Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Cleaning up "File Recovery" problem


  • Please log in to reply
21 replies to this topic

#1 Jackman33

Jackman33

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:06:17 PM

Posted 26 September 2012 - 04:37 PM

Have a laptop that was infected with "File Recovery". I have gotten it cleaned up according to Malwarebytes and several other programs and I don't find any problems, however when I scan with McAfee it keeps showing 2 files that could not be removed. These same 2 files appear in the report from Rkill. I have tried to find them according to what McAfee and Rkill say where they reside on the computer. The laptop seems to be very stable now. At first I could not get into Administrative Tools and the McAfee firewall kept shutting down. These seem to have been cleared up. Rkill shows an entry, ALERT: ZEROACCESS rootkit symptoms found: and it lists several registry items that I can't locate and also shows the same 2 files that McAfee finds.

Curious what I should look for next....thanks.

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:17 PM

Posted 26 September 2012 - 04:41 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 Jackman33

Jackman33
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:06:17 PM

Posted 27 September 2012 - 07:18 PM

How do I upload the files???????

#4 Jackman33

Jackman33
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:06:17 PM

Posted 27 September 2012 - 07:23 PM

Here is the ESET log:

C:\Program Files (x86)\Optimizer Pro\OptimizerPro.exe a variant of Win32/SpeedingUpMyPC application cleaned by deleting - quarantined
C:\Users\sfoege\AppData\Local\Temp\93D5.tmp a variant of Win32/Kryptik.AMGX trojan cleaned by deleting - quarantined
C:\Users\sfoege\AppData\Local\Temp\Graphics_Media_Accelerator_Driver.exe a variant of Win32/Kryptik.AMGX trojan cleaned by deleting - quarantined
C:\Users\sfoege\AppData\Local\Temp\jar_cache3476992321902712345.tmp Win32/Simda.B trojan cleaned by deleting - quarantined
C:\Users\sfoege\AppData\Local\Temp\ICReinstall\cnet2_SpeedConnectTesterSetup_exe.exe a variant of Win32/InstallCore.D application cleaned by deleting - quarantined
C:\Users\sfoege\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\[email protected]\components\pptlf.dll a variant of Win32/Adware.Gamevance.BH application cleaned by deleting - quarantined
C:\Users\sfoege\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\[email protected]\components\pptlf2.dll a variant of Win32/Adware.Gamevance.BH application cleaned by deleting - quarantined
C:\Users\sfoege\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\[email protected]\components\pptlf3.dll a variant of Win32/Adware.Gamevance.BH application cleaned by deleting - quarantined

TDSSkiller file:

11:17:57.0518 4388 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
11:17:58.0080 4388 ============================================================
11:17:58.0080 4388 Current date / time: 2012/09/27 11:17:58.0080
11:17:58.0080 4388 SystemInfo:
11:17:58.0080 4388
11:17:58.0080 4388 OS Version: 6.1.7601 ServicePack: 1.0
11:17:58.0080 4388 Product type: Workstation
11:17:58.0080 4388 ComputerName: SFOEGE-PC
11:17:58.0080 4388 UserName: sfoege
11:17:58.0080 4388 Windows directory: C:\Windows
11:17:58.0080 4388 System windows directory: C:\Windows
11:17:58.0080 4388 Running under WOW64
11:17:58.0080 4388 Processor architecture: Intel x64
11:17:58.0080 4388 Number of processors: 3
11:17:58.0080 4388 Page size: 0x1000
11:17:58.0080 4388 Boot type: Normal boot
11:17:58.0080 4388 ============================================================
11:17:59.0375 4388 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:17:59.0375 4388 ============================================================
11:17:59.0375 4388 \Device\Harddisk0\DR0:
11:17:59.0375 4388 MBR partitions:
11:17:59.0375 4388 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1A00800, BlocksNum 0x32000
11:17:59.0375 4388 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1A32800, BlocksNum 0x38953000
11:17:59.0375 4388 ============================================================
11:17:59.0406 4388 C: <-> \Device\Harddisk0\DR0\Partition2
11:17:59.0406 4388 ============================================================
11:17:59.0406 4388 Initialize success
11:17:59.0406 4388 ============================================================
11:18:32.0603 4148 ============================================================
11:18:32.0603 4148 Scan started
11:18:32.0603 4148 Mode: Manual; TDLFS;
11:18:32.0603 4148 ============================================================
11:18:33.0164 4148 ================ Scan system memory ========================
11:18:33.0164 4148 System memory - ok
11:18:33.0164 4148 ================ Scan services =============================
11:18:33.0336 4148 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
11:18:33.0398 4148 1394ohci - ok
11:18:33.0445 4148 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
11:18:33.0445 4148 ACPI - ok
11:18:33.0492 4148 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
11:18:33.0554 4148 AcpiPmi - ok
11:18:33.0679 4148 [ E12CFCF1DDBFC50948A75E6E38793225 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
11:18:33.0679 4148 AdobeFlashPlayerUpdateSvc - ok
11:18:33.0757 4148 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
11:18:33.0757 4148 adp94xx - ok
11:18:33.0788 4148 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
11:18:33.0804 4148 adpahci - ok
11:18:33.0820 4148 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
11:18:33.0835 4148 adpu320 - ok
11:18:33.0851 4148 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
11:18:33.0851 4148 AeLookupSvc - ok
11:18:33.0913 4148 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
11:18:33.0913 4148 AFD - ok
11:18:33.0960 4148 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
11:18:33.0960 4148 agp440 - ok
11:18:33.0976 4148 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
11:18:33.0976 4148 ALG - ok
11:18:34.0007 4148 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
11:18:34.0007 4148 aliide - ok
11:18:34.0132 4148 [ FFAEBA8534610BD6F3ABA46364B12EEF ] AlotService C:\Users\sfoege\AppData\LocalLow\alotservice\alotservice.exe
11:18:34.0210 4148 AlotService - ok
11:18:34.0241 4148 [ D865F8ABFF031563E860D16A38BD5A35 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
11:18:34.0241 4148 AMD External Events Utility - ok
11:18:34.0288 4148 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
11:18:34.0288 4148 amdide - ok
11:18:34.0334 4148 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
11:18:34.0334 4148 AmdK8 - ok
11:18:34.0490 4148 [ 83418F6EE5A81DDDD8E248FCBFC99AF6 ] amdkmdag C:\Windows\system32\DRIVERS\atipmdag.sys
11:18:34.0724 4148 amdkmdag - ok
11:18:34.0771 4148 [ 7E58B5E1DEAA70BD46997068DF06B4E3 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
11:18:34.0834 4148 amdkmdap - ok
11:18:34.0865 4148 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
11:18:34.0865 4148 AmdPPM - ok
11:18:34.0896 4148 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
11:18:34.0974 4148 amdsata - ok
11:18:34.0990 4148 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
11:18:35.0005 4148 amdsbs - ok
11:18:35.0021 4148 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
11:18:35.0021 4148 amdxata - ok
11:18:35.0068 4148 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
11:18:35.0130 4148 AppID - ok
11:18:35.0161 4148 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
11:18:35.0161 4148 AppIDSvc - ok
11:18:35.0208 4148 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
11:18:35.0255 4148 Appinfo - ok
11:18:35.0348 4148 [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
11:18:35.0348 4148 Apple Mobile Device - ok
11:18:35.0395 4148 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
11:18:35.0395 4148 arc - ok
11:18:35.0395 4148 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
11:18:35.0411 4148 arcsas - ok
11:18:35.0426 4148 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
11:18:35.0426 4148 AsyncMac - ok
11:18:35.0458 4148 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
11:18:35.0458 4148 atapi - ok
11:18:35.0551 4148 [ E642491F64E58CD5BC8FB8B347DCF65F ] athr C:\Windows\system32\DRIVERS\athrx.sys
11:18:35.0660 4148 athr - ok
11:18:35.0692 4148 [ C07A040D6B5A42DD41EE386CF90974C8 ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys
11:18:35.0754 4148 AtiPcie - ok
11:18:35.0816 4148 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:18:35.0816 4148 AudioEndpointBuilder - ok
11:18:35.0832 4148 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
11:18:35.0832 4148 AudioSrv - ok
11:18:35.0879 4148 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
11:18:35.0879 4148 AxInstSV - ok
11:18:35.0926 4148 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
11:18:35.0941 4148 b06bdrv - ok
11:18:35.0988 4148 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
11:18:36.0004 4148 b57nd60a - ok
11:18:36.0050 4148 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
11:18:36.0050 4148 BDESVC - ok
11:18:36.0066 4148 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
11:18:36.0066 4148 Beep - ok
11:18:36.0113 4148 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
11:18:36.0175 4148 BFE - ok
11:18:36.0253 4148 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
11:18:36.0394 4148 BITS - ok
11:18:36.0425 4148 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
11:18:36.0440 4148 blbdrive - ok
11:18:36.0550 4148 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
11:18:36.0628 4148 Bonjour Service - ok
11:18:36.0674 4148 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
11:18:36.0737 4148 bowser - ok
11:18:36.0752 4148 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
11:18:36.0768 4148 BrFiltLo - ok
11:18:36.0768 4148 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
11:18:36.0768 4148 BrFiltUp - ok
11:18:36.0799 4148 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
11:18:36.0815 4148 Browser - ok
11:18:36.0815 4148 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
11:18:36.0830 4148 Brserid - ok
11:18:36.0830 4148 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
11:18:36.0846 4148 BrSerWdm - ok
11:18:36.0846 4148 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
11:18:36.0846 4148 BrUsbMdm - ok
11:18:36.0862 4148 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
11:18:36.0877 4148 BrUsbSer - ok
11:18:36.0877 4148 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
11:18:36.0877 4148 BTHMODEM - ok
11:18:36.0908 4148 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
11:18:36.0908 4148 bthserv - ok
11:18:36.0924 4148 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
11:18:36.0940 4148 cdfs - ok
11:18:36.0986 4148 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
11:18:37.0049 4148 cdrom - ok
11:18:37.0096 4148 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
11:18:37.0096 4148 CertPropSvc - ok
11:18:37.0158 4148 [ 7C6B5BE2696DFD2D0BF6C9EE20326EF8 ] cfwids C:\Windows\system32\drivers\cfwids.sys
11:18:37.0236 4148 cfwids - ok
11:18:37.0252 4148 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
11:18:37.0267 4148 circlass - ok
11:18:37.0283 4148 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
11:18:37.0298 4148 CLFS - ok
11:18:37.0392 4148 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:18:37.0392 4148 clr_optimization_v2.0.50727_32 - ok
11:18:37.0439 4148 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:18:37.0439 4148 clr_optimization_v2.0.50727_64 - ok
11:18:37.0517 4148 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:18:37.0595 4148 clr_optimization_v4.0.30319_32 - ok
11:18:37.0626 4148 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:18:37.0704 4148 clr_optimization_v4.0.30319_64 - ok
11:18:37.0735 4148 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
11:18:37.0735 4148 CmBatt - ok
11:18:37.0766 4148 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
11:18:37.0766 4148 cmdide - ok
11:18:37.0813 4148 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
11:18:37.0813 4148 CNG - ok
11:18:37.0844 4148 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
11:18:37.0860 4148 Compbatt - ok
11:18:37.0907 4148 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
11:18:37.0969 4148 CompositeBus - ok
11:18:38.0000 4148 COMSysApp - ok
11:18:38.0016 4148 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
11:18:38.0032 4148 crcdisk - ok
11:18:38.0063 4148 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
11:18:38.0078 4148 CryptSvc - ok
11:18:38.0110 4148 [ BA8E5B2291C01EF71CA80E25F0C79D55 ] ctxusbm C:\Windows\system32\DRIVERS\ctxusbm.sys
11:18:38.0172 4148 ctxusbm - ok
11:18:38.0266 4148 [ 61A86809B62769643892BC0812B204AA ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
11:18:38.0359 4148 cvhsvc - ok
11:18:38.0406 4148 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
11:18:38.0422 4148 DcomLaunch - ok
11:18:38.0468 4148 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
11:18:38.0468 4148 defragsvc - ok
11:18:38.0515 4148 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
11:18:38.0515 4148 DfsC - ok
11:18:38.0562 4148 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
11:18:38.0562 4148 Dhcp - ok
11:18:38.0593 4148 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
11:18:38.0593 4148 discache - ok
11:18:38.0624 4148 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
11:18:38.0624 4148 Disk - ok
11:18:38.0656 4148 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
11:18:38.0718 4148 Dnscache - ok
11:18:38.0765 4148 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
11:18:38.0765 4148 dot3svc - ok
11:18:38.0812 4148 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
11:18:38.0858 4148 DPS - ok
11:18:38.0890 4148 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
11:18:38.0905 4148 drmkaud - ok
11:18:38.0968 4148 [ 9CF46FDF163E06B83D03FF929EF2296C ] DsiWMIService C:\Program Files (x86)\Launch Manager\dsiwmis.exe
11:18:39.0046 4148 DsiWMIService - ok
11:18:39.0108 4148 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
11:18:39.0124 4148 DXGKrnl - ok
11:18:39.0155 4148 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
11:18:39.0155 4148 EapHost - ok
11:18:39.0233 4148 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
11:18:39.0358 4148 ebdrv - ok
11:18:39.0389 4148 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
11:18:39.0389 4148 EFS - ok
11:18:39.0467 4148 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
11:18:39.0545 4148 ehRecvr - ok
11:18:39.0560 4148 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
11:18:39.0560 4148 ehSched - ok
11:18:39.0623 4148 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
11:18:39.0638 4148 elxstor - ok
11:18:39.0716 4148 [ 3EA2C4F68A782839D97B3C83595575B6 ] ePowerSvc C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe
11:18:39.0794 4148 ePowerSvc - ok
11:18:39.0826 4148 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
11:18:39.0826 4148 ErrDev - ok
11:18:39.0872 4148 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
11:18:39.0888 4148 EventSystem - ok
11:18:39.0904 4148 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
11:18:39.0919 4148 exfat - ok
11:18:39.0935 4148 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
11:18:39.0935 4148 fastfat - ok
11:18:39.0997 4148 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
11:18:39.0997 4148 Fax - ok
11:18:40.0028 4148 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
11:18:40.0028 4148 fdc - ok
11:18:40.0060 4148 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
11:18:40.0060 4148 fdPHost - ok
11:18:40.0091 4148 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
11:18:40.0091 4148 FDResPub - ok
11:18:40.0106 4148 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
11:18:40.0106 4148 FileInfo - ok
11:18:40.0122 4148 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
11:18:40.0122 4148 Filetrace - ok
11:18:40.0138 4148 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
11:18:40.0153 4148 flpydisk - ok
11:18:40.0200 4148 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
11:18:40.0200 4148 FltMgr - ok
11:18:40.0262 4148 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
11:18:40.0278 4148 FontCache - ok
11:18:40.0325 4148 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:18:40.0325 4148 FontCache3.0.0.0 - ok
11:18:40.0356 4148 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
11:18:40.0372 4148 FsDepends - ok
11:18:40.0403 4148 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
11:18:40.0465 4148 Fs_Rec - ok
11:18:40.0528 4148 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
11:18:40.0528 4148 fvevol - ok
11:18:40.0559 4148 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
11:18:40.0574 4148 gagp30kx - ok
11:18:40.0684 4148 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
11:18:40.0684 4148 GamesAppService - ok
11:18:40.0730 4148 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
11:18:40.0793 4148 GEARAspiWDM - ok
11:18:40.0840 4148 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
11:18:40.0840 4148 gpsvc - ok
11:18:40.0886 4148 [ 0191DEE9B9EB7902AF2CF4F67301095D ] GREGService C:\Program Files (x86)\Gateway\Registration\GREGsvc.exe
11:18:40.0886 4148 GREGService - ok
11:18:40.0933 4148 [ B9893A68032A6D9ADDB5B98287C630F7 ] grmnusb C:\Windows\system32\drivers\grmnusb.sys
11:18:40.0996 4148 grmnusb - ok
11:18:41.0074 4148 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:18:41.0074 4148 gupdate - ok
11:18:41.0105 4148 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:18:41.0105 4148 gupdatem - ok
11:18:41.0167 4148 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
11:18:41.0167 4148 gusvc - ok
11:18:41.0198 4148 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
11:18:41.0214 4148 hcw85cir - ok
11:18:41.0261 4148 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
11:18:41.0323 4148 HdAudAddService - ok
11:18:41.0354 4148 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
11:18:41.0370 4148 HDAudBus - ok
11:18:41.0386 4148 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
11:18:41.0386 4148 HidBatt - ok
11:18:41.0386 4148 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
11:18:41.0401 4148 HidBth - ok
11:18:41.0401 4148 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
11:18:41.0401 4148 HidIr - ok
11:18:41.0432 4148 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
11:18:41.0432 4148 hidserv - ok
11:18:41.0495 4148 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
11:18:41.0557 4148 HidUsb - ok
11:18:41.0620 4148 [ A894FB2CAE6A29F5D9C8EDA47B074623 ] HipShieldK C:\Windows\system32\drivers\HipShieldK.sys
11:18:41.0682 4148 HipShieldK - ok
11:18:41.0713 4148 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
11:18:41.0729 4148 hkmsvc - ok
11:18:41.0760 4148 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
11:18:41.0822 4148 HomeGroupListener - ok
11:18:41.0854 4148 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
11:18:41.0854 4148 HomeGroupProvider - ok
11:18:41.0916 4148 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
11:18:41.0978 4148 HpSAMD - ok
11:18:42.0025 4148 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
11:18:42.0041 4148 HTTP - ok
11:18:42.0072 4148 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
11:18:42.0072 4148 hwpolicy - ok
11:18:42.0134 4148 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
11:18:42.0134 4148 i8042prt - ok
11:18:42.0181 4148 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
11:18:42.0244 4148 iaStorV - ok
11:18:42.0306 4148 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
11:18:42.0400 4148 IDriverT - ok
11:18:42.0462 4148 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:18:42.0478 4148 idsvc - ok
11:18:42.0540 4148 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
11:18:42.0556 4148 iirsp - ok
11:18:42.0602 4148 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
11:18:42.0602 4148 IKEEXT - ok
11:18:42.0712 4148 [ 235362D403D9D677514649D88DB31914 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
