Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Need assistance cleaning pc of a virus...thank you


  • Please log in to reply
15 replies to this topic

#1 Yankees1

Yankees1

  • Members
  • 107 posts
  • OFFLINE
  •  
  • Local time:11:51 AM

Posted 15 January 2013 - 10:10 AM

I ran Malwarebytes twice today. The first run I had one object detected...Trojan.dropper. Malwarebytes detected three objects on the 2nd run....PUP.FaceThemes. I quarantined all. Can you please let me know what I should do next to make sure the pc is clean. Thank you.

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Database version: v2013.01.15.09

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
trader :: TRADE1 [administrator]

1/15/2013 8:42:48 AM
MBAM-log-2013-01-15 (09-41-26).txt

Scan type: Full scan (B:\|C:\|E:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Shuriken | PUP | PUM
Scan options disabled: Heuristics/Extra | P2P
Objects scanned: 203671
Time elapsed: 56 minute(s), 50 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 3
HKCR\AppID\{F85FA3F2-D2C8-4D4D-BB1C-3181E691AF2B} (PUP.FaceThemes) -> No action taken.
HKCR\Typelib\{A3F56272-CDB4-4310-9BB1-9A0D0757A3B3} (PUP.FaceThemes) -> No action taken.
HKCR\Interface\{D6975F9E-15B2-4FE7-9D16-FC2E85CB201B} (PUP.FaceThemes) -> No action taken.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

Edited by Orange Blossom, 15 January 2013 - 11:11 AM.
Moved to AII. ~ OB


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:51 AM

Posted 15 January 2013 - 10:51 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 Yankees1

