Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Possible desktop.ini and/or grpconv.exe virus.


  • Please log in to reply
9 replies to this topic

#1 Ocod

Ocod

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:05:18 AM

Posted 04 February 2013 - 04:10 AM

Hello, a torrent containing what I believe to be a bogus version of the XVid MPEG-4 Codec Pack was downloaded and installed on my computer. After I noticed my Microsoft Securty Essentials had been removed from the running programs tree, I followed the PC Issues balloon to find that "Windows Something Security Something" (Sorry I didn't write it down) was inactive; though it was clearly not meant to be, in the first place. I then manually started MSE and ran both a quick then a full scan that found no malicious files, followed by the same action and result with Malwarebytes. At this point, I tried to Revo-uninstall the XVid MPEG-4 Codec Pack, and during the target program's featured uninstall I received a pop box in the bottom right corner (completely unattached to the taskbar, as mine runs vertical along the left edge of my desktop) stating that "Windows Group Converter will no longer start[up (with windows??)] "grpconv.exe."" Sorry, it was very brief. At this point I opted for a system restore that rolled my PC back about 6 hours before this event took place. It finished with the restore but it reinstalled the XVid MPEG-4 Codec Pack; even though it was restored to a time in which this program/virus should not have existed. I then tried another full scan with MSE and MBAM and they both returned no results. At this point I was already running late for an event so I shut my PC down and left it await. When I returned home, I powered the PC up and walked out of the room; however, when I returned, the Startup Repair window was open, so, I followed the steps and successfully booted on the next attempt and went for another System Restore, but this time back to point roughly 24 hours prior to the infection; still, the Codec Pack was alive and well, and removing it prompted that "grpconv.exe" pop-message once again. I tried for another full scan from MSE while reading up on similar situations through forums and tech sites, and followed a few small steps in order to just verify whether a "grpconv.exe" virus is what I was dealing with; and in the process I discovered multiple instances of the desktop.ini file all over my system, in every common Windows 7 directory/folder, including Documents, Local Drive, Program Files, Users and on my desktop; which I suspect is not normal. By this time MSE had now finished, again with no results; so I went on to MBAM but I received a message stating "The Malwarebytes Anti-Malware database is missing or corrupt. Would you like to download a new copy?" which I chose to ignore. This is when I made the choice to seek out guidance from a more substantial intelligence. :wink: So now I am here, begging for help, since I currently do not, by any means, have the $$$ to replace my equipment and I know how dangerous these sneaky virus types can be. I'm terrified to even shut down my machine or open another program and I'm watching the taskmanager very closely. I would enormously appreciate assistance in resolving this issue; please and thank you!!!

OS: Windows 7 Home Premium 64-Bit
CPU: AMD Phenom 3-Core 2.4 GHz
RAM: 8.00 GB DDR Kingston Hyper-X
GPU: ASUS ENGTS450 TOP PCI-e
MB: ASRock K10N78D nForce 720D

Other than flashing BIOS I am consistent in all my software/driver updates including those from Microsoft Update.

Edit: Wanted to add that the Documents and Settings folder was inaccessible and showing no standard information what-so-ever in the properties menu. I went ahead with a take ownership procedure and was successful in doing so. I'm doing my best not to do anymore damage while I await some generous soul's guidance, I just became bored and anxious. I won't be running anymore scans, downloading, or shutting the PC down until such a time it is requested.

Edited by Ocod, 04 February 2013 - 07:37 AM.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:18 AM

Posted 04 February 2013 - 07:13 AM

Do not run any other tools when you are being assisted

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 Ocod

Ocod
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:05:18 AM

Posted 04 February 2013 - 06:41 PM

K here goes.

