010\videocore 12\roxflvdecoder.ax"
+ "ROXIO Image/Colour Source 3.0" "Colour Frame Source" "Sonic Solutions" "c:\program files\roxio\videocore 9\imagesource.ax"
+ "ROXIO Image/Colour Source 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio 2010\videocore 12\roxvideo.ax"
+ "ROXIO ListImage Source 3.0" "ListFrameSource" "Sonic Solutions" "c:\program files\roxio\videocore 9\listimagesource.ax"
+ "ROXIO ListImage Source 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio 2010\videocore 12\roxvideo.ax"
+ "ROXIO LPCMSyncFilter" "LPCMSync Filter" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\lpcmsyncfilter.dll"
+ "ROXIO LPCMSyncFilter" "LPCMSync Filter" "Sonic Solutions" "c:\program files\common files\roxio shared\12.0\mpeg\lpcmsyncfilter.dll"
+ "Roxio LVM File Source (Async.)" "LVMAsync" "Sonic Solutions" "c:\program files\roxio 2010\videocore 12\lvmasync.ax"
+ "Roxio LVM File Source (Async.)" "LVMAsync" "Sonic Solutions" "c:\program files\roxio\videocore 9\lvmasync.ax"
+ "Roxio Mp3 Encoder (SC)" "Roxio Audio Codec DLL" "Sonic Solutions" "c:\program files\roxio 2010\audiocodec\rxdsmp3encoder.ax"
+ "Roxio MPEG Analyzer Filter" "MPEG File Analyzer Dynamic Link Library" "Sonic Solutions" "c:\program files\common files\roxio shared\12.0\mpeg\roxiompegprop.dll"
+ "Roxio MPEG Analyzer Filter" "MPEG File Analyzer Dynamic Link Library" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\roxiompegprop.dll"
+ "Roxio MPEG Stream Analyzer" "Roxio MPEG Stream Splitter" "Sonic Solutions" "c:\program files\common files\roxio shared\12.0\mpeg\mpegstreamanalyzer.dll"
+ "Roxio MPEG Stream Analyzer" "Roxio MPEG Stream Splitter" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\mpegstreamanalyzer.dll"
+ "Roxio MPEG1 Audio Encoder" "ROXIO MPEG Audio Encoder" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\roxioaudioenc.dll"
+ "Roxio MPEG1 Audio Encoder" "ROXIO MPEG Audio Encoder" "Sonic Solutions" "c:\program files\common files\roxio shared\12.0\mpeg\roxioaudioenc.dll"
+ "Roxio MPEG1 Encoder" "ROXIO MPEG1 Codec" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\mpeg1vidcodec.dll"
+ "Roxio MPEG1 Encoder" "ROXIO MPEG1 Codec" "Sonic Solutions" "c:\program files\common files\roxio shared\12.0\mpeg\mpeg1vidcodec.dll"
+ "Roxio MPEG1 Muxer" "ROXIO MPEG MUXER" "Sonic Solutions" "c:\program files\common files\roxio shared\12.0\mpeg\mpeg1muxer.dll"
+ "Roxio MPEG1 Muxer" "ROXIO MPEG MUXER" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\mpeg1muxer.dll"
+ "Roxio MPEG2 Demuxer" "ROXIO MPEG Demuxer" "Sonic Solutions" "c:\program files\common files\roxio shared\12.0\mpeg\roxiompegdemuxer.dll"
+ "Roxio MPEG2 Demuxer" "ROXIO MPEG Demuxer" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\roxiompegdemuxer.dll"
+ "Roxio MPEG2 Encoder" "ROXIO MPEG2 Codec" "Sonic Solutions" "c:\program files\common files\roxio shared\12.0\mpeg\mpeg2vidcodec.dll"
+ "Roxio MPEG2 Encoder" "ROXIO MPEG2 Codec" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\mpeg2vidcodec.dll"
+ "Roxio MPEG2 Muxer" "ROXIO MPEG MUXER" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\mpeg2muxer.dll"
+ "Roxio MPEG2 Muxer" "ROXIO MPEG MUXER" "Sonic Solutions" "c:\program files\common files\roxio shared\12.0\mpeg\mpeg2muxer.dll"
+ "Roxio MPEG2 Video Decoder" "ROXIO MPEG2 Codec" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\mpeg2vidcodec.dll"
+ "Roxio MPEG2 Video Decoder" "ROXIO MPEG2 Codec" "Sonic Solutions" "c:\program files\common files\roxio shared\12.0\mpeg\mpeg2vidcodec.dll"
+ "ROXIO Pan Zoom 3.0" "Video Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\panzoom.ax"
+ "ROXIO Pan Zoom 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio 2010\videocore 12\roxvideo.ax"
+ "ROXIO Pin Tee" "" "" "c:\program files\roxio\videocore 9\roxioinftee.ax"
+ "ROXIO Pin Tee" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio 2010\videocore 12\roxvideo.ax"
+ "Roxio Plasma CrossGraph Renderer" "MGICGFilter.ax" "Sonic Solutions" "c:\program files\roxio 2010\videocore 12\plasmacgfilter.ax"