Yankees1
  • Topic Starter

  • Members
  • 107 posts
  • OFFLINE
  •  
  • Local time:11:51 AM

Posted 15 January 2013 - 01:33 PM

1. TDSSkiller
11:47:35.0993 10048 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
11:47:36.0577 10048 ============================================================
11:47:36.0577 10048 Current date / time: 2013/01/15 11:47:36.0577
11:47:36.0577 10048 SystemInfo:
11:47:36.0577 10048
11:47:36.0577 10048 OS Version: 6.1.7601 ServicePack: 1.0
11:47:36.0577 10048 Product type: Workstation
11:47:36.0577 10048 ComputerName: TRADE1
11:47:36.0577 10048 UserName: trader
11:47:36.0577 10048 Windows directory: C:\Windows
11:47:36.0577 10048 System windows directory: C:\Windows
11:47:36.0577 10048 Running under WOW64
11:47:36.0577 10048 Processor architecture: Intel x64
11:47:36.0577 10048 Number of processors: 12
11:47:36.0577 10048 Page size: 0x1000
11:47:36.0577 10048 Boot type: Normal boot
11:47:36.0577 10048 ============================================================
11:47:37.0029 10048 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:47:37.0039 10048 Drive \Device\Harddisk1\DR1 - Size: 0x1D1C1600000 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:47:37.0095 10048 Drive \Device\Harddisk2\DR2 - Size: 0x2BA9F676000 (2794.49 Gb), SectorSize: 0x1000, Cylinders: 0xB21F, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
11:47:37.0098 10048 ============================================================
11:47:37.0098 10048 \Device\Harddisk0\DR0:
11:47:37.0098 10048 MBR partitions:
11:47:37.0098 10048 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
11:47:37.0098 10048 \Device\Harddisk1\DR1:
11:47:37.0098 10048 MBR partitions:
11:47:37.0098 10048 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E09800
11:47:37.0098 10048 \Device\Harddisk2\DR2:
11:47:37.0102 10048 MBR partitions:
11:47:37.0102 10048 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x40, BlocksNum 0x2BA9F630
11:47:37.0102 10048 ============================================================
11:47:37.0131 10048 C: <-> \Device\Harddisk0\DR0\Partition1
11:47:37.0165 10048 E: <-> \Device\Harddisk1\DR1\Partition1
11:47:37.0343 10048 G: <-> \Device\Harddisk2\DR2\Partition1
11:47:37.0343 10048 ============================================================
11:47:37.0343 10048 Initialize success
11:47:37.0343 10048 ============================================================
11:47:45.0215 4564 ============================================================
11:47:45.0215 4564 Scan started
11:47:45.0215 4564 Mode: Manual; TDLFS;
11:47:45.0215 4564 ============================================================
11:47:45.0840 4564 ================ Scan system memory ========================
11:47:45.0840 4564 System memory - ok
11:47:45.0840 4564 ================ Scan services =============================
11:47:45.0980 4564 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
11:47:45.0981 4564 1394ohci - ok
11:47:45.0995 4564 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
11:47:45.0996 4564 ACPI - ok
11:47:46.0012 4564 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
11:47:46.0012 4564 AcpiPmi - ok
11:47:46.0073 4564 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
11:47:46.0073 4564 AdobeARMservice - ok
11:47:46.0187 4564 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
11:47:46.0188 4564 AdobeFlashPlayerUpdateSvc - ok
11:47:46.0221 4564 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
11:47:46.0223 4564 adp94xx - ok
11:47:46.0246 4564 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
11:47:46.0247 4564 adpahci - ok
11:47:46.0262 4564 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
11:47:46.0262 4564 adpu320 - ok
11:47:46.0286 4564 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
11:47:46.0287 4564 AeLookupSvc - ok
11:47:46.0329 4564 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
11:47:46.0331 4564 AFD - ok
11:47:46.0361 4564 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
11:47:46.0361 4564 agp440 - ok
11:47:46.0373 4564 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
11:47:46.0373 4564 ALG - ok
11:47:46.0382 4564 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
11:47:46.0382 4564 aliide - ok
11:47:46.0393 4564 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
11:47:46.0393 4564 amdide - ok
11:47:46.0408 4564 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
11:47:46.0408 4564 AmdK8 - ok
11:47:46.0421 4564 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
11:47:46.0421 4564 AmdPPM - ok
11:47:46.0442 4564 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
11:47:46.0442 4564 amdsata - ok
11:47:46.0466 4564 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
11:47:46.0467 4564 amdsbs - ok
11:47:46.0486 4564 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
11:47:46.0486 4564 amdxata - ok
11:47:46.0518 4564 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
11:47:46.0519 4564 AppID - ok
11:47:46.0525 4564 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
11:47:46.0525 4564 AppIDSvc - ok
11:47:46.0556 4564 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
11:47:46.0556 4564 Appinfo - ok
11:47:46.0610 4564 [ DCEBADAB68650A3EC48FDC102A6D67E8 ] Application Sendori C:\Program Files (x86)\Sendori\SendoriSvc.exe
11:47:46.0610 4564 Application Sendori - ok
11:47:46.0639 4564 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
11:47:46.0640 4564 AppMgmt - ok
11:47:46.0642 4564 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
11:47:46.0643 4564 arc - ok
11:47:46.0657 4564 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
11:47:46.0657 4564 arcsas - ok
11:47:46.0659 4564 Ast Service - ok
11:47:46.0686 4564 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
11:47:46.0687 4564 AsyncMac - ok
11:47:46.0713 4564 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
11:47:46.0713 4564 atapi - ok
11:47:46.0740 4564 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:47:46.0743 4564 AudioEndpointBuilder - ok
11:47:46.0750 4564 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
11:47:46.0751 4564 AudioSrv - ok
11:47:46.0774 4564 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
11:47:46.0774 4564 AxInstSV - ok
11:47:46.0808 4564 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
11:47:46.0810 4564 b06bdrv - ok
11:47:46.0820 4564 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
11:47:46.0821 4564 b57nd60a - ok
11:47:46.0852 4564 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
11:47:46.0852 4564 BDESVC - ok
11:47:46.0861 4564 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
11:47:46.0861 4564 Beep - ok
11:47:46.0904 4564 BFBackupUtilityService - ok
11:47:46.0906 4564 BFBackupUtilityVSSService - ok
11:47:46.0929 4564 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
11:47:46.0931 4564 BFE - ok
11:47:46.0952 4564 [ 97F0BCC26F5364326F6410E88BF20142 ] bftpdskc C:\Windows\system32\drivers\bftpdskc64.sys
11:47:46.0952 4564 bftpdskc - ok
11:47:46.0978 4564 [ 2EE89B72A054D30363BC79A8B9401750 ] bftpusbx C:\Windows\system32\drivers\bftpusbx64.sys
11:47:46.0978 4564 bftpusbx - ok
11:47:47.0008 4564 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
11:47:47.0011 4564 BITS - ok
11:47:47.0027 4564 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
11:47:47.0027 4564 blbdrive - ok
11:47:47.0049 4564 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
11:47:47.0049 4564 bowser - ok
11:47:47.0072 4564 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
11:47:47.0072 4564 BrFiltLo - ok
11:47:47.0079 4564 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
11:47:47.0080 4564 BrFiltUp - ok
11:47:47.0103 4564 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
11:47:47.0104 4564 BridgeMP - ok
11:47:47.0127 4564 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
11:47:47.0128 4564 Browser - ok
11:47:47.0139 4564 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
11:47:47.0140 4564 Brserid - ok
11:47:47.0148 4564 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
11:47:47.0148 4564 BrSerWdm - ok
11:47:47.0166 4564 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
11:47:47.0166 4564 BrUsbMdm - ok
11:47:47.0179 4564 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
11:47:47.0179 4564 BrUsbSer - ok
11:47:47.0189 4564 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
11:47:47.0189 4564 BTHMODEM - ok
11:47:47.0212 4564 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
11:47:47.0213 4564 bthserv - ok
11:47:47.0252 4564 [ C3F5756ACB375B53A6977B4CE8F3A47C ] bufssvr C:\Program Files (x86)\BUFFALO\SLManagerEasy\Bufssvr.exe
11:47:47.0252 4564 bufssvr - ok
11:47:47.0257 4564 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
11:47:47.0257 4564 cdfs - ok
11:47:47.0289 4564 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
11:47:47.0290 4564 cdrom - ok
11:47:47.0318 4564 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
11:47:47.0319 4564 CertPropSvc - ok
11:47:47.0340 4564 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
11:47:47.0340 4564 circlass - ok
11:47:47.0356 4564 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
11:47:47.0358 4564 CLFS - ok
11:47:47.0419 4564 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:47:47.0420 4564 clr_optimization_v2.0.50727_32 - ok
11:47:47.0455 4564 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:47:47.0456 4564 clr_optimization_v2.0.50727_64 - ok
11:47:47.0502 4564 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:47:47.0503 4564 clr_optimization_v4.0.30319_32 - ok
11:47:47.0522 4564 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:47:47.0523 4564 clr_optimization_v4.0.30319_64 - ok
11:47:47.0550 4564 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
11:47:47.0550 4564 CmBatt - ok
11:47:47.0575 4564 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
11:47:47.0576 4564 cmdide - ok
11:47:47.0609 4564 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
11:47:47.0611 4564 CNG - ok
11:47:47.0624 4564 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
11:47:47.0624 4564 Compbatt - ok
11:47:47.0638 4564 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
11:47:47.0638 4564 CompositeBus - ok
11:47:47.0647 4564 COMSysApp - ok
11:47:47.0716 4564 cpuz134 - ok
11:47:47.0725 4564 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
11:47:47.0726 4564 crcdisk - ok
11:47:47.0751 4564 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
11:47:47.0752 4564 CryptSvc - ok
11:47:47.0781 4564 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
11:47:47.0783 4564 CSC - ok
11:47:47.0799 4564 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
11:47:47.0802 4564 CscService - ok
11:47:47.0815 4564 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
11:47:47.0817 4564 DcomLaunch - ok
11:47:47.0838 4564 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
11:47:47.0839 4564 defragsvc - ok
11:47:47.0875 4564 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
11:47:47.0875 4564 DfsC - ok
11:47:47.0911 4564 [ B9430166FEB246F6070A62B3554932C9 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
11:47:47.0911 4564 dg_ssudbus - ok
11:47:47.0930 4564 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
11:47:47.0932 4564 Dhcp - ok
11:47:47.0956 4564 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
11:47:47.0956 4564 discache - ok
11:47:47.0974 4564 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
11:47:47.0975 4564 Disk - ok
11:47:47.0998 4564 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
11:47:47.0999 4564 Dnscache - ok
11:47:48.0018 4564 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
11:47:48.0019 4564 dot3svc - ok
11:47:48.0032 4564 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
11:47:48.0033 4564 DPS - ok
11:47:48.0056 4564 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
11:47:48.0057 4564 drmkaud - ok
11:47:48.0082 4564 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
11:47:48.0085 4564 DXGKrnl - ok
11:47:48.0099 4564 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
11:47:48.0100 4564 EapHost - ok
11:47:48.0158 4564 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
11:47:48.0168 4564 ebdrv - ok
11:47:48.0189 4564 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
11:47:48.0190 4564 EFS - ok
11:47:48.0222 4564 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
11:47:48.0225 4564 ehRecvr - ok
11:47:48.0249 4564 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
11:47:48.0249 4564 ehSched - ok
11:47:48.0283 4564 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
11:47:48.0285 4564 elxstor - ok
11:47:48.0294 4564 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
11:47:48.0295 4564 ErrDev - ok
11:47:48.0321 4564 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
11:47:48.0323 4564 EventSystem - ok
11:47:48.0327 4564 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
11:47:48.0328 4564 exfat - ok
11:47:48.0343 4564 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
11:47:48.0344 4564 fastfat - ok
11:47:48.0399 4564 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
11:47:48.0402 4564 Fax - ok
11:47:48.0433 4564 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
11:47:48.0433 4564 fdc - ok
11:47:48.0480 4564 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
11:47:48.0481 4564 fdPHost - ok
11:47:48.0492 4564 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
11:47:48.0493 4564 FDResPub - ok
11:47:48.0503 4564 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
11:47:48.0504 4564 FileInfo - ok
11:47:48.0510 4564 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
11:47:48.0510 4564 Filetrace - ok
11:47:48.0525 4564 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
11:47:48.0525 4564 flpydisk - ok
11:47:48.0536 4564 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
11:47:48.0537 4564 FltMgr - ok
11:47:48.0568 4564 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
11:47:48.0573 4564 FontCache - ok
11:47:48.0610 4564 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:47:48.0610 4564 FontCache3.0.0.0 - ok
11:47:48.0624 4564 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
11:47:48.0624 4564 FsDepends - ok
11:47:48.0638 4564 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
11:47:48.0639 4564 Fs_Rec - ok
11:47:48.0664 4564 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
11:47:48.0665 4564 fvevol - ok
11:47:48.0677 4564 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
11:47:48.0677 4564 gagp30kx - ok
11:47:48.0707 4564 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
11:47:48.0709 4564 gpsvc - ok
11:47:48.0720 4564 guardian - ok
11:47:48.0722 4564 guardianctrl - ok
11:47:48.0773 4564 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:47:48.0774 4564 gupdate - ok
11:47:48.0776 4564 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:47:48.0777 4564 gupdatem - ok
11:47:48.0807 4564 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
11:47:48.0808 4564 gusvc - ok
11:47:48.0835 4564 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
11:47:48.0836 4564 hcw85cir - ok
11:47:48.0871 4564 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
11:47:48.0873 4564 HdAudAddService - ok
11:47:48.0898 4564 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
11:47:48.0899 4564 HDAudBus - ok
11:47:48.0905 4564 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
11:47:48.0906 4564 HidBatt - ok
11:47:48.0929 4564 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
11:47:48.0930 4564 HidBth - ok
11:47:48.0945 4564 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
11:47:48.0946 4564 HidIr - ok
11:47:48.0968 4564 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
11:47:48.0968 4564 hidserv - ok
11:47:48.0989 4564 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
11:47:48.0990 4564 HidUsb - ok
11:47:49.0009 4564 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
11:47:49.0010 4564 hkmsvc - ok
11:47:49.0034 4564 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
11:47:49.0035 4564 HomeGroupListener - ok
11:47:49.0058 4564 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
11:47:49.0060 4564 HomeGroupProvider - ok
11:47:49.0146 4564 [ F5F4818A15AF6128A2BADD1B1F102413 ] HP DS Service C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe
11:47:49.0146 4564 HP DS Service - ok
11:47:49.0166 4564 [ 3755C0F9D2A0CBE1CC0C37410725533A ] HP LaserJet Service C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
11:47:49.0166 4564 HP LaserJet Service - ok
11:47:49.0188 4564 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
11:47:49.0188 4564 HpSAMD - ok
11:47:49.0241 4564 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
11:47:49.0244 4564 HTTP - ok
11:47:49.0273 4564 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
11:47:49.0274 4564 hwpolicy - ok
11:47:49.0308 4564 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
11:47:49.0308 4564 i8042prt - ok
11:47:49.0360 4564 [ 8180A2392E732E8871589B54FAB6991F ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
11:47:49.0362 4564 iaStor - ok
11:47:49.0411 4564 [ 17125B7D2F56B4B35441561C780C2CCB ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
11:47:49.0411 4564 IAStorDataMgrSvc - ok
11:47:49.0436 4564 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