11:18:42.0868 4148 IntcAzAudAddService - ok
11:18:42.0914 4148 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
11:18:42.0914 4148 intelide - ok
11:18:42.0930 4148 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
11:18:42.0946 4148 intelppm - ok
11:18:42.0977 4148 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
11:18:42.0977 4148 IPBusEnum - ok
11:18:43.0008 4148 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:18:43.0008 4148 IpFilterDriver - ok
11:18:43.0102 4148 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
11:18:43.0164 4148 iphlpsvc - ok
11:18:43.0195 4148 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
11:18:43.0258 4148 IPMIDRV - ok
11:18:43.0289 4148 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
11:18:43.0289 4148 IPNAT - ok
11:18:43.0367 4148 [ 50D6CCC6FF5561F9F56946B3E6164FB8 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
11:18:43.0460 4148 iPod Service - ok
11:18:43.0492 4148 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
11:18:43.0492 4148 IRENUM - ok
11:18:43.0507 4148 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
11:18:43.0523 4148 isapnp - ok
11:18:43.0554 4148 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
11:18:43.0616 4148 iScsiPrt - ok
11:18:43.0663 4148 [ 37E053A2CF8F0082B689ED74106E0CEC ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
11:18:43.0741 4148 k57nd60a - ok
11:18:43.0788 4148 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
11:18:43.0788 4148 kbdclass - ok
11:18:43.0835 4148 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
11:18:43.0897 4148 kbdhid - ok
11:18:43.0913 4148 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
11:18:43.0913 4148 KeyIso - ok
11:18:43.0944 4148 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
11:18:43.0944 4148 KSecDD - ok
11:18:43.0975 4148 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
11:18:43.0975 4148 KSecPkg - ok
11:18:44.0006 4148 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
11:18:44.0006 4148 ksthunk - ok
11:18:44.0038 4148 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
11:18:44.0038 4148 KtmRm - ok
11:18:44.0084 4148 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
11:18:44.0084 4148 LanmanServer - ok
11:18:44.0131 4148 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:18:44.0131 4148 LanmanWorkstation - ok
11:18:44.0147 4148 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
11:18:44.0162 4148 lltdio - ok
11:18:44.0194 4148 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
11:18:44.0194 4148 lltdsvc - ok
11:18:44.0209 4148 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
11:18:44.0209 4148 lmhosts - ok
11:18:44.0256 4148 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
11:18:44.0256 4148 LSI_FC - ok
11:18:44.0272 4148 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
11:18:44.0272 4148 LSI_SAS - ok
11:18:44.0287 4148 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
11:18:44.0287 4148 LSI_SAS2 - ok
11:18:44.0287 4148 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
11:18:44.0303 4148 LSI_SCSI - ok
11:18:44.0334 4148 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
11:18:44.0334 4148 luafv - ok
11:18:44.0428 4148 [ C121367D21599367F2ADB9C11B7BABAA ] McAfee SiteAdvisor Service C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
11:18:44.0443 4148 McAfee SiteAdvisor Service - ok
11:18:44.0459 4148 [ C121367D21599367F2ADB9C11B7BABAA ] McMPFSvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
11:18:44.0459 4148 McMPFSvc - ok
11:18:44.0474 4148 [ C121367D21599367F2ADB9C11B7BABAA ] mcmscsvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
11:18:44.0474 4148 mcmscsvc - ok
11:18:44.0490 4148 [ C121367D21599367F2ADB9C11B7BABAA ] McNaiAnn C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
11:18:44.0490 4148 McNaiAnn - ok
11:18:44.0521 4148 [ C121367D21599367F2ADB9C11B7BABAA ] McNASvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
11:18:44.0521 4148 McNASvc - ok
11:18:44.0615 4148 [ BE7C8C3F8FE52D8F7826E14CF11DE949 ] McODS C:\Program Files\McAfee\VirusScan\mcods.exe
11:18:44.0677 4148 McODS - ok
11:18:44.0708 4148 [ C121367D21599367F2ADB9C11B7BABAA ] McProxy C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
11:18:44.0708 4148 McProxy - ok
11:18:44.0755 4148 [ 07ADF390306FC00297EE9B2247C0678E ] McPvDrv C:\Windows\system32\drivers\McPvDrv.sys
11:18:44.0818 4148 McPvDrv - ok
11:18:44.0896 4148 [ D4F9C8CE2D7D5B9A1F739AADEBFFCA6F ] McShield C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
11:18:44.0958 4148 McShield - ok
11:18:45.0005 4148 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
11:18:45.0052 4148 Mcx2Svc - ok
11:18:45.0067 4148 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
11:18:45.0083 4148 megasas - ok
11:18:45.0083 4148 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
11:18:45.0098 4148 MegaSR - ok
11:18:45.0145 4148 [ C73B93FED17829F11273459DA05E1976 ] mfeapfk C:\Windows\system32\drivers\mfeapfk.sys
11:18:45.0208 4148 mfeapfk - ok
11:18:45.0270 4148 [ 298C065BB9E09D5F14CCD9E8244DE4A0 ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys
11:18:45.0348 4148 mfeavfk - ok
11:18:45.0379 4148 mfeavfk01 - ok
11:18:45.0426 4148 [ AB66AF840EF1667AA73DDA6CE987D0E1 ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
11:18:45.0488 4148 mfefire - ok
11:18:45.0551 4148 [ 4D604F0B85E98C5AD99B89AF72A4E28A ] mfefirek C:\Windows\system32\drivers\mfefirek.sys
11:18:45.0629 4148 mfefirek - ok
11:18:45.0676 4148 [ 85AFDEAD1366BED11A84A5C6FC0A65D2 ] mfehidk C:\Windows\system32\drivers\mfehidk.sys
11:18:45.0754 4148 mfehidk - ok
11:18:45.0785 4148 [ 1B08579938FD72626D92F3C2219903EA ] mferkdet C:\Windows\system32\drivers\mferkdet.sys
11:18:45.0847 4148 mferkdet - ok
11:18:45.0910 4148 [ 984BBBB9BE02EF838DABDF3F3126A91B ] mfevtp C:\Windows\system32\mfevtps.exe
11:18:45.0972 4148 mfevtp - ok
11:18:46.0003 4148 [ 6251BE428073704FF1002231520C8F16 ] mfewfpk C:\Windows\system32\drivers\mfewfpk.sys
11:18:46.0019 4148 mfewfpk - ok
11:18:46.0066 4148 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
11:18:46.0066 4148 MMCSS - ok
11:18:46.0112 4148 [ 8CC001C65C31633171991FA72A551D43 ] MOBKbackup C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe
11:18:46.0190 4148 MOBKbackup - ok
11:18:46.0222 4148 [ 3800C23D0D90C59AAFCDEFDC82B5C4AF ] MOBKFilter C:\Windows\system32\DRIVERS\MOBK.sys
11:18:46.0284 4148 MOBKFilter - ok
11:18:46.0300 4148 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
11:18:46.0300 4148 Modem - ok
11:18:46.0346 4148 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
11:18:46.0346 4148 monitor - ok
11:18:46.0362 4148 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
11:18:46.0378 4148 mouclass - ok
11:18:46.0409 4148 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
11:18:46.0409 4148 mouhid - ok
11:18:46.0440 4148 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
11:18:46.0440 4148 mountmgr - ok
11:18:46.0471 4148 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
11:18:46.0549 4148 mpio - ok
11:18:46.0549 4148 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
11:18:46.0549 4148 mpsdrv - ok
11:18:46.0612 4148 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
11:18:46.0627 4148 MpsSvc - ok
11:18:46.0658 4148 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
11:18:46.0658 4148 MRxDAV - ok
11:18:46.0690 4148 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
11:18:46.0752 4148 mrxsmb - ok
11:18:46.0799 4148 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:18:46.0877 4148 mrxsmb10 - ok
11:18:46.0908 4148 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:18:46.0970 4148 mrxsmb20 - ok
11:18:47.0002 4148 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
11:18:47.0080 4148 msahci - ok
11:18:47.0095 4148 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
11:18:47.0173 4148 msdsm - ok
11:18:47.0189 4148 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
11:18:47.0189 4148 MSDTC - ok
11:18:47.0220 4148 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
11:18:47.0220 4148 Msfs - ok
11:18:47.0236 4148 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
11:18:47.0236 4148 mshidkmdf - ok
11:18:47.0282 4148 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
11:18:47.0282 4148 msisadrv - ok
11:18:47.0314 4148 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
11:18:47.0314 4148 MSiSCSI - ok
11:18:47.0329 4148 msiserver - ok
11:18:47.0360 4148 [ C121367D21599367F2ADB9C11B7BABAA ] MSK80Service C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
11:18:47.0360 4148 MSK80Service - ok
11:18:47.0407 4148 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
11:18:47.0407 4148 MSKSSRV - ok
11:18:47.0407 4148 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
11:18:47.0407 4148 MSPCLOCK - ok
11:18:47.0423 4148 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
11:18:47.0423 4148 MSPQM - ok
11:18:47.0470 4148 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
11:18:47.0485 4148 MsRPC - ok
11:18:47.0516 4148 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
11:18:47.0516 4148 mssmbios - ok
11:18:47.0516 4148 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
11:18:47.0532 4148 MSTEE - ok
11:18:47.0532 4148 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
11:18:47.0532 4148 MTConfig - ok
11:18:47.0563 4148 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
11:18:47.0563 4148 Mup - ok
11:18:47.0610 4148 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
11:18:47.0626 4148 napagent - ok
11:18:47.0672 4148 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
11:18:47.0672 4148 NativeWifiP - ok
11:18:47.0719 4148 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
11:18:47.0735 4148 NDIS - ok
11:18:47.0750 4148 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
11:18:47.0750 4148 NdisCap - ok
11:18:47.0766 4148 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
11:18:47.0766 4148 NdisTapi - ok
11:18:47.0797 4148 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
11:18:47.0797 4148 Ndisuio - ok
11:18:47.0844 4148 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
11:18:47.0844 4148 NdisWan - ok
11:18:47.0875 4148 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
11:18:47.0891 4148 NDProxy - ok
11:18:47.0953 4148 [ 7D2633295EB6FF2B938185874884059D ] Nero BackItUp Scheduler 4.0 C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
11:18:48.0062 4148 Nero BackItUp Scheduler 4.0 - ok
11:18:48.0094 4148 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
11:18:48.0109 4148 NetBIOS - ok
11:18:48.0140 4148 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
11:18:48.0140 4148 NetBT - ok
11:18:48.0156 4148 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
11:18:48.0156 4148 Netlogon - ok
11:18:48.0203 4148 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
11:18:48.0203 4148 Netman - ok
11:18:48.0218 4148 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
11:18:48.0234 4148 netprofm - ok
11:18:48.0265 4148 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:18:48.0265 4148 NetTcpPortSharing - ok
11:18:48.0312 4148 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
11:18:48.0312 4148 nfrd960 - ok
11:18:48.0359 4148 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
11:18:48.0359 4148 NlaSvc - ok
11:18:48.0406 4148 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
11:18:48.0406 4148 Npfs - ok
11:18:48.0437 4148 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
11:18:48.0437 4148 nsi - ok
11:18:48.0437 4148 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
11:18:48.0452 4148 nsiproxy - ok
11:18:48.0515 4148 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
11:18:48.0593 4148 Ntfs - ok
11:18:48.0655 4148 [ 9A308FCDCCA98A15B6F62D36A272160E ] NTI IScheduleSvc C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe
11:18:48.0733 4148 NTI IScheduleSvc - ok
11:18:48.0764 4148 [ 64DDD0DEE976302F4BD93E5EFCC2F013 ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys
11:18:48.0842 4148 NTIDrvr - ok
11:18:48.0842 4148 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
11:18:48.0858 4148 Null - ok
11:18:48.0874 4148 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
11:18:48.0952 4148 nvraid - ok
11:18:48.0983 4148 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
11:18:49.0061 4148 nvstor - ok
11:18:49.0076 4148 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
11:18:49.0092 4148 nv_agp - ok
11:18:49.0108 4148 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
11:18:49.0123 4148 ohci1394 - ok
11:18:49.0186 4148 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:18:49.0264 4148 ose - ok
11:18:49.0388 4148 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
11:18:49.0622 4148 osppsvc - ok
11:18:49.0654 4148 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
11:18:49.0669 4148 p2pimsvc - ok
11:18:49.0685 4148 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
11:18:49.0685 4148 p2psvc - ok
11:18:49.0732 4148 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
11:18:49.0732 4148 Parport - ok
11:18:49.0763 4148 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
11:18:49.0763 4148 partmgr - ok
11:18:49.0763 4148 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
11:18:49.0763 4148 PcaSvc - ok
11:18:49.0794 4148 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
11:18:49.0872 4148 pci - ok
11:18:49.0903 4148 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
11:18:49.0903 4148 pciide - ok
11:18:49.0934 4148 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
11:18:49.0950 4148 pcmcia - ok
11:18:49.0950 4148 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
11:18:49.0950 4148 pcw - ok
11:18:49.0981 4148 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
11:18:49.0997 4148 PEAUTH - ok
11:18:50.0075 4148 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
11:18:50.0075 4148 PerfHost - ok
11:18:50.0137 4148 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
11:18:50.0231 4148 pla - ok
11:18:50.0278 4148 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
11:18:50.0293 4148 PlugPlay - ok
11:18:50.0309 4148 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
11:18:50.0324 4148 PNRPAutoReg - ok
11:18:50.0340 4148 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
11:18:50.0340 4148 PNRPsvc - ok
11:18:50.0418 4148 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
11:18:50.0465 4148 PolicyAgent - ok
11:18:50.0512 4148 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
11:18:50.0512 4148 Power - ok
11:18:50.0558 4148 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
11:18:50.0558 4148 PptpMiniport - ok
11:18:50.0590 4148 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
11:18:50.0590 4148 Processor - ok
11:18:50.0636 4148 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
11:18:50.0699 4148 ProfSvc - ok
11:18:50.0714 4148 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
11:18:50.0714 4148 ProtectedStorage - ok
11:18:50.0761 4148 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
11:18:50.0761 4148 Psched - ok
11:18:50.0824 4148 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
11:18:50.0855 4148 ql2300 - ok
11:18:50.0870 4148 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
11:18:50.0870 4148 ql40xx - ok
11:18:50.0917 4148 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
11:18:50.0917 4148 QWAVE - ok
11:18:50.0948 4148 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
11:18:50.0948 4148 QWAVEdrv - ok
11:18:50.0964 4148 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
11:18:50.0964 4148 RasAcd - ok
11:18:51.0011 4148 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
11:18:51.0011 4148 RasAgileVpn - ok
11:18:51.0042 4148 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
11:18:51.0042 4148 RasAuto - ok
11:18:51.0073 4148 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
11:18:51.0073 4148 Rasl2tp - ok
11:18:51.0120 4148 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
11:18:51.0120 4148 RasMan - ok
11:18:51.0151 4148 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
11:18:51.0167 4148 RasPppoe - ok
11:18:51.0167 4148 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
11:18:51.0167 4148 RasSstp - ok
11:18:51.0214 4148 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
11:18:51.0292 4148 rdbss - ok
11:18:51.0307 4148 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
11:18:51.0307 4148 rdpbus - ok
11:18:51.0323 4148 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
11:18:51.0323 4148 RDPCDD - ok
11:18:51.0370 4148 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
11:18:51.0370 4148 RDPENCDD - ok
11:18:51.0385 4148 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
11:18:51.0385 4148 RDPREFMP - ok
11:18:51.0416 4148 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
11:18:51.0416 4148 RDPWD - ok
11:18:51.0479 4148 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
11:18:51.0541 4148 rdyboost - ok
11:18:51.0572 4148 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
11:18:51.0572 4148 RemoteAccess - ok
11:18:51.0588 4148 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
11:18:51.0604 4148 RemoteRegistry - ok
11:18:51.0619 4148 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
11:18:51.0619 4148 RpcEptMapper - ok
11:18:51.0650 4148 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