+ "Roxio Plasma CrossGraph Renderer" "MGICGFilter.ax" "Sonic Solutions" "c:\program files\roxio\videocore 9\plasmacgfilter.ax"
+ "Roxio Plasma CrossGraph Source" "MGICGFilter.ax" "Sonic Solutions" "c:\program files\roxio\videocore 9\plasmacgfilter.ax"
+ "Roxio Plasma CrossGraph Source" "MGICGFilter.ax" "Sonic Solutions" "c:\program files\roxio 2010\videocore 12\plasmacgfilter.ax"
+ "ROXIO QT Source" "QuickTime Loader" "Sonic Solutions" "c:\program files\roxio\videocore 9\qtsource.ax"
+ "ROXIO QT Source" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio 2010\videocore 12\roxvideo.ax"
+ "ROXIO QuickGrabber 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio 2010\videocore 12\roxvideo.ax"
+ "ROXIO QuickGrabber 3.0" "VideoWave Frame Grabber" "Sonic Solutions" "c:\program files\roxio\videocore 9\thumbnailgraber.ax"
+ "ROXIO Raw Writer" "ROXIO Raw Writer" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\mgirawwriter.dll"
+ "ROXIO Raw Writer" "ROXIO Raw Writer" "Sonic Solutions" "c:\program files\common files\roxio shared\12.0\mpeg\mgirawwriter.dll"
+ "Roxio Repack Filter" "Repack Filter" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\repackfilter.dll"
+ "Roxio Repack Filter" "Repack Filter" "Sonic Solutions" "c:\program files\common files\roxio shared\12.0\mpeg\repackfilter.dll"
+ "ROXIO Scene Detector 3.0" "Video Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\scenedetector.ax"
+ "ROXIO Scene Detector 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio 2010\videocore 12\roxvideo.ax"
+ "ROXIO SceneRecorder 1.0" "DVR support filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\scenerecorderfilt.ax"
+ "ROXIO SceneRecorder 1.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio 2010\videocore 12\roxvideo.ax"
+ "ROXIO Simple Dump 3.0" "Simple Dump Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\rxsimpledump.ax"
+ "Roxio Smart AVC Encode" "AVC/H.264 Video Encoder DirectShow Filter" "Sonic Solutions Inc." "c:\program files\common files\roxio shared\12.0\mpeg\roxiosmartavcenc.ax"
+ "Roxio Smart AVC Video Decode" "AVC/H.264 Video Decoder" "Sonic Solutions Inc." "c:\program files\common files\roxio shared\12.0\mpeg\roxiosmartavcdec.ax"
+ "Roxio Smart Decoder" "ROXIO MPEG2 Codec" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\mpeg2vidcodec.dll"
+ "Roxio Smart Decoder" "ROXIO MPEG2 Codec" "Sonic Solutions" "c:\program files\common files\roxio shared\12.0\mpeg\mpeg2vidcodec.dll"
+ "Roxio Smart Encoder" "ROXIO MPEG2 Codec" "Sonic Solutions" "c:\program files\common files\roxio shared\12.0\mpeg\mpeg2vidcodec.dll"
+ "Roxio Smart Encoder" "ROXIO MPEG2 Codec" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\mpeg2vidcodec.dll"
+ "ROXIO SpyPos 3.0" "Null-In-Place (Sample)" "Sonic Solutions" "c:\program files\roxio 2010\videocore 12\mginullip.ax"
+ "ROXIO SpyPos 3.0" "Null-In-Place (Sample)" "Sonic Solutions" "c:\program files\roxio\videocore 9\mginullip.ax"
+ "ROXIO ThumbnailGrabber 3.0" "VideoWave Frame Grabber" "Sonic Solutions" "c:\program files\roxio\videocore 9\thumbnailgraber.ax"
+ "ROXIO ThumbnailGrabber 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio 2010\videocore 12\roxvideo.ax"
+ "Roxio Transport Stream Source" "ListFrameSource" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\tsmpegsource.dll"
+ "Roxio Transport Stream Source" "ListFrameSource" "Sonic Solutions" "c:\program files\common files\roxio shared\12.0\mpeg\tsmpegsource.dll"
+ "ROXIO VCFAlphaSplitter 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio 2010\videocore 12\roxvideo.ax"
+ "ROXIO VCFAudioMixer 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files\roxio 2010\videocore 12\roxaudio.ax"
+ "ROXIO VCFAudioMixer 3.0" "AudioFlt Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\audmf.ax"
+ "ROXIO VCFDvrSupport 3.0" "DVR support filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\dvrsupportfilt.ax"