11:47:49.0438 4564 iaStorV - ok
11:47:49.0471 4564 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:47:49.0474 4564 idsvc - ok
11:47:49.0506 4564 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
11:47:49.0506 4564 iirsp - ok
11:47:49.0529 4564 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
11:47:49.0532 4564 IKEEXT - ok
11:47:49.0588 4564 [ 0B21B66574E5478FA10CCA2D36694C2D ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
11:47:49.0597 4564 IntcAzAudAddService - ok
11:47:49.0604 4564 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
11:47:49.0604 4564 intelide - ok
11:47:49.0619 4564 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
11:47:49.0620 4564 intelppm - ok
11:47:49.0630 4564 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
11:47:49.0631 4564 IPBusEnum - ok
11:47:49.0652 4564 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:47:49.0652 4564 IpFilterDriver - ok
11:47:49.0673 4564 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
11:47:49.0676 4564 iphlpsvc - ok
11:47:49.0698 4564 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
11:47:49.0698 4564 IPMIDRV - ok
11:47:49.0710 4564 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
11:47:49.0711 4564 IPNAT - ok
11:47:49.0732 4564 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
11:47:49.0732 4564 IRENUM - ok
11:47:49.0749 4564 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
11:47:49.0750 4564 isapnp - ok
11:47:49.0757 4564 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
11:47:49.0758 4564 iScsiPrt - ok
11:47:49.0777 4564 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
11:47:49.0777 4564 kbdclass - ok
11:47:49.0783 4564 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
11:47:49.0784 4564 kbdhid - ok
11:47:49.0789 4564 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
11:47:49.0790 4564 KeyIso - ok
11:47:49.0815 4564 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
11:47:49.0816 4564 KSecDD - ok
11:47:49.0834 4564 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
11:47:49.0835 4564 KSecPkg - ok
11:47:49.0842 4564 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
11:47:49.0843 4564 ksthunk - ok
11:47:49.0867 4564 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
11:47:49.0869 4564 KtmRm - ok
11:47:49.0910 4564 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
11:47:49.0911 4564 LanmanServer - ok
11:47:49.0934 4564 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:47:49.0935 4564 LanmanWorkstation - ok
11:47:49.0950 4564 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
11:47:49.0950 4564 lltdio - ok
11:47:49.0964 4564 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
11:47:49.0966 4564 lltdsvc - ok
11:47:49.0968 4564 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
11:47:49.0969 4564 lmhosts - ok
11:47:49.0995 4564 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
11:47:49.0995 4564 LSI_FC - ok
11:47:50.0008 4564 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
11:47:50.0008 4564 LSI_SAS - ok
11:47:50.0020 4564 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
11:47:50.0021 4564 LSI_SAS2 - ok
11:47:50.0048 4564 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
11:47:50.0048 4564 LSI_SCSI - ok
11:47:50.0063 4564 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
11:47:50.0063 4564 luafv - ok
11:47:50.0089 4564 [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
11:47:50.0089 4564 MBAMProtector - ok
11:47:50.0144 4564 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
11:47:50.0146 4564 MBAMScheduler - ok
11:47:50.0196 4564 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
11:47:50.0199 4564 MBAMService - ok
11:47:50.0222 4564 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
11:47:50.0222 4564 Mcx2Svc - ok
11:47:50.0235 4564 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
11:47:50.0235 4564 megasas - ok
11:47:50.0239 4564 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
11:47:50.0240 4564 MegaSR - ok
11:47:50.0261 4564 Microsoft Office Groove Audit Service - ok
11:47:50.0274 4564 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
11:47:50.0275 4564 MMCSS - ok
11:47:50.0284 4564 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
11:47:50.0284 4564 Modem - ok
11:47:50.0319 4564 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
11:47:50.0319 4564 monitor - ok
11:47:50.0342 4564 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
11:47:50.0343 4564 mouclass - ok
11:47:50.0370 4564 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
11:47:50.0370 4564 mouhid - ok
11:47:50.0387 4564 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
11:47:50.0387 4564 mountmgr - ok
11:47:50.0424 4564 [ 05BF204EC0E82CC4A054DB189C8A3D84 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
11:47:50.0425 4564 MpFilter - ok
11:47:50.0435 4564 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
11:47:50.0435 4564 mpio - ok
11:47:50.0457 4564 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
11:47:50.0458 4564 mpsdrv - ok
11:47:50.0488 4564 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
11:47:50.0491 4564 MpsSvc - ok
11:47:50.0516 4564 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
11:47:50.0517 4564 MRxDAV - ok
11:47:50.0540 4564 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
11:47:50.0541 4564 mrxsmb - ok
11:47:50.0561 4564 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:47:50.0562 4564 mrxsmb10 - ok
11:47:50.0568 4564 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:47:50.0569 4564 mrxsmb20 - ok
11:47:50.0577 4564 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
11:47:50.0578 4564 msahci - ok
11:47:50.0587 4564 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
11:47:50.0587 4564 msdsm - ok
11:47:50.0597 4564 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
11:47:50.0599 4564 MSDTC - ok
11:47:50.0613 4564 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
11:47:50.0613 4564 Msfs - ok
11:47:50.0625 4564 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
11:47:50.0625 4564 mshidkmdf - ok
11:47:50.0640 4564 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
11:47:50.0640 4564 msisadrv - ok
11:47:50.0696 4564 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
11:47:50.0697 4564 MSiSCSI - ok
11:47:50.0699 4564 msiserver - ok
11:47:50.0735 4564 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
11:47:50.0736 4564 MSKSSRV - ok
11:47:50.0799 4564 [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe
11:47:50.0799 4564 MsMpSvc - ok
11:47:50.0826 4564 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
11:47:50.0826 4564 MSPCLOCK - ok
11:47:50.0852 4564 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
11:47:50.0852 4564 MSPQM - ok
11:47:50.0878 4564 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
11:47:50.0879 4564 MsRPC - ok
11:47:50.0906 4564 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
11:47:50.0906 4564 mssmbios - ok
11:47:50.0916 4564 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
11:47:50.0916 4564 MSTEE - ok
11:47:50.0928 4564 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
11:47:50.0929 4564 MTConfig - ok
11:47:50.0951 4564 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
11:47:50.0952 4564 Mup - ok
11:47:50.0962 4564 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
11:47:50.0965 4564 napagent - ok
11:47:50.0989 4564 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
11:47:50.0991 4564 NativeWifiP - ok
11:47:51.0022 4564 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
11:47:51.0026 4564 NDIS - ok
11:47:51.0035 4564 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
11:47:51.0036 4564 NdisCap - ok
11:47:51.0052 4564 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
11:47:51.0052 4564 NdisTapi - ok
11:47:51.0068 4564 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
11:47:51.0068 4564 Ndisuio - ok
11:47:51.0094 4564 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
11:47:51.0095 4564 NdisWan - ok
11:47:51.0119 4564 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
11:47:51.0120 4564 NDProxy - ok
11:47:51.0147 4564 [ 2334DC48997BA203B794DF3EE70521DB ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
11:47:51.0148 4564 Net Driver HPZ12 - ok
11:47:51.0156 4564 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
11:47:51.0156 4564 NetBIOS - ok
11:47:51.0180 4564 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
11:47:51.0181 4564 NetBT - ok
11:47:51.0189 4564 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
11:47:51.0189 4564 Netlogon - ok
11:47:51.0213 4564 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
11:47:51.0215 4564 Netman - ok
11:47:51.0229 4564 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
11:47:51.0231 4564 netprofm - ok
11:47:51.0250 4564 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:47:51.0250 4564 NetTcpPortSharing - ok
11:47:51.0271 4564 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
11:47:51.0271 4564 nfrd960 - ok
11:47:51.0295 4564 [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
11:47:51.0295 4564 NisDrv - ok
11:47:51.0314 4564 [ 79E80B10FE8F6662E0C9162A68C43444 ] NisSrv C:\Program Files\Microsoft Security Client\NisSrv.exe
11:47:51.0316 4564 NisSrv - ok
11:47:51.0330 4564 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
11:47:51.0332 4564 NlaSvc - ok
11:47:51.0344 4564 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
11:47:51.0344 4564 Npfs - ok
11:47:51.0361 4564 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
11:47:51.0361 4564 nsi - ok
11:47:51.0374 4564 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
11:47:51.0374 4564 nsiproxy - ok
11:47:51.0423 4564 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
11:47:51.0430 4564 Ntfs - ok
11:47:51.0437 4564 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
11:47:51.0437 4564 Null - ok
11:47:51.0615 4564 [ 5104BAC2DA2A5BDD86AC6B0708B00F06 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
11:47:51.0659 4564 nvlddmkm - ok
11:47:51.0677 4564 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
11:47:51.0678 4564 nvraid - ok
11:47:51.0700 4564 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
11:47:51.0701 4564 nvstor - ok
11:47:51.0750 4564 [ DDFAFCE89A5C93D04712B86F94E9FCBA ] NVSvc C:\Windows\system32\nvvsvc.exe
11:47:51.0753 4564 NVSvc - ok
11:47:51.0812 4564 [ 84E035225474E48CD3A6A3CE52332095 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
11:47:51.0817 4564 nvUpdatusService - ok
11:47:51.0839 4564 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
11:47:51.0839 4564 nv_agp - ok
11:47:51.0916 4564 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
11:47:51.0918 4564 odserv - ok
11:47:51.0931 4564 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
11:47:51.0932 4564 ohci1394 - ok
11:47:51.0971 4564 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:47:51.0972 4564 ose - ok
11:47:51.0995 4564 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
11:47:51.0997 4564 p2pimsvc - ok
11:47:52.0008 4564 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
11:47:52.0010 4564 p2psvc - ok
11:47:52.0033 4564 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
11:47:52.0034 4564 Parport - ok
11:47:52.0055 4564 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
11:47:52.0055 4564 partmgr - ok
11:47:52.0066 4564 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
11:47:52.0067 4564 PcaSvc - ok
11:47:52.0092 4564 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
11:47:52.0093 4564 pci - ok
11:47:52.0107 4564 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
11:47:52.0107 4564 pciide - ok
11:47:52.0121 4564 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
11:47:52.0122 4564 pcmcia - ok
11:47:52.0133 4564 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
11:47:52.0134 4564 pcw - ok
11:47:52.0144 4564 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
11:47:52.0146 4564 PEAUTH - ok
11:47:52.0178 4564 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
11:47:52.0183 4564 PeerDistSvc - ok
11:47:52.0236 4564 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
11:47:52.0237 4564 PerfHost - ok
11:47:52.0278 4564 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
11:47:52.0283 4564 pla - ok
11:47:52.0314 4564 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
11:47:52.0316 4564 PlugPlay - ok
11:47:52.0340 4564 [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
11:47:52.0341 4564 Pml Driver HPZ12 - ok
11:47:52.0355 4564 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
11:47:52.0356 4564 PNRPAutoReg - ok
11:47:52.0369 4564 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
11:47:52.0371 4564 PNRPsvc - ok
11:47:52.0415 4564 [ B23F79E41E30ED500586151A9EF27D8F ] Point64 C:\Windows\system32\DRIVERS\point64.sys
11:47:52.0416 4564 Point64 - ok
11:47:52.0455 4564 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
11:47:52.0457 4564 PolicyAgent - ok
11:47:52.0478 4564 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
11:47:52.0479 4564 Power - ok
11:47:52.0511 4564 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
11:47:52.0511 4564 PptpMiniport - ok
11:47:52.0536 4564 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
11:47:52.0537 4564 Processor - ok
11:47:52.0560 4564 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
11:47:52.0561 4564 ProfSvc - ok
11:47:52.0572 4564 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
11:47:52.0573 4564 ProtectedStorage - ok
11:47:52.0600 4564 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
11:47:52.0601 4564 Psched - ok
11:47:52.0655 4564 [ FB46E9A827A8799EBD7BFA9128C91F37 ] PSI C:\Windows\system32\DRIVERS\psi_mf.sys
11:47:52.0655 4564 PSI - ok
11:47:52.0690 4564 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
11:47:52.0696 4564 ql2300 - ok
11:47:52.0712 4564 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
11:47:52.0713 4564 ql40xx - ok
11:47:52.0739 4564 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
11:47:52.0740 4564 QWAVE - ok
11:47:52.0752 4564 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
11:47:52.0753 4564 QWAVEdrv - ok
11:47:52.0782 4564 [ E02B0EE649764761ACC904039B032F4C ] RAMDriv C:\Windows\system32\DRIVERS\ramdriv.sys
11:47:52.0783 4564 RAMDriv - ok
11:47:52.0791 4564 RAMDrivService - ok
11:47:52.0798 4564 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
11:47:52.0798 4564 RasAcd - ok
11:47:52.0825 4564 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
11:47:52.0826 4564 RasAgileVpn - ok
11:47:52.0838 4564 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
11:47:52.0839 4564 RasAuto - ok
11:47:52.0867 4564 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
11:47:52.0867 4564 Rasl2tp - ok
11:47:52.0886 4564 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
11:47:52.0888 4564 RasMan - ok
11:47:52.0901 4564 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
11:47:52.0901 4564 RasPppoe - ok
11:47:52.0911 4564 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
11:47:52.0911 4564 RasSstp - ok
11:47:52.0937 4564 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
11:47:52.0938 4564 rdbss - ok
11:47:52.0948 4564 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
11:47:52.0948 4564 rdpbus - ok
11:47:52.0956 4564 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
11:47:52.0956 4564 RDPCDD - ok
11:47:52.0980 4564 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
11:47:52.0981 4564 RDPDR - ok
11:47:53.0000 4564 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
11:47:53.0000 4564 RDPENCDD - ok
11:47:53.0005 4564 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
11:47:53.0005 4564 RDPREFMP - ok
11:47:53.0044 4564 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
11:47:53.0044 4564 RdpVideoMiniport - ok
11:47:53.0069 4564 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
11:47:53.0070 4564 RDPWD - ok
11:47:53.0084 4564 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
11:47:53.0085 4564 rdyboost - ok
11:47:53.0104 4564 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
11:47:53.0105 4564 RemoteAccess - ok
11:47:53.0125 4564 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
11:47:53.0126 4564 RemoteRegistry - ok
11:47:53.0146 4564 [ AD42432D22940B4215177BE113E4919C ] RimUsb C:\Windows\system32\Drivers\RimUsb_AMD64.sys
11:47:53.0147 4564 RimUsb - ok
11:47:53.0173 4564 [ 4AAFFFA67AC4DFA3D9985D78573887E2 ] RimVSerPort C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
11:47:53.0174 4564 RimVSerPort - ok
11:47:53.0200 4564 [ 388D3DD1A6457280F3BADBA9F3ACD6B1 ] ROOTMODEM C:\Windows\system32\Drivers\RootMdm.sys
11:47:53.0200 4564 ROOTMODEM - ok
11:47:53.0205 4564 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
11:47:53.0206 4564 RpcEptMapper - ok
11:47:53.0215 4564 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
11:47:53.0216 4564 RpcLocator - ok
11:47:53.0240 4564 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
11:47:53.0242 4564 RpcSs - ok
11:47:53.0257 4564 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
11:47:53.0257 4564 rspndr - ok
11:47:53.0295 4564 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
11:47:53.0297 4564 RTL8167 - ok
11:47:53.0308 4564 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
11:47:53.0308 4564 s3cap - ok