11:18:51.0650 4148 RpcLocator - ok
11:18:51.0682 4148 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
11:18:51.0697 4148 RpcSs - ok
11:18:51.0744 4148 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
11:18:51.0744 4148 rspndr - ok
11:18:51.0775 4148 [ 763AE0C6D9DF4C24B7E2C26036A8188A ] RSUSBSTOR C:\Windows\System32\Drivers\RtsUStor.sys
11:18:51.0853 4148 RSUSBSTOR - ok
11:18:51.0900 4148 [ D6D381B76056C668679723938F06F16C ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIVX.sys
11:18:51.0962 4148 RTHDMIAzAudService - ok
11:18:51.0978 4148 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
11:18:51.0978 4148 SamSs - ok
11:18:52.0009 4148 [ A3281AEC37E0720A2BC28034C2DF2A56 ] SASDIFSV C:\Program Files (x86)\SUPERAntiSpyware\SASDIFSV.SYS
11:18:52.0025 4148 SASDIFSV - ok
11:18:52.0056 4148 [ 7CE61C25C159F50F9EAF6D77FC83FA35 ] SASENUM C:\Program Files (x86)\SUPERAntiSpyware\SASENUM.SYS
11:18:52.0103 4148 SASENUM - ok
11:18:52.0118 4148 [ 67D2688756DD304AF655349BAAD82BFF ] SASKUTIL C:\Program Files (x86)\SUPERAntiSpyware\SASKUTIL.SYS
11:18:52.0181 4148 SASKUTIL - ok
11:18:52.0196 4148 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
11:18:52.0274 4148 sbp2port - ok
11:18:52.0290 4148 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
11:18:52.0306 4148 SCardSvr - ok
11:18:52.0337 4148 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
11:18:52.0337 4148 scfilter - ok
11:18:52.0384 4148 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
11:18:52.0415 4148 Schedule - ok
11:18:52.0462 4148 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
11:18:52.0462 4148 SCPolicySvc - ok
11:18:52.0508 4148 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
11:18:52.0555 4148 SDRSVC - ok
11:18:52.0618 4148 [ 331E7BDE228914574FC9AE6CD520DAFA ] SeaPort C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
11:18:52.0696 4148 SeaPort - ok
11:18:52.0742 4148 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
11:18:52.0742 4148 secdrv - ok
11:18:52.0774 4148 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
11:18:52.0774 4148 seclogon - ok
11:18:52.0805 4148 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
11:18:52.0805 4148 SENS - ok
11:18:52.0820 4148 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
11:18:52.0836 4148 SensrSvc - ok
11:18:52.0883 4148 [ 3DC3EC72952BD60C438E397781FF0572 ] Ser2pl C:\Windows\system32\DRIVERS\ser2pl64.sys
11:18:52.0945 4148 Ser2pl - ok
11:18:52.0976 4148 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
11:18:52.0976 4148 Serenum - ok
11:18:52.0992 4148 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
11:18:53.0008 4148 Serial - ok
11:18:53.0039 4148 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
11:18:53.0039 4148 sermouse - ok
11:18:53.0086 4148 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
11:18:53.0132 4148 SessionEnv - ok
11:18:53.0164 4148 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
11:18:53.0179 4148 sffdisk - ok
11:18:53.0195 4148 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
11:18:53.0195 4148 sffp_mmc - ok
11:18:53.0210 4148 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
11:18:53.0273 4148 sffp_sd - ok
11:18:53.0288 4148 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
11:18:53.0288 4148 sfloppy - ok
11:18:53.0351 4148 [ D5183ED285D2795491DC15BDDCBEE5AD ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
11:18:53.0429 4148 Sftfs - ok
11:18:53.0507 4148 [ BFDB58616FF5EA540A5F58301D50641E ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
11:18:53.0600 4148 sftlist - ok
11:18:53.0632 4148 [ 00F118B68C50D2206DD51634F9142B83 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
11:18:53.0694 4148 Sftplay - ok
11:18:53.0741 4148 [ 76A827DF5640BFE16A0CDBB4108ADECA ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
11:18:53.0803 4148 Sftredir - ok
11:18:53.0819 4148 [ 1B4C9701645086BAB8CAFFFCE30ED284 ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
11:18:53.0881 4148 Sftvol - ok
11:18:53.0928 4148 [ B94C3C4DCA2093243C76CA218EDE2A97 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
11:18:53.0990 4148 sftvsa - ok
11:18:54.0037 4148 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:18:54.0037 4148 ShellHWDetection - ok
11:18:54.0068 4148 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
11:18:54.0084 4148 SiSRaid2 - ok
11:18:54.0084 4148 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
11:18:54.0084 4148 SiSRaid4 - ok
11:18:54.0100 4148 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
11:18:54.0100 4148 Smb - ok
11:18:54.0162 4148 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
11:18:54.0162 4148 SNMPTRAP - ok
11:18:54.0162 4148 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
11:18:54.0178 4148 spldr - ok
11:18:54.0209 4148 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
11:18:54.0224 4148 Spooler - ok
11:18:54.0318 4148 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
11:18:54.0396 4148 sppsvc - ok
11:18:54.0427 4148 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
11:18:54.0427 4148 sppuinotify - ok
11:18:54.0474 4148 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
11:18:54.0474 4148 srv - ok
11:18:54.0536 4148 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
11:18:54.0536 4148 srv2 - ok
11:18:54.0583 4148 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
11:18:54.0583 4148 srvnet - ok
11:18:54.0614 4148 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
11:18:54.0614 4148 SSDPSRV - ok
11:18:54.0630 4148 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
11:18:54.0646 4148 SstpSvc - ok
11:18:54.0661 4148 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
11:18:54.0677 4148 stexstor - ok
11:18:54.0724 4148 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
11:18:54.0786 4148 stisvc - ok
11:18:54.0911 4148 [ 1DB60CB3E53E2491D5D6C43C06676CA2 ] Stuffit Archive Name Service C:\Program Files (x86)\Smith Micro\StuffIt 2010\ArcNameService.exe
11:18:55.0036 4148 Stuffit Archive Name Service - ok
11:18:55.0067 4148 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
11:18:55.0082 4148 swenum - ok
11:18:55.0114 4148 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
11:18:55.0129 4148 swprv - ok
11:18:55.0160 4148 [ 064A2530A4A7C7CEC1BE6A1945645BE4 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
11:18:55.0223 4148 SynTP - ok
11:18:55.0301 4148 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
11:18:55.0348 4148 SysMain - ok
11:18:55.0379 4148 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
11:18:55.0441 4148 TabletInputService - ok
11:18:55.0472 4148 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
11:18:55.0472 4148 TapiSrv - ok
11:18:55.0504 4148 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
11:18:55.0519 4148 TBS - ok
11:18:55.0582 4148 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
11:18:55.0628 4148 Tcpip - ok
11:18:55.0691 4148 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
11:18:55.0691 4148 TCPIP6 - ok
11:18:55.0738 4148 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
11:18:55.0738 4148 tcpipreg - ok
11:18:55.0769 4148 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
11:18:55.0769 4148 TDPIPE - ok
11:18:55.0800 4148 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
11:18:55.0800 4148 TDTCP - ok
11:18:55.0847 4148 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
11:18:55.0909 4148 tdx - ok
11:18:55.0940 4148 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
11:18:55.0987 4148 TermDD - ok
11:18:56.0050 4148 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
11:18:56.0050 4148 TermService - ok
11:18:56.0081 4148 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
11:18:56.0081 4148 Themes - ok
11:18:56.0096 4148 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
11:18:56.0096 4148 THREADORDER - ok
11:18:56.0128 4148 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
11:18:56.0128 4148 TrkWks - ok
11:18:56.0190 4148 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:18:56.0190 4148 TrustedInstaller - ok
11:18:56.0221 4148 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
11:18:56.0299 4148 tssecsrv - ok
11:18:56.0346 4148 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
11:18:56.0346 4148 TsUsbFlt - ok
11:18:56.0393 4148 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
11:18:56.0408 4148 tunnel - ok
11:18:56.0424 4148 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
11:18:56.0440 4148 uagp35 - ok
11:18:56.0455 4148 [ 2E22C1FD397A5A9FFEF55E9D1FC96C00 ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
11:18:56.0518 4148 UBHelper - ok
11:18:56.0549 4148 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
11:18:56.0564 4148 udfs - ok
11:18:56.0596 4148 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
11:18:56.0596 4148 UI0Detect - ok
11:18:56.0627 4148 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
11:18:56.0627 4148 uliagpkx - ok
11:18:56.0674 4148 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
11:18:56.0736 4148 umbus - ok
11:18:56.0752 4148 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
11:18:56.0752 4148 UmPass - ok
11:18:56.0798 4148 [ F9EC9ACD504D823D9B9CA98A4F8D3CA2 ] Updater Service C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe
11:18:56.0876 4148 Updater Service - ok
11:18:56.0908 4148 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
11:18:56.0923 4148 upnphost - ok
11:18:56.0954 4148 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
11:18:57.0017 4148 USBAAPL64 - ok
11:18:57.0048 4148 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
11:18:57.0110 4148 usbccgp - ok
11:18:57.0157 4148 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
11:18:57.0157 4148 usbcir - ok
11:18:57.0204 4148 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
11:18:57.0266 4148 usbehci - ok
11:18:57.0282 4148 [ 2C780746DC44A28FE67004DC58173F05 ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys
11:18:57.0360 4148 usbfilter - ok
11:18:57.0407 4148 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
11:18:57.0469 4148 usbhub - ok
11:18:57.0485 4148 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
11:18:57.0547 4148 usbohci - ok
11:18:57.0578 4148 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
11:18:57.0578 4148 usbprint - ok
11:18:57.0610 4148 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
11:18:57.0625 4148 usbscan - ok
11:18:57.0641 4148 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:18:57.0703 4148 USBSTOR - ok
11:18:57.0719 4148 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
11:18:57.0781 4148 usbuhci - ok
11:18:57.0828 4148 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
11:18:57.0890 4148 usbvideo - ok
11:18:57.0922 4148 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
11:18:57.0922 4148 UxSms - ok
11:18:57.0937 4148 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
11:18:57.0937 4148 VaultSvc - ok
11:18:57.0968 4148 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
11:18:57.0968 4148 vdrvroot - ok
11:18:58.0015 4148 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
11:18:58.0031 4148 vds - ok
11:18:58.0062 4148 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
11:18:58.0062 4148 vga - ok
11:18:58.0078 4148 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
11:18:58.0078 4148 VgaSave - ok
11:18:58.0109 4148 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
11:18:58.0171 4148 vhdmp - ok
11:18:58.0202 4148 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
11:18:58.0218 4148 viaide - ok
11:18:58.0234 4148 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
11:18:58.0312 4148 volmgr - ok
11:18:58.0343 4148 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
11:18:58.0421 4148 volmgrx - ok
11:18:58.0436 4148 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
11:18:58.0499 4148 volsnap - ok
11:18:58.0546 4148 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
11:18:58.0546 4148 vsmraid - ok
11:18:58.0624 4148 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
11:18:58.0655 4148 VSS - ok
11:18:58.0670 4148 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
11:18:58.0670 4148 vwifibus - ok
11:18:58.0702 4148 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
11:18:58.0702 4148 vwififlt - ok
11:18:58.0733 4148 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
11:18:58.0733 4148 W32Time - ok
11:18:58.0764 4148 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
11:18:58.0780 4148 WacomPen - ok
11:18:58.0811 4148 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
11:18:58.0826 4148 WANARP - ok
11:18:58.0826 4148 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
11:18:58.0826 4148 Wanarpv6 - ok
11:18:58.0889 4148 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
11:18:58.0982 4148 WatAdminSvc - ok
11:18:59.0045 4148 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
11:18:59.0076 4148 wbengine - ok
11:18:59.0107 4148 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
11:18:59.0107 4148 WbioSrvc - ok
11:18:59.0154 4148 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
11:18:59.0170 4148 wcncsvc - ok
11:18:59.0185 4148 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:18:59.0185 4148 WcsPlugInService - ok
11:18:59.0216 4148 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
11:18:59.0216 4148 Wd - ok
11:18:59.0248 4148 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
11:18:59.0248 4148 Wdf01000 - ok
11:18:59.0263 4148 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
11:18:59.0263 4148 WdiServiceHost - ok
11:18:59.0279 4148 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
11:18:59.0279 4148 WdiSystemHost - ok
11:18:59.0310 4148 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
11:18:59.0326 4148 WebClient - ok
11:18:59.0341 4148 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
11:18:59.0357 4148 Wecsvc - ok
11:18:59.0372 4148 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
11:18:59.0372 4148 wercplsupport - ok
11:18:59.0388 4148 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
11:18:59.0404 4148 WerSvc - ok
11:18:59.0435 4148 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
11:18:59.0435 4148 WfpLwf - ok
11:18:59.0450 4148 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
11:18:59.0450 4148 WIMMount - ok
11:18:59.0482 4148 WinDefend - ok
11:18:59.0482 4148 WinHttpAutoProxySvc - ok
11:18:59.0544 4148 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
11:18:59.0544 4148 Winmgmt - ok
11:18:59.0622 4148 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
11:18:59.0669 4148 WinRM - ok
11:18:59.0747 4148 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
11:18:59.0809 4148 WinUsb - ok
11:18:59.0856 4148 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
11:18:59.0872 4148 Wlansvc - ok
11:18:59.0903 4148 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
11:18:59.0903 4148 WmiAcpi - ok
11:18:59.0934 4148 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
11:18:59.0934 4148 wmiApSrv - ok
11:18:59.0950 4148 WMPNetworkSvc - ok
11:18:59.0981 4148 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
11:18:59.0996 4148 WPCSvc - ok
11:19:00.0028 4148 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
11:19:00.0074 4148 WPDBusEnum - ok
11:19:00.0106 4148 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
11:19:00.0106 4148 ws2ifsl - ok
11:19:00.0137 4148 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
11:19:00.0152 4148 wscsvc - ok
11:19:00.0152 4148 WSearch - ok
11:19:00.0246 4148 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
11:19:00.0308 4148 wuauserv - ok
11:19:00.0355 4148 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
11:19:00.0418 4148 WudfPf - ok
11:19:00.0480 4148 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
11:19:00.0480 4148 WUDFRd - ok
11:19:00.0511 4148 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
11:19:00.0558 4148 wudfsvc - ok
11:19:00.0589 4148 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
11:19:00.0589 4148 WwanSvc - ok
11:19:00.0620 4148 ================ Scan global ===============================
11:19:00.0636 4148 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
11:19:00.0683 4148 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
11:19:00.0745 4148 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
11:19:00.0761 4148 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
11:19:00.0792 4148 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
11:19:00.0792 4148 [Global] - ok
11:19:00.0808 4148 ================ Scan MBR ==================================
11:19:00.0823 4148 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
11:19:01.0244 4148 \Device\Harddisk0\DR0 - ok
11:19:01.0244 4148 ================ Scan VBR ==================================
11:19:01.0244 4148 [ 40596075BB98F557244C2212D1736812 ] \Device\Harddisk0\DR0\Partition1
11:19:01.0244 4148 \Device\Harddisk0\DR0\Partition1 - ok
11:19:01.0276 4148 [ B1CBCF37B2A831C5622A8AA9A2FDBB78 ] \Device\Harddisk0\DR0\Partition2
11:19:01.0291 4148 \Device\Harddisk0\DR0\Partition2 - ok
11:19:01.0291 4148 ============================================================
11:19:01.0291 4148 Scan finished
11:19:01.0291 4148 ============================================================
11:19:01.0291 1864 Detected object count: 0
11:19:01.0291 1864 Actual detected object count: 0
11:20:30.0945 2216 Deinitialize success