11:05:23.0819 3540 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
11:05:24.0366 3540 ============================================================
11:05:24.0366 3540 Current date / time: 2013/02/04 11:05:24.0366
11:05:24.0366 3540 SystemInfo:
11:05:24.0366 3540
11:05:24.0366 3540 OS Version: 6.1.7601 ServicePack: 1.0
11:05:24.0366 3540 Product type: Workstation
11:05:24.0366 3540 ComputerName: MANABEASTIE
11:05:24.0366 3540 UserName: Cody
11:05:24.0366 3540 Windows directory: C:\Windows
11:05:24.0366 3540 System windows directory: C:\Windows
11:05:24.0366 3540 Running under WOW64
11:05:24.0366 3540 Processor architecture: Intel x64
11:05:24.0366 3540 Number of processors: 3
11:05:24.0366 3540 Page size: 0x1000
11:05:24.0366 3540 Boot type: Normal boot
11:05:24.0366 3540 ============================================================
11:05:25.0522 3540 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:05:25.0538 3540 ============================================================
11:05:25.0538 3540 \Device\Harddisk0\DR0:
11:05:25.0538 3540 MBR partitions:
11:05:25.0538 3540 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
11:05:25.0538 3540 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x341AB000
11:05:25.0538 3540 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x341DD800, BlocksNum 0x61A7800
11:05:25.0538 3540 ============================================================
11:05:25.0569 3540 C: <-> \Device\Harddisk0\DR0\Partition2
11:05:25.0616 3540 E: <-> \Device\Harddisk0\DR0\Partition3
11:05:25.0616 3540 ============================================================
11:05:25.0616 3540 Initialize success
11:05:25.0616 3540 ============================================================
11:05:52.0288 1380 ============================================================
11:05:52.0288 1380 Scan started
11:05:52.0288 1380 Mode: Manual; TDLFS;
11:05:52.0288 1380 ============================================================
11:05:53.0803 1380 ================ Scan system memory ========================
11:05:53.0803 1380 System memory - ok
11:05:53.0803 1380 ================ Scan services =============================
11:05:53.0959 1380 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
11:05:53.0959 1380 1394ohci - ok
11:05:54.0006 1380 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
11:05:54.0006 1380 ACPI - ok
11:05:54.0022 1380 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
11:05:54.0022 1380 AcpiPmi - ok
11:05:54.0131 1380 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
11:05:54.0131 1380 AdobeARMservice - ok
11:05:54.0178 1380 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
11:05:54.0178 1380 adp94xx - ok
11:05:54.0209 1380 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
11:05:54.0209 1380 adpahci - ok
11:05:54.0225 1380 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
11:05:54.0241 1380 adpu320 - ok
11:05:54.0256 1380 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
11:05:54.0256 1380 AeLookupSvc - ok
11:05:54.0319 1380 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
11:05:54.0319 1380 AFD - ok
11:05:54.0350 1380 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
11:05:54.0350 1380 agp440 - ok
11:05:54.0381 1380 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
11:05:54.0381 1380 ALG - ok
11:05:54.0397 1380 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
11:05:54.0397 1380 aliide - ok
11:05:54.0413 1380 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
11:05:54.0413 1380 amdide - ok
11:05:54.0444 1380 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
11:05:54.0444 1380 AmdK8 - ok
11:05:54.0459 1380 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
11:05:54.0475 1380 AmdPPM - ok
11:05:54.0506 1380 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
11:05:54.0506 1380 amdsata - ok
11:05:54.0538 1380 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
11:05:54.0538 1380 amdsbs - ok
11:05:54.0553 1380 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
11:05:54.0553 1380 amdxata - ok
11:05:54.0600 1380 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
11:05:54.0600 1380 AppID - ok
11:05:54.0616 1380 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
11:05:54.0616 1380 AppIDSvc - ok
11:05:54.0663 1380 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
11:05:54.0663 1380 Appinfo - ok
11:05:54.0756 1380 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
11:05:54.0756 1380 Apple Mobile Device - ok
11:05:54.0803 1380 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
11:05:54.0819 1380 arc - ok
11:05:54.0834 1380 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
11:05:54.0834 1380 arcsas - ok
11:05:54.0913 1380 [ 4B720CC508B4FB999A7BF0E6D84F73E1 ] ASDR C:\Windows\SysWOW64\ASDR.exe
11:05:54.0913 1380 ASDR - ok
11:05:55.0022 1380 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
11:05:55.0022 1380 aspnet_state - ok
11:05:55.0053 1380 AsrCDDrv - ok
11:05:55.0131 1380 [ A4398A8914C32F18EC2AB562CBA3CAAF ] asusgsb C:\Windows\system32\drivers\asusgsb.sys
11:05:55.0131 1380 asusgsb - ok
11:05:55.0163 1380 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
11:05:55.0163 1380 AsyncMac - ok
11:05:55.0209 1380 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
11:05:55.0209 1380 atapi - ok
11:05:55.0241 1380 [ FB4187C282CB467E5E606913A1FA79A3 ] atkdisplf C:\Windows\system32\drivers\ATKDispLowFilter.sys
11:05:55.0241 1380 atkdisplf - ok
11:05:55.0288 1380 [ 86D873FD396FA6708A99A1BDF104D120 ] ATKFUSService C:\Windows\system32\ATKFUSService.exe
11:05:55.0288 1380 ATKFUSService - ok
11:05:55.0334 1380 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:05:55.0350 1380 AudioEndpointBuilder - ok
11:05:55.0366 1380 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
11:05:55.0366 1380 AudioSrv - ok
11:05:55.0413 1380 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
11:05:55.0413 1380 AxInstSV - ok
11:05:55.0444 1380 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
11:05:55.0459 1380 b06bdrv - ok
11:05:55.0491 1380 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
11:05:55.0491 1380 b57nd60a - ok
11:05:55.0553 1380 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
11:05:55.0553 1380 BDESVC - ok
11:05:55.0569 1380 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
11:05:55.0569 1380 Beep - ok
11:05:55.0647 1380 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
11:05:55.0663 1380 BFE - ok
11:05:55.0678 1380 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
11:05:55.0709 1380 BITS - ok
11:05:55.0741 1380 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
11:05:55.0741 1380 blbdrive - ok
11:05:55.0850 1380 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
11:05:55.0850 1380 Bonjour Service - ok
11:05:55.0897 1380 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
11:05:55.0897 1380 bowser - ok
11:05:55.0928 1380 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
11:05:55.0928 1380 BrFiltLo - ok
11:05:55.0928 1380 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
11:05:55.0928 1380 BrFiltUp - ok
11:05:55.0975 1380 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
11:05:55.0975 1380 BridgeMP - ok
11:05:56.0006 1380 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
11:05:56.0006 1380 Browser - ok
11:05:56.0038 1380 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
11:05:56.0038 1380 Brserid - ok
11:05:56.0053 1380 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
11:05:56.0053 1380 BrSerWdm - ok
11:05:56.0069 1380 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
11:05:56.0069 1380 BrUsbMdm - ok
11:05:56.0084 1380 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
11:05:56.0084 1380 BrUsbSer - ok
11:05:56.0116 1380 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
11:05:56.0116 1380 BTHMODEM - ok
11:05:56.0163 1380 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
11:05:56.0163 1380 bthserv - ok
11:05:56.0178 1380 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
11:05:56.0194 1380 cdfs - ok
11:05:56.0225 1380 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
11:05:56.0241 1380 cdrom - ok
11:05:56.0272 1380 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
11:05:56.0272 1380 CertPropSvc - ok
11:05:56.0303 1380 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
11:05:56.0303 1380 circlass - ok
11:05:56.0350 1380 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
11:05:56.0350 1380 CLFS - ok
11:05:56.0428 1380 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:05:56.0428 1380 clr_optimization_v2.0.50727_32 - ok
11:05:56.0491 1380 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:05:56.0491 1380 clr_optimization_v2.0.50727_64 - ok
11:05:56.0553 1380 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:05:56.0569 1380 clr_optimization_v4.0.30319_32 - ok
11:05:56.0584 1380 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:05:56.0584 1380 clr_optimization_v4.0.30319_64 - ok
11:05:56.0616 1380 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
11:05:56.0616 1380 CmBatt - ok
11:05:56.0647 1380 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
11:05:56.0647 1380 cmdide - ok
11:05:56.0694 1380 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
11:05:56.0709 1380 CNG - ok
11:05:56.0725 1380 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
11:05:56.0725 1380 Compbatt - ok
11:05:56.0756 1380 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
11:05:56.0756 1380 CompositeBus - ok
11:05:56.0772 1380 COMSysApp - ok
11:05:56.0803 1380 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
11:05:56.0803 1380 crcdisk - ok
11:05:56.0850 1380 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
11:05:56.0850 1380 CryptSvc - ok
11:05:56.0897 1380 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
11:05:56.0897 1380 DcomLaunch - ok
11:05:56.0959 1380 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
11:05:56.0959 1380 defragsvc - ok
11:05:57.0006 1380 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
11:05:57.0006 1380 DfsC - ok
11:05:57.0022 1380 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
11:05:57.0038 1380 Dhcp - ok
11:05:57.0053 1380 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
11:05:57.0053 1380 discache - ok
11:05:57.0084 1380 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
11:05:57.0100 1380 Disk - ok
11:05:57.0131 1380 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
11:05:57.0131 1380 Dnscache - ok
11:05:57.0178 1380 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
11:05:57.0178 1380 dot3svc - ok
11:05:57.0209 1380 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
11:05:57.0209 1380 DPS - ok
11:05:57.0256 1380 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
11:05:57.0256 1380 drmkaud - ok
11:05:57.0319 1380 [ 4C639A503201E3F9FB001B840B934A3F ] DSFKSVCS C:\Windows\system32\DRIVERS\dsfksvcs.sys
11:05:57.0334 1380 DSFKSVCS - ok
11:05:57.0350 1380 [ 13699BA0680D8EEEF67945F5A405610C ] dsfroot C:\Windows\system32\DRIVERS\dsfroot.sys
11:05:57.0350 1380 dsfroot - ok
11:05:57.0397 1380 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
11:05:57.0413 1380 DXGKrnl - ok
11:05:57.0444 1380 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
11:05:57.0459 1380 EapHost - ok
11:05:57.0538 1380 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
11:05:57.0584 1380 ebdrv - ok
11:05:57.0616 1380 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
11:05:57.0616 1380 EFS - ok
11:05:57.0663 1380 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
11:05:57.0678 1380 ehRecvr - ok
11:05:57.0709 1380 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
11:05:57.0725 1380 ehSched - ok
11:05:57.0756 1380 [ 343ADA10D948DB29251F2D9C809AF204 ] EIO64 C:\Windows\system32\DRIVERS\EIO64.sys
11:05:57.0756 1380 EIO64 - ok
11:05:57.0803 1380 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
11:05:57.0819 1380 elxstor - ok
11:05:57.0834 1380 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
11:05:57.0834 1380 ErrDev - ok
11:05:57.0881 1380 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
11:05:57.0881 1380 EventSystem - ok
11:05:57.0913 1380 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
11:05:57.0913 1380 exfat - ok
11:05:57.0928 1380 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
11:05:57.0928 1380 fastfat - ok
11:05:57.0975 1380 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
11:05:57.0991 1380 Fax - ok
11:05:58.0006 1380 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
11:05:58.0006 1380 fdc - ok
11:05:58.0053 1380 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
11:05:58.0053 1380 fdPHost - ok
11:05:58.0069 1380 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
11:05:58.0069 1380 FDResPub - ok
11:05:58.0069 1380 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
11:05:58.0084 1380 FileInfo - ok
11:05:58.0116 1380 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
11:05:58.0116 1380 Filetrace - ok
11:05:58.0225 1380 [ BB0667B0171B632B97EA759515476F07 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
11:05:58.0241 1380 FLEXnet Licensing Service - ok
11:05:58.0256 1380 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
11:05:58.0256 1380 flpydisk - ok
11:05:58.0288 1380 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
11:05:58.0303 1380 FltMgr - ok
11:05:58.0334 1380 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
11:05:58.0366 1380 FontCache - ok
11:05:58.0413 1380 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:05:58.0413 1380 FontCache3.0.0.0 - ok
11:05:58.0428 1380 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
11:05:58.0428 1380 FsDepends - ok
11:05:58.0475 1380 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
11:05:58.0475 1380 Fs_Rec - ok
11:05:58.0522 1380 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
11:05:58.0522 1380 fvevol - ok
11:05:58.0553 1380 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
11:05:58.0553 1380 gagp30kx - ok
11:05:58.0584 1380 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
11:05:58.0584 1380 GEARAspiWDM - ok
11:05:58.0616 1380 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
11:05:58.0631 1380 gpsvc - ok
11:05:58.0709 1380 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:05:58.0709 1380 gupdate - ok
11:05:58.0709 1380 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:05:58.0709 1380 gupdatem - ok
11:05:58.0756 1380 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
11:05:58.0756 1380 hcw85cir - ok
11:05:58.0803 1380 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
11:05:58.0819 1380 HdAudAddService - ok
11:05:58.0850 1380 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
11:05:58.0850 1380 HDAudBus - ok
11:05:58.0866 1380 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
11:05:58.0881 1380 HidBatt - ok
11:05:58.0881 1380 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
11:05:58.0897 1380 HidBth - ok
11:05:58.0897 1380 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
11:05:58.0897 1380 HidIr - ok
11:05:58.0928 1380 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
11:05:58.0944 1380 hidserv - ok
11:05:59.0006 1380 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
11:05:59.0006 1380 HidUsb - ok
11:05:59.0084 1380 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
11:05:59.0131 1380 hkmsvc - ok
11:05:59.0256 1380 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
11:05:59.0256 1380 HomeGroupListener - ok
11:05:59.0303 1380 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
11:05:59.0303 1380 HomeGroupProvider - ok
11:05:59.0350 1380 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
11:05:59.0350 1380 HpSAMD - ok
11:05:59.0366 1380 HRMACPI - ok
11:05:59.0428 1380 [ 1696A06C0EF55DFCD540B32556D3819A ] HRMCFGSPC C:\Windows\system32\DRIVERS\HRMCFGSPC.SYS
11:05:59.0428 1380 HRMCFGSPC - ok
11:05:59.0444 1380 [ F58F8F2A11CE4A695C9333C416D0321F ] HRMINTS C:\Windows\system32\DRIVERS\HRMINTS.SYS
11:05:59.0444 1380 HRMINTS - ok
11:05:59.0459 1380 [ 6BC42DC759D42A4EDCA7452B4D08D870 ] HRMPORTS C:\Windows\system32\DRIVERS\HRMPORTS.SYS
11:05:59.0475 1380 HRMPORTS - ok
11:05:59.0506 1380 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
11:05:59.0522 1380 HTTP - ok
11:05:59.0538 1380 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
11:05:59.0538 1380 hwpolicy - ok
11:05:59.0569 1380 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
11:05:59.0569 1380 i8042prt - ok
11:05:59.0600 1380 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
11:05:59.0616 1380 iaStorV - ok
11:05:59.0694 1380 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
11:05:59.0694 1380 IDriverT - ok