11:47:53.0322 4564 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
11:47:53.0323 4564 SamSs - ok
11:47:53.0336 4564 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
11:47:53.0336 4564 sbp2port - ok
11:47:53.0358 4564 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
11:47:53.0360 4564 SCardSvr - ok
11:47:53.0381 4564 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
11:47:53.0381 4564 scfilter - ok
11:47:53.0408 4564 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
11:47:53.0413 4564 Schedule - ok
11:47:53.0434 4564 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
11:47:53.0435 4564 SCPolicySvc - ok
11:47:53.0455 4564 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
11:47:53.0457 4564 SDRSVC - ok
11:47:53.0473 4564 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
11:47:53.0473 4564 secdrv - ok
11:47:53.0483 4564 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
11:47:53.0484 4564 seclogon - ok
11:47:53.0524 4564 [ 9044795E9D1A912D5F1B8DF6211850FD ] Secunia PSI Agent C:\Program Files (x86)\Secunia\PSI\PSIA.exe
11:47:53.0528 4564 Secunia PSI Agent - ok
11:47:53.0562 4564 [ 8B1A72E4FB63A9C068B08E1F9B70482A ] Secunia Update Agent C:\Program Files (x86)\Secunia\PSI\sua.exe
11:47:53.0564 4564 Secunia Update Agent - ok
11:47:53.0584 4564 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
11:47:53.0585 4564 SENS - ok
11:47:53.0593 4564 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
11:47:53.0594 4564 SensrSvc - ok
11:47:53.0615 4564 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
11:47:53.0615 4564 Serenum - ok
11:47:53.0626 4564 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
11:47:53.0626 4564 Serial - ok
11:47:53.0633 4564 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
11:47:53.0633 4564 sermouse - ok
11:47:53.0677 4564 [ B8080082E50653121591885E43A33250 ] Service Sendori C:\Program Files (x86)\Sendori\Sendori.Service.exe
11:47:53.0678 4564 Service Sendori - ok
11:47:53.0701 4564 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
11:47:53.0702 4564 SessionEnv - ok
11:47:53.0723 4564 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
11:47:53.0723 4564 sffdisk - ok
11:47:53.0733 4564 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
11:47:53.0733 4564 sffp_mmc - ok
11:47:53.0737 4564 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
11:47:53.0738 4564 sffp_sd - ok
11:47:53.0745 4564 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
11:47:53.0746 4564 sfloppy - ok
11:47:53.0769 4564 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
11:47:53.0771 4564 SharedAccess - ok
11:47:53.0791 4564 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:47:53.0793 4564 ShellHWDetection - ok
11:47:53.0806 4564 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
11:47:53.0806 4564 SiSRaid2 - ok
11:47:53.0811 4564 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
11:47:53.0812 4564 SiSRaid4 - ok
11:47:53.0863 4564 [ B866E8C5ED1DCBEA72285BA4107892C2 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
11:47:53.0864 4564 SkypeUpdate - ok
11:47:53.0877 4564 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
11:47:53.0877 4564 Smb - ok
11:47:53.0948 4564 [ 51630E657E104487AD3897A7A6047B94 ] sndappv2 C:\Program Files (x86)\Sendori\sndappv2.exe
11:47:53.0959 4564 sndappv2 - ok
11:47:53.0989 4564 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
11:47:53.0990 4564 SNMPTRAP - ok
11:47:54.0000 4564 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
11:47:54.0000 4564 spldr - ok
11:47:54.0035 4564 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
11:47:54.0038 4564 Spooler - ok
11:47:54.0090 4564 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
11:47:54.0102 4564 sppsvc - ok
11:47:54.0116 4564 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
11:47:54.0118 4564 sppuinotify - ok
11:47:54.0146 4564 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
11:47:54.0148 4564 srv - ok
11:47:54.0159 4564 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
11:47:54.0161 4564 srv2 - ok
11:47:54.0174 4564 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
11:47:54.0175 4564 srvnet - ok
11:47:54.0214 4564 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
11:47:54.0215 4564 SSDPSRV - ok
11:47:54.0223 4564 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
11:47:54.0224 4564 SstpSvc - ok
11:47:54.0265 4564 [ C692C94FE55CAD0633440236022C27B3 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
11:47:54.0266 4564 ssudmdm - ok
11:47:54.0322 4564 [ F0359F7CE712D69ACEF0886BDB4792ED ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
11:47:54.0323 4564 Stereo Service - ok
11:47:54.0337 4564 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
11:47:54.0337 4564 stexstor - ok
11:47:54.0364 4564 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
11:47:54.0365 4564 StillCam - ok
11:47:54.0402 4564 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
11:47:54.0405 4564 stisvc - ok
11:47:54.0425 4564 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
11:47:54.0425 4564 storflt - ok
11:47:54.0438 4564 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
11:47:54.0440 4564 StorSvc - ok
11:47:54.0456 4564 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
11:47:54.0456 4564 storvsc - ok
11:47:54.0465 4564 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
11:47:54.0465 4564 swenum - ok
11:47:54.0492 4564 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
11:47:54.0495 4564 swprv - ok
11:47:54.0541 4564 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
11:47:54.0547 4564 SysMain - ok
11:47:54.0569 4564 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
11:47:54.0570 4564 TabletInputService - ok
11:47:54.0579 4564 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
11:47:54.0581 4564 TapiSrv - ok
11:47:54.0591 4564 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
11:47:54.0592 4564 TBS - ok
11:47:54.0593 4564 TC2Service - ok
11:47:54.0642 4564 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
11:47:54.0650 4564 Tcpip - ok
11:47:54.0677 4564 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
11:47:54.0684 4564 TCPIP6 - ok
11:47:54.0694 4564 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
11:47:54.0695 4564 tcpipreg - ok
11:47:54.0714 4564 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
11:47:54.0714 4564 TDPIPE - ok
11:47:54.0736 4564 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
11:47:54.0736 4564 TDTCP - ok
11:47:54.0764 4564 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
11:47:54.0765 4564 tdx - ok
11:47:54.0787 4564 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
11:47:54.0787 4564 TermDD - ok
11:47:54.0819 4564 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
11:47:54.0823 4564 TermService - ok
11:47:54.0848 4564 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
11:47:54.0849 4564 Themes - ok
11:47:54.0866 4564 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
11:47:54.0866 4564 THREADORDER - ok
11:47:54.0903 4564 [ 6FFF06608DD982528C3C3A4E8375B700 ] tpcexdccs C:\Program Files (x86)\BUFFALO\TurboPC_EX\DiskCache\tpcexService.exe
11:47:54.0903 4564 tpcexdccs - ok
11:47:54.0909 4564 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
11:47:54.0910 4564 TrkWks - ok
11:47:54.0956 4564 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:47:54.0957 4564 TrustedInstaller - ok
11:47:54.0976 4564 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
11:47:54.0976 4564 tssecsrv - ok
11:47:55.0002 4564 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
11:47:55.0003 4564 TsUsbFlt - ok
11:47:55.0028 4564 ttmd - ok
11:47:55.0054 4564 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
11:47:55.0054 4564 tunnel - ok
11:47:55.0092 4564 [ AAF458CC200326BEF602B5339400BF86 ] tvnserver C:\Program Files (x86)\TightVNC\tvnserver.exe
11:47:55.0095 4564 tvnserver - ok
11:47:55.0118 4564 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
11:47:55.0118 4564 uagp35 - ok
11:47:55.0142 4564 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
11:47:55.0143 4564 udfs - ok
11:47:55.0164 4564 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
11:47:55.0165 4564 UI0Detect - ok
11:47:55.0170 4564 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
11:47:55.0171 4564 uliagpkx - ok
11:47:55.0215 4564 [ 694BCF23662F97D987CF4C6739C35F8B ] UltraMonUtility C:\Program Files (x86)\Common Files\Realtime Soft\UltraMonMirrorDrv\x64\UltraMonUtility.sys
11:47:55.0216 4564 UltraMonUtility - ok
11:47:55.0246 4564 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
11:47:55.0247 4564 umbus - ok
11:47:55.0256 4564 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
11:47:55.0256 4564 UmPass - ok
11:47:55.0283 4564 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
11:47:55.0285 4564 UmRdpService - ok
11:47:55.0301 4564 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
11:47:55.0303 4564 upnphost - ok
11:47:55.0330 4564 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
11:47:55.0331 4564 usbaudio - ok
11:47:55.0354 4564 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
11:47:55.0355 4564 usbccgp - ok
11:47:55.0364 4564 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
11:47:55.0364 4564 usbcir - ok
11:47:55.0379 4564 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
11:47:55.0380 4564 usbehci - ok
11:47:55.0413 4564 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
11:47:55.0414 4564 usbhub - ok
11:47:55.0427 4564 [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
11:47:55.0428 4564 usbohci - ok
11:47:55.0442 4564 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
11:47:55.0442 4564 usbprint - ok
11:47:55.0461 4564 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
11:47:55.0462 4564 usbscan - ok
11:47:55.0475 4564 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:47:55.0476 4564 USBSTOR - ok
11:47:55.0497 4564 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
11:47:55.0498 4564 usbuhci - ok
11:47:55.0509 4564 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
11:47:55.0510 4564 UxSms - ok
11:47:55.0522 4564 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
11:47:55.0522 4564 VaultSvc - ok
11:47:55.0529 4564 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
11:47:55.0530 4564 vdrvroot - ok
11:47:55.0558 4564 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
11:47:55.0561 4564 vds - ok
11:47:55.0577 4564 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
11:47:55.0578 4564 vga - ok
11:47:55.0590 4564 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
11:47:55.0590 4564 VgaSave - ok
11:47:55.0614 4564 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
11:47:55.0615 4564 vhdmp - ok
11:47:55.0627 4564 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
11:47:55.0627 4564 viaide - ok
11:47:55.0641 4564 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
11:47:55.0642 4564 vmbus - ok
11:47:55.0651 4564 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
11:47:55.0651 4564 VMBusHID - ok
11:47:55.0660 4564 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
11:47:55.0661 4564 volmgr - ok
11:47:55.0687 4564 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
11:47:55.0688 4564 volmgrx - ok
11:47:55.0696 4564 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
11:47:55.0697 4564 volsnap - ok
11:47:55.0713 4564 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
11:47:55.0714 4564 vsmraid - ok
11:47:55.0752 4564 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
11:47:55.0759 4564 VSS - ok
11:47:55.0772 4564 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
11:47:55.0772 4564 vwifibus - ok
11:47:55.0791 4564 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
11:47:55.0793 4564 W32Time - ok
11:47:55.0802 4564 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
11:47:55.0803 4564 WacomPen - ok
11:47:55.0826 4564 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
11:47:55.0827 4564 WANARP - ok
11:47:55.0829 4564 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
11:47:55.0829 4564 Wanarpv6 - ok
11:47:55.0882 4564 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
11:47:55.0887 4564 WatAdminSvc - ok
11:47:55.0915 4564 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
11:47:55.0921 4564 wbengine - ok
11:47:55.0931 4564 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
11:47:55.0933 4564 WbioSrvc - ok
11:47:55.0958 4564 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
11:47:55.0959 4564 wcncsvc - ok
11:47:55.0967 4564 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:47:55.0968 4564 WcsPlugInService - ok
11:47:55.0984 4564 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
11:47:55.0985 4564 Wd - ok
11:47:56.0018 4564 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
11:47:56.0020 4564 Wdf01000 - ok
11:47:56.0027 4564 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
11:47:56.0028 4564 WdiServiceHost - ok
11:47:56.0031 4564 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
11:47:56.0032 4564 WdiSystemHost - ok
11:47:56.0057 4564 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
11:47:56.0059 4564 WebClient - ok
11:47:56.0079 4564 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
11:47:56.0081 4564 Wecsvc - ok
11:47:56.0091 4564 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
11:47:56.0093 4564 wercplsupport - ok
11:47:56.0113 4564 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
11:47:56.0114 4564 WerSvc - ok
11:47:56.0129 4564 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
11:47:56.0130 4564 WfpLwf - ok
11:47:56.0132 4564 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
11:47:56.0132 4564 WIMMount - ok
11:47:56.0137 4564 WinDefend - ok
11:47:56.0140 4564 WinHttpAutoProxySvc - ok
11:47:56.0184 4564 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
11:47:56.0185 4564 Winmgmt - ok
11:47:56.0229 4564 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
11:47:56.0237 4564 WinRM - ok
11:47:56.0269 4564 [ FE88B288356E7B47B74B13372ADD906D ] WinUSB C:\Windows\system32\DRIVERS\WinUSB.sys
11:47:56.0269 4564 WinUSB - ok
11:47:56.0298 4564 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
11:47:56.0302 4564 Wlansvc - ok
11:47:56.0319 4564 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
11:47:56.0319 4564 WmiAcpi - ok
11:47:56.0332 4564 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
11:47:56.0333 4564 wmiApSrv - ok
11:47:56.0359 4564 WMPNetworkSvc - ok
11:47:56.0400 4564 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
11:47:56.0402 4564 WPCSvc - ok
11:47:56.0428 4564 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
11:47:56.0430 4564 WPDBusEnum - ok
11:47:56.0465 4564 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
11:47:56.0466 4564 ws2ifsl - ok
11:47:56.0473 4564 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
11:47:56.0474 4564 wscsvc - ok
11:47:56.0476 4564 WSearch - ok
11:47:56.0528 4564 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
11:47:56.0537 4564 wuauserv - ok
11:47:56.0561 4564 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
11:47:56.0562 4564 WudfPf - ok
11:47:56.0583 4564 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
11:47:56.0584 4564 WUDFRd - ok
11:47:56.0592 4564 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
11:47:56.0593 4564 wudfsvc - ok
11:47:56.0616 4564 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
11:47:56.0618 4564 WwanSvc - ok
11:47:56.0669 4564 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
11:47:56.0671 4564 YahooAUService - ok
11:47:56.0678 4564 ================ Scan global ===============================
11:47:56.0693 4564 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
11:47:56.0717 4564 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
11:47:56.0721 4564 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
11:47:56.0738 4564 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
11:47:56.0752 4564 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
11:47:56.0754 4564 [Global] - ok
11:47:56.0755 4564 ================ Scan MBR ==================================
11:47:56.0760 4564 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
11:47:57.0024 4564 \Device\Harddisk0\DR0 - ok
11:47:57.0026 4564 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
11:47:57.0043 4564 \Device\Harddisk1\DR1 - ok
11:47:57.0052 4564 [ E156ABCB9901BD1E435C27983FCB1B18 ] \Device\Harddisk2\DR2
11:47:57.0167 4564 \Device\Harddisk2\DR2 - ok
11:47:57.0167 4564 ================ Scan VBR ==================================
11:47:57.0169 4564 [ 0FE6B2D8A6DBE77162773C6E296D1DFB ] \Device\Harddisk0\DR0\Partition1
11:47:57.0170 4564 \Device\Harddisk0\DR0\Partition1 - ok
11:47:57.0171 4564 [ ADEB0307F32404C5C0DE738C5FF610C8 ] \Device\Harddisk1\DR1\Partition1
11:47:57.0172 4564 \Device\Harddisk1\DR1\Partition1 - ok
11:47:57.0174 4564 [ DA07F62E51C3427FB80FD9C5324F59FD ] \Device\Harddisk2\DR2\Partition1
11:47:57.0176 4564 \Device\Harddisk2\DR2\Partition1 - ok
11:47:57.0176 4564 ============================================================
11:47:57.0176 4564 Scan finished
11:47:57.0176 4564 ============================================================
11:47:57.0182 5780 Detected object count: 0
11:47:57.0182 5780 Actual detected object count: 0



