Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Malware Infection: Yellowmoxie and "Browse to Save" Help Requested


  • Please log in to reply
15 replies to this topic

#1 learnin2013

learnin2013

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:01:11 PM

Posted 16 January 2013 - 06:19 PM

I believe my system to be infected by malware. Specifically, Yellowmoxie and Browse to Save. I'm pretty sure it was bundled in a download.

What I have tried:
Jetclean
Glary Utilities
AVG anti-virus
Ad-Aware anti-virus
MalwareBytes Anti-Malware

Still getting pop-up ads as well as the ads that are underlined in various sites from surfing, researching and working.

I am running Windows 7 Home Premium. Version 6.1 (Build 7601: Service Pack 1)

Suggestions?

Edited by learnin2013, 16 January 2013 - 06:22 PM.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:11 PM

Posted 16 January 2013 - 07:05 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 learnin2013

learnin2013
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:01:11 PM

Posted 17 January 2013 - 12:39 AM

Okay, below are the results of all 3 scans.

TDSSkiller

19:58:00.0347 5072 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
19:58:00.0861 5072 ============================================================
19:58:00.0861 5072 Current date / time: 2013/01/16 19:58:00.0861
19:58:00.0861 5072 SystemInfo:
19:58:00.0861 5072
19:58:00.0862 5072 OS Version: 6.1.7601 ServicePack: 1.0
19:58:00.0862 5072 Product type: Workstation
19:58:00.0862 5072 ComputerName: CARY-PC
19:58:00.0862 5072 UserName: Cary
19:58:00.0862 5072 Windows directory: C:\Windows
19:58:00.0862 5072 System windows directory: C:\Windows
19:58:00.0862 5072 Running under WOW64
19:58:00.0862 5072 Processor architecture: Intel x64
19:58:00.0862 5072 Number of processors: 2
19:58:00.0862 5072 Page size: 0x1000
19:58:00.0862 5072 Boot type: Normal boot
19:58:00.0862 5072 ============================================================
19:58:01.0322 5072 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:58:01.0334 5072 Drive \Device\Harddisk4\DR4 - Size: 0x15D27100000 (1396.61 Gb), SectorSize: 0x200, Cylinders: 0x2C82B, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
19:58:01.0359 5072 ============================================================
19:58:01.0359 5072 \Device\Harddisk0\DR0:
19:58:01.0360 5072 MBR partitions:
19:58:01.0360 5072 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1D00800, BlocksNum 0x32000
19:58:01.0360 5072 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D32800, BlocksNum 0x729D3DB0
19:58:01.0360 5072 \Device\Harddisk4\DR4:
19:58:01.0360 5072 MBR partitions:
19:58:01.0360 5072 \Device\Harddisk4\DR4\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xAE938000
19:58:01.0360 5072 ============================================================
19:58:01.0380 5072 C: <-> \Device\Harddisk0\DR0\Partition2
19:58:01.0430 5072 L: <-> \Device\Harddisk4\DR4\Partition1
19:58:01.0430 5072 ============================================================
19:58:01.0430 5072 Initialize success
19:58:01.0430 5072 ============================================================
19:58:03.0634 5676 ============================================================
19:58:03.0634 5676 Scan started
19:58:03.0634 5676 Mode: Manual;
19:58:03.0634 5676 ============================================================
19:58:06.0180 5676 ================ Scan system memory ========================
19:58:06.0180 5676 System memory - ok
19:58:06.0181 5676 ================ Scan services =============================
19:58:06.0723 5676 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
19:58:06.0747 5676 1394ohci - ok
19:58:06.0952 5676 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
19:58:06.0953 5676 ACDaemon - ok
19:58:07.0006 5676 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
19:58:07.0009 5676 ACPI - ok
19:58:07.0043 5676 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
19:58:07.0048 5676 AcpiPmi - ok
19:58:07.0346 5676 [ A09A61CFDE15E5A67701EA812CE3F43F ] Ad-Aware Service C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe
19:58:07.0371 5676 Ad-Aware Service - ok
19:58:07.0464 5676 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:58:07.0469 5676 AdobeARMservice - ok
19:58:07.0628 5676 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:58:07.0642 5676 AdobeFlashPlayerUpdateSvc - ok
19:58:07.0682 5676 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
19:58:07.0688 5676 adp94xx - ok
19:58:07.0722 5676 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
19:58:07.0727 5676 adpahci - ok
19:58:07.0755 5676 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
19:58:07.0758 5676 adpu320 - ok
19:58:07.0790 5676 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:58:07.0791 5676 AeLookupSvc - ok
19:58:07.0881 5676 [ 6CCD1135320109D6B219F1A6E04AD9F6 ] Afc C:\Windows\syswow64\drivers\Afc.sys
19:58:07.0890 5676 Afc - ok
19:58:07.0952 5676 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
19:58:07.0958 5676 AFD - ok
19:58:07.0975 5676 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
19:58:07.0977 5676 agp440 - ok
19:58:07.0994 5676 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
19:58:07.0996 5676 ALG - ok
19:58:08.0012 5676 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
19:58:08.0017 5676 aliide - ok
19:58:08.0024 5676 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
19:58:08.0027 5676 amdide - ok
19:58:08.0043 5676 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
19:58:08.0044 5676 AmdK8 - ok
19:58:08.0077 5676 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
19:58:08.0086 5676 AmdPPM - ok
19:58:08.0133 5676 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
19:58:08.0136 5676 amdsata - ok
19:58:08.0153 5676 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
19:58:08.0157 5676 amdsbs - ok
19:58:08.0173 5676 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
19:58:08.0174 5676 amdxata - ok
19:58:08.0198 5676 [ 4CCF421E6C4B2A4CBCE000715911F7CC ] anodlwf C:\Windows\system32\DRIVERS\anodlwfx.sys
19:58:08.0200 5676 anodlwf - ok
19:58:08.0231 5676 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
19:58:08.0233 5676 AppID - ok
19:58:08.0255 5676 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
19:58:08.0256 5676 AppIDSvc - ok
19:58:08.0267 5676 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
19:58:08.0269 5676 Appinfo - ok
19:58:08.0337 5676 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:58:08.0356 5676 Apple Mobile Device - ok
19:58:08.0373 5676 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
19:58:08.0376 5676 arc - ok
19:58:08.0403 5676 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
19:58:08.0405 5676 arcsas - ok
19:58:08.0583 5676 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
19:58:08.0587 5676 aspnet_state - ok
19:58:08.0642 5676 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:58:08.0643 5676 AsyncMac - ok
19:58:08.0659 5676 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
19:58:08.0660 5676 atapi - ok
19:58:08.0709 5676 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:58:08.0713 5676 AudioEndpointBuilder - ok
19:58:08.0743 5676 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
19:58:08.0747 5676 AudioSrv - ok
19:58:08.0976 5676 [ 4AFC14AFA58878FAA1D249E7E90EA54B ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
19:58:09.0054 5676 AVGIDSAgent - ok
19:58:09.0088 5676 [ 388056EBD5FE6718FE669078DBE37897 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys
19:58:09.0091 5676 AVGIDSDriver - ok
19:58:09.0147 5676 [ 550E981747D6A6C55078C77346FFC2C6 ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys
19:58:09.0148 5676 AVGIDSHA - ok
19:58:09.0189 5676 [ 5989592A91A17587799792A81E1541D4 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys
19:58:09.0193 5676 Avgldx64 - ok
19:58:09.0210 5676 [ 3FC43AA02545FCDDC22817829114DEC8 ] Avgloga C:\Windows\system32\DRIVERS\avgloga.sys
19:58:09.0214 5676 Avgloga - ok
19:58:09.0238 5676 [ 841C40C193889730848849AC220D9242 ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys
19:58:09.0239 5676 Avgmfx64 - ok
19:58:09.0289 5676 [ FE4F444DBE4BBBDFD8FECF49398DEFC7 ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys
19:58:09.0290 5676 Avgrkx64 - ok
19:58:09.0320 5676 [ 6E634525613D48A1D1657FB21F21F3B2 ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys
19:58:09.0336 5676 Avgtdia - ok
19:58:09.0394 5676 [ 6B72E1E329C4E98C6B6FDD2D265E3BA3 ] avgwd C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
19:58:09.0396 5676 avgwd - ok
19:58:09.0455 5676 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
19:58:09.0458 5676 AxInstSV - ok
19:58:09.0493 5676 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
19:58:09.0516 5676 b06bdrv - ok
19:58:09.0545 5676 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
19:58:09.0548 5676 b57nd60a - ok
19:58:09.0617 5676 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
19:58:09.0618 5676 BDESVC - ok
19:58:09.0637 5676 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
19:58:09.0638 5676 Beep - ok
19:58:09.0710 5676 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
19:58:09.0717 5676 BFE - ok
19:58:09.0748 5676 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
19:58:09.0765 5676 BITS - ok
19:58:09.0789 5676 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
19:58:09.0791 5676 blbdrive - ok
19:58:09.0928 5676 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:58:09.0931 5676 Bonjour Service - ok
19:58:09.0976 5676 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:58:09.0977 5676 bowser - ok
19:58:10.0003 5676 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
19:58:10.0004 5676 BrFiltLo - ok
19:58:10.0015 5676 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
19:58:10.0016 5676 BrFiltUp - ok
19:58:10.0067 5676 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
19:58:10.0087 5676 Browser - ok
19:58:10.0150 5676 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
19:58:10.0154 5676 Brserid - ok
19:58:10.0181 5676 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
19:58:10.0182 5676 BrSerWdm - ok
19:58:10.0209 5676 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
19:58:10.0210 5676 BrUsbMdm - ok
19:58:10.0223 5676 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
19:58:10.0225 5676 BrUsbSer - ok
19:58:10.0233 5676 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
19:58:10.0235 5676 BTHMODEM - ok
19:58:10.0272 5676 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
19:58:10.0273 5676 bthserv - ok
19:58:10.0302 5676 [ 9887CA12F407D7FBC7F48F3678F5F0B6 ] BVRPMPR5a64 C:\Windows\system32\drivers\BVRPMPR5a64.SYS
19:58:10.0302 5676 BVRPMPR5a64 - ok
19:58:10.0318 5676 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:58:10.0340 5676 cdfs - ok
19:58:10.0377 5676 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
19:58:10.0383 5676 cdrom - ok
19:58:10.0410 5676 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
19:58:10.0414 5676 CertPropSvc - ok
19:58:10.0444 5676 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
19:58:10.0445 5676 circlass - ok
19:58:10.0519 5676 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
19:58:10.0549 5676 CLFS - ok
19:58:10.0658 5676 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:58:10.0670 5676 clr_optimization_v2.0.50727_32 - ok
19:58:10.0689 5676 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:58:10.0692 5676 clr_optimization_v2.0.50727_64 - ok
19:58:10.0797 5676 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:58:10.0898 5676 clr_optimization_v4.0.30319_32 - ok
19:58:10.0920 5676 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:58:10.0940 5676 clr_optimization_v4.0.30319_64 - ok
19:58:10.0978 5676 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
19:58:10.0980 5676 CmBatt - ok
19:58:10.0990 5676 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
19:58:10.0990 5676 cmdide - ok
19:58:11.0032 5676 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
19:58:11.0034 5676 CNG - ok
19:58:11.0061 5676 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
19:58:11.0062 5676 Compbatt - ok
19:58:11.0084 5676 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
19:58:11.0086 5676 CompositeBus - ok
19:58:11.0103 5676 COMSysApp - ok
19:58:11.0123 5676 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
19:58:11.0124 5676 crcdisk - ok
19:58:11.0171 5676 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:58:11.0173 5676 CryptSvc - ok
19:58:11.0202 5676 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
19:58:11.0206 5676 DcomLaunch - ok
19:58:11.0229 5676 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
19:58:11.0233 5676 defragsvc - ok
19:58:11.0242 5676 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:58:11.0243 5676 DfsC - ok
19:58:11.0257 5676 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
19:58:11.0259 5676 Dhcp - ok
19:58:11.0282 5676 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
19:58:11.0282 5676 discache - ok
19:58:11.0300 5676 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
19:58:11.0301 5676 Disk - ok
19:58:11.0343 5676 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:58:11.0344 5676 Dnscache - ok
19:58:11.0370 5676 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
19:58:11.0374 5676 dot3svc - ok
19:58:11.0396 5676 [ B42ED0320C6E41102FDE0005154849BB ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
19:58:11.0399 5676 Dot4 - ok
19:58:11.0421 5676 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
19:58:11.0422 5676 Dot4Print - ok
19:58:11.0446 5676 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
19:58:11.0447 5676 dot4usb - ok
19:58:11.0460 5676 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
19:58:11.0462 5676 DPS - ok
19:58:11.0487 5676 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:58:11.0488 5676 drmkaud - ok
19:58:11.0519 5676 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:58:11.0529 5676 DXGKrnl - ok
19:58:11.0626 5676 [ F195FBC375342BD25C936982245A8FB0 ] D_Link_DWA-125 C:\Program Files (x86)\D-Link\DWA-125 revA\ANIWZCSdS.exe
19:58:11.0627 5676 D_Link_DWA-125 - ok
19:58:11.0642 5676 [ 4DB0907D750E0810309F8D8FA36625A6 ] D_Link_DWA-125_WPS C:\Program Files (x86)\D-Link\DWA-125 revA\ANIWConnService.exe
19:58:11.0643 5676 D_Link_DWA-125_WPS - ok
19:58:11.0707 5676 [ 1F20AEAAD1BE0121647257235B788224 ] e1yexpress C:\Windows\system32\DRIVERS\e1y62x64.sys
19:58:11.0711 5676 e1yexpress - ok
19:58:11.0735 5676 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
19:58:11.0737 5676 EapHost - ok
19:58:11.0811 5676 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
19:58:11.0851 5676 ebdrv - ok
19:58:11.0995 5676 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
19:58:11.0996 5676 EFS - ok
19:58:12.0071 5676 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
19:58:12.0103 5676 ehRecvr - ok
19:58:12.0150 5676 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
19:58:12.0152 5676 ehSched - ok
19:58:12.0203 5676 [ A05FC7ECA0966EBB70E4D17B855A853B ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys
19:58:12.0204 5676 ElbyCDIO - ok
19:58:12.0238 5676 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
19:58:12.0244 5676 elxstor - ok
19:58:12.0264 5676 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
19:58:12.0264 5676 ErrDev - ok
19:58:12.0306 5676 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
19:58:12.0309 5676 EventSystem - ok
19:58:12.0335 5676 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
19:58:12.0337 5676 exfat - ok
19:58:12.0352 5676 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:58:12.0355 5676 fastfat - ok
19:58:12.0393 5676 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
19:58:12.0401 5676 Fax - ok
19:58:12.0421 5676 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
19:58:12.0422 5676 fdc - ok
19:58:12.0457 5676 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
19:58:12.0458 5676 fdPHost - ok
19:58:12.0473 5676 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
19:58:12.0475 5676 FDResPub - ok
19:58:12.0483 5676 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:58:12.0484 5676 FileInfo - ok
19:58:12.0506 5676 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:58:12.0507 5676 Filetrace - ok
19:58:12.0614 5676 [ BB0667B0171B632B97EA759515476F07 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
19:58:12.0635 5676 FLEXnet Licensing Service - ok
19:58:12.0648 5676 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
19:58:12.0649 5676 flpydisk - ok
19:58:12.0673 5676 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:58:12.0675 5676 FltMgr - ok
19:58:12.0735 5676 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
19:58:12.0753 5676 FontCache - ok
19:58:12.0795 5676 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:58:12.0796 5676 FontCache3.0.0.0 - ok
19:58:12.0807 5676 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
19:58:12.0809 5676 FsDepends - ok
19:58:12.0854 5676 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:58:12.0855 5676 Fs_Rec - ok
19:58:12.0890 5676 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
19:58:12.0892 5676 fvevol - ok
19:58:12.0908 5676 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
19:58:12.0921 5676 gagp30kx - ok
19:58:12.0973 5676 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:58:12.0974 5676 GEARAspiWDM - ok
19:58:13.0024 5676 [ 14908F4F9005C29DE8F5587E271390EE ] gfibto C:\Windows\system32\drivers\gfibto.sys
19:58:13.0025 5676 gfibto - ok
19:58:13.0095 5676 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
19:58:13.0099 5676 gpsvc - ok
19:58:13.0191 5676 [ 0191DEE9B9EB7902AF2CF4F67301095D ] GREGService C:\Program Files (x86)\Gateway\Registration\GREGsvc.exe
19:58:13.0192 5676 GREGService - ok
19:58:13.0297 5676 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:58:13.0303 5676 gupdate - ok
19:58:13.0319 5676 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:58:13.0321 5676 gupdatem - ok
19:58:13.0356 5676 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
19:58:13.0364 5676 hcw85cir - ok
19:58:13.0387 5676 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:58:13.0391 5676 HdAudAddService - ok
19:58:13.0417 5676 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
19:58:13.0421 5676 HDAudBus - ok
19:58:13.0432 5676 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
19:58:13.0434 5676 HidBatt - ok
19:58:13.0446 5676 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
19:58:13.0448 5676 HidBth - ok
19:58:13.0455 5676 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
19:58:13.0457 5676 HidIr - ok
19:58:13.0485 5676 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
19:58:13.0487 5676 hidserv - ok
19:58:13.0507 5676 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
19:58:13.0508 5676 HidUsb - ok
19:58:13.0523 5676 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
19:58:13.0526 5676 hkmsvc - ok
19:58:13.0547 5676 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:58:13.0551 5676 HomeGroupListener - ok
19:58:13.0580 5676 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:58:13.0582 5676 HomeGroupProvider - ok
19:58:13.0711 5676 [ 97AAC45A375168C6A2297BEEB9692E31 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
19:58:13.0714 5676 hpqcxs08 - ok
19:58:13.0736 5676 [ 19A4FB67B1C97EA18EDFF44340973CD9 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
19:58:13.0738 5676 hpqddsvc - ok
19:58:13.0770 5676 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
19:58:13.0772 5676 HpSAMD - ok
19:58:13.0827 5676 [ 1BE48B0542C91487BB8A94BF2278F55D ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
19:58:13.0840 5676 HPSLPSVC - ok
19:58:13.0863 5676 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:58:13.0866 5676 HTTP - ok
19:58:13.0880 5676 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
19:58:13.0881 5676 hwpolicy - ok
19:58:13.0898 5676 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
19:58:13.0900 5676 i8042prt - ok
19:58:13.0946 5676 [ BF5442DC14608D18949DC83DE37E667A ] iaStor C:\Windows\system32\drivers\iaStor.sys
19:58:13.0949 5676 iaStor - ok
19:58:14.0014 5676 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
19:58:14.0029 5676 iaStorV - ok
19:58:14.0108 5676 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:58:14.0141 5676 idsvc - ok
19:58:14.0636 5676 [ C6238C6ABD6AC99F5D152DA4E9439A3D ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
19:58:14.0815 5676 igfx - ok
19:58:14.0847 5676 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
19:58:14.0856 5676 iirsp - ok
19:58:14.0888 5676 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
19:58:14.0899 5676 IKEEXT - ok
19:58:14.0947 5676 [ BC64B75E8E0A0B8982AB773483164E72 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
19:58:14.0965 5676 IntcAzAudAddService - ok
19:58:14.0988 5676 [ B014CE58F0A8048D3924BA8D5CCBC5F1 ] IntcHdmiAddService C:\Windows\system32\drivers\IntcHdmi.sys
19:58:14.0990 5676 IntcHdmiAddService - ok
19:58:15.0041 5676 [ FB2DE1F382BA4BF0B4E30A006C8B925E ] Intel® PROSet Monitoring Service C:\Windows\system32\IProsetMonitor.exe
19:58:15.0042 5676 Intel® PROSet Monitoring Service - ok
19:58:15.0114 5676 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
19:58:15.0126 5676 intelide - ok
19:58:15.0172 5676 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
19:58:15.0173 5676 intelppm - ok
19:58:15.0212 5676 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:58:15.0230 5676 IPBusEnum - ok
19:58:15.0250 5676 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:58:15.0252 5676 IpFilterDriver - ok
19:58:15.0293 5676 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
19:58:15.0311 5676 iphlpsvc - ok
19:58:15.0317 5676 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
19:58:15.0319 5676 IPMIDRV - ok
19:58:15.0339 5676 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
19:58:15.0341 5676 IPNAT - ok
19:58:15.0401 5676 [ 0F261EC4F514926177C70C1832374231 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
19:58:15.0408 5676 iPod Service - ok
19:58:15.0430 5676 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:58:15.0431 5676 IRENUM - ok
19:58:15.0442 5676 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:58:15.0443 5676 isapnp - ok
19:58:15.0463 5676 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
19:58:15.0468 5676 iScsiPrt - ok
19:58:15.0485 5676 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
19:58:15.0486 5676 kbdclass - ok
19:58:15.0508 5676 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
19:58:15.0509 5676 kbdhid - ok
19:58:15.0521 5676 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
19:58:15.0522 5676 KeyIso - ok
19:58:15.0563 5676 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:58:15.0564 5676 KSecDD - ok
19:58:15.0629 5676 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
19:58:15.0630 5676 KSecPkg - ok
19:58:15.0665 5676 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
19:58:15.0666 5676 ksthunk - ok
19:58:15.0695 5676 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
19:58:15.0700 5676 KtmRm - ok
19:58:15.0734 5676 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
19:58:15.0737 5676 LanmanServer - ok
19:58:15.0755 5676 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:58:15.0758 5676 LanmanWorkstation - ok
19:58:15.0801 5676 [ 6BCEE9C766815BFFF89DE7D81AF34CE1 ] Live Updater Service C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe
19:58:15.0803 5676 Live Updater Service - ok
19:58:15.0853 5676 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:58:15.0854 5676 lltdio - ok
19:58:15.0877 5676 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:58:15.0881 5676 lltdsvc - ok
19:58:15.0898 5676 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
19:58:15.0900 5676 lmhosts - ok
19:58:15.0931 5676 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
19:58:15.0933 5676 LSI_FC - ok
19:58:15.0953 5676 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
19:58:15.0955 5676 LSI_SAS - ok
19:58:15.0978 5676 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
19:58:15.0979 5676 LSI_SAS2 - ok
19:58:15.0990 5676 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
19:58:15.0991 5676 LSI_SCSI - ok
19:58:16.0017 5676 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
19:58:16.0019 5676 luafv - ok
19:58:16.0052 5676 [ A014E25D95F7091000B60FF8A1C2E988 ] lvpopf64 C:\Windows\system32\DRIVERS\lvpopf64.sys
19:58:16.0056 5676 lvpopf64 - ok
19:58:16.0078 5676 [ B3944D06EB4B64D57BD7E5FE89415F58 ] LVPr2M64 C:\Windows\system32\DRIVERS\LVPr2M64.sys
19:58:16.0080 5676 LVPr2M64 - ok
19:58:16.0096 5676 [ B3944D06EB4B64D57BD7E5FE89415F58 ] LVPr2Mon C:\Windows\system32\DRIVERS\LVPr2M64.sys
19:58:16.0097 5676 LVPr2Mon - ok
19:58:16.0152 5676 [ 0C85B2B6FB74B36A251792D45E0EF860 ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys
19:58:16.0156 5676 LVRS64 - ok
19:58:16.0326 5676 [ FF3A488924B0032B1A9CA6948C1FA9E8 ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys
19:58:16.0441 5676 LVUVC64 - ok
19:58:16.0488 5676 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
19:58:16.0509 5676 Mcx2Svc - ok
19:58:16.0554 5676 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
19:58:16.0557 5676 megasas - ok
19:58:16.0585 5676 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
19:58:16.0589 5676 MegaSR - ok
19:58:16.0719 5676 Microsoft SharePoint Workspace Audit Service - ok
19:58:16.0749 5676 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
19:58:16.0751 5676 MMCSS - ok
19:58:16.0766 5676 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
19:58:16.0767 5676 Modem - ok
19:58:16.0792 5676 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:58:16.0793 5676 monitor - ok
19:58:16.0806 5676 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
19:58:16.0807 5676 mouclass - ok
19:58:16.0821 5676 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:58:16.0821 5676 mouhid - ok
19:58:16.0837 5676 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
19:58:16.0839 5676 mountmgr - ok
19:58:16.0906 5676 [ 730A519505621DF46BCBF9CDAC9FB6AD ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:58:16.0921 5676 MozillaMaintenance - ok
19:58:16.0945 5676 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
19:58:16.0947 5676 mpio - ok
19:58:16.0959 5676 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:58:16.0961 5676 mpsdrv - ok
19:58:16.0993 5676 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
19:58:16.0999 5676 MpsSvc - ok
19:58:17.0019 5676 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:58:17.0034 5676 MRxDAV - ok
19:58:17.0067 5676 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:58:17.0069 5676 mrxsmb - ok
19:58:17.0159 5676 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:58:17.0161 5676 mrxsmb10 - ok
19:58:17.0197 5676 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:58:17.0199 5676 mrxsmb20 - ok
19:58:17.0211 5676 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
19:58:17.0212 5676 msahci - ok
19:58:17.0218 5676 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
19:58:17.0221 5676 msdsm - ok
19:58:17.0239 5676 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