This is the aswMBR file:

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-09-27 13:37:59
-----------------------------
13:37:59.239 OS Version: Windows x64 6.1.7601 Service Pack 1
13:37:59.239 Number of processors: 3 586 0x503
13:37:59.239 ComputerName: SFOEGE-PC UserName: sfoege
13:38:00.846 Initialize success
13:38:54.363 AVAST engine defs: 12092700
13:39:14.628 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
13:39:14.628 Disk 0 Vendor: WDC_WD5000BEVT-22A0RT0 01.01A01 Size: 476940MB BusType: 11
13:39:14.628 Disk 0 MBR read successfully
13:39:14.628 Disk 0 MBR scan
13:39:14.643 Disk 0 Windows 7 default MBR code
13:39:14.659 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 13312 MB offset 2048
13:39:14.675 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 27265024
13:39:14.690 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 463526 MB offset 27469824
13:39:14.721 Disk 0 scanning C:\Windows\system32\drivers
13:39:32.537 Service scanning
13:40:23.206 Modules scanning
13:40:23.206 Disk 0 trace - called modules:
13:40:23.252 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
13:40:23.252 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004360730]
13:40:23.252 3 CLASSPNP.SYS[fffff8800121c43f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa80042df060]
13:40:24.922 AVAST engine scan C:\
14:59:19.768 File: C:\Windows\assembly\GAC_32\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
14:59:27.082 File: C:\Windows\assembly\GAC_64\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
16:18:12.251 Scan finished successfully
18:57:05.597 Disk 0 MBR has been saved successfully to "C:\Users\sfoege\Desktop\MBR.dat"
18:57:05.644 The log file has been saved successfully to "C:\Users\sfoege\Desktop\aswMBR.txt"

