Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

missing services


  • Please log in to reply
28 replies to this topic

#1 bricbat

bricbat

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:canada
  • Local time:06:35 PM

Posted 06 February 2013 - 02:49 AM

hello i am looking for help with missing services that show in my rkill log. this is the last of many issues that i have had everything from windows update to window firewall to my mcafee were all damaged or corrupted. everthing has been fixed except for a microsoft visual c++ runtime library error that keeps popping up say that an application has asked to close in an unusual way. followed by a message that windows explorer has stopped and needs to be restarted.which it automatically does after the dialogue box is closed.this error occurs several times every hour. however if i use my zonealarm firewall to block all internet access the error does not occur.


icurrently have zonealarm anti virus and firewall
rkill
superantispyware
tdsskiller

all of the above show no current issues except what is shown above. this all started about a month ago and i have spent a lot of time getting to this point i would greatly appreciate any help i could get.

Attached Files


Edited by hamluis, 06 February 2013 - 08:05 AM.
No logs, moved from Malware Removal Logs to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:35 PM

Posted 06 February 2013 - 10:28 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log(Do not click on FIXMBR)

Post the log results here.If you get crashes in normal mode,run it in safemode with networking


Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply.Ignore it if there are no detected threats.

#3 bricbat

bricbat
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:canada
  • Local time:06:35 PM

Posted 06 February 2013 - 01:43 PM

ok will do

#4 bricbat

bricbat
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:canada
  • Local time:06:35 PM

Posted 06 February 2013 - 06:51 PM

i did the scans you requested , here are the results.

the aswmbr scan was done in both normal and safe mode and seemed to stop while scanning mediaiconoverlays.dll i don't know if was completed or not but it stayed ther for more 20 min so saved the log at that point.

I also had a microsoft safety scan done and it said the only problem was a partially removed Trojan:WinNT/Sirefef.N