11:05:59.0741 1380 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:05:59.0756 1380 idsvc - ok
11:05:59.0772 1380 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
11:05:59.0772 1380 iirsp - ok
11:05:59.0803 1380 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
11:05:59.0819 1380 IKEEXT - ok
11:05:59.0834 1380 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
11:05:59.0834 1380 intelide - ok
11:05:59.0866 1380 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
11:05:59.0866 1380 intelppm - ok
11:05:59.0913 1380 [ A01C412699B6F21645B2885C2BAE4454 ] IOMap C:\Windows\system32\drivers\IOMap64.sys
11:05:59.0913 1380 IOMap - ok
11:05:59.0944 1380 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
11:05:59.0959 1380 IPBusEnum - ok
11:05:59.0991 1380 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:05:59.0991 1380 IpFilterDriver - ok
11:06:00.0022 1380 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
11:06:00.0038 1380 iphlpsvc - ok
11:06:00.0069 1380 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
11:06:00.0069 1380 IPMIDRV - ok
11:06:00.0100 1380 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
11:06:00.0100 1380 IPNAT - ok
11:06:00.0163 1380 [ 0F261EC4F514926177C70C1832374231 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
11:06:00.0178 1380 iPod Service - ok
11:06:00.0209 1380 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
11:06:00.0209 1380 IRENUM - ok
11:06:00.0241 1380 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
11:06:00.0241 1380 isapnp - ok
11:06:00.0256 1380 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
11:06:00.0272 1380 iScsiPrt - ok
11:06:00.0303 1380 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
11:06:00.0303 1380 kbdclass - ok
11:06:00.0334 1380 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
11:06:00.0334 1380 kbdhid - ok
11:06:00.0350 1380 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
11:06:00.0350 1380 KeyIso - ok
11:06:00.0381 1380 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
11:06:00.0381 1380 KSecDD - ok
11:06:00.0413 1380 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
11:06:00.0413 1380 KSecPkg - ok
11:06:00.0428 1380 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
11:06:00.0428 1380 ksthunk - ok
11:06:00.0459 1380 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
11:06:00.0475 1380 KtmRm - ok
11:06:00.0491 1380 [ F33C5D79D3273530E1892A0922283A7B ] L8042Kbd C:\Windows\system32\DRIVERS\L8042Kbd.sys
11:06:00.0506 1380 L8042Kbd - ok
11:06:00.0538 1380 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
11:06:00.0553 1380 LanmanServer - ok
11:06:00.0584 1380 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:06:00.0584 1380 LanmanWorkstation - ok
11:06:00.0663 1380 [ 88E52495B47C67126B510AF53FDB0BC7 ] LBTServ C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
11:06:00.0663 1380 LBTServ - ok
11:06:00.0709 1380 [ B6552D382FF070B4ED34CBD6737277C0 ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
11:06:00.0709 1380 LHidFilt - ok
11:06:00.0741 1380 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
11:06:00.0741 1380 lltdio - ok
11:06:00.0788 1380 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
11:06:00.0788 1380 lltdsvc - ok
11:06:00.0819 1380 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
11:06:00.0819 1380 lmhosts - ok
11:06:00.0834 1380 [ 73C1F563AB73D459DFFE682D66476558 ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys
11:06:00.0834 1380 LMouFilt - ok
11:06:00.0881 1380 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
11:06:00.0881 1380 LSI_FC - ok
11:06:00.0897 1380 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
11:06:00.0897 1380 LSI_SAS - ok
11:06:00.0928 1380 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
11:06:00.0928 1380 LSI_SAS2 - ok
11:06:00.0944 1380 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
11:06:00.0944 1380 LSI_SCSI - ok
11:06:00.0975 1380 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
11:06:00.0975 1380 luafv - ok
11:06:01.0006 1380 [ 9D9714E78EAC9E5368208649489C920E ] LUsbFilt C:\Windows\system32\Drivers\LUsbFilt.Sys
11:06:01.0006 1380 LUsbFilt - ok
11:06:01.0069 1380 [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
11:06:01.0069 1380 MBAMProtector - ok
11:06:01.0147 1380 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
11:06:01.0147 1380 MBAMScheduler - ok
11:06:01.0178 1380 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
11:06:01.0194 1380 MBAMService - ok
11:06:01.0241 1380 [ 79D51E7F5926E8CE1B3EBECEBAE28CFF ] mcdbus C:\Windows\system32\DRIVERS\mcdbus.sys
11:06:01.0241 1380 mcdbus - ok
11:06:01.0272 1380 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
11:06:01.0288 1380 Mcx2Svc - ok
11:06:01.0303 1380 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
11:06:01.0303 1380 megasas - ok
11:06:01.0319 1380 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
11:06:01.0319 1380 MegaSR - ok
11:06:01.0366 1380 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
11:06:01.0366 1380 MMCSS - ok
11:06:01.0381 1380 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
11:06:01.0397 1380 Modem - ok
11:06:01.0428 1380 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
11:06:01.0428 1380 monitor - ok
11:06:01.0475 1380 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
11:06:01.0475 1380 mouclass - ok
11:06:01.0506 1380 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
11:06:01.0506 1380 mouhid - ok
11:06:01.0538 1380 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
11:06:01.0538 1380 mountmgr - ok
11:06:01.0600 1380 [ 05BF204EC0E82CC4A054DB189C8A3D84 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
11:06:01.0600 1380 MpFilter - ok
11:06:01.0631 1380 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
11:06:01.0631 1380 mpio - ok
11:06:01.0647 1380 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
11:06:01.0647 1380 mpsdrv - ok
11:06:01.0694 1380 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
11:06:01.0709 1380 MpsSvc - ok
11:06:01.0756 1380 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
11:06:01.0756 1380 MRxDAV - ok
11:06:01.0803 1380 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
11:06:01.0803 1380 mrxsmb - ok
11:06:01.0866 1380 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:06:01.0866 1380 mrxsmb10 - ok
11:06:01.0881 1380 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:06:01.0897 1380 mrxsmb20 - ok
11:06:01.0913 1380 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
11:06:01.0913 1380 msahci - ok
11:06:01.0944 1380 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
11:06:01.0944 1380 msdsm - ok
11:06:01.0991 1380 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
11:06:01.0991 1380 MSDTC - ok
11:06:02.0022 1380 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
11:06:02.0022 1380 Msfs - ok
11:06:02.0053 1380 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
11:06:02.0053 1380 mshidkmdf - ok
11:06:02.0100 1380 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
11:06:02.0100 1380 msisadrv - ok
11:06:02.0131 1380 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
11:06:02.0147 1380 MSiSCSI - ok
11:06:02.0147 1380 msiserver - ok
11:06:02.0178 1380 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
11:06:02.0178 1380 MSKSSRV - ok
11:06:02.0241 1380 [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
11:06:02.0241 1380 MsMpSvc - ok
11:06:02.0256 1380 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
11:06:02.0256 1380 MSPCLOCK - ok
11:06:02.0272 1380 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
11:06:02.0272 1380 MSPQM - ok
11:06:02.0303 1380 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
11:06:02.0319 1380 MsRPC - ok
11:06:02.0334 1380 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
11:06:02.0334 1380 mssmbios - ok
11:06:02.0350 1380 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
11:06:02.0350 1380 MSTEE - ok
11:06:02.0366 1380 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
11:06:02.0366 1380 MTConfig - ok
11:06:02.0397 1380 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
11:06:02.0397 1380 Mup - ok
11:06:02.0444 1380 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
11:06:02.0444 1380 napagent - ok
11:06:02.0491 1380 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
11:06:02.0491 1380 NativeWifiP - ok
11:06:02.0538 1380 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
11:06:02.0553 1380 NDIS - ok
11:06:02.0569 1380 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
11:06:02.0569 1380 NdisCap - ok
11:06:02.0600 1380 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
11:06:02.0600 1380 NdisTapi - ok
11:06:02.0647 1380 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
11:06:02.0647 1380 Ndisuio - ok
11:06:02.0678 1380 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
11:06:02.0694 1380 NdisWan - ok
11:06:02.0725 1380 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
11:06:02.0725 1380 NDProxy - ok
11:06:02.0741 1380 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
11:06:02.0741 1380 NetBIOS - ok
11:06:02.0756 1380 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
11:06:02.0756 1380 NetBT - ok
11:06:02.0772 1380 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
11:06:02.0772 1380 Netlogon - ok
11:06:02.0834 1380 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
11:06:02.0834 1380 Netman - ok
11:06:02.0897 1380 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:06:02.0913 1380 NetMsmqActivator - ok
11:06:02.0928 1380 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:06:02.0928 1380 NetPipeActivator - ok
11:06:02.0959 1380 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
11:06:02.0975 1380 netprofm - ok
11:06:02.0991 1380 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:06:02.0991 1380 NetTcpActivator - ok
11:06:03.0006 1380 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:06:03.0006 1380 NetTcpPortSharing - ok
11:06:03.0038 1380 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
11:06:03.0038 1380 nfrd960 - ok
11:06:03.0084 1380 [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
11:06:03.0084 1380 NisDrv - ok
11:06:03.0100 1380 [ 79E80B10FE8F6662E0C9162A68C43444 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
11:06:03.0116 1380 NisSrv - ok
11:06:03.0131 1380 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
11:06:03.0131 1380 NlaSvc - ok
11:06:03.0147 1380 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
11:06:03.0147 1380 Npfs - ok
11:06:03.0163 1380 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
11:06:03.0163 1380 nsi - ok
11:06:03.0178 1380 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
11:06:03.0178 1380 nsiproxy - ok
11:06:03.0241 1380 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
11:06:03.0272 1380 Ntfs - ok
11:06:03.0288 1380 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
11:06:03.0288 1380 Null - ok
11:06:03.0319 1380 [ A85B4F2EF3A7304A5399EF0526423040 ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x64.sys
11:06:03.0319 1380 NVENETFD - ok
11:06:03.0366 1380 [ 960E39A54E525DF58CB29193147DFFA1 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
11:06:03.0366 1380 NVHDA - ok
11:06:03.0616 1380 [ 5104BAC2DA2A5BDD86AC6B0708B00F06 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
11:06:03.0834 1380 nvlddmkm - ok
11:06:03.0866 1380 [ 0AD267A4674805B61A5D7B911D2A978A ] NVNET C:\Windows\system32\DRIVERS\nvmf6264.sys
11:06:03.0881 1380 NVNET - ok
11:06:03.0913 1380 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
11:06:03.0913 1380 nvraid - ok
11:06:03.0944 1380 [ E58D81FB8616D0CB55C1E36AA0B213C9 ] nvsmu C:\Windows\system32\DRIVERS\nvsmu.sys
11:06:03.0944 1380 nvsmu - ok
11:06:03.0991 1380 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
11:06:03.0991 1380 nvstor - ok
11:06:04.0038 1380 [ DDFAFCE89A5C93D04712B86F94E9FCBA ] nvsvc C:\Windows\system32\nvvsvc.exe
11:06:04.0069 1380 nvsvc - ok
11:06:04.0147 1380 [ 84E035225474E48CD3A6A3CE52332095 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
11:06:04.0163 1380 nvUpdatusService - ok
11:06:04.0178 1380 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
11:06:04.0178 1380 nv_agp - ok
11:06:04.0194 1380 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
11:06:04.0194 1380 ohci1394 - ok
11:06:04.0272 1380 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:06:04.0288 1380 ose - ok
11:06:04.0522 1380 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
11:06:04.0584 1380 osppsvc - ok
11:06:04.0616 1380 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
11:06:04.0616 1380 p2pimsvc - ok
11:06:04.0647 1380 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
11:06:04.0647 1380 p2psvc - ok
11:06:04.0678 1380 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
11:06:04.0694 1380 Parport - ok
11:06:04.0725 1380 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
11:06:04.0725 1380 partmgr - ok
11:06:04.0741 1380 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
11:06:04.0741 1380 PcaSvc - ok
11:06:04.0756 1380 pccsmcfd - ok
11:06:04.0803 1380 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
11:06:04.0803 1380 pci - ok
11:06:04.0819 1380 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
11:06:04.0819 1380 pciide - ok
11:06:04.0834 1380 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
11:06:04.0850 1380 pcmcia - ok
11:06:04.0866 1380 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
11:06:04.0866 1380 pcw - ok
11:06:04.0897 1380 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
11:06:04.0897 1380 PEAUTH - ok
11:06:04.0975 1380 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
11:06:04.0975 1380 PerfHost - ok
11:06:05.0038 1380 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
11:06:05.0069 1380 pla - ok
11:06:05.0100 1380 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
11:06:05.0116 1380 PlugPlay - ok
11:06:05.0147 1380 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
11:06:05.0147 1380 PNRPAutoReg - ok
11:06:05.0163 1380 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
11:06:05.0178 1380 PNRPsvc - ok
11:06:05.0194 1380 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
11:06:05.0209 1380 PolicyAgent - ok
11:06:05.0241 1380 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
11:06:05.0256 1380 Power - ok
11:06:05.0303 1380 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
11:06:05.0303 1380 PptpMiniport - ok
11:06:05.0334 1380 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
11:06:05.0334 1380 Processor - ok
11:06:05.0366 1380 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
11:06:05.0381 1380 ProfSvc - ok
11:06:05.0413 1380 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
11:06:05.0413 1380 ProtectedStorage - ok
11:06:05.0459 1380 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
11:06:05.0459 1380 Psched - ok
11:06:05.0506 1380 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
11:06:05.0522 1380 ql2300 - ok
11:06:05.0538 1380 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
11:06:05.0538 1380 ql40xx - ok
11:06:05.0584 1380 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
11:06:05.0584 1380 QWAVE - ok
11:06:05.0600 1380 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
11:06:05.0600 1380 QWAVEdrv - ok
11:06:05.0616 1380 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
11:06:05.0616 1380 RasAcd - ok
11:06:05.0647 1380 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
11:06:05.0647 1380 RasAgileVpn - ok
11:06:05.0663 1380 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
11:06:05.0663 1380 RasAuto - ok
11:06:05.0694 1380 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
11:06:05.0694 1380 Rasl2tp - ok
11:06:05.0741 1380 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
11:06:05.0756 1380 RasMan - ok
11:06:05.0772 1380 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
11:06:05.0772 1380 RasPppoe - ok
11:06:05.0819 1380 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
11:06:05.0819 1380 RasSstp - ok
11:06:05.0866 1380 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
11:06:05.0866 1380 rdbss - ok
11:06:05.0881 1380 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
11:06:05.0897 1380 rdpbus - ok
11:06:05.0913 1380 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
11:06:05.0913 1380 RDPCDD - ok
11:06:05.0944 1380 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
11:06:05.0944 1380 RDPENCDD - ok
11:06:05.0959 1380 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
11:06:05.0959 1380 RDPREFMP - ok
11:06:06.0006 1380 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
11:06:06.0006 1380 RdpVideoMiniport - ok