+ "ROXIO VCFDvrSupport 3.0" "DVR support filter" "Sonic Solutions" "c:\program files\roxio 2010\videocore 12\dvrsupportfilt.ax"
+ "ROXIO VCFDVSceneDetect 1.0" "DVR support filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\dvscenedetectfilt.ax"
+ "ROXIO VCFDVSceneDetect 1.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio 2010\videocore 12\roxvideo.ax"
+ "ROXIO VCFHDVSceneDetect 1.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio 2010\videocore 12\roxvideo.ax"
+ "ROXIO VCFLatency 3.0" "Latency Filter (Sample)" "Sonic Solutions" "c:\program files\roxio\videocore 9\latency.ax"
+ "ROXIO VCFLatency 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files\roxio 2010\videocore 12\roxaudio.ax"
+ "ROXIO VCFpeakmeter 3.0" "Peakmeter Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\peakmeter.ax"
+ "ROXIO VCFpeakmeter 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files\roxio 2010\videocore 12\roxaudio.ax"
+ "ROXIO VCFStationLogo 1.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio 2010\videocore 12\roxvideo.ax"
+ "ROXIO VCFVideoCutList 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio 2010\videocore 12\roxvideo.ax"
+ "ROXIO VCFVideoCutList 3.0" "Video CutList Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\vcutlist.ax"
+ "ROXIO VCFWaveform 1.0" "Waveform Filter (Sample)" "Sonic Solutions" "c:\program files\roxio\videocore 9\waveform.ax"
+ "ROXIO VCFWaveform 1.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files\roxio 2010\videocore 12\roxaudio.ax"
+ "ROXIO Video Effect 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio 2010\videocore 12\roxvideo.ax"
+ "ROXIO Video Resampler 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio 2010\videocore 12\roxvideo.ax"
+ "ROXIO Video Resampler 3.0" "Video Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\vresamfilt.ax"
+ "ROXIO Video VCFLooper 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio 2010\videocore 12\roxvideo.ax"
+ "ROXIO Video VCFLooper 3.0" "Video Looper Filter (Sample)" "Sonic Solutions" "c:\program files\roxio\videocore 9\vlooper.ax"
+ "ROXIO VideoCombine 3.0" "Video Effect Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\videocombine.ax"
+ "ROXIO VideoCombine 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio 2010\videocore 12\roxvideo.ax"
+ "Roxio VOB Formatter" "VOBFormatter" "Sonic Solutions" "c:\program files\roxio\videocore 9\vobformatter.ax"
+ "Roxio VOB Formatter" "VOBFormatter" "Sonic Solutions" "c:\program files\roxio 2010\videocore 12\vobformatter.ax"
+ "Roxio Vob Loader" "VOBLoader" "Sonic Solutions" "c:\program files\roxio\videocore 9\vobloader.ax"
+ "Roxio Vob Loader" "VOBLoader" "Sonic Solutions" "c:\program files\roxio 2010\videocore 12\vobloader.ax"
+ "ROXIO WAV Dest 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files\roxio 2010\videocore 12\roxaudio.ax"
+ "ROXIO WAV Dest 3.0" "MGI Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\wavhead.ax"
+ "Sewer" "MVWcDSutil" "Sonic Solutions" "c:\program files\roxio 2010\videocore 12\mvwcdsutil.dll"
+ "Sewer" "MVWcDSutil" "Sonic Solutions" "c:\program files\roxio\videocore 9\mvwcdsutil.dll"
+ "ShotDetect" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker 2.6\wmm2filt.dll"
+ "ShotDetect" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "SmartSound SDS Reader" "SDS Media File Reader Filter" "SmartSound Software Inc." "c:\program files\smartsound software\quicktracks\sdsreader.dll"
+ "SmartSound Soundtrack" "Quicktracks Soundtrack source filter" "SmartSound Software Inc." "c:\program files\smartsound software\quicktracks\directqx.dll"
+ "Sonic AAC Decoder" "AAC audio decoder filter" "Sonic Solutions Inc." "c:\program files\common files\sonic shared\sonicmc02\sonic765daac.ax"
+ "Sonic AMR Decoder" "AMR Decoder" "Sonic Solutions Inc." "c:\program files\common files\sonic shared\sonicmc02\sonic765amrd.ax"
+ "Sonic AVC/H.264 Video Decoder" "AVC/H.264 Video Decoder" "Sonic Solutions Inc." "c:\program files\common files\sonic shared\sonicmc02\sonic765avcvd.ax"