2. aswMBR


aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-01-15 11:12:57
-----------------------------
11:12:57.522 OS Version: Windows x64 6.1.7601 Service Pack 1
11:12:57.522 Number of processors: 12 586 0x2C02
11:12:57.522 ComputerName: TRADE1 UserName:
11:13:00.356 Initialize success
11:24:07.775 AVAST engine defs: 13011500
11:24:32.315 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
11:24:32.317 Disk 0 Vendor: Hitachi_ JP4O Size: 953869MB BusType: 8
11:24:32.320 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IAAStorageDevice-2
11:24:32.322 Disk 1 Vendor: Intel___ 1.0. Size: 1907734MB BusType: 8
11:24:32.325 Disk 2 \Device\Harddisk2\DR2 -> \Device\00000087
11:24:32.328 Disk 2 Vendor: Size: 1907734MB BusType: 0
11:24:32.337 Disk 0 MBR read successfully
11:24:32.338 Disk 0 MBR scan
11:24:32.341 Disk 0 Windows 7 default MBR code
11:24:32.344 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 953867 MB offset 2048
11:24:32.387 Disk 0 scanning C:\Windows\system32\drivers
11:24:40.808 Service scanning
11:25:03.994 Modules scanning
11:25:04.002 Disk 0 trace - called modules:
11:25:04.018 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
11:25:04.021 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8014b03790]
11:25:04.023 3 CLASSPNP.SYS[fffff88001c5143f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8014891050]
11:25:09.026 AVAST engine scan C:\Windows
11:25:12.794 AVAST engine scan C:\Windows\system32
11:27:53.393 AVAST engine scan C:\Windows\system32\drivers
11:28:04.558 AVAST engine scan C:\Users\trader
11:30:43.500 Disk 0 MBR has been saved successfully to "E:\Documents\MBR.dat"
11:30:43.540 The log file has been saved successfully to "E:\Documents\aswMBR.txt"


aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-01-15 11:12:57
-----------------------------
11:12:57.522 OS Version: Windows x64 6.1.7601 Service Pack 1
11:12:57.522 Number of processors: 12 586 0x2C02
11:12:57.522 ComputerName: TRADE1 UserName:
11:13:00.356 Initialize success
11:24:07.775 AVAST engine defs: 13011500
11:24:32.315 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
11:24:32.317 Disk 0 Vendor: Hitachi_ JP4O Size: 953869MB BusType: 8
11:24:32.320 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IAAStorageDevice-2
11:24:32.322 Disk 1 Vendor: Intel___ 1.0. Size: 1907734MB BusType: 8
11:24:32.325 Disk 2 \Device\Harddisk2\DR2 -> \Device\00000087
11:24:32.328 Disk 2 Vendor: Size: 1907734MB BusType: 0
11:24:32.337 Disk 0 MBR read successfully
11:24:32.338 Disk 0 MBR scan
11:24:32.341 Disk 0 Windows 7 default MBR code
11:24:32.344 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 953867 MB offset 2048
11:24:32.387 Disk 0 scanning C:\Windows\system32\drivers
11:24:40.808 Service scanning
11:25:03.994 Modules scanning
11:25:04.002 Disk 0 trace - called modules:
11:25:04.018 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
11:25:04.021 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8014b03790]
11:25:04.023 3 CLASSPNP.SYS[fffff88001c5143f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8014891050]
11:25:09.026 AVAST engine scan C:\Windows
11:25:12.794 AVAST engine scan C:\Windows\system32
11:27:53.393 AVAST engine scan C:\Windows\system32\drivers
11:28:04.558 AVAST engine scan C:\Users\trader
11:30:43.500 Disk 0 MBR has been saved successfully to "E:\Documents\MBR.dat"
11:30:43.540 The log file has been saved successfully to "E:\Documents\aswMBR.txt"
11:35:04.243 AVAST engine scan C:\ProgramData
11:35:56.985 Scan finished successfully
11:36:35.501 Disk 0 MBR has been saved successfully to "E:\Documents\MBR.dat"
11:36:35.504 The log file has been saved successfully to "E:\Documents\aswMBR.txt"


aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-01-15 11:12:57
-----------------------------
11:12:57.522 OS Version: Windows x64 6.1.7601 Service Pack 1
11:12:57.522 Number of processors: 12 586 0x2C02
11:12:57.522 ComputerName: TRADE1 UserName:
11:13:00.356 Initialize success
11:24:07.775 AVAST engine defs: 13011500
11:24:32.315 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
11:24:32.317 Disk 0 Vendor: Hitachi_ JP4O Size: 953869MB BusType: 8
11:24:32.320 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IAAStorageDevice-2
11:24:32.322 Disk 1 Vendor: Intel___ 1.0. Size: 1907734MB BusType: 8
11:24:32.325 Disk 2 \Device\Harddisk2\DR2 -> \Device\00000087
11:24:32.328 Disk 2 Vendor: Size: 1907734MB BusType: 0
11:24:32.337 Disk 0 MBR read successfully
11:24:32.338 Disk 0 MBR scan
11:24:32.341 Disk 0 Windows 7 default MBR code
11:24:32.344 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 953867 MB offset 2048
11:24:32.387 Disk 0 scanning C:\Windows\system32\drivers
11:24:40.808 Service scanning
11:25:03.994 Modules scanning
11:25:04.002 Disk 0 trace - called modules:
11:25:04.018 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
11:25:04.021 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8014b03790]
11:25:04.023 3 CLASSPNP.SYS[fffff88001c5143f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8014891050]
11:25:09.026 AVAST engine scan C:\Windows
11:25:12.794 AVAST engine scan C:\Windows\system32
11:27:53.393 AVAST engine scan C:\Windows\system32\drivers
11:28:04.558 AVAST engine scan C:\Users\trader
11:30:43.500 Disk 0 MBR has been saved successfully to "E:\Documents\MBR.dat"
11:30:43.540 The log file has been saved successfully to "E:\Documents\aswMBR.txt"
11:35:04.243 AVAST engine scan C:\ProgramData
11:35:56.985 Scan finished successfully
11:36:35.501 Disk 0 MBR has been saved successfully to "E:\Documents\MBR.dat"
11:36:35.504 The log file has been saved successfully to "E:\Documents\aswMBR.txt"
11:42:44.629 Disk 0 MBR has been saved successfully to "E:\Documents\MBR.dat"
11:42:44.634 The log file has been saved successfully to "E:\Documents\aswMBR.txt"


3. ESET online scanner

ESET scanning still running. I will send log when finished. So far 0 infected files.

#4 Yankees1

Yankees1
  • Topic Starter

  • Members
  • 107 posts
  • OFFLINE
  •  
  • Local time:11:51 AM

Posted 15 January 2013 - 04:43 PM

3. ESET online scanner


G:\BUData\TRADE1-64FA1B77_00000000\20121006030002\Chg\00\Users\trader\AppData\Roaming\OpenCandy\20BD99DC044546E1B4D82DFE38DD596A\SendoriSetupx10403_p4v4.exe probably a variant of Win32/Adware.FTHXCJ application cleaned by deleting - quarantined

#5 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:51 AM

Posted 15 January 2013 - 05:12 PM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.



Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#6 Yankees1

Yankees1
  • Topic Starter

  • Members
  • 107 posts
  • OFFLINE
  •  
  • Local time:11:51 AM

Posted 15 January 2013 - 05:26 PM

Working on these steps...starting Malwarebytes

#7 Yankees1

Yankees1
  • Topic Starter

  • Members
  • 107 posts
  • OFFLINE
  •  
  • Local time:11:51 AM

Posted 16 January 2013 - 08:01 AM

1. Malwarebytes

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Database version: v2013.01.15.14

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
trader :: TRADE1 [administrator]

1/15/2013 5:25:02 PM
MBAM-log-2013-01-16 (08-00-32).txt

Scan type: Full scan (B:\|C:\|E:\|G:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Shuriken | PUP | PUM
Scan options disabled: Heuristics/Extra | P2P
Objects scanned: 3261062
Time elapsed: 10 hour(s), 17 minute(s), 8 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
G:\BUData\TRADE1-64FA1B77_00000000\20130115030000\Chg\00\Users\nricher\AppData\Local\Temp\DNS.exe (Trojan.Dropper) -> No action taken.

(end)

#8 Yankees1

Yankees1
  • Topic Starter

  • Members
  • 107 posts
  • OFFLINE
  •  
  • Local time:11:51 AM

Posted 16 January 2013 - 08:24 AM

2. mini toolbox
MiniToolBox by Farbar Version:10-01-2013
Ran by trader (administrator) on 16-01-2013 at 08:21:58
Running from "C:\Users\trader\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K1ZFTV3R"
Windows 7 Professional Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Local Area Connection (Connected)
Realtek PCIe GBE Family Controller = Local Area Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global taskoffload=disabled dhcpmediasense=disabled mldversion=version1


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Trade1
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller #2
Physical Address. . . . . . . . . : 00-1F-BC-00-C5-34
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 00-1F-BC-00-C5-35
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::ed9b:2ecd:28a6:aa17%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.11.31(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Wednesday, January 16, 2013 8:18:50 AM
Lease Expires . . . . . . . . . . : Thursday, January 17, 2013 8:18:53 AM
Default Gateway . . . . . . . . . : 192.168.11.1
DHCP Server . . . . . . . . . . . : 192.168.11.1
DHCPv6 IAID . . . . . . . . . . . : 234889148
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-D2-ED-47-00-1F-BC-00-C5-35
DNS Servers . . . . . . . . . . . : 216.146.35.240
216.146.36.240
192.168.11.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{692F7D0F-334E-4FC8-9C51-7F2372882DA6}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{E48F228E-38F2-4215-9985-79B0F6ED6AFE}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:1c14:311b:e745:c12c(Preferred)
Link-local IPv6 Address . . . . . : fe80::1c14:311b:e745:c12c%13(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: sendori-rdns1.dyndns.com
Address: 216.146.35.240

Name: google.com
Addresses: 2607:f8b0:4006:800::1005
74.125.226.197
74.125.226.195
74.125.226.192
74.125.226.196
74.125.226.200
74.125.226.206
74.125.226.198
74.125.226.199
74.125.226.194
74.125.226.201
74.125.226.193


Pinging google.com [74.125.226.197] with 32 bytes of data:
Reply from 74.125.226.197: bytes=32 time=10ms TTL=55
Reply from 74.125.226.197: bytes=32 time=10ms TTL=55

Ping statistics for 74.125.226.197:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 10ms, Maximum = 10ms, Average = 10ms
Server: sendori-rdns1.dyndns.com
Address: 216.146.35.240

Name: yahoo.com
Addresses: 98.139.183.24
206.190.36.45
98.138.253.109


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=696ms TTL=51
Reply from 98.139.183.24: bytes=32 time=695ms TTL=51

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 695ms, Maximum = 696ms, Average = 695ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
12...00 1f bc 00 c5 34 ......Realtek PCIe GBE Family Controller #2
10...00 1f bc 00 c5 35 ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
11...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.11.1 192.168.11.31 10
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.11.0 255.255.255.0 On-link 192.168.11.31 266
192.168.11.31 255.255.255.255 On-link 192.168.11.31 266
192.168.11.255 255.255.255.255 On-link 192.168.11.31 266
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.11.31 266
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.11.31 266
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
13 58 ::/0 On-link
1 306 ::1/128 On-link
13 58 2001::/32 On-link
13 306 2001:0:4137:9e76:1c14:311b:e745:c12c/128
On-link
10 266 fe80::/64 On-link
13 306 fe80::/64 On-link
13 306 fe80::1c14:311b:e745:c12c/128
On-link
10 266 fe80::ed9b:2ecd:28a6:aa17/128
On-link
1 306 ff00::/8 On-link
13 306 ff00::/8 On-link
10 266 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\Sendori.dll [321384] (Sendori)
Catalog9 02 C:\Windows\SysWOW64\Sendori.dll [321384] (Sendori)
Catalog9 03 C:\Windows\SysWOW64\Sendori.dll [321384] (Sendori)
Catalog9 04 C:\Windows\SysWOW64\Sendori.dll [321384] (Sendori)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\SysWOW64\Sendori.dll [321384] (Sendori)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (01/16/2013 03:55:46 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (01/16/2013 03:55:41 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC90.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Dependent Assembly Microsoft.VC90.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (01/16/2013 03:55:38 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC90.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Dependent Assembly Microsoft.VC90.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (01/15/2013 11:51:24 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/15/2013 00:32:26 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/15/2013 00:32:18 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/15/2013 00:31:17 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/15/2013 00:31:07 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC90.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Dependent Assembly Microsoft.VC90.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (01/15/2013 00:31:01 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC90.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Dependent Assembly Microsoft.VC90.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (01/14/2013 02:21:32 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============
Error: (01/16/2013 08:22:14 AM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error:
%%1069

Error: (01/16/2013 08:22:14 AM) (Source: Service Control Manager) (User: )
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error:
%%1330

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Error: (01/16/2013 08:20:12 AM) (Source: Service Control Manager) (User: )
Description: The Service Sendori service hung on starting.

Error: (01/16/2013 08:18:51 AM) (Source: Service Control Manager) (User: )
Description: The Windows Defender service terminated with the following error:
%%126

Error: (01/16/2013 08:18:26 AM) (Source: Ntfs) (User: )
Description: The default transaction resource manager on volume B: encountered a non-retryable error and could not start. The data contains the error code.

Error: (01/16/2013 08:13:48 AM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error:
%%1069

Error: (01/16/2013 08:13:48 AM) (Source: Service Control Manager) (User: )
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error:
%%1330

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Error: (01/16/2013 08:11:47 AM) (Source: Service Control Manager) (User: )
Description: The Service Sendori service hung on starting.