11:06:06.0053 1380 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
11:06:06.0053 1380 RDPWD - ok
11:06:06.0084 1380 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
11:06:06.0084 1380 rdyboost - ok
11:06:06.0116 1380 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
11:06:06.0131 1380 RemoteAccess - ok
11:06:06.0163 1380 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
11:06:06.0163 1380 RemoteRegistry - ok
11:06:06.0194 1380 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
11:06:06.0194 1380 RpcEptMapper - ok
11:06:06.0225 1380 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
11:06:06.0225 1380 RpcLocator - ok
11:06:06.0272 1380 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
11:06:06.0288 1380 RpcSs - ok
11:06:06.0319 1380 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
11:06:06.0319 1380 rspndr - ok
11:06:06.0350 1380 [ 04C2D5BD8D0776320230978A0AEC3BD0 ] RTL8023x64 C:\Windows\system32\DRIVERS\Rtnic64.sys
11:06:06.0366 1380 RTL8023x64 - ok
11:06:06.0381 1380 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
11:06:06.0381 1380 SamSs - ok
11:06:06.0413 1380 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
11:06:06.0413 1380 sbp2port - ok
11:06:06.0444 1380 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
11:06:06.0459 1380 SCardSvr - ok
11:06:06.0491 1380 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
11:06:06.0491 1380 scfilter - ok
11:06:06.0553 1380 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
11:06:06.0569 1380 Schedule - ok
11:06:06.0600 1380 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
11:06:06.0600 1380 SCPolicySvc - ok
11:06:06.0631 1380 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
11:06:06.0647 1380 SDRSVC - ok
11:06:06.0663 1380 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
11:06:06.0663 1380 secdrv - ok
11:06:06.0694 1380 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
11:06:06.0694 1380 seclogon - ok
11:06:06.0725 1380 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
11:06:06.0741 1380 SENS - ok
11:06:06.0756 1380 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
11:06:06.0756 1380 SensrSvc - ok
11:06:06.0772 1380 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
11:06:06.0772 1380 Serenum - ok
11:06:06.0803 1380 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
11:06:06.0803 1380 Serial - ok
11:06:06.0834 1380 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
11:06:06.0850 1380 sermouse - ok
11:06:06.0897 1380 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
11:06:06.0897 1380 SessionEnv - ok
11:06:06.0928 1380 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
11:06:06.0928 1380 sffdisk - ok
11:06:06.0944 1380 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
11:06:06.0944 1380 sffp_mmc - ok
11:06:06.0959 1380 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
11:06:06.0959 1380 sffp_sd - ok
11:06:06.0975 1380 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
11:06:06.0991 1380 sfloppy - ok
11:06:07.0022 1380 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
11:06:07.0038 1380 SharedAccess - ok
11:06:07.0069 1380 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:06:07.0084 1380 ShellHWDetection - ok
11:06:07.0116 1380 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
11:06:07.0116 1380 SiSRaid2 - ok
11:06:07.0147 1380 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
11:06:07.0147 1380 SiSRaid4 - ok
11:06:07.0178 1380 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
11:06:07.0178 1380 Smb - ok
11:06:07.0225 1380 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
11:06:07.0225 1380 SNMPTRAP - ok
11:06:07.0272 1380 [ 5DA8039E58B3A557C6A744E476CDEB7F ] softehci C:\Windows\system32\DRIVERS\softehci.sys
11:06:07.0272 1380 softehci - ok
11:06:07.0288 1380 [ 26D2B0FF718219809C0BC3A8B061C6EC ] SOFTHIDUSBK C:\Windows\system32\DRIVERS\SOFTHIDUSBK.SYS
11:06:07.0303 1380 SOFTHIDUSBK - ok
11:06:07.0334 1380 [ E1702BBE8D31B6EDD5C6881C80F123A8 ] SOFTUSBK C:\Windows\system32\DRIVERS\SOFTUSBK.SYS
11:06:07.0350 1380 SOFTUSBK - ok
11:06:07.0350 1380 SOFTUSBTESTHUB - ok
11:06:07.0366 1380 SOFTWADP - ok
11:06:07.0381 1380 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
11:06:07.0381 1380 spldr - ok
11:06:07.0413 1380 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
11:06:07.0428 1380 Spooler - ok
11:06:07.0522 1380 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
11:06:07.0569 1380 sppsvc - ok
11:06:07.0600 1380 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
11:06:07.0600 1380 sppuinotify - ok
11:06:07.0631 1380 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
11:06:07.0631 1380 srv - ok
11:06:07.0663 1380 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
11:06:07.0678 1380 srv2 - ok
11:06:07.0678 1380 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
11:06:07.0694 1380 srvnet - ok
11:06:07.0725 1380 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
11:06:07.0725 1380 SSDPSRV - ok
11:06:07.0741 1380 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
11:06:07.0741 1380 SstpSvc - ok
11:06:07.0866 1380 [ F0359F7CE712D69ACEF0886BDB4792ED ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
11:06:07.0881 1380 Stereo Service - ok
11:06:07.0913 1380 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
11:06:07.0913 1380 stexstor - ok
11:06:07.0959 1380 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
11:06:07.0975 1380 stisvc - ok
11:06:08.0006 1380 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
11:06:08.0006 1380 swenum - ok
11:06:08.0038 1380 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
11:06:08.0038 1380 swprv - ok
11:06:08.0100 1380 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
11:06:08.0131 1380 SysMain - ok
11:06:08.0163 1380 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
11:06:08.0163 1380 TabletInputService - ok
11:06:08.0178 1380 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
11:06:08.0178 1380 TapiSrv - ok
11:06:08.0209 1380 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
11:06:08.0209 1380 TBS - ok
11:06:08.0288 1380 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
11:06:08.0303 1380 Tcpip - ok
11:06:08.0334 1380 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
11:06:08.0366 1380 TCPIP6 - ok
11:06:08.0397 1380 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
11:06:08.0397 1380 tcpipreg - ok
11:06:08.0444 1380 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
11:06:08.0444 1380 TDPIPE - ok
11:06:08.0475 1380 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
11:06:08.0475 1380 TDTCP - ok
11:06:08.0506 1380 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
11:06:08.0522 1380 tdx - ok
11:06:08.0553 1380 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
11:06:08.0553 1380 TermDD - ok
11:06:08.0600 1380 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
11:06:08.0616 1380 TermService - ok
11:06:08.0631 1380 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
11:06:08.0631 1380 Themes - ok
11:06:08.0663 1380 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
11:06:08.0663 1380 THREADORDER - ok
11:06:08.0678 1380 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
11:06:08.0678 1380 TrkWks - ok
11:06:08.0741 1380 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:06:08.0741 1380 TrustedInstaller - ok
11:06:08.0772 1380 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
11:06:08.0772 1380 tssecsrv - ok
11:06:08.0819 1380 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
11:06:08.0819 1380 TsUsbFlt - ok
11:06:08.0881 1380 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
11:06:08.0881 1380 tunnel - ok
11:06:08.0897 1380 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
11:06:08.0897 1380 uagp35 - ok
11:06:08.0944 1380 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
11:06:08.0944 1380 udfs - ok
11:06:08.0991 1380 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
11:06:08.0991 1380 UI0Detect - ok
11:06:09.0006 1380 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
11:06:09.0006 1380 uliagpkx - ok
11:06:09.0038 1380 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
11:06:09.0038 1380 umbus - ok
11:06:09.0069 1380 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
11:06:09.0069 1380 UmPass - ok
11:06:09.0084 1380 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
11:06:09.0100 1380 upnphost - ok
11:06:09.0147 1380 [ 43228F8EDD1B0BCDD3145AD246E63D39 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
11:06:09.0147 1380 USBAAPL64 - ok
11:06:09.0178 1380 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
11:06:09.0178 1380 usbaudio - ok
11:06:09.0225 1380 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
11:06:09.0225 1380 usbccgp - ok
11:06:09.0241 1380 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
11:06:09.0256 1380 usbcir - ok
11:06:09.0288 1380 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
11:06:09.0288 1380 usbehci - ok
11:06:09.0319 1380 [ DC2B97B8865042FC17C82381AC426D1C ] usbehci_dsf C:\Windows\system32\DRIVERS\usbehci_dsf.sys
11:06:09.0319 1380 usbehci_dsf - ok
11:06:09.0366 1380 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
11:06:09.0366 1380 usbhub - ok
11:06:09.0413 1380 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
11:06:09.0413 1380 usbohci - ok
11:06:09.0428 1380 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
11:06:09.0428 1380 usbprint - ok
11:06:09.0444 1380 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:06:09.0459 1380 USBSTOR - ok
11:06:09.0491 1380 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
11:06:09.0491 1380 usbuhci - ok
11:06:09.0506 1380 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
11:06:09.0522 1380 UxSms - ok
11:06:09.0538 1380 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
11:06:09.0538 1380 VaultSvc - ok
11:06:09.0553 1380 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
11:06:09.0553 1380 vdrvroot - ok
11:06:09.0600 1380 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
11:06:09.0616 1380 vds - ok
11:06:09.0631 1380 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
11:06:09.0631 1380 vga - ok
11:06:09.0663 1380 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
11:06:09.0678 1380 VgaSave - ok
11:06:09.0709 1380 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
11:06:09.0709 1380 vhdmp - ok
11:06:09.0772 1380 [ 906A7C6B6659A650648CF21998270945 ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
11:06:09.0788 1380 VIAHdAudAddService - ok
11:06:09.0819 1380 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
11:06:09.0819 1380 viaide - ok
11:06:09.0850 1380 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
11:06:09.0850 1380 volmgr - ok
11:06:09.0897 1380 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
11:06:09.0897 1380 volmgrx - ok
11:06:09.0928 1380 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
11:06:09.0944 1380 volsnap - ok
11:06:09.0959 1380 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
11:06:09.0975 1380 vsmraid - ok
11:06:10.0022 1380 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
11:06:10.0053 1380 VSS - ok
11:06:10.0084 1380 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
11:06:10.0084 1380 vwifibus - ok
11:06:10.0116 1380 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
11:06:10.0131 1380 W32Time - ok
11:06:10.0147 1380 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
11:06:10.0147 1380 WacomPen - ok
11:06:10.0194 1380 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
11:06:10.0194 1380 WANARP - ok
11:06:10.0209 1380 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
11:06:10.0209 1380 Wanarpv6 - ok
11:06:10.0256 1380 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
11:06:10.0288 1380 WatAdminSvc - ok
11:06:10.0350 1380 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
11:06:10.0381 1380 wbengine - ok
11:06:10.0428 1380 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
11:06:10.0428 1380 WbioSrvc - ok
11:06:10.0459 1380 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
11:06:10.0475 1380 wcncsvc - ok
11:06:10.0491 1380 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:06:10.0506 1380 WcsPlugInService - ok
11:06:10.0506 1380 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
11:06:10.0522 1380 Wd - ok
11:06:10.0553 1380 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
11:06:10.0569 1380 Wdf01000 - ok
11:06:10.0584 1380 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
11:06:10.0584 1380 WdiServiceHost - ok
11:06:10.0600 1380 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
11:06:10.0600 1380 WdiSystemHost - ok
11:06:10.0631 1380 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
11:06:10.0631 1380 WebClient - ok
11:06:10.0647 1380 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
11:06:10.0647 1380 Wecsvc - ok
11:06:10.0663 1380 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
11:06:10.0678 1380 wercplsupport - ok
11:06:10.0709 1380 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
11:06:10.0709 1380 WerSvc - ok
11:06:10.0756 1380 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
11:06:10.0756 1380 WfpLwf - ok
11:06:10.0772 1380 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
11:06:10.0772 1380 WIMMount - ok
11:06:10.0803 1380 WinDefend - ok
11:06:10.0819 1380 WinHttpAutoProxySvc - ok
11:06:10.0881 1380 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
11:06:10.0881 1380 Winmgmt - ok
11:06:10.0944 1380 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
11:06:10.0975 1380 WinRM - ok
11:06:11.0038 1380 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
11:06:11.0038 1380 WinUsb - ok
11:06:11.0084 1380 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
11:06:11.0100 1380 Wlansvc - ok
11:06:11.0241 1380 [ 98F138897EF4246381D197CB81846D62 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
11:06:11.0272 1380 wlidsvc - ok
11:06:11.0319 1380 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
11:06:11.0319 1380 WmiAcpi - ok
11:06:11.0334 1380 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
11:06:11.0350 1380 wmiApSrv - ok
11:06:11.0381 1380 WMPNetworkSvc - ok
11:06:11.0413 1380 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
11:06:11.0428 1380 WPCSvc - ok
11:06:11.0459 1380 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
11:06:11.0459 1380 WPDBusEnum - ok
11:06:11.0491 1380 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
11:06:11.0491 1380 ws2ifsl - ok
11:06:11.0522 1380 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
11:06:11.0522 1380 wscsvc - ok
11:06:11.0538 1380 WSearch - ok
11:06:11.0553 1380 WSOFTUSBK - ok
11:06:11.0647 1380 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
11:06:11.0663 1380 wuauserv - ok
11:06:11.0709 1380 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
11:06:11.0709 1380 WudfPf - ok
11:06:11.0741 1380 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
11:06:11.0741 1380 WUDFRd - ok
11:06:11.0788 1380 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
11:06:11.0788 1380 wudfsvc - ok
11:06:11.0803 1380 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
11:06:11.0819 1380 WwanSvc - ok
11:06:11.0834 1380 ================ Scan global ===============================
11:06:11.0866 1380 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
11:06:11.0913 1380 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
11:06:11.0928 1380 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
11:06:11.0944 1380 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
11:06:11.0975 1380 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
11:06:11.0991 1380 [Global] - ok
11:06:11.0991 1380 ================ Scan MBR ==================================
11:06:12.0006 1380 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
11:06:12.0178 1380 \Device\Harddisk0\DR0 - ok
11:06:12.0178 1380 ================ Scan VBR ==================================
11:06:12.0194 1380 [ F89CCA864C3CD67049F669A0536E361A ] \Device\Harddisk0\DR0\Partition1
11:06:12.0194 1380 \Device\Harddisk0\DR0\Partition1 - ok
11:06:12.0209 1380 [ 959546AC4E34DA92D6A46E867EF72563 ] \Device\Harddisk0\DR0\Partition2
11:06:12.0225 1380 \Device\Harddisk0\DR0\Partition2 - ok
11:06:12.0241 1380 [ 761C21322492B6DEB8CAB9A594B66528 ] \Device\Harddisk0\DR0\Partition3
11:06:12.0241 1380 \Device\Harddisk0\DR0\Partition3 - ok
11:06:12.0241 1380 ============================================================
11:06:12.0241 1380 Scan finished
11:06:12.0241 1380 ============================================================
11:06:12.0256 2172 Detected object count: 0
11:06:12.0256 2172 Actual detected object count: 0
11:06:29.0913 4720 Deinitialize success