tdss


14:48:08.0897 5132 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
14:48:09.0692 5132 ============================================================
14:48:09.0692 5132 Current date / time: 2013/02/06 14:48:09.0692
14:48:09.0692 5132 SystemInfo:
14:48:09.0692 5132
14:48:09.0692 5132 OS Version: 6.1.7601 ServicePack: 1.0
14:48:09.0692 5132 Product type: Workstation
14:48:09.0692 5132 ComputerName: GARY-PC
14:48:09.0692 5132 UserName: gary
14:48:09.0692 5132 Windows directory: C:\Windows
14:48:09.0692 5132 System windows directory: C:\Windows
14:48:09.0692 5132 Processor architecture: Intel x86
14:48:09.0692 5132 Number of processors: 2
14:48:09.0692 5132 Page size: 0x1000
14:48:09.0692 5132 Boot type: Normal boot
14:48:09.0692 5132 ============================================================
14:48:10.0036 5132 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
14:48:10.0114 5132 ============================================================
14:48:10.0114 5132 \Device\Harddisk0\DR0:
14:48:10.0129 5132 MBR partitions:
14:48:10.0129 5132 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x18000, BlocksNum 0x1400000
14:48:10.0129 5132 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1418000, BlocksNum 0x24016000
14:48:10.0129 5132 ============================================================
14:48:10.0160 5132 C: <-> \Device\Harddisk0\DR0\Partition2
14:48:10.0176 5132 D: <-> \Device\Harddisk0\DR0\Partition1
14:48:10.0176 5132 ============================================================
14:48:10.0176 5132 Initialize success
14:48:10.0176 5132 ============================================================
14:48:21.0517 2812 ============================================================
14:48:21.0517 2812 Scan started
14:48:21.0517 2812 Mode: Manual; TDLFS;
14:48:21.0517 2812 ============================================================
14:48:21.0938 2812 ================ Scan system memory ========================
14:48:21.0938 2812 System memory - ok
14:48:21.0938 2812 ================ Scan services =============================
14:48:22.0016 2812 [ 01E81C84AD1D0ACC61CF3CFD06632210 ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
14:48:22.0016 2812 !SASCORE - ok
14:48:22.0562 2812 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
14:48:22.0562 2812 1394ohci - ok
14:48:22.0594 2812 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
14:48:22.0594 2812 ACPI - ok
14:48:22.0640 2812 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
14:48:22.0640 2812 AcpiPmi - ok
14:48:22.0703 2812 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
14:48:22.0703 2812 AdobeFlashPlayerUpdateSvc - ok
14:48:22.0750 2812 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
14:48:22.0765 2812 adp94xx - ok
14:48:22.0796 2812 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
14:48:22.0796 2812 adpahci - ok
14:48:22.0828 2812 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
14:48:22.0843 2812 adpu320 - ok
14:48:22.0890 2812 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
14:48:22.0890 2812 AeLookupSvc - ok
14:48:22.0921 2812 [ 330A1E4DF07C2E29949ED8631CD8828E ] AERTFilters C:\Windows\system32\AERTSrv.exe
14:48:22.0921 2812 AERTFilters - ok
14:48:22.0937 2812 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
14:48:22.0952 2812 AFD - ok
14:48:22.0999 2812 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
14:48:22.0999 2812 agp440 - ok
14:48:23.0030 2812 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
14:48:23.0030 2812 aic78xx - ok
14:48:23.0062 2812 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
14:48:23.0062 2812 ALG - ok
14:48:23.0077 2812 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
14:48:23.0077 2812 aliide - ok
14:48:23.0124 2812 [ 50EBBB86E493BD9AB7DDF914A90EEF8E ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
14:48:23.0124 2812 AMD External Events Utility - ok
14:48:23.0140 2812 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
14:48:23.0140 2812 amdagp - ok
14:48:23.0155 2812 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
14:48:23.0155 2812 amdide - ok
14:48:23.0186 2812 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
14:48:23.0186 2812 AmdK8 - ok
14:48:23.0420 2812 [ 70EB74785AB7FC603FEF19D87B7A7946 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
14:48:23.0608 2812 amdkmdag - ok
14:48:23.0623 2812 [ BA99833BBDE9C4FF389FC8114FB14843 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
14:48:23.0639 2812 amdkmdap - ok
14:48:23.0639 2812 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
14:48:23.0639 2812 AmdPPM - ok
14:48:23.0670 2812 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
14:48:23.0670 2812 amdsata - ok
14:48:23.0686 2812 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
14:48:23.0701 2812 amdsbs - ok
14:48:23.0701 2812 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
14:48:23.0701 2812 amdxata - ok
14:48:23.0732 2812 [ 3E59DF4984FBD6800D6621480B38A34E ] Andbus C:\Windows\system32\DRIVERS\lgandbus.sys
14:48:23.0732 2812 Andbus - ok
14:48:23.0748 2812 [ 8E0BF6F3B2C9C292BC7CE0DE727CDD56 ] AndDiag C:\Windows\system32\DRIVERS\lganddiag.sys
14:48:23.0748 2812 AndDiag - ok
14:48:23.0764 2812 [ 1D2C90E25483363D54B652898BBC8F2A ] AndGps C:\Windows\system32\DRIVERS\lgandgps.sys
14:48:23.0764 2812 AndGps - ok
14:48:23.0779 2812 [ B1B06A95DA2CAC7FA19832C60C348C85 ] ANDModem C:\Windows\system32\DRIVERS\lgandmodem.sys
14:48:23.0779 2812 ANDModem - ok
14:48:23.0810 2812 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
14:48:23.0810 2812 AppID - ok
14:48:23.0826 2812 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
14:48:23.0842 2812 AppIDSvc - ok
14:48:23.0857 2812 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
14:48:23.0857 2812 Appinfo - ok
14:48:23.0873 2812 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
14:48:23.0873 2812 arc - ok
14:48:23.0888 2812 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
14:48:23.0888 2812 arcsas - ok
14:48:23.0904 2812 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
14:48:23.0904 2812 AsyncMac - ok
14:48:23.0935 2812 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
14:48:23.0935 2812 atapi - ok
14:48:23.0966 2812 [ C7C4A32657EA691895DC5A270EB1DE77 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW73.sys
14:48:23.0966 2812 AtiHDAudioService - ok
14:48:23.0982 2812 [ 36A49B49E982450AC117EDA6AB35BDF5 ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
14:48:23.0998 2812 AtiHdmiService - ok
14:48:24.0185 2812 [ 70EB74785AB7FC603FEF19D87B7A7946 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
14:48:24.0232 2812 atikmdag - ok
14:48:24.0278 2812 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:48:24.0278 2812 AudioEndpointBuilder - ok
14:48:24.0294 2812 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
14:48:24.0310 2812 Audiosrv - ok
14:48:24.0341 2812 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
14:48:24.0341 2812 AxInstSV - ok
14:48:24.0388 2812 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
14:48:24.0403 2812 b06bdrv - ok
14:48:24.0434 2812 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
14:48:24.0434 2812 b57nd60x - ok
14:48:24.0466 2812 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
14:48:24.0466 2812 BDESVC - ok
14:48:24.0481 2812 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
14:48:24.0481 2812 Beep - ok
14:48:24.0512 2812 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
14:48:24.0512 2812 BFE - ok
14:48:24.0590 2812 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll
14:48:24.0606 2812 BITS - ok
14:48:24.0622 2812 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
14:48:24.0622 2812 blbdrive - ok
14:48:24.0653 2812 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
14:48:24.0668 2812 bowser - ok
14:48:24.0668 2812 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
14:48:24.0684 2812 BrFiltLo - ok
14:48:24.0684 2812 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
14:48:24.0700 2812 BrFiltUp - ok
14:48:24.0715 2812 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
14:48:24.0715 2812 Browser - ok
14:48:24.0746 2812 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
14:48:24.0746 2812 Brserid - ok
14:48:24.0762 2812 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
14:48:24.0762 2812 BrSerWdm - ok
14:48:24.0778 2812 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
14:48:24.0778 2812 BrUsbMdm - ok
14:48:24.0778 2812 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
14:48:24.0793 2812 BrUsbSer - ok
14:48:24.0809 2812 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
14:48:24.0809 2812 BTHMODEM - ok
14:48:24.0840 2812 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
14:48:24.0840 2812 bthserv - ok
14:48:24.0871 2812 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
14:48:24.0871 2812 cdfs - ok
14:48:24.0902 2812 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\drivers\cdrom.sys
14:48:24.0902 2812 cdrom - ok
14:48:24.0934 2812 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
14:48:24.0934 2812 CertPropSvc - ok
14:48:24.0949 2812 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
14:48:24.0949 2812 circlass - ok
14:48:24.0980 2812 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
14:48:24.0996 2812 CLFS - ok
14:48:25.0058 2812 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:48:25.0058 2812 clr_optimization_v2.0.50727_32 - ok
14:48:25.0105 2812 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:48:25.0105 2812 clr_optimization_v4.0.30319_32 - ok
14:48:25.0121 2812 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
14:48:25.0121 2812 CmBatt - ok
14:48:25.0136 2812 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
14:48:25.0136 2812 cmdide - ok
14:48:25.0168 2812 [ 42F158036BD4C2FF3122BF142E60E6FD ] CNG C:\Windows\system32\Drivers\cng.sys
14:48:25.0168 2812 CNG - ok
14:48:25.0183 2812 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
14:48:25.0183 2812 Compbatt - ok
14:48:25.0199 2812 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
14:48:25.0199 2812 CompositeBus - ok
14:48:25.0199 2812 COMSysApp - ok
14:48:25.0308 2812 cpuz135 - ok
14:48:25.0324 2812 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
14:48:25.0324 2812 crcdisk - ok
14:48:25.0370 2812 [ 0C629820AAD9C90E456B221C94D640CA ] Creative Labs Licensing Service C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
14:48:25.0370 2812 Creative Labs Licensing Service - ok
14:48:25.0448 2812 [ 3C8B6609712F4FF78E521F6DCFC4032B ] Creative Service for CDROM Access C:\Windows\system32\CTsvcCDA.exe
14:48:25.0448 2812 Creative Service for CDROM Access - ok
14:48:25.0480 2812 [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\Windows\system32\cryptsvc.dll
14:48:25.0480 2812 CryptSvc - ok
14:48:25.0511 2812 [ 90F8539FA0DE4AAFE4FDBE7F95D6A512 ] dc3d C:\Windows\system32\DRIVERS\dc3d.sys
14:48:25.0511 2812 dc3d - ok
14:48:25.0542 2812 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
14:48:25.0558 2812 DcomLaunch - ok
14:48:25.0589 2812 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] DEFRAGSVC C:\Windows\System32\defragsvc.dll
14:48:25.0589 2812 DEFRAGSVC - ok
14:48:25.0620 2812 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
14:48:25.0620 2812 DfsC - ok
14:48:25.0636 2812 dgderdrv - ok
14:48:25.0651 2812 [ 6CC6C4B9D7B906A151AA094CA087B9F0 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
14:48:25.0651 2812 dg_ssudbus - ok
14:48:25.0714 2812 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
14:48:25.0714 2812 Dhcp - ok
14:48:25.0745 2812 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
14:48:25.0745 2812 discache - ok
14:48:25.0760 2812 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
14:48:25.0760 2812 Disk - ok
14:48:25.0776 2812 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
14:48:25.0792 2812 Dnscache - ok
14:48:25.0854 2812 [ 13511564CAC5A005255765E322C16967 ] DockLoginService C:\Program Files\Dell\DellDock\DockLogin.exe
14:48:25.0854 2812 DockLoginService - ok
14:48:25.0885 2812 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
14:48:25.0885 2812 dot3svc - ok
14:48:25.0916 2812 [ B5E479EB83707DD698F66953E922042C ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
14:48:25.0916 2812 Dot4 - ok
14:48:25.0948 2812 [ CAEFD09B6A6249C53A67D55A9A9FCABF ] Dot4Print C:\Windows\system32\drivers\Dot4Prt.sys
14:48:25.0948 2812 Dot4Print - ok
14:48:25.0948 2812 [ CF491FF38D62143203C065260567E2F7 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
14:48:25.0948 2812 dot4usb - ok
14:48:25.0979 2812 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
14:48:25.0979 2812 DPS - ok
14:48:26.0010 2812 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
14:48:26.0010 2812 drmkaud - ok
14:48:26.0041 2812 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
14:48:26.0057 2812 DXGKrnl - ok
14:48:26.0088 2812 [ CF0A6015F437161698C5B2A0A12CF052 ] e1express C:\Windows\system32\DRIVERS\e1e6032.sys
14:48:26.0088 2812 e1express - ok
14:48:26.0119 2812 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
14:48:26.0119 2812 EapHost - ok
14:48:26.0213 2812 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
14:48:26.0260 2812 ebdrv - ok
14:48:26.0291 2812 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
14:48:26.0291 2812 EFS - ok
14:48:26.0353 2812 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
14:48:26.0353 2812 ehRecvr - ok
14:48:26.0400 2812 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
14:48:26.0400 2812 ehSched - ok
14:48:26.0462 2812 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
14:48:26.0478 2812 elxstor - ok
14:48:26.0509 2812 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
14:48:26.0509 2812 ErrDev - ok
14:48:26.0540 2812 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
14:48:26.0540 2812 EventSystem - ok
14:48:26.0556 2812 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
14:48:26.0572 2812 exfat - ok
14:48:26.0572 2812 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
14:48:26.0572 2812 fastfat - ok
14:48:26.0618 2812 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
14:48:26.0618 2812 Fax - ok
14:48:26.0634 2812 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
14:48:26.0634 2812 fdc - ok
14:48:26.0665 2812 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
14:48:26.0681 2812 fdPHost - ok
14:48:26.0681 2812 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
14:48:26.0681 2812 FDResPub - ok
14:48:26.0696 2812 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
14:48:26.0696 2812 FileInfo - ok
14:48:26.0712 2812 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
14:48:26.0712 2812 Filetrace - ok
14:48:26.0728 2812 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
14:48:26.0728 2812 flpydisk - ok
14:48:26.0728 2812 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
14:48:26.0743 2812 FltMgr - ok
14:48:26.0774 2812 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\Windows\system32\FntCache.dll
14:48:26.0790 2812 FontCache - ok
14:48:26.0852 2812 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
14:48:26.0852 2812 FontCache3.0.0.0 - ok
14:48:26.0852 2812 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
14:48:26.0852 2812 FsDepends - ok
14:48:26.0884 2812 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
14:48:26.0884 2812 Fs_Rec - ok
14:48:26.0915 2812 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
14:48:26.0915 2812 fvevol - ok
14:48:26.0930 2812 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
14:48:26.0930 2812 gagp30kx - ok
14:48:26.0977 2812 [ D3316F6E3C011435F36E3D6E49B3196C ] GoToAssist C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
14:48:26.0977 2812 GoToAssist - ok
14:48:27.0024 2812 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
14:48:27.0024 2812 gpsvc - ok
14:48:27.0040 2812 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
14:48:27.0040 2812 hcw85cir - ok
14:48:27.0071 2812 [ 3530CAD25DEBA7DC7DE8BB51632CBC5F ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:48:27.0071 2812 HdAudAddService - ok
14:48:27.0086 2812 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
14:48:27.0086 2812 HDAudBus - ok
14:48:27.0102 2812 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
14:48:27.0102 2812 HidBatt - ok
14:48:27.0118 2812 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
14:48:27.0118 2812 HidBth - ok
14:48:27.0133 2812 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
14:48:27.0133 2812 HidIr - ok
14:48:27.0164 2812 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
14:48:27.0164 2812 hidserv - ok
14:48:27.0196 2812 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
14:48:27.0196 2812 HidUsb - ok
14:48:27.0227 2812 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
14:48:27.0227 2812 hkmsvc - ok
14:48:27.0242 2812 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:48:27.0258 2812 HomeGroupListener - ok
14:48:27.0289 2812 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:48:27.0289 2812 HomeGroupProvider - ok
14:48:27.0367 2812 [ 1DAE5C46D42B02A6D5862E1482EFB390 ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
14:48:27.0367 2812 hpqcxs08 - ok
14:48:27.0383 2812 [ 99E8EEF42FE2F4AF29B08C3355DD7685 ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
14:48:27.0383 2812 hpqddsvc - ok
14:48:27.0398 2812 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
14:48:27.0398 2812 HpSAMD - ok
14:48:27.0430 2812 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
14:48:27.0445 2812 HTTP - ok
14:48:27.0476 2812 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
14:48:27.0476 2812 hwpolicy - ok
14:48:27.0508 2812 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
14:48:27.0508 2812 i8042prt - ok
14:48:27.0554 2812 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
14:48:27.0570 2812 iaStorV - ok
14:48:27.0601 2812 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
14:48:27.0601 2812 IDriverT - ok
14:48:27.0664 2812 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
14:48:27.0679 2812 idsvc - ok
14:48:27.0788 2812 [ 9467514EA189475A6E7FDC5D7BDE9D3F ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
14:48:27.0882 2812 igfx - ok
14:48:27.0913 2812 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
14:48:27.0913 2812 iirsp - ok
14:48:27.0944 2812 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
14:48:27.0960 2812 IKEEXT - ok
14:48:28.0022 2812 [ F8F53C5449F15B23D4C61D51D2701DA8 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
14:48:28.0069 2812 IntcAzAudAddService - ok
14:48:28.0100 2812 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
14:48:28.0100 2812 intelide - ok
14:48:28.0116 2812 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
14:48:28.0116 2812 intelppm - ok
14:48:28.0147 2812 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
14:48:28.0147 2812 IPBusEnum - ok
14:48:28.0163 2812 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:48:28.0163 2812 IpFilterDriver - ok
14:48:28.0178 2812 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
14:48:28.0178 2812 IPMIDRV - ok
14:48:28.0194 2812 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
14:48:28.0194 2812 IPNAT - ok
14:48:28.0210 2812 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
14:48:28.0210 2812 IRENUM - ok
14:48:28.0225 2812 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
14:48:28.0225 2812 isapnp - ok
14:48:28.0241 2812 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
14:48:28.0241 2812 iScsiPrt - ok
14:48:28.0288 2812 [ 724A6A9AB5E1807665C5DB71C30BFC5F ] ISWKL C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys
14:48:28.0288 2812 ISWKL - ok
14:48:28.0303 2812 [ 57FE873B8246DEF1372503CBC57A7499 ] IswSvc C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
14:48:28.0319 2812 IswSvc - ok
14:48:28.0319 2812 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
14:48:28.0319 2812 kbdclass - ok
14:48:28.0350 2812 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
14:48:28.0350 2812 kbdhid - ok
14:48:28.0366 2812 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
14:48:28.0366 2812 KeyIso - ok
14:48:28.0412 2812 [ 958C2A9BF7EB471948971F1268230728 ] KLIF C:\Windows\system32\DRIVERS\klif.sys
14:48:28.0428 2812 KLIF - ok
14:48:28.0459 2812 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
14:48:28.0459 2812 KSecDD - ok
14:48:28.0475 2812 [ 5FE1ABF1AF591A3458C9CF24ED9A4D35 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
14:48:28.0475 2812 KSecPkg - ok
14:48:28.0522 2812 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
14:48:28.0553 2812 KtmRm - ok
14:48:28.0615 2812 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\system32\srvsvc.dll
14:48:28.0631 2812 LanmanServer - ok
14:48:28.0662 2812 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:48:28.0662 2812 LanmanWorkstation - ok
14:48:28.0849 2812 [ 32F1B95C60042F3D95FC8AB43559B3B1 ] LeapFrog Connect Device Service C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe
14:48:28.0912 2812 LeapFrog Connect Device Service - ok
14:48:28.0927 2812 [ 5CFFDA921FE0C9E9EBDE3150D3C81594 ] Leapfrog-USBLAN C:\Windows\system32\DRIVERS\btblan.sys
14:48:28.0927 2812 Leapfrog-USBLAN - ok
14:48:28.0958 2812 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
14:48:28.0958 2812 lltdio - ok
14:48:28.0990 2812 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
14:48:28.0990 2812 lltdsvc - ok
14:48:29.0005 2812 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
14:48:29.0005 2812 lmhosts - ok
14:48:29.0021 2812 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
14:48:29.0021 2812 LSI_FC - ok
14:48:29.0036 2812 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
14:48:29.0036 2812 LSI_SAS - ok
14:48:29.0052 2812 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
14:48:29.0052 2812 LSI_SAS2 - ok
14:48:29.0068 2812 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
14:48:29.0068 2812 LSI_SCSI - ok
14:48:29.0083 2812 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
14:48:29.0083 2812 luafv - ok
14:48:29.0114 2812 [ 629CABB0421668C9D3D402A3C3D77E14 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
14:48:29.0114 2812 MBAMProtector - ok
14:48:29.0146 2812 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
14:48:29.0146 2812 MBAMScheduler - ok
14:48:29.0177 2812 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
14:48:29.0177 2812 MBAMService - ok
14:48:29.0208 2812 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
14:48:29.0208 2812 Mcx2Svc - ok
14:48:29.0224 2812 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
14:48:29.0224 2812 megasas - ok
14:48:29.0239 2812 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
14:48:29.0255 2812 MegaSR - ok
14:48:29.0270 2812 MFE_RR - ok
14:48:29.0286 2812 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
14:48:29.0286 2812 MMCSS - ok
14:48:29.0302 2812 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
14:48:29.0302 2812 Modem - ok
14:48:29.0348 2812 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
14:48:29.0348 2812 monitor - ok
14:48:29.0364 2812 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
14:48:29.0364 2812 mouclass - ok
14:48:29.0364 2812 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
14:48:29.0364 2812 mouhid - ok
14:48:29.0411 2812 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
14:48:29.0411 2812 mountmgr - ok
14:48:29.0426 2812 MozillaMaintenance - ok
14:48:29.0442 2812 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
14:48:29.0442 2812 mpio - ok
14:48:29.0473 2812 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
14:48:29.0473 2812 mpsdrv - ok
14:48:29.0520 2812 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
14:48:29.0520 2812 MpsSvc - ok
14:48:29.0551 2812 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
14:48:29.0551 2812 MRxDAV - ok
14:48:29.0567 2812 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
14:48:29.0567 2812 mrxsmb - ok
14:48:29.0598 2812 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:48:29.0598 2812 mrxsmb10 - ok
14:48:29.0629 2812 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:48:29.0629 2812 mrxsmb20 - ok
14:48:29.0645 2812 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
14:48:29.0645 2812 msahci - ok
14:48:29.0692 2812 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
14:48:29.0692 2812 msdsm - ok
14:48:29.0723 2812 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
14:48:29.0723 2812 MSDTC - ok
14:48:29.0754 2812 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
14:48:29.0754 2812 Msfs - ok
14:48:29.0770 2812 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
14:48:29.0770 2812 mshidkmdf - ok
14:48:29.0801 2812 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
14:48:29.0801 2812 msisadrv - ok
14:48:29.0816 2812 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
14:48:29.0816 2812 MSiSCSI - ok
14:48:29.0832 2812 msiserver - ok
14:48:29.0832 2812 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
14:48:29.0848 2812 MSKSSRV - ok