Error: (01/16/2013 08:10:26 AM) (Source: Service Control Manager) (User: )
Description: The Windows Defender service terminated with the following error:
%%126

Error: (01/16/2013 08:10:25 AM) (Source: Service Control Manager) (User: )
Description: The TT Guardian Control service failed to start due to the following error:
%%2


Microsoft Office Sessions:
=========================
Error: (10/10/2012 04:21:13 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 158419 seconds with 10980 seconds of active time. This session ended with a crash.

Error: (08/17/2012 10:37:06 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 13901 seconds with 3960 seconds of active time. This session ended with a crash.


=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
64 Bit HP CIO Components Installer (Version: 8.2.1)
Adobe Flash Player 11 ActiveX (Version: 11.5.502.146)
Adobe Flash Player 11 Plugin (Version: 11.5.502.146)
Adobe Reader XI (11.0.01) (Version: 11.0.01)
AIM for Windows
AOL Messaging Toolbar
Avery Wizard 4.0 (Version: 4.0.103)
BlackBerry Desktop Software 7.1 (Version: 7.1.0.32)
BUFFALO Backup Utility
BUFFALO BuffaloTools Launcher
BUFFALO SecureLockManagerEasy for HD
BUFFALO TurboPC EX
CCleaner (Version: 3.26)
Convert (Version: 4.10)
Download Updater (AOL Inc.)
ESET Online Scanner v3
FileHippo.com Update Checker
FriendsChecker (Version: 2.5.60)
Google Calendar Sync
Google Chrome (Version: 65.61.49249)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.4.3607.2246)
Google Update Helper (Version: 1.3.21.123)
Guardian (Version: 7.9.0.16)
HP LJ300-400 color MFP M375-M475
HP LJ300-400 color MFP M375-M475 Fax (Version: 24.0.0.0)
HP LJ300-400 M375-M475 HP Scan (Version: 1.0.302.0)
HP Product FWUpdater (Version: 4.0.0.6579)
HP Unified IO (Version: 1.0.1.94)
HP Update (Version: 5.003.001.001)
hpbDSService (Version: 001.001.05133)
hpbM375M475DSService (Version: 001.001.05164)
HPLaserJet300-400ColorM375-M475Series_HelpLearnCenter_SI (Version: 1.01.0000)
HPLJDXPHelper (Version: 020.021.004)
hppFaxDrvM375M475 (Version: 003.000.00002)
hppLaserJetService (Version: 009.022.00806)
hppM375_M475LaserJetService (Version: 005.020.00094)
hppSendFaxM375M475 (Version: 003.000.00002)
hppToolboxProxyM375 (Version: 020.021.004)
hpStatusAlerts (Version: 020.025.1119)
hpStatusAlertsM375_M475 (Version: 020.023.01805)
InstanceFinder (Version: 020.021.004)
Intel® Control Center (Version: 1.2.1.1007)
Intel® Rapid Storage Technology (Version: 10.8.0.1003)
Java 7 Update 11 (64-bit) (Version: 7.0.110)
Java 7 Update 11 (Version: 7.0.110)
Java Auto Updater (Version: 2.1.9.0)
Java™ 7 Update 5 (Version: 7.0.50)
Just Great Software EditPad Lite 6.6.4 (Version: 6.6.4)
LJDXPHelperUI (Version: 020.021.004)
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
MetaStock Professional 11.0
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft IntelliPoint 8.0 (Version: 8.01.249.0)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Security Client (Version: 4.1.0522.0)
Microsoft Security Essentials (Version: 4.1.522.0)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft VC9 runtime libraries (Version: 2.0.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP3 Parser (KB2721691) (Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB2758694) (Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (Version: 4.30.2100.0)
MyFreeCodec
NVIDIA 3D Vision Driver 306.97 (Version: 306.97)
NVIDIA Control Panel 306.97 (Version: 306.97)
NVIDIA Graphics Driver 306.97 (Version: 306.97)
NVIDIA Install Application (Version: 2.1002.85.551)
NVIDIA PhysX (Version: 9.10.0514)
NVIDIA PhysX System Software 9.10.0514 (Version: 9.10.0514)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.0697)
NVIDIA Update 1.10.8 (Version: 1.10.8)
NVIDIA Update Components (Version: 1.10.8)
QuoteCenter (Version: 8.5.1)
Realtek Ethernet Controller Driver (Version: 7.37.1229.2010)
Realtek High Definition Audio Driver (Version: 6.0.1.6278)
Samsung Kies (Version: 2.5.0.12094_27)
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.16.0)
Secunia PSI (3.0.0.3001) (Version: 3.0.0.3001)
Sendori (Version: 2.0.6)
SIW version 2010.07.14 (Version: 2010.07.14)
Skype Click to Call (Version: 5.11.9874)
Skype™ 6.0 (Version: 6.0.120)
thinkorswim from TD AMERITRADE
TightVNC 2.0.4 (Version: 2.0.4)
ToolboxProxy (Version: 020.023.005)
TT Messaging (Version: 4.2.6.5)
UltraMon (Version: 3.2.1)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2760586) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
WinRAR 4.20 (64-bit) (Version: 4.20.0)
X_STUDY (Version: 7.7.1.0)
X_TRADER / TT_TRADER (Version: 7.11.2.105)
XTAPI (Version: 7.7.5.2)
Yahoo! BrowserPlus 2.9.8
Yahoo! Messenger
Yahoo! Software Update
Yahoo! Toolbar

========================= Memory info: ===================================

Percentage of memory in use: 29%
Total physical RAM: 24567.14 MB
Available physical RAM: 17365.76 MB
Total Pagefile: 49132.48 MB
Available Pagefile: 41464.17 MB
Total Virtual: 4095.88 MB
Available Virtual: 3948.51 MB

========================= Partitions: =====================================

1 Drive b: (RAMDisk) (Fixed) (Total:4.25 GB) (Free:2.4 GB) NTFS
2 Drive c: () (Fixed) (Total:931.51 GB) (Free:621.12 GB) NTFS
4 Drive e: (Raid) (Fixed) (Total:1863.02 GB) (Free:1762.63 GB) NTFS
5 Drive g: () (Fixed) (Total:2794.49 GB) (Free:1731.78 GB) NTFS

========================= Users: ========================================

User accounts for \\TRADE1

Administrator Guest nricher
UpdatusUser

========================= Restore Points ==================================

21-10-2012 11:48:17 Windows Update
21-10-2012 11:51:54 Windows Update
24-10-2012 01:06:23 Installed Adobe Reader XI.
24-10-2012 01:15:57 Installed Java 7 Update 9 (64-bit)
24-10-2012 01:30:58 Installed MSXML 4.0 SP3 Parser
24-10-2012 01:34:32 Windows Update
24-10-2012 01:42:55 Windows Update
27-10-2012 01:59:23 Windows Update
27-10-2012 03:31:34 Installed Samsung Kies
09-11-2012 14:57:53 Scheduled Checkpoint
09-11-2012 18:06:03 Configured Microsoft Office Enterprise 2007
09-11-2012 19:17:10 Windows Update
12-11-2012 21:59:20 Windows Update
16-11-2012 01:34:27 Windows Update
16-11-2012 01:52:42 Windows Update
16-11-2012 02:05:19 Installed Skype™ 6.0
19-11-2012 02:23:59 Windows Update
23-11-2012 02:23:37 Windows Update
27-11-2012 02:24:13 Windows Update
01-12-2012 02:24:14 Windows Update
06-12-2012 01:55:02 Windows Update
09-12-2012 06:34:36 Windows Update
10-12-2012 02:26:52 Windows Update
13-12-2012 17:06:43 Windows Update
17-12-2012 00:57:22 Windows Update
17-12-2012 01:09:28 Windows Update
20-12-2012 01:25:41 Windows Update
23-12-2012 07:13:31 Windows Update
23-12-2012 17:29:41 Installed Java 7 Update 10 (64-bit)
23-12-2012 17:35:53 Windows Update
25-12-2012 15:22:22 Removed ASPCA Reminder by We-Care.com v4.1.19.1
25-12-2012 15:23:50 Removed 7-Zip 9.22 (x64 edition)
27-12-2012 02:30:39 Windows Update
30-12-2012 07:22:25 Windows Update
03-01-2013 02:30:56 Windows Update
06-01-2013 07:22:25 Windows Update
10-01-2013 02:31:00 Windows Update
10-01-2013 20:10:42 Windows Update
10-01-2013 20:30:53 Windows Update
13-01-2013 20:55:50 Windows Update
14-01-2013 13:49:14 Installed Java 7 Update 11
14-01-2013 14:12:30 Installed Java 7 Update 11

**** End of log ****

#9 Yankees1

Yankees1
  • Topic Starter

  • Members
  • 107 posts
  • OFFLINE
  •  
  • Local time:11:51 AM

Posted 16 January 2013 - 08:27 AM

3. Farbar Service Scanner
Farbar Service Scanner Version: 16-01-2013
Ran by trader (administrator) on 16-01-2013 at 08:26:19
Running from "C:\Users\trader\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XGOV1RNX"
Windows 7 Professional Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error. Google IP is offline
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is OK.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend: "%ProgramFiles(x86)%\Windows Defender\mpsvc.dll".


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

#10 Yankees1

Yankees1
  • Topic Starter

  • Members
  • 107 posts
  • OFFLINE
  •  
  • Local time:11:51 AM

Posted 16 January 2013 - 08:36 AM

4. adware cleaner
# AdwCleaner v2.105 - Logfile created 01/16/2013 at 08:30:23
# Updated 08/01/2013 by Xplode
# Operating system : Windows 7 Professional Service Pack 1 (64 bits)
# User : nricher - TRADE1
# Boot Mode : Normal
# Running from : C:\Users\trader\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4UUKOTQL\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Registry is clean.

-\\ Google Chrome v24.0.1312.52

File : C:\Users\trader\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [4116 octets] - [16/01/2013 08:28:26]
AdwCleaner[S2].txt - [790 octets] - [16/01/2013 08:30:23]

########## EOF - C:\AdwCleaner[S2].txt - [849 octets] ##########

#11 Yankees1

Yankees1
  • Topic Starter

  • Members
  • 107 posts
  • OFFLINE
  •  
  • Local time:11:51 AM

Posted 16 January 2013 - 08:49 AM

5. Junkware removal tool

App seems to be crashing

#12 Yankees1

Yankees1
  • Topic Starter

  • Members
  • 107 posts
  • OFFLINE
  •  
  • Local time:11:51 AM

Posted 16 January 2013 - 08:58 AM

6. http://www.bleepingcomputer.com/download/rkill/

Rkill 2.4.5 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 01/16/2013 08:56:46 AM in x64 mode.
Windows Version: Windows 7 Professional Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\Windows\SysWOW64\AstSrv.exe (PID: 1964) [WD-HEUR]

1 proccess terminated!