+ "Sonic Cinemaster® Audio Decoder 4.3" "SonicHDAudio" "Sonic Solutions" "c:\program files\roxio 2010\common\cinemasteraudio.dll"
+ "Sonic Cinemaster® VideoDecoder 4.3 (EMC12)" "CinemasterVideo" "Sonic Solutions" "c:\program files\roxio 2010\common\cinemastervideo.dll"
+ "Sonic HD Demuxer" "Sonic HD Demuxer" "" "c:\program files\roxio 2010\5.0\filters\sonichddemuxer.dll"
+ "Sonic HD Demuxer" "Sonic HD Demuxer" "" "c:\program files\roxio 2010\common\sonichddemuxer.dll"
+ "Sonic MP4 Demultiplexer" "MPEG-4 Demultiplexer Direct Show Filter" "Sonic Solutions Inc." "c:\program files\common files\sonic shared\sonicmc02\sonic765mp4demux.ax"
+ "Sonic MPEG Audio Decoder" "MPEG Video and Audio Decoder" "Sonic Solutions Inc." "c:\program files\common files\sonic shared\sonicmc01\sonicdsmpeg.ax"
+ "Sonic MPEG Demultiplexer" "MPEG-1/2 Demultiplexer" "Sonic Solutions Inc." "c:\program files\common files\sonic shared\sonicmc02\sonic765mpgdmx.ax"
+ "Sonic MPEG Video Decoder" "MPEG Video and Audio Decoder" "Sonic Solutions Inc." "c:\program files\common files\sonic shared\sonicmc01\sonicdsmpeg.ax"
+ "Sonic MPEG-2 Video Decoder" "MPEG-2 Video Decoder" "Sonic Solutions Inc" "c:\program files\common files\sonic shared\sonicmc01\sonicm2vd.ax"
+ "Sonic MPEG-2 Video Decoder" "MPEG-2 Video Decoder" "Sonic Solutions Inc." "c:\program files\common files\sonic shared\sonicmc02\sonic765m2vd.ax"
+ "Sonic MPEG-4 Video Decoder" "MPEG-4 Video Decoder Direct Show Filter" "Sonic Solutions Inc." "c:\program files\common files\sonic shared\sonicmc02\sonic765m4vd.ax"
+ "Sonic Stream Parser" "MPEG-1/2 Demultiplexer" "Sonic Solutions Inc." "c:\program files\common files\sonic shared\sonicmc02\sonic765mpgdmx.ax"
+ "Stetch" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Stetch" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker 2.6\wmm2filt.dll"
+ "SubPicture Encoder" "ROXIO SubPicture Encoder" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\subpictenc.dll"
+ "SubPicture Encoder" "ROXIO SubPicture Encoder" "Sonic Solutions" "c:\program files\common files\roxio shared\12.0\mpeg\subpictenc.dll"
+ "Track1Filter" "" "" "c:\program files\adobe\photoshop elements 7.0\track1filter.dll"
+ "Track2Filter" "" "" "c:\program files\adobe\photoshop elements 7.0\track2filter.dll"
+ "VCG Null Renderer 3.0" "" "" "c:\program files\roxio\videocore 9\videocompositing.ax"
+ "VCG Null Renderer 3.0" "VideoCompositing Module" "Sonic Solutions" "c:\program files\roxio 2010\videocore 12\videocompositing.ax"
+ "VCG Video Mixer 3.0" "VideoCompositing Module" "Sonic Solutions" "c:\program files\roxio 2010\videocore 12\videocompositing.ax"
+ "VCG Video Mixer 3.0" "" "" "c:\program files\roxio\videocore 9\videocompositing.ax"
+ "VCGImageSource" "VideoCompositing Module" "Sonic Solutions" "c:\program files\roxio 2010\videocore 12\videocompositing.ax"
+ "VCGImageSource" "" "" "c:\program files\roxio\videocore 9\videocompositing.ax"
+ "VMR9 Wrapper 3.0" "VideoCompositing Module" "Sonic Solutions" "c:\program files\roxio 2010\videocore 12\videocompositing.ax"
+ "VMR9 Wrapper 3.0" "" "" "c:\program files\roxio\videocore 9\videocompositing.ax"
+ "Vorbis Decode Filter" "ogg DShow filters" "" "c:\program files\common files\roxio shared\ogg_flac codecs\dsfvorbisdecoder.dll"
+ "VW Input Selector" "Video Effect Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\inputselector.ax"
+ "VW Input Selector" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio 2010\videocore 12\roxvideo.ax"
+ "VW Input Selector 2" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio 2010\videocore 12\roxvideo.ax"
+ "VW Input Selector 2" "Video Effect Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\inputselector.ax"
+ "VW Video Transition" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio 2010\videocore 12\roxvideo.ax"
+ "VW Video Transition" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio 2010\videocore 12\roxvideo.ax"