#5 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:17 PM

Posted 27 September 2012 - 07:25 PM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

Launch it and scan should start running.After scan gets completed,post the generated log here.

#6 Jackman33

Jackman33
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:06:17 PM

Posted 28 September 2012 - 08:25 AM

First, I could not find a program as "FSS" and you show "adware", is that the name of a program or should I use a program like NoAdware or SuperAntiSpyware?


Here is the Malwarebytes file:

Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org

Database version: v2012.09.27.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
sfoege :: SFOEGE-PC [administrator]

9/27/2012 8:57:17 PM
mbam-log-2012-09-27 (20-57-17).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 482063
Time elapsed: 1 hour(s), 42 minute(s), 2 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

Here is the mini toolbox file:

MiniToolBox by Farbar Version: 23-07-2012
Ran by sfoege (administrator) on 28-09-2012 at 06:21:36
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================



========================= IP Configuration: ================================

Atheros AR5B97 Wireless Network Adapter = Wireless Network Connection (Connected)
Broadcom NetLink ™ Gigabit Ethernet = Local Area Connection (Hardware not present)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : sfoege-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Atheros AR5B97 Wireless Network Adapter
Physical Address. . . . . . . . . : 5C-AC-4C-0D-DE-62
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::edfa:8752:c93e:711b%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.130(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Thursday, September 27, 2012 7:32:14 PM
Lease Expires . . . . . . . . . . : Friday, September 28, 2012 7:32:18 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 308063308
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-5E-53-23-1C-75-08-25-12-9D
DNS Servers . . . . . . . . . . . : 207.191.192.130
207.191.192.132
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{41DA7ED1-58CD-452C-8735-1EFDAB3D8BA2}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:953c:1cdc:1fb7:3f57:fe7d(Preferred)
Link-local IPv6 Address . . . . . : fe80::1cdc:1fb7:3f57:fe7d%12(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: dns1.imoncommunications.net
Address: 207.191.192.130

Name: google.com
Addresses: 2607:f8b0:4009:801::1008
74.125.225.70
74.125.225.73
74.125.225.69
74.125.225.72
74.125.225.71
74.125.225.65
74.125.225.64
74.125.225.66
74.125.225.78
74.125.225.68
74.125.225.67


Pinging google.com [74.125.225.73] with 32 bytes of data:
Reply from 74.125.225.73: bytes=32 time=9ms TTL=56
Reply from 74.125.225.73: bytes=32 time=9ms TTL=56

Ping statistics for 74.125.225.73:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 9ms, Maximum = 9ms, Average = 9ms
Server: dns1.imoncommunications.net
Address: 207.191.192.130

Name: yahoo.com
Addresses: 98.138.253.109
72.30.38.140
98.139.183.24


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=1008ms TTL=43
Reply from 72.30.38.140: bytes=32 time=1326ms TTL=43

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 1008ms, Maximum = 1326ms, Average = 1167ms
Server: dns1.imoncommunications.net
Address: 207.191.192.130

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
11...5c ac 4c 0d de 62 ......Atheros AR5B97 Wireless Network Adapter
1...........................Software Loopback Interface 1
15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.130 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.130 281
192.168.1.130 255.255.255.255 On-link 192.168.1.130 281
192.168.1.255 255.255.255.255 On-link 192.168.1.130 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.130 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.130 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
12 58 ::/0 On-link
1 306 ::1/128 On-link
12 58 2001::/32 On-link
12 306 2001:0:9d38:953c:1cdc:1fb7:3f57:fe7d/128
On-link
11 281 fe80::/64 On-link
12 306 fe80::/64 On-link
12 306 fe80::1cdc:1fb7:3f57:fe7d/128
On-link
11 281 fe80::edfa:8752:c93e:711b/128
On-link
1 306 ff00::/8 On-link
12 306 ff00::/8 On-link
11 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/28/2012 06:13:05 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/28/2012 06:10:51 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/27/2012 07:35:25 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {22db50a1-60dd-4b71-a5ee-cf5b2b25f6de}

Error: (09/27/2012 11:23:35 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/27/2012 11:23:35 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/27/2012 11:22:15 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/27/2012 09:15:33 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {2b93bf52-fd09-4e9c-bdc4-c4ebd610b178}

Error: (09/27/2012 09:02:38 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {3692fc8d-8644-40e3-af1c-d4a0b1234dae}

Error: (09/27/2012 06:59:18 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {e07b58b6-74dc-4c57-a725-0a520fa8ab38}

Error: (09/26/2012 09:17:47 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {b31f7472-bd3a-4daa-b9a1-7670aca13f9b}


System errors:
=============
Error: (09/27/2012 07:35:18 PM) (Source: Service Control Manager) (User: )
Description: The Windows Firewall service terminated with service-specific error %%5.

Error: (09/27/2012 07:35:18 PM) (Source: Service Control Manager) (User: )
Description: The McAfee Personal Firewall Service service depends on the Windows Firewall service which failed to start because of the following error:
%%1066

Error: (09/27/2012 07:35:18 PM) (Source: Service Control Manager) (User: )
Description: The Windows Firewall service terminated with service-specific error %%5.

Error: (09/27/2012 07:35:18 PM) (Source: Service Control Manager) (User: )
Description: The McAfee Personal Firewall Service service depends on the Windows Firewall service which failed to start because of the following error:
%%1066

Error: (09/27/2012 07:33:20 PM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (09/27/2012 07:33:20 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (09/27/2012 07:33:09 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (09/27/2012 07:33:09 PM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (09/27/2012 07:32:52 PM) (Source: Service Control Manager) (User: )
Description: The McAfee Personal Firewall Service service depends on the Windows Firewall service which failed to start because of the following error:
%%1066

Error: (09/27/2012 07:32:12 PM) (Source: Service Control Manager) (User: )
Description: The Windows Firewall service terminated with service-specific error %%5.


Microsoft Office Sessions:
=========================
Error: (09/28/2012 06:13:05 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\sfoege\Downloads\esetsmartinstaller_enu.exe

Error: (09/28/2012 06:10:51 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\sfoege\Downloads\esetsmartinstaller_enu.exe

Error: (09/27/2012 07:35:25 PM) (Source: VSS)(User: )
Description: 0x80070005, Access is denied.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {22db50a1-60dd-4b71-a5ee-cf5b2b25f6de}

Error: (09/27/2012 11:23:35 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\sfoege\Downloads\esetsmartinstaller_enu.exe

Error: (09/27/2012 11:23:35 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\sfoege\Downloads\esetsmartinstaller_enu.exe

Error: (09/27/2012 11:22:15 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestE:\esetsmartinstaller_enu.exe

Error: (09/27/2012 09:15:33 AM) (Source: VSS)(User: )
Description: 0x80070005, Access is denied.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {2b93bf52-fd09-4e9c-bdc4-c4ebd610b178}

Error: (09/27/2012 09:02:38 AM) (Source: VSS)(User: )
Description: 0x80070005, Access is denied.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {3692fc8d-8644-40e3-af1c-d4a0b1234dae}

Error: (09/27/2012 06:59:18 AM) (Source: VSS)(User: )
Description: 0x80070005, Access is denied.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {e07b58b6-74dc-4c57-a725-0a520fa8ab38}

Error: (09/26/2012 09:17:47 PM) (Source: VSS)(User: )
Description: 0x80070005, Access is denied.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {b31f7472-bd3a-4daa-b9a1-7670aca13f9b}