14:48:29.0863 2812 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
14:48:29.0863 2812 MSPCLOCK - ok
14:48:29.0863 2812 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
14:48:29.0879 2812 MSPQM - ok
14:48:29.0894 2812 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
14:48:29.0894 2812 MsRPC - ok
14:48:29.0910 2812 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
14:48:29.0910 2812 mssmbios - ok
14:48:29.0926 2812 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
14:48:29.0926 2812 MSTEE - ok
14:48:29.0926 2812 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
14:48:29.0926 2812 MTConfig - ok
14:48:29.0957 2812 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
14:48:29.0957 2812 Mup - ok
14:48:29.0988 2812 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
14:48:29.0988 2812 napagent - ok
14:48:30.0019 2812 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
14:48:30.0019 2812 NativeWifiP - ok
14:48:30.0066 2812 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys
14:48:30.0113 2812 NDIS - ok
14:48:30.0144 2812 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
14:48:30.0144 2812 NdisCap - ok
14:48:30.0160 2812 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
14:48:30.0160 2812 NdisTapi - ok
14:48:30.0175 2812 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
14:48:30.0191 2812 Ndisuio - ok
14:48:30.0222 2812 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
14:48:30.0222 2812 NdisWan - ok
14:48:30.0253 2812 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
14:48:30.0253 2812 NDProxy - ok
14:48:30.0269 2812 [ 510C138564486FF926A3F773205C63D1 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
14:48:30.0284 2812 Net Driver HPZ12 - ok
14:48:30.0284 2812 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
14:48:30.0284 2812 NetBIOS - ok
14:48:30.0316 2812 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
14:48:30.0316 2812 NetBT - ok
14:48:30.0316 2812 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
14:48:30.0331 2812 Netlogon - ok
14:48:30.0362 2812 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
14:48:30.0362 2812 Netman - ok
14:48:30.0378 2812 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
14:48:30.0378 2812 netprofm - ok
14:48:30.0394 2812 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:48:30.0394 2812 NetTcpPortSharing - ok
14:48:30.0425 2812 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
14:48:30.0425 2812 nfrd960 - ok
14:48:30.0456 2812 [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc C:\Windows\System32\nlasvc.dll
14:48:30.0456 2812 NlaSvc - ok
14:48:30.0472 2812 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
14:48:30.0472 2812 Npfs - ok
14:48:30.0487 2812 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
14:48:30.0503 2812 nsi - ok
14:48:30.0503 2812 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
14:48:30.0503 2812 nsiproxy - ok
14:48:30.0550 2812 [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
14:48:30.0581 2812 Ntfs - ok
14:48:30.0674 2812 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
14:48:30.0674 2812 Null - ok
14:48:30.0690 2812 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
14:48:30.0690 2812 nvraid - ok
14:48:30.0721 2812 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
14:48:30.0737 2812 nvstor - ok
14:48:30.0752 2812 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
14:48:30.0768 2812 nv_agp - ok
14:48:30.0768 2812 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
14:48:30.0768 2812 ohci1394 - ok
14:48:30.0799 2812 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
14:48:30.0815 2812 p2pimsvc - ok
14:48:30.0846 2812 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
14:48:30.0862 2812 p2psvc - ok
14:48:30.0877 2812 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
14:48:30.0877 2812 Parport - ok
14:48:30.0908 2812 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
14:48:30.0908 2812 partmgr - ok
14:48:30.0924 2812 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
14:48:30.0924 2812 Parvdm - ok
14:48:30.0940 2812 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
14:48:30.0940 2812 PcaSvc - ok
14:48:31.0002 2812 [ 2DD9D5A9150C7015AC7F215EFA59E44F ] PCDSRVC{E9D79540-57D5953E-06020200}_0 c:\program files\dell support center\pcdsrvc.pkms
14:48:31.0033 2812 PCDSRVC{E9D79540-57D5953E-06020200}_0 - ok
14:48:31.0064 2812 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
14:48:31.0064 2812 pci - ok
14:48:31.0080 2812 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
14:48:31.0080 2812 pciide - ok
14:48:31.0096 2812 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
14:48:31.0096 2812 pcmcia - ok
14:48:31.0111 2812 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
14:48:31.0127 2812 pcw - ok
14:48:31.0158 2812 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
14:48:31.0174 2812 PEAUTH - ok
14:48:31.0236 2812 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
14:48:31.0283 2812 pla - ok
14:48:31.0314 2812 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
14:48:31.0314 2812 PlugPlay - ok
14:48:31.0330 2812 [ 37E5E8FFBAD35605DAEEC3224EA0E465 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
14:48:31.0330 2812 Pml Driver HPZ12 - ok
14:48:31.0361 2812 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
14:48:31.0361 2812 PNRPAutoReg - ok
14:48:31.0392 2812 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
14:48:31.0392 2812 PNRPsvc - ok
14:48:31.0423 2812 [ 896D916DE06F5502D301E8C4DC442AE8 ] Point32 C:\Windows\system32\DRIVERS\point32.sys
14:48:31.0423 2812 Point32 - ok
14:48:31.0439 2812 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
14:48:31.0454 2812 PolicyAgent - ok
14:48:31.0486 2812 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
14:48:31.0486 2812 Power - ok
14:48:31.0517 2812 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
14:48:31.0517 2812 PptpMiniport - ok
14:48:31.0532 2812 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
14:48:31.0532 2812 Processor - ok
14:48:31.0564 2812 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
14:48:31.0564 2812 ProfSvc - ok
14:48:31.0564 2812 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:48:31.0564 2812 ProtectedStorage - ok
14:48:31.0579 2812 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
14:48:31.0579 2812 Psched - ok
14:48:31.0595 2812 [ 03E0FE281823BA64B3782F5B38950E73 ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
14:48:31.0595 2812 PxHelp20 - ok
14:48:31.0642 2812 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
14:48:31.0751 2812 ql2300 - ok
14:48:31.0766 2812 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
14:48:31.0766 2812 ql40xx - ok
14:48:31.0798 2812 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
14:48:31.0813 2812 QWAVE - ok
14:48:31.0829 2812 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
14:48:31.0829 2812 QWAVEdrv - ok
14:48:31.0844 2812 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
14:48:31.0844 2812 RasAcd - ok
14:48:31.0876 2812 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
14:48:31.0876 2812 RasAgileVpn - ok
14:48:31.0891 2812 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
14:48:31.0891 2812 RasAuto - ok
14:48:31.0907 2812 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
14:48:31.0907 2812 Rasl2tp - ok
14:48:31.0954 2812 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
14:48:31.0954 2812 RasMan - ok
14:48:31.0969 2812 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
14:48:31.0969 2812 RasPppoe - ok
14:48:31.0985 2812 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
14:48:31.0985 2812 RasSstp - ok
14:48:32.0016 2812 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
14:48:32.0032 2812 rdbss - ok
14:48:32.0032 2812 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
14:48:32.0032 2812 rdpbus - ok
14:48:32.0063 2812 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
14:48:32.0063 2812 RDPCDD - ok
14:48:32.0094 2812 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
14:48:32.0094 2812 RDPENCDD - ok
14:48:32.0110 2812 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
14:48:32.0110 2812 RDPREFMP - ok
14:48:32.0156 2812 [ 65375DF758CA1872AB7EBBBA457FD5E6 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
14:48:32.0156 2812 RdpVideoMiniport - ok
14:48:32.0188 2812 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
14:48:32.0188 2812 RDPWD - ok
14:48:32.0234 2812 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
14:48:32.0234 2812 rdyboost - ok
14:48:32.0281 2812 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
14:48:32.0281 2812 RemoteAccess - ok
14:48:32.0312 2812 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
14:48:32.0312 2812 RemoteRegistry - ok
14:48:32.0328 2812 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
14:48:32.0328 2812 RpcEptMapper - ok
14:48:32.0344 2812 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
14:48:32.0344 2812 RpcLocator - ok
14:48:32.0375 2812 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
14:48:32.0390 2812 RpcSs - ok
14:48:32.0422 2812 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
14:48:32.0422 2812 rspndr - ok
14:48:32.0437 2812 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
14:48:32.0437 2812 SamSs - ok
14:48:32.0484 2812 [ 39763504067962108505BFF25F024345 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
14:48:32.0484 2812 SASDIFSV - ok
14:48:32.0500 2812 [ 77B9FC20084B48408AD3E87570EB4A85 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
14:48:32.0500 2812 SASKUTIL - ok
14:48:32.0500 2812 sbapifs - ok
14:48:32.0531 2812 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
14:48:32.0531 2812 sbp2port - ok
14:48:32.0562 2812 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
14:48:32.0562 2812 SCardSvr - ok
14:48:32.0578 2812 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
14:48:32.0578 2812 scfilter - ok
14:48:32.0656 2812 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
14:48:32.0687 2812 Schedule - ok
14:48:32.0718 2812 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
14:48:32.0718 2812 SCPolicySvc - ok
14:48:32.0734 2812 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
14:48:32.0734 2812 SDRSVC - ok
14:48:32.0765 2812 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
14:48:32.0765 2812 secdrv - ok
14:48:32.0843 2812 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
14:48:32.0843 2812 seclogon - ok
14:48:32.0858 2812 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
14:48:32.0874 2812 SENS - ok
14:48:32.0890 2812 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
14:48:32.0905 2812 SensrSvc - ok
14:48:32.0921 2812 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
14:48:32.0921 2812 Serenum - ok
14:48:32.0921 2812 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
14:48:32.0921 2812 Serial - ok
14:48:32.0952 2812 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
14:48:32.0952 2812 sermouse - ok
14:48:32.0983 2812 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
14:48:32.0999 2812 SessionEnv - ok
14:48:33.0030 2812 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
14:48:33.0030 2812 sffdisk - ok
14:48:33.0030 2812 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
14:48:33.0030 2812 sffp_mmc - ok
14:48:33.0046 2812 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
14:48:33.0046 2812 sffp_sd - ok
14:48:33.0046 2812 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
14:48:33.0061 2812 sfloppy - ok
14:48:33.0108 2812 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
14:48:33.0108 2812 SharedAccess - ok
14:48:33.0139 2812 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:48:33.0139 2812 ShellHWDetection - ok
14:48:33.0170 2812 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
14:48:33.0170 2812 sisagp - ok
14:48:33.0170 2812 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
14:48:33.0170 2812 SiSRaid2 - ok
14:48:33.0186 2812 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
14:48:33.0186 2812 SiSRaid4 - ok
14:48:33.0202 2812 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
14:48:33.0202 2812 Smb - ok
14:48:33.0233 2812 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
14:48:33.0233 2812 SNMPTRAP - ok
14:48:33.0264 2812 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
14:48:33.0264 2812 spldr - ok
14:48:33.0295 2812 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
14:48:33.0311 2812 Spooler - ok
14:48:33.0404 2812 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
14:48:33.0420 2812 sppsvc - ok
14:48:33.0451 2812 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
14:48:33.0451 2812 sppuinotify - ok
14:48:33.0467 2812 sprtsvc_dellsupportcenter - ok
14:48:33.0482 2812 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
14:48:33.0498 2812 srv - ok
14:48:33.0498 2812 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
14:48:33.0514 2812 srv2 - ok
14:48:33.0529 2812 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
14:48:33.0529 2812 srvnet - ok
14:48:33.0560 2812 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
14:48:33.0560 2812 SSDPSRV - ok
14:48:33.0592 2812 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
14:48:33.0592 2812 SstpSvc - ok
14:48:33.0623 2812 [ 359FEE084F1173FFFFD7F9CCBD43D47F ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
14:48:33.0623 2812 ssudmdm - ok
14:48:33.0654 2812 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
14:48:33.0654 2812 stexstor - ok
14:48:33.0685 2812 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
14:48:33.0701 2812 StiSvc - ok
14:48:33.0732 2812 [ 1D0063597C3666404FCF97698ABEB019 ] stllssvr C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
14:48:33.0732 2812 stllssvr - ok
14:48:33.0763 2812 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
14:48:33.0763 2812 swenum - ok
14:48:33.0779 2812 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
14:48:33.0779 2812 swprv - ok
14:48:33.0826 2812 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
14:48:33.0857 2812 SysMain - ok
14:48:33.0872 2812 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:48:33.0872 2812 TabletInputService - ok
14:48:33.0919 2812 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
14:48:33.0935 2812 TapiSrv - ok
14:48:33.0966 2812 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
14:48:33.0966 2812 TBS - ok
14:48:34.0044 2812 [ E23A56F843E2AEBBB209D0ACCA73C640 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
14:48:34.0075 2812 Tcpip - ok
14:48:34.0106 2812 [ E23A56F843E2AEBBB209D0ACCA73C640 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
14:48:34.0106 2812 TCPIP6 - ok
14:48:34.0122 2812 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
14:48:34.0122 2812 tcpipreg - ok
14:48:34.0153 2812 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
14:48:34.0169 2812 TDPIPE - ok
14:48:34.0184 2812 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
14:48:34.0184 2812 TDTCP - ok
14:48:34.0216 2812 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
14:48:34.0216 2812 tdx - ok
14:48:34.0247 2812 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
14:48:34.0247 2812 TermDD - ok
14:48:34.0262 2812 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
14:48:34.0278 2812 TermService - ok
14:48:34.0278 2812 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
14:48:34.0278 2812 Themes - ok
14:48:34.0325 2812 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
14:48:34.0325 2812 THREADORDER - ok
14:48:34.0340 2812 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
14:48:34.0340 2812 TrkWks - ok
14:48:34.0387 2812 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:48:34.0387 2812 TrustedInstaller - ok
14:48:34.0403 2812 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
14:48:34.0403 2812 tssecsrv - ok
14:48:34.0434 2812 [ 9CE253214ACAA5A7D323327D2055EFAA ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
14:48:34.0434 2812 TsUsbFlt - ok
14:48:34.0465 2812 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
14:48:34.0465 2812 tunnel - ok
14:48:34.0496 2812 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
14:48:34.0496 2812 uagp35 - ok
14:48:34.0512 2812 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
14:48:34.0512 2812 udfs - ok
14:48:34.0528 2812 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
14:48:34.0528 2812 UI0Detect - ok
14:48:34.0543 2812 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
14:48:34.0543 2812 uliagpkx - ok
14:48:34.0574 2812 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\DRIVERS\umbus.sys
14:48:34.0574 2812 umbus - ok
14:48:34.0590 2812 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
14:48:34.0590 2812 UmPass - ok
14:48:34.0637 2812 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
14:48:34.0637 2812 upnphost - ok
14:48:34.0668 2812 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
14:48:34.0668 2812 usbccgp - ok
14:48:34.0699 2812 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
14:48:34.0699 2812 usbcir - ok
14:48:34.0730 2812 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\drivers\usbehci.sys
14:48:34.0730 2812 usbehci - ok
14:48:34.0746 2812 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
14:48:34.0746 2812 usbhub - ok
14:48:34.0777 2812 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\drivers\usbohci.sys
14:48:34.0777 2812 usbohci - ok
14:48:34.0793 2812 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
14:48:34.0793 2812 usbprint - ok
14:48:34.0824 2812 [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
14:48:34.0840 2812 usbscan - ok
14:48:34.0871 2812 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:48:34.0871 2812 USBSTOR - ok
14:48:34.0886 2812 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
14:48:34.0886 2812 usbuhci - ok
14:48:34.0918 2812 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
14:48:34.0918 2812 UxSms - ok
14:48:34.0918 2812 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
14:48:34.0933 2812 VaultSvc - ok
14:48:34.0933 2812 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
14:48:34.0933 2812 vdrvroot - ok
14:48:35.0027 2812 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
14:48:35.0042 2812 vds - ok
14:48:35.0074 2812 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
14:48:35.0074 2812 vga - ok
14:48:35.0089 2812 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
14:48:35.0089 2812 VgaSave - ok
14:48:35.0120 2812 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
14:48:35.0136 2812 vhdmp - ok
14:48:35.0136 2812 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
14:48:35.0152 2812 viaagp - ok
14:48:35.0167 2812 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
14:48:35.0167 2812 ViaC7 - ok
14:48:35.0183 2812 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
14:48:35.0183 2812 viaide - ok
14:48:35.0198 2812 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
14:48:35.0198 2812 volmgr - ok
14:48:35.0214 2812 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
14:48:35.0214 2812 volmgrx - ok
14:48:35.0230 2812 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
14:48:35.0230 2812 volsnap - ok
14:48:35.0292 2812 [ 43A6E43395A0D1064C92108192CF8122 ] Vsdatant C:\Windows\system32\DRIVERS\vsdatant.sys
14:48:35.0292 2812 Vsdatant - ok
14:48:35.0292 2812 vsmon - ok
14:48:35.0308 2812 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
14:48:35.0323 2812 vsmraid - ok
14:48:35.0370 2812 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
14:48:35.0386 2812 VSS - ok
14:48:35.0401 2812 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
14:48:35.0401 2812 vwifibus - ok
14:48:35.0432 2812 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
14:48:35.0432 2812 W32Time - ok
14:48:35.0448 2812 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
14:48:35.0448 2812 WacomPen - ok
14:48:35.0464 2812 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
14:48:35.0464 2812 WANARP - ok
14:48:35.0464 2812 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
14:48:35.0464 2812 Wanarpv6 - ok
14:48:35.0510 2812 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
14:48:35.0542 2812 WatAdminSvc - ok
14:48:35.0588 2812 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
14:48:35.0620 2812 wbengine - ok
14:48:35.0651 2812 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
14:48:35.0651 2812 WbioSrvc - ok
14:48:35.0682 2812 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
14:48:35.0682 2812 wcncsvc - ok
14:48:35.0698 2812 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:48:35.0698 2812 WcsPlugInService - ok
14:48:35.0713 2812 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
14:48:35.0713 2812 Wd - ok
14:48:35.0744 2812 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
14:48:35.0760 2812 Wdf01000 - ok
14:48:35.0776 2812 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
14:48:35.0776 2812 WdiServiceHost - ok
14:48:35.0791 2812 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
14:48:35.0791 2812 WdiSystemHost - ok
14:48:35.0807 2812 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
14:48:35.0822 2812 WebClient - ok
14:48:35.0838 2812 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
14:48:35.0838 2812 Wecsvc - ok
14:48:35.0869 2812 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
14:48:35.0869 2812 wercplsupport - ok
14:48:35.0885 2812 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
14:48:35.0885 2812 WerSvc - ok
14:48:35.0916 2812 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
14:48:35.0916 2812 WfpLwf - ok
14:48:35.0932 2812 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
14:48:35.0932 2812 WIMMount - ok
14:48:35.0932 2812 WinHttpAutoProxySvc - ok
14:48:36.0056 2812 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
14:48:36.0056 2812 Winmgmt - ok
14:48:36.0103 2812 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
14:48:36.0119 2812 WinRM - ok
14:48:36.0150 2812 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
14:48:36.0150 2812 WinUsb - ok
14:48:36.0181 2812 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
14:48:36.0212 2812 Wlansvc - ok
14:48:36.0306 2812 [ 0A70F4022EC2E14C159EFC4F69AA2477 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:48:36.0337 2812 wlidsvc - ok
14:48:36.0368 2812 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
14:48:36.0368 2812 WmiAcpi - ok
14:48:36.0400 2812 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
14:48:36.0400 2812 wmiApSrv - ok
14:48:36.0462 2812 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
14:48:36.0478 2812 WMPNetworkSvc - ok
14:48:36.0493 2812 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
14:48:36.0493 2812 WPCSvc - ok
14:48:36.0524 2812 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
14:48:36.0524 2812 WPDBusEnum - ok
14:48:36.0556 2812 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
14:48:36.0556 2812 ws2ifsl - ok
14:48:36.0587 2812 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\system32\wscsvc.dll
14:48:36.0587 2812 wscsvc - ok
14:48:36.0602 2812 WSearch - ok
14:48:36.0696 2812 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
14:48:36.0712 2812 wuauserv - ok
14:48:36.0743 2812 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
14:48:36.0743 2812 WudfPf - ok
14:48:36.0743 2812 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
14:48:36.0758 2812 WUDFRd - ok
14:48:36.0774 2812 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
14:48:36.0774 2812 wudfsvc - ok
14:48:36.0790 2812 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
14:48:36.0805 2812 WwanSvc - ok
14:48:36.0821 2812 ================ Scan global ===============================
14:48:36.0852 2812 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
14:48:36.0868 2812 [ D70FE45855CAD4C0C6B1C1426ABDEBA9 ] C:\Windows\system32\winsrv.dll
14:48:36.0883 2812 [ D70FE45855CAD4C0C6B1C1426ABDEBA9 ] C:\Windows\system32\winsrv.dll
14:48:36.0883 2812 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
14:48:36.0899 2812 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
14:48:36.0914 2812 [Global] - ok
14:48:36.0914 2812 ================ Scan MBR ==================================
14:48:36.0930 2812 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
14:48:37.0195 2812 \Device\Harddisk0\DR0 - ok
14:48:37.0195 2812 ================ Scan VBR ==================================
14:48:37.0226 2812 [ F646982E87F8FC2796DBDBBE48B490C5 ] \Device\Harddisk0\DR0\Partition1
14:48:37.0226 2812 \Device\Harddisk0\DR0\Partition1 - ok
14:48:37.0226 2812 [ 1808F352127C0B92BA8CF36CA518112E ] \Device\Harddisk0\DR0\Partition2
14:48:37.0226 2812 \Device\Harddisk0\DR0\Partition2 - ok
14:48:37.0226 2812 ============================================================
14:48:37.0226 2812 Scan finished
14:48:37.0226 2812 ============================================================
14:48:37.0242 3100 Detected object count: 0
14:48:37.0242 3100 Actual detected object count: 0
14:49:01.0422 5048 Deinitialize success