19:58:17.0242 5676 MSDTC - ok
19:58:17.0266 5676 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:58:17.0267 5676 Msfs - ok
19:58:17.0286 5676 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
19:58:17.0287 5676 mshidkmdf - ok
19:58:17.0296 5676 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:58:17.0297 5676 msisadrv - ok
19:58:17.0330 5676 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:58:17.0333 5676 MSiSCSI - ok
19:58:17.0342 5676 msiserver - ok
19:58:17.0374 5676 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:58:17.0375 5676 MSKSSRV - ok
19:58:17.0382 5676 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:58:17.0383 5676 MSPCLOCK - ok
19:58:17.0390 5676 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:58:17.0391 5676 MSPQM - ok
19:58:17.0406 5676 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:58:17.0408 5676 MsRPC - ok
19:58:17.0427 5676 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
19:58:17.0428 5676 mssmbios - ok
19:58:17.0443 5676 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:58:17.0444 5676 MSTEE - ok
19:58:17.0466 5676 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
19:58:17.0467 5676 MTConfig - ok
19:58:17.0481 5676 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
19:58:17.0482 5676 Mup - ok
19:58:17.0509 5676 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
19:58:17.0516 5676 napagent - ok
19:58:17.0560 5676 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:58:17.0561 5676 NativeWifiP - ok
19:58:17.0661 5676 [ 9D1CCE440552500DED3A62F9D779CDB4 ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe
19:58:17.0679 5676 NAUpdate - ok
19:58:17.0747 5676 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
19:58:17.0753 5676 NDIS - ok
19:58:17.0783 5676 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
19:58:17.0784 5676 NdisCap - ok
19:58:17.0798 5676 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:58:17.0799 5676 NdisTapi - ok
19:58:17.0817 5676 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:58:17.0819 5676 Ndisuio - ok
19:58:17.0833 5676 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:58:17.0835 5676 NdisWan - ok
19:58:17.0849 5676 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:58:17.0851 5676 NDProxy - ok
19:58:17.0893 5676 [ DC6530A291D4BDF6DF399F1F128E7F8F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
19:58:17.0894 5676 Net Driver HPZ12 - ok
19:58:17.0910 5676 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:58:17.0912 5676 NetBIOS - ok
19:58:17.0943 5676 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
19:58:17.0964 5676 NetBT - ok
19:58:17.0987 5676 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
19:58:17.0988 5676 Netlogon - ok
19:58:18.0021 5676 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
19:58:18.0025 5676 Netman - ok
19:58:18.0062 5676 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:58:18.0103 5676 NetMsmqActivator - ok
19:58:18.0124 5676 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:58:18.0126 5676 NetPipeActivator - ok
19:58:18.0152 5676 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
19:58:18.0155 5676 netprofm - ok
19:58:18.0257 5676 [ EED1FBDE98CF5F6D5C0C5B27AB1F68EC ] netr28ux C:\Windows\system32\DRIVERS\Dnetr28ux.sys
19:58:18.0301 5676 netr28ux - ok
19:58:18.0327 5676 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:58:18.0329 5676 NetTcpActivator - ok
19:58:18.0335 5676 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:58:18.0336 5676 NetTcpPortSharing - ok
19:58:18.0372 5676 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
19:58:18.0376 5676 nfrd960 - ok
19:58:18.0466 5676 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
19:58:18.0469 5676 NlaSvc - ok
19:58:18.0510 5676 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:58:18.0519 5676 Npfs - ok
19:58:18.0549 5676 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
19:58:18.0551 5676 nsi - ok
19:58:18.0567 5676 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:58:18.0572 5676 nsiproxy - ok
19:58:18.0783 5676 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:58:18.0811 5676 Ntfs - ok
19:58:18.0841 5676 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
19:58:18.0852 5676 Null - ok
19:58:18.0928 5676 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:58:18.0931 5676 nvraid - ok
19:58:18.0971 5676 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:58:18.0973 5676 nvstor - ok
19:58:18.0990 5676 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:58:18.0992 5676 nv_agp - ok
19:58:18.0998 5676 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
19:58:19.0000 5676 ohci1394 - ok
19:58:19.0047 5676 [ D8A0164A79D4BFD6083945C5431E41E7 ] OpenVPNService C:\Program Files (x86)\HMA! Pro VPN\bin\openvpnserv.exe
19:58:19.0049 5676 OpenVPNService - ok
19:58:19.0097 5676 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:58:19.0100 5676 ose - ok
19:58:19.0435 5676 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:58:19.0514 5676 osppsvc - ok
19:58:19.0557 5676 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
19:58:19.0561 5676 p2pimsvc - ok
19:58:19.0619 5676 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
19:58:19.0631 5676 p2psvc - ok
19:58:19.0684 5676 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
19:58:19.0694 5676 Parport - ok
19:58:19.0737 5676 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:58:19.0738 5676 partmgr - ok
19:58:19.0767 5676 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
19:58:19.0769 5676 PcaSvc - ok
19:58:19.0810 5676 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
19:58:19.0812 5676 pci - ok
19:58:19.0838 5676 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
19:58:19.0839 5676 pciide - ok
19:58:19.0864 5676 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
19:58:19.0867 5676 pcmcia - ok
19:58:19.0886 5676 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
19:58:19.0887 5676 pcw - ok
19:58:19.0931 5676 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:58:19.0935 5676 PEAUTH - ok
19:58:20.0256 5676 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
19:58:20.0274 5676 PerfHost - ok
19:58:20.0370 5676 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
19:58:20.0394 5676 pla - ok
19:58:20.0495 5676 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:58:20.0504 5676 PlugPlay - ok
19:58:20.0550 5676 [ 71F62C51DFDFBC04C83C5C64B2B8058E ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
19:58:20.0552 5676 Pml Driver HPZ12 - ok
19:58:20.0566 5676 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
19:58:20.0572 5676 PNRPAutoReg - ok
19:58:20.0626 5676 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
19:58:20.0629 5676 PNRPsvc - ok
19:58:20.0662 5676 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:58:20.0682 5676 PolicyAgent - ok
19:58:20.0735 5676 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
19:58:20.0737 5676 Power - ok
19:58:20.0764 5676 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:58:20.0766 5676 PptpMiniport - ok
19:58:20.0784 5676 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
19:58:20.0785 5676 Processor - ok
19:58:20.0843 5676 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
19:58:20.0846 5676 ProfSvc - ok
19:58:20.0879 5676 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:58:20.0881 5676 ProtectedStorage - ok
19:58:20.0902 5676 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
19:58:20.0918 5676 Psched - ok
19:58:20.0970 5676 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
19:58:21.0000 5676 ql2300 - ok
19:58:21.0007 5676 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
19:58:21.0010 5676 ql40xx - ok
19:58:21.0049 5676 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
19:58:21.0071 5676 QWAVE - ok
19:58:21.0101 5676 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:58:21.0103 5676 QWAVEdrv - ok
19:58:21.0121 5676 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:58:21.0122 5676 RasAcd - ok
19:58:21.0143 5676 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
19:58:21.0146 5676 RasAgileVpn - ok
19:58:21.0170 5676 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
19:58:21.0173 5676 RasAuto - ok
19:58:21.0189 5676 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:58:21.0191 5676 Rasl2tp - ok
19:58:21.0204 5676 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
19:58:21.0211 5676 RasMan - ok
19:58:21.0224 5676 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:58:21.0226 5676 RasPppoe - ok
19:58:21.0240 5676 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:58:21.0242 5676 RasSstp - ok
19:58:21.0262 5676 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:58:21.0266 5676 rdbss - ok
19:58:21.0280 5676 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
19:58:21.0281 5676 rdpbus - ok
19:58:21.0297 5676 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:58:21.0299 5676 RDPCDD - ok
19:58:21.0314 5676 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:58:21.0315 5676 RDPENCDD - ok
19:58:21.0352 5676 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
19:58:21.0353 5676 RDPREFMP - ok
19:58:21.0421 5676 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
19:58:21.0422 5676 RdpVideoMiniport - ok
19:58:21.0459 5676 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:58:21.0473 5676 RDPWD - ok
19:58:21.0498 5676 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
19:58:21.0500 5676 rdyboost - ok
19:58:21.0521 5676 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
19:58:21.0523 5676 RemoteAccess - ok
19:58:21.0546 5676 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:58:21.0551 5676 RemoteRegistry - ok
19:58:21.0589 5676 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
19:58:21.0591 5676 RpcEptMapper - ok
19:58:21.0635 5676 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
19:58:21.0639 5676 RpcLocator - ok
19:58:21.0669 5676 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
19:58:21.0674 5676 RpcSs - ok
19:58:21.0726 5676 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:58:21.0727 5676 rspndr - ok
19:58:21.0737 5676 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
19:58:21.0739 5676 SamSs - ok
19:58:21.0951 5676 [ 99FC1599F89A80216E41175B8CA44D89 ] SBAMSvc C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe
19:58:22.0023 5676 SBAMSvc - ok
19:58:22.0137 5676 [ 1FC5D553F8EC9779702FB8264863E3A2 ] SbieDrv C:\Program Files\Sandboxie\SbieDrv.sys
19:58:22.0148 5676 SbieDrv - ok
19:58:22.0170 5676 [ 91D1AB66ECD2E7ACC9096BBD212DD674 ] SbieSvc C:\Program Files\Sandboxie\SbieSvc.exe
19:58:22.0171 5676 SbieSvc - ok
19:58:22.0193 5676 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
19:58:22.0195 5676 sbp2port - ok
19:58:22.0220 5676 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:58:22.0224 5676 SCardSvr - ok
19:58:22.0255 5676 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
19:58:22.0256 5676 scfilter - ok
19:58:22.0324 5676 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
19:58:22.0343 5676 Schedule - ok
19:58:22.0394 5676 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
19:58:22.0396 5676 SCPolicySvc - ok
19:58:22.0514 5676 [ 958E956E119EB7B9ABA142AFED1B5FF4 ] ScsiAccess C:\Program Files (x86)\Photodex\ProShowProducer\ScsiAccess.exe
19:58:22.0531 5676 ScsiAccess - ok
19:58:22.0551 5676 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:58:22.0555 5676 SDRSVC - ok
19:58:22.0576 5676 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:58:22.0576 5676 secdrv - ok
19:58:22.0621 5676 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
19:58:22.0623 5676 seclogon - ok
19:58:22.0674 5676 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
19:58:22.0676 5676 SENS - ok
19:58:22.0720 5676 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
19:58:22.0722 5676 SensrSvc - ok
19:58:22.0746 5676 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
19:58:22.0749 5676 Serenum - ok
19:58:22.0782 5676 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
19:58:22.0784 5676 Serial - ok
19:58:22.0791 5676 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
19:58:22.0792 5676 sermouse - ok
19:58:22.0819 5676 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
19:58:22.0840 5676 SessionEnv - ok
19:58:22.0845 5676 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
19:58:22.0846 5676 sffdisk - ok
19:58:22.0856 5676 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
19:58:22.0858 5676 sffp_mmc - ok
19:58:22.0866 5676 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
19:58:22.0868 5676 sffp_sd - ok
19:58:22.0877 5676 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
19:58:22.0878 5676 sfloppy - ok
19:58:22.0930 5676 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:58:22.0936 5676 SharedAccess - ok
19:58:22.0955 5676 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:58:22.0958 5676 ShellHWDetection - ok
19:58:22.0963 5676 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
19:58:22.0965 5676 SiSRaid2 - ok
19:58:22.0971 5676 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
19:58:22.0972 5676 SiSRaid4 - ok
19:58:23.0021 5676 [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
19:58:23.0023 5676 SkypeUpdate - ok
19:58:23.0069 5676 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:58:23.0071 5676 Smb - ok
19:58:23.0100 5676 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:58:23.0101 5676 SNMPTRAP - ok
19:58:23.0112 5676 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
19:58:23.0113 5676 spldr - ok
19:58:23.0178 5676 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
19:58:23.0184 5676 Spooler - ok
19:58:23.0436 5676 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
19:58:23.0458 5676 sppsvc - ok
19:58:23.0496 5676 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
19:58:23.0499 5676 sppuinotify - ok
19:58:23.0543 5676 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
19:58:23.0549 5676 srv - ok
19:58:23.0571 5676 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:58:23.0587 5676 srv2 - ok
19:58:23.0637 5676 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:58:23.0639 5676 srvnet - ok
19:58:23.0712 5676 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:58:23.0715 5676 SSDPSRV - ok
19:58:23.0732 5676 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:58:23.0734 5676 SstpSvc - ok
19:58:23.0765 5676 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
19:58:23.0786 5676 stexstor - ok
19:58:23.0842 5676 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
19:58:23.0846 5676 stisvc - ok
19:58:23.0894 5676 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
19:58:23.0913 5676 swenum - ok
19:58:24.0027 5676 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
19:58:24.0035 5676 SwitchBoard - ok
19:58:24.0053 5676 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
19:58:24.0062 5676 swprv - ok
19:58:24.0101 5676 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
19:58:24.0124 5676 SysMain - ok
19:58:24.0158 5676 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:58:24.0161 5676 TabletInputService - ok
19:58:24.0207 5676 [ 3B73C849B41FB20D77B0E553214061A5 ] tap0901 C:\Windows\system32\DRIVERS\tap0901.sys
19:58:24.0208 5676 tap0901 - ok
19:58:24.0222 5676 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
19:58:24.0225 5676 TapiSrv - ok
19:58:24.0232 5676 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
19:58:24.0234 5676 TBS - ok
19:58:24.0342 5676 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:58:24.0366 5676 Tcpip - ok
19:58:24.0416 5676 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
19:58:24.0428 5676 TCPIP6 - ok
19:58:24.0451 5676 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:58:24.0452 5676 tcpipreg - ok
19:58:24.0509 5676 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:58:24.0516 5676 TDPIPE - ok
19:58:24.0563 5676 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:58:24.0569 5676 TDTCP - ok
19:58:24.0618 5676 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:58:24.0620 5676 tdx - ok
19:58:24.0871 5676 [ 8A9828975A857E477EFEF5A61BA45AC0 ] TeamViewer6 C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
19:58:24.0882 5676 TeamViewer6 - ok
19:58:24.0909 5676 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
19:58:24.0917 5676 TermDD - ok
19:58:24.0972 5676 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
19:58:24.0994 5676 TermService - ok
19:58:25.0012 5676 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
19:58:25.0014 5676 Themes - ok
19:58:25.0031 5676 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
19:58:25.0033 5676 THREADORDER - ok
19:58:25.0061 5676 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
19:58:25.0063 5676 TrkWks - ok
19:58:25.0107 5676 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:58:25.0110 5676 TrustedInstaller - ok
19:58:25.0127 5676 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:58:25.0129 5676 tssecsrv - ok
19:58:25.0185 5676 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
19:58:25.0191 5676 TsUsbFlt - ok
19:58:25.0231 5676 [ AD64450A4ABE076F5CB34CC08EEACB07 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
19:58:25.0242 5676 TsUsbGD - ok
19:58:25.0284 5676 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:58:25.0290 5676 tunnel - ok
19:58:25.0305 5676 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
19:58:25.0311 5676 uagp35 - ok
19:58:25.0337 5676 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:58:25.0339 5676 udfs - ok
19:58:25.0367 5676 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:58:25.0369 5676 UI0Detect - ok
19:58:25.0386 5676 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:58:25.0387 5676 uliagpkx - ok
19:58:25.0400 5676 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
19:58:25.0402 5676 umbus - ok
19:58:25.0414 5676 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
19:58:25.0415 5676 UmPass - ok
19:58:25.0515 5676 [ 67A95B9D129ED5399E7965CD09CF30E7 ] UMVPFSrv C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
19:58:25.0521 5676 UMVPFSrv - ok
19:58:25.0593 5676 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
19:58:25.0611 5676 upnphost - ok
19:58:25.0690 5676 [ 43228F8EDD1B0BCDD3145AD246E63D39 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
19:58:25.0710 5676 USBAAPL64 - ok
19:58:25.0744 5676 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
19:58:25.0746 5676 usbaudio - ok
19:58:25.0791 5676 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
19:58:25.0793 5676 usbccgp - ok
19:58:25.0814 5676 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
19:58:25.0816 5676 usbcir - ok
19:58:25.0849 5676 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
19:58:25.0863 5676 usbehci - ok
19:58:25.0900 5676 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
19:58:25.0904 5676 usbhub - ok
19:58:25.0923 5676 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
19:58:25.0925 5676 usbohci - ok
19:58:25.0944 5676 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
19:58:25.0945 5676 usbprint - ok
19:58:25.0985 5676 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
19:58:25.0987 5676 usbscan - ok
19:58:26.0037 5676 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:58:26.0038 5676 USBSTOR - ok
19:58:26.0047 5676 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
19:58:26.0048 5676 usbuhci - ok
19:58:26.0080 5676 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
19:58:26.0083 5676 usbvideo - ok
19:58:26.0109 5676 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
19:58:26.0112 5676 UxSms - ok
19:58:26.0145 5676 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
19:58:26.0146 5676 VaultSvc - ok
19:58:26.0196 5676 [ FD911873C0BB6945FA38C16E9A2B58F9 ] VClone C:\Windows\system32\DRIVERS\VClone.sys
19:58:26.0198 5676 VClone - ok
19:58:26.0219 5676 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
19:58:26.0220 5676 vdrvroot - ok
19:58:26.0241 5676 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
19:58:26.0259 5676 vds - ok
19:58:26.0292 5676 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:58:26.0293 5676 vga - ok
19:58:26.0306 5676 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
19:58:26.0307 5676 VgaSave - ok
19:58:26.0315 5676 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
19:58:26.0317 5676 vhdmp - ok
19:58:26.0322 5676 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
19:58:26.0324 5676 viaide - ok
19:58:26.0338 5676 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:58:26.0339 5676 volmgr - ok
19:58:26.0356 5676 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:58:26.0358 5676 volmgrx - ok
19:58:26.0409 5676 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:58:26.0412 5676 volsnap - ok
19:58:26.0431 5676 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
19:58:26.0447 5676 vsmraid - ok
19:58:26.0497 5676 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
19:58:26.0530 5676 VSS - ok
19:58:26.0552 5676 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
19:58:26.0562 5676 vwifibus - ok
19:58:26.0625 5676 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
19:58:26.0626 5676 vwififlt - ok
19:58:26.0663 5676 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
19:58:26.0664 5676 vwifimp - ok
19:58:26.0686 5676 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
19:58:26.0691 5676 W32Time - ok
19:58:26.0714 5676 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
19:58:26.0715 5676 WacomPen - ok
19:58:26.0734 5676 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
19:58:26.0736 5676 WANARP - ok
19:58:26.0740 5676 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:58:26.0741 5676 Wanarpv6 - ok
19:58:26.0817 5676 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
19:58:26.0835 5676 WatAdminSvc - ok
19:58:27.0177 5676 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
19:58:27.0225 5676 wbengine - ok
19:58:27.0250 5676 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
19:58:27.0254 5676 WbioSrvc - ok
19:58:27.0277 5676 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:58:27.0283 5676 wcncsvc - ok
19:58:27.0298 5676 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:58:27.0301 5676 WcsPlugInService - ok
19:58:27.0324 5676 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
19:58:27.0325 5676 Wd - ok
19:58:27.0352 5676 [ A3D04EBF5227886029B4532F20D026F7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam64.sys
19:58:27.0353 5676 WDC_SAM - ok
19:58:27.0415 5676 [ 334E5ED94D3FAFF3C44F4D36B1FE1C90 ] WDDMService C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
19:58:27.0416 5676 WDDMService - ok
19:58:27.0471 5676 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:58:27.0475 5676 Wdf01000 - ok
19:58:27.0498 5676 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:58:27.0506 5676 WdiServiceHost - ok
19:58:27.0516 5676 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:58:27.0518 5676 WdiSystemHost - ok
19:58:27.0583 5676 [ 138AB06ADBBF300AA804D7974A5AEC82 ] WDSmartWareBackgroundService C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
19:58:27.0584 5676 WDSmartWareBackgroundService - ok
19:58:27.0656 5676 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
19:58:27.0663 5676 WebClient - ok
19:58:27.0682 5676 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:58:27.0689 5676 Wecsvc - ok
19:58:27.0739 5676 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:58:27.0747 5676 wercplsupport - ok
19:58:27.0777 5676 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
19:58:27.0783 5676 WerSvc - ok
19:58:27.0816 5676 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
19:58:27.0826 5676 WfpLwf - ok
19:58:27.0840 5676 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
19:58:27.0842 5676 WIMMount - ok
19:58:27.0862 5676 WinDefend - ok
19:58:27.0873 5676 WinHttpAutoProxySvc - ok
19:58:27.0950 5676 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:58:27.0972 5676 Winmgmt - ok
19:58:28.0067 5676 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
19:58:28.0117 5676 WinRM - ok
19:58:28.0178 5676 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
19:58:28.0180 5676 WinUsb - ok
19:58:28.0203 5676 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
19:58:28.0210 5676 Wlansvc - ok
19:58:28.0398 5676 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:58:28.0424 5676 wlidsvc - ok
19:58:28.0460 5676 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
19:58:28.0460 5676 WmiAcpi - ok
19:58:28.0501 5676 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:58:28.0503 5676 wmiApSrv - ok
19:58:28.0533 5676 WMPNetworkSvc - ok
19:58:28.0561 5676 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:58:28.0569 5676 WPCSvc - ok
19:58:28.0613 5676 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:58:28.0616 5676 WPDBusEnum - ok
19:58:28.0637 5676 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:58:28.0638 5676 ws2ifsl - ok
19:58:28.0679 5676 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
19:58:28.0682 5676 wscsvc - ok
19:58:28.0687 5676 WSearch - ok
19:58:28.0789 5676 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
19:58:28.0838 5676 wuauserv - ok
19:58:28.0886 5676 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
19:58:28.0887 5676 WudfPf - ok
19:58:28.0910 5676 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:58:28.0913 5676 WUDFRd - ok
19:58:28.0926 5676 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:58:28.0929 5676 wudfsvc - ok
19:58:28.0953 5676 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
19:58:28.0959 5676 WwanSvc - ok
19:58:28.0991 5676 ================ Scan global ===============================
19:58:29.0009 5676 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
19:58:29.0066 5676 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
19:58:29.0085 5676 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
19:58:29.0135 5676 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
19:58:29.0194 5676 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
19:58:29.0196 5676 [Global] - ok
19:58:29.0197 5676 ================ Scan MBR ==================================
19:58:29.0238 5676 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:58:29.0684 5676 \Device\Harddisk0\DR0 - ok
19:58:29.0690 5676 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk4\DR4
19:58:29.0696 5676 \Device\Harddisk4\DR4 - ok
19:58:29.0697 5676 ================ Scan VBR ==================================
19:58:29.0704 5676 [ A0F48D1793F634FE1F6250288D1AA065 ] \Device\Harddisk0\DR0\Partition1
19:58:29.0712 5676 \Device\Harddisk0\DR0\Partition1 - ok
19:58:29.0734 5676 [ BACFFF4EC7B2E5CA0BCC110E23A618AE ] \Device\Harddisk0\DR0\Partition2
19:58:29.0736 5676 \Device\Harddisk0\DR0\Partition2 - ok
19:58:29.0742 5676 [ 9B5CE993EB309D3B72A0BFEDBF25D666 ] \Device\Harddisk4\DR4\Partition1
19:58:29.0743 5676 \Device\Harddisk4\DR4\Partition1 - ok
19:58:29.0745 5676 ============================================================
19:58:29.0745 5676 Scan finished
19:58:29.0745 5676 ============================================================
19:58:29.0768 6424 Detected object count: 0
19:58:29.0768 6424 Actual detected object count: 0