=========================== Installed Programs ============================

18 Wheels of Steel - American Long Haul (Version: 2.2.0.95)
20,000 Notebook Games (Version: 1.00.10.02.18.1)
Acrobat.com (Version: 1.6.65)
Adobe AIR (Version: 2.0.2.12610)
Adobe Flash Player 11 ActiveX (Version: 11.4.402.278)
Adobe Reader 9.1 MUI (Version: 9.1.0)
Adobe Shockwave Player 11.5 (Version: 11.5.9.620)
Advertising Center (Version: 0.0.0.2)
Agatha Christie - Death on the Nile (Version: 2.2.0.95)
ALOT Appbar
AMD USB Filter Driver (Version: 1.0.15.94)
Apple Application Support (Version: 2.1.7)
Apple Mobile Device Support (Version: 5.1.1.4)
Apple Software Update (Version: 2.1.3.127)
AQUAZONE DESKTOP GARDEN
ArcSoft Panorama Maker 4
Ask Toolbar (Version: 1.12.2.0)
ATI Catalyst Install Manager (Version: 3.0.765.0)
Backup Manager Basic (Version: 2.0.0.68)
Barnes & Noble Desktop Reader (Version: 2.5.1.21)
Bejeweled 2 Deluxe (Version: 2.2.0.95)
Bing Bar (Version: 6.0.2282.0)
Bing Bar Platform (Version: 6.0.2282.0)
Bing Rewards Client Installer (Version: 16.0.345.0)
Blackhawk Striker 2 (Version: 2.2.0.95)
Bonjour (Version: 3.0.0.10)
Broadcom Gigabit NetLink Controller (Version: 14.0.2.3)
Build-a-lot 2 (Version: 2.2.0.95)
Bushnell Neo Sync Application v3.0.4
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Core Implementation (Version: 2010.0329.836.13543)
Catalyst Control Center Graphics Full Existing (Version: 2010.0329.836.13543)
Catalyst Control Center Graphics Full New (Version: 2010.0329.836.13543)
Catalyst Control Center Graphics Light (Version: 2010.0329.836.13543)
Catalyst Control Center Graphics Previews Common (Version: 2010.0329.836.13543)
Catalyst Control Center InstallProxy (Version: 2010.0329.836.13543)
Catalyst Control Center Localization All (Version: 2010.0329.836.13543)
ccc-core-static (Version: 2010.0329.836.13543)
ccc-utility64 (Version: 2010.0329.836.13543)
CCC Help Chinese Standard (Version: 2010.0329.0835.13543)
CCC Help Chinese Traditional (Version: 2010.0329.0835.13543)
CCC Help Czech (Version: 2010.0329.0835.13543)
CCC Help Danish (Version: 2010.0329.0835.13543)
CCC Help Dutch (Version: 2010.0329.0835.13543)
CCC Help English (Version: 2010.0329.0835.13543)
CCC Help Finnish (Version: 2010.0329.0835.13543)
CCC Help French (Version: 2010.0329.0835.13543)
CCC Help German (Version: 2010.0329.0835.13543)
CCC Help Greek (Version: 2010.0329.0835.13543)
CCC Help Hungarian (Version: 2010.0329.0835.13543)
CCC Help Italian (Version: 2010.0329.0835.13543)
CCC Help Japanese (Version: 2010.0329.0835.13543)
CCC Help Korean (Version: 2010.0329.0835.13543)
CCC Help Norwegian (Version: 2010.0329.0835.13543)
CCC Help Polish (Version: 2010.0329.0835.13543)
CCC Help Portuguese (Version: 2010.0329.0835.13543)
CCC Help Russian (Version: 2010.0329.0835.13543)
CCC Help Spanish (Version: 2010.0329.0835.13543)
CCC Help Swedish (Version: 2010.0329.0835.13543)
CCC Help Thai (Version: 2010.0329.0835.13543)
CCC Help Turkish (Version: 2010.0329.0835.13543)
Chuzzle Deluxe (Version: 2.2.0.95)
Citrix online plug-in (DV) (Version: 12.1.0.30)
Citrix online plug-in (HDX) (Version: 12.1.0.30)
Citrix online plug-in (PNA) (Version: 12.1.0.30)
Citrix online plug-in (SSON) (Version: 12.1.0.30)
Citrix online plug-in (USB) (Version: 12.1.0.30)
Citrix online plug-in (Version: 12.1.0.30)
Citrix online plug-in (Web) (Version: 12.1.0.30)
Cook'n Deluxe
CyberLink PowerDVD 9 (Version: 9.0.3216.50)
DHTML Editing Component (Version: 6.02.0001)
Digital TV for PC 2.0
Diner Dash 2 Restaurant Rescue (Version: 2.2.0.95)
Dora's Carnival Adventure (Version: 2.2.0.95)
eBay Worldwide (Version: 2.1.0901)
ESET Online Scanner v3
FATE (Version: 2.2.0.95)
File Uploader (Version: 1.1.1)
Garmin Communicator Plugin x64 (Version: 4.0.3)
Garmin Lifetime Updater (Version: 2.1.11)
Gateway Games (Version: 1.0.1.3)
Gateway InfoCentre (Version: 3.02.3000)
Gateway MyBackup (Version: 2.0.0.68)
Gateway Power Management (Version: 5.00.3005)
Gateway Recovery Management (Version: 4.05.3013)
Gateway Registration (Version: 1.03.3003)
Gateway ScreenSaver (Version: 1.1.0806.2010)
Gateway Social Networks (Version: 1.0.1901)
Gateway Updater (Version: 1.02.3001)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.4.3230.2052)
Google Update Helper (Version: 1.3.21.123)
Hoyle Casino '98
Identity Card (Version: 1.00.3003)
ImagXpress (Version: 7.0.74.0)
Inbox Toolbar (Version: 1.0.0)
iTunes (Version: 10.6.1.7)
Java Auto Updater (Version: 2.0.5.1)
Java™ 6 Update 26 (Version: 6.0.260)
Jewel Quest - Heritage (Version: 2.2.0.95)
Jewel Quest Solitaire 2 (Version: 2.2.0.95)
John Deere Drive Green (Version: 2.2.0.95)
Junk Mail filter update (Version: 14.0.8117.416)
Launch Manager (Version: 4.0.14)
Malwarebytes Anti-Malware version 1.65.0.1400 (Version: 1.65.0.1400)
McAfee Online Backup (Version: 1.16.4.0)
McAfee Total Protection (Version: 11.6.434)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Default Manager (Version: 2.2.114.0)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office Starter 2010 - English (Version: 14.0.4763.1000)
Microsoft Search Enhancement Pack (Version: 3.0.131.0)
Microsoft Silverlight (Version: 4.0.50401.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Nero 9 Essentials
Nero ControlCenter (Version: 9.0.0.1)
Nero DiscSpeed (Version: 5.4.13.100)
Nero DiscSpeed Help (Version: 5.4.4.100)
Nero DriveSpeed (Version: 4.4.12.100)
Nero DriveSpeed Help (Version: 4.4.4.100)
Nero Express Help (Version: 9.4.37.100)
Nero InfoTool (Version: 6.4.12.100)
Nero InfoTool Help (Version: 6.4.4.100)
Nero Installer (Version: 4.4.9.0)
Nero Online Upgrade (Version: 1.3.0.0)
Nero StartSmart (Version: 9.4.37.100)
Nero StartSmart Help (Version: 9.4.27.100)
Nero StartSmart OEM (Version: 9.4.10.100)
NeroExpress (Version: 9.4.37.100)
neroxml (Version: 1.0.0)
Nikon Message Center (Version: 0.92.000)
Nikon Transfer (Version: 1.3.0)
Norton Security Scan (Version: 3.1.1.6)
Optimizer Pro v3.0 (Version: 3.0)
Penguins! (Version: 2.2.0.95)
Petz Sports (Version: 1.00)
Plants vs. Zombies (Version: 2.2.0.95)
Play Pickle
Polar Bowler (Version: 2.2.0.95)
Polar Golfer (Version: 2.2.0.95)
QuickTime (Version: 7.71.80.42)
Realtek HDMI Audio Driver for ATI (Version: 6.0.1.6034)
Realtek High Definition Audio Driver (Version: 6.0.1.6141)
Realtek USB 2.0 Card Reader (Version: 6.1.7600.30122)
RebateInformer (Version: 1.0.0.75)
Shared C Run-time for x64 (Version: 10.0.0)
Sierra Utilities
SpeedConnect Connection Tester
StuffIt 2010 (Version: 14.0.0)
SUPERAntiSpyware (Version: 5.0.1146)
SUPERAntiSpyware Free Edition (Version: 4.35.0.1002)
Synaptics Pointing Device Driver (Version: 14.0.19.0)
Times Reader (Version: 2.055)
Total 3D Home, Landscape, and Deck (Version: 11.0)
Typing Instructor Platinum (Version: 21.00.0000)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update Installer for WildTangent Games App
Video Web Camera (Version: 0.5.37.3)
Virtual Villagers 4 - The Tree of Life (Version: 2.2.0.95)
Welcome Center (Version: 1.02.3004)
WhiteSmoke US New Toolbar (Version: 6.9.0.16)
WildTangent Games App (Gateway Games) (Version: 4.0.5.2)
Windows Live Call (Version: 14.0.8117.0416)
Windows Live Communications Platform (Version: 14.0.8117.416)
Windows Live Essentials (Version: 14.0.8117.0416)
Windows Live Essentials (Version: 14.0.8117.416)
Windows Live Mail (Version: 14.0.8117.0416)
Windows Live Messenger (Version: 14.0.8117.0416)
Windows Live Movie Maker (Version: 14.0.8117.0416)
Windows Live Photo Gallery (Version: 14.0.8117.416)
Windows Live Sign-in Assistant (Version: 5.000.818.5)
Windows Live Sync (Version: 14.0.8117.416)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Live Writer (Version: 14.0.8117.0416)
Zuma's Revenge (Version: 2.2.0.95)

========================= Memory info: ===================================

Percentage of memory in use: 35%
Total physical RAM: 3834.9 MB
Available physical RAM: 2463.18 MB
Total Pagefile: 7667.99 MB
Available Pagefile: 5592.46 MB
Total Virtual: 4095.88 MB
Available Virtual: 3958.88 MB

========================= Partitions: =====================================

1 Drive c: (Gateway) (Fixed) (Total:452.66 GB) (Free:388.83 GB) NTFS

========================= Users: ========================================

User accounts for \\SFOEGE-PC

Administrator Guest Noah
sfoege

========================= Restore Points ==================================

29-08-2012 23:39:56 Scheduled Checkpoint
08-09-2012 14:37:16 Scheduled Checkpoint
17-09-2012 20:58:05 Scheduled Checkpoint
25-09-2012 19:34:03 Installed SUPERAntiSpyware Free Edition
27-09-2012 01:46:39 Windows Update
27-09-2012 02:09:22 Windows Update

**** End of log ****

Here is the JRT file:

Junkware Removal Tool (JRT) by Thisisu
Version: 1.1.1 (09.27.2012)
OS: Windows 7 Home Premium x64
Ran by sfoege on Thu 09/27/2012 at 22:55:34.48
Blog: http://thisisudax.blogspot.com
**************************************************************




*** Registry Values:

Successfully deleted: [VALUE] {462be121-2b54-4218-bf00-b9bf8135b23f} from: hkey_current_user\software\microsoft\internet explorer\urlsearchhooks
ERROR: Access is denied.