aswmbr



aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-02-06 15:10:19
-----------------------------
15:10:19.551 OS Version: Windows 6.1.7601 Service Pack 1
15:10:19.551 Number of processors: 2 586 0xF0D
15:10:19.566 ComputerName: GARY-PC UserName: gary
15:10:20.050 Initialize success
15:10:27.163 AVAST engine defs: 13020600
15:10:32.389 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
15:10:32.389 Disk 0 Vendor: ST3320620AS 3.ADJ Size: 305245MB BusType: 3
15:10:32.561 Disk 0 MBR read successfully
15:10:32.561 Disk 0 MBR scan
15:10:32.577 Disk 0 Windows 7 default MBR code
15:10:32.623 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 47 MB offset 63
15:10:32.670 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 10240 MB offset 98304
15:10:32.779 Disk 0 Partition 3 80 (A) 07 HPFS/NTFS NTFS 294956 MB offset 21069824
15:10:32.920 Disk 0 scanning sectors +625139712
15:10:33.216 Disk 0 scanning C:\Windows\system32\drivers
15:10:53.871 Service scanning
15:11:14.915 Modules scanning
15:11:39.157 Disk 0 trace - called modules:
15:11:39.189 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys
15:11:39.189 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86b37aa0]
15:11:39.189 3 CLASSPNP.SYS[8c78859e] -> nt!IofCallDriver -> [0x86668900]
15:11:39.204 5 ACPI.sys[8c2ca3d4] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x85da0908]
15:11:40.000 AVAST engine scan C:\Windows
15:12:02.027 AVAST engine scan C:\Windows\system32
15:15:56.577 AVAST engine scan C:\Windows\system32\drivers
15:16:11.569 AVAST engine scan C:\Users\gary
15:18:11.408 AVAST engine scan C:\ProgramData
15:28:53.459 Disk 0 MBR has been saved successfully to "C:\Users\gary\Desktop\MBR.dat"
15:28:53.474 The log file has been saved successfully to "C:\Users\gary\Desktop\aswMBR.txt"


eset




C:\TDSSKiller_Quarantine\31.01.2013_21.14.35\rtkt0000\svc0000\tsk0000.dta a variant of Win32/Rootkit.Kryptik.SL trojan cleaned by deleting - quarantined

Edited by bricbat, 06 February 2013 - 09:22 PM.


#5 bricbat

bricbat
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:canada
  • Local time:06:35 PM

Posted 06 February 2013 - 11:33 PM

just as a point of interest i was looking in my windows file folder and came across a file folder called $NtUninstallKB245$ it is the only file highlighted in blue on my system. within it all the files inside are also in blue and all have a creation date of jan 13/13 when i googled them many came up with connections to viruses or malware.

ias this normal or should i be worried.

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:35 PM

Posted 07 February 2013 - 01:42 AM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.

Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#7 bricbat

bricbat
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:canada
  • Local time:06:35 PM

Posted 07 February 2013 - 02:52 AM

this is requested info

Malwarebytes Anti-Malware (Trial) 1.70.0.1100
www.malwarebytes.org

Database version: v2013.02.06.03

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
gary :: GARY-PC [administrator]

Protection: Enabled

06/02/2013 8:26:16 PM
mbam-log-2013-02-06 (20-26-16).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 373471
Time elapsed: 49 minute(s), 50 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)



MiniToolBox by Farbar Version:10-01-2013
Ran by gary (administrator) on 07-02-2013 at 00:46:23
Running from "C:\Users\gary\Downloads"
Windows 7 Home Premium Service Pack 1 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================




127.0.0.1 localhost

========================= IP Configuration: ================================

Intel® 82562V-2 10/100 Network Connection = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : gary-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : mh.shawcable.net

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : mh.shawcable.net
Description . . . . . . . . . . . : Intel® 82562V-2 10/100 Network Connection
Physical Address. . . . . . . . . : 00-21-9B-05-47-C9
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::d01a:5b81:7f2a:b9bc%9(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.100(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : February-07-13 12:39:45 AM
Lease Expires . . . . . . . . . . : February-08-13 12:39:45 AM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 251666843
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-10-AE-D7-59-00-21-9B-05-47-C9
DNS Servers . . . . . . . . . . . : 64.59.135.133
64.59.128.120
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.mh.shawcable.net:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: nsc1.so.cg.shawcable.net
Address: 64.59.135.133

Name: google.com
Addresses: 2607:f8b0:400a:800::1004
173.194.33.8
173.194.33.7
173.194.33.3
173.194.33.14
173.194.33.4
173.194.33.9
173.194.33.2
173.194.33.6
173.194.33.1
173.194.33.5
173.194.33.0


Pinging google.com [173.194.33.32] with 32 bytes of data:
Reply from 173.194.33.32: bytes=32 time=36ms TTL=55
Reply from 173.194.33.32: bytes=32 time=88ms TTL=55

Ping statistics for 173.194.33.32:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 36ms, Maximum = 88ms, Average = 62ms
Server: nsc1.so.cg.shawcable.net
Address: 64.59.135.133

Name: yahoo.com
Addresses: 98.139.183.24
98.138.253.109
206.190.36.45


Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=37ms TTL=52
Reply from 206.190.36.45: bytes=32 time=88ms TTL=52

Ping statistics for 206.190.36.45:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 37ms, Maximum = 88ms, Average = 62ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=15ms TTL=128
Reply from 127.0.0.1: bytes=32 time=4ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 4ms, Maximum = 15ms, Average = 9ms
===========================================================================
Interface List
9...00 21 9b 05 47 c9 ......Intel® 82562V-2 10/100 Network Connection
1...........................Software Loopback Interface 1
15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
10...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.100 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.100 276
192.168.1.100 255.255.255.255 On-link 192.168.1.100 276
192.168.1.255 255.255.255.255 On-link 192.168.1.100 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.100 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.100 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
9 276 fe80::/64 On-link
9 276 fe80::d01a:5b81:7f2a:b9bc/128
On-link
1 306 ff00::/8 On-link
9 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

Catalog5 06 C:\Windows\System32\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (02/07/2013 00:46:24 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (02/07/2013 00:45:26 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (02/07/2013 00:19:52 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (02/06/2013 11:58:11 PM) (Source: Application Error) (User: )
Description: Faulting application name: explorer.exe, version: 6.1.7601.17567, time stamp: 0x4d6727a7
Faulting module name: msvcrt.dll, version: 7.0.7601.17744, time stamp: 0x4eeaf722
Exception code: 0x40000015
Fault offset: 0x0005620a
Faulting process id: 0x130c
Faulting application start time: 0xexplorer.exe0
Faulting application path: explorer.exe1
Faulting module path: explorer.exe2
Report Id: explorer.exe3

Error: (02/06/2013 11:56:43 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (02/06/2013 11:53:32 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {98e592ec-5e12-46bc-ba43-17ad3724237c}

Error: (02/06/2013 11:42:18 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (02/06/2013 11:36:44 PM) (Source: Application Error) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.1.7601.17567, time stamp: 0x4d6727a7
Faulting module name: msvcrt.dll, version: 7.0.7601.17744, time stamp: 0x4eeaf722
Exception code: 0x40000015
Fault offset: 0x0005620a
Faulting process id: 0xc2c
Faulting application start time: 0xExplorer.EXE0
Faulting application path: Explorer.EXE1
Faulting module path: Explorer.EXE2
Report Id: Explorer.EXE3

Error: (02/06/2013 10:03:10 PM) (Source: Application Error) (User: )
Description: Faulting application name: explorer.exe, version: 6.1.7601.17567, time stamp: 0x4d6727a7
Faulting module name: msvcrt.dll, version: 7.0.7601.17744, time stamp: 0x4eeaf722
Exception code: 0x40000015
Fault offset: 0x0005620a
Faulting process id: 0x14d0
Faulting application start time: 0xexplorer.exe0
Faulting application path: explorer.exe1
Faulting module path: explorer.exe2
Report Id: explorer.exe3

Error: (02/06/2013 09:28:02 PM) (Source: Application Error) (User: )
Description: Faulting application name: explorer.exe, version: 6.1.7601.17567, time stamp: 0x4d6727a7
Faulting module name: msvcrt.dll, version: 7.0.7601.17744, time stamp: 0x4eeaf722
Exception code: 0x40000015
Fault offset: 0x0005620a
Faulting process id: 0xe84
Faulting application start time: 0xexplorer.exe0
Faulting application path: explorer.exe1
Faulting module path: explorer.exe2
Report Id: explorer.exe3


System errors:
=============
Error: (02/07/2013 00:41:48 AM) (Source: Service Control Manager) (User: )
Description: The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error:
%%1053

Error: (02/07/2013 00:41:48 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Presentation Foundation Font Cache 3.0.0.0 service to connect.

Error: (02/07/2013 00:40:04 AM) (Source: Service Control Manager) (User: )
Description: The Terminal Services service failed to start due to the following error:
%%1083

Error: (02/07/2013 00:40:04 AM) (Source: DCOM) (User: )
Description: 1083TermService{F9A874B6-F8A8-4D73-B5A8-AB610816828B}

Error: (02/07/2013 00:39:51 AM) (Source: Service Control Manager) (User: )
Description: The SupportSoft Sprocket Service (dellsupportcenter) service failed to start due to the following error:
%%2

Error: (02/07/2013 00:39:42 AM) (Source: Service Control Manager) (User: )
Description: The sbapifs service failed to start due to the following error:
%%2

Error: (02/07/2013 00:39:43 AM) (Source: EventLog) (User: )
Description: The previous system shutdown at 12:38:12 AM on ?2/?7/?2013 was unexpected.

Error: (02/07/2013 00:33:59 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.

Error: (02/07/2013 00:30:58 AM) (Source: Service Control Manager) (User: )
Description: The Windows Backup service failed to start due to the following error:
%%1053

Error: (02/07/2013 00:30:58 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Backup service to connect.


Microsoft Office Sessions:
=========================
Error: (02/07/2013 00:46:24 AM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Users\gary\Downloads\Windows6.0-KB940520-x64-ENU.exe

Error: (02/07/2013 00:45:26 AM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Users\gary\Downloads\Windows6.0-KB940520-x64-ENU.exe

Error: (02/07/2013 00:19:52 AM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Users\gary\Downloads\Windows6.0-KB940520-x64-ENU.exe

Error: (02/06/2013 11:58:11 PM) (Source: Application Error)(User: )
Description: explorer.exe6.1.7601.175674d6727a7msvcrt.dll7.0.7601.177444eeaf722400000150005620a130c01ce04fd80d48f3eC:\Windows\explorer.exeC:\Windows\system32\msvcrt.dllbbdea3a2-70f3-11e2-b895-00219b0547c9

Error: (02/06/2013 11:56:43 PM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Users\gary\Downloads\Windows6.0-KB940520-x64-ENU.exe

Error: (02/06/2013 11:53:32 PM) (Source: VSS)(User: )
Description: 0x80070005, Access is denied.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {98e592ec-5e12-46bc-ba43-17ad3724237c}

Error: (02/06/2013 11:42:18 PM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Users\gary\Downloads\Windows6.0-KB940520-x64-ENU.exe

Error: (02/06/2013 11:36:44 PM) (Source: Application Error)(User: )
Description: Explorer.EXE6.1.7601.175674d6727a7msvcrt.dll7.0.7601.177444eeaf722400000150005620ac2c01ce04f858e55ebdC:\Windows\Explorer.EXEC:\Windows\system32\msvcrt.dllbcdc14b8-70f0-11e2-b895-00219b0547c9

Error: (02/06/2013 10:03:10 PM) (Source: Application Error)(User: )
Description: explorer.exe6.1.7601.175674d6727a7msvcrt.dll7.0.7601.177444eeaf722400000150005620a14d001ce04eb85ce5aceC:\Windows\explorer.exeC:\Windows\system32\msvcrt.dllaa74f2cc-70e3-11e2-b895-00219b0547c9

Error: (02/06/2013 09:28:02 PM) (Source: Application Error)(User: )
Description: explorer.exe6.1.7601.175674d6727a7msvcrt.dll7.0.7601.177444eeaf722400000150005620ae8401ce04eaa2fd4010C:\Windows\explorer.exeC:\Windows\system32\msvcrt.dllc21a9a06-70de-11e2-b895-00219b0547c9


CodeIntegrity Errors:
===================================
Date: 2013-02-07 00:35:16.607
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-02-07 00:29:46.902
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-02-07 00:15:46.410
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-02-07 00:04:41.444
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-02-06 23:54:02.607
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-02-06 23:36:36.913
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-02-06 23:31:10.568
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-02-06 23:25:53.689
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-02-06 23:19:19.449
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-02-06 22:56:59.454
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.