+ "WM VIH2 Fix" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker 2.6\wmm2filt.dll"
+ "WM VIH2 Fix" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Audio Analyzer" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker 2.6\wmm2filt.dll"
+ "WMT Audio Analyzer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Audio Mixer" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker 2.6\wmm2filt.dll"
+ "WMT Black Frame Generator" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Black Frame Generator" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker 2.6\wmm2filt.dll"
+ "WMT DirectX Transform Wrapper" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker 2.6\wmm2filt.dll"
+ "WMT DV Extract" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker 2.6\wmm2filt.dll"
+ "WMT DV Extract Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Format Conversion" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker 2.6\wmm2filt.dll"
+ "WMT FormatConversion" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Import Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Import Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker 2.6\wmm2filt.dll"
+ "WMT Interlacer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Interlacer" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker 2.6\wmm2filt.dll"
+ "WMT Log Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker 2.6\wmm2filt.dll"
+ "WMT Log Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT MuxDeMux Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker 2.6\wmm2filt.dll"
+ "WMT MuxDeMux Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Sample Info Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker 2.6\wmm2filt.dll"
+ "WMT Sample Info Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Screen Capture filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker 2.6\wmm2filt.dll"
+ "WMT Switch Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker 2.6\wmm2filt.dll"
+ "WMT Switch Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Renderer" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker 2.6\wmm2filt.dll"
+ "WMT Virtual Renderer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Source" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Source" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker 2.6\wmm2filt.dll"
+ "WMT Volume" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Volume" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker 2.6\wmm2filt.dll"
+ "{1AD512C6-24AF-4395-82B4-2D3CF21F44A2}" "Roxio MP3 Encoder Dynamic Link Library" "Roxio" "c:\program files\common files\roxio shared\9.0\sharedcom\rxdsaudiostreamwriter.ax"
+ "{472C92F0-5438-423D-9B30-FD2932EA44EE}" "Roxio Audio Source Filter" "Microsoft Corporation" "c:\program files\common files\roxio shared\9.0\sharedcom\rxdsaudiosource.ax"
+ "{58FF69ED-8388-483B-B9AC-3EB04BBEB913}" "Roxio Audio Stream Reader Filter" "Microsoft Corporation" "c:\program files\common files\roxio shared\9.0\sharedcom\rxdsaudiostreamreader.ax"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "!SASWinLogon" "SUPERAntiSpyware WinLogon Processor" "SUPERAntiSpyware.com" "c:\program files\superantispyware\saswinlo.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "hpf3l083.dll" "LanguageMonitor" "Hewlett-Packard Company" "c:\windows\system32\hpf3l083.dll"
+ "PCL hpz3llhn" "LanguageMonitor" "Hewlett-Packard Company" "c:\windows\system32\hpz3llhn.dll"
"C:\Users\Dad\AppData\Local\Microsoft\Windows Sidebar\Settings.ini" "" "" ""
+ "Avast! antivirus monitor" "Avast! antivirus sidebar gadget." "AVAST Software" "C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\Gadget.xml"
+ "HP Photo Print" "Drag and drop photos to print." "Hewlett-Packard Corp" "C:\Users\Dad\AppData\Local\Microsoft\Windows Sidebar\Gadgets\HPPhoto.gadget\Gadget.xml"
HP a6009n, windows vista home premium SP2, AMD 64X2 dual core processor 3800+, 2.00GHz, 3G ram, 32 bit operating system, AOL