--------------

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-02-04 11:09:31
-----------------------------
11:09:31.379 OS Version: Windows x64 6.1.7601 Service Pack 1
11:09:31.379 Number of processors: 3 586 0x203
11:09:31.379 ComputerName: MANABEASTIE UserName: Cody
11:09:32.192 Initialize success
11:12:47.076 AVAST engine defs: 13020400
11:12:56.560 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
11:12:56.560 Disk 0 Vendor: SAMSUNG_HD502HJ 1AJ10001 Size: 476940MB BusType: 3
11:12:56.576 Disk 0 MBR read successfully
11:12:56.576 Disk 0 MBR scan
11:12:56.591 Disk 0 Windows 7 default MBR code
11:12:56.591 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
11:12:56.607 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 426838 MB offset 206848
11:12:56.638 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 49999 MB offset 874371072
11:12:56.669 Disk 0 scanning C:\Windows\system32\drivers
11:13:07.169 Service scanning
11:13:27.888 Modules scanning
11:13:27.888 Disk 0 trace - called modules:
11:13:27.904 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
11:13:27.935 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80076374a0]
11:13:27.935 3 CLASSPNP.SYS[fffff88001b9243f] -> nt!IofCallDriver -> [0xfffffa80069aae40]
11:13:27.951 5 ACPI.sys[fffff8800100b7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8006af9060]
11:13:28.607 AVAST engine scan C:\Windows
11:13:30.607 AVAST engine scan C:\Windows\system32
11:16:54.717 AVAST engine scan C:\Windows\system32\drivers
11:17:14.280 AVAST engine scan C:\Users\Cody
11:18:52.624 Disk 0 MBR has been saved successfully to "C:\Users\Cody\Desktop\MBR.dat"
11:18:52.624 The log file has been saved successfully to "C:\Users\Cody\Desktop\aswMBR.txt"


----------

C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll a variant of Win32/Adware.Yontoo.B application
C:\Users\All Users\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll a variant of Win32/Adware.Yontoo.B application
C:\Users\Cody\AppData\Local\Google\Chrome\User Data\Default\Default\aadhdidbdidfdigfdfgcgegbdedcdddg\background.html Win32/BHO.OEI trojan
C:\Users\Cody\AppData\Local\Google\Chrome\User Data\Default\Default\aadhdidbdidfdigfdfgcgegbdedcdddg\ContentScript.js Win32/BHO.OEI trojan
C:\Users\Cody\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G7868HFA\PCMAX_AF_ErrorsFix_Setup.exe a variant of Win32/RegistryNuke application
C:\Users\Cody\AppData\Local\Temp\YontooSetup-S.exe multiple threats
C:\Documents and Settings\All Users\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll a variant of Win32/Adware.Yontoo.B application cleaned by deleting - quarantined
C:\Documents and Settings\Cody\AppData\Local\Google\Chrome\User Data\Default\Default\aadhdidbdidfdigfdfgcgegbdedcdddg\background.html Win32/BHO.OEI trojan cleaned by deleting - quarantined
C:\Documents and Settings\Cody\AppData\Local\Google\Chrome\User Data\Default\Default\aadhdidbdidfdigfdfgcgegbdedcdddg\ContentScript.js Win32/BHO.OEI trojan cleaned by deleting - quarantined
C:\Documents and Settings\Cody\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G7868HFA\PCMAX_AF_ErrorsFix_Setup.exe a variant of Win32/RegistryNuke application cleaned by deleting - quarantined
C:\Documents and Settings\Cody\AppData\Local\Temp\YontooSetup-S.exe multiple threats cleaned by deleting - quarantined
C:\Program Files (x86)\1ClickDownload\1ClickSettingsManager.exe Win32/Adware.1ClickDownload.E application cleaned by deleting - quarantined
C:\Program Files (x86)\1ClickDownload\ocmainpack.exe Win32/Adware.1ClickDownload.E application cleaned by deleting - quarantined
C:\Program Files (x86)\Yontoo\YontooIEClient.dll a variant of Win32/Adware.Yontoo.A application cleaned by deleting - quarantined

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:18 AM

Posted 04 February 2013 - 09:19 PM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.


Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#5 Ocod

Ocod
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:05:18 AM

Posted 05 February 2013 - 02:20 PM

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Database version: v2013.02.05.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Cody :: MANABEASTIE [administrator]

2/5/2013 3:09:45 AM
mbam-log-2013-02-05 (03-09-45).txt

Scan type: Full scan (C:\|D:\|E:\|G:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 748690
Time elapsed: 1 hour(s), 54 minute(s), 28 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

---------------

MiniToolBox by Farbar Version:10-01-2013
Ran by Cody (administrator) on 05-02-2013 at 09:56:09
Running from "C:\Users\Cody\Desktop"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

NVIDIA nForce Networking Controller = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global
add address name="Local Area Connection 2" address=192.168.137.1 mask=255.255.255.0


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Manabeastie
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : gateway.2wire.net

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : gateway.2wire.net
Description . . . . . . . . . . . : NVIDIA nForce 10/100/1000 Mbps Ethernet
Physical Address. . . . . . . . . : 00-25-22-74-E1-45
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::8573:3dc6:5148:87a9%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.68(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Monday, February 04, 2013 1:55:02 AM
Lease Expires . . . . . . . . . . : Wednesday, February 06, 2013 1:54:00 AM
Default Gateway . . . . . . . . . : 192.168.1.254
DHCP Server . . . . . . . . . . . : 192.168.1.254
DHCPv6 IAID . . . . . . . . . . . : 234890530
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-EE-C5-E8-00-25-22-74-E1-45
DNS Servers . . . . . . . . . . . : 192.168.1.254
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.gateway.2wire.net:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : gateway.2wire.net
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:1812:3b99:9c99:c931(Preferred)
Link-local IPv6 Address . . . . . : fe80::1812:3b99:9c99:c931%11(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: home
Address: 192.168.1.254

Name: google.com
Addresses: 2607:f8b0:4000:803::1003
173.194.46.0
173.194.46.1
173.194.46.2
173.194.46.3
173.194.46.4
173.194.46.5
173.194.46.6
173.194.46.7
173.194.46.8
173.194.46.9
173.194.46.14


Pinging google.com [74.125.225.229] with 32 bytes of data:
Reply from 74.125.225.229: bytes=32 time=34ms TTL=54
Reply from 74.125.225.229: bytes=32 time=37ms TTL=54

Ping statistics for 74.125.225.229:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 34ms, Maximum = 37ms, Average = 35ms
Server: home
Address: 192.168.1.254

Name: yahoo.com
Addresses: 98.139.183.24
206.190.36.45
98.138.253.109


Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=91ms TTL=48
Reply from 98.138.253.109: bytes=32 time=89ms TTL=48

Ping statistics for 98.138.253.109:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 89ms, Maximum = 91ms, Average = 90ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
10...00 25 22 74 e1 45 ......NVIDIA nForce 10/100/1000 Mbps Ethernet
1...........................Software Loopback Interface 1
13...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
11...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.254 192.168.1.68 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.68 276
192.168.1.68 255.255.255.255 On-link 192.168.1.68 276
192.168.1.255 255.255.255.255 On-link 192.168.1.68 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.68 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.68 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
11 58 ::/0 On-link
1 306 ::1/128 On-link
11 58 2001::/32 On-link
11 306 2001:0:9d38:6ab8:1812:3b99:9c99:c931/128
On-link
10 276 fe80::/64 On-link
11 306 fe80::/64 On-link
11 306 fe80::1812:3b99:9c99:c931/128
On-link
10 276 fe80::8573:3dc6:5148:87a9/128
On-link
1 306 ff00::/8 On-link
11 306 ff00::/8 On-link
10 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 08 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304] (Microsoft Corporation)
x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 08 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (02/05/2013 05:25:50 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (02/05/2013 05:25:49 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (02/05/2013 05:25:11 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (02/04/2013 02:05:21 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (02/04/2013 11:20:20 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (02/04/2013 11:20:17 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (02/04/2013 11:20:17 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (02/04/2013 11:19:50 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/31/2013 08:43:26 AM) (Source: Application Error) (User: )
Description: Faulting application name: iexplore.exe, version: 9.0.8112.16457, time stamp: 0x50a2f9e3
Faulting module name: YontooIEClient.dll_unloaded, version: 0.0.0.0, time stamp: 0x50788440
Exception code: 0xc0000005
Fault offset: 0x6a8ce6f1
Faulting process id: 0x11fc
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (01/24/2013 03:32:45 PM) (Source: Application Error) (User: )
Description: Faulting application name: swtor.exe, version: 1.0.0.0, time stamp: 0x50f7ea6c
Faulting module name: MemoryMan.dll, version: 0.0.0.0, time stamp: 0x50f7e686
Exception code: 0xc0000005
Fault offset: 0x00005883
Faulting process id: 0x9c0
Faulting application start time: 0xswtor.exe0
Faulting application path: swtor.exe1
Faulting module path: swtor.exe2
Report Id: swtor.exe3


System errors:
=============
Error: (02/04/2013 01:57:06 AM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error:
%%1069

Error: (02/04/2013 01:57:06 AM) (Source: Service Control Manager) (User: )
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error:
%%1330

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Error: (02/04/2013 01:55:02 AM) (Source: Service Control Manager) (User: )
Description: The Windows Defender service terminated with the following error:
%%126

Error: (02/04/2013 01:42:33 AM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error:
%%1069

Error: (02/04/2013 01:42:33 AM) (Source: Service Control Manager) (User: )
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error:
%%1330

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Error: (02/04/2013 01:40:23 AM) (Source: Service Control Manager) (User: )
Description: The Windows Defender service terminated with the following error:
%%126

Error: (02/04/2013 01:40:19 AM) (Source: Microsoft Antimalware) (User: )
Description: %60 has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.

Signatures Attempted: %24

Error Code: 0x80070002

Error description: The system cannot find the file specified.

Signature version: 1.143.1339.0;1.143.1339.0

Engine version: %600

Error: (02/04/2013 01:29:35 AM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error:
%%1069

Error: (02/04/2013 01:29:35 AM) (Source: Service Control Manager) (User: )
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error:
%%1330

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Error: (02/04/2013 01:27:32 AM) (Source: Service Control Manager) (User: )
Description: The Windows Defender service terminated with the following error:
%%126


Microsoft Office Sessions:
=========================
Error: (02/05/2013 05:25:50 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\Users\Cody\Desktop\esetsmartinstaller_enu.exe

Error: (02/05/2013 05:25:49 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestc:\Users\Cody\AppData\Local\microsoft\Windows\temporary internet files\Content.IE5\4K9DX1O3\SoftonicDownloader_for_galaxy-3d-space-tour.exe

Error: (02/05/2013 05:25:11 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (02/04/2013 02:05:21 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (02/04/2013 11:20:20 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Cody\Desktop\esetsmartinstaller_enu.exe

Error: (02/04/2013 11:20:17 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Cody\Desktop\esetsmartinstaller_enu.exe

Error: (02/04/2013 11:20:17 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Cody\Desktop\esetsmartinstaller_enu.exe

Error: (02/04/2013 11:19:50 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Cody\Desktop\esetsmartinstaller_enu.exe

Error: (01/31/2013 08:43:26 AM) (Source: Application Error)(User: )
Description: iexplore.exe9.0.8112.1645750a2f9e3YontooIEClient.dll_unloaded0.0.0.050788440c00000056a8ce6f111fc01cdffc151ae57d7C:\Program Files (x86)\Internet Explorer\iexplore.exeYontooIEClient.dll91aa9d52-6bb4-11e2-ad00-00252274e145

Error: (01/24/2013 03:32:45 PM) (Source: Application Error)(User: )
Description: swtor.exe1.0.0.050f7ea6cMemoryMan.dll0.0.0.050f7e686c0000005000058839c001cdfa689f8e10d8C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars-The Old Republic\swtor\RetailClient\swtor.exeC:\Program Files (x86)\Electronic Arts\BioWare\Star Wars-The Old Republic\swtor\RetailClient\MemoryMan.dll971fb1fe-666d-11e2-92c9-00252274e145


CodeIntegrity Errors:
===================================
Date: 2012-05-26 21:35:43.884
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-05-26 21:35:43.806
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-05-26 21:35:43.744
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-05-26 21:35:43.666
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-05-23 16:09:11.618
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-05-23 16:09:11.540
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


