Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

System Restore does not work


  • Please log in to reply
16 replies to this topic

#1 Steampunk

Steampunk

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:01:54 AM

Posted 21 January 2013 - 08:30 AM

Hi,
this is my first post here.
I have Avast AV. It seems that either trojan or MBAM deleted some Windows 7 x64 (see my system specs) System files on my PC.
Upon checking Windows Update, I was notified that the service is not running. In addition, Windows Security Center Service was turned off and couldn't have been turned on.

I spent a couple of days Googling for solutions and finally succeeded in restoring BITS, WSCS and Volume Shadow Copies services. After that, I was able to download and install Win Updates, but System Restore still does not work:
"SR did not complete successfully...etc...An unspecified error occurred during System Restore. (0x80071a90) "

I must stress that restore point can be made, but restoring can not be performed.
I tried to start System Restore in Services but to no avail: "Windows could not start the System Restore Service on Local Computer. Error 126: the specified module could not be found"

Besides, when I reboot, I got message: "Error in srclient.dll. Missing entry CreateFirstRunRP"

I tried to reinstall SR using the command line:
rundll32.exe advpack.dll,LaunchINFSection %Windir%\Inf\sr.inf

but I couldn't do that, since it seems that several files were missing (I was asked for those): sr.inf, sr.sys, srsvc.dll, srrstr.dll, filelist.xml, rstrui.exe, srdiag.exe, srframe.mmf...
I tried to copy those files from another system (with the same OS), but to no avail, since sr.sys could not be found neither there nor on installation disk.
I performed sfc several times in a row, but it found nothing. MBAM also found nothing.
This problem could be solved by reinstalling Windows, but I would like to avoid that, if possible.

Any advice as to how to make System Restore work? Thanks in advance.

My system:
OS Windows 7 Ultimate x64
CPU Intel Core2 Quad CPU Q6600 @ 2.4 GHz
Motherboard ASUS P5K Premium
Memory 4 GB
Graphics Card ATI Radeon HD 3800

Attached Files



BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:54 PM

Posted 21 January 2013 - 12:28 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 Steampunk

Steampunk
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:01:54 AM

Posted 22 January 2013 - 08:44 AM

I did as you said. Attaching files are not enabled so I'll upload long logs:

TDTS:
13:16:04.0718 4920 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
13:16:04.0948 4920 ============================================================
13:16:04.0948 4920 Current date / time: 2013/01/22 13:16:04.0948
13:16:04.0948 4920 SystemInfo:
13:16:04.0948 4920
13:16:04.0948 4920 OS Version: 6.1.7601 ServicePack: 1.0
13:16:04.0948 4920 Product type: Workstation
13:16:04.0948 4920 ComputerName:
13:16:04.0948 4920 UserName:
13:16:04.0948 4920 Windows directory: C:\Windows
13:16:04.0948 4920 System windows directory: C:\Windows
13:16:04.0948 4920 Running under WOW64
13:16:04.0948 4920 Processor architecture: Intel x64
13:16:04.0948 4920 Number of processors: 4
13:16:04.0948 4920 Page size: 0x1000
13:16:04.0948 4920 Boot type: Normal boot
13:16:04.0948 4920 ============================================================
13:16:06.0168 4920 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:16:06.0178 4920 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:16:06.0188 4920 ============================================================
13:16:06.0188 4920 \Device\Harddisk0\DR0:
13:16:06.0188 4920 MBR partitions:
13:16:06.0188 4920 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x12A14BC1
13:16:06.0188 4920 \Device\Harddisk1\DR1:
13:16:06.0188 4920 MBR partitions:
13:16:06.0188 4920 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1D1C0681
13:16:06.0208 4920 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x1D1C06FF, BlocksNum 0x1D1C0681
13:16:06.0208 4920 ============================================================
13:16:06.0228 4920 C: <-> \Device\Harddisk0\DR0\Partition1
13:16:06.0278 4920 D: <-> \Device\Harddisk1\DR1\Partition1
13:16:06.0328 4920 E: <-> \Device\Harddisk1\DR1\Partition2
13:16:06.0368 4920 ============================================================
13:16:06.0368 4920 Initialize success
13:16:06.0368 4920 ============================================================
13:16:51.0018 4376 ============================================================
13:16:51.0018 4376 Scan started
13:16:51.0018 4376 Mode: Manual; TDLFS;
13:16:51.0018 4376 ============================================================
13:16:52.0618 4376 ================ Scan system memory ========================
13:16:52.0618 4376 System memory - ok
13:16:52.0628 4376 ================ Scan services =============================
13:16:52.0828 4376 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
13:16:52.0838 4376 1394ohci - ok
13:16:52.0888 4376 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
13:16:52.0888 4376 ACPI - ok
13:16:52.0918 4376 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
13:16:52.0918 4376 AcpiPmi - ok
13:16:53.0078 4376 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
13:16:53.0078 4376 AdobeARMservice - ok
13:16:53.0208 4376 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
13:16:53.0218 4376 AdobeFlashPlayerUpdateSvc - ok
13:16:53.0248 4376 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
13:16:53.0258 4376 adp94xx - ok
13:16:53.0298 4376 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
13:16:53.0308 4376 adpahci - ok
13:16:53.0328 4376 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
13:16:53.0328 4376 adpu320 - ok
13:16:53.0368 4376 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
13:16:53.0368 4376 AeLookupSvc - ok
13:16:53.0418 4376 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
13:16:53.0428 4376 AFD - ok
13:16:53.0448 4376 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
13:16:53.0458 4376 agp440 - ok
13:16:53.0478 4376 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
13:16:53.0478 4376 ALG - ok
13:16:53.0498 4376 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
13:16:53.0498 4376 aliide - ok
13:16:53.0548 4376 [ E20DDDFBD0DBE7D8EAD4D7A51D654367 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
13:16:53.0548 4376 AMD External Events Utility - ok
13:16:53.0568 4376 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
13:16:53.0568 4376 amdide - ok
13:16:53.0598 4376 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
13:16:53.0598 4376 AmdK8 - ok
13:16:53.0838 4376 [ 4284FB1240537A33E6EC417EFD87D40F ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
13:16:54.0088 4376 amdkmdag - ok
13:16:54.0138 4376 [ 6C25C497E05EFD0CB6033A0444FC9B51 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
13:16:54.0148 4376 amdkmdap - ok
13:16:54.0178 4376 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
13:16:54.0178 4376 AmdPPM - ok
13:16:54.0218 4376 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
13:16:54.0218 4376 amdsata - ok
13:16:54.0238 4376 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
13:16:54.0238 4376 amdsbs - ok
13:16:54.0258 4376 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
13:16:54.0258 4376 amdxata - ok
13:16:54.0298 4376 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
13:16:54.0298 4376 AppID - ok
13:16:54.0318 4376 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
13:16:54.0318 4376 AppIDSvc - ok
13:16:54.0358 4376 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
13:16:54.0358 4376 Appinfo - ok
13:16:54.0388 4376 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
13:16:54.0398 4376 AppMgmt - ok
13:16:54.0418 4376 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
13:16:54.0418 4376 arc - ok
13:16:54.0438 4376 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
13:16:54.0438 4376 arcsas - ok
13:16:54.0558 4376 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
13:16:54.0578 4376 aspnet_state - ok
13:16:54.0628 4376 [ 4FCAEF0C5BE7629AEB878998E0FE959B ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
13:16:54.0628 4376 aswFsBlk - ok
13:16:54.0698 4376 [ B50CDD87772D6A11CB90924AAD399DF8 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
13:16:54.0698 4376 aswMonFlt - ok
13:16:54.0708 4376 [ 57768C7DB4681F2510F247F82EF31D4F ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
13:16:54.0708 4376 aswRdr - ok
13:16:54.0748 4376 [ E71D826A1F3CE9C9DE3E77F2D02AFFBF ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
13:16:54.0758 4376 aswSnx - ok
13:16:54.0798 4376 [ 538A32E2C99BF073D4CA76C30BEDAA60 ] aswSP C:\Windows\system32\drivers\aswSP.sys
13:16:54.0808 4376 aswSP - ok
13:16:54.0828 4376 [ 6EDC79D73745FD44C41B55B2D13D0B70 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
13:16:54.0828 4376 aswTdi - ok
13:16:54.0858 4376 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
13:16:54.0858 4376 AsyncMac - ok
13:16:54.0888 4376 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
13:16:54.0888 4376 atapi - ok
13:16:54.0948 4376 [ 24464B908E143D2561E9E452FEE97309 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
13:16:54.0948 4376 AtiHDAudioService - ok
13:16:55.0188 4376 [ 4284FB1240537A33E6EC417EFD87D40F ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
13:16:55.0248 4376 atikmdag - ok
13:16:55.0308 4376 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:16:55.0318 4376 AudioEndpointBuilder - ok
13:16:55.0328 4376 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
13:16:55.0338 4376 AudioSrv - ok
13:16:55.0438 4376 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
13:16:55.0438 4376 avast! Antivirus - ok
13:16:55.0478 4376 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
13:16:55.0488 4376 AxInstSV - ok
13:16:55.0528 4376 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
13:16:55.0538 4376 b06bdrv - ok
13:16:55.0568 4376 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
13:16:55.0578 4376 b57nd60a - ok
13:16:55.0598 4376 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
13:16:55.0598 4376 BDESVC - ok
13:16:55.0618 4376 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
13:16:55.0618 4376 Beep - ok
13:16:55.0688 4376 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
13:16:55.0708 4376 BFE - ok
13:16:55.0778 4376 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
13:16:55.0808 4376 BITS - ok
13:16:55.0848 4376 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
13:16:55.0848 4376 blbdrive - ok
13:16:55.0938 4376 [ 73686FE0B2E0469F89FD2075BE724704 ] Bonjour Service C:\Program Files (x86)\Extensis\Extensis Suitcase 11\Bonjour\mDNSResponder.exe
13:16:55.0948 4376 Bonjour Service - ok
13:16:55.0988 4376 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
13:16:55.0988 4376 bowser - ok
13:16:56.0008 4376 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
13:16:56.0008 4376 BrFiltLo - ok
13:16:56.0028 4376 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
13:16:56.0028 4376 BrFiltUp - ok
13:16:56.0058 4376 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
13:16:56.0058 4376 Browser - ok
13:16:56.0088 4376 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
13:16:56.0088 4376 Brserid - ok
13:16:56.0108 4376 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
13:16:56.0108 4376 BrSerWdm - ok
13:16:56.0118 4376 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
13:16:56.0118 4376 BrUsbMdm - ok
13:16:56.0118 4376 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
13:16:56.0128 4376 BrUsbSer - ok
13:16:56.0138 4376 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
13:16:56.0148 4376 BTHMODEM - ok
13:16:56.0178 4376 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
13:16:56.0178 4376 bthserv - ok
13:16:56.0218 4376 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
13:16:56.0228 4376 cdfs - ok
13:16:56.0258 4376 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
13:16:56.0268 4376 cdrom - ok
13:16:56.0298 4376 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
13:16:56.0298 4376 CertPropSvc - ok
13:16:56.0328 4376 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
13:16:56.0328 4376 circlass - ok
13:16:56.0348 4376 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
13:16:56.0358 4376 CLFS - ok
13:16:56.0428 4376 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:16:56.0438 4376 clr_optimization_v2.0.50727_32 - ok
13:16:56.0488 4376 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:16:56.0498 4376 clr_optimization_v2.0.50727_64 - ok
13:16:56.0558 4376 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:16:56.0668 4376 clr_optimization_v4.0.30319_32 - ok
13:16:56.0688 4376 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:16:56.0688 4376 clr_optimization_v4.0.30319_64 - ok
13:16:56.0728 4376 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
13:16:56.0728 4376 CmBatt - ok
13:16:56.0748 4376 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
13:16:56.0748 4376 cmdide - ok
13:16:56.0788 4376 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
13:16:56.0788 4376 CNG - ok
13:16:56.0818 4376 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
13:16:56.0828 4376 Compbatt - ok
13:16:56.0848 4376 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
13:16:56.0848 4376 CompositeBus - ok
13:16:56.0858 4376 COMSysApp - ok
13:16:56.0898 4376 [ 75DBD5DB9892D7451D0429BEC1AABE1A ] cpuz135 C:\Windows\system32\drivers\cpuz135_x64.sys
13:16:56.0898 4376 cpuz135 - ok
13:16:56.0918 4376 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
13:16:56.0918 4376 crcdisk - ok
13:16:56.0978 4376 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
13:16:56.0978 4376 CryptSvc - ok
13:16:57.0018 4376 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
13:16:57.0028 4376 CSC - ok
13:16:57.0068 4376 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
13:16:57.0078 4376 CscService - ok
13:16:57.0118 4376 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
13:16:57.0128 4376 DcomLaunch - ok
13:16:57.0168 4376 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
13:16:57.0178 4376 defragsvc - ok
13:16:57.0208 4376 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
13:16:57.0208 4376 DfsC - ok
13:16:57.0238 4376 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
13:16:57.0248 4376 Dhcp - ok
13:16:57.0248 4376 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
13:16:57.0258 4376 discache - ok
13:16:57.0288 4376 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
13:16:57.0288 4376 Disk - ok
13:16:57.0318 4376 [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
13:16:57.0318 4376 dmvsc - ok
13:16:57.0348 4376 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
13:16:57.0348 4376 Dnscache - ok
13:16:57.0368 4376 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
13:16:57.0368 4376 dot3svc - ok
13:16:57.0388 4376 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
13:16:57.0388 4376 DPS - ok
13:16:57.0428 4376 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
13:16:57.0428 4376 drmkaud - ok
13:16:57.0468 4376 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
13:16:57.0478 4376 DXGKrnl - ok
13:16:57.0498 4376 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
13:16:57.0508 4376 EapHost - ok
13:16:57.0588 4376 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
13:16:57.0628 4376 ebdrv - ok
13:16:57.0668 4376 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
13:16:57.0668 4376 EFS - ok
13:16:57.0738 4376 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
13:16:57.0748 4376 ehRecvr - ok
13:16:57.0758 4376 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
13:16:57.0768 4376 ehSched - ok
13:16:57.0808 4376 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
13:16:57.0818 4376 elxstor - ok
13:16:57.0838 4376 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
13:16:57.0838 4376 ErrDev - ok
13:16:57.0908 4376 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
13:16:57.0918 4376 EventSystem - ok
13:16:57.0938 4376 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
13:16:57.0938 4376 exfat - ok
13:16:57.0968 4376 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
13:16:57.0968 4376 fastfat - ok
13:16:58.0028 4376 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
13:16:58.0038 4376 Fax - ok
13:16:58.0058 4376 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
13:16:58.0058 4376 fdc - ok
13:16:58.0068 4376 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
13:16:58.0068 4376 fdPHost - ok
13:16:58.0078 4376 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
13:16:58.0088 4376 FDResPub - ok
13:16:58.0098 4376 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
13:16:58.0098 4376 FileInfo - ok
13:16:58.0108 4376 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
13:16:58.0108 4376 Filetrace - ok
13:16:58.0118 4376 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
13:16:58.0128 4376 flpydisk - ok
13:16:58.0148 4376 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
13:16:58.0148 4376 FltMgr - ok
13:16:58.0188 4376 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
13:16:58.0198 4376 FontCache - ok
13:16:58.0278 4376 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:16:58.0278 4376 FontCache3.0.0.0 - ok
13:16:58.0298 4376 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
13:16:58.0298 4376 FsDepends - ok
13:16:58.0318 4376 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
13:16:58.0318 4376 Fs_Rec - ok
13:16:58.0348 4376 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
13:16:58.0348 4376 fvevol - ok
13:16:58.0388 4376 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
13:16:58.0388 4376 gagp30kx - ok
13:16:58.0428 4376 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
13:16:58.0438 4376 gpsvc - ok
13:16:58.0498 4376 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:16:58.0508 4376 gupdate - ok
13:16:58.0528 4376 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:16:58.0528 4376 gupdatem - ok
13:16:58.0538 4376 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
13:16:58.0538 4376 hcw85cir - ok
13:16:58.0588 4376 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:16:58.0598 4376 HdAudAddService - ok
13:16:58.0628 4376 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
13:16:58.0628 4376 HDAudBus - ok
13:16:58.0638 4376 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
13:16:58.0648 4376 HidBatt - ok
13:16:58.0668 4376 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
13:16:58.0668 4376 HidBth - ok
13:16:58.0668 4376 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
13:16:58.0678 4376 HidIr - ok
13:16:58.0708 4376 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
13:16:58.0708 4376 hidserv - ok
13:16:58.0728 4376 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
13:16:58.0728 4376 HidUsb - ok
13:16:58.0768 4376 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
13:16:58.0768 4376 hkmsvc - ok
13:16:58.0788 4376 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
13:16:58.0798 4376 HomeGroupListener - ok
13:16:58.0838 4376 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
13:16:58.0838 4376 HomeGroupProvider - ok
13:16:58.0878 4376 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
13:16:58.0878 4376 HpSAMD - ok
13:16:58.0918 4376 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
13:16:58.0928 4376 HTTP - ok
13:16:58.0948 4376 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
13:16:58.0948 4376 hwpolicy - ok
13:16:58.0978 4376 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
13:16:58.0978 4376 i8042prt - ok
13:16:59.0028 4376 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
13:16:59.0028 4376 iaStorV - ok
13:16:59.0098 4376 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:16:59.0108 4376 idsvc - ok
13:16:59.0128 4376 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
13:16:59.0128 4376 iirsp - ok
13:16:59.0188 4376 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
13:16:59.0208 4376 IKEEXT - ok
13:16:59.0228 4376 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
13:16:59.0228 4376 intelide - ok
13:16:59.0258 4376 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
13:16:59.0258 4376 intelppm - ok
13:16:59.0268 4376 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
13:16:59.0278 4376 IPBusEnum - ok
13:16:59.0278 4376 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:16:59.0278 4376 IpFilterDriver - ok
13:16:59.0358 4376 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
13:16:59.0358 4376 iphlpsvc - ok
13:16:59.0378 4376 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
13:16:59.0388 4376 IPMIDRV - ok
13:16:59.0408 4376 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
13:16:59.0408 4376 IPNAT - ok
13:16:59.0418 4376 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
13:16:59.0428 4376 IRENUM - ok
13:16:59.0428 4376 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
13:16:59.0428 4376 isapnp - ok
13:16:59.0458 4376 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
13:16:59.0458 4376 iScsiPrt - ok
13:16:59.0478 4376 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
13:16:59.0478 4376 kbdclass - ok
13:16:59.0498 4376 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
13:16:59.0508 4376 kbdhid - ok
13:16:59.0518 4376 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
13:16:59.0518 4376 KeyIso - ok
13:16:59.0568 4376 [ 6A86006A96B26CDE83E0FD74855EAC42 ] KeyMaestro C:\Windows\system32\drivers\Maestro2.sys
13:16:59.0568 4376 KeyMaestro - ok
13:16:59.0588 4376 KMService - ok
13:16:59.0618 4376 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
13:16:59.0618 4376 KSecDD - ok
13:16:59.0658 4376 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
13:16:59.0658 4376 KSecPkg - ok
13:16:59.0678 4376 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
13:16:59.0678 4376 ksthunk - ok
13:16:59.0738 4376 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
13:16:59.0758 4376 KtmRm - ok
13:16:59.0808 4376 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
13:16:59.0818 4376 LanmanServer - ok
13:16:59.0858 4376 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:16:59.0868 4376 LanmanWorkstation - ok
13:16:59.0898 4376 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
13:16:59.0898 4376 lltdio - ok
13:16:59.0948 4376 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
13:16:59.0948 4376 lltdsvc - ok
13:16:59.0968 4376 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
13:16:59.0968 4376 lmhosts - ok
13:17:00.0008 4376 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
13:17:00.0008 4376 LSI_FC - ok
13:17:00.0018 4376 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
13:17:00.0018 4376 LSI_SAS - ok
13:17:00.0028 4376 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
13:17:00.0028 4376 LSI_SAS2 - ok
13:17:00.0028 4376 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
13:17:00.0038 4376 LSI_SCSI - ok
13:17:00.0068 4376 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
13:17:00.0068 4376 luafv - ok
13:17:00.0088 4376 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
13:17:00.0088 4376 Mcx2Svc - ok
13:17:00.0098 4376 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
13:17:00.0098 4376 megasas - ok
13:17:00.0118 4376 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
13:17:00.0118 4376 MegaSR - ok
13:17:00.0198 4376 Microsoft SharePoint Workspace Audit Service - ok
13:17:00.0218 4376 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
13:17:00.0228 4376 MMCSS - ok
13:17:00.0238 4376 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
13:17:00.0238 4376 Modem - ok
13:17:00.0278 4376 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
13:17:00.0278 4376 monitor - ok
13:17:00.0308 4376 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
13:17:00.0308 4376 mouclass - ok
13:17:00.0338 4376 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
13:17:00.0338 4376 mouhid - ok
13:17:00.0348 4376 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
13:17:00.0348 4376 mountmgr - ok
13:17:00.0398 4376 [ 730A519505621DF46BCBF9CDAC9FB6AD ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
13:17:00.0408 4376 MozillaMaintenance - ok
13:17:00.0428 4376 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
13:17:00.0428 4376 mpio - ok
13:17:00.0438 4376 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
13:17:00.0448 4376 mpsdrv - ok
13:17:00.0518 4376 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
13:17:00.0528 4376 MpsSvc - ok
13:17:00.0548 4376 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
13:17:00.0548 4376 MRxDAV - ok
13:17:00.0578 4376 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
13:17:00.0578 4376 mrxsmb - ok
13:17:00.0618 4376 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:17:00.0618 4376 mrxsmb10 - ok
13:17:00.0658 4376 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:17:00.0658 4376 mrxsmb20 - ok
13:17:00.0678 4376 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
13:17:00.0678 4376 msahci - ok
13:17:00.0698 4376 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
13:17:00.0698 4376 msdsm - ok
13:17:00.0718 4376 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
13:17:00.0718 4376 MSDTC - ok
13:17:00.0758 4376 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
13:17:00.0758 4376 Msfs - ok
13:17:00.0768 4376 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
13:17:00.0768 4376 mshidkmdf - ok
13:17:00.0778 4376 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
13:17:00.0778 4376 msisadrv - ok
13:17:00.0818 4376 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
13:17:00.0818 4376 MSiSCSI - ok
13:17:00.0828 4376 msiserver - ok
13:17:00.0848 4376 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
13:17:00.0848 4376 MSKSSRV - ok
13:17:00.0858 4376 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
13:17:00.0858 4376 MSPCLOCK - ok
13:17:00.0858 4376 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
13:17:00.0858 4376 MSPQM - ok
13:17:00.0888 4376 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
13:17:00.0888 4376 MsRPC - ok
13:17:00.0918 4376 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
13:17:00.0918 4376 mssmbios - ok
13:17:00.0938 4376 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
13:17:00.0938 4376 MSTEE - ok
13:17:00.0948 4376 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
13:17:00.0948 4376 MTConfig - ok
13:17:00.0978 4376 [ 03B7145C889603537E9FFEABB1AD1089 ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
13:17:00.0978 4376 MTsensor - ok
13:17:00.0998 4376 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
13:17:00.0998 4376 Mup - ok
13:17:01.0038 4376 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
13:17:01.0048 4376 napagent - ok
13:17:01.0088 4376 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
13:17:01.0088 4376 NativeWifiP - ok
13:17:01.0148 4376 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
13:17:01.0158 4376 NDIS - ok
13:17:01.0178 4376 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
13:17:01.0178 4376 NdisCap - ok
13:17:01.0198 4376 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
13:17:01.0198 4376 NdisTapi - ok
13:17:01.0218 4376 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
13:17:01.0218 4376 Ndisuio - ok
13:17:01.0238 4376 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
13:17:01.0238 4376 NdisWan - ok
13:17:01.0258 4376 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
13:17:01.0258 4376 NDProxy - ok
13:17:01.0268 4376 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
13:17:01.0268 4376 NetBIOS - ok
13:17:01.0288 4376 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
13:17:01.0288 4376 NetBT - ok
13:17:01.0308 4376 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
13:17:01.0308 4376 Netlogon - ok
13:17:01.0348 4376 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
13:17:01.0358 4376 Netman - ok
13:17:01.0388 4376 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:17:01.0408 4376 NetMsmqActivator - ok
13:17:01.0408 4376 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:17:01.0418 4376 NetPipeActivator - ok
13:17:01.0438 4376 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
13:17:01.0448 4376 netprofm - ok
13:17:01.0448 4376 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:17:01.0458 4376 NetTcpActivator - ok
13:17:01.0458 4376 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:17:01.0458 4376 NetTcpPortSharing - ok
13:17:01.0488 4376 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
13:17:01.0498 4376 nfrd960 - ok
13:17:01.0518 4376 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
13:17:01.0528 4376 NlaSvc - ok
13:17:01.0618 4376 [ B1EF4686961986DFFB7FE8F18E6FCB5B ] nlsX86cc C:\Windows\SysWOW64\nlssrv32.exe
13:17:01.0628 4376 nlsX86cc - ok
13:17:01.0638 4376 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
13:17:01.0638 4376 Npfs - ok
13:17:01.0668 4376 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
13:17:01.0668 4376 nsi - ok
13:17:01.0678 4376 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
13:17:01.0688 4376 nsiproxy - ok
13:17:01.0758 4376 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
13:17:01.0788 4376 Ntfs - ok
13:17:01.0808 4376 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
13:17:01.0808 4376 Null - ok
13:17:01.0868 4376 [ C4CE4B1F065AB3F8AA3BFC2D4612AFEA ] NuTCRACKERService C:\Windows\system32\nutsrv4.exe
13:17:01.0878 4376 NuTCRACKERService - ok
13:17:01.0938 4376 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
13:17:01.0938 4376 nvraid - ok
13:17:01.0968 4376 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
13:17:01.0968 4376 nvstor - ok
13:17:01.0988 4376 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
13:17:01.0988 4376 nv_agp - ok
13:17:01.0998 4376 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
13:17:02.0008 4376 ohci1394 - ok
13:17:02.0108 4376 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:17:02.0108 4376 ose - ok
13:17:02.0298 4376 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
13:17:02.0348 4376 osppsvc - ok
13:17:02.0398 4376 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
13:17:02.0398 4376 p2pimsvc - ok
13:17:02.0438 4376 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
13:17:02.0448 4376 p2psvc - ok
13:17:02.0478 4376 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
13:17:02.0488 4376 Parport - ok
13:17:02.0518 4376 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
13:17:02.0518 4376 partmgr - ok
13:17:02.0538 4376 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
13:17:02.0538 4376 PcaSvc - ok
13:17:02.0558 4376 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
13:17:02.0568 4376 pci - ok
13:17:02.0578 4376 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
13:17:02.0578 4376 pciide - ok
13:17:02.0608 4376 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
13:17:02.0608 4376 pcmcia - ok
13:17:02.0628 4376 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
13:17:02.0628 4376 pcw - ok
13:17:02.0648 4376 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
13:17:02.0658 4376 PEAUTH - ok
13:17:02.0708 4376 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
13:17:02.0728 4376 PeerDistSvc - ok
13:17:02.0758 4376 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
13:17:02.0768 4376 PerfHost - ok
13:17:02.0808 4376 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
13:17:02.0828 4376 pla - ok
13:17:02.0888 4376 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
13:17:02.0898 4376 PlugPlay - ok
13:17:02.0918 4376 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
13:17:02.0918 4376 PNRPAutoReg - ok
13:17:02.0938 4376 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
13:17:02.0938 4376 PNRPsvc - ok
13:17:02.0978 4376 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
13:17:02.0988 4376 PolicyAgent - ok
13:17:03.0078 4376 [ 28BEA4C92A9E8A762153FCF676E709C4 ] PortmapperService C:\PTC/PTC Portmapper/i486_nt/obj/portmap.exe
13:17:03.0078 4376 Suspicious file (Hidden): C:\PTC/PTC Portmapper/i486_nt/obj/portmap.exe. md5: 28BEA4C92A9E8A762153FCF676E709C4
13:17:03.0078 4376 PortmapperService ( HiddenFile.Multi.Generic ) - warning
13:17:03.0078 4376 PortmapperService - detected HiddenFile.Multi.Generic (1)
13:17:03.0118 4376 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
13:17:03.0128 4376 Power - ok
13:17:03.0178 4376 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
13:17:03.0178 4376 PptpMiniport - ok
13:17:03.0208 4376 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
13:17:03.0208 4376 Processor - ok
13:17:03.0238 4376 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
13:17:03.0248 4376 ProfSvc - ok
13:17:03.0268 4376 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
13:17:03.0268 4376 ProtectedStorage - ok
13:17:03.0308 4376 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
13:17:03.0308 4376 Psched - ok
13:17:03.0358 4376 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
13:17:03.0378 4376 ql2300 - ok
13:17:03.0388 4376 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
13:17:03.0388 4376 ql40xx - ok
13:17:03.0418 4376 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
13:17:03.0428 4376 QWAVE - ok
13:17:03.0438 4376 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
13:17:03.0448 4376 QWAVEdrv - ok
13:17:03.0448 4376 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
13:17:03.0448 4376 RasAcd - ok
13:17:03.0488 4376 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
13:17:03.0488 4376 RasAgileVpn - ok
13:17:03.0498 4376 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
13:17:03.0498 4376 RasAuto - ok
13:17:03.0518 4376 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
13:17:03.0528 4376 Rasl2tp - ok
13:17:03.0548 4376 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
13:17:03.0548 4376 RasMan - ok
13:17:03.0568 4376 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
13:17:03.0568 4376 RasPppoe - ok
13:17:03.0598 4376 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
13:17:03.0598 4376 RasSstp - ok
13:17:03.0618 4376 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
13:17:03.0618 4376 rdbss - ok
13:17:03.0638 4376 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
13:17:03.0638 4376 rdpbus - ok
13:17:03.0648 4376 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
13:17:03.0648 4376 RDPCDD - ok
13:17:03.0678 4376 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
13:17:03.0678 4376 RDPDR - ok
13:17:03.0708 4376 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
13:17:03.0708 4376 RDPENCDD - ok
13:17:03.0728 4376 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
13:17:03.0728 4376 RDPREFMP - ok
13:17:03.0748 4376 [ 70CBA1A0C98600A2AA1863479B35CB90 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
13:17:03.0748 4376 RdpVideoMiniport - ok
13:17:03.0778 4376 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
13:17:03.0778 4376 RDPWD - ok
13:17:03.0798 4376 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
13:17:03.0808 4376 rdyboost - ok
13:17:03.0848 4376 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
13:17:03.0848 4376 RemoteAccess - ok
13:17:03.0888 4376 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
13:17:03.0898 4376 RemoteRegistry - ok
13:17:03.0918 4376 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
13:17:03.0918 4376 RpcEptMapper - ok
13:17:03.0978 4376 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
13:17:03.0978 4376 RpcLocator - ok
13:17:03.0998 4376 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
13:17:04.0008 4376 RpcSs - ok
13:17:04.0038 4376 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
13:17:04.0038 4376 rspndr - ok
13:17:04.0098 4376 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
13:17:04.0108 4376 RTL8167 - ok
13:17:04.0178 4376 [ 333224D4D25F9BCCA488E08345083E1C ] RTL8187 C:\Windows\system32\DRIVERS\rtl8187.sys
13:17:04.0178 4376 RTL8187 - ok
13:17:04.0228 4376 [ 0031DD0C5D4446DA0A3E02617DC6D642 ] s1039bus C:\Windows\system32\DRIVERS\s1039bus.sys
13:17:04.0228 4376 s1039bus - ok
13:17:04.0248 4376 [ 98C7DBE2290D8CB0235E9528F6A1A53D ] s1039mdfl C:\Windows\system32\DRIVERS\s1039mdfl.sys
13:17:04.0248 4376 s1039mdfl - ok
13:17:04.0268 4376 [ 7EF052A067D862ECD2A2335914611074 ] s1039mdm C:\Windows\system32\DRIVERS\s1039mdm.sys
13:17:04.0278 4376 s1039mdm - ok
13:17:04.0288 4376 [ BCC3F31F1FE1E78A5BA2CD6A0E44BA64 ] s1039mgmt C:\Windows\system32\DRIVERS\s1039mgmt.sys
13:17:04.0288 4376 s1039mgmt - ok
13:17:04.0318 4376 [ A0CF11BFFA41176CCD54E701CEB68921 ] s1039nd5 C:\Windows\system32\DRIVERS\s1039nd5.sys
13:17:04.0318 4376 s1039nd5 - ok
13:17:04.0338 4376 [ BD2DA968C5DCEF51BA8014FBAC7A0B6A ] s1039obex C:\Windows\system32\DRIVERS\s1039obex.sys
13:17:04.0338 4376 s1039obex - ok
13:17:04.0358 4376 [ 96B4051B65C1974258A8A33A03C0B082 ] s1039unic C:\Windows\system32\DRIVERS\s1039unic.sys
13:17:04.0358 4376 s1039unic - ok
13:17:04.0388 4376 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
13:17:04.0388 4376 s3cap - ok
13:17:04.0408 4376 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
13:17:04.0408 4376 SamSs - ok
13:17:04.0438 4376 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
13:17:04.0438 4376 sbp2port - ok
13:17:04.0528 4376 [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
13:17:04.0538 4376 SBSDWSCService - ok
13:17:04.0578 4376 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
13:17:04.0578 4376 SCardSvr - ok
13:17:04.0598 4376 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
13:17:04.0598 4376 scfilter - ok
13:17:04.0638 4376 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
13:17:04.0648 4376 Schedule - ok
13:17:04.0688 4376 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
13:17:04.0688 4376 SCPolicySvc - ok
13:17:04.0698 4376 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
13:17:04.0708 4376 SDRSVC - ok
13:17:04.0758 4376 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
13:17:04.0758 4376 secdrv - ok
13:17:04.0768 4376 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
13:17:04.0778 4376 seclogon - ok
13:17:04.0798 4376 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
13:17:04.0798 4376 SENS - ok
13:17:04.0808 4376 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
13:17:04.0818 4376 SensrSvc - ok
13:17:04.0828 4376 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
13:17:04.0828 4376 Serenum - ok
13:17:04.0848 4376 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
13:17:04.0848 4376 Serial - ok
13:17:04.0858 4376 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
13:17:04.0868 4376 sermouse - ok
13:17:04.0908 4376 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
13:17:04.0918 4376 SessionEnv - ok
13:17:04.0918 4376 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
13:17:04.0918 4376 sffdisk - ok
13:17:04.0928 4376 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
13:17:04.0928 4376 sffp_mmc - ok
13:17:04.0938 4376 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
13:17:04.0938 4376 sffp_sd - ok
13:17:04.0938 4376 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
13:17:04.0948 4376 sfloppy - ok
13:17:05.0008 4376 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
13:17:05.0018 4376 SharedAccess - ok
13:17:05.0038 4376 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:17:05.0048 4376 ShellHWDetection - ok
13:17:05.0058 4376 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
13:17:05.0068 4376 SiSRaid2 - ok
13:17:05.0078 4376 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
13:17:05.0088 4376 SiSRaid4 - ok
13:17:05.0138 4376 [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
13:17:05.0138 4376 SkypeUpdate - ok
13:17:05.0158 4376 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
13:17:05.0158 4376 Smb - ok
13:17:05.0188 4376 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
13:17:05.0198 4376 SNMPTRAP - ok
13:17:05.0208 4376 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
13:17:05.0208 4376 spldr - ok
13:17:05.0248 4376 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
13:17:05.0268 4376 Spooler - ok
13:17:05.0348 4376 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
13:17:05.0388 4376 sppsvc - ok
13:17:05.0408 4376 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
13:17:05.0418 4376 sppuinotify - ok
13:17:05.0438 4376 SR - ok
13:17:05.0448 4376 SRService - ok
13:17:05.0498 4376 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
13:17:05.0498 4376 srv - ok
13:17:05.0518 4376 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
13:17:05.0528 4376 srv2 - ok
13:17:05.0538 4376 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
13:17:05.0538 4376 srvnet - ok
13:17:05.0578 4376 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
13:17:05.0578 4376 SSDPSRV - ok
13:17:05.0598 4376 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
13:17:05.0598 4376 SstpSvc - ok
13:17:05.0638 4376 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
13:17:05.0638 4376 stexstor - ok
13:17:05.0698 4376 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
13:17:05.0708 4376 stisvc - ok
13:17:05.0728 4376 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
13:17:05.0728 4376 storflt - ok
13:17:05.0738 4376 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
13:17:05.0738 4376 storvsc - ok
13:17:05.0788 4376 [ 6F715D00024CB60C2B60278425AD6EC2 ] SWDUMon C:\Windows\system32\DRIVERS\SWDUMon.sys
13:17:05.0788 4376 SWDUMon - ok
13:17:05.0808 4376 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
13:17:05.0808 4376 swenum - ok
13:17:05.0898 4376 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
13:17:05.0898 4376 SwitchBoard - ok
13:17:05.0948 4376 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
13:17:05.0958 4376 swprv - ok
13:17:05.0988 4376 [ C3A39C4079305480972D29C44B868C78 ] Synth3dVsc C:\Windows\system32\drivers\synth3dvsc.sys
13:17:06.0008 4376 Synth3dVsc - ok
13:17:06.0058 4376 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
13:17:06.0088 4376 SysMain - ok
13:17:06.0098 4376 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:17:06.0108 4376 TabletInputService - ok
13:17:06.0118 4376 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
13:17:06.0128 4376 TapiSrv - ok
13:17:06.0148 4376 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
13:17:06.0148 4376 TBS - ok
13:17:06.0208 4376 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
13:17:06.0238 4376 Tcpip - ok
13:17:06.0268 4376 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
13:17:06.0278 4376 TCPIP6 - ok
13:17:06.0288 4376 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
13:17:06.0298 4376 tcpipreg - ok
13:17:06.0328 4376 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
13:17:06.0338 4376 TDPIPE - ok
13:17:06.0358 4376 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
13:17:06.0358 4376 TDTCP - ok
13:17:06.0378 4376 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
13:17:06.0378 4376 tdx - ok
13:17:06.0388 4376 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
13:17:06.0388 4376 TermDD - ok
13:17:06.0408 4376 [ 2B5BDFF688EC9871D7EC5837833374E9 ] terminpt C:\Windows\system32\drivers\terminpt.sys
13:17:06.0408 4376 terminpt - ok
13:17:06.0448 4376 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
13:17:06.0458 4376 TermService - ok
13:17:06.0478 4376 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
13:17:06.0478 4376 Themes - ok
13:17:06.0508 4376 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
13:17:06.0518 4376 THREADORDER - ok
13:17:06.0528 4376 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
13:17:06.0528 4376 TrkWks - ok
13:17:06.0598 4376 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:17:06.0598 4376 TrustedInstaller - ok
13:17:06.0608 4376 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
13:17:06.0618 4376 tssecsrv - ok
13:17:06.0628 4376 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
13:17:06.0628 4376 TsUsbFlt - ok
13:17:06.0628 4376 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
13:17:06.0638 4376 TsUsbGD - ok
13:17:06.0658 4376 [ E1748D04AE40118B62BC18AC86032192 ] tsusbhub C:\Windows\system32\drivers\tsusbhub.sys
13:17:06.0658 4376 tsusbhub - ok
13:17:06.0698 4376 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
13:17:06.0698 4376 tunnel - ok
13:17:06.0728 4376 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
13:17:06.0728 4376 uagp35 - ok
13:17:06.0758 4376 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
13:17:06.0758 4376 udfs - ok
13:17:06.0788 4376 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
13:17:06.0788 4376 UI0Detect - ok
13:17:06.0808 4376 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
13:17:06.0808 4376 uliagpkx - ok
13:17:06.0838 4376 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
13:17:06.0838 4376 umbus - ok
13:17:06.0838 4376 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
13:17:06.0848 4376 UmPass - ok
13:17:06.0858 4376 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
13:17:06.0868 4376 UmRdpService - ok
13:17:06.0908 4376 [ 9DC07E73A4ABB9ACF692113B36A5009F ] UnlockerDriver5 C:\Program Files\Unlocker\UnlockerDriver5.sys
13:17:06.0908 4376 UnlockerDriver5 - ok
13:17:06.0938 4376 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
13:17:06.0948 4376 upnphost - ok
13:17:06.0978 4376 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\drivers\usbccgp.sys
13:17:06.0978 4376 usbccgp - ok
13:17:07.0008 4376 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
13:17:07.0008 4376 usbcir - ok
13:17:07.0028 4376 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
13:17:07.0038 4376 usbehci - ok
13:17:07.0078 4376 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
13:17:07.0078 4376 usbhub - ok
13:17:07.0098 4376 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
13:17:07.0098 4376 usbohci - ok
13:17:07.0138 4376 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
13:17:07.0158 4376 usbprint - ok
13:17:07.0188 4376 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:17:07.0188 4376 USBSTOR - ok
13:17:07.0208 4376 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
13:17:07.0208 4376 usbuhci - ok
13:17:07.0228 4376 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
13:17:07.0228 4376 UxSms - ok
13:17:07.0258 4376 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
13:17:07.0258 4376 VaultSvc - ok
13:17:07.0278 4376 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
13:17:07.0288 4376 vdrvroot - ok
13:17:07.0308 4376 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
13:17:07.0318 4376 vds - ok
13:17:07.0338 4376 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
13:17:07.0338 4376 vga - ok
13:17:07.0348 4376 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
13:17:07.0358 4376 VgaSave - ok
13:17:07.0358 4376 VGPU - ok
13:17:07.0378 4376 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
13:17:07.0378 4376 vhdmp - ok
13:17:07.0388 4376 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
13:17:07.0388 4376 viaide - ok
13:17:07.0398 4376 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
13:17:07.0398 4376 vmbus - ok
13:17:07.0408 4376 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
13:17:07.0408 4376 VMBusHID - ok
13:17:07.0428 4376 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
13:17:07.0428 4376 volmgr - ok
13:17:07.0448 4376 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
13:17:07.0448 4376 volmgrx - ok
13:17:07.0468 4376 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
13:17:07.0468 4376 volsnap - ok
13:17:07.0508 4376 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
13:17:07.0508 4376 vsmraid - ok
13:17:07.0568 4376 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
13:17:07.0588 4376 VSS - ok
13:17:07.0608 4376 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
13:17:07.0608 4376 vwifibus - ok
13:17:07.0628 4376 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
13:17:07.0628 4376 vwififlt - ok
13:17:07.0658 4376 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
13:17:07.0668 4376 W32Time - ok
13:17:07.0678 4376 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
13:17:07.0678 4376 WacomPen - ok
13:17:07.0708 4376 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
13:17:07.0708 4376 WANARP - ok
13:17:07.0718 4376 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
13:17:07.0718 4376 Wanarpv6 - ok
13:17:07.0778 4376 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
13:17:07.0798 4376 WatAdminSvc - ok
13:17:07.0858 4376 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
13:17:07.0878 4376 wbengine - ok
13:17:07.0898 4376 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
13:17:07.0908 4376 WbioSrvc - ok
13:17:07.0928 4376 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
13:17:07.0938 4376 wcncsvc - ok
13:17:07.0958 4376 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:17:07.0958 4376 WcsPlugInService - ok
13:17:07.0988 4376 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
13:17:07.0988 4376 Wd - ok
13:17:08.0028 4376 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
13:17:08.0038 4376 Wdf01000 - ok
13:17:08.0058 4376 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
13:17:08.0058 4376 WdiServiceHost - ok
13:17:08.0068 4376 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
13:17:08.0068 4376 WdiSystemHost - ok
13:17:08.0168 4376 [ B1EC8C9300C58CE5E90990F71EEA644C ] Web Assistant Updater C:\Program Files\Web Assistant\ExtensionUpdaterService.exe
13:17:08.0168 4376 Web Assistant Updater - ok
13:17:08.0198 4376 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
13:17:08.0198 4376 WebClient - ok
13:17:08.0208 4376 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
13:17:08.0218 4376 Wecsvc - ok
13:17:08.0238 4376 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
13:17:08.0238 4376 wercplsupport - ok
13:17:08.0268 4376 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
13:17:08.0278 4376 WerSvc - ok
13:17:08.0338 4376 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
13:17:08.0338 4376 WfpLwf - ok
13:17:08.0358 4376 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
13:17:08.0358 4376 WIMMount - ok
13:17:08.0418 4376 WinDefend - ok
13:17:08.0428 4376 WinHttpAutoProxySvc - ok
13:17:08.0478 4376 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
13:17:08.0488 4376 Winmgmt - ok
13:17:08.0578 4376 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
13:17:08.0628 4376 WinRM - ok
13:17:08.0708 4376 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
13:17:08.0718 4376 WinUsb - ok
13:17:08.0768 4376 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
13:17:08.0778 4376 Wlansvc - ok
13:17:08.0798 4376 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
13:17:08.0818 4376 WmiAcpi - ok
13:17:08.0848 4376 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
13:17:08.0858 4376 wmiApSrv - ok
13:17:08.0888 4376 WMPNetworkSvc - ok
13:17:08.0918 4376 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
13:17:08.0928 4376 WPCSvc - ok
13:17:08.0958 4376 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
13:17:08.0968 4376 WPDBusEnum - ok
13:17:08.0968 4376 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
13:17:08.0978 4376 ws2ifsl - ok
13:17:09.0018 4376 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
13:17:09.0028 4376 wscsvc - ok
13:17:09.0028 4376 WSearch - ok
13:17:09.0128 4376 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
13:17:09.0158 4376 wuauserv - ok
13:17:09.0188 4376 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
13:17:09.0218 4376 WudfPf - ok
13:17:09.0258 4376 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
13:17:09.0268 4376 WUDFRd - ok
13:17:09.0308 4376 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
13:17:09.0318 4376 wudfsvc - ok
13:17:09.0358 4376 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
13:17:09.0368 4376 WwanSvc - ok
13:17:09.0418 4376 [ 64F88AF327AA74E03658AE32B48CCB8B ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys
13:17:09.0428 4376 yukonw7 - ok
13:17:09.0438 4376 ================ Scan global ===============================
13:17:09.0478 4376 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
13:17:09.0528 4376 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
13:17:09.0538 4376 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
13:17:09.0578 4376 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
13:17:09.0598 4376 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
13:17:09.0608 4376 [Global] - ok
13:17:09.0608 4376 ================ Scan MBR ==================================
13:17:09.0618 4376 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
13:17:10.0398 4376 \Device\Harddisk0\DR0 - ok
13:17:10.0398 4376 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
13:17:11.0248 4376 \Device\Harddisk1\DR1 - ok
13:17:11.0248 4376 ================ Scan VBR ==================================
13:17:11.0258 4376 [ C504D49792E61B3C9B259332909453F2 ] \Device\Harddisk0\DR0\Partition1
13:17:11.0258 4376 \Device\Harddisk0\DR0\Partition1 - ok
13:17:11.0268 4376 [ 024BF18EDAB3DAD51DD91272F21069FF ] \Device\Harddisk1\DR1\Partition1
13:17:11.0268 4376 \Device\Harddisk1\DR1\Partition1 - ok
13:17:11.0268 4376 [ 865CBE5D30E04784AB6E4D2A2AE5AB40 ] \Device\Harddisk1\DR1\Partition2
13:17:11.0268 4376 \Device\Harddisk1\DR1\Partition2 - ok
13:17:11.0268 4376 ============================================================
13:17:11.0268 4376 Scan finished
13:17:11.0268 4376 ============================================================
13:17:11.0288 3648 Detected object count: 1
13:17:11.0288 3648 Actual detected object count: 1
13:17:26.0038 3648 PortmapperService ( HiddenFile.Multi.Generic ) - skipped by user
13:17:26.0038 3648 PortmapperService ( HiddenFile.Multi.Generic ) - User select action: Skip

#4 Steampunk

Steampunk
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:01:54 AM

Posted 22 January 2013 - 08:46 AM

aswMBR:
aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-01-22 13:23:03
-----------------------------
13:23:03.507 OS Version: Windows x64 6.1.7601 Service Pack 1
13:23:03.507 Number of processors: 4 586 0xF0B
13:23:03.507 ComputerName: BRUCE-PC UserName: Bruce
13:23:04.297 Initialize success
13:23:05.567 AVAST engine defs: 13012101
13:23:38.597 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-2
13:23:38.607 Disk 0 Vendor: SAMSUNG_HD161HJ JF100-19 Size: 152627MB BusType: 3
13:23:38.607 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP4T0L0-4
13:23:38.607 Disk 1 Vendor: SAMSUNG_HD501LJ CR100-11 Size: 476940MB BusType: 3
13:23:38.647 Disk 0 MBR read successfully
13:23:38.647 Disk 0 MBR scan
13:23:38.657 Disk 0 Windows 7 default MBR code
13:23:38.657 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 152617 MB offset 63
13:23:38.707 Disk 0 scanning C:\Windows\system32\drivers
13:23:49.837 Service scanning
13:24:14.259 Modules scanning
13:24:14.269 Disk 0 trace - called modules:
13:24:14.279 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
13:24:14.289 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004a60060]
13:24:14.299 3 CLASSPNP.SYS[fffff880019b843f] -> nt!IofCallDriver -> [0xfffffa80047dce40]
13:24:14.299 5 ACPI.sys[fffff880011267a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-2[0xfffffa80047fc060]
13:24:14.639 AVAST engine scan C:\Windows
13:24:16.519 AVAST engine scan C:\Windows\system32
13:26:16.480 AVAST engine scan C:\Windows\system32\drivers
13:26:24.598 AVAST engine scan C:\Users\Bruce
13:27:15.936 Disk 0 MBR has been saved successfully to "C:\Users\Bruce \Desktop\MBR.dat"
13:27:15.946 The log file has been saved successfully to "C:\Users\Bruce \Desktop\aswMBR.txt"


aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-01-22 13:23:03
-----------------------------
13:23:03.507 OS Version: Windows x64 6.1.7601 Service Pack 1
13:23:03.507 Number of processors: 4 586 0xF0B
13:23:03.507 ComputerName: BRUCE-PC UserName: Bruce
13:23:04.297 Initialize success
13:23:05.567 AVAST engine defs: 13012101
13:23:38.597 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-2
13:23:38.607 Disk 0 Vendor: SAMSUNG_HD161HJ JF100-19 Size: 152627MB BusType: 3
13:23:38.607 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP4T0L0-4
13:23:38.607 Disk 1 Vendor: SAMSUNG_HD501LJ CR100-11 Size: 476940MB BusType: 3
13:23:38.647 Disk 0 MBR read successfully
13:23:38.647 Disk 0 MBR scan
13:23:38.657 Disk 0 Windows 7 default MBR code
13:23:38.657 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 152617 MB offset 63
13:23:38.707 Disk 0 scanning C:\Windows\system32\drivers
13:23:49.837 Service scanning
13:24:14.259 Modules scanning
13:24:14.269 Disk 0 trace - called modules:
13:24:14.279 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
13:24:14.289 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004a60060]
13:24:14.299 3 CLASSPNP.SYS[fffff880019b843f] -> nt!IofCallDriver -> [0xfffffa80047dce40]
13:24:14.299 5 ACPI.sys[fffff880011267a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-2[0xfffffa80047fc060]
13:24:14.639 AVAST engine scan C:\Windows
13:24:16.519 AVAST engine scan C:\Windows\system32
13:26:16.480 AVAST engine scan C:\Windows\system32\drivers
13:26:24.598 AVAST engine scan C:\Users\Bruce
13:27:15.936 Disk 0 MBR has been saved successfully to "C:\Users\Bruce \Desktop\MBR.dat"
13:27:15.946 The log file has been saved successfully to "C:\Users\Bruce \Desktop\aswMBR.txt"
13:36:11.870 AVAST engine scan C:\ProgramData
13:42:46.741 Scan finished successfully
14:08:35.855 Disk 0 MBR has been saved successfully to "C:\Users\Bruce \Desktop\MBR.dat"
14:08:35.905 The log file has been saved successfully to "C:\Users\Bruce \Desktop\aswMBR.txt"


ESET found one infected file.
C:\Program Files (x86)\1ClickDownload\ocmainpack.exe Win32/Adware.1ClickDownload.E application

I check the system regularly and I wonder why MBAM did not find it.

Edited by Steampunk, 22 January 2013 - 12:00 PM.


#5 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:54 PM

Posted 22 January 2013 - 12:08 PM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.



Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#6 Steampunk

Steampunk
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:01:54 AM

Posted 22 January 2013 - 01:04 PM

Is it safe to delete the suspicious file found in ESET scan? (that is> C:\Program Files (x86)\1ClickDownload\ocmainpack.exe Win32/Adware.1ClickDownload.E application)

Edited by Steampunk, 22 January 2013 - 01:38 PM.


#7 Steampunk

Steampunk
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:01:54 AM

Posted 22 January 2013 - 03:55 PM

OK, here they are:
MBAM
-----
Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Database version: v2013.01.22.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Bruce :: BRUCE-PC [administrator]

22.1.2013. 18:59:36
MBAM-log-2013-01-22 (21-06-18).txt

Scan type: Full scan (C:\|D:\|E:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 541990
Time elapsed: 1 hour(s), 53 minute(s), 1 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)


(end)
--------------------------------------

MINITOOLBOX
MiniToolBox by Farbar Version:10-01-2013
Ran by Bruce (administrator) on 22-01-2013 at 21:10:12
Running from "C:\Users\Bruce \Downloads"
Windows 7 Ultimate Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.type", 0

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================




127.0.0.1 localhost

========================= IP Configuration: ================================

Marvell Yukon 88E8056 PCI-E Gigabit Ethernet Controller = Local Area Connection 2 (Connected)
Realtek PCI GBE Family Controller = Local Area Connection (Media disconnected)
Realtek RTL8187 Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter = Wireless Network Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
add route prefix=0.0.0.0/0 interface="Local Area Connection 2" nexthop=192.168.1.1 publish=Yes
add address name="Local Area Connection 2" address=192.168.1.25 mask=255.255.255.0


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Bruce-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek RTL8187 Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter
Physical Address. . . . . . . . . : 00-15-AF-3C-86-E8
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection 2:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Marvell Yukon 88E8056 PCI-E Gigabit Ethernet Controller
Physical Address. . . . . . . . . : 00-1D-60-C9-83-46
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::a41a:1cef:a0a5:b869%12(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.25(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 301997408
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-17-3E-24-ED-00-1D-60-C9-78-7A
DNS Servers . . . . . . . . . . . : 85.114.32.7
85.114.32.8
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCI GBE Family Controller
Physical Address. . . . . . . . . : 00-1D-60-C9-78-7A
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{728DA01D-C49C-4F5A-9338-A312C4C099D4}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{04315FC3-39E0-413F-B986-02099984A0B5}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{772860BA-CD8E-4436-B364-E7F07B8AB084}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:953c:2437:d13d:a636:4d6a(Preferred)
Link-local IPv6 Address . . . . . : fe80::2437:d13d:a636:4d6a%13(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: dnscache1.optima-telekom.hr
Address: 85.114.32.7

Name: google.com
Addresses: 2a00:1450:4016:803::1005
173.194.44.41
173.194.44.46
173.194.44.32
173.194.44.33
173.194.44.34
173.194.44.35
173.194.44.36
173.194.44.37
173.194.44.38
173.194.44.39
173.194.44.40


Pinging google.com [173.194.44.32] with 32 bytes of data:
Reply from 173.194.44.32: bytes=32 time=747ms TTL=52
Reply from 173.194.44.32: bytes=32 time=779ms TTL=52

Ping statistics for 173.194.44.32:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 747ms, Maximum = 779ms, Average = 763ms
Server: dnscache1.optima-telekom.hr
Address: 85.114.32.7

Name: yahoo.com
Addresses: 98.138.253.109
98.139.183.24
206.190.36.45


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=1473ms TTL=46
Reply from 98.139.183.24: bytes=32 time=1345ms TTL=46

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 1345ms, Maximum = 1473ms, Average = 1409ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
14...00 15 af 3c 86 e8 ......Realtek RTL8187 Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter
12...00 1d 60 c9 83 46 ......Marvell Yukon 88E8056 PCI-E Gigabit Ethernet Controller
11...00 1d 60 c9 78 7a ......Realtek PCI GBE Family Controller
1...........................Software Loopback Interface 1
16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.25 276
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
169.254.0.0 255.255.0.0 On-link 192.168.1.25 30
169.254.255.255 255.255.255.255 On-link 192.168.1.25 276
192.168.1.0 255.255.255.0 On-link 192.168.1.25 276
192.168.1.25 255.255.255.255 On-link 192.168.1.25 276
192.168.1.255 255.255.255.255 On-link 192.168.1.25 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.25 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.25 276
===========================================================================
Persistent Routes:
Network Address Netmask Gateway Address Metric
0.0.0.0 0.0.0.0 192.168.1.1 Default
===========================================================================

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
13 58 ::/0 On-link
1 306 ::1/128 On-link
13 58 2001::/32 On-link
13 306 2001:0:9d38:953c:2437:d13d:a636:4d6a/128
On-link
12 276 fe80::/64 On-link
13 306 fe80::/64 On-link
13 306 fe80::2437:d13d:a636:4d6a/128
On-link
12 276 fe80::a41a:1cef:a0a5:b869/128
On-link
1 306 ff00::/8 On-link
13 306 ff00::/8 On-link
12 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Extensis\Extensis Suitcase 11\Bonjour\mdnsNSP.dll [94208] (Apple Computer, Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (01/22/2013 01:53:40 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (01/22/2013 01:53:40 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/22/2013 01:53:39 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (01/22/2013 01:53:39 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/22/2013 01:53:35 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (01/22/2013 01:53:32 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/22/2013 01:52:55 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

Error: (01/22/2013 01:52:05 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (01/22/2013 01:29:34 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/22/2013 01:29:28 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============
Error: (01/22/2013 11:52:37 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Windows Defender - KB915597 (Definition 1.143.502.0).

Error: (01/22/2013 11:52:28 AM) (Source: Service Control Manager) (User: )
Description: The Windows Defender service terminated with the following error:
%%126

Error: (01/22/2013 11:49:11 AM) (Source: DCOM) (User: )
Description: {CC957078-B838-47C4-A7CF-626E7A82FC58}

Error: (01/22/2013 11:47:06 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
SR

Error: (01/22/2013 11:46:39 AM) (Source: Service Control Manager) (User: )
Description: The Windows Defender service terminated with the following error:
%%126

Error: (01/22/2013 11:46:38 AM) (Source: Service Control Manager) (User: )
Description: The System Restore Service service terminated with the following error:
%%126

Error: (01/22/2013 11:46:37 AM) (Source: Service Control Manager) (User: )
Description: The Net.Tcp Listener Adapter service depends on the Net.Tcp Port Sharing Service service which failed to start because of the following error:
%%1058

Error: (01/22/2013 11:46:37 AM) (Source: Service Control Manager) (User: )
Description: The Net.Pipe Listener Adapter service depends the following service: was. This service might not be installed.

Error: (01/22/2013 11:46:37 AM) (Source: Service Control Manager) (User: )
Description: The Net.Msmq Listener Adapter service depends the following service: msmq. This service might not be installed.

Error: (01/21/2013 03:17:03 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Windows Defender - KB915597 (Definition 1.143.193.0).


Microsoft Office Sessions:
=========================
Error: (01/22/2013 01:53:40 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestc:\Users\bruce\downloads\SoftonicDownloader_for_google-sketchup.exe

Error: (01/22/2013 01:53:40 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\Users\bruce\downloads\esetsmartinstaller_enu.exe

Error: (01/22/2013 01:53:39 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestc:\Users\bruce\downloads\SoftonicDownloader_for_google-sketchup.exe

Error: (01/22/2013 01:53:39 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\Users\bruce\downloads\esetsmartinstaller_enu.exe

Error: (01/22/2013 01:53:35 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestc:\Users\bruce\downloads\SoftonicDownloader_for_google-sketchup.exe

Error: (01/22/2013 01:53:32 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\Users\bruce\downloads\esetsmartinstaller_enu.exe

Error: (01/22/2013 01:52:55 PM) (Source: SideBySide)(User: )
Description: assemblyIdentitylanguage*c:\program files (x86)\spybot - search & destroy\DelZip179.dllc:\program files (x86)\spybot - search & destroy\DelZip179.dll8

Error: (01/22/2013 01:52:05 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (01/22/2013 01:29:34 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Bruce\Downloads\esetsmartinstaller_enu.exe

Error: (01/22/2013 01:29:28 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Bruce\Downloads\esetsmartinstaller_enu.exe


=========================== Installed Programs ============================

7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
Adobe Flash Player 11 ActiveX (Version: 11.5.502.146)
Adobe Flash Player 11 Plugin (Version: 11.5.502.146)
Adobe Photoshop CS6 (Version: 13.0)
Adobe Reader X (10.1.5) (Version: 10.1.5)
Adobe Shockwave Player 11.5 (Version: 11.5.7.609)
Alien Skin Exposure 4
Alien Skin Snap Art 3
AMD Accelerated Video Transcoding (Version: 12.5.100.20704)
AMD APP SDK Runtime (Version: 10.0.937.2)
AMD Catalyst Install Manager (Version: 8.0.877.0)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Media Foundation Decoders (Version: 1.0.70704.0230)
Ashampoo Burning Studio 2012 CBE v.11.0.4 (Version: 11.0.4)
avast! Free Antivirus (Version: 7.0.1474.0)
Canon Inkjet Printer Driver Add-On Module
Canon Utilities Easy-PhotoPrint EX
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center (Version: 2012.0704.122.388)
Catalyst Control Center Graphics Previews Common (Version: 2012.0704.122.388)
Catalyst Control Center InstallProxy (Version: 2012.0704.122.388)
Catalyst Control Center Localization All (Version: 2012.0704.122.388)
ccc-utility64 (Version: 2012.0704.122.388)
CCC Help Chinese Standard (Version: 2012.0704.0121.388)
CCC Help Chinese Traditional (Version: 2012.0704.0121.388)
CCC Help Czech (Version: 2012.0704.0121.388)
CCC Help Danish (Version: 2012.0704.0121.388)
CCC Help Dutch (Version: 2012.0704.0121.388)
CCC Help English (Version: 2012.0704.0121.388)
CCC Help Finnish (Version: 2012.0704.0121.388)
CCC Help French (Version: 2012.0704.0121.388)
CCC Help German (Version: 2012.0704.0121.388)
CCC Help Greek (Version: 2012.0704.0121.388)
CCC Help Hungarian (Version: 2012.0704.0121.388)
CCC Help Italian (Version: 2012.0704.0121.388)
CCC Help Japanese (Version: 2012.0704.0121.388)
CCC Help Korean (Version: 2012.0704.0121.388)
CCC Help Norwegian (Version: 2012.0704.0121.388)
CCC Help Polish (Version: 2012.0704.0121.388)
CCC Help Portuguese (Version: 2012.0704.0121.388)
CCC Help Russian (Version: 2012.0704.0121.388)
CCC Help Spanish (Version: 2012.0704.0121.388)
CCC Help Swedish (Version: 2012.0704.0121.388)
CCC Help Thai (Version: 2012.0704.0121.388)
CCC Help Turkish (Version: 2012.0704.0121.388)
CCleaner (Version: 3.26)
Color Efex Pro 4 (Version: 4.0.0.5)
CPUID CPU-Z 1.60.1
Creo Direct Version 2.0 Datecode [M010] (Version: 2.0)
Creo Distributed Services Manager Version 2.0 Datecode [M010] (Version: 2.0)
Creo Layout Version 2.0 Datecode [M010] (Version: 2.0)
Creo Options Modeler Version 2.0 Datecode [M010] (Version: 2.0)
Creo Parametric Version 2.0 Datecode [M010] (Version: 2.0)
Creo Platform 2.9 (Version: 2.9.0)
Creo Simulate Version 2.0 Datecode [M010] (Version: 2.0)
Creo Thumbnail Viewer 2.0 (Version: 30.12.130)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dropbox (Version: 1.6.11)
Dynamic Auto-Painter 2.5.5
Dynamic Auto-Painter x64 PRO version 3.1 (Version: 3.1)
ERUNT 1.1j
ESET Online Scanner v3
Extensis Suitcase 11.0.1 (Version: 11.0.1)
Google Earth (Version: 7.0.2.8415)
Google Update Helper (Version: 1.3.21.123)
Java 7 Update 11 (Version: 7.0.110)
Java Auto Updater (Version: 2.1.9.0)
Java™ 6 Update 38 (Version: 6.0.380)
K-Lite Codec Pack 9.4.0 (64-bit) (Version: 9.4.0)
K-Lite Mega Codec Pack 7.0.0 (Version: 7.0.0)
KeyMaestro Input Device Driver V2.3.1-126A6 MUL
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft Visual C++ 2005 Redistributable - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
MKS Platform Components 9.x (Version: 9.3.0000)
Mozilla Firefox 18.0 (x86 en-US) (Version: 18.0)
Mozilla Maintenance Service (Version: 18.0)
PDF Settings CS6 (Version: 11.0)
Perfect Resize 7 (Version: 7.0.7)
Perfectly Clear Plugin 1.6.1 (Version: 1.6.1)
PTC Portmapper Version 2.0 Datecode [M010] (Version: 2.0)
PTC Quality Agent (Version: 2.0.0.0)
SketchUp Pro 8 (Version: 3.0.16846)
Skype™ 6.0 (Version: 6.0.126)
SlimDrivers (Version: 2.2.25937)
Spybot - Search & Destroy (Version: 1.6.2)
The KMPlayer (remove only)
Unlocker 1.9.0-x64 (Version: 1.9.0-x64)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
Viveza 2 (Version: 2.0.0.9)
Web Assistant 2.0.0.440
WinRAR archiver
Xiph.Org Open Codecs 0.85.17777 (Version: 0.85.17777)

========================= Memory info: ===================================

Percentage of memory in use: 73%
Total physical RAM: 4095.12 MB
Available physical RAM: 1100.39 MB
Total Pagefile: 8188.43 MB
Available Pagefile: 3202.93 MB
Total Virtual: 4095.88 MB
Available Virtual: 3968.3 MB

========================= Partitions: =====================================

2 Drive c: () (Fixed) (Total:149.04 GB) (Free:49.77 GB) NTFS
3 Drive d: () (Fixed) (Total:232.88 GB) (Free:123.79 GB) NTFS
4 Drive e: () (Fixed) (Total:232.88 GB) (Free:137.67 GB) NTFS

========================= Users: ========================================

User accounts for \\BRUCEWAYNE-PC

Administrator Bruce Wayne Guest

========================= Restore Points ==================================

17-01-2013 19:10:59 Tweaking.com - Windows Repair
18-01-2013 13:20:01 Restore Operation
19-01-2013 18:56:34 before reg files od Bronija
19-01-2013 20:09:20 Tweaking.com - Windows Repair
19-01-2013 21:12:48 test
20-01-2013 13:30:18 Restore Operation
21-01-2013 13:05:23 Windows Update
21-01-2013 13:31:58 Windows Update
21-01-2013 13:59:10 Windows Update
21-01-2013 17:38:22 Installed Google SketchUp 8
21-01-2013 18:27:16 Installed SketchUp Pro 8

**** End of log ****
-------------------------

FARBAR:

Farbar Service Scanner Version: 16-01-2013
Ran by Bruce (administrator) on 22-01-2013 at 21:14:25
Running from "C:\Users\Bruce\Downloads"
Windows 7 Ultimate Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error. Google IP is offline
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is OK.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend: "%ProgramFiles(x86)%\Windows Defender\mpsvc.dll".


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****
---------------------------

ADWARE
# AdwCleaner v2.107 - Logfile created 01/22/2013 at 21:16:04
# Updated 21/01/2013 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (64 bits)
# User : Bruce - BRUCE-PC
# Boot Mode : Normal
# Running from : C:\Users\Bruce\Downloads\adwcleaner.exe
# Option [Search]


***** [Services] *****

Found : Web Assistant Updater

***** [Files / Folders] *****

File Found : C:\user.js
Folder Found : C:\Program Files (x86)\1ClickDownload
Folder Found : C:\Program Files\Web Assistant
Folder Found : C:\ProgramData\Ask
Folder Found : C:\Users\Bruce\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com

***** [Registry] *****

Key Found : HKCU\Software\1ClickDownload
Key Found : HKCU\Software\APN PIP
Key Found : HKCU\Software\IM
Key Found : HKCU\Software\ImInstaller
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AD4DF010-E2FD-43CE-864A-6BD1EDC59AC2}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AD4DF010-E2FD-43CE-864A-6BD1EDC59AC2}
Key Found : HKCU\Software\PIP
Key Found : HKCU\Software\Softonic
Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Found : HKLM\SOFTWARE\Classes\AppID\{3F39D17D-50C7-4AC4-A63A-CDF6CDBD0C61}
Key Found : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Found : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Found : HKLM\SOFTWARE\Classes\AppID\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2}
Key Found : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\IEPlugin.DLL
Key Found : HKLM\SOFTWARE\Classes\esrv.IncredibarESrvc
Key Found : HKLM\SOFTWARE\Classes\esrv.IncredibarESrvc.1
Key Found : HKLM\SOFTWARE\Classes\IEPlugin.IEWebHook
Key Found : HKLM\SOFTWARE\Classes\IEPlugin.IEWebHook.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{71E3A30E-9444-49D9-ABDB-B4B531D0BBA3}
Key Found : HKLM\Software\incredibar.com
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_installer_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_installer_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASMANCS
Key Found : HKLM\Software\PIP
Key Found : HKLM\Software\Web Assistant
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C01315C7-B4E2-4864-B43D-5FAFC414D179}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AE9908C1-3400-4B10-9061-C6C04D96E3D2}
Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{74C36554-31F0-49DD-8857-ED6A64DF45BE}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AD4DF010-E2FD-43CE-864A-6BD1EDC59AC2}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AD4DF010-E2FD-43CE-864A-6BD1EDC59AC2}
Key Found : HKLM\SOFTWARE\Classes\Interface\{AE9908C1-3400-4B10-9061-C6C04D96E3D2}
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AD4DF010-E2FD-43CE-864A-6BD1EDC59AC2}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1
Key Found : HKLM\SOFTWARE\Web Assistant
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]
Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{F9639E4A-801B-4843-AEE3-03D9DA199E77}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Registry is clean.

-\\ Mozilla Firefox v18.0 (en-US)

File : C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\irb6x35v.default\prefs.js

Found : user_pref("browser.search.defaultenginename", "MyStart Search");
Found : user_pref("extensions.incredibar.admin", false);
Found : user_pref("extensions.incredibar.aflt", "orgnl");
Found : user_pref("extensions.incredibar.cntry", "HR");
Found : user_pref("extensions.incredibar.dfltLng", "");
Found : user_pref("extensions.incredibar.dfltSrch", false);
Found : user_pref("extensions.incredibar.did", "10643");
Found : user_pref("extensions.incredibar.envrmnt", "production");
Found : user_pref("extensions.incredibar.excTlbr", false);
Found : user_pref("extensions.incredibar.hdrMd5", "67F25BE1F221EFC83CF10E120A9A0410");
Found : user_pref("extensions.incredibar.hmpg", false);
Found : user_pref("extensions.incredibar.id", "ec89d2070000000000000015af3c86e8");
Found : user_pref("extensions.incredibar.installerproductid", "26");
Found : user_pref("extensions.incredibar.instlDay", "15482");
Found : user_pref("extensions.incredibar.instlRef", "");
Found : user_pref("extensions.incredibar.lastVrsnTs", "1.5.11.1413:08:49");
Found : user_pref("extensions.incredibar.mntrvrsn", "1.2.0");
Found : user_pref("extensions.incredibar.newTab", false);
Found : user_pref("extensions.incredibar.noFFXTlbr", false);
Found : user_pref("extensions.incredibar.ppd", "1");
Found : user_pref("extensions.incredibar.prdct", "incredibar");
Found : user_pref("extensions.incredibar.productid", "26");
Found : user_pref("extensions.incredibar.prtnrId", "Incredibar");
Found : user_pref("extensions.incredibar.sg", "none");
Found : user_pref("extensions.incredibar.smplGrp", "none");
Found : user_pref("extensions.incredibar.tlbrId", "base");
Found : user_pref("extensions.incredibar.tlbrSrchUrl", "hxxp://mystart.Incredibar.com/?a=6R8tFSkScQ&loc=IB_T[...]
Found : user_pref("extensions.incredibar.upn2", "6R8tFSkScQ");
Found : user_pref("extensions.incredibar.upn2n", "92824403361605588");
Found : user_pref("extensions.incredibar.vrsn", "1.5.11.14");
Found : user_pref("extensions.incredibar.vrsnTs", "1.5.11.1413:08:49");
Found : user_pref("extensions.incredibar.vrsni", "1.5.11.14");
Found : user_pref("extensions.incredibar_i.aflt", "orgnl");
Found : user_pref("extensions.incredibar_i.dfltLng", "");
Found : user_pref("extensions.incredibar_i.did", "10643");
Found : user_pref("extensions.incredibar_i.excTlbr", false);
Found : user_pref("extensions.incredibar_i.id", "ec89d2070000000000000015af3c86e8");
Found : user_pref("extensions.incredibar_i.installerproductid", "26");
Found : user_pref("extensions.incredibar_i.instlDay", "15482");
Found : user_pref("extensions.incredibar_i.instlRef", "");
Found : user_pref("extensions.incredibar_i.ms_url_id", "");
Found : user_pref("extensions.incredibar_i.newTab", false);
Found : user_pref("extensions.incredibar_i.ppd", "1");
Found : user_pref("extensions.incredibar_i.prdct", "incredibar");
Found : user_pref("extensions.incredibar_i.productid", "26");
Found : user_pref("extensions.incredibar_i.prtnrId", "Incredibar");
Found : user_pref("extensions.incredibar_i.smplGrp", "none");
Found : user_pref("extensions.incredibar_i.tlbrId", "base");
Found : user_pref("extensions.incredibar_i.tlbrSrchUrl", "hxxp://mystart.Incredibar.com/?a=6R8tFSkScQ&loc=IB[...]
Found : user_pref("extensions.incredibar_i.upn2", "6R8tFSkScQ");
Found : user_pref("extensions.incredibar_i.upn2n", "92824403361605588");
Found : user_pref("extensions.incredibar_i.vrsn", "1.5.11.14");
Found : user_pref("extensions.incredibar_i.vrsnTs", "1.5.11.1413:08:49");
Found : user_pref("extensions.incredibar_i.vrsni", "1.5.11.14");
Found : user_pref("extensions.tweaktube.addit.remoteInstallItems", "{ \"software\": {\"95\": {\"id\": \"95\"[...]
Found : user_pref("keyword.URL", "hxxp://mystart.incredibar.com/mb143/?loc=IB_DS&a=6R8tFSkScQ&&i=26&search="[...]
Found : user_pref("tweaktube.pref.cacheInfo", "({'hxxp://wedata.net/databases/AutoPagerize/items.json':{url:[...]
Found : user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_whiteList", "{\"search.babylon.com\[...]

*************************

AdwCleaner[R1].txt - [8579 octets] - [22/01/2013 21:16:04]

########## EOF - C:\AdwCleaner[R1].txt - [8639 octets] ##########
---------------------

JRT

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.4.8 (01.21.2013:2)
OS: Windows 7 Ultimate x64
Ran by Bruce on uto 22.01.2013. at 21:20:01,19
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services

Successfully stopped: [Service] web assistant updater
Successfully deleted: [Service] web assistant updater



~~~ Registry Values

Successfully deleted: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\toolbar\\{f9639e4a-801b-4843-aee3-03d9da199e77}



~~~ Registry Keys

Successfully deleted: [Registry Key] "hkey_current_user\software\microsoft\internet explorer\internetregistry\registry\user\S-1-5-21-3793463590-2763670123-2953834714-1000\software\web assistant"
Successfully deleted: [Registry Key] hkey_classes_root\esrv.incredibaresrvc
Successfully deleted: [Registry Key] hkey_classes_root\esrv.incredibaresrvc.1
Successfully deleted: [Registry Key] hkey_current_user\software\1clickdownload
Successfully deleted: [Registry Key] hkey_current_user\software\im
Successfully deleted: [Registry Key] hkey_current_user\software\iminstaller
Successfully deleted: [Registry Key] hkey_local_machine\software\incredibar.com
Successfully deleted: [Registry Key] hkey_current_user\software\softonic
Successfully deleted: [Registry Key] hkey_local_machine\software\web assistant
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\appid\escort.dll
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\appid\escortapp.dll
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\appid\escorteng.dll
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\appid\escortlbr.dll
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\appid\esrv.exe
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\appid\ieplugin.dll
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\ieplugin.iewebhook
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\ieplugin.iewebhook.1
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\tracing\incredibar_installer_rasapi32
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\tracing\incredibar_installer_rasmancs
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\tracing\incredibartoolbar_rasapi32
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\tracing\incredibartoolbar_rasmancs
Successfully deleted: [Registry Key] "hkey_current_user\software\apn pip"
Successfully deleted: [Registry Key] "hkey_current_user\software\pip"
Successfully deleted: [Registry Key] "hkey_local_machine\software\pip"



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\speedypc software"
Successfully deleted: [Folder] "C:\Users\Bruce \AppData\Roaming\drivercure"
Successfully deleted: [Folder] "C:\Users\Bruce \AppData\Roaming\speedypc software"
Successfully deleted: [Folder] "C:\Program Files (x86)\Common Files\speedypc software"
Successfully deleted: [Folder] "C:\ProgramData\ask"



~~~ FireFox

Successfully deleted: [File] C:\user.js
Successfully deleted: [File] C:\Users\Bruce\AppData\Roaming\mozilla\firefox\profiles\irb6x35v.default\user.js
Successfully deleted: [File] C:\Users\Bruce \AppData\Roaming\mozilla\firefox\profiles\irb6x35v.default\searchplugins\youtube-video-search.xml
Successfully deleted: [Registry Value] hkey_local_machine\software\mozilla\firefox\extensions\\{336d0c35-8a85-403a-b9d2-65c292c39087}
Successfully deleted the following from C:\Users\Bruce\AppData\Roaming\mozilla\firefox\profiles\irb6x35v.default\prefs.js

user_pref("browser.search.defaultenginename", "MyStart Search");
user_pref("extensions.incredibar.admin", false);
user_pref("extensions.incredibar.aflt", "orgnl");
user_pref("extensions.incredibar.cntry", "HR");
user_pref("extensions.incredibar.dfltLng", "");
user_pref("extensions.incredibar.dfltSrch", false);
user_pref("extensions.incredibar.did", "10643");
user_pref("extensions.incredibar.envrmnt", "production");
user_pref("extensions.incredibar.excTlbr", false);
user_pref("extensions.incredibar.hdrMd5", "67F25BE1F221EFC83CF10E120A9A0410");
user_pref("extensions.incredibar.hmpg", false);
user_pref("extensions.incredibar.id", "ec89d2070000000000000015af3c86e8");
user_pref("extensions.incredibar.installerproductid", "26");
user_pref("extensions.incredibar.instlDay", "15482");
user_pref("extensions.incredibar.instlRef", "");
user_pref("extensions.incredibar.lastVrsnTs", "1.5.11.1413:08:49");
user_pref("extensions.incredibar.mntrvrsn", "1.2.0");
user_pref("extensions.incredibar.newTab", false);
user_pref("extensions.incredibar.noFFXTlbr", false);
user_pref("extensions.incredibar.ppd", "1");
user_pref("extensions.incredibar.prdct", "incredibar");
user_pref("extensions.incredibar.productid", "26");
user_pref("extensions.incredibar.prtnrId", "Incredibar");
user_pref("extensions.incredibar.sg", "none");
user_pref("extensions.incredibar.smplGrp", "none");
user_pref("extensions.incredibar.tlbrId", "base");
user_pref("extensions.incredibar.tlbrSrchUrl", "http://mystart.Incredibar.com/?a=6R8tFSkScQ&loc=IB_TB&i=26&search=");
user_pref("extensions.incredibar.upn2", "6R8tFSkScQ");
user_pref("extensions.incredibar.upn2n", "92824403361605588");
user_pref("extensions.incredibar.vrsn", "1.5.11.14");
user_pref("extensions.incredibar.vrsnTs", "1.5.11.1413:08:49");
user_pref("extensions.incredibar.vrsni", "1.5.11.14");
user_pref("extensions.incredibar_i.aflt", "orgnl");
user_pref("extensions.incredibar_i.dfltLng", "");
user_pref("extensions.incredibar_i.did", "10643");
user_pref("extensions.incredibar_i.excTlbr", false);
user_pref("extensions.incredibar_i.id", "ec89d2070000000000000015af3c86e8");
user_pref("extensions.incredibar_i.installerproductid", "26");
user_pref("extensions.incredibar_i.instlDay", "15482");
user_pref("extensions.incredibar_i.instlRef", "");
user_pref("extensions.incredibar_i.ms_url_id", "");
user_pref("extensions.incredibar_i.newTab", false);
user_pref("extensions.incredibar_i.ppd", "1");
user_pref("extensions.incredibar_i.prdct", "incredibar");
user_pref("extensions.incredibar_i.productid", "26");
user_pref("extensions.incredibar_i.prtnrId", "Incredibar");
user_pref("extensions.incredibar_i.smplGrp", "none");
user_pref("extensions.incredibar_i.tlbrId", "base");
user_pref("extensions.incredibar_i.tlbrSrchUrl", "http://mystart.Incredibar.com/?a=6R8tFSkScQ&loc=IB_TB&i=26&search=");
user_pref("extensions.incredibar_i.upn2", "6R8tFSkScQ");
user_pref("extensions.incredibar_i.upn2n", "92824403361605588");
user_pref("extensions.incredibar_i.vrsn", "1.5.11.14");
user_pref("extensions.incredibar_i.vrsnTs", "1.5.11.1413:08:49");
user_pref("extensions.incredibar_i.vrsni", "1.5.11.14");
user_pref("extensions.tweaktube.addit.remoteInstallItems", "{ \"software\": {\"95\": {\"id\": \"95\",\"title\": \"Boounce\",\"type\": \"XPI\",\"url\": \"https://addons.mozilla
user_pref("extensions.wrc.SearchRules.ask.com.style", ".WRCN {display:none} #yui-main .tsrc_vnru .title + .WRCN, #yui-main #teoma-results .title + .WRCN {display:inline !impor
user_pref("extensions.wrc.SearchRules.ask.com.url", "^http(s)?\\:\\/\\/(.+\\.)?ask\\.com\\/.*");
user_pref("extensions.wrc.SearchRules.baidu.com.style", ".WRCN {display:none} .result .f .WRCN {display:inline !important; background: url(\"IMAGE\") right no-repeat}");
user_pref("extensions.wrc.SearchRules.baidu.com.url", "^http\\:\\/\\/www\\.baidu\\.com\\/.*");
user_pref("extensions.wrc.SearchRules.excite.com.style", ".WRCN {display:none} .listing .resultsLink + .WRCN {display:inline !important; background: url(\"IMAGE\") right no-re
user_pref("extensions.wrc.SearchRules.excite.com.url", "^http\\:\\/\\/msxml\\.excite\\.com\\/excite\\/ws\\/.+");
user_pref("extensions.wrc.SearchRules.rambler.ru.style", ".WRCN {display:none} .search-results .title + .WRCN {display:inline !important; background: url(\"IMAGE\") right no-r
user_pref("keyword.URL", "http://mystart.incredibar.com/mb143/?loc=IB_DS&a=6R8tFSkScQ&&i=26&search=");
user_pref("socialfixer.1151912316/cached_content/donate_pagelet", "{\"expires_on\":1338387407224,\"content\":\"<div style=\\\"background-color:#ffffcc;border:1px solid #cccc99
user_pref("socialfixer.1350615772/typeahead_new", "for (;;);{\"__ar\":1,\"payload\":{\"entries\":[{\"uid\":1494616528,\"photo\":\"http:\\/\\/profile.ak.fbcdn.net\\/hprofile-ak
user_pref("tweaktube.pref.cacheInfo", "({'http://wedata.net/databases/AutoPagerize/items.json':{url:\"http://wedata.net/databases/AutoPagerize/items.json\", expire:(new Date(1
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_referrer", "http://us.yhs4.search.yahoo.com/yhs/search?fr=altavista&itag=ody&q=http://sg.perion.com/v1.1/js/lo
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_temp_referer", "http://us.yhs4.search.yahoo.com/yhs/search?fr=altavista&itag=ody&q=http://sg.perion.com/v1.1/j
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_whiteList", "{\"search.babylon.com\":\"q\",\"search.sweetim.com\":\"q\",\"search.imesh.net\":\"q\",\"www.searc
Emptied folder: C:\Users\Bruce\AppData\Roaming\mozilla\firefox\profiles\irb6x35v.default\minidumps [154 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on uto 22.01.2013. at 21:30:04,18
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

RKILL

Program started at: 01/22/2013 09:41:37 PM in x64 mode.
Windows Version: Windows 7 Ultimate Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\Windows\SysWOW64\nlssrv32.exe (PID: 2264) [WD-HEUR]

1 proccess terminated!

Checking Registry for malware related settings:

* Explorer Policy Removed: NoActiveDesktopChanges [HKLM]

Backup Registry file created at:
C:\Users\Bruce\Desktop\rkill\rkill-01-22-2013-09-41-45.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Automatic

* WinDefend => %ProgramFiles(x86)%\Windows Defender\mpsvc.dll [Incorrect ServiceDLL]

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 localhost

Program finished at: 01/22/2013 09:41:56 PM
Execution time: 0 hours(s), 0 minute(s), and 19 seconds(s)
--------------




As for Autoruns.exe, there are no Scan function there. Just the list of programs that are configured to run during system bootup. I could not save any log in txt format.

Edited by Steampunk, 22 January 2013 - 04:00 PM.


#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:54 PM

Posted 22 January 2013 - 04:59 PM

As for Autoruns.exe, there are no Scan function there. Just the list of programs that are configured to run during system bootup. I could not save any log in txt format.


It will automatically scan.On top left side you have FILE option

Launch Adware cleaner and select DELETE option.Post the new log

Edited by narenxp, 22 January 2013 - 04:59 PM.


#9 Steampunk

Steampunk
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:01:54 AM

Posted 23 January 2013 - 03:23 PM

Here is AutoRuns.txt log

"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "AdobeAAMUpdater-1.0" "Adobe Updater Startup Utility" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\oobe\pdapp\uwa\updaterstartuputility.exe"
+ "BtcMaestro" "KeyMaestro (x64) main program" "Kmaestro" "c:\program files\kmaestro\kmaestro64.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe"
+ "AdobeCS6ServiceManager" "Adobe CS6 Service Manager" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\cs6servicemanager\cs6servicemanager.exe"
+ "AMD AVT" "" "" "File not found: AMD Accelerated Video Transcoding device initialization"
+ "avast" "avast! Antivirus" "AVAST Software" "c:\program files\avast software\avast\avastui.exe"
+ "BCSSync" "Microsoft Office 2010 component" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\bcssync.exe"
+ "NuTCSetupEnviron" "NuTCRACKER OE environment utility" "MKS Software Inc." "c:\ptc\mks toolkit\bin\ncoeenv.exe"
+ "StartCCC" "Catalyst® Control Center Launcher" "Advanced Micro Devices, Inc." "c:\program files (x86)\ati technologies\ati.ace\core-static\clistart.exe"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files (x86)\common files\java\java update\jusched.exe"
+ "SwitchBoard" "SwitchBoard Server (32 bit)" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\switchboard\switchboard.exe"
"C:\Users\Bruce Wayne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "Dropbox.lnk" "Dropbox" "Dropbox, Inc." "c:\users\bruce wayne\appdata\roaming\dropbox\bin\dropbox.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Skype" "Skype " "Skype Technologies S.A." "c:\program files (x86)\skype\phone\skype.exe"
+ "SpybotSD TeaTimer" "System settings protector" "Safer-Networking Ltd." "c:\program files (x86)\spybot - search & destroy\teatimer.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office14\msoxmlmf.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks" "" "" ""
+ "Groove GFS Stub Execution Hook" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks" "" "" ""
+ "Groove GFS Stub Execution Hook" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKCU\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "DropboxExt" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\bruce wayne\appdata\roaming\dropbox\bin\dropboxext64.17.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\program files\7-zip\7-zip.dll"
+ "avast" "avast! Shell Extension" "AVAST Software" "c:\program files\avast software\avast\ashsha64.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "avast" "avast! Shell Extension" "AVAST Software" "c:\program files\avast software\avast\ashshell.dll"
+ "WinRAR32" "" "" "c:\program files\winrar\rarext32.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "00avast" "avast! Shell Extension" "AVAST Software" "c:\program files\avast software\avast\ashsha64.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "00avast" "avast! Shell Extension" "AVAST Software" "c:\program files\avast software\avast\ashshell.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKCU\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "DropboxExt" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\bruce wayne\appdata\roaming\dropbox\bin\dropboxext64.17.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\program files\7-zip\7-zip.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "WinRAR32" "" "" "c:\program files\winrar\rarext32.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\program files\7-zip\7-zip.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "WinRAR32" "" "" "c:\program files\winrar\rarext32.dll"
"HKCU\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "DropboxExt" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\bruce wayne\appdata\roaming\dropbox\bin\dropboxext64.17.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "ACE" "AMD Desktop Control Panel" "Advanced Micro Devices, Inc." "c:\program files (x86)\ati technologies\ati.ace\core-static\atiacm64.dll"
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "avast" "avast! Shell Extension" "AVAST Software" "c:\program files\avast software\avast\ashsha64.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "avast" "avast! Shell Extension" "AVAST Software" "c:\program files\avast software\avast\ashshell.dll"
+ "WinRAR32" "" "" "c:\program files\winrar\rarext32.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "WinRAR32" "" "" "c:\program files\winrar\rarext32.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "00avast" "avast! Shell Extension" "AVAST Software" "c:\program files\avast software\avast\ashsha64.dll"
+ "DropboxExt1" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\bruce wayne\appdata\roaming\dropbox\bin\dropboxext64.17.dll"
+ "DropboxExt2" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\bruce wayne\appdata\roaming\dropbox\bin\dropboxext64.17.dll"
+ "DropboxExt3" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\bruce wayne\appdata\roaming\dropbox\bin\dropboxext64.17.dll"
+ "DropboxExt4" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\bruce wayne\appdata\roaming\dropbox\bin\dropboxext64.17.dll"
+ "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2 (GFS Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 3 (GFS Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "DropboxExt1" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\bruce wayne\appdata\roaming\dropbox\bin\dropboxext.17.dll"
+ "DropboxExt2" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\bruce wayne\appdata\roaming\dropbox\bin\dropboxext.17.dll"
+ "DropboxExt3" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\bruce wayne\appdata\roaming\dropbox\bin\dropboxext.17.dll"
+ "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2 (GFS Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 3 (GFS Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "avast! WebRep" "avast! WebRep Plugin" "AVAST Software" "c:\program files\avast software\avast\aswwebrepie64.dll"
+ "Groove GFS Browser Helper" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files\microsoft office\office14\urlredir.dll"
+ "Plugin for GeneralDownloader" "Plugin for GeneralDownloader" "General World" "c:\users\bruce wayne\appdata\roaming\general downloader\extensions\ieplugin64.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "avast! WebRep" "avast! WebRep Plugin" "AVAST Software" "c:\program files\avast software\avast\aswwebrepie.dll"
+ "Groove GFS Browser Helper" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\java\jre7\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\java\jre7\bin\ssv.dll"
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\urlredir.dll"
+ "Spybot-S&D IE Protection" "SBSD IE Protection" "Safer Networking Limited" "c:\program files (x86)\spybot - search & destroy\sdhelper.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "avast! WebRep" "avast! WebRep Plugin" "AVAST Software" "c:\program files\avast software\avast\aswwebrepie64.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "avast! WebRep" "avast! WebRep Plugin" "AVAST Software" "c:\program files\avast software\avast\aswwebrepie.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "OneNote Lin&ked Notes" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office14\onbttnielinkednotes.dll"
+ "Se&nd to OneNote" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office14\onbttnie.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "OneNote Lin&ked Notes" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\onbttnielinkednotes.dll"
+ "Se&nd to OneNote" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\onbttnie.dll"
+ "Spybot - Search & Destroy Configuration" "SBSD IE Protection" "Safer Networking Limited" "c:\program files (x86)\spybot - search & destroy\sdhelper.dll"
"Task Scheduler" "" "" ""
+ "\Adobe Flash Player Updater" "Adobe® Flash® Player Update Service 11.5 r502" "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "\Adobe online update program" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe"
+ "\AdobeAAMUpdater-1.0-BruceWayne-PC-Bruce Wayne" "Adobe Updater Startup Utility" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\oobe\pdapp\uwa\updaterstartuputility.exe"
+ "\AutoKMS" "AutoKMS" "" "c:\windows\autokms.exe"
+ "\CCleanerSkipUAC" "CCleaner" "Piriform Ltd" "c:\program files\ccleaner\ccleaner.exe"
+ "\GoogleUpdateTaskMachineCore" "Google Installer" "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskMachineUA" "Google Installer" "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
+ "\SlimDrivers Startup" "SlimDrivers" "SlimWare Utilities, Inc." "c:\program files (x86)\slimdrivers\slimdrivers.exe"
+ "\SpeedyPC Registration3" "" "" "File not found: C:\Program Files (x86)\Common Files\SpeedyPC Software\UUS3\UUS3.dll"
+ "\SpeedyPC Update Version3" "" "" "File not found: C:\Program Files (x86)\Common Files\SpeedyPC Software\UUS3\SpeedyPC_Update3.exe"
+ "\SpeedyPC Update Version3 Startup Task" "" "" "File not found: C:\Program Files (x86)\Common Files\SpeedyPC Software\UUS3\SpeedyPC_Update3.exe"
+ "\{F2F74255-0348-4B0B-842F-5B9D9B993551}" "Firefox" "Mozilla Corporation" "c:\program files (x86)\mozilla firefox\firefox.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AdobeARMservice" "Adobe Acrobat Updater keeps your Adobe software up to date." "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe"
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "AMD External Events Utility" "AMD External Events Service Module" "AMD" "c:\windows\system32\atiesrxx.exe"
+ "avast! Antivirus" "Provodi i primjenjuje avast! antivirus servise za ovo računalo. Ovo uključuje stalnu zaštitu, kavez s virusima i planer." "AVAST Software" "c:\program files\avast software\avast\avastsvc.exe"
+ "Bonjour Service" "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence, so that users can discover and use those services without any unnecessary manual setup or administration." "Apple Computer, Inc." "c:\program files (x86)\extensis\extensis suitcase 11\bonjour\mdnsresponder.exe"
+ "gupdate" "Održava softver Google ažuriranim. Ako onemogućite ili zaustavite ovu uslugu, vaš softver Google neće biti ažuriran, što znači da se mogu pojaviti problemi sa sigurnošću koje nije moguće popraviti te značajke mogu prestati raditi. Ova se usluga sama deinstalira kada ne postoji softver Google koji je koristi." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "gupdatem" "Održava softver Google ažuriranim. Ako onemogućite ili zaustavite ovu uslugu, vaš softver Google neće biti ažuriran, što znači da se mogu pojaviti problemi sa sigurnošću koje nije moguće popraviti te značajke mogu prestati raditi. Ova se usluga sama deinstalira kada ne postoji softver Google koji je koristi." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "KMService" "Software licensing service" "" "c:\windows\syswow64\srvany.exe"
+ "Microsoft SharePoint Workspace Audit Service" "Microsoft SharePoint Workspace" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\groove.exe"
+ "MozillaMaintenance" "The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled." "Mozilla Foundation" "c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe"
+ "nlsX86cc" "This service enables products that use the Nalpeiron Licensing System." "Nalpeiron Ltd." "c:\windows\syswow64\nlssrv32.exe"
+ "NuTCRACKERService" "NuTCRACKER Service" "MKS Software Inc." "c:\windows\system32\nutsrv4.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"
+ "osppsvc" "Office Software Protection Platform Service (unlocalized description)" "Microsoft Corporation" "c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe"
+ "PortmapperService" "Creo 2.0 from PTC" "PTC" "c:\ptc/ptc portmapper/i486_nt/obj/portmap.exe"
+ "SBSDWSCService" "Spybot-S&D Security Center integration" "Safer Networking Ltd." "c:\program files (x86)\spybot - search & destroy\sdwinsec.exe"
+ "SkypeUpdate" "Enables the detection, download and installation of updates for Skype." "Skype Technologies" "c:\program files (x86)\skype\updater\updater.exe"
+ "SRService" "Performs system restore functions. To stop service, turn off System Restore from the System Restore tab in My Computer->Properties" "" "File not found: C:\Windows\system32\srsvc.dll"
+ "SwitchBoard" "SwitchBoard Server (32 bit)" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\switchboard\switchboard.exe"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "" "File not found: C:\Program Files (x86)\Windows Defender\mpsvc.dll"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdkmdag" "ATI Radeon Kernel Mode Driver" "Advanced Micro Devices, Inc." "c:\windows\system32\drivers\atikmdag.sys"
+ "amdkmdap" "AMD multi-vendor Miniport Driver" "Advanced Micro Devices, Inc." "c:\windows\system32\drivers\atikmpag.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "aswFsBlk" "avast! mini-filter driver (aswFsBlk)" "AVAST Software" "c:\windows\system32\drivers\aswfsblk.sys"
+ "aswMonFlt" "avast! mini-filter driver (aswMonFlt)" "AVAST Software" "c:\windows\system32\drivers\aswmonflt.sys"
+ "aswRdr" "avast! WFP Redirect driver" "AVAST Software" "c:\windows\system32\drivers\aswrdr2.sys"
+ "aswSnx" "avast! virtualization driver (aswSnx)" "AVAST Software" "c:\windows\system32\drivers\aswsnx.sys"
+ "aswSP" "avast! Self Protection" "AVAST Software" "c:\windows\system32\drivers\aswsp.sys"
+ "aswTdi" "avast! Network Shield TDI driver" "AVAST Software" "c:\windows\system32\drivers\aswtdi.sys"
+ "AtiHDAudioService" "AMD High Definition Audio Function Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\atihdw76.sys"
+ "atikmdag" "ATI Radeon Kernel Mode Driver" "Advanced Micro Devices, Inc." "c:\windows\system32\drivers\atikmdag.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "cpuz135" "CPUID Driver" "CPUID" "c:\windows\system32\drivers\cpuz135_x64.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "KeyMaestro" "KeyMaestro Sys for Windows x64" "BTC" "c:\windows\system32\drivers\maestro2.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "MTsensor" "ATK0110 ACPI Utility" "" "c:\windows\system32\drivers\asacpi.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "RTL8167" "Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver " "Realtek " "c:\windows\system32\drivers\rt64win7.sys"
+ "RTL8187" "Realtek RTL8187 NDIS Driver" "Realtek Semiconductor Corporation " "c:\windows\system32\drivers\rtl8187.sys"
+ "s1039bus" "Sony Ericsson Device 1039 Driver" "MCCI Corporation" "c:\windows\system32\drivers\s1039bus.sys"
+ "s1039mdfl" "Sony Ericsson Device 1039 USB WMC Modem Filter" "MCCI Corporation" "c:\windows\system32\drivers\s1039mdfl.sys"
+ "s1039mdm" "Sony Ericsson Device 1039 USB WMC Modem Driver" "MCCI Corporation" "c:\windows\system32\drivers\s1039mdm.sys"
+ "s1039mgmt" "Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM)" "MCCI Corporation" "c:\windows\system32\drivers\s1039mgmt.sys"
+ "s1039nd5" "Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS 5 Miniport)" "MCCI Corporation" "c:\windows\system32\drivers\s1039nd5.sys"
+ "s1039obex" "Sony Ericsson Device 1039 USB WMC OBEX Interface" "MCCI Corporation" "c:\windows\system32\drivers\s1039obex.sys"
+ "s1039unic" "Sony Ericsson Device 1039 USB Ethernet Emulation" "MCCI Corporation" "c:\windows\system32\drivers\s1039unic.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "SR" "" "" "File not found: system32\DRIVERS\sr.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "SWDUMon" "Driver Update Installer Monitor" "" "c:\windows\system32\drivers\swdumon.sys"
+ "VGPU" "" "" "File not found: System32\drivers\rdvgkmd.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
+ "yukonw7" "" "" "c:\windows\system32\drivers\yk62x64.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Audio Layer-3 Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codecp.acm"
+ "VIDC.FFDS" "ffdshow VFW" "" "c:\windows\system32\ff_vfw.dll"
+ "VIDC.LAGS" "Lagarith" " " "c:\windows\system32\lagarith.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.ac3acm" "AC-3 ACM Codec" "fccHandler" "c:\windows\syswow64\ac3acm.acm"
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "msacm.l3fhg" "MPEG Audio Layer-3 Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\mp3fhg.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
+ "VIDC.FFDS" "" "" "c:\windows\syswow64\ff_vfw.dll"
+ "VIDC.XVID" "" "" "c:\windows\syswow64\xvidvfw.dll"
+ "VIDC.YV12" "Helix YV12 YUV Codec" "www.helixcommunity.org" "c:\windows\syswow64\yv12vfw.dll"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "AC3File" "" "" "c:\program files\k-lite codec pack x64\filters\ac3file64.ax"
+ "AMD MJPEG Decoder" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI MPEG Audio Encoder" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI MPEG File Writer" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI MPEG Multiplexer" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI MPEG Video Decoder" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI MPEG Video Encoder" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI Video Rotation Filter" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI Video Scaler Filter" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "DirectVobSub" "VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth" "MPC-HC Team" "c:\program files\k-lite codec pack x64\filters\vsfilter.dll"
+ "DirectVobSub (auto-loading version)" "VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth" "MPC-HC Team" "c:\program files\k-lite codec pack x64\filters\vsfilter.dll"
+ "ffdshow Audio Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\k-lite codec pack x64\filters\ffdshow\ffdshow.ax"
+ "ffdshow Audio Processor" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\k-lite codec pack x64\filters\ffdshow\ffdshow.ax"
+ "ffdshow raw video filter" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\k-lite codec pack x64\filters\ffdshow\ffdshow.ax"
+ "ffdshow subtitles filter" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\k-lite codec pack x64\filters\ffdshow\ffdshow.ax"
+ "ffdshow Video Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\k-lite codec pack x64\filters\ffdshow\ffdshow.ax"
+ "Haali Matroska Muxer" "Haali Media Splitter" "" "c:\program files\k-lite codec pack x64\filters\haali\splitter.x64.ax"
+ "Haali Media Splitter" "Haali Media Splitter" "" "c:\program files\k-lite codec pack x64\filters\haali\splitter.x64.ax"
+ "Haali Media Splitter (AR)" "Haali Media Splitter" "" "c:\program files\k-lite codec pack x64\filters\haali\splitter.x64.ax"
+ "Haali Simple Media Splitter" "Haali Media Splitter" "" "c:\program files\k-lite codec pack x64\filters\haali\splitter.x64.ax"
+ "Haali Video Sink" "Haali Media Splitter" "" "c:\program files\k-lite codec pack x64\filters\haali\splitter.x64.ax"
+ "LAV Audio Decoder" "LAV Audio Decoder - DirectShow Audio Decoder" "1f0.de - Hendrik Leppkes" "c:\program files\k-lite codec pack x64\filters\lav\lavaudio.ax"
+ "LAV Splitter" "LAV Splitter - DirectShow Media Splitter" "1f0.de - Hendrik Leppkes" "c:\program files\k-lite codec pack x64\filters\lav\lavsplitter.ax"
+ "LAV Splitter Source" "LAV Splitter - DirectShow Media Splitter" "1f0.de - Hendrik Leppkes" "c:\program files\k-lite codec pack x64\filters\lav\lavsplitter.ax"
+ "LAV Video Decoder" "LAV Video Decoder - DirectShow Video Decoder" "1f0.de - Hendrik Leppkes" "c:\program files\k-lite codec pack x64\filters\lav\lavvideo.ax"
+ "Theora Encode Filter" "" "" "c:\program files (x86)\xiph.org\open codecs\x64\dsftheoraencoder.dll"
+ "WebM Muxer Filter" "WebM Multiplexer Filter" "Google" "c:\program files (x86)\xiph.org\open codecs\x64\webmmux.dll"
+ "WebM Splitter Filter" "Webm Splitter Filter" "Google" "c:\program files (x86)\xiph.org\open codecs\x64\webmsplit.dll"
+ "WebM VP8 Decoder Filter" "WebM VP8 Decoder Filter" "Google" "c:\program files (x86)\xiph.org\open codecs\x64\vp8decoder.dll"
+ "WebM VP8 Encoder Filter" "WebM VP8 Encoder Filter" "Google" "c:\program files (x86)\xiph.org\open codecs\x64\vp8encoder.dll"
+ "Xiph.Org FLAC Decoder" "" "" "c:\program files (x86)\xiph.org\open codecs\x64\dsfflacdecoder.dll"
+ "Xiph.Org FLAC Encoder" "" "" "c:\program files (x86)\xiph.org\open codecs\x64\dsfflacencoder.dll"
+ "Xiph.Org Native FLAC Decoder" "" "" "c:\program files (x86)\xiph.org\open codecs\x64\dsfnativeflacsource.dll"
+ "Xiph.Org Ogg Demuxer" "" "" "c:\program files (x86)\xiph.org\open codecs\x64\dsfoggdemux2.dll"
+ "Xiph.Org Ogg Muxer" "" "" "c:\program files (x86)\xiph.org\open codecs\x64\dsfoggmux.dll"
+ "Xiph.Org Speex Decoder" "" "" "c:\program files (x86)\xiph.org\open codecs\x64\dsfspeexdecoder.dll"
+ "Xiph.Org Speex Encoder" "" "" "c:\program files (x86)\xiph.org\open codecs\x64\dsfspeexencoder.dll"
+ "Xiph.Org Theora Decoder" "" "" "c:\program files (x86)\xiph.org\open codecs\x64\dsftheoradecoder.dll"
+ "Xiph.Org Vorbis Decoder" "" "" "c:\program files (x86)\xiph.org\open codecs\x64\dsfvorbisdecoder.dll"
+ "Xiph.Org Vorbis Encoder" "" "" "c:\program files (x86)\xiph.org\open codecs\x64\dsfvorbisencoder.dll"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "AC3File" "" "" "c:\program files (x86)\k-lite codec pack\filters\ac3file.ax"
+ "AMD MJPEG Decoder" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI MPEG Audio Encoder" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI MPEG File Writer" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI MPEG Multiplexer" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI MPEG Video Decoder" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI MPEG Video Encoder" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI Ticker" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\ticker.ax"
+ "ATI Video Rotation Filter" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI Video Scaler Filter" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll"
+ "Audio Destination" "WAVDest Filter (Sample)" "Microsoft Corporation" "c:\program files (x86)\google\google earth\client\wavdest.ax"
+ "DC-Bass Source" "DirectShow™ Audio Decoder" "http://www.dsp-worx.de" "c:\program files (x86)\k-lite codec pack\filters\dcbasssource.ax"
+ "DirectVobSub" "VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth" "Gabest" "c:\program files (x86)\k-lite codec pack\filters\vsfilter.dll"
+ "DirectVobSub (auto-loading version)" "VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth" "Gabest" "c:\program files (x86)\k-lite codec pack\filters\vsfilter.dll"
+ "ffdshow Audio Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\k-lite codec pack\ffdshow\ffdshow.ax"
+ "ffdshow Audio Processor" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\k-lite codec pack\ffdshow\ffdshow.ax"
+ "ffdshow DXVA Video Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\k-lite codec pack\ffdshow\ffdshow.ax"
+ "ffdshow raw video filter" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\k-lite codec pack\ffdshow\ffdshow.ax"
+ "ffdshow subtitles filter" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\k-lite codec pack\ffdshow\ffdshow.ax"
+ "ffdshow Video Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\k-lite codec pack\ffdshow\ffdshow.ax"
+ "File Source (Monkey Audio)" "" "" "c:\program files (x86)\k-lite codec pack\filters\monkeysource.ax"
+ "Haali Matroska Muxer" "Haali Media Splitter" "" "c:\program files (x86)\k-lite codec pack\filters\haali\splitter.ax"
+ "Haali Media Splitter" "Haali Media Splitter" "" "c:\program files (x86)\k-lite codec pack\filters\haali\splitter.ax"
+ "Haali Media Splitter (AR)" "Haali Media Splitter" "" "c:\program files (x86)\k-lite codec pack\filters\haali\splitter.ax"
+ "Haali Simple Media Splitter" "Haali Media Splitter" "" "c:\program files (x86)\k-lite codec pack\filters\haali\splitter.ax"
+ "Haali Video Renderer" "" "" "c:\program files (x86)\k-lite codec pack\filters\haali\dxr.dll"
+ "Haali Video Sink" "Haali Media Splitter" "" "c:\program files (x86)\k-lite codec pack\filters\haali\splitter.ax"
+ "madFlac Decoder" "DirectShow FLAC Decoder" "www.madshi.net" "c:\program files (x86)\k-lite codec pack\filters\madflac.ax"
+ "madFlac Source" "DirectShow FLAC Decoder" "www.madshi.net" "c:\program files (x86)\k-lite codec pack\filters\madflac.ax"
+ "MMACE Deinterlace" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "MMACE ProcAmp" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "MMACE SoftEmu" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "MONOGRAM AMR Decoder" "AMR Filter Pack" "MONOGRAM Multimedia, s.r.o." "c:\program files (x86)\k-lite codec pack\filters\mmamr.ax"
+ "MONOGRAM AMR Encoder" "AMR Filter Pack" "MONOGRAM Multimedia, s.r.o." "c:\program files (x86)\k-lite codec pack\filters\mmamr.ax"
+ "MONOGRAM AMR Mux" "AMR Filter Pack" "MONOGRAM Multimedia, s.r.o." "c:\program files (x86)\k-lite codec pack\filters\mmamr.ax"
+ "MONOGRAM AMR Splitter" "AMR Filter Pack" "MONOGRAM Multimedia, s.r.o." "c:\program files (x86)\k-lite codec pack\filters\mmamr.ax"
+ "MONOGRAM Musepack Decoder" "mmmpcdec" "" "c:\program files (x86)\k-lite codec pack\filters\mmmpcdec.ax"
+ "MONOGRAM Musepack Splitter" "mmmpcdmx" "" "c:\program files (x86)\k-lite codec pack\filters\mmmpcdmx.ax"
+ "MPC - FLV Source (Gabest)" "FLV Splitter" "MPC-HC Team" "c:\program files (x86)\k-lite codec pack\filters\flvsplitter.ax"
+ "MPC - FLV Splitter (Gabest)" "FLV Splitter" "MPC-HC Team" "c:\program files (x86)\k-lite codec pack\filters\flvsplitter.ax"
+ "MPC - MP4 Source" "MP4 Splitter" "MPC-HC Team" "c:\program files (x86)\k-lite codec pack\filters\mp4splitter.ax"
+ "MPC - MP4 Splitter" "MP4 Splitter" "MPC-HC Team" "c:\program files (x86)\k-lite codec pack\filters\mp4splitter.ax"
+ "MPC - MPEG Audio Source" "Mpa Splitter" "MPC-HC Team" "c:\program files (x86)\k-lite codec pack\filters\mpasplitter.ax"
+ "MPC - MPEG Audio Splitter" "Mpa Splitter" "MPC-HC Team" "c:\program files (x86)\k-lite codec pack\filters\mpasplitter.ax"
+ "MPC - Mpeg Source (Gabest)" "Mpeg Splitter" "MPC-HC Team" "c:\program files (x86)\k-lite codec pack\filters\mpegsplitter.ax"
+ "MPC - Mpeg Splitter (Gabest)" "Mpeg Splitter" "MPC-HC Team" "c:\program files (x86)\k-lite codec pack\filters\mpegsplitter.ax"
+ "MPC - MPEG4 Video Source" "MP4 Splitter" "MPC-HC Team" "c:\program files (x86)\k-lite codec pack\filters\mp4splitter.ax"
+ "MPC - MPEG4 Video Splitter" "MP4 Splitter" "MPC-HC Team" "c:\program files (x86)\k-lite codec pack\filters\mp4splitter.ax"
+ "MPC - RealAudio Decoder" "RealMedia Splitter" "MPC-HC Team" "c:\program files (x86)\k-lite codec pack\filters\realmediasplitter.ax"
+ "MPC - RealMedia Source" "RealMedia Splitter" "MPC-HC Team" "c:\program files (x86)\k-lite codec pack\filters\realmediasplitter.ax"
+ "MPC - RealMedia Splitter" "RealMedia Splitter" "MPC-HC Team" "c:\program files (x86)\k-lite codec pack\filters\realmediasplitter.ax"
+ "MPC - RealVideo Decoder" "RealMedia Splitter" "MPC-HC Team" "c:\program files (x86)\k-lite codec pack\filters\realmediasplitter.ax"
+ "T" "VP7 Decompression Filter" "On2.com Inc." "c:\program files (x86)\k-lite codec pack\filters\vp7dec.ax"
+ "Theora Encode Filter" "" "" "c:\program files (x86)\xiph.org\open codecs\dsftheoraencoder.dll"
+ "WavPack Audio Decoder" "WavPack Audio DirectShow Decoder" "-" "c:\program files (x86)\k-lite codec pack\filters\wavpackdsdecoder.ax"
+ "WavPack Audio Splitter" "WavPack Audio DirectShow Splitter" "-" "c:\program files (x86)\k-lite codec pack\filters\wavpackdssplitter.ax"
+ "WebM Muxer Filter" "WebM Multiplexer Filter" "Google" "c:\program files (x86)\xiph.org\open codecs\webmmux.dll"
+ "WebM Splitter Filter" "Webm Splitter Filter" "Google" "c:\program files (x86)\xiph.org\open codecs\webmsplit.dll"
+ "WebM VP8 Decoder Filter" "WebM VP8 Decoder Filter" "Google" "c:\program files (x86)\xiph.org\open codecs\vp8decoder.dll"
+ "WebM VP8 Encoder Filter" "WebM VP8 Encoder Filter" "Google" "c:\program files (x86)\xiph.org\open codecs\vp8encoder.dll"
+ "Xiph.Org FLAC Decoder" "" "" "c:\program files (x86)\xiph.org\open codecs\dsfflacdecoder.dll"
+ "Xiph.Org FLAC Encoder" "" "" "c:\program files (x86)\xiph.org\open codecs\dsfflacencoder.dll"
+ "Xiph.Org Native FLAC Decoder" "" "" "c:\program files (x86)\xiph.org\open codecs\dsfnativeflacsource.dll"
+ "Xiph.Org Ogg Demuxer" "" "" "c:\program files (x86)\xiph.org\open codecs\dsfoggdemux2.dll"
+ "Xiph.Org Ogg Muxer" "" "" "c:\program files (x86)\xiph.org\open codecs\dsfoggmux.dll"
+ "Xiph.Org Speex Decoder" "" "" "c:\program files (x86)\xiph.org\open codecs\dsfspeexdecoder.dll"
+ "Xiph.Org Speex Encoder" "" "" "c:\program files (x86)\xiph.org\open codecs\dsfspeexencoder.dll"
+ "Xiph.Org Theora Decoder" "" "" "c:\program files (x86)\xiph.org\open codecs\dsftheoradecoder.dll"
+ "Xiph.Org Vorbis Decoder" "" "" "c:\program files (x86)\xiph.org\open codecs\dsfvorbisdecoder.dll"
+ "Xiph.Org Vorbis Encoder" "" "" "c:\program files (x86)\xiph.org\open codecs\dsfvorbisencoder.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Computer, Inc." "c:\program files (x86)\extensis\extensis suitcase 11\bonjour\mdnsnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "BJ Language Monitor3_2" "Canon Inkjet Printer Driver" "CANON INC." "c:\windows\system32\cnblm3_2.dll"

#10 Steampunk

Steampunk
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:01:54 AM

Posted 23 January 2013 - 03:36 PM

Adware log

# AdwCleaner v2.107 - Logfile created 01/23/2013 at 21:30:34
# Updated 21/01/2013 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (64 bits)
# Boot Mode : Normal
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Program Files (x86)\1ClickDownload
Folder Deleted : C:\Program Files\Web Assistant
Folder Deleted : C:\Users\Bruce Wayne\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com

***** [Registry] *****

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AD4DF010-E2FD-43CE-864A-6BD1EDC59AC2}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AD4DF010-E2FD-43CE-864A-6BD1EDC59AC2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3F39D17D-50C7-4AC4-A63A-CDF6CDBD0C61}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{71E3A30E-9444-49D9-ABDB-B4B531D0BBA3}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C01315C7-B4E2-4864-B43D-5FAFC414D179}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AE9908C1-3400-4B10-9061-C6C04D96E3D2}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{74C36554-31F0-49DD-8857-ED6A64DF45BE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AD4DF010-E2FD-43CE-864A-6BD1EDC59AC2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AD4DF010-E2FD-43CE-864A-6BD1EDC59AC2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AE9908C1-3400-4B10-9061-C6C04D96E3D2}
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AD4DF010-E2FD-43CE-864A-6BD1EDC59AC2}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1
Key Deleted : HKLM\SOFTWARE\Web Assistant

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Registry is clean.

-\\ Mozilla Firefox v18.0 (en-US)

File : C:\Users\Bruce Wayne\AppData\Roaming\Mozilla\Firefox\Profiles\irb6x35v.default\prefs.js

Deleted : user_pref("extensions.tweaktube.addit.remoteInstallItems", "{ \"software\": {\"95\": {\"id\": \"95\"[...]
Deleted : user_pref("tweaktube.pref.cacheInfo", "({'hxxp://wedata.net/databases/AutoPagerize/items.json':{url:[...]
Deleted : user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_whiteList", "{\"search.babylon.com\[...]

*************************

AdwCleaner[R1].txt - [8694 octets] - [22/01/2013 21:16:04]
AdwCleaner[R2].txt - [3572 octets] - [23/01/2013 21:23:45]
AdwCleaner[S3].txt - [3486 octets] - [23/01/2013 21:30:34]

########## EOF - C:\AdwCleaner[S3].txt - [3546 octets] ##########

#11 Steampunk

Steampunk
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:01:54 AM

Posted 25 January 2013 - 09:15 AM

It seems that I am beyond help <_<

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:54 PM

Posted 26 January 2013 - 11:19 AM

Sorry steampunk,i went on family tour.

Download

Windows repair tool

Extract and launch the Repair_Windows.exe file

Click on Start repairs tab-click on Start

check mark following options alone

Reset registry permissions
reset file permissions
Register system files
Remove Policies Set By Infections
Repair Winsock & DNS Cache



Checkmark Restart System When Finished option
click the Start button

System should restart after repair

Turn off system restore,turn on and try to restore to newly created restore point

Edited by narenxp, 26 January 2013 - 11:20 AM.


#13 Steampunk

Steampunk
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:01:54 AM

Posted 26 January 2013 - 03:02 PM

System Restore completed successfully !
Thank you very much, Naren :thumbup2:

#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:54 PM

Posted 26 January 2013 - 04:00 PM

Grt :)

Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

XP- http://support.microsoft.com/kb/310405

Vista & windows 7- http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing :)

#15 Steampunk

Steampunk
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:01:54 AM

Posted 28 January 2013 - 08:53 AM

Thank you once again. I performed those updates, as you suggested (I set my Avast to perform updates automatically).
However, there are these two minor problems that I'd like to fix. I do not wish to start new thread for those, since I'd have to reiterate my system info and list all the things which I already mentioned here.

In brief: I still get that annoying "Error in srclient.dll. Missing entry CreateFirstRunRP" message at startup.
It's nothing, but I'd like to get rid of it.

I can't install Win Defender Update (KB915597). I am getting 8007007E error code. I tried at least dozen times (with Avast both disabled and enabled), but to no avail. I do not have 3rd party firewall installed.

Edited by Steampunk, 28 January 2013 - 08:53 AM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users