=========================== Installed Programs ============================

32 Bit HP CIO Components Installer (Version: 6.1.1)
Acrobat.com (Version: 0.0.0)
Adobe AIR (Version: 1.0.8.4990)
Adobe Flash Player 11 ActiveX (Version: 11.5.502.146)
Adobe Flash Player 11 Plugin (Version: 11.5.502.146)
Adobe Reader 9.5.3 (Version: 9.5.3)
AIO_Scan (Version: 130.0.365.000)
AMD Accelerated Video Transcoding (Version: 2.00.0002)
AMD APP SDK Runtime (Version: 10.0.1084.4)
AMD Catalyst Install Manager (Version: 8.0.903.0)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Media Foundation Decoders (Version: 1.0.70405.2224)
ATI AVIVO Codecs (Version: 10.12.0.00202)
ATI Catalyst Registration (Version: 3.00.0000)
Browser Address Error Redirector (Version: 1.00.0000)
BufferChm (Version: 130.0.331.000)
C4200 (Version: 130.0.365.000)
c4200_Help (Version: 82.0.210.000)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center (Version: 2012.0405.2205.37728)
Catalyst Control Center Graphics Previews Common (Version: 2012.0405.2205.37728)
Catalyst Control Center Localization All (Version: 2012.0405.2205.37728)
ccc-utility (Version: 2012.0405.2205.37728)
CCC Help Chinese Standard (Version: 2012.0405.2204.37728)
CCC Help Chinese Traditional (Version: 2012.0405.2204.37728)
CCC Help Czech (Version: 2012.0405.2204.37728)
CCC Help Danish (Version: 2012.0405.2204.37728)
CCC Help Dutch (Version: 2012.0405.2204.37728)
CCC Help English (Version: 2012.0405.2204.37728)
CCC Help Finnish (Version: 2012.0405.2204.37728)
CCC Help French (Version: 2012.0405.2204.37728)
CCC Help German (Version: 2012.0405.2204.37728)
CCC Help Greek (Version: 2012.0405.2204.37728)
CCC Help Hungarian (Version: 2012.0405.2204.37728)
CCC Help Italian (Version: 2012.0405.2204.37728)
CCC Help Japanese (Version: 2012.0405.2204.37728)
CCC Help Korean (Version: 2012.0405.2204.37728)
CCC Help Norwegian (Version: 2012.0405.2204.37728)
CCC Help Polish (Version: 2012.0405.2204.37728)
CCC Help Portuguese (Version: 2012.0405.2204.37728)
CCC Help Russian (Version: 2012.0405.2204.37728)
CCC Help Spanish (Version: 2012.0405.2204.37728)
CCC Help Swedish (Version: 2012.0405.2204.37728)
CCC Help Thai (Version: 2012.0405.2204.37728)
CCC Help Turkish (Version: 2012.0405.2204.37728)
CCleaner (Version: 3.27)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Content Transfer (Version: 1.3.0.23190)
Copy (Version: 130.0.428.000)
D3DX10 (Version: 15.4.2368.0902)
Dell DataSafe Online (Version: 1.1.0014)
Dell Dock (Version: 1.0.0)
Dell Driver Download Manager (Version: 2.1.0.0)
Dell Getting Started Guide (Version: 1.00.0000)
Dell Support Center (Version: 3.2.6032.102)
Destinations (Version: 130.0.0.0)
DeviceDiscovery (Version: 130.0.465.000)
DocProc (Version: 13.0.0.0)
ESET Online Scanner v3
F-Secure PSC Prerequisites (Version: 1.0.5)
ffdshow (remove only)
FLV Player 2.0 (build 25) (Version: 2.0 (build 25))
GoToAssist 8.0.0.514
GPBaseService2 (Version: 130.0.371.000)
HP Update (Version: 4.000.011.006)
HPPhotoGadget (Version: 130.0.282.000)
HPPhotoSmartDiscLabelContent1 (Version: 2.04.0000)
HPPhotosmartEssential (Version: 2.04.0000)
HPProductAssistant (Version: 130.0.371.000)
HPSSupply (Version: 130.0.371.000)
HydraVision (Version: 4.2.142.0)
iLivid (Version: 1.92.0.122194)
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.1930)
Intel® PRO Network Connections 12.1.11.0 (Version: )
Intel® TV Wizard
Java 7 Update 13 (Version: 7.0.130)
Java Auto Updater (Version: 2.1.9.0)
Java™ 6 Update 7 (Version: 1.6.0.70)
Junk Mail filter update (Version: 15.4.3502.0922)
K-Lite Codec Pack 3.2.5 Standard (Version: 3.25)
LeapFrog Connect (Version: 4.2.9.15649)
LeapFrog LeapPad Explorer Plugin (Version: 4.2.11.15696)
LG United Mobile Driver (Version: 3.2.1)
Little Bear Preschool Thinking Adventures
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
MarketResearch (Version: 130.0.374.000)
McAfee Virtual Technician (Version: 7.0.0.2358)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft IntelliPoint 8.2 (Version: 8.20.468.0)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Works (Version: 9.7.0621)
Mozilla Firefox 18.0.2 (x86 en-US) (Version: 18.0.2)
Mozilla Maintenance Service (Version: 18.0.2)
Mozilla Thunderbird 12.0.1 (x86 en-US) (Version: 12.0.1)
MP4 Player (Version: )
MSVCRT (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MyFreeCodec
Mz 7 Optimizer (Version: 1.1.0)
NWZ-E340 WALKMAN Guide (Version: 2.0.00.07010)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
PokerStars.net
PS_AIO_Software_min (Version: 130.0.365.000)
QuickTax 2009 (Version: 1.00.0000)
Realtek High Definition Audio Driver
Roxio Creator Audio (Version: 3.7.0)
Roxio Creator Copy (Version: 3.7.0)
Roxio Creator Data (Version: 3.7.0)
Roxio Creator DE (Version: 10.1)
Roxio Creator DE (Version: 3.7.0)
Roxio Creator Tools (Version: 3.7.0)
Roxio Express Labeler 3 (Version: 3.2.1)
Roxio Update Manager (Version: 6.0.0)
Samsung Kies (Version: 2.5.1.12123_2)
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.16.0)
Scan (Version: 13.0.0.0)
Shared C Run-time for x86 (Version: 10.0.0)
SmartWebPrinting (Version: 130.0.457.000)
SolutionCenter (Version: 130.0.373.000)
Star Trek Online
Status (Version: 130.0.469.000)
SUPERAntiSpyware (Version: 5.6.1014)
TeamSpeak 3 Client (Version: 3.0.9.2)
Toolbox (Version: 130.0.648.000)
TrayApp (Version: 130.0.422.000)
TurboTax 2010 (Version: 1.00.0000)
TurboTax 2011 (Version: 1.00.0000)
Tweaking.com - Windows Repair (All in One) (Version: 1.9.7)
Unity Web Player (Version: )
UnloadSupport (Version: 11.0.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Use the entry named LeapFrog Connect to uninstall (LeapFrog LeapPad Explorer Plugin)
WebReg (Version: 130.0.132.017)
Windows 7 Manager (Version: 4.1.9)
Windows 7 Manager (Version: 4.2.0)
Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012) (Version: 09/10/2009 02.03.05.012)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3502.0922)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
WinRAR archiver
ZoneAlarm Antivirus (Version: 11.0.000.054)
ZoneAlarm Firewall (Version: 11.0.000.054)
ZoneAlarm Free Firewall (Version: 11.0.000.054)
ZoneAlarm LTD Toolbar
ZoneAlarm Security (Version: 11.0.000.054)

========================= Memory info: ===================================

Percentage of memory in use: 38%
Total physical RAM: 3326.18 MB
Available physical RAM: 2048.35 MB
Total Pagefile: 6379.46 MB
Available Pagefile: 4655.08 MB
Total Virtual: 2047.88 MB
Available Virtual: 1928.8 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:288.04 GB) (Free:187.47 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:10 GB) (Free:5.13 GB) NTFS

========================= Users: ========================================

User accounts for \\GARY-PC

Administrator gary gary b burry
Guest

========================= Restore Points ==================================

01-02-2013 06:02:56 Windows Update
01-02-2013 15:24:24 Tweaking.com - Windows Repair
01-02-2013 18:26:02 Removed Java™ 6 Update 30
01-02-2013 18:26:56 Installed Java 7 Update 11
01-02-2013 19:10:39 Installed DirectX
01-02-2013 19:10:58 Installed DirectX
01-02-2013 20:39:41 Installed STOPzilla. Available with Windows Installer version 1.2 and later.
01-02-2013 20:52:12 Removed STOPzilla. Available with Windows Installer version 1.2 and later.
05-02-2013 03:58:20 Windows 7 Manager v4.2.0 System-Restore Point
05-02-2013 04:36:04 Removed Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
05-02-2013 06:42:00 Installed Java 7 Update 13
05-02-2013 18:54:02 Tweaking.com - Windows Repair
05-02-2013 21:55:53 Windows Update
06-02-2013 07:15:42 Installed Microsoft Fix it 50267
07-02-2013 02:43:02 Uniblue RegistryBooster installation
07-02-2013 02:56:47 Tweaking.com - Windows Repair
07-02-2013 06:53:34 Malwarebytes Anti-Rootkit Restore Point

**** End of log ****



# AdwCleaner v2.111 - Logfile created 02/07/2013 at 00:53:28
# Updated 05/02/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (32 bits)
# User : gary - GARY-PC
# Boot Mode : Normal
# Running from : C:\Users\gary\Downloads\AdwCleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Users\gary\AppData\Roaming\Mozilla\Firefox\Profiles\8de1uz1l.default\searchplugins\alot-search.xml
Folder Deleted : C:\Program Files\Ilivid
Folder Deleted : C:\ProgramData\InstallMate
Folder Deleted : C:\ProgramData\Trymedia
Folder Deleted : C:\Users\gary\AppData\Local\Ilivid Player
Folder Deleted : C:\Users\gary\Documents\widestream

***** [Registry] *****

Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\ilivid
Key Deleted : HKCU\Software\PIP
Key Deleted : HKCU\Software\WideStream
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0000435.FBApi
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0000435.FBApi.1
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0000435.Sandbox
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0000435.Sandbox.1
Key Deleted : HKLM\SOFTWARE\Classes\ilivid
Key Deleted : HKLM\Software\Classes\Installer\Products\2B1E51D87B2D71A44BB42DDD5E894160
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Deleted : HKLM\Software\Freeze.com
Key Deleted : HKLM\Software\ilivid
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASMANCS
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2B1E51D87B2D71A44BB42DDD5E894160
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8D15E1B2-D2B7-4A17-B44B-D2DDE5981406}
Key Deleted : HKLM\Software\PIP

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Registry is clean.

-\\ Mozilla Firefox v18.0.2 (en-US)

File : C:\Users\gary\AppData\Roaming\Mozilla\Firefox\Profiles\8de1uz1l.default\prefs.js

C:\Users\gary\AppData\Roaming\Mozilla\Firefox\Profiles\8de1uz1l.default\user.js ... Deleted !

[OK] File is clean.

File : C:\Users\gary b burry\AppData\Roaming\Mozilla\Firefox\Profiles\mxjvyw8i.default\prefs.js

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [2910 octets] - [07/02/2013 00:48:48]
AdwCleaner[R2].txt - [3029 octets] - [07/02/2013 00:50:52]
AdwCleaner[S1].txt - [317 octets] - [07/02/2013 00:49:52]
AdwCleaner[S2].txt - [3119 octets] - [07/02/2013 00:53:28]

########## EOF - C:\AdwCleaner[S2].txt - [3179 octets] ##########


Rkill 2.4.6 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 02/07/2013 01:26:57 AM in x86 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\Windows\system32\CTsvcCDA.exe (PID: 616) [WD-HEUR]

1 proccess terminated!

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity:

* iphlpsvc [Missing Service]
* WinDefend [Missing Service]

* TermService => %SystemRoot%\System32\svchost -k DComLaunch [Incorrect ImagePath]

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 localhost

Program finished at: 02/07/2013 01:27:10 AM
Execution time: 0 hours(s), 0 minute(s), and 13 seconds(s)