===========================================================================

aswMBR:

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-01-16 20:17:04
-----------------------------
20:17:04.496 OS Version: Windows x64 6.1.7601 Service Pack 1
20:17:04.496 Number of processors: 2 586 0x170A
20:17:04.496 ComputerName: CARY-PC UserName: Cary
20:17:06.602 Initialize success
20:17:16.150 AVAST engine defs: 13011601
20:17:19.925 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
20:17:19.925 Disk 0 Vendor: Hitachi_ JP4O Size: 953869MB BusType: 3
20:17:19.925 Disk 0 MBR read successfully
20:17:19.940 Disk 0 MBR scan
20:17:19.940 Disk 0 Windows 7 default MBR code
20:17:19.940 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 14848 MB offset 2048
20:17:19.956 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 30410752
20:17:19.956 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 938919 MB offset 30615552
20:17:19.972 Disk 0 scanning C:\Windows\system32\drivers
20:17:26.976 Service scanning
20:17:43.559 Modules scanning
20:17:43.559 Disk 0 trace - called modules:
20:17:43.606 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
20:17:43.606 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80059bc790]
20:17:43.606 3 CLASSPNP.SYS[fffff8800185143f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004671050]
20:17:46.039 AVAST engine scan C:\Windows
20:17:49.752 AVAST engine scan C:\Windows\system32
20:20:20.667 AVAST engine scan C:\Windows\system32\drivers
20:20:29.933 AVAST engine scan C:\Users\Cary
21:32:51.062 AVAST engine scan C:\ProgramData
22:43:54.565 Scan finished successfully
22:47:34.385 Disk 0 MBR has been saved successfully to "C:\Users\Cary\Desktop\MBR.dat"
22:47:34.385 The log file has been saved successfully to "C:\Users\Cary\Desktop\malware log 2.txt"


========================================================================

ESET:

C:\Qoobox\Quarantine\C\ProgramData\Tarma Installer\{2E1037EA-038A-425F-86B9-6CD19B8497E9}\_Setupx.dll.vir a variant of Win32/Adware.Yontoo.B application
C:\Users\Cary\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmhdlpjpccfmklehiooblkfommddmhbd\1\50ecaed9cfcf26.02422881.js Win32/Adware.MultiPlug.H application
C:\Users\Cary\AppData\Roaming\Mozilla\Firefox\Profiles\ls3lmyuw.default\extensions\50ecaed9cfd9d@50ecaed9cfdd6.com\content\bg.js Win32/Adware.MultiPlug.H application
C:\Users\Cary\AppData\Roaming\Mozilla\Firefox\Profiles\ls3lmyuw.default\extensions\plugin@yontoo.com\content\overlay.js Win32/Adware.Yontoo application



Thanks for the assistance.

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:11 PM

Posted 17 January 2013 - 04:52 AM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.


Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#5 learnin2013

learnin2013
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:01:11 PM

Posted 17 January 2013 - 12:05 PM

Here are the results:

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Database version: v2013.01.17.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Cary :: CARY-PC [administrator]

1/17/2013 9:43:41 AM
mbam-log-2013-01-17 (09-43-41).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra |

Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 647383
Time elapsed: 1 hour(s), 24 minute(s), 12 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 3
C:\Qoobox\Quarantine\C\Program Files (x86)\StartNow Toolbar

\StartNowToolbarUninstall.exe.vir (PUP.Zugo) -> Quarantined and deleted successfully.
C:\Users\Cary\Documents\Documents\Portable Smart Serial Mail Enterprise v5.0.2.90.exe

(Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\Cary\Serial Emailer\Portable Smart Serial Mail Enterprise v5.0.2.90 by

Birungueta\Portable Smart Serial Mail Enterprise v5.0.2.90.exe (Trojan.Agent) ->

Quarantined and deleted successfully.

(end)

================================================

MiniToolBox by Farbar Version:10-01-2013
Ran by Cary (administrator) on 17-01-2013 at 11:12:44
Running from "C:\Users\Cary\Downloads"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.gopher", ""
"network.proxy.gopher_port", 0
"network.proxy.socks", "208.92.249.111"
"network.proxy.socks_port", 443
"network.proxy.type", 0

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================




xxxx





127.0.0.1 fr.a2dfp.net
127.0.0.1 m.fr.a2dfp.net
127.0.0.1 ad.a8.net
127.0.0.1 asy.a8ww.net
127.0.0.1 abcstats.com
127.0.0.1 a.abv.bg
127.0.0.1 adserver.abv.bg
127.0.0.1 adv.abv.bg
127.0.0.1 bimg.abv.bg
127.0.0.1 ca.abv.bg
127.0.0.1 www2.a-counter.kiev.ua
127.0.0.1 track.acclaimnetwork.com
127.0.0.1 accuserveadsystem.com
127.0.0.1 www.accuserveadsystem.com
127.0.0.1 achmedia.com
127.0.0.1 aconti.net
127.0.0.1 secure.aconti.net
127.0.0.1 www.aconti.net 127.0.0.1 csh.actiondesk.com
127.0.0.1 www.activemeter.com 127.0.0.1 ads.activepower.net

There are 12727 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================

D-Link DWA-125 Wireless N 150 USB Adapter(rev.A2) = Wireless Network Connection

(Connected)
Intel® 82567V-2 Gigabit Network Connection = Local Area Connection (Media disconnected)
TAP-Win32 Adapter V9 = Local Area Connection 2 (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media

disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
set interface interface="Local Area Connection" forwarding=enabled advertise=enabled

metric=100 nud=enabled
set interface interface="Wireless Network Connection" forwarding=enabled advertise=enabled

metric=100 nud=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Cary-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : hsd1.ga.comcast.net.

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 1C-AF-F7-68-B9-90
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : TAP-Win32 Adapter V9
Physical Address. . . . . . . . . : 00-FF-76-ED-D0-11
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : hsd1.ga.comcast.net.
Description . . . . . . . . . . . : D-Link DWA-125 Wireless N 150 USB Adapter(rev.A2)
Physical Address. . . . . . . . . : 1C-AF-F7-68-B9-91
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::adde:7882:1056:f1c4%13(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.107(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Thursday, January 17, 2013 12:30:15 AM
Lease Expires . . . . . . . . . . : Friday, January 18, 2013 12:31:03 AM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 303869943
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-5B-C2-EC-F8-0F-41-1B-2B-9A
DNS Servers . . . . . . . . . . . : 75.75.75.75
75.75.76.76
192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® 82567V-2 Gigabit Network Connection
Physical Address. . . . . . . . . : F8-0F-41-1B-2B-9A
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.hsd1.ga.comcast.net.:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : hsd1.ga.comcast.net.
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{76EDD011-7423-49C5-8151-BC0880BE1D20}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:3409:2148:3f57:fe94(Preferred)
Link-local IPv6 Address . . . . . : fe80::3409:2148:3f57:fe94%12(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{F89E31B1-710A-4D34-AE18-DBFD93FFF626}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{185A3AF9-6727-4B73-960D-834550B90849}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: cdns01.comcast.net
Address: 75.75.75.75

Name: google.com
Addresses: 2607:f8b0:4002:c04::65
173.194.37.33
173.194.37.39
173.194.37.37
173.194.37.40
173.194.37.38
173.194.37.46
173.194.37.36
173.194.37.35
173.194.37.32
173.194.37.41
173.194.37.34


Pinging google.com [74.125.139.101] with 32 bytes of data:
Reply from 74.125.139.101: bytes=32 time=13ms TTL=48
Reply from 74.125.139.101: bytes=32 time=11ms TTL=48

Ping statistics for 74.125.139.101:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 11ms, Maximum = 13ms, Average = 12ms
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 75.75.75.75

Name: yahoo.com
Addresses: 98.139.183.24
98.138.253.109
206.190.36.45


Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=99ms TTL=50
Reply from 206.190.36.45: bytes=32 time=81ms TTL=50

Ping statistics for 206.190.36.45:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 81ms, Maximum = 99ms, Average = 90ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
16...1c af f7 68 b9 90 ......Microsoft Virtual WiFi Miniport Adapter
14...00 ff 76 ed d0 11 ......TAP-Win32 Adapter V9
13...1c af f7 68 b9 91 ......D-Link DWA-125 Wireless N 150 USB Adapter(rev.A2)
11...f8 0f 41 1b 2b 9a ......Intel® 82567V-2 Gigabit Network Connection
1...........................Software Loopback Interface 1
18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
20...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.107 200
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.107 356
192.168.1.107 255.255.255.255 On-link 192.168.1.107 356
192.168.1.255 255.255.255.255 On-link 192.168.1.107 356
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.107 356
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.107 356
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
12 58 ::/0 On-link
1 306 ::1/128 On-link
12 58 2001::/32 On-link
12 306 2001:0:4137:9e76:3409:2148:3f57:fe94/128
On-link
13 286 fe80::/64 On-link
12 306 fe80::/64 On-link
12 306 fe80::3409:2148:3f57:fe94/128
On-link
13 286 fe80::adde:7882:1056:f1c4/128
On-link
1 306 ff00::/8 On-link
12 306 ff00::/8 On-link
13 286 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL

[145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL

[145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL

[171392] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL

[171392] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (01/17/2013 04:23:31 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests

\x86_microsoft.windows.common-

controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in

manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-

controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:

\Windows\WinSxS\manifests\x86_microsoft.windows.common-

controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
A component version required by the application conflicts with another component version

already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-

controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-

controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (01/17/2013 00:31:46 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE

TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/16/2013 10:56:24 PM) (Source: PerfNet) (User: )
Description:

Error: (01/16/2013 10:50:24 PM) (Source: PerfNet) (User: )
Description:

Error: (01/16/2013 10:48:21 PM) (Source: PerfNet) (User: )
Description:

Error: (01/16/2013 08:17:44 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE

TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/16/2013 07:55:42 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE

TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/16/2013 01:12:59 PM) (Source: VaudiXUpdater) (User: )
Description: BITS download job failed -2145844844 HTTP status 404: The requested URL does

not exist on the server.

Error: (01/16/2013 01:12:55 PM) (Source: VaudiXUpdater) (User: )
Description: BITS download job failed -2145844844 HTTP status 404: The requested URL does

not exist on the server.

Error: (01/16/2013 01:12:55 PM) (Source: VaudiXUpdater) (User: )
Description: BITS download job failed -2145844844 HTTP status 404: The requested URL does

not exist on the server.


System errors:
=============
Error: (01/17/2013 04:29:04 AM) (Source: volsnap) (User: )
Description: The shadow copies of volume C: were aborted because of an IO failure on

volume C:.

Error: (01/17/2013 00:51:39 AM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 10. The internal error state is 10.

Error: (01/17/2013 00:32:23 AM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 10. The internal error state is 10.

Error: (01/17/2013 00:30:19 AM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
%%5

Error: (01/17/2013 00:30:13 AM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
%%5

Error: (01/17/2013 00:25:49 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to

start because of the following error:
%%1068

Error: (01/17/2013 00:25:49 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to

start because of the following error:
%%1068

Error: (01/17/2013 00:24:51 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to

start because of the following error:
%%1068

Error: (01/17/2013 00:24:51 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to

start because of the following error:
%%1068

Error: (01/17/2013 00:23:49 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to

start because of the following error:
%%1068


Microsoft Office Sessions:
=========================
Error: (01/17/2013 04:23:31 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-

controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS

\manifests\amd64_microsoft.windows.common-

controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestc:\program files

(x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (01/17/2013 00:31:46 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE

TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/16/2013 10:56:24 PM) (Source: PerfNet)(User: )
Description:

Error: (01/16/2013 10:50:24 PM) (Source: PerfNet)(User: )
Description:

Error: (01/16/2013 10:48:21 PM) (Source: PerfNet)(User: )
Description:

Error: (01/16/2013 08:17:44 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE

TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/16/2013 07:55:42 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE

TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/16/2013 01:12:59 PM) (Source: VaudiXUpdater)(User: )
Description: BITS download job failed -2145844844 HTTP status 404: The requested URL does

not exist on the server.

Error: (01/16/2013 01:12:55 PM) (Source: VaudiXUpdater)(User: )
Description: BITS download job failed -2145844844 HTTP status 404: The requested URL does

not exist on the server.

Error: (01/16/2013 01:12:55 PM) (Source: VaudiXUpdater)(User: )
Description: BITS download job failed -2145844844 HTTP status 404: The requested URL does

not exist on the server.


CodeIntegrity Errors:
===================================
Date: 2011-12-16 15:36:55.942
Description: Windows is unable to verify the image integrity of the file \Device

\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system.

A recent hardware or software change might have installed a file that is signed

incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2011-12-16 15:36:55.926
Description: Windows is unable to verify the image integrity of the file \Device

\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system.

A recent hardware or software change might have installed a file that is signed

incorrectly or damaged, or that might be malicious software from an unknown source.


=========================== Installed Programs ============================

µTorrent (Version: 3.0.0)
64 Bit HP CIO Components Installer (Version: 6.2.2)
6500_E709_eDocs (Version: 1.00.0000)
6500_E709_Help (Version: 1.00.0000)
6500_E709a (Version: 140.0.000.000)
7-PDF Maker Version 1.2.0 (Build 119) (Version: 7-PDF Maker - Version 1.2.0 (Build 119))
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
Acrobat.com (Version: 1.6.65)
Ad-Aware Browsing Protection (Version: 1.0.1.82)
Adobe After Effects CS5 (Version: 10)
Adobe After Effects CS5 Third Party Content (Version: 10)
Adobe After Effects CS5 Third Party Royalty Content (Version: 10)
Adobe AIR (Version: 3.0.0.3880)
Adobe Community Help (Version: 3.0.0)
Adobe Community Help (Version: 3.0.0.400)
Adobe Flash Player 11 ActiveX (Version: 11.5.502.146)
Adobe Flash Player 11 Plugin (Version: 11.5.502.146)
Adobe Media Player (Version: 1.8)
Adobe Reader X (10.1.5) (Version: 10.1.5)
App.Cat (Version: 2.1)
Apple Application Support (Version: 2.3.2)
Apple Mobile Device Support (Version: 6.0.1.3)
Apple Software Update (Version: 2.1.3.127)
ArcSoft MediaImpression for Kodak (Version: 2.0.24.704)
Ask Toolbar (Version: 1.15.14.0)
Ask Toolbar Updater (Version: 1.2.3.29495)
Audacity 1.3.14 (Unicode)
AudibleManager (Version: 2006793454.48.56.38873546)
AVG 2013 (Version: 13.0.2639)
AVG 2013 (Version: 13.0.2890)
AVG 2013 (Version: 2013.0.2890)
Best Buy pc app (Version: 3.2.0.0)
Bonjour (Version: 3.0.0.10)
bpd_scan (Version: 3.00.0000)
BPDSoftware (Version: 140.0.000.000)
BPDSoftware_Ini (Version: 1.00.0000)
BufferChm (Version: 140.0.213.000)
CameraHelperMsi (Version: 13.30.1395.0)
Camtasia Studio 7 (Version: 7.1.1)
CCleaner (Version: 3.23)
Cisco Connect (Version: 1.4.11299.0)
Conduit Engine (Version: )
Conference Recording Service
ContentSAFER for Wizmax
Convert AVI to MP4
CuteFTP 8 Lite (Version: 8.3.4)
CWA Reminder by We-Care.com v4.1.18.3 (Version: 4.1.18.3)
CyberLink PowerDVD 10 (Version: 10.0.2531.52)
D-Link DWA-125
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Desktop QR Scanner (Version: 1.0.0)
Destinations (Version: 130.0.0.0)
DeviceDiscovery (Version: 140.0.213.000)
DivX Setup (Version: 2.6.0.34)
DocMgr (Version: 140.0.65.000)
DocProc (Version: 140.0.100.000)
Dropbox (Version: 1.6.11)
Easy Lead Finder (Version: 2.2)
Email Extractor (Version: 5.0)
EmoDio (Version: 1.0)
EmoDio (Version: 5.0)
erLT (Version: 1.20.138.34)
ESET Online Scanner v3
Evernote v. 4.5.2 (Version: 4.5.2.5904)
Fax (Version: 140.0.213.000)
FileZilla Client 3.5.0 (Version: 3.5.0)
FLV to MP4
Galerie de photos Windows Live (Version: 15.4.3502.0922)
Gateway Recovery Management (Version: 5.00.3002)
Gateway Registration (Version: 1.03.3003)
Gateway ScreenSaver (Version: 1.1.0225.2011)
Gateway Updater (Version: 1.02.3005)
GIMP 2.6.11 (Version: 2.6.11)
Glary Utilities 2.52.0.1698 (Version: 2.52.0.1698)
Google Chrome (Version: 24.0.1312.52)
Google Earth (Version: 6.1.0.5001)
Google Talk Plugin (Version: 3.10.2.10212)
Google Update Helper (Version: 1.3.21.123)
GoToMeeting 5.4.0.1083 (Version: 5.4.0.1083)
GPBaseService2 (Version: 140.0.212.000)
HMA! Pro VPN 2.6.9 (Version: 2.6.9)
Hotkey Utility (Version: 2.05.3014)
HP Document Manager 2.0 (Version: 2.0)
HP Imaging Device Functions 14.0 (Version: 14.0)
HP Officejet 6500 E709 Series (Version: 14.0)
HP Solution Center 14.0 (Version: 14.0)
HP Update (Version: 5.002.002.002)
HPProductAssistant (Version: 140.0.213.000)
iCloud (Version: 2.1.0.39)
Identity Card (Version: 1.00.3006)
iLivid (Version: 1.92.0.112243)
iLivid (Version: 4.0.0.2208)
Image Crusher (Version: 1.0.0)
Instant Eyedropper 1.75
Intel® Control Center (Version: 1.2.1.1007)
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.2141)
Intel® Network Connections 16.4.69.0 (Version: 16.4.69.0)
iTunes (Version: 11.0.1.12)
Java 7 Update 11 (Version: 7.0.110)
Java Auto Updater (Version: 2.1.9.0)
Java™ 6 Update 25 (64-bit) (Version: 6.0.250)
Java™ 6 Update 33 (Version: 6.0.330)
JetClean (Version: 1.4.0)
join.me (Version: 1.3.1.429)
LAME v3.99.3 (for Windows)
LastPass (uninstall only)
Logitech Vid HD (Version: 7.2 (7259))
Logitech Webcam Software (Version: 2.0)
LWS Facebook (Version: 13.30.1346.0)
LWS Gallery (Version: 13.30.1379.0)
LWS Help_main (Version: 13.30.1396.0)
LWS Launcher (Version: 13.30.1379.0)
LWS Motion Detection (Version: 13.30.1395.0)
LWS Pictures And Video (Version: 13.30.1395.0)
LWS Twitter (Version: 13.30.1346.0)
LWS Video Mask Maker (Version: 13.00.1774.0)
LWS VideoEffects (Version: 13.30.1379.0)
LWS Webcam Software (Version: 13.30.1379.0)
LWS WLM Plugin (Version: 1.30.1201.0)
LWS YouTube Plugin (Version: 13.30.1346.0)
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
MapPI v4.93 version 4.93 (Version: 4.93)
Market Samurai (Version: 0.92.39)
Mediaplayer Lite v1.0 (Version: 1.0.0.0)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft SQL Server Compact 3.5 SP1 English (Version: 3.5.5692.0)
Microsoft SQL Server Compact 3.5 SP1 x64 English (Version: 3.5.5692.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version:

8.0.50727.4053)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version:

8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
Mindjet MindManager 8 (Version: 8.0.217)
Mobile Browser Simulator (Version: 1.0 rev1)
Mobile Browser Simulator (Version: 1.0.1)
Mobilizer (Version: 0.9.5)
Mozilla Firefox 18.0 (x86 en-US) (Version: 18.0)
Mozilla Maintenance Service (Version: 18.0)
Mozilla Thunderbird 17.0 (x86 en-US) (Version: 17.0)
Mplayer 0.6.9 (Version: 0.6.9)
MSVCRT (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
myfantasyleague.com Game Day 2012 (Version: 1.0)
Nero Control Center 10 (Version: 10.2.11100.1.1)
Nero ControlCenter 10 Help (CHM) (Version: 10.5.10000)
Nero Core Components 10 (Version: 2.0.18100.8.8)
Nero DiscSpeed 10 (Version: 6.2.10500.2.100)
Nero DiscSpeed 10 Help (CHM) (Version: 10.5.10000)
Nero Express 10 (Version: 10.2.12000.21.100)
Nero Express 10 Help (CHM) (Version: 10.5.10200)
Nero Multimedia Suite 10 Essentials (Version: 10.5.10300)
Nero StartSmart 10 (Version: 10.2.11600.14.100)
Nero StartSmart 10 Help (CHM) (Version: 10.5.10000)
Nero Update (Version: 1.0.0018)
Network64 (Version: 140.0.215.000)
NX-Local Cash Scraper (Version: 1.09.0000)
OCR Software by I.R.I.S. 14.0 (Version: 14.0)
Offline Penny Puncher
OptimizerPro (Version: 1.0)
PDF-XChange 3
PDF To JPG Converter 2.0.2
Photodex Presenter
Power Leads Pro X (Version: 1.0.97)
Power SEO Ranker v1.0
ProductContext (Version: 140.0.000.000)
ProShow Producer
QuickTime (Version: 7.73.80.64)
Rank Tracker
RankChecker (Version: 2.0.19)
Realtek High Definition Audio Driver (Version: 6.0.1.5898)
RevenueWire Keyword Manager
Rosetta Stone Version 3 (Version: 3.4.7.0)
S3 Ripper 2.0
Safari (Version: 5.33.21.1)
Sandboxie 3.62 (64-bit) (Version: 3.62)
Scan (Version: 140.0.167.000)
Search Assistant MocaFlix 1.66
Skype™ 6.0 (Version: 6.0.126)
SMPlayer 0.6.9 (Version: 0.6.9)
Snagit 11 (Version: 11.0.0)
Social Prospector version 2.2 (Version: 2.2)
SocialBot (Version: 4.1)
SolutionCenter (Version: 140.0.214.000)
Spotify (Version: 0.5.2)
Spotify (Version: 0.8.3.222.g317ab79d)
Status (Version: 140.0.256.000)
Tansee iPhone Transfer SMS 2.8.1.0 (Version: 2.8.1.0)
TeamViewer 6 (Version: 6.0.10722)
The Logo Creator v5
The Logo Creator v5.2
TheBestSpinner3
Thunder Scraper (Version: 1)
Tixati
Toolbox (Version: 140.0.428.000)
TrayApp (Version: 140.0.213.000)
TubeSmasher (Version: 1.0.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
VaudiX (Version: 1.0)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
Video Rank Checker (Version: 1.6)
VideoSniperSetup (Version: 1.0.7)
VirtualCloneDrive
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
Visual Studio 2010 x64 Redistributables (Version: 13.0.0.1)
VLC media player 2.0.2 (Version: 2.0.2)
Vuze (Version: 4.6)
Vuze Remote Toolbar (Version: 6.3.3.3)
WD SmartWare (Version: 1.2.0.8)
WebEx
WebReg (Version: 140.0.213.017)
Welcome Center (Version: 1.02.3102)
Windows Live (Version: 15.4.3502.0922)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
WinWAP for Windows 4.2 (Version: 4.2.0.290)
Wondershare AllMyTube(Build 2.2.4.0) (Version: 2.2.4.0)
XMind (Version: 3.2.1)
Xvid 1.2.2 final uninstall (Version: 1.2)
Yontoo Layers Runtime 1.10.01 (Version: 1.10.01)
YT-IncreaseChatter version 4.0 (Version: 4.0)

========================= Memory info: ===================================

Percentage of memory in use: 73%
Total physical RAM: 4061.18 MB
Available physical RAM: 1077.72 MB
Total Pagefile: 8120.54 MB
Available Pagefile: 4218.34 MB
Total Virtual: 4095.88 MB
Available Virtual: 3967.41 MB

========================= Partitions: =====================================

1 Drive c: (Gateway) (Fixed) (Total:916.91 GB) (Free:590.75 GB) NTFS

========================= Users: ========================================

User accounts for \\CARY-PC

Administrator Cary Guest

========================= Restore Points ==================================


**** End of log ****
======================================================

Farbar Service Scanner Version: 16-01-2013
Ran by Cary (administrator) on 17-01-2013 at 11:19:04
Running from "C:\Users\Cary\Downloads"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error. Google IP is offline
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

=============================================

# AdwCleaner v2.105 - Logfile created 01/17/2013 at 11:22:11
# Updated 08/01/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Cary - CARY-PC
# Boot Mode : Normal
# Running from : C:\Users\Cary\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Deleted on reboot : C:\ProgramData\Premium
File Deleted : C:\END
File Deleted : C:\Users\Cary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs

\iLivid.lnk
File Deleted : C:\Users\Cary\AppData\Roaming\Mozilla\Firefox\Profiles\ls3lmyuw.default

\searchplugins\Askcom.xml
File Deleted : C:\Users\Cary\AppData\Roaming\Mozilla\Firefox\Profiles\ls3lmyuw.default

\searchplugins\WebSearch.xml
File Deleted : C:\Users\Cary\Desktop\iLivid.lnk
File Deleted : C:\Users\Public\Desktop\Get The Best Facebook Chat Messenger.lnk
Folder Deleted : C:\Program Files (x86)\adawaretb
Folder Deleted : C:\Program Files (x86)\Ask.com
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\ConduitEngine
Folder Deleted : C:\Program Files (x86)\MocaFlix
Folder Deleted : C:\Program Files (x86)\Vuze_Remote
Folder Deleted : C:\Program Files (x86)\Yontoo Layers Runtime
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\blekko toolbars
Folder Deleted : C:\ProgramData\InstallMate
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ilivid
Folder Deleted : C:\ProgramData\WeCareReminder
Folder Deleted : C:\Users\Cary\AppData\Local\APN
Folder Deleted : C:\Users\Cary\AppData\Local\Conduit
Folder Deleted : C:\Users\Cary\AppData\Local\Ilivid
Folder Deleted : C:\Users\Cary\AppData\Local\Ilivid Player
Folder Deleted : C:\Users\Cary\AppData\Local\SwvUpdater
Folder Deleted : C:\Users\Cary\AppData\LocalLow\adawaretb
Folder Deleted : C:\Users\Cary\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\Cary\AppData\LocalLow\boost_interprocess
Folder Deleted : C:\Users\Cary\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Cary\AppData\LocalLow\ConduitEngine
Folder Deleted : C:\Users\Cary\AppData\LocalLow\Vuze_Remote
Folder Deleted : C:\Users\Cary\AppData\Roaming\Mozilla\Firefox\Profiles\ls3lmyuw.default

\adawaretb
Folder Deleted : C:\Users\Cary\AppData\Roaming\Mozilla\Firefox\Profiles\ls3lmyuw.default

\extensions\plugin@yontoo.com
Folder Deleted : C:\Users\Cary\AppData\Roaming\Mozilla\Firefox\Profiles\ls3lmyuw.default

\extensions\toolbar@ask.com
Folder Deleted : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

***** [Registry] *****

Data Deleted : HKLM\..\Windows [AppInit_DLLs] = c:\progra~2\mocaflix\sprote~1.dll
Data Deleted : HKLM\..\Windows [AppInit_DLLs] = c:\progra~2\vaudix\sprote~1.dll
Key Deleted : HKCU\Software\APN
Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\conduitEngine
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\Vuze_Remote
Key Deleted : HKCU\Software\AppDataLow\SProtector
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\ilivid
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy

\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-

4826-820B-08FBA6BD249D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA14329E-9550-

4989-B3F2-9732E92D17CC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D824F0DE-3D60-

4F57-9EB1-66033ECD8ABB}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-

484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-

4826-820B-08FBA6BD249D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA14329E-9550-

4989-B3F2-9732E92D17CC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D824F0DE-3D60-

4F57-9EB1-66033ECD8ABB}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-

4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-

484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-

405B-85AF-466F52E918B0}
Key Deleted : HKCU\Software\wecarereminder
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-

9AC4-73315F71CFFE}
Key Deleted : HKLM\Software\APN
Key Deleted : HKLM\Software\AskToolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4FBBF769-ECEB-420A-B536-133B1D505C36}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7E8A36EA-2501-4ED3-A3C8-CFA9143FB169}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{A7DDCBDE-5C86-415c-8A37-763AE183E7E4}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\IEHelperv2.5.0.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\Toolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\WMHelper.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\SOFTWARE\Classes\IEHelperv250.WeCareReminder
Key Deleted : HKLM\SOFTWARE\Classes\IEHelperv250.WeCareReminder.1
Key Deleted : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.BandObject
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.BandObject.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2504091
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.ToolbarHelperObject
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.ToolbarHelperObject.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B12920CF-BE13-4C09-890D-1B6EFFFE2FBE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\conduitEngine
Key Deleted : HKLM\Software\Freeze.com
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7A5945F9-

8BB9-49F7-A12C-02E021378B6F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-

832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\Software\SP Global
Key Deleted : HKLM\Software\SProtector
Key Deleted : HKLM\Software\Vuze_Remote
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{00000000-6E41-4FD3-8538-

502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{30F9B915-B755-4826-820B-

08FBA6BD249D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-

4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7A5945F9-8BB9-49F7-A12C-

02E021378B6F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7E84186E-B5DE-4226-8A66-

6E49C6B511B4}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-

BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{99066096-8989-4612-841F-

621A01D54AD7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{BA14329E-9550-4989-B3F2-

9732E92D17CC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D4027C7F-154A-4066-A1AD-

4243D8127440}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D824F0DE-3D60-4F57-9EB1-

66033ECD8ABB}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F773BB94-6C19-4643-A570-

0E429103D1C3}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-

84C829536E93}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-

9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-

2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-

160059D9D456}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-

CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-

3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-

E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F773BB94-6C19-4643-A570-

0E429103D1C3}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions

\niapdbllcanepiiimjjndipklodoedlc
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights

\ElevationPolicy\{4940355E-32BA-421F-922D-83A82144508D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights

\ElevationPolicy\{6BCA3F6F-46AC-47F6-AC08-126B66E35419}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights

\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights

\ElevationPolicy\{AC5B6CDA-8F90-4740-9A8C-28AC5D3C73FE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights

\ElevationPolicy\{C229BD44-A592-4606-B371-6D4759BE1016}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes

\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser

Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser

Helper Objects\{BA14329E-9550-4989-B3F2-9732E92D17CC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser

Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser

Helper Objects\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall

\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall

\conduitEngine
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ilivid
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall

\SP_8e4eb48d
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall

\Vuze_Remote Toolbar
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1C888195-0160-4883-91B7-294C0CE2F277}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{99ACA0F7-D864-45CB-8C40-FD42A077E7CA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-

18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-

44EE-9F31-C5FB5D47F68B}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{BA14329E-

9550-4989-B3F2-9732E92D17CC}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-

4FD3-8538-502F5495E5FC}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{BA14329E-9550-

4989-B3F2-9732E92D17CC}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{30F9B915-

B755-4826-820B-08FBA6BD249D}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{BA14329E-

9550-4989-B3F2-9732E92D17CC}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{D4027C7F-

154A-4066-A1AD-4243D8127440}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] =

hxxp://websearch.just-browse.info/ --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Page] =

hxxp://websearch.just-browse.info/ --> hxxp://www.google.com

-\\ Mozilla Firefox v18.0 (en-US)

File : C:\Users\Cary\AppData\Roaming\Mozilla\Firefox\Profiles\ls3lmyuw.default\prefs.js

C:\Users\Cary\AppData\Roaming\Mozilla\Firefox\Profiles\ls3lmyuw.default\user.js ...

Deleted !

Deleted : user_pref("aol_toolbar.default.homepage.check", false);
Deleted : user_pref("aol_toolbar.default.search.check", false);
Deleted : user_pref("browser.search.defaultengine", "Ask.com");
Deleted : user_pref("browser.search.defaultenginename", "Ask.com");
Deleted : user_pref("browser.search.defaulturl", "hxxp://websearch.just-browse.info/?

l=1&q=");
Deleted : user_pref("browser.search.order.1", "Ask.com");
Deleted : user_pref("browser.search.order.1,S", "WebSearch");
Deleted : user_pref("browser.search.selectedEngine", "Ask.com");
Deleted : user_pref("browser.search.selectedEngine,S", "WebSearch");
Deleted : user_pref("extensions.50ecaed9cfe4a.scode", "(function(){try{if

('aol.com,mail.google.com,mystart.inc[...]
Deleted : user_pref("extensions.BabylonToolbar.prtkDS", 0);
Deleted : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
Deleted : user_pref("extensions.asktb.ff-original-keyword-url", "hxxp://websearch.just-

browse.info/?l=1&q=");
Deleted : user_pref("extensions.proxytool.referers",

"www.google.com,google.com,yahoo.com,bing.com,ask.com,cur[...]
Deleted : user_pref("extensions.toolbar@ask.com.install-event-fired", true);
Deleted : user_pref("keyword.URL", "hxxp://websearch.ask.com/redirect?

client=ff&src=kw&tb=ORJ&o=&locale=&apn_u[...]
Deleted : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
Deleted : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
Deleted : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
Deleted : user_pref("sweetim.toolbar.previous.keyword.URL", "");
Deleted : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Deleted : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");
Deleted : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");
Deleted : user_pref("sweetim.toolbar.searchguard.enable", "");

-\\ Google Chrome v24.0.1312.52

File : C:\Users\Cary\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [15801 octets] - [17/01/2013 11:22:11]

########## EOF - C:\AdwCleaner[S1].txt - [15862 octets] ##########

============================================

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.4.3 (01.15.2013:1)
OS: Windows 7 Home Premium x64
Ran by Cary on Thu 01/17/2013 at 11:37:42.42
Blog: http://thisisudax.blogspot.com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] hkey_local_machine\software\classes\applications

\ilividsetupv1.exe
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\installer

\upgradecodes\f928123a039649549966d4c29d35b1c9
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{FC125650-568A-6FEA-586C-

743E4D9522D5}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\windows

\currentversion\explorer\browser helper objects\{FC125650-568A-6FEA-586C-743E4D9522D5}



~~~ Files

Successfully deleted: [File] "C:\users\default user\start menu\programs\startup\best buy

pc app.lnk"