Failed to delete: [VALUE-LOCKED!] {462be121-2b54-4218-bf00-b9bf8135b23f} from: hkey_local_machine\software\microsoft\internet explorer\urlsearchhooks
ERROR: Access is denied.

Failed to delete: [VALUE-LOCKED!] {462be121-2b54-4218-bf00-b9bf8135b23f} from: hkey_local_machine\software\microsoft\internet explorer\toolbar



*** Registry Keys:

Successfully deleted: [KEY] hkey_current_user\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}
ERROR: Access is denied.

Failed to delete: [KEY-LOCKED!] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}
ERROR: Access is denied.

Failed to delete: [KEY-LOCKED!] hkey_local_machine\software\wow6432node\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}
ERROR: Access is denied.

Failed to delete: [KEY-LOCKED!] hkey_classes_root\clsid\{3c471948-f874-49f5-b338-4f214a2ee0b1}
ERROR: Access is denied.

Failed to delete: [KEY-LOCKED!] hkey_classes_root\wow6432node\clsid\{3c471948-f874-49f5-b338-4f214a2ee0b1}
ERROR: Access is denied.

Failed to delete: [KEY-LOCKED!] hkey_local_machine\software\classes\clsid\{3c471948-f874-49f5-b338-4f214a2ee0b1}
ERROR: Access is denied.

Failed to delete: [KEY-LOCKED!] hkey_local_machine\software\classes\wow6432node\clsid\{3c471948-f874-49f5-b338-4f214a2ee0b1}
ERROR: Access is denied.

Failed to delete: [KEY-LOCKED!] hkey_local_machine\software\wow6432node\classes\clsid\{3c471948-f874-49f5-b338-4f214a2ee0b1}
ERROR: Access is denied.

Failed to delete: [KEY-LOCKED!] hkey_classes_root\clsid\{462be121-2b54-4218-bf00-b9bf8135b23f}
ERROR: Access is denied.

Failed to delete: [KEY-LOCKED!] hkey_classes_root\wow6432node\clsid\{462be121-2b54-4218-bf00-b9bf8135b23f}
Successfully deleted: [KEY] hkey_current_user\software\microsoft\windows\currentversion\ext\settings\{462be121-2b54-4218-bf00-b9bf8135b23f}
Successfully deleted: [KEY] hkey_current_user\software\microsoft\windows\currentversion\ext\stats\{462be121-2b54-4218-bf00-b9bf8135b23f}
ERROR: Access is denied.

Failed to delete: [KEY-LOCKED!] hkey_local_machine\software\classes\clsid\{462be121-2b54-4218-bf00-b9bf8135b23f}
ERROR: Access is denied.

Failed to delete: [KEY-LOCKED!] hkey_local_machine\software\classes\wow6432node\clsid\{462be121-2b54-4218-bf00-b9bf8135b23f}
ERROR: Access is denied.

Failed to delete: [KEY-LOCKED!] hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{462be121-2b54-4218-bf00-b9bf8135b23f}
ERROR: Access is denied.

Failed to delete: [KEY-LOCKED!] hkey_local_machine\software\wow6432node\classes\clsid\{462be121-2b54-4218-bf00-b9bf8135b23f}
ERROR: Access is denied.

Failed to delete: [KEY-LOCKED!] hkey_local_machine\software\wow6432node\microsoft\windows\currentversion\explorer\browser helper objects\{462be121-2b54-4218-bf00-b9bf8135b23f}
Successfully deleted: [KEY] hkey_current_user\software\microsoft\internet explorer\searchscopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
ERROR: Access is denied.

Failed to delete: [KEY-LOCKED!] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
ERROR: Access is denied.

Failed to delete: [KEY-LOCKED!] hkey_local_machine\software\wow6432node\microsoft\internet explorer\searchscopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Successfully deleted: [KEY] "hkey_current_user\software\appdatalow\software\conduit"
Successfully deleted: [KEY] "hkey_current_user\software\appdatalow\software\conduitsearchscopes"
Successfully deleted: [KEY] "hkey_current_user\software\appdatalow\software\pricegong"
Successfully deleted: [KEY] "hkey_current_user\software\appdatalow\software\smartbar"
Successfully deleted: [KEY] "hkey_current_user\software\appdatalow\toolbar"
ERROR: Access is denied.

Failed to delete: [KEY-LOCKED!] "hkey_local_machine\software\conduit"



*** Files:

Successfully deleted: [FILE] C:\Program Files (x86)\conduit\community alerts\Alert.dll
Successfully deleted: [FILE] C:\Program Files (x86)\optimizer pro\English.ini
Successfully deleted: [FILE] C:\Program Files (x86)\optimizer pro\file_id.diz
Successfully deleted: [FILE] C:\Program Files (x86)\optimizer pro\HomePage.url
Successfully deleted: [FILE] C:\Program Files (x86)\optimizer pro\OptimizerPro.chm
Successfully deleted: [FILE] C:\Program Files (x86)\optimizer pro\OptProGuard.exe
Successfully deleted: [FILE] C:\Program Files (x86)\optimizer pro\OptProLauncher.exe
Successfully deleted: [FILE] C:\Program Files (x86)\optimizer pro\OptProReminder.exe
Successfully deleted: [FILE] C:\Program Files (x86)\optimizer pro\OptProSchedule.exe
Successfully deleted: [FILE] C:\Program Files (x86)\optimizer pro\OptProSmartScan.exe
Successfully deleted: [FILE] C:\Program Files (x86)\optimizer pro\OptProUninstaller.exe
Successfully deleted: [FILE] C:\Program Files (x86)\optimizer pro\scan.gif
Successfully deleted: [FILE] C:\Program Files (x86)\optimizer pro\sqlite3.dll
Successfully deleted: [FILE] C:\Program Files (x86)\optimizer pro\unins000.dat
Successfully deleted: [FILE] C:\Program Files (x86)\optimizer pro\unins000.exe
Successfully deleted: [FILE] C:\Program Files (x86)\optimizer pro\English.ini
Successfully deleted: [FILE] C:\Program Files (x86)\optimizer pro\file_id.diz
Successfully deleted: [FILE] C:\Program Files (x86)\optimizer pro\HomePage.url
Successfully deleted: [FILE] C:\Program Files (x86)\optimizer pro\OptimizerPro.chm
Successfully deleted: [FILE] C:\Program Files (x86)\optimizer pro\OptProGuard.exe
Successfully deleted: [FILE] C:\Program Files (x86)\optimizer pro\OptProLauncher.exe
Successfully deleted: [FILE] C:\Program Files (x86)\optimizer pro\OptProReminder.exe
Successfully deleted: [FILE] C:\Program Files (x86)\optimizer pro\OptProSchedule.exe
Successfully deleted: [FILE] C:\Program Files (x86)\optimizer pro\OptProSmartScan.exe
Successfully deleted: [FILE] C:\Program Files (x86)\optimizer pro\OptProUninstaller.exe
Successfully deleted: [FILE] C:\Program Files (x86)\optimizer pro\scan.gif
Successfully deleted: [FILE] C:\Program Files (x86)\optimizer pro\sqlite3.dll
Successfully deleted: [FILE] C:\Program Files (x86)\optimizer pro\unins000.dat
Successfully deleted: [FILE] C:\Program Files (x86)\optimizer pro\unins000.exe
Failed to delete: [FILE-LOCKED!] C:\eula.1028.txt
Failed to delete: [FILE-LOCKED!] C:\eula.1031.txt
Failed to delete: [FILE-LOCKED!] C:\eula.1033.txt
Failed to delete: [FILE-LOCKED!] C:\eula.1036.txt
Failed to delete: [FILE-LOCKED!] C:\eula.1040.txt
Failed to delete: [FILE-LOCKED!] C:\eula.1041.txt
Failed to delete: [FILE-LOCKED!] C:\eula.1042.txt
Failed to delete: [FILE-LOCKED!] C:\eula.2052.txt
Failed to delete: [FILE-LOCKED!] C:\install.res.1028.dll
Failed to delete: [FILE-LOCKED!] C:\install.res.1031.dll
Failed to delete: [FILE-LOCKED!] C:\install.res.1033.dll
Failed to delete: [FILE-LOCKED!] C:\install.res.1036.dll
Failed to delete: [FILE-LOCKED!] C:\install.res.1040.dll
Failed to delete: [FILE-LOCKED!] C:\install.res.1041.dll
Failed to delete: [FILE-LOCKED!] C:\install.res.1042.dll
Failed to delete: [FILE-LOCKED!] C:\install.res.2