"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" ""
+ "rdpclip" "" "" "File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files\common files\adobe\arm\1.0\adobearm.exe"
+ "Adobe Reader Speed Launcher" "Adobe Acrobat SpeedLauncher" "Adobe Systems Incorporated" "c:\program files\adobe\reader 9.0\reader\reader_sl.exe"
+ "ATICustomerCare" "ATI Customer Care" "Advanced Micro Devices, Inc." "c:\program files\ati\aticustomercare\aticustomercare.exe"
+ "B2C_AGENT" "B2C NotiAgent LGMobile Application" "LG Electronics" "c:\programdata\lgmobileax\b2c_client\b2cnotiagent.exe"
+ "HotKeysCmds" "hkcmd Module" "Intel Corporation" "c:\windows\system32\hkcmd.exe"
+ "IgfxTray" "igfxTray Module" "Intel Corporation" "c:\windows\system32\igfxtray.exe"
+ "ISW" "ZoneAlarm Browser Security" "Check Point Software Technologies" "c:\program files\checkpoint\zaforcefield\forcefield.exe"
+ "Monitor" "Monitor Application" "LeapFrog Enterprises, Inc." "c:\program files\leapfrog\leapfrog connect\monitor.exe"
+ "RtHDVCpl" "HD Audio Control Panel" "Realtek Semiconductor" "c:\windows\rthdvcpl.exe"
+ "StartCCC" "Catalyst® Control Center Launcher" "Advanced Micro Devices, Inc." "c:\program files\ati technologies\ati.ace\core-static\clistart.exe"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files\common files\java\java update\jusched.exe"
+ "ZoneAlarm" "ZoneAlarm" "Check Point Software Technologies LTD" "c:\program files\checkpoint\zonealarm\zatray.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Sidebar" "Windows Desktop Gadgets" "Microsoft Corporation" "c:\program files\windows sidebar\sidebar.exe"
+ "SUPERAntiSpyware" "SUPERAntiSpyware Application" "SUPERAntiSpyware.com" "c:\program files\superantispyware\superantispyware.exe"
"HKLM\SOFTWARE\Classes\Protocols\Handler" "" "" ""
+ "intu-qt2009" "Asynchronous Pluggable Protocol Library" "Intuit Canada, a general partnership/une société en nom collectif." "c:\program files\quicktax 2009\ic2009pp.dll"
+ "intu-tt2010" "Asynchronous Pluggable Protocol Library" "Intuit Canada, a general partnership/une société en nom collectif." "c:\program files\turbotax 2010\ic2010pp.dll"
+ "intu-tt2011" "Asynchronous Pluggable Protocol Library" "Intuit Canada, a general partnership/une société en nom collectif." "c:\program files\turbotax 2011\ic2011pp.dll"
+ "ms-itss" "Microsoft® InfoTech Storage System Library" "Microsoft Corporation" "c:\program files\common files\microsoft shared\information retrieval\msitss.dll"
+ "wlmailhtml" "Windows Live Mail" "Microsoft Corporation" "c:\program files\windows live\mail\mailcomm.dll"
+ "wlpg" "Windows Live Album Download Protocol Handler" "Microsoft Corporation" "c:\program files\windows live\photo gallery\albumdownloadprotocolhandler.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks" "" "" ""
+ "SABShellExecuteHook Class" "ShellExecuteHook" "SuperAdBlocker.com" "c:\program files\superantispyware\sasseh.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "SASContextMenu Class" "SUPERAntiSpyware Context Menu Extension" "SUPERAntiSpyware.com" "c:\program files\superantispyware\sasctxmn.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
+ "ZLAVShExt" "zlavscan shell extension" "Check Point Software Technologies LTD" "c:\program files\checkpoint\zonealarm\zlavscan.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "SASContextMenu Class" "SUPERAntiSpyware Context Menu Extension" "SUPERAntiSpyware.com" "c:\program files\superantispyware\sasctxmn.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "ACE" "AMD Desktop Control Panel" "Advanced Micro Devices, Inc." "c:\program files\ati technologies\ati.ace\core-static\atiacmxx.dll"
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
+ "igfxcui" "igfxpph Module" "Intel Corporation" "c:\windows\system32\igfxpph.dll"
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "Haali Column Provider" "" "" "c:\program files\mega codec pack\filters\haali\mmfinfo.dll"
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
+ "ZLAVShExt" "zlavscan shell extension" "Check Point Software Technologies LTD" "c:\program files\checkpoint\zonealarm\zlavscan.dll"
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "0MediaIconsOerlay" "" "" "c:\programdata\microsoft\media tools\mediaiconsoverlays.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files\java\jre7\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files\java\jre7\bin\ssv.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
+ "ZoneAlarm Security Engine Registrar" "ZoneAlarm Browser Security" "Check Point Software Technologies" "c:\program files\checkpoint\zaforcefield\trustchecker\bin\trustcheckerieplugin.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "ZoneAlarm Security Engine" "ZoneAlarm Browser Security" "Check Point Software Technologies" "c:\program files\checkpoint\zaforcefield\trustchecker\bin\trustcheckerieplugin.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "PokerStars.net" "PokerStars Update" "PokerStars" "c:\program files\pokerstars.net\pokerstarsupdate.exe"
+ "Show or hide HP Smart Web Printing" "HP Smart Web Printing add-on for Internet Explorer" "Hewlett-Packard Co." "c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll"
+ "Sun Java Console" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files\java\jre7\bin\jp2iexp.dll"
"Task Scheduler" "" "" ""
+ "\CCleanerSkipUAC" "CCleaner" "Piriform Ltd" "c:\program files\ccleaner\ccleaner.exe"
+ "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task" "Windows Live Social Object Extractor Engine" "Microsoft Corporation" "c:\program files\windows live\soxe\wlsoxe.dll"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
+ "\Microsoft_Hardware_Launch_IPoint_exe" "IPoint.exe" "Microsoft Corporation" "c:\program files\microsoft intellipoint\ipoint.exe"
+ "\PCDEventLauncher" "PC-Doctor Module" "PC-Doctor, Inc." "c:\program files\dell support center\sessionchecker.exe"
+ "\PCDoctorBackgroundMonitorTask" "PC-Doctor Module" "PC-Doctor, Inc." "c:\program files\dell support center\uaclauncher.exe"
+ "\RegAce Scheduled Scan - gary" "" "" "File not found: C:\Program Files\RegAce System Suite\RegAce.exe"
+ "\SidebarExecute" "Windows Desktop Gadgets" "Microsoft Corporation" "c:\program files\windows sidebar\sidebar.exe"
+ "\SystemToolsDailyTest" "" "" "File not found: uaclauncher.exe"
+ "\{21B82FE6-E97B-462F-8483-332B9A59B2E3}" "" "" "File not found: C:\Program Files\Activision\Sfc3\SFC3Setup.exe"
+ "\{90984FF9-DB4C-4C1E-9211-02437D703385}" "" "" "File not found: C:\Program Files\Activision\Sfc3\SFC3.exe"
+ "\{AE159D69-4DC6-4795-8667-49B78F7FB1B3}" "" "" "File not found: C:\Program Files\Activision\Sfc3\SFC3Setup.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "!SASCORE" "SUPERAntiSpyware Core Service" "SUPERAntiSpyware.com" "c:\program files\superantispyware\sascore.exe"
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\system32\macromed\flash\flashplayerupdateservice.exe"
+ "AERTFilters" "Andrea filters APO access service (32-bit)" "Andrea Electronics Corporation" "c:\windows\system32\aertsrv.exe"
+ "AMD External Events Utility" "AMD External Events Service Module" "AMD" "c:\windows\system32\atiesrxx.exe"
+ "Creative Labs Licensing Service" "Provides licensing services for Creative Labs applications." "Creative Labs" "c:\program files\common files\creative labs shared\service\creativelicensing.exe"
+ "Creative Service for CDROM Access" "Creative Service for CDROM Access" "Creative Technology Ltd" "c:\windows\system32\ctsvccda.exe"
+ "DockLoginService" "Dock Login Service" "Stardock Corporation" "c:\program files\dell\delldock\docklogin.exe"
+ "GoToAssist" "Citrix GoToAssist provides remote help to this PC." "Citrix Online, a division of Citrix Systems, Inc." "c:\program files\citrix\gotoassist\514\g2aservice.exe"
+ "hpqcxs08" "HP CUE Context Manager Objects" "Hewlett-Packard Co." "c:\program files\hp\digital imaging\bin\hpqcxs08.dll"
+ "hpqddsvc" "This service detects and monitors CUE devices on the system." "Hewlett-Packard Co." "c:\program files\hp\digital imaging\bin\hpqddsvc.dll"
+ "IDriverT" "Provides support for the Running Object Table for InstallShield Drivers" "Macrovision Corporation" "c:\program files\common files\installshield\driver\11\intel 32\idrivert.exe"
+ "IswSvc" "ZoneAlarm Browser Security" "Check Point Software Technologies" "c:\program files\checkpoint\zaforcefield\iswsvc.exe"
+ "LeapFrog Connect Device Service" "Manages LeapFrog Connect devices." "LeapFrog Enterprises, Inc." "c:\program files\leapfrog\leapfrog connect\commandservice.exe"
+ "MBAMScheduler" "Malwarebytes Anti-Malware scheduler" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamscheduler.exe"
+ "MBAMService" "Malwarebytes Anti-Malware service" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamservice.exe"
+ "Net Driver HPZ12" "Dot4Net Module" "Hewlett-Packard" "c:\windows\system32\hpzinw12.dll"
+ "Pml Driver HPZ12" "PmlDrv Module" "Hewlett-Packard" "c:\windows\system32\hpzipm12.dll"
+ "sprtsvc_dellsupportcenter" "SupportSoft Sprocket Service" "" "File not found: C:\Program Files\Dell Support Center\bin\sprtsvc.exe /service /p dellsupportcenter"
+ "stllssvr" "SureThing Labelflash Disc Printer Service Module" "MicroVision Development, Inc." "c:\program files\common files\surething shared\stllssvr.exe"
+ "vsmon" "Monitors internet traffic and generates alerts for disallowed access." "Check Point Software Technologies LTD" "c:\program files\checkpoint\zonealarm\vsmon.exe"
+ "wlidsvc" "Enables Windows Live ID authentication." "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aic78xx" "Adaptec Ultra SCSI miniport" "Adaptec, Inc." "c:\windows\system32\drivers\djsvs.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdkmdag" "ATI Radeon Kernel Mode Driver" "Advanced Micro Devices, Inc." "c:\windows\system32\drivers\atikmdag.sys"
+ "amdkmdap" "AMD multi-vendor Miniport Driver" "Advanced Micro Devices, Inc." "c:\windows\system32\drivers\atikmpag.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows family" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "Andbus" "LGE Android Platform Driver" "LG Electronics Inc." "c:\windows\system32\drivers\lgandbus.sys"
+ "AndDiag" "LGE Android Platform USB Serial Port" "LG Electronics Inc." "c:\windows\system32\drivers\lganddiag.sys"
+ "AndGps" "LGE Android Platform USB GPS NMEA Port" "LG Electronics Inc." "c:\windows\system32\drivers\lgandgps.sys"
+ "ANDModem" "LGE Android Platform Mobile Support" "LG Electronics Inc." "c:\windows\system32\drivers\lgandmodem.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "AtiHDAudioService" "AMD High Definition Audio Function Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\atihdw73.sys"
+ "AtiHdmiService" "ATI High Definition Audio Function Driver" "ATI Technologies, Inc." "c:\windows\system32\drivers\atihdmi.sys"
+ "atikmdag" "ATI Radeon Kernel Mode Driver" "Advanced Micro Devices, Inc." "c:\windows\system32\drivers\atikmdag.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbdx.sys"
+ "b57nd60x" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60x.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "cpuz135" "" "" "File not found: C:\Users\gary\AppData\Local\Temp\cpuz135\cpuz135_x32.sys"
+ "dg_ssudbus" "SAMSUNG USB Composite Device Driver (MSS Ver.3)" "DEVGURU Co., LTD.(www.devguru.co.kr)" "c:\windows\system32\drivers\ssudbus.sys"
+ "dgderdrv" "" "" "File not found: System32\drivers\dgderdrv.sys"
+ "e1express" "Intel® PRO/1000 Adapter NDIS 6 deserialized driver" "Intel Corporation" "c:\windows\system32\drivers\e1e6032.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbdx.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - ia32" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "igfx" "Intel Graphics Kernel Mode Driver" "Intel Corporation" "c:\windows\system32\drivers\igdkmd32.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "IntcAzAudAddService" "Realtek® High Definition Audio Function Driver" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtkvhda.sys"
+ "ISWKL" "ZoneAlarm Browser Security" "Check Point Software Technologies" "c:\program files\checkpoint\zaforcefield\iswkl.sys"
+ "KLIF" "Kaspersky Lab Interceptor and Filter" "Kaspersky Lab" "c:\windows\system32\drivers\klif.sys"
+ "Leapfrog-USBLAN" "Windows USBLAN Host Driver" "Belcarra Technologies" "c:\windows\system32\drivers\btblan.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "MBAMProtector" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\windows\system32\drivers\mbam.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7 for x86" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "MFE_RR" "" "" "File not found: C:\Users\gary\AppData\Local\Temp\mfe_rr.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "PCDSRVC{E9D79540-57D5953E-06020200}_0" "Kernel Driver" "PC-Doctor, Inc." "c:\program files\dell support center\pcdsrvc.pkms"
+ "PxHelp20" "Px Engine Device Driver for Windows 2000/XP" "Sonic Solutions" "c:\windows\system32\drivers\pxhelp20.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "SASDIFSV" "SASDIFSV.SYS" "SUPERAdBlocker.com and SUPERAntiSpyware.com" "c:\program files\superantispyware\sasdifsv.sys"
+ "SASKUTIL" "SASKUTIL.SYS" "SUPERAdBlocker.com and SUPERAntiSpyware.com" "c:\program files\superantispyware\saskutil.sys"
+ "sbapifs" "GFI Active Protection Filter Driver" "" "File not found: system32\DRIVERS\sbapifs.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "ssudmdm" "SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.)" "DEVGURU Co., LTD.(www.devguru.co.kr)" "c:\windows\system32\drivers\ssudmdm.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "Vsdatant" "Zone Alarm Firewall Driver" "Check Point Software Technologies LTD" "c:\windows\system32\drivers\vsdatant.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\system32\iccvid.dll"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "AC3 Decoder Filter" "TODO: <파일 설명>" "TODO: <회사 이름>" "c:\program files\myfree codec\1.0b beta\ac-3\ac3dx.ax"
+ "AMD MJPEG Decoder" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI MPEG Audio Encoder" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI MPEG File Writer" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI MPEG Multiplexer" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI MPEG Video Decoder" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI MPEG Video Encoder" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI Ticker" "" "" "c:\program files\ati technologies\ati.ace\graphics-previews-common\ticker.ax"
+ "ATI Video Rotation Filter" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI Video Scaler Filter" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc.dll"
+ "BPM Metadata" "Creative BPM Metadata Filter" "Creative Technology Ltd." "c:\program files\creative\shared files\metabpmu.ax"
+ "Capture File Writer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "CoreAVC Video Decoder" "CoreAVC DirectShow Video Decoder" "CoreCodec, Inc." "c:\program files\k-lite codec pack\filters\coreavcdecoder.ax"
+ "Creative AC3 Source Filter" "Creative AC3 Source Filter" "Creative Technology Ltd" "c:\program files\creative\shared files\ac3srcu.ax"
+ "Creative Audio Gain Filter" "Audio Gain Filter" "Creative Technology Ltd" "c:\program files\creative\shared files\audgain.ax"
+ "Creative CDDA Source Filter" "CDDA Filter" "Creative Technology Ltd" "c:\program files\creative\shared files\cdda.ax"
+ "Creative Flac Source Filter" "Creative FLAC Source Filter" "Creative Technology Ltd" "c:\program files\creative\shared files\flacsrcu.ax"
+ "Creative Internet Source Filter" "Creative Internet Source Filter" "Creative Technology Ltd" "c:\program files\creative\shared files\inetsrcu.ax"
+ "Creative LiveRecording Filter_SxS" "Live Recording Filter" "Creative Technology Ltd" "c:\program files\creative\shared files\liverecu.ax"
+ "Creative MLP Source Filter" "Creative MLP Source Filter" "Creative Technology Ltd" "c:\program files\creative\shared files\mlpsrcu.ax"
+ "Creative NVF Filter" "Creative Nomad Voice File Source Filter" "Creative Technology Ltd" "c:\program files\creative\shared files\nvfsrcu.ax"
+ "Creative Ogg Source Filter" "Creative Ogg Source Filter" "Creative Technology Ltd" "c:\program files\creative\shared files\oggsrcu.ax"
+ "Creative PCM Raw Writer" "Creative Raw Writer" "Creative Technology Ltd" "c:\program files\creative\shared files\rawwritu.ax"
+ "Creative Wave Writer" "Wave Writer" "Creative Technology Ltd" "c:\program files\creative\shared files\wavwrite.ax"
+ "Creative WMA Source Filter" "Creative WMA Source Filter" "Creative Technology Ltd" "c:\program files\creative\shared files\wmasrc.ax"
+ "Creative WMA Writer" "WMA Writer" "Creative Technology Ltd" "c:\program files\creative\shared files\wmawrite.ax"
+ "CT CMSS3 filter" "Sample" "Creative Technology Ltd" "c:\program files\creative\shared files\cmss3.ax"
+ "CT HPVirtualizer filter" "Creative Headphone Virtualizer Filter" "Creative Technology, Ltd." "c:\program files\creative\shared files\virtual.ax"
+ "CT Karaoke filter" "Creative Karaoke Filter" "Creative Technology Ltd." "c:\program files\creative\shared files\karaoke.ax"
+ "CT PDP filter" "Creative Crystalizer Filter" "Creative Technology, Ltd." "c:\program files\creative\shared files\pdp.ax"
+ "CT SmartVolumeManagement filter" "Creative Compressor Plugin" "Creative Technology Ltd." "c:\program files\creative\shared files\dscompr.ax"
+ "CT Time-Scaling filter" "Sample" "Creative Technology Ltd." "c:\program files\creative\shared files\timescal.ax"
+ "CT Upsampler filter" "Sample" "Creative Technology Ltd" "c:\program files\creative\shared files\upsample.ax"
+ "CyberLink Video/SP Decoder (PDVD7)" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files\k-lite codec pack\filters\clvsd.ax"
+ "DirectVobSub" "VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth" "xy-VSFilter Team" "c:\program files\mega codec pack\filters\vsfilter.dll"
+ "DirectVobSub (auto-loading version)" "VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth" "xy-VSFilter Team" "c:\program files\mega codec pack\filters\vsfilter.dll"
+ "ffdshow Audio Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\mega codec pack\filters\ffdshow\ffdshow.ax"
+ "ffdshow Audio Processor" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\mega codec pack\filters\ffdshow\ffdshow.ax"
+ "ffdshow DXVA Video Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\mega codec pack\filters\ffdshow\ffdshow.ax"
+ "ffdshow raw video filter" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\mega codec pack\filters\ffdshow\ffdshow.ax"
+ "ffdshow subtitles filter" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\mega codec pack\filters\ffdshow\ffdshow.ax"
+ "ffdshow Video Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\mega codec pack\filters\ffdshow\ffdshow.ax"
+ "FLV Video Decoder" "FLV Splitter" "Gabest" "c:\program files\k-lite codec pack\filters\flvsplitter.ax"
+ "Haali Matroska Muxer" "Haali Media Splitter" "" "c:\program files\mega codec pack\filters\haali\splitter.ax"
+ "Haali Media Splitter" "Haali Media Splitter" "" "c:\program files\mega codec pack\filters\haali\splitter.ax"
+ "Haali Media Splitter (AR)" "Haali Media Splitter" "" "c:\program files\mega codec pack\filters\haali\splitter.ax"
+ "Haali Simple Media Splitter" "Haali Media Splitter" "" "c:\program files\mega codec pack\filters\haali\splitter.ax"
+ "Haali Video Renderer" "" "" "c:\program files\mega codec pack\filters\haali\dxr.dll"
+ "Haali Video Sink" "Haali Media Splitter" "" "c:\program files\mega codec pack\filters\haali\splitter.ax"
+ "MACSReaderMP3 Filter" "MACSReaderMP3 Filter" "" "c:\program files\samsung\kies\external\mediamodules\macsreaderavi.ax"
+ "MMACE Deinterlace" "" "" "c:\program files\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "MMACE ProcAmp" "" "" "c:\program files\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "MMACE SoftEmu" "" "" "c:\program files\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "MP4 Source" "MP4 Splitter" "Gabest" "c:\program files\k-lite codec pack\filters\mp4splitter.ax"
+ "MP4 Splitter" "MP4 Splitter" "Gabest" "c:\program files\k-lite codec pack\filters\mp4splitter.ax"
+ "MPC - FLV Source (Gabest)" "FLV Splitter" "Gabest" "c:\program files\mega codec pack\filters\flvsplitter.ax"
+ "MPC - FLV Splitter (Gabest)" "FLV Splitter" "Gabest" "c:\program files\mega codec pack\filters\flvsplitter.ax"
+ "MPC - MPEG-2 Video Decoder (Gabest)" "MPEG-2 Decoder Filter for DirectShow" "Gabest" "c:\program files\mega codec pack\filters\mpeg2decfilter.ax"
+ "Mpeg Source" "Mpeg Splitter" "Gabest" "c:\program files\k-lite codec pack\filters\mpegsplitter.ax"
+ "Mpeg Splitter" "Mpeg Splitter" "Gabest" "c:\program files\k-lite codec pack\filters\mpegsplitter.ax"
+ "MPEG4 Video Source" "MP4 Splitter" "Gabest" "c:\program files\k-lite codec pack\filters\mp4splitter.ax"
+ "MPEG4 Video Splitter" "MP4 Splitter" "Gabest" "c:\program files\k-lite codec pack\filters\mp4splitter.ax"
+ "MyFree Codec Filter" "" "" "c:\program files\myfree codec\1.0b beta\myfree.ax"
+ "NEDFilter4Samsung Filter" "MACSReaderMP3 Filter" "L544™ Technology" "c:\program files\samsung\kies\external\mediamodules\nedfilter4samsung.ax"
+ "Noise Reduction" "Creative Noise Reduction Filter" "Creative Technology Ltd." "c:\program files\creative\shared files\noisredu.ax"
+ "PCM to EXT" "Creative Pcm2Ext" "Creative Technology Ltd." "c:\program files\creative\sbaudigy\wavestudio 7\pcm2ext.ax"
+ "Record Queue" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "SelfMusicVideo Dump Filter" "SelfMusicVideo Dump Filter (DShow)" "ENJsoft Corporation" "c:\program files\samsung\kies\external\transmodules\tg_dump0708.dll"
+ "Sony ATRAC3/3plus Decode Filter" "Sony ATRAC3/3plus Decode Filter" "Sony Corporation" "c:\windows\system32\atxdec.ax"
+ "Sony ATRAC3/3plus Parse Filter" "Sony ATRAC3/3plus Parse Filter" "Sony Corporation" "c:\windows\system32\atxparser.ax"
+ "SonyMp4AacDecoder" "SonyMp4AacDecoder" "sony" "c:\program files\sony\content transfer\sonymp4aacdecoder.ax"
+ "SVM Metadata" "Creative SVM Metadata Filter" "Creative Technology Ltd." "c:\program files\creative\shared files\metasvmu.ax"
+ "WavPack Audio Decoder" "WavPack Audio DirectShow Decoder" "-" "c:\program files\mega codec pack\filters\wavpackdsdecoder.ax"
+ "WavPack Audio Splitter" "WavPack Audio DirectShow Splitter" "-" "c:\program files\mega codec pack\filters\wavpackdssplitter.ax"
+ "WM VIH2 Fix" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT DV Extract Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "Xvid MPEG-4 Video Decoder" "" "" "c:\program files\myfree codec\1.0b beta\xvid-core\xvid.ax"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" "" "" ""
+ "WLIDCredentialProvider" "Microsoft® Windows Live ID Credential Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "GoToAssist" "Citrix Online GoToAssist" "Citrix Online, a division of Citrix Systems, Inc." "c:\program files\citrix\gotoassist\514\g2awinlogon.dll"
+ "igfxcui" "igfxdev Module" "Intel Corporation" "c:\windows\system32\igfxdev.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "PCL hpz3lw71" "LanguageMonitor" "Hewlett-Packard Corporation" "c:\windows\system32\hpz3lw71.dll"
"C:\Users\gary\AppData\Local\Microsoft\Windows Sidebar\Settings.ini" "" "" ""
+ "" "" "" "C:\Program Files\windows sidebar\gadgets\F-Secure.Gadget"
+ "Clock" "Watch the clock in your own time zone or any city in the world." "Microsoft Corporation" "C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-us\Gadget.xml"
+ "Weather" "See what the weather looks like around the world." "Microsoft Corporation" "C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-us\Gadget.xml"