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:11 PM

Posted 16 January 2013 - 12:07 PM

Press Windows+R key and type

services.msc and click ok

Right click on

Windows update
Security center
Windows defender

Click on properties-Change the startup type to automatic and start those services

Any issues?

#7 Mike_K

Mike_K
  • Topic Starter

  • Members
  • 125 posts
  • OFFLINE
  •  
  • Location:SE Pa
  • Local time:12:11 PM

Posted 16 January 2013 - 12:36 PM

Everything seems fine now.

Thanks a lot
Mike
HP a6009n, windows vista home premium SP2, AMD 64X2 dual core processor 3800+, 2.00GHz, 3G ram, 32 bit operating system, AOL

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:11 PM

Posted 16 January 2013 - 01:40 PM

Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

XP- http://support.microsoft.com/kb/310405

Vista & windows 7- http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing :)

#9 Mike_K

Mike_K
  • Topic Starter

  • Members
  • 125 posts
  • OFFLINE
  •  
  • Location:SE Pa
  • Local time:12:11 PM

Posted 18 January 2013 - 01:37 AM

Thanks

Mike
HP a6009n, windows vista home premium SP2, AMD 64X2 dual core processor 3800+, 2.00GHz, 3G ram, 32 bit operating system, AOL

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:11 PM

Posted 18 January 2013 - 09:46 AM

You're welcome




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users