=========================== Installed Programs ============================

µTorrent (Version: 3.2.1.28086)
Adobe Flash Player 11 ActiveX (Version: 11.5.502.146)
Adobe Reader XI (11.0.01) (Version: 11.0.01)
Adobe Shockwave Player 11.6 (Version: 11.6.6.636)
Aeon (Version: 3.0)
AIWI (Version: 1.0.0.7281)
AIWI JoyStick (Version: 1.0.0)
Animated Wallpaper - Beautiful Space 3D (Version: 1.08)
Apple Application Support (Version: 2.3.2)
Apple Mobile Device Support (Version: 6.0.1.3)
Apple Software Update (Version: 2.1.3.127)
ASUS Gamer OSD (Version: 3.07.0419)
ASUS Smart Doctor (Version: 5.63)
Bonjour (Version: 3.0.0.10)
Call of Duty Modern Warfare 2
CDDRV_Installer (Version: 4.60)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Device Simulation Framework 1.0.1 (Version: 1.0.1)
DivX Setup (Version: 2.6.1.9)
erLT (Version: 1.20.0137)
ESET Online Scanner v3
EVE Online (remove only)
EveHQ (Version: 2.11.6)
EveHQ (Version: 2.4.0)
EVEMon (Version: 1.8.0.3987)
EverQuest
Fallout 3 - The Garden of Eden Creation Kit (Version: 1.00.0000)
Fallout 3 (Version: 1.00.0000)
FL Studio (Version: 10)
G-Force (Version: 4.2.0)
Game of Life (Version: 1.5)
Google Chrome (Version: 24.0.1312.57)
Google Earth (Version: 6.1.0.5001)
Google Talk Plugin (Version: 3.13.1.11376)
Google Update Helper (Version: 1.3.21.123)
Internet TV for Windows Media Center (Version: 4.2.2.0)
iTunes (Version: 11.0.1.12)
Java 7 Update 11 (Version: 7.0.110)
Java Auto Updater (Version: 2.1.9.0)
KhalInstallWrapper (Version: 2.00.0000)
Logitech SetPoint (Version: 4.80)
MagicDisc 2.7.106
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Games for Windows - LIVE Redistributable (Version: 3.5.92.0)
Microsoft Games for Windows Marketplace (Version: 3.5.50.0)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Home and Student 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Security Client (Version: 4.1.0522.0)
Microsoft Security Essentials (Version: 4.1.522.0)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server Compact 4.0 x64 ENU (Version: 4.0.8482.1)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Mumble 1.2.3 (Version: 1.2.3)
NVIDIA 3D Vision Driver 306.97 (Version: 306.97)
NVIDIA Control Panel 306.97 (Version: 306.97)
NVIDIA Drivers (Version: 1.5)
NVIDIA Graphics Driver 306.97 (Version: 306.97)
NVIDIA HD Audio Driver 1.2.23.3 (Version: 1.2.23.3)
NVIDIA Install Application (Version: 2.1002.85.551)
NVIDIA PhysX (Version: 9.10.0514)
NVIDIA PhysX System Software 9.10.0514 (Version: 9.10.0514)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.0697)
NVIDIA Update 1.10.8 (Version: 1.10.8)
NVIDIA Update Components (Version: 1.10.8)
Oblivion (Version: 1.00.0000)
Platform (Version: 1.34)
Revo Uninstaller 1.94 (Version: 1.94)
Rosetta Stone Version 3 (Version: 3.4.5.0)
SimCity™ Societies (Version: 1.0.0.0)
Star Wars: The Old Republic (Version: 1.00)
swMSM (Version: 12.0.0.1)
TeamSpeak 3 Client (Version: 3.0.6)
TERA (Version: 1.41)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
Utility (Version: 2.00.000)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
Ventrilo Client for Windows x64 (Version: 3.0.7.0)
VIA Platform Device Manager (Version: 1.34)
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
Windows Media Center Add-in for Flash (Version: 4.1.2.0)
WinRAR 4.01 (64-bit) (Version: 4.01.0)
World of Warcraft (Version: 5.0.5.16135)
Yahoo! Detect
Yontoo 1.10.02 (Version: 1.10.02)

========================= Memory info: ===================================

Percentage of memory in use: 41%
Total physical RAM: 8191.18 MB
Available physical RAM: 4804.9 MB
Total Pagefile: 20476.37 MB
Available Pagefile: 17338.68 MB
Total Virtual: 4095.88 MB
Available Virtual: 3967.36 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:416.83 GB) (Free:146.97 GB) NTFS
2 Drive d: (ASRock SupportCD) (CDROM) (Total:3.85 GB) (Free:0 GB) CDFS
3 Drive e: (Cody's Backup) (Fixed) (Total:48.83 GB) (Free:30.04 GB) NTFS

========================= Users: ========================================

User accounts for \\MANABEASTIE

Administrator Cody Guest
UpdatusUser

========================= Restore Points ==================================

29-01-2013 15:21:50 Installed EveHQ
29-01-2013 22:22:35 Windows Update
30-01-2013 19:54:17 Installed Mumble 1.2.3
02-02-2013 02:08:21 Installed Utility
02-02-2013 20:04:03 Windows Update
03-02-2013 08:31:20 Installed Platform
03-02-2013 15:56:05 Revo Uninstaller's restore point - XviD MPEG-4 Video Codec
03-02-2013 16:18:00 Installed Platform
03-02-2013 16:51:17 Revo Uninstaller's restore point - XviD MPEG-4 Video Codec
03-02-2013 17:05:22 Revo Uninstaller's restore point - AIWI
03-02-2013 17:05:48 Removed AIWI
04-02-2013 07:36:58 Restore Operation
04-02-2013 07:51:02 Windows Update
04-02-2013 08:01:18 Revo Uninstaller's restore point - XviD MPEG-4 Video Codec
04-02-2013 08:31:16 Revo Uninstaller's restore point - Advanced Fix 2012 version 2.0.1.100

**** End of log ****

-------------------

Farbar Service Scanner Version: 30-01-2013
Ran by Cody (administrator) on 05-02-2013 at 12:00:32
Running from "C:\Users\Cody\Desktop"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error. Google IP is offline
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is OK.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend: "%ProgramFiles(x86)%\Windows Defender\mpsvc.dll".


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

-----------------

# AdwCleaner v2.111 - Logfile created 02/05/2013 at 12:01:56
# Updated 05/02/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Cody - MANABEASTIE
# Boot Mode : Normal
# Running from : C:\Users\Cody\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Program Files (x86)\1ClickDownload
Folder Deleted : C:\Program Files (x86)\Yontoo
Folder Deleted : C:\ProgramData\InstallMate
Folder Deleted : C:\ProgramData\Premium
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\Users\Cody\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho
Folder Deleted : C:\Users\Cody\AppData\LocalLow\boost_interprocess

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Key Deleted : HKLM\Software\bflixtoolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1
Key Deleted : HKLM\Software\Iminent
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pmlghpafmmnmmkjdhacccolfgnkiboco
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : HKLM\SOFTWARE\Tarma Installer
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Search Page] = hxxp://feed.snap.do/?publisher=SnapdoIMonetizer&dpid=SnapdoEMon&co=US&userid=55c5319f-18e9-4d29-b3f6-fe57799a1ae7&searchtype=ds&q={searchTerms} --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Search - Default_Search_URL] = hxxp://feed.snap.do/?publisher=SnapdoIMonetizer&dpid=SnapdoEMon&co=US&userid=55c5319f-18e9-4d29-b3f6-fe57799a1ae7&searchtype=ds&q={searchTerms} --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://feed.snap.do/?publisher=SnapdoIMonetizer&dpid=SnapdoEMon&co=US&userid=55c5319f-18e9-4d29-b3f6-fe57799a1ae7&searchtype=ds&q={searchTerms} --> hxxp://www.google.com

-\\ Google Chrome v24.0.1312.57

File : C:\Users\Cody\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted [l.1246] : homepage = "hxxp://feed.snap.do/?publisher=SnapdoIMonetizer&dpid=SnapdoEMon&co=US&userid=55c5319[...]
Deleted [l.1533] : urls_to_restore_on_startup = [ "hxxp://feed.snap.do/?publisher=SnapdoIMonetizer&dpid=SnapdoEM[...]

*************************

AdwCleaner[S1].txt - [5794 octets] - [05/02/2013 12:01:56]

########## EOF - C:\AdwCleaner[S1].txt - [5854 octets] ##########

---------------

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.6.2 (02.02.2013:2)
OS: Windows 7 Home Premium x64
Ran by Cody on Tue 02/05/2013 at 12:44:52.51
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] hkey_current_user\software\microsoft\internet explorer\searchurl\\Default
Successfully repaired: [Registry Value] hkey_users\S-1-5-21-2170771549-3122489798-1341980853-1000\software\microsoft\internet explorer\searchurl\\Default
Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchurl\\Default



~~~ Registry Keys

Successfully deleted: [Registry Key] hkey_current_user\software\sweetim
Successfully deleted: [Registry Key] hkey_local_machine\software\sweetim



~~~ Files

Successfully deleted: [File] C:\eula.1028.txt
Successfully deleted: [File] C:\eula.1031.txt
Successfully deleted: [File] C:\eula.1033.txt
Successfully deleted: [File] C:\eula.1036.txt
Successfully deleted: [File] C:\eula.1040.txt
Successfully deleted: [File] C:\eula.1041.txt
Successfully deleted: [File] C:\eula.1042.txt
Successfully deleted: [File] C:\eula.2052.txt
Successfully deleted: [File] C:\install.res.1028.dll
Successfully deleted: [File] C:\install.res.1031.dll
Successfully deleted: [File] C:\install.res.1033.dll
Successfully deleted: [File] C:\install.res.1036.dll
Successfully deleted: [File] C:\install.res.1040.dll
Successfully deleted: [File] C:\install.res.1041.dll
Successfully deleted: [File] C:\install.res.1042.dll
Successfully deleted: [File] C:\install.res.2052.dll
Successfully deleted: [File] C:\install.res.3082.dll