Edited by bricbat, 07 February 2013 - 03:33 AM.


#8 bricbat

bricbat
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:canada
  • Local time:06:35 PM

Posted 07 February 2013 - 03:40 AM

i still have to do the fss and jrt but it is very late here so i wont get to it til tomorrow , thanks for all your help.

#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:35 PM

Posted 07 February 2013 - 03:47 AM

:thumbup2:

#10 bricbat

bricbat
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:canada
  • Local time:06:35 PM

Posted 07 February 2013 - 09:04 PM

this is the rest

 

 

Farbar Service Scanner Version: 30-01-2013
Ran by gary (administrator) on 07-02-2013 at 18:59:14
Running from "C:\Users\gary\Downloads"
Windows 7 Home Premium Service Pack 1 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error. Google IP is offline
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============
Checking Start type of iphlpsvc: ATTENTION!=====> Unable to open iphlpsvc registry key. The service key does not exist.
Checking ImagePath of iphlpsvc: ATTENTION!=====> Unable to open iphlpsvc registry key. The service key does not exist.
Checking ServiceDll of iphlpsvc: ATTENTION!=====> Unable to open iphlpsvc registry key. The service key does not exist.


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcore.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\ipnathlp.dll => MD5 is legit
C:\Windows\system32\iphlpsvc.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****

 



#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:35 PM

Posted 07 February 2013 - 09:43 PM

JRT log?

 

Download

 

http://download.bleepingcomputer.com/win-services/7/WinDefend.reg
http://download.bleepingcomputer.com/win-services/7/iphlpsvc.reg

 

Launch it and click YES

 

Restart the PC

 

Any current issues?



#12 bricbat

bricbat
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:canada
  • Local time:06:35 PM

Posted 07 February 2013 - 10:06 PM

the jrt scan is ongoing how long does it usually take



#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:35 PM

Posted 07 February 2013 - 10:08 PM

It should have been done by now.Try to run in safemode with networking.



#14 bricbat

bricbat
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:canada
  • Local time:06:35 PM

Posted 07 February 2013 - 10:12 PM

its finnishing now i think

im still gett the c++ runtime error about an application requesting to end in an unusal way followed by explorer.exe restarting

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.6.2 (02.02.2013:2)
OS: Windows 7 Home Premium x86
Ran by gary on 07/02/2013 at 19:42:20.47
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\DisplayName
Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\URL



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\gary\AppData\Roaming\mozilla\firefox\profiles\8de1uz1l.default\minidumps [316 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 07/02/2013 at 20:10:57.63
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 


Edited by bricbat, 07 February 2013 - 10:13 PM.


#15 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:35 PM

Posted 07 February 2013 - 10:17 PM

Try a clean boot using this guide

 

http://www.askdrtech.com/solutions/post/How-to-perform-a-clean-startup-%28clean-boot%29-in-Windows-7.aspx
 

Restart the PC.If that resolves the startup issue try to enable important entries alone and restart the PC.This should help you find out  entry causing the issue.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users