~~~ Folders

Failed to delete: [Folder] "C:\ProgramData\best buy pc app"
Failed to delete: [Folder] "C:\ProgramData\premium"
Successfully deleted: [Folder] "C:\ProgramData\vaudix"
Successfully deleted: [Folder] "C:\Users\Cary\appdata\local\adawarebp"
Successfully deleted: [Folder] "C:\Users\Cary\appdata\locallow\vaudix"
Successfully deleted: [Folder] "C:\Program Files (x86)\savevalet"
Successfully deleted: [Folder] "C:\Program Files (x86)\vaudix"



~~~ FireFox

Successfully deleted: [File] "C:\Users\Cary\AppData\Roaming\mozilla\firefox\profiles

\ls3lmyuw.default\extensions\jid0-GXjLLfbCoAx0LcltEdFrEkQdQPI@jetpack.xpi"
Successfully deleted: [Folder] C:\Users\Cary\AppData\Roaming\mozilla\firefox\profiles

\ls3lmyuw.default\extensions\50ecaed9cfd9d@50ecaed9cfdd6.com
Successfully deleted: [Folder] C:\Users\Cary\AppData\Roaming\mozilla\firefox\profiles

\ls3lmyuw.default\extensions\jid1-yZwVFzbsyfMrqQ@jetpack
Successfully deleted the following from C:\Users\Cary\AppData\Roaming\mozilla\firefox

\profiles\ls3lmyuw.default\prefs.js

user_pref("extensions.jid0-GXjLLfbCoAx0LcltEdFrEkQdQPI@jetpack.install-event-fired",

true);
user_pref("extensions.jid1-yZwVFzbsyfMrqQ@jetpack.install-event-fired", true);
user_pref("extensions.seoquake.params.370.icon",

"AAABAAEAEBAAAAAAIABoBAAAFgAAACgAAAAQAAAAIAAAAAEAIAAAAAAAQAQAAAAAAAAAAAAAAAAAAAAAAAD///8B/

///Af///wHp6en/ubm5/4ODg/+JiYn/YmJi/
user_pref("extentions.y2layers.defaultEnableAppsList",

"BestVideoDownloader,BestVideoDownloader,");
user_pref("extentions.y2layers.installId", "579b70ad-8ff0-4a40-baa0-ec214e2f8555");
user_pref("extentions.y2layers.lastDnsTest", 371954);
Emptied folder: C:\Users\Cary\AppData\Roaming\mozilla\firefox\profiles\ls3lmyuw.default

\minidumps [66 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 01/17/2013 at 11:50:06.97
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


==========================================

Rkill 2.4.6 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 01/17/2013 11:59:55 AM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\ProgramData\Premium\VaudiX\VaudiX.exe (PID: 2708) [AU-HEUR]
* C:\Users\Cary\Downloads\JRT.exe (PID: 4712) [UP-HEUR]

2 proccesses terminated!

Checking Registry for malware related settings:

* Advanced Explorer Setting Removed: HideIcons [HKCU]

Backup Registry file created at:
C:\Users\Cary\Desktop\rkill\rkill-01-17-2013-12-00-04.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
* HKLM\Software\Classes\.exe\shell found and deleted!


Performing miscellaneous checks:

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity:

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Manual

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

xxxx

127.0.0.1 fr.a2dfp.net
127.0.0.1 m.fr.a2dfp.net
127.0.0.1 ad.a8.net
127.0.0.1 asy.a8ww.net
127.0.0.1 abcstats.com
127.0.0.1 a.abv.bg
127.0.0.1 adserver.abv.bg
127.0.0.1 adv.abv.bg
127.0.0.1 bimg.abv.bg
127.0.0.1 ca.abv.bg
127.0.0.1 www2.a-counter.kiev.ua
127.0.0.1 track.acclaimnetwork.com
127.0.0.1 accuserveadsystem.com
127.0.0.1 www.accuserveadsystem.com
127.0.0.1 achmedia.com
127.0.0.1 aconti.net
127.0.0.1 secure.aconti.net
127.0.0.1 www.aconti.net #[Dialer.Aconti]

20 out of 14305 HOSTS entries shown.
Please review HOSTS file for further entries.

Program finished at: 01/17/2013 12:00:15 PM
Execution time: 0 hours(s), 0 minute(s), and 20 seconds(s)

=============================================

"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" ""

"" ""
+ "rdpclip" "" "" "File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "AdobeAAMUpdater-1.0" "Adobe Updater Startup Utility" "Adobe Systems Incorporated"

"c:\program files (x86)\common files\adobe\oobe\pdapp\uwa\updaterstartuputility.exe"
+ "HotKeysCmds" "hkcmd Module" "Intel Corporation" "c:\windows\system32\hkcmd.exe"
+ "IgfxTray" "igfxTray Module" "Intel Corporation" "c:\windows

\system32\igfxtray.exe"
+ "Logitech Download Assistant" "Logitech Download Assistant" "Logitech, Inc."

"c:\windows\system32\logilda.dll"
+ "Persistence" "persistence Module" "Intel Corporation" "c:\windows

\system32\igfxpers.exe"
+ "RtHDVCpl" "HD Audio Control Panel" "Realtek Semiconductor" "c:\program files

\realtek\audio\hda\ravcpl64.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Ad-Aware Browsing Protection" "Ad-Aware Browsing Protection and Anti-Phishing"

"Lavasoft" "c:\programdata\ad-aware browsing protection\adawarebp.exe"
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated"

"c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe"
+ "AdobeCS5ServiceManager" "Adobe CS5 Service Manager" "Adobe Systems

Incorporated" "c:\program files (x86)\common files\adobe\cs5servicemanager

\cs5servicemanager.exe"
+ "APSDaemon" "Apple Push" "Apple Inc." "c:\program files (x86)\common files

\apple\apple application support\apsdaemon.exe"
+ "ArcSoft Connection Service" "ArcSoft Connect Daemon" "ArcSoft Inc." "c:

\program files (x86)\common files\arcsoft\connection service\bin\acdaemon.exe"
+ "AVG_UI" "AVG User Interface" "AVG Technologies CZ, s.r.o." "c:\program files

(x86)\avg\avg2013\avgui.exe"
+ "BCSSync" "Microsoft Office 2010 component" "Microsoft Corporation" "c:

\program files (x86)\microsoft office\office14\bcssync.exe"
+ "D-Link D-Link DWA-125" "D-Link WLAN Application" "D-Link Corp." "c:

\program files (x86)\d-link\dwa-125 reva\airgcfg.exe"
+ "DivXUpdate" "DivX Update" "" "c:\program files (x86)\divx\divx update

\divxupdate.exe"
+ "Hotkey Utility" "Hotkey Utility" "" "c:\program files (x86)\gateway

\hotkey utility\hotkeyutility.exe"
+ "HP Software Update" "hpwuSchd Application" "Hewlett-Packard" "c:\program files

(x86)\hp\hp software update\hpwuschd2.exe"
+ "iTunesHelper" "iTunesHelper" "Apple Inc." "c:\program files (x86)\itunes

\ituneshelper.exe"
+ "LWS" "Logitech Webcam Software" "Logitech Inc." "c:\program files (x86)\logitech

\lws\webcam software\lws.exe"
+ "MMReminderService" "MindManager Topic Alerts" "Mindjet" "c:\program files

(x86)\mindjet\mindmanager 8\mmreminderservice.exe"
+ "QuickTime Task" "QuickTime Task" "Apple Inc." "c:\program files

(x86)\quicktime\qttask.exe"
+ "RemoteControl10" "PowerDVD RC Service" "CyberLink Corp." "c:\program files

(x86)\cyberlink\powerdvd10\pdvd10serv.exe"
+ "SMSTray" "SMSTray.exe" "SAMSUNG ELECTRONICS" "c:\program files (x86)\samsung

\emodio\smstray.exe"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc."

"c:\program files (x86)\common files\java\java update\jusched.exe"
+ "SwitchBoard" "SwitchBoard Server (32 bit)" "Adobe Systems Incorporated" "c:

\program files (x86)\common files\adobe\switchboard\switchboard.exe"
+ "VirtualCloneDrive" "Virtual CloneDrive Daemon" "Elaborate Bytes AG" "c:

\program files (x86)\elaborate bytes\virtualclonedrive\vcddaemon.exe"
+ "WZCSLDR2" "ANIWZCS2 launcher for Windows." "Wireless Service" "c:

\program files (x86)\d-link\dwa-125 reva\wzcsldr2.exe"
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "HP Digital Imaging Monitor.lnk" "HP Digital Imaging Monitor" "Hewlett-Packard

Co." "c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe"
+ "Snagit 11.lnk" "Snagit" "TechSmith Corporation" "c:\program files

(x86)\techsmith\snagit 11\snagit32.exe"
+ "WDDMStatus.lnk" "WD Drive Manager" "WDC" "c:\program files\western digital

\wd smartware\wd drive manager\wddmstatus.exe"
+ "WDSmartWare.lnk" "WD SmartWare" "Western Digital" "c:\program files

(x86)\western digital\wd smartware\front parlor\wdsmartware.exe"
"C:\Users\Cary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup" "" ""

""
+ "Dropbox.lnk" "Dropbox" "Dropbox, Inc." "c:\users\cary\appdata\roaming\dropbox

\bin\dropbox.exe"
+ "EvernoteClipper.lnk" "Evernote Clipper" "Evernote Corp., 333 W Evelyn Ave.

Mountain View, CA 94041" "c:\program files (x86)\evernote\evernote

\evernoteclipper.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows

mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files

(x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "AdobeBridge" "Adobe Bridge CS5" "Adobe Systems, Inc." "c:\program files

(x86)\adobe\adobe bridge cs5\bridge.exe"
+ "Google Update" "Google Installer" "Google Inc." "c:\users\cary\appdata

\local\google\update\googleupdate.exe"
+ "GoToMeeting" "GoToMeeting" "Citrix Online, a division of Citrix Systems, Inc."

"c:\program files (x86)\citrix\gotomeeting\978\g2mstart.exe"
+ "instanteyedropper" "" "" "c:\program files (x86)\instanteyedropper

\instanteyedropper.exe"
+ "SandboxieControl" "Sandboxie Control" "SANDBOXIE L.T.D" "c:\program files

\sandboxie\sbiectrl.exe"
+ "Spotify Web Helper" "SpotifyWebHelper" "Spotify Ltd" "c:\users\cary\appdata

\roaming\spotify\data\spotifywebhelper.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:

\program files\common files\microsoft shared\office14\msoxmlmf.dll"
"HKLM\SOFTWARE\Classes\Protocols\Handler" "" "" ""
+ "linkscanner" "" "" "File not found: C:\Program Files (x86)\AVG

\AVG2012\avgppa.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks" "" ""

""
+ "Groove GFS Stub Execution Hook" "Microsoft SharePoint Workspace Extensions"

"Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks" ""

"" ""
+ "Groove GFS Stub Execution Hook" "Microsoft SharePoint Workspace Extensions"

"Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKCU\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "DropboxExt" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\cary\appdata

\roaming\dropbox\bin\dropboxext64.17.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\program files\7-zip\7-zip.dll"
+ "AVG Shell Extension" "AVG Shell Extension" "AVG Technologies CZ, s.r.o." "c:

\program files (x86)\avg\avg2013\avgsea.dll"
+ "PhotoStreamsExt" "" "" "c:\program files\common files\apple\internet

services\shellstreams64.dll"
+ "SnagItMainShellExt" "Snagit Shell Extension DLL" "TechSmith Corporation" "c:

\program files (x86)\techsmith\snagit 11\dllx64\snagitshellext64.dll"
+ "VirtualCloneDrive" "CloseTray" "Elaborate Bytes AG" "c:\program files

(x86)\elaborate bytes\virtualclonedrive\elbyvcdshell.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace

Extensions" "Microsoft Corporation" "c:\program files\microsoft office

\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "7-PDFMaker" "" "" "c:\program files (x86)\7-pdf\7-pdf maker\7p.dll"
+ "AVG Shell Extension" "AVG Shell Extension" "AVG Technologies CZ, s.r.o." "c:

\program files (x86)\avg\avg2013\avgse.dll"
+ "Glary Utilities" "Context Menu Handler" "Glarysoft Ltd" "c:\program files

(x86)\glary utilities\contexthandler.dll"
+ "NeroShellExt Class" "Nero Burning ROM Shell Extension" "Nero AG" "c:

\program files (x86)\common files\nero\neroshellext\neroshellext.dll"
+ "PhotoStreamsExt" "ShellStreams.dll" "Apple Inc." "c:\program files

(x86)\common files\apple\internet services\shellstreams.dll"
+ "SnagItMainShellExt" "Snagit Shell Extension DLL" "TechSmith Corporation" "c:

\program files (x86)\techsmith\snagit 11\snagitshellext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace

Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office

\office14\grooveex.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" ""

""
+ "AdAwareContextMenu64" "Ad-Aware Antivirus Shell Extension x64" "Lavasoft

Limited" "c:\program files (x86)\ad-aware antivirus\adawareshellextension64.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:

\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace

Extensions" "Microsoft Corporation" "c:\program files\microsoft office

\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" ""

"" ""
+ "AdAwareContextMenu" "Ad-Aware Antivirus Shell Extension" "Lavasoft Limited"

"c:\program files (x86)\ad-aware antivirus\adawareshellextension.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace

Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office

\office14\grooveex.dll"
"HKCU\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "DropboxExt" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\cary\appdata

\roaming\dropbox\bin\dropboxext64.17.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\program files\7-zip\7-zip.dll"
+ "SnagItMainShellExt" "Snagit Shell Extension DLL" "TechSmith Corporation" "c:

\program files (x86)\techsmith\snagit 11\dllx64\snagitshellext64.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace

Extensions" "Microsoft Corporation" "c:\program files\microsoft office

\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\ShellEx\ContextMenuHandlers" "" ""

""
+ "NeroShellExt Class" "Nero Burning ROM Shell Extension" "Nero AG" "c:

\program files (x86)\common files\nero\neroshellext\neroshellext.dll"
+ "SnagItMainShellExt" "Snagit Shell Extension DLL" "TechSmith Corporation" "c:

\program files (x86)\techsmith\snagit 11\snagitshellext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace

Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office

\office14\grooveex.dll"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\program files\7-zip\7-zip.dll"
"HKLM\Software\Classes\Directory\Shellex\CopyHookHandlers" "" "" ""
+ "FileZilla3CopyHook" "fzshellext Dynamic Link Library" "" "c:\program files

(x86)\filezilla ftp client\fzshellext_64.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Shellex\CopyHookHandlers" "" "" ""
+ "FileZilla3CopyHook" "fzshellext Dynamic Link Library" "" "c:\program files

(x86)\filezilla ftp client\fzshellext.dll"
"HKCU\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" ""

""
+ "DropboxExt" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\cary\appdata

\roaming\dropbox\bin\dropboxext64.17.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" ""

""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows

sidebar\sbdrop.dll"
+ "igfxcui" "igfxpph Module" "Intel Corporation" "c:\windows

\system32\igfxpph.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace

Extensions" "Microsoft Corporation" "c:\program files\microsoft office

\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" ""

"" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files

(x86)\windows sidebar\sbdrop.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace

Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office

\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "AudibleShlExt Class" "AudibleExt Module" "Audible, Inc." "c:\program files

(x86)\audible\bin\audibleext.dll"
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files

(x86)\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "AVG Shell Extension" "AVG Shell Extension" "AVG Technologies CZ, s.r.o." "c:

\program files (x86)\avg\avg2013\avgsea.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:

\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace

Extensions" "Microsoft Corporation" "c:\program files\microsoft office

\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "AVG Shell Extension" "AVG Shell Extension" "AVG Technologies CZ, s.r.o." "c:

\program files (x86)\avg\avg2013\avgse.dll"
+ "Glary Utilities" "Context Menu Handler" "Glarysoft Ltd" "c:\program files

(x86)\glary utilities\contexthandler.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace

Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office

\office14\grooveex.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" ""

"" ""
+ "DropboxExt1" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\cary\appdata

\roaming\dropbox\bin\dropboxext64.17.dll"
+ "DropboxExt2" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\cary\appdata

\roaming\dropbox\bin\dropboxext64.17.dll"
+ "DropboxExt3" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\cary\appdata

\roaming\dropbox\bin\dropboxext64.17.dll"
+ "DropboxExt4" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\cary\appdata

\roaming\dropbox\bin\dropboxext64.17.dll"
+ "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" "Microsoft SharePoint Workspace

Extensions" "Microsoft Corporation" "c:\program files\microsoft office

\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2 (GFS Stub)" "Microsoft SharePoint Workspace

Extensions" "Microsoft Corporation" "c:\program files\microsoft office

\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" "Microsoft SharePoint

Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office

\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 3 (GFS Folder)" "Microsoft SharePoint Workspace

Extensions" "Microsoft Corporation" "c:\program files\microsoft office

\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" "Microsoft SharePoint Workspace

Extensions" "Microsoft Corporation" "c:\program files\microsoft office

\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer

\ShellIconOverlayIdentifiers" "" "" ""
+ "DropboxExt1" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\cary\appdata

\roaming\dropbox\bin\dropboxext.17.dll"
+ "DropboxExt2" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\cary\appdata

\roaming\dropbox\bin\dropboxext.17.dll"
+ "DropboxExt3" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\cary\appdata

\roaming\dropbox\bin\dropboxext.17.dll"
+ "DropboxExt4" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\cary\appdata

\roaming\dropbox\bin\dropboxext.17.dll"
+ "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" "Microsoft SharePoint Workspace

Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office

\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2 (GFS Stub)" "Microsoft SharePoint Workspace

Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office

\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" "Microsoft SharePoint

Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office

\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 3 (GFS Folder)" "Microsoft SharePoint Workspace

Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office

\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" "Microsoft SharePoint Workspace

Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office

\office14\grooveex.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" ""

"" ""
+ "Groove GFS Browser Helper" "Microsoft SharePoint Workspace Extensions" "Microsoft

Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Sun Microsystems,

Inc." "c:\program files\java\jre6\bin\jp2ssv.dll"
+ "LastPass Browser Helper Object" "LastPass Toolbar" "LastPass" "c:

\program files (x86)\lastpass\lpbar64.dll"
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler"

"Microsoft Corporation" "c:\program files\microsoft office\office14\urlredir.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper"

"Microsoft Corp." "c:\program files\common files\microsoft shared\windows live

\windowslivelogin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper

Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe

Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex

\acroiehelpershim.dll"
+ "CmjBrowserHelperObject Object" "Internet Explorer add-in for MindManager 8"

"Mindjet" "c:\program files (x86)\mindjet\mindmanager 8\mm8internetexplorer.dll"
+ "DivX Plus Web Player HTML5 <video>" "DivX Plus Web Player HTML5 <video> version

2.1.2.126" "DivX, LLC" "c:\program files (x86)\divx\divx plus web player\ie

\divxhtml5\divxhtml5.dll"
+ "Groove GFS Browser Helper" "Microsoft SharePoint Workspace Extensions" "Microsoft

Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Oracle

Corporation" "c:\program files (x86)\java\jre7\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Oracle Corporation"

"c:\program files (x86)\java\jre7\bin\ssv.dll"
+ "LastPass Browser Helper Object" "LastPass Toolbar" "LastPass" "c:

\program files (x86)\lastpass\lpbar.dll"
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler"

"Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\urlredir.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper"

"Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows

live\windowslivelogin.dll"
+ "Wondershare YouTube Downloader" "Wondershare YouTube Downloader Plugin"

"Wondershare Software Co., Ltd." "c:\program files (x86)\wondershare\allmytube

\svrieplugin.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "LastPass Toolbar" "LastPass Toolbar" "LastPass" "c:\program files

(x86)\lastpass\lpbar64.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "LastPass Toolbar" "LastPass Toolbar" "LastPass" "c:\program files

(x86)\lastpass\lpbar.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "LastPass" "LastPass Toolbar" "LastPass" "c:\program files (x86)\lastpass

\lpbar64.dll"
+ "OneNote Lin&ked Notes" "Microsoft OneNote Internet Explorer Add-in" "Microsoft

Corporation" "c:\program files\microsoft office\office14\onbttnielinkednotes.dll"
+ "Se&nd to OneNote" "Microsoft OneNote Internet Explorer Add-in" "Microsoft

Corporation" "c:\program files\microsoft office\office14\onbttnie.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "Add to Evernote 4" "" "" "File not found: C:\Program Files (x86)\Evernote

\Evernote\EvernoteIE.dll/204"
+ "LastPass" "LastPass Toolbar" "LastPass" "c:\program files (x86)\lastpass

\lpbar.dll"
+ "OneNote Lin&ked Notes" "Microsoft OneNote Internet Explorer Add-in" "Microsoft

Corporation" "c:\program files (x86)\microsoft office\office14\onbttnielinkednotes.dll"
+ "Se&nd to OneNote" "Microsoft OneNote Internet Explorer Add-in" "Microsoft

Corporation" "c:\program files (x86)\microsoft office\office14\onbttnie.dll"
+ "Send to Mindjet MindManager" "Internet Explorer add-in for MindManager 8" "Mindjet"

"c:\program files (x86)\mindjet\mindmanager 8\mm8internetexplorer.dll"
"Task Scheduler" "" "" ""
+ "\Ad-Aware Antivirus Scheduled Scan" "Ad-Aware Antivirus Launcher" "Lavasoft Limited"

"c:\program files (x86)\ad-aware antivirus\adawarelauncher.exe"
+ "\Adobe Flash Player Updater" "Adobe® Flash® Player Update Service 11.5 r502" "Adobe

Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "\AdobeAAMUpdater-1.0-Cary-PC-Cary" "Adobe Updater Startup Utility" "Adobe Systems

Incorporated" "c:\program files (x86)\common files\adobe\oobe\pdapp\uwa

\updaterstartuputility.exe"
+ "\Apple\AppleSoftwareUpdate" "Apple Software Update" "Apple Inc." "c:\program files

(x86)\apple software update\softwareupdate.exe"
+ "\AutoKMS" "" "" "File not found: C:\Windows\AutoKMS.exe"
+ "\GlaryInitialize" "Glary Utilities Initialize" "Glarysoft Ltd" "c:\program files

(x86)\glary utilities\initialize.exe"
+ "\GoogleUpdateTaskMachineCore" "Google Installer" "Google Inc." "c:

\program files (x86)\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskMachineUA" "Google Installer" "Google Inc." "c:\program files

(x86)\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-134424924-2419586594-4041897210-1000Core" "Google

Installer" "Google Inc." "c:\users\cary\appdata\local\google\update

\googleupdate.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-134424924-2419586594-4041897210-1000UA" "Google

Installer" "Google Inc." "c:\users\cary\appdata\local\google\update

\googleupdate.exe"
+ "\JetCleanLoginCheckUpdate" "JetClean Updater" "BlueSprig" "c:\program files

(x86)\bluesprig\jetclean\autoupdate.exe"
+ "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task" "Windows Live

Social Object Extractor Engine" "Microsoft Corporation" "c:\program files (x86)\windows

live\soxe\wlsoxe.dll"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows

\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player

Network Sharing Service Configuration Application" "Microsoft Corporation" "c:

\program files\windows media player\wmpnscfg.exe"
+ "\OptimizerProUpdaterTask{D3A41E9A-85DE-4929-8708-454BF83DFBC5}" "" ""

"File not found: C:\ProgramData\Premium\OptimizerPro\OptimizerPro.exe"
+ "\RealUpgradeLogonTaskS-1-5-21-134424924-2419586594-4041897210-1000" "" ""

"File not found: C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe"
+ "\RealUpgradeScheduledTaskS-1-5-21-134424924-2419586594-4041897210-1000" "" ""

"File not found: C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe"
+ "\Scheduled Update for Ask Toolbar" "" "" "File not found: C:\Program Files

(x86)\Ask.com\UpdateTask.exe"
+ "\SidebarExecute" "Windows Desktop Gadgets" "Microsoft Corporation" "c:

\program files\windows sidebar\sidebar.exe"
+ "\VaudiXUpdaterTask{3E15CA70-D8CF-48C4-8F5F-805104F46585}" "Updater" ""

"c:\programdata\premium\vaudix\vaudix.exe"
+ "\{3BE7D4A6-FD4C-4579-9F0A-CBDE324AE691}" "Camtasia Recorder" "TechSmith

Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camrecorder.exe"
+ "\{79523EE6-CEB0-480D-8C55-BE3C1EC88312}" "Camtasia Recorder" "TechSmith

Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camrecorder.exe"
+ "\{9F1AC2C9-3AE9-4B62-BBDD-DD062901D17A}" "Google Chrome" "Google Inc." "c:\users

\cary\appdata\local\google\chrome\application\chrome.exe"
+ "\{AF7DCD71-A522-4526-B519-403DCCD9DE20}" "Power Leads Pro X" "Power Leads"

"c:\program files (x86)\power leads pro x\power leads pro x\core.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "ACDaemon" "ArcSoft Connect Service" "ArcSoft Inc." "c:\program files

(x86)\common files\arcsoft\connection service\bin\acservice.exe"
+ "Ad-Aware Service" "Ad-Aware Service" "Lavasoft Limited" "c:\program files

(x86)\ad-aware antivirus\adawareservice.exe"
+ "AdobeARMservice" "Adobe Acrobat Updater keeps your Adobe software up to date."

"Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm

\1.0\armsvc.exe"
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation

up to date with the latest enhancements and security fixes." "Adobe Systems

Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple

Inc." "c:\program files (x86)\common files\apple\mobile device support

\applemobiledeviceservice.exe"
+ "AVGIDSAgent" "Provides Identity Protection Against Cyber Crime." "AVG Technologies

CZ, s.r.o." "c:\program files (x86)\avg\avg2013\avgidsagent.exe"
+ "avgwd" "AVG Watchdog Service" "AVG Technologies CZ, s.r.o." "c:\program files

(x86)\avg\avg2013\avgwdsvc.exe"
+ "Bonjour Service" "Enables hardware devices and software services to automatically

configure themselves on the network and advertise their presence." "Apple Inc."

"c:\program files\bonjour\mdnsresponder.exe"
+ "D_Link_DWA-125" "ANIWZCS2 Service Launcher" "Wireless Service" "c:

\program files (x86)\d-link\dwa-125 reva\aniwzcsds.exe"
+ "D_Link_DWA-125_WPS" "ANIWConnService" "" "c:\program files (x86)\d-link

\dwa-125 reva\aniwconnservice.exe"
+ "FLEXnet Licensing Service" "This service performs licensing functions on behalf of

FLEXnet enabled products." "Acresso Software Inc." "c:\program files (x86)\common

files\macrovision shared\flexnet publisher\fnplicensingservice.exe"
+ "GREGService" "Global Registration Service" "Acer Incorporated" "c:\program files

(x86)\gateway\registration\gregsvc.exe"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or

stopped, your Google software will not be kept up to date, meaning security

vulnerabilities that may arise cannot be fixed and features may not work. This service

uninstalls itself when there is no Google software using it." "Google Inc." "c:

\program files (x86)\google\update\googleupdate.exe"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or

stopped, your Google software will not be kept up to date, meaning security

vulnerabilities that may arise cannot be fixed and features may not work. This service

uninstalls itself when there is no Google software using it." "Google Inc." "c:

\program files (x86)\google\update\googleupdate.exe"
+ "hpqcxs08" "HP CUE Context Manager Objects" "Hewlett-Packard Co." "c:

\program files (x86)\hp\digital imaging\bin\hpqcxs08.dll"
+ "hpqddsvc" "This service detects and monitors CUE devices on the system." "Hewlett-

Packard Co." "c:\program files (x86)\hp\digital imaging\bin\hpqddsvc.dll"
+ "HPSLPSVC" "Discovers and monitors the state and the configuration of the HP devices

attached to your network. If the service is stopped, and your network devices change IP

addresses, they might become unavailable" "Hewlett-Packard Co." "c:\program files

(x86)\hp\digital imaging\bin\hpslpsvc64.dll"
+ "Intel® PROSet Monitoring Service" "The Intel® PROSet Monitoring Service actively

monitors changes to the system and updates affected network devices to keep them running

in optimal condition. Stopping this service may negatively affect the performance of the

network devices on the system." "Intel Corporation" "c:\windows

\system32\iprosetmonitor.exe"
+ "iPod Service" "iPod hardware management services" "Apple Inc." "c:

\program files\ipod\bin\ipodservice.exe"
+ "Live Updater Service" "Updater Service" "Acer Incorporated" "c:

\program files\gateway\gateway updater\updaterservice.exe"
+ "Microsoft SharePoint Workspace Audit Service" "Microsoft SharePoint Workspace"

"Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\groove.exe"
+ "MozillaMaintenance" "The Mozilla Maintenance Service ensures that you have the latest

and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is

very important for your online security, and Mozilla strongly recommends that you keep

this service enabled." "Mozilla Foundation" "c:\program files (x86)\mozilla

maintenance service\maintenanceservice.exe"
+ "NAUpdate" "Provides access to Nero application updates and manages Nero

applications." "Nero AG" "c:\program files (x86)\nero\update\nasvc.exe"
+ "Net Driver HPZ12" "Dot4Net Module" "Hewlett-Packard" "c:\windows

\system32\hpzinw12.dll"
+ "OpenVPNService" "" "" "c:\program files (x86)\hma! pro vpn\bin

\openvpnserv.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the

downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:

\program files (x86)\common files\microsoft shared\source engine\ose.exe"
+ "osppsvc" "Office Software Protection Platform Service (unlocalized description)"

"Microsoft Corporation" "c:\program files\common files\microsoft shared

\officesoftwareprotectionplatform\osppsvc.exe"
+ "Pml Driver HPZ12" "PmlDrv Module" "Hewlett-Packard" "c:\windows

\system32\hpzipm12.dll"
+ "SBAMSvc" "Manages your antispyware and antivirus application" "GFI Software"

"c:\program files (x86)\ad-aware antivirus\sbamsvc.exe"
+ "SbieSvc" "Sandboxie Service" "SANDBOXIE L.T.D" "c:\program files

\sandboxie\sbiesvc.exe"
+ "ScsiAccess" "" "" "c:\program files (x86)\photodex\proshowproducer

\scsiaccess.exe"
+ "SkypeUpdate" "Enables the detection, download and installation of updates for Skype."

"Skype Technologies" "c:\program files (x86)\skype\updater\updater.exe"
+ "SwitchBoard" "Adobe SwitchBoard" "Adobe Systems Incorporated" "c:\program files

(x86)\common files\adobe\switchboard\switchboard.exe"
+ "TeamViewer6" "TeamViewer Remote Software" "TeamViewer GmbH" "c:\program files

(x86)\teamviewer\version6\teamviewer_service.exe"
+ "UMVPFSrv" "UMVPF is a user mode Logitech driver" "Logitech Inc." "c:\program files

(x86)\common files\logishrd\lvmvfm\umvpfsrv.exe"
+ "WDDMService" "Provides functionality for Western Digital disk drives." "WDC"

"c:\program files\western digital\wd smartware\wd drive manager\wddmservice.exe"
+ "WDSmartWareBackgroundService" "Manages background tasks for WDSmartWare

Applications" "Memeo" "c:\program files (x86)\western digital\wd smartware\front parlor

\wdsmartwarebackgroundservice.exe"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft

Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "wlidsvc" "Enables Windows Live ID authentication." "Microsoft Corp."

"c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players

and media devices using Universal Plug and Play" "Microsoft Corporation" "c:

\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:

\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows

\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:

\windows\system32\drivers\adpu320.sys"
+ "Afc" "Arcsoft® ASPI Shell" "Arcsoft, Inc." "c:\windows\syswow64\drivers\afc.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows

\system32\drivers\aliide.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:

\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64

platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows

\system32\drivers\amdxata.sys"
+ "anodlwf" "ANOD Network Security Filter driver" "" "c:\windows

\system32\drivers\anodlwfx.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers

\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows

\system32\drivers\arcsas.sys"
+ "AVGIDSDriver" "AVG Technologies IDS Application Activity Monitor Driver"

"AVG Technologies CZ, s.r.o. " "c:\windows\system32\drivers\avgidsdrivera.sys"
+ "AVGIDSHA" "AVG Technologies IDS Application Activity Monitor Helper Driver"

"AVG Technologies CZ, s.r.o. " "c:\windows\system32\drivers\avgidsha.sys"
+ "Avgldx64" "AVG AVI Loader Driver" "AVG Technologies CZ, s.r.o." "c:\windows

\system32\drivers\avgldx64.sys"
+ "Avgloga" "AVG Logging Driver" "AVG Technologies CZ, s.r.o." "c:\windows

\system32\drivers\avgloga.sys"
+ "Avgmfx64" "AVG Resident Shield Minifilter Driver" "AVG Technologies CZ, s.r.o."

"c:\windows\system32\drivers\avgmfx64.sys"
+ "Avgrkx64" "AVG Anti-Rootkit Driver" "AVG Technologies CZ, s.r.o." "c:

\windows\system32\drivers\avgrkx64.sys"
+ "Avgtdia" "AVG Network connection watcher" "AVG Technologies CZ, s.r.o."

"c:\windows\system32\drivers\avgtdia.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:

\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom

Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother

Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother

Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd."

"c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd."

"c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:

\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:

\windows\system32\drivers\brusbser.sys"
+ "BVRPMPR5a64" "BVRP NDIS 5.0 MPR Protocol Driver" "Avanquest Software" "c:

\windows\system32\drivers\bvrpmpr5a64.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows

\system32\drivers\cmdide.sys"
+ "e1yexpress" "Intel® Gigabit Network Connection NDIS 6 deserialized driver"

"Intel Corporation" "c:\windows\system32\drivers\e1y62x64.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:

\windows\system32\drivers\evbda.sys"
+ "ElbyCDIO" "ElbyCD Windows x64 I/O driver" "Elaborate Bytes AG" "c:\windows

\system32\drivers\elbycdio.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:

\windows\system32\drivers\elxstor.sys"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers

\gearaspiwdm.sys"
+ "gfibto" "GFI Boot Time Operations Driver" "GFI Software" "c:\windows

\system32\drivers\gfibto.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge

Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company"

"c:\windows\system32\drivers\hpsamd.sys"
+ "iaStor" "Intel Matrix Storage Manager driver - x64" "Intel Corporation"

"c:\windows\system32\drivers\iastor.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation"

"c:\windows\system32\drivers\iastorv.sys"
+ "igfx" "Intel Graphics Kernel Mode Driver" "Intel Corporation" "c:

\windows\system32\drivers\igdkmd64.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH"

"c:\windows\system32\drivers\iirsp.sys"
+ "IntcAzAudAddService" "Realtek® High Definition Audio Function Driver" "Realtek

Semiconductor Corp." "c:\windows\system32\drivers\rtkvhd64.sys"
+ "IntcHdmiAddService" "Intel® High Definition Audio HDMI" "Intel® Corporation"

"c:\windows\system32\drivers\intchdmi.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:

\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:

\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:

\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:

\windows\system32\drivers\lsi_scsi.sys"
+ "lvpopf64" "Logitech AudioProcessing Filter Driver" "Logitech Inc." "c:

\windows\system32\drivers\lvpopf64.sys"
+ "LVPr2M64" "Logitech LVPr2M64 Driver" "Logitech Inc." "c:\windows

\system32\drivers\lvpr2m64.sys"
+ "LVPr2Mon" "Logitech LVPr2M64 Driver" "Logitech Inc." "c:\windows

\system32\drivers\lvpr2m64.sys"
+ "LVRS64" "Logitech Kernel Audio Improvement Filter Driver" "Logitech Inc."

"c:\windows\system32\drivers\lvrs64.sys"
+ "LVUVC64" "Logitech USB Video Class Driver" "Logitech Inc." "c:\windows

\system32\drivers\lvuvc64.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64"

"LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:

\windows\system32\drivers\megasr.sys"
+ "netr28ux" "Ralink 802.11n Wireless Adapter Driver" "Ralink Technology Corp."

"c:\windows\system32\drivers\dnetr28ux.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:

\windows\system32\drivers\nfrd960.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:

\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation"

"c:\windows\system32\drivers\nvstor.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation"

"c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:

\windows\system32\drivers\ql40xx.sys"
+ "SbieDrv" "Sandboxie Kernel Mode Driver" "SANDBOXIE L.T.D" "c:\program files

\sandboxie\sbiedrv.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision

Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers

\secdrv.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp."

"c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:

\windows\system32\drivers\sisraid4.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise

Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "tap0901" "TAP-Win32 Virtual Network Driver" "The OpenVPN Project" "c:

\windows\system32\drivers\tap0901.sys"
+ "USBAAPL64" "Apple Mobile Device USB Driver" "Apple, Inc." "c:\windows

\system32\drivers\usbaapl64.sys"
+ "VClone" "VirtualCloneCD Driver" "Elaborate Bytes AG" "c:\windows

\system32\drivers\vclone.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc."

"c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd"

"c:\windows\system32\drivers\vsmraid.sys"
+ "WDC_SAM" "Manages WD external storage products." "Western Digital Technologies"

"c:\windows\system32\drivers\wdcsam64.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte

Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
+ "vidc.i420" "Video Codec" "Logitech Inc." "c:\windows\system32\lvcod64.dll"
+ "vidc.tscc" "TechSmith Screen Capture Codec" "TechSmith Corporation" "c:

\windows\syswow64\tsccvid64.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" ""

""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte

Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
+ "vidc.DIVX" "DivX" "DivX, Inc." "c:\windows\syswow64\divx.dll"
+ "vidc.i420" "Video Codec" "Logitech Inc." "c:\windows\syswow64\lvcodec2.dll"
+ "vidc.tscc" "TechSmith Screen Capture Codec" "TechSmith Corporation" "c:

\windows\syswow64\tsccvid.dll"
+ "vidc.XVID" "" "" "c:\windows\syswow64\xvidvfw.dll"
+ "vidc.yv12" "DivX" "DivX, Inc." "c:\windows\syswow64\divx.dll"
"HKLM\Software\Classes\Filter" "" "" ""
+ "iZotope Consumer Restoration" "iZotope Consumer Restoration" "iZotope, Inc."

"c:\program files (x86)\common files\techsmith shared\izotope

\izotope_consumerrestoration.dll"
+ "iZotope Vocal Enhancement" "iZotope Vocal Enhancement" "iZotope, Inc." "c:

\program files (x86)\common files\techsmith shared\izotope\izotope_vocalenhancement.dll"
+ "LAME Audio Encoder" "LAME Audio Encoder" "" "c:\program files (x86)\techsmith

\camtasia studio 7\lame_dshow.ax"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance"

"" "" ""
+ "AC3Filter" "ac3filter" "" "c:\windows\syswow64\ac3filter.ax"
+ "Audible Words Codec" "Audible Audio Files DirectShow Source Filter" "Audible, Inc."

"c:\windows\syswow64\awrdscdc.ax"
+ "Audio Destination" "WAVDest Filter (Sample)" "Microsoft Corporation" "c:

\program files (x86)\google\google earth\client\wavdest.ax"
+ "Audio Grabber" "" "" "c:\program files (x86)\photodex\proshowproducer

\audiograbber.ax"
+ "Capture File Writer" "Windows Live Video Acquisition Filters" "Microsoft

Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "CyberLink Audio Decoder (PDVD10)" "CyberLink Audio Decoder Filter" "CyberLink

Corp." "c:\program files (x86)\cyberlink\powerdvd10\audiofilter\claud.ax"
+ "CyberLink Audio Effect (PDVD10)" "CyberLink Audio Effect Filter" "CyberLink

Corporation" "c:\program files (x86)\cyberlink\powerdvd10\audiofilter\claudfx.ax"
+ "CyberLink Audio Wizard" "CyberLink Audio Wizard Filter" "CyberLink Corp."

"c:\program files (x86)\cyberlink\powerdvd10\audiofilter\claudwizard.ax"
+ "CyberLink AudioCD Filter (PDVD10)" "CyberLink AudioCD Filter" "CyberLink Corp."

"c:\program files (x86)\cyberlink\powerdvd10\audiofilter\claudiocd.ax"
+ "Cyberlink Demuxer 2.0 (PDVD10)" "CLDemuxer2" "Cyberlink" "c:\program files

(x86)\cyberlink\powerdvd10\navfilter\cldemuxer2.ax"
+ "CyberLink Digest Filter (PDVD10)" "DigestFilter Dynamic Link Library" ""

"c:\program files (x86)\cyberlink\powerdvd10\digestfilter.dll"
+ "CyberLink DVD Navigator (PDVD10)" "CyberLink DVD Navigation Filter" "CyberLink

Corp." "c:\program files (x86)\cyberlink\powerdvd10\navfilter\clnavx.ax"
+ "CyberLink FLV Splitter(PDVD10)" "CyberLink FLV Splitter" "CyberLink Corp."

"c:\program files (x86)\cyberlink\powerdvd10\navfilter\clflvsplitter.ax"
+ "CyberLink HAM Decoder (PDVD10)" "CyberLink 264 Decoder Filter" "CyberLink Corp."

"c:\program files (x86)\cyberlink\powerdvd10\videofilter\clcvd.ax"
+ "CyberLink HD/BD Mixer (PDVD10)" "CLHBMixer" " " "c:\program files

(x86)\cyberlink\powerdvd10\audiofilter\clhbmixer.ax"
+ "CyberLink Line21 Decoder (PDVD10)" "CyberLink Line21 Decoder Filter" "CyberLink

Corp." "c:\program files (x86)\cyberlink\powerdvd10\videofilter\clline21.ax"
+ "CyberLink Matroska Splitter(PDVD10)" "CyberLink Matroska Splitter" "CyberLink Corp."

"c:\program files (x86)\cyberlink\powerdvd10\navfilter\clmkvsplter.ax"
+ "CyberLink MPEG Splitter" "CyberLink MPEG Splitter" "CyberLink Corp."

"c:\program files (x86)\cyberlink\powerdvd10\navfilter\clsplter.ax"
+ "CyberLink MPEG-4 Splitter (PDVD10)" "CyberLink MPEG-4 Splitter" "CyberLink Corp."

"c:\program files (x86)\cyberlink\powerdvd10\navfilter\clm4splt.ax"
+ "CyberLink RealAudio Decoder(PDVD10)" "CyberLink RealMedia Audio Decoder" "CyberLink

Corp." "c:\program files (x86)\cyberlink\powerdvd10\audiofilter\clrmaud.ax"
+ "CyberLink RealMedia Splitter(PDVD10)" "CyberLink RealMedia Splitter" "CyberLink

Corp." "c:\program files (x86)\cyberlink\powerdvd10\navfilter\clrmsplitter.ax"
+ "CyberLink RealVideo Decoder(PDVD10)" "CyberLink RealMedia Video Decoder" "CyberLink

Corp." "c:\program files (x86)\cyberlink\powerdvd10\videofilter\clrmvd.ax"
+ "Cyberlink SubTitle Importor (PDVD10)" "CLSubTitle.ax" "CyberLink Corp."

"c:\program files (x86)\cyberlink\powerdvd10\videofilter\clsubtitle.ax"
+ "Cyberlink SubTitle Importor 2.0 (PDVD10)" "CLSubTitle.ax" "CyberLink Corp."

"c:\program files (x86)\cyberlink\powerdvd10\videofilter\clsubtitle.ax"
+ "CyberLink TimeStretch Filter (PDVD10)" "CLAuTS.ax" "CyberLink Corp."

"c:\program files (x86)\cyberlink\powerdvd10\audiofilter\clauts.ax"
+ "CyberLink Tzan Filter (PDVD10)" "Cyberlink Tzan Filter" "CyberLink Corp."

"c:\program files (x86)\cyberlink\powerdvd10\videofilter\cltzan.ax"
+ "CyberLink Video Decoder (PDVD10)" "CyberLink 264 Decoder Filter" "CyberLink Corp."

"c:\program files (x86)\cyberlink\powerdvd10\videofilter\clcvd.ax"
+ "CyberLink Video/SP Decoder (PDVD10)" "CyberLink Video/SP Filter" "CyberLink Corp."

"c:\program files (x86)\cyberlink\powerdvd10\videofilter\clvsd.ax"
+ "DivX AAC Decoder" "AAC audio decoder filter" "DivX, Inc." "c:\program files

(x86)\divx\divx plus directshow filters\daac.ax"
+ "DivX Decoder Filter" "DivX Decoder Filter" "DivX, Inc." "c:\program files

(x86)\divx\divx codec\divxdec.ax"
+ "DivX Demux Filter" "DivX Plus DMF Navigator Filter" "DivX, Inc." "c:

\program files (x86)\divx\divx plus directshow filters\directshowdemuxfilter.dll"
+ "DivX Demux Filter (Unrestricted Edition)" "DivX Plus DMF Navigator Filter"

"DivX, Inc." "c:\program files (x86)\divx\divx plus directshow filters

\directshowdemuxfilter.dll"
+ "DivX H.264 Decoder" "DivX H.264 Decoder Filter" "DivX, Inc." "c:\program files

(x86)\divx\divx plus directshow filters\divxdech264.ax"
+ "Dump" "SelfMusicVideo Dump Filter (DShow)" "ENJsoft Corporation" "c:

\windows\syswow64\tg_dump.dll"
+ "GPL MPEG-1/2 Decoder" "GPL MPEG-1/2 Decoder Filter for DirectShow" "Peter

Wimmer, Gabest" "c:\program files (x86)\mediaplayer lite\gplmpgdec.ax"
+ "LAME Audio Encoder" "LAME Audio Encoder" "" "c:\program files (x86)\techsmith

\camtasia studio 7\lame_dshow.ax"
+ "MACSReaderMP3 Filter" "MACSReaderMP3 Filter" "" "c:\program files

(x86)\samsung\emodio\macsreaderavi.ax"
+ "MusicCity MPEG Splitter" "PCube MPEG Splitter Filter" "© MusicCity" "c:

\windows\syswow64\muzmpgsp.ax"
+ "MusicCity OGG Splitter" "OGG Splitter" "© PeeringPortal" "c:\windows

\syswow64\muzoggsp.ax"
+ "NEDFilter4Samsung Filter" "MACSReaderMP3 Filter" "L544™ Technology" "c:

\program files (x86)\samsung\emodio\nedfilter4samsung.ax"
+ "Ogg Multiplexer" "Ogg DirectShow™ Filter Collection" "" "c:\windows

\syswow64\oggds.dll"
+ "Ogg Splitter" "Ogg DirectShow™ Filter Collection" "" "c:\windows

\syswow64\oggds.dll"
+ "P3Audio" "PCube Audio Decoder Filter" "© MusicCity" "c:\windows

\syswow64\muzdecode.ax"
+ "P3AudioEffect" "P3AudioEffect Filter" "© MUSICCITY" "c:\windows

\syswow64\muzeffect.ax"
+ "P3MP4Splitter" "P3MP4Splitter Filter" "© MusicCity" "c:\windows

\syswow64\muzmp4sp.ax"
+ "P3Sourcer" "AOD Sourcer Filter" "Musiccity Co.Ltd." "c:\windows

\syswow64\muzaf1.dll"
+ "P3WMTSplitter" "P3WMTSplitter Filter" " © MusicCity" "c:\windows

\syswow64\muzwmts.dll"
+ "Photodex NULL renderer" "" "" "c:\program files (x86)\photodex

\proshowproducer\nullfilter.ax"
+ "Record Queue" "Windows Live Video Acquisition Filters" "Microsoft

Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "SelfMusicVideo Dump Filter" "SelfMusicVideo Dump Filter (DShow)" "ENJsoft

Corporation" "c:\windows\syswow64\tg_dump0708.dll"
+ "SpatialStereo Filter" "" "" "c:\program files (x86)\samsung\emodio

\3daudio.ax"
+ "TechSmith Camera Adjust" "Camtasia Studio DirectShow Filters" "TechSmith

Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith File Source" "Camtasia Studio DirectShow Filters" "TechSmith

Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith Floating Point Wave Filter" "Camtasia Studio DirectShow Filters"

"TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio

7\camtasiafilters.dll"
+ "TechSmith Flv Key Frame Setter" "Camtasia Studio DirectShow Filters" "TechSmith

Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith Force Color32A" "Camtasia Studio DirectShow Filters" "TechSmith

Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith ForceColor 24" "Camtasia Studio DirectShow Filters" "TechSmith

Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith ForceColor 32" "Camtasia Studio DirectShow Filters" "TechSmith

Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith ForceColor 555" "Camtasia Studio DirectShow Filters" "TechSmith

Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith ForceColor 565" "Camtasia Studio DirectShow Filters" "TechSmith

Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith ForceColor 8" "Camtasia Studio DirectShow Filters" "TechSmith

Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith Frame Rate Tuner" "Camtasia Studio DirectShow Filters" "TechSmith

Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith Frame Skip Filter" "Camtasia Studio DirectShow Filters" "TechSmith

Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith Image Source" "Camtasia Studio DirectShow Filters" "TechSmith

Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith Overlay" "Camtasia Studio DirectShow Filters" "TechSmith Corporation"

"c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith Perf Skip Filter" "Camtasia Studio DirectShow Filters" "TechSmith

Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith PushBitmap Source" "Camtasia Studio DirectShow Filters" "TechSmith

Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith PushBitmap Source" "Camtasia Studio DirectShow Filters" "TechSmith

Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith PushVMR Source" "Camtasia Studio DirectShow Filters" "TechSmith

Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "Techsmith Quicktime MOV Source" "Camtasia Studio DirectShow Filters" "TechSmith

Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith Simple PIP" "Camtasia Studio DirectShow Filters" "TechSmith

Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith SimplePushBitmap Source" "Camtasia Studio DirectShow Filters" "TechSmith

Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith Sound Effects Filter" "Camtasia Studio DirectShow Filters" "TechSmith

Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith Splitter Filter" "Camtasia Studio DirectShow Filters" "TechSmith

Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "Techsmith Structured Storage Writer" "Camtasia Studio DirectShow Filters" "TechSmith

Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith SWF Writer" "Camtasia Studio DirectShow Filters" "TechSmith

Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith Time Adjust" "Camtasia Studio DirectShow Filters" "TechSmith

Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith Title Source" "Camtasia Studio DirectShow Filters" "TechSmith

Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith Wave Buffer" "Camtasia Studio DirectShow Filters" "TechSmith

Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith Wave Dest" "Camtasia Studio DirectShow Filters" "TechSmith Corporation"

"c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith WMFSDK Writer" "Camtasia Studio DirectShow Filters" "TechSmith

Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith ZoomPIP Filter" "Camtasia Studio DirectShow Filters" "TechSmith

Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "Video Grabber" "" "" "c:\program files (x86)\photodex\proshowproducer

\grabfilt.ax"
+ "Video Grabber" "" "" "c:\program files (x86)\photodex\proshowproducer

\videograbber.ax"
+ "Vorbis Decoder" "Ogg DirectShow™ Filter Collection" "" "c:\windows

\syswow64\oggds.dll"
+ "Vorbis Encoder" "Ogg DirectShow™ Filter Collection" "" "c:\windows

\syswow64\oggds.dll"
+ "WM VIH2 Fix" "Windows Live Video Acquisition Filters" "Microsoft Corporation"

"c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT DV Extract Filter" "Windows Live Video Acquisition Filters" "Microsoft

Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter" "Windows Live Video Acquisition Filters" "Microsoft

Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter" "Windows Live Video Acquisition Filters" "Microsoft

Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer" "Windows Live Video Acquisition Filters" "Microsoft

Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source" "Windows Live Video Acquisition Filters" "Microsoft

Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "Xvid MPEG-4 Video Decoder" "" "" "c:\windows\syswow64\xvid.ax"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" ""

"" ""
+ "WLIDCredentialProvider" "Microsoft® Windows Live ID Credential Provider"

"Microsoft Corp." "c:\program files\common files\microsoft shared\windows live

\wlidcredprov.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "igfxcui" "igfxdev Module" "Intel Corporation" "c:\windows

\system32\igfxdev.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters

\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files

(x86)\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft

Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp."

"c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters

\NameSpace_Catalog5\Catalog_Entries64" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour

\mdnsnsp.dll"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft

Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp."

"c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "PCL hpf3l02t" "LanguageMonitor" "Hewlett-Packard Company" "c:

\windows\system32\hpf3l02t.dll"
+ "PDF-XChange" "PDF-XChange Port Monitor" "Tracker Software" "c:\windows

\system32\pxc35pm.dll"

============================================================================================================================================================================================================================================

Thanks

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:11 PM

Posted 17 January 2013 - 03:23 PM

Still issues?

#7 learnin2013

learnin2013
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:01:11 PM

Posted 17 January 2013 - 03:26 PM

I still have the "Browse to Save" pop-up ads

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:11 PM

Posted 17 January 2013 - 03:27 PM

Browser?

#9 learnin2013

learnin2013
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:01:11 PM

Posted 17 January 2013 - 03:31 PM

Chrome and Firefox. I do not use IE.

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:11 PM

Posted 17 January 2013 - 03:35 PM

Try this

Export your bookmarks from firefox

http://support.mozilla.org/en-US/kb/export-firefox-bookmarks-to-backup-or-transfer

After exporting it

Uninstall firefox

Makesure to checkmark Remove my personal data option

Reinstall firefox and import your bookmarks

Export bookmarks from google chrome using this guide

http://support.google.com/chrome/bin/answer.py?hl=en&answer=96816

Uninstall google chrome,make sure to checkmark Also delete browsing data option

Reinstall chrome and check your web pages.

Let me know how it goes.

#11 learnin2013

learnin2013
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:01:11 PM

Posted 17 January 2013 - 10:46 PM

Firefox appears to be clean now.

Chrome loaded up with a "Whitesmoke" toolbar. Still has the "Browse to Save" pop-up ads.

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:11 PM

Posted 18 January 2013 - 09:49 AM

Check this page

http://support.google.com/chrome/bin/answer.py?hl=en&answer=113907

Do not remove the chrome extensions,just disable one by one and see which one is causing the pop up ad.Remove the one causing it.

#13 learnin2013

learnin2013
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:01:11 PM

Posted 18 January 2013 - 10:32 AM

I removed that extension. Did another reboot.

Looks like system if finally clean!

Thanks!

#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:11 PM

Posted 18 January 2013 - 10:35 AM

Good work

Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

XP- http://support.microsoft.com/kb/310405

Vista & windows 7- http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing :)

#15 learnin2013

learnin2013
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:01:11 PM

Posted 18 January 2013 - 11:14 AM

Done. Thank you.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users