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* WinDefend => %ProgramFiles(x86)%\Windows Defender\mpsvc.dll [Incorrect ServiceDLL]

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 localhost

Program finished at: 01/16/2013 08:56:56 AM
Execution time: 0 hours(s), 0 minute(s), and 10 seconds(s)

#13 Yankees1

Yankees1
  • Topic Starter

  • Members
  • 107 posts
  • OFFLINE
  •  
  • Local time:11:51 AM

Posted 16 January 2013 - 09:12 AM

7. Autoruns

"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "HP LJ300-400 color MFP M375-M475 Series Fax" "hppfaxprintersrv" "Hewlett-Packard Company" "c:\program files (x86)\hp\digital imaging\fax\fax driver 0.6 base\hppfaxprintersrv.exe"
+ "IntelliPoint" "IPoint.exe" "Microsoft Corporation" "c:\program files\microsoft intellipoint\ipoint.exe"
+ "MSC" "Microsoft Security Client User Interface" "Microsoft Corporation" "c:\program files\microsoft security client\msseces.exe"
+ "RtHDVCpl" "Realtek HD Audio Manager" "Realtek Semiconductor" "c:\program files\realtek\audio\hda\ravcpl64.exe"
+ "TC2Tray" "TurboPC EX FileCopy Resident Program" "BUFFALO INC." "c:\windows\system32\tc2tray.exe"
+ "tpcexTray" "TurboPC EX Notify Program" "BUFFALO INC." "c:\program files (x86)\buffalo\turbopc_ex\diskcache\tpcextray.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe"
+ "Backup Utility TaskTray Tool" "Backup Utility TaskTray Tool" "BUFFALO INC." "c:\program files (x86)\buffalo\backup_utility\butray.exe"
+ "BuffaloTools" "Buffalo Tools" "BUFFALO INC." "c:\program files (x86)\buffalo\buffalotools\buffalotools.exe"
+ "GrooveMonitor" "GrooveMonitor Utility" "Microsoft Corporation" "b:\program files (x86)\microsoft office\office12\groovemonitor.exe"
+ "HP Software Update" "hpwuSchd Application" "Hewlett-Packard" "c:\program files (x86)\hp\hp software update\hpwuschd2.exe"
+ "IAStorIcon" "IAStorIcon" "Intel Corporation" "c:\program files (x86)\intel\intel® rapid storage technology\iastoricon.exe"
+ "KiesTrayAgent" "Kies TrayAgent Application" "Samsung Electronics Co., Ltd." "c:\program files (x86)\samsung\kies\kiestrayagent.exe"
+ "RAMDiskImage" "RAMDisk Image utility (x86/x64)" "QSoft [ Qualitative Software ]" "c:\windows\syswow64\ramdiskimage.exe"
+ "RIMBBLaunchAgent.exe" "Launch Agent Service" "Research In Motion Limited" "c:\program files (x86)\common files\research in motion\usb drivers\rimbblaunchagent.exe"
+ "Sendori Tray" "Sendori Notification Icon" "Sendori, Inc." "c:\program files (x86)\sendori\sendoritray.exe"
+ "StatusAlerts" "HPStatusAlerts" "Hewlett-Packard Company" "c:\program files (x86)\hp\statusalerts\bin\hpstatusalerts.exe"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files (x86)\common files\java\java update\jusched.exe"
+ "tvncontrol" "TightVNC Server for Windows" "GlavSoft LLC." "c:\program files (x86)\tightvnc\tvnserver.exe"
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "Google Calendar Sync.lnk" "Google Calendar Sync" "Google" "c:\program files (x86)\google\google calendar sync\googlecalendarsync.exe"
+ "Secunia PSI Tray.lnk" "Secunia PSI Tray" "Secunia" "c:\program files (x86)\secunia\psi\psi_tray.exe"
+ "Start Guardian.lnk" "GuardianStart EXE" "Trading Technologies International, Inc." "b:\tt\guardian\guardianstart.exe"
+ "UltraMon.lnk" "" "" "c:\windows\installer\{ed7fe81c-378c-411d-b5b4-509b978ba204}\icoultramon.ico"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Google Chrome" "Google Chrome" "Google Inc." "c:\program files (x86)\google\chrome\application\24.0.1312.52\installer\setup.exe"
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "FileHippo.com" "FileHippo.com Update Checker" "FileHippo.com" "c:\program files (x86)\filehippo.com\updatechecker.exe"
+ "KiesAirMessage" "" "Samsung Electronics" "c:\program files (x86)\samsung\kies\kiesairmessage.exe"
+ "KiesPreload" "Kies" "Samsung" "c:\program files (x86)\samsung\kies\kies.exe"
+ "Skype" "Skype " "Skype Technologies S.A." "c:\program files (x86)\skype\phone\skype.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office12\msoxmlmf.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks" "" "" ""
+ "Groove GFS Stub Execution Hook" "GrooveShellExtensions Module" "Microsoft Corporation" "b:\program files (x86)\microsoft office\office12\grooveshellextensions.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll"
+ "WinRAR" "WinRAR shell extension" "Alexander Roshal" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "WinRAR32" "WinRAR shell extension" "Alexander Roshal" "c:\program files\winrar\rarext32.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "GrooveShellExtensions Module" "Microsoft Corporation" "b:\program files (x86)\microsoft office\office12\grooveshellextensions.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Wow6432Node\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "XXX Groove GFS Context Menu Handler XXX" "GrooveShellExtensions Module" "Microsoft Corporation" "b:\program files (x86)\microsoft office\office12\grooveshellextensions.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "XXX Groove GFS Context Menu Handler XXX" "GrooveShellExtensions Module" "Microsoft Corporation" "b:\program files (x86)\microsoft office\office12\grooveshellextensions.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "BUFFALO Backup Utility shell extension" "Backup Utility Shell extension" "BUFFALO INC." "c:\program files (x86)\buffalo\backup_utility\bushellex64.dll"
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
+ "NvCplDesktopContext" "" "NVIDIA Corporation" "c:\windows\system32\nvshext.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "GrooveShellExtensions Module" "Microsoft Corporation" "b:\program files (x86)\microsoft office\office12\grooveshellextensions.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "BUFFALO Backup Utility shell extension" "Backup Utility Shell extension" "BUFFALO INC." "c:\program files (x86)\buffalo\backup_utility\bushellex64.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "WinRAR" "WinRAR shell extension" "Alexander Roshal" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "WinRAR32" "WinRAR shell extension" "Alexander Roshal" "c:\program files\winrar\rarext32.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "GrooveShellExtensions Module" "Microsoft Corporation" "b:\program files (x86)\microsoft office\office12\grooveshellextensions.dll"
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "BUFFALO Backup Utility shell extension" "Backup Utility Shell extension" "BUFFALO INC." "c:\program files (x86)\buffalo\backup_utility\bushellex64.dll"
+ "TurboCopy shell extension" "TurboPC EX FileCopy シェルエクステンション" "BUFFALO INC." "c:\windows\system32\tc2shellex.dll"
+ "WinRAR" "WinRAR shell extension" "Alexander Roshal" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "WinRAR32" "WinRAR shell extension" "Alexander Roshal" "c:\program files\winrar\rarext32.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" "GrooveShellExtensions Module" "Microsoft Corporation" "b:\program files (x86)\microsoft office\office12\grooveshellextensions.dll"
+ "Groove Explorer Icon Overlay 2 (GFS Stub)" "GrooveShellExtensions Module" "Microsoft Corporation" "b:\program files (x86)\microsoft office\office12\grooveshellextensions.dll"
+ "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" "GrooveShellExtensions Module" "Microsoft Corporation" "b:\program files (x86)\microsoft office\office12\grooveshellextensions.dll"
+ "Groove Explorer Icon Overlay 3 (GFS Folder)" "GrooveShellExtensions Module" "Microsoft Corporation" "b:\program files (x86)\microsoft office\office12\grooveshellextensions.dll"
+ "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" "GrooveShellExtensions Module" "Microsoft Corporation" "b:\program files (x86)\microsoft office\office12\grooveshellextensions.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Google Toolbar Helper" "Google Toolbar" "Google Inc." "c:\program files (x86)\google\google toolbar\googletoolbar_64.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files\java\jre7\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files\java\jre7\bin\ssv.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "&Yahoo! Toolbar Helper" "Yahoo! Toolbar" "Yahoo! Inc." "c:\program files (x86)\yahoo!\companion\installs\cpn0\yt.dll"
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "AOL Messaging Toolbar Loader" "AOL Messaging Toolbar" "AOL Inc." "c:\program files (x86)\aim toolbar\aimtb.dll"
+ "FriendsChecker" "" "FriendsChecker" "c:\program files (x86)\friendschecker\ie\common.dll"
+ "Google Toolbar Helper" "Google Toolbar" "Google Inc." "c:\program files (x86)\google\google toolbar\googletoolbar_32.dll"
+ "Groove GFS Browser Helper" "GrooveShellExtensions Module" "Microsoft Corporation" "b:\program files (x86)\microsoft office\office12\grooveshellextensions.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\java\jre7\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\java\jre7\bin\ssv.dll"
+ "SingleInstance Class" "Yahoo! Single Instance for Mail" "Yahoo! Inc" "c:\program files (x86)\yahoo!\companion\installs\cpn0\ytsingleinstance.dll"
+ "Skype Browser Helper" "Skype Click to Call for Internet Explorer" "Skype Technologies S.A." "c:\program files (x86)\skype\toolbars\internet explorer\skypeieplugin.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "Google Toolbar" "Google Toolbar" "Google Inc." "c:\program files (x86)\google\google toolbar\googletoolbar_64.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "AOL Messaging Toolbar" "AOL Messaging Toolbar" "AOL Inc." "c:\program files (x86)\aim toolbar\aimtb.dll"
+ "Google Toolbar" "Google Toolbar" "Google Inc." "c:\program files (x86)\google\google toolbar\googletoolbar_32.dll"
+ "Yahoo! Toolbar" "Yahoo! Toolbar" "Yahoo! Inc." "c:\program files (x86)\yahoo!\companion\installs\cpn0\yt.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "S&end to OneNote" "Microsoft Office OneNote Internet Explorer Add-in" "Microsoft Corporation" "b:\program files (x86)\microsoft office\office12\onbttnie.dll"
+ "Skype Click to Call" "Skype Click to Call for Internet Explorer" "Skype Technologies S.A." "c:\program files (x86)\skype\toolbars\internet explorer\skypeieplugin.dll"
"Task Scheduler" "" "" ""
+ "\Adobe Flash Player Updater" "Adobe® Flash® Player Update Service 11.5 r502" "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "\CCleanerSkipUAC" "CCleaner" "Piriform Ltd" "c:\program files\ccleaner\ccleaner.exe"
+ "\GoogleUpdateTaskMachineCore" "Google Installer" "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskMachineUA" "Google Installer" "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\microsoft security client\mpcmdrun.exe"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
+ "\Microsoft_Hardware_Launch_IPoint_exe" "IPoint.exe" "Microsoft Corporation" "c:\program files\microsoft intellipoint\ipoint.exe"
+ "\Test TimeTrigger" "" "" "c:\users\trader\appdata\local\temp\runner.exe"
+ "\{076A8E9F-04C4-4446-805B-4D2FDD7E24DF}" "Microsoft Office Outlook" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office12\outlook.exe"
+ "\{0F7283E2-9E4F-4E3F-B8E3-2A576B7DE7A1}" "Internet Explorer" "Microsoft Corporation" "c:\program files (x86)\internet explorer\iexplore.exe"
+ "\{6CE33D89-6621-4F98-8673-D9FE1F01D2D2}" "Skype " "Skype Technologies S.A." "c:\program files (x86)\skype\phone\skype.exe"
+ "\{C5C1DF6C-192B-4B82-BFBA-B0731A6A3F58}" "Microsoft Office Outlook" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office12\outlook.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AdobeARMservice" "Adobe Acrobat Updater keeps your Adobe software up to date." "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe"
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "Application Sendori" "Sets and maintains Sendori protection on this computer." "Sendori, Inc." "c:\program files (x86)\sendori\sendorisvc.exe"
+ "Ast Service" "Nalpeiron Highend Service" "Nalpeiron Ltd." "c:\windows\syswow64\astsrv.exe"
+ "BFBackupUtilityService" "Backup Utility File Access Record Service" "BUFFALO INC." "c:\program files (x86)\buffalo\backup_utility\buservice.exe"
+ "BFBackupUtilityVSSService" "Backup Utility VSS Control Service" "BUFFALO INC." "c:\program files (x86)\buffalo\backup_utility\buvssservice64.exe"
+ "bufssvr" "BUFFALO Security Service" "BUFFALO INC." "c:\program files (x86)\buffalo\slmanagereasy\bufssvr.exe"
+ "guardian" "TT Guardian 7.9" "Trading Technologies International, Inc." "b:\tt\guardian\guardian.exe"
+ "guardianctrl" "Guardian Control 7.9" "Trading Technologies International, Inc." "b:\tt\guardian\guardianctrl.exe"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "gusvc" "Google Updater keeps your Google software up to date. If Google Updater Service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work." "Google" "c:\program files (x86)\google\common\google updater\googleupdaterservice.exe"
+ "HP DS Service" "HP DS Service" "Hewlett-Packard Company" "c:\program files (x86)\hp\hpbdsservice\hpbdsservice.exe"
+ "HP LaserJet Service" "A system service that allows HP Software to easily connect to your LaserJet for everyday tasks." "HP" "c:\program files (x86)\hp\hplaserjetservice\hplaserjetservice.exe"
+ "IAStorDataMgrSvc" "Provides storage event notification and manages communication between the storage driver and user space applications." "Intel Corporation" "c:\program files (x86)\intel\intel® rapid storage technology\iastordatamgrsvc.exe"
+ "MBAMScheduler" "Malwarebytes Anti-Malware scheduler" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamscheduler.exe"
+ "MBAMService" "Malwarebytes Anti-Malware service" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamservice.exe"
+ "Microsoft Office Groove Audit Service" "Groove Audit Service" "Microsoft Corporation" "b:\program files (x86)\microsoft office\office12\grooveauditservice.exe"
+ "MsMpSvc" "Helps protect users from malware and other potentially unwanted software" "Microsoft Corporation" "c:\program files\microsoft security client\msmpeng.exe"
+ "Net Driver HPZ12" "Dot4Net Module" "Hewlett-Packard" "c:\windows\system32\hpzinw12.dll"
+ "NisSrv" "Helps guard against intrusion attempts targeting known and newly discovered vulnerabilities in network protocols" "Microsoft Corporation" "c:\program files\microsoft security client\nissrv.exe"
+ "NVSvc" "Provides system and desktop level support to the NVIDIA display driver" "NVIDIA Corporation" "c:\windows\system32\nvvsvc.exe"
+ "nvUpdatusService" "NVIDIA Settings Update Manager service, used to check new updates from NVIDIA server." "NVIDIA Corporation" "c:\program files (x86)\nvidia corporation\nvidia update core\daemonu.exe"
+ "odserv" "Run portions of Microsoft Office Diagnostics." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\office12\odserv.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"
+ "Pml Driver HPZ12" "PmlDrv Module" "Hewlett-Packard" "c:\windows\system32\hpzipm12.dll"
+ "RAMDrivService" "RAMDisk Image utility (x86/x64)" "QSoft [ Qualitative Software ]" "c:\windows\syswow64\ramdiskimage.exe"
+ "Secunia PSI Agent" "Performs routine software inspections of the system, the results of which can be seen in your Secunia PSI" "Secunia" "c:\program files (x86)\secunia\psi\psia.exe"
+ "Secunia Update Agent" "Performs routine updates of selected software on the system, the results of which can be seen in your Secunia PSI" "Secunia" "c:\program files (x86)\secunia\psi\sua.exe"
+ "Service Sendori" "Service Sendori." "sendori" "c:\program files (x86)\sendori\sendori.service.exe"
+ "SkypeUpdate" "Enables the detection, download and installation of updates for Skype." "Skype Technologies" "c:\program files (x86)\skype\updater\updater.exe"
+ "sndappv2" "Sets and maintains sndappv2 LSP protection on this computer." "Sendori" "c:\program files (x86)\sendori\sndappv2.exe"
+ "Stereo Service" "Provides system support for NVIDIA Stereoscopic 3D driver" "NVIDIA Corporation" "c:\program files (x86)\nvidia corporation\3d vision\nvscpapisvr.exe"
+ "TC2Service" "TurboPC EX FileCopy Service" "BUFFALO INC." "c:\windows\system32\tc2service.exe"
+ "tpcexdccs" "TurboPC EX DiskCache Control Service" "BUFFALO INC." "c:\program files (x86)\buffalo\turbopc_ex\diskcache\tpcexservice.exe"
+ "ttmd" "TT Messaging 4.2" "Trading Technologies International, Inc." "b:\tt\ttm\ttmd.exe"
+ "tvnserver" "TightVNC Server for Windows" "GlavSoft LLC." "c:\program files (x86)\tightvnc\tvnserver.exe"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "" "File not found: C:\Program Files (x86)\Windows Defender\mpsvc.dll"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
+ "YahooAUService" "Keeps your favorite Yahoo! software up-to-date with the latest features, tools, and enhancements." "Yahoo! Inc." "c:\program files (x86)\yahoo!\softwareupdate\yahooauservice.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "bftpdskc" "TurboPC DiskCache Driver" "BUFFALO INC." "c:\windows\system32\drivers\bftpdskc64.sys"
+ "bftpusbx" "TurboPC USB Driver" "BUFFALO INC." "c:\windows\system32\drivers\bftpusbx64.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "cpuz134" "" "" "File not found: C:\Users\trader\AppData\Local\Temp\cpuz134\cpuz134_x64.sys"
+ "dg_ssudbus" "SAMSUNG USB Composite Device Driver (MSS Ver.3)" "DEVGURU Co., LTD.(www.devguru.co.kr)" "c:\windows\system32\drivers\ssudbus.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStor" "Intel Rapid Storage Technology driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastor.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "IntcAzAudAddService" "Realtek® High Definition Audio Function Driver" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtkvhd64.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "MBAMProtector" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\windows\system32\drivers\mbam.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "nvlddmkm" "NVIDIA Windows Kernel Mode Driver, Version 306.97 " "NVIDIA Corporation" "c:\windows\system32\drivers\nvlddmkm.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "PSI" "PSI mini-filter driver" "Secunia" "c:\windows\system32\drivers\psi_mf.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "RAMDriv" "RAMDisk Driver (x64)" "QSoft [ Qualitative Software ]" "c:\windows\system32\drivers\ramdriv.sys"
+ "RimUsb" "BlackBerry Device Driver" "Research In Motion Limited" "c:\windows\system32\drivers\rimusb_amd64.sys"
+ "RimVSerPort" "RIM Virtual Serial Driver" "Research in Motion Ltd" "c:\windows\system32\drivers\rimserial_amd64.sys"
+ "RTL8167" "Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver " "Realtek " "c:\windows\system32\drivers\rt64win7.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "ssudmdm" "SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.)" "DEVGURU Co., LTD.(www.devguru.co.kr)" "c:\windows\system32\drivers\ssudmdm.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "UltraMonUtility" "UltraMon Utility Driver" "Realtime Soft Ltd" "c:\program files (x86)\common files\realtime soft\ultramonmirrordrv\x64\ultramonutility.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "AC3 Decoder Filter" "TODO: <파일 설명>" "TODO: <회사 이름>" "c:\program files (x86)\myfree codec\1.0b beta\ac-3\ac3dx.ax"
+ "MACSReaderMP3 Filter" "MACSReaderMP3 Filter" "" "c:\program files (x86)\samsung\kies\external\mediamodules\macsreaderavi.ax"
+ "MainConcept AAC Decoder" "AAC audio decoder filter" "MainConcept GmbH" "c:\program files (x86)\research in motion\blackberry desktop\codecs\mc_dec_aac_ds.ax"
+ "MainConcept AMR Decoder" "AMR Decoder DirectShow Filter" "MainConcept GmbH" "c:\program files (x86)\research in motion\blackberry desktop\codecs\mc_dec_amr_ds.ax"
+ "MainConcept Audio Converter" "Audio Converter DirectShow Filter" "MainConcept GmbH" "c:\program files (x86)\research in motion\blackberry desktop\codecs\mc_trans_audio_converter_ds.ax"
+ "MainConcept Audio Resampler" "Audio Resampler Direct Show Filter" "MainConcept GmbH" "c:\program files (x86)\research in motion\blackberry desktop\codecs\mc_trans_audio_samplerate_ds.ax"
+ "MainConcept AVC/H.264 Video Decoder" "AVC/H.264 Decoder DirectShow Filter" "MainConcept GmbH" "c:\program files (x86)\research in motion\blackberry desktop\codecs\mc_dec_avc_ds.ax"
+ "MainConcept Color Space Converter" "Color Space Converter DirectShow Filter" "MainConcept GmbH" "c:\program files (x86)\research in motion\blackberry desktop\codecs\mc_trans_video_colorspace_ds.ax"
+ "MainConcept Frame Rate Converter" "Frame Rate Converter DS Filter" "MainConcept GmbH" "c:\program files (x86)\research in motion\blackberry desktop\codecs\mc_trans_video_framerate_ds.ax"
+ "MainConcept ImageScaler" "ImageScaler DS Filter" "MainConcept GmbH" "c:\program files (x86)\research in motion\blackberry desktop\codecs\mc_trans_video_imagescaler_ds.ax"
+ "MainConcept Layer II Audio Decoder" "Layer II Audio Decoder" "MainConcept GmbH" "c:\program files (x86)\research in motion\blackberry desktop\codecs\mc_dec_mpa_ds.ax"
+ "MainConcept MP4 Demultiplexer" "MP4 Demultiplexer Direct Show Filter" "MainConcept GmbH" "c:\program files (x86)\research in motion\blackberry desktop\codecs\mc_demux_mp4_ds.ax"
+ "MainConcept MPEG Demultiplexer" "MPEG-1/2 Demultiplexer" "MainConcept GmbH" "c:\program files (x86)\research in motion\blackberry desktop\codecs\mc_demux_mp2_ds.ax"
+ "MainConcept MPEG-2 Video Decoder" "MPEG-2 Video Decoder" "MainConcept GmbH" "c:\program files (x86)\research in motion\blackberry desktop\codecs\mc_dec_mp2v_ds.ax"
+ "MainConcept MPEG-4 Video Decoder" "MPEG-4 Video Decoder Direct Show Filter" "MainConcept GmbH" "c:\program files (x86)\research in motion\blackberry desktop\codecs\mc_dec_mp4v_ds.ax"
+ "MainConcept Sink Filter" "Sink DS Filter" "MainConcept GmbH" "c:\program files (x86)\research in motion\blackberry desktop\codecs\mc_render_fileindex_ds.ax"
+ "MainConcept Stream Parser" "MPEG-1/2 Demultiplexer" "MainConcept GmbH" "c:\program files (x86)\research in motion\blackberry desktop\codecs\mc_demux_mp2_ds.ax"
+ "MusicCity MPEG Splitter" "PCube MPEG Splitter Filter" "© MusicCity" "c:\windows\syswow64\muzmpgsp.ax"
+ "MusicCity OGG Splitter" "OGG Splitter" "© PeeringPortal" "c:\windows\syswow64\muzoggsp.ax"
+ "MyFree Codec Filter" "" "" "c:\program files (x86)\myfree codec\1.0b beta\myfree.ax"
+ "NEDFilter4Samsung Filter" "MACSReaderMP3 Filter" "L544™ Technology" "c:\program files (x86)\samsung\kies\external\mediamodules\nedfilter4samsung.ax"
+ "P3Audio" "PCube Audio Decoder Filter" "© MusicCity" "c:\windows\syswow64\muzdecode.ax"
+ "P3AudioEffect" "P3AudioEffect Filter" "© MUSICCITY" "c:\windows\syswow64\muzeffect.ax"
+ "P3MP4Splitter" "P3MP4Splitter Filter" "© MusicCity" "c:\windows\syswow64\muzmp4sp.ax"
+ "P3Sourcer" "AOD Sourcer Filter" "Musiccity Co.Ltd." "c:\windows\syswow64\muzaf1.dll"
+ "P3WMTSplitter" "P3WMTSplitter Filter" " © MusicCity" "c:\windows\syswow64\muzwmts.dll"
+ "SelfMusicVideo Dump Filter" "SelfMusicVideo Dump Filter (DShow)" "ENJsoft Corporation" "c:\program files (x86)\samsung\kies\external\transmodules\tg_dump0708.dll"
+ "SpatialStereo Filter" "" "" "c:\windows\syswow64\3daudio.ax"
+ "Xvid MPEG-4 Video Decoder" "" "" "c:\program files (x86)\myfree codec\1.0b beta\xvid-core\xvid.ax"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries" "" "" ""
+ "SendoriLSP" "" "" "File not found: C:\Windows\system32\Sendori.dll"
+ "SendoriLSP over [MSAFD Tcpip [TCP/IP]]" "" "" "File not found: C:\Windows\system32\Sendori.dll"
+ "SendoriLSP over [MSAFD Tcpip [TCP/IPv6]]" "" "" "File not found: C:\Windows\system32\Sendori.dll"
+ "SendoriLSP over [MSAFD Tcpip [UDP/IP]]" "" "" "File not found: C:\Windows\system32\Sendori.dll"
+ "SendoriLSP over [MSAFD Tcpip [UDP/IPv6]]" "" "" "File not found: C:\Windows\system32\Sendori.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "HP Fax Port" "port monitor" "Hewlett-Packard Company" "c:\windows\system32\hppfaxprintermon5.dll"
+ "HP Standard TCP/IP Port" "Standard TCP/IP Port Monitor DLL" "Hewlett Packard" "c:\windows\system32\hptcpmon.dll"
+ "PCL hpz3lw71" "LanguageMonitor" "Hewlett-Packard Corporation" "c:\windows\system32\hpz3lw71.dll"

#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:51 AM

Posted 16 January 2013 - 12:08 PM

That looks good

Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

XP- http://support.microsoft.com/kb/310405

Vista & windows 7- http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing :)

#15 Yankees1

Yankees1
  • Topic Starter

  • Members
  • 107 posts
  • OFFLINE
  •  
  • Local time:11:51 AM

Posted 16 January 2013 - 12:50 PM

All done. Thank you very much.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users