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\codeccheck"



~~~ Chrome

Dumping contents of C:\Users\Cody\appdata\local\Google\Chrome\User Data\Default\Default
C:\Users\Cody\appdata\local\Google\Chrome\User Data\Default\Default\aadhdidbdidfdigfdfgcgegbdedcdddg
C:\Users\Cody\appdata\local\Google\Chrome\User Data\Default\Default\aadhdidbdidfdigfdfgcgegbdedcdddg\manifest.json

Successfully deleted: [Folder] C:\Users\Cody\appdata\local\Google\Chrome\User Data\Default\Default [Default Extension 1.0]
Successfully deleted: [Folder] C:\Users\Cody\appdata\local\Google\Chrome\User Data\Default\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 02/05/2013 at 12:51:45.03
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

----------------

Rkill 2.4.6 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 02/05/2013 12:58:43 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* WinDefend => %ProgramFiles(x86)%\Windows Defender\mpsvc.dll [Incorrect ServiceDLL]

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 localhost

Program finished at: 02/05/2013 12:58:55 PM
Execution time: 0 hours(s), 0 minute(s), and 12 seconds(s)

-----------------

"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" ""
+ "rdpclip" "" "" "File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "MSC" "Microsoft Security Client User Interface" "Microsoft Corporation" "c:\program files\microsoft security client\msseces.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "HDAudDeck" "VIA HD Audio CPL" "VIA" "c:\program files (x86)\via\viaudioi\vdeck\vdeck.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office14\msoxmlmf.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll"
+ "MagicISO" "" "" "File not found: C:\Program Files (x86)\MagicISO\misosh64.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "WinRAR32" "" "" "c:\program files\winrar\rarext32.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll"
+ "MagicISO" "" "" "File not found: C:\Program Files (x86)\MagicISO\misosh64.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "WinRAR32" "" "" "c:\program files\winrar\rarext32.dll"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "WinRAR32" "" "" "c:\program files\winrar\rarext32.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "ContextMenu" "ASUS Display Property Page" "ASUSTeK COMPUTER INC." "c:\windows\system32\atkdispcpl.dll"
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
+ "NvCplDesktopContext" "" "NVIDIA Corporation" "c:\windows\system32\nvshext.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "MagicISO" "" "" "File not found: C:\Program Files (x86)\MagicISO\misosh64.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "WinRAR32" "" "" "c:\program files\winrar\rarext32.dll"
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "WinRAR32" "" "" "c:\program files\winrar\rarext32.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files\microsoft office\office14\urlredir.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corporation" "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "DivX Plus Web Player HTML5 <video>" "DivX Plus Web Player HTML5 <video> version 2.1.2.145" "DivX, LLC" "c:\program files (x86)\divx\divx plus web player\ie\divxhtml5\divxhtml5.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\java\jre7\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\java\jre7\bin\ssv.dll"
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\urlredir.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "OneNote Lin&ked Notes" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office14\onbttnielinkednotes.dll"
+ "Se&nd to OneNote" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office14\onbttnie.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "OneNote Lin&ked Notes" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\onbttnielinkednotes.dll"
+ "Se&nd to OneNote" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\onbttnie.dll"
"Task Scheduler" "" "" ""
+ "\GoogleUpdateTaskMachineCore" "Google Installer" "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskMachineUA" "Google Installer" "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-2170771549-3122489798-1341980853-1000Core" "Google Installer" "Google Inc." "c:\users\cody\appdata\local\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-2170771549-3122489798-1341980853-1000UA" "Google Installer" "Google Inc." "c:\users\cody\appdata\local\google\update\googleupdate.exe"
+ "\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\microsoft security client\mpcmdrun.exe"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
+ "\SidebarExecute" "Windows Desktop Gadgets" "Microsoft Corporation" "c:\program files\windows sidebar\sidebar.exe"
+ "\{80F8CDA4-C5BD-4E62-A033-95BF73808D12}" "Fallout 3 Launcher" "Bethesda Softworks" "c:\program files (x86)\bethesda softworks\fallout 3\falloutlauncher.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files (x86)\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "iPod Service" "iPod hardware management services" "Apple Inc." "c:\program files\ipod\bin\ipodservice.exe"
+ "MBAMScheduler" "Malwarebytes Anti-Malware scheduler" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamscheduler.exe"
+ "MBAMService" "Malwarebytes Anti-Malware service" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamservice.exe"
+ "MsMpSvc" "Helps protect users from malware and other potentially unwanted software" "Microsoft Corporation" "c:\program files\microsoft security client\msmpeng.exe"
+ "NisSrv" "Helps guard against intrusion attempts targeting known and newly discovered vulnerabilities in network protocols" "Microsoft Corporation" "c:\program files\microsoft security client\nissrv.exe"
+ "nvsvc" "Provides system and desktop level support to the NVIDIA display driver" "NVIDIA Corporation" "c:\windows\system32\nvvsvc.exe"
+ "nvUpdatusService" "NVIDIA Settings Update Manager service, used to check new updates from NVIDIA server." "NVIDIA Corporation" "c:\program files (x86)\nvidia corporation\nvidia update core\daemonu.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"
+ "osppsvc" "Office Software Protection Platform Service (unlocalized description)" "Microsoft Corporation" "c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "" "File not found: C:\Program Files (x86)\Windows Defender\mpsvc.dll"
+ "wlidsvc" "Enables Windows Live ID authentication." "Microsoft Corporation" "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "AsrCDDrv" "" "" "File not found: C:\Windows\SysWOW64\Drivers\AsrCDDrv.sys"
+ "asusgsb" "ASUS Virtual Video Capture Device Driver" "ASUSTeK Computer Inc." "c:\windows\system32\drivers\asusgsb.sys"
+ "atkdisplf" "ATKDispLowFilter" "ASUSTeK Computer Inc." "c:\windows\system32\drivers\atkdisplowfilter.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "EIO64" "ASUS VGA Kernel Mode Driver" "ASUSTeK Computer Inc." "c:\windows\system32\drivers\eio64.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "HRMACPI" "" "" "File not found: SYSTEM32\DRIVERS\HRMACPI.SYS"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "IOMap" "ASUS Kernel Mode Driver for NT " "ASUSTeK Computer Inc." "c:\windows\system32\drivers\iomap64.sys"
+ "L8042Kbd" "Logitech PS2 Keyboard Filter Driver." "Logitech, Inc." "c:\windows\system32\drivers\l8042kbd.sys"
+ "LHidFilt" "Logitech HID Filter Driver." "Logitech, Inc." "c:\windows\system32\drivers\lhidfilt.sys"
+ "LMouFilt" "Logitech Mouse Filter Driver." "Logitech, Inc." "c:\windows\system32\drivers\lmoufilt.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "LUsbFilt" "Logitech USB Filter Driver." "Logitech, Inc." "c:\windows\system32\drivers\lusbfilt.sys"
+ "MBAMProtector" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\windows\system32\drivers\mbam.sys"
+ "mcdbus" "MagicISO SCSI Host Controller" "MagicISO, Inc." "c:\windows\system32\drivers\mcdbus.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "NVENETFD" "NVIDIA MCP Networking Function Driver." "NVIDIA Corporation" "c:\windows\system32\drivers\nvm62x64.sys"
+ "NVHDA" "NVIDIA HDMI Audio Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvhda64v.sys"
+ "nvlddmkm" "NVIDIA Windows Kernel Mode Driver, Version 306.97 " "NVIDIA Corporation" "c:\windows\system32\drivers\nvlddmkm.sys"
+ "NVNET" "NVIDIA MCP Networking Function Driver." "NVIDIA Corporation" "c:\windows\system32\drivers\nvmf6264.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvsmu" "NVIDIA nForce™ SMU Microcontroller Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvsmu.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "pccsmcfd" "" "" "File not found: system32\DRIVERS\pccsmcfdx64.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "RTL8023x64" "Realtek 10/100 X64 Driver " "Realtek Semiconductor Corporation " "c:\windows\system32\drivers\rtnic64.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "SOFTUSBTESTHUB" "" "" "File not found: SYSTEM32\DRIVERS\SOFTUSBTESTHUB.SYS"
+ "SOFTWADP" "" "" "File not found: SYSTEM32\DRIVERS\SOFTWADP.SYS"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "USBAAPL64" "Apple Mobile Device USB Driver" "Apple, Inc." "c:\windows\system32\drivers\usbaapl64.sys"
+ "VIAHdAudAddService" "VIA High Definition Audio Function Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viahduaa.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
+ "WSOFTUSBK" "" "" "File not found: SYSTEM32\DRIVERS\WSOFTUSBK.SYS"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
+ "vidc.DIVX" "DivX" "DivX, Inc." "c:\windows\syswow64\divx.dll"
+ "vidc.yv12" "DivX" "DivX, Inc." "c:\windows\syswow64\divx.dll"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "DivX Decoder Filter" "DivX Decoder Filter" "DivX, Inc." "c:\program files\divx\divx codec\divxdec.ax"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "ASUS SBS RTP Render Filter" "NetVideo for SBS" "ASUSTeK Computer Inc." "c:\windows\syswow64\netvideo_sbs.ax"
+ "ASUS SBS RTP Source Filter" "NetVideo for SBS" "ASUSTeK Computer Inc." "c:\windows\syswow64\netvideo_sbs.ax"
+ "Audio Destination" "WAVDest Filter (Sample)" "Microsoft Corporation" "c:\program files (x86)\google\google earth\client\wavdest.ax"
+ "DivX AAC Decoder" "AAC audio decoder filter" "DivX, Inc." "c:\program files (x86)\divx\divx plus directshow filters\daac.ax"
+ "DivX Decoder Filter" "DivX Decoder Filter" "DivX, Inc." "c:\program files (x86)\divx\divx codec\divxdec.ax"
+ "DivX Demux Filter" "DivX Plus DMF Navigator Filter" "DivX, Inc." "c:\program files (x86)\divx\divx plus directshow filters\directshowdemuxfilter.dll"
+ "DivX Demux Filter (Unrestricted Edition)" "DivX Plus DMF Navigator Filter" "DivX, Inc." "c:\program files (x86)\divx\divx plus directshow filters\directshowdemuxfilter.dll"
+ "DivX H.264 Decoder" "DivX H.264 Decoder Filter" "DivX, Inc." "c:\program files (x86)\divx\divx plus directshow filters\divxdech264.ax"
+ "XviD MPEG-4 Video Decoder" "" "" "c:\windows\syswow64\xvid.ax"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" "" "" ""
+ "WLIDCredentialProvider" "Microsoft® Windows Live ID Credential Provider" "Microsoft Corporation" "c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "LBTWlgn" "Logitech Bluetooth Service" "Logitech, Inc." "c:\program files\common files\logishrd\bluetooth\lbtwlgn.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files (x86)\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corporation" "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corporation" "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"

----------

Hope I didn't miss anything... If I did please let me know =)

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:18 AM

Posted 05 February 2013 - 02:30 PM

Current issues?

#7 Ocod

Ocod
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:05:18 AM

Posted 06 February 2013 - 03:01 AM

Other than dozens of these "desktop.ini" files spread across as many folders, I'm not detecting any further issues. How will I know which "desktop.ini" is the proper one and should not be removed from my drive? I want to go ahead and start eliminating them if it's safe.

Edited by Ocod, 06 February 2013 - 03:01 AM.


#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:18 AM

Posted 06 February 2013 - 04:25 AM

No,they are legitimate files.

Open your C drive

On top ,click on organize-folder and search options

Click on view tab and scroll down

Checkmark Dont show hidden files
CheckmarkHide operating system files

CLick ok

You should not see them now.

#9 Ocod

Ocod
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:05:18 AM

Posted 06 February 2013 - 05:05 PM

Okay! Thank you so very much for your help!

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:18 AM

Posted 07 February 2013 - 01:49 AM

That looks good

Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

XP- http://support.microsoft.com/kb/310405

Vista & windows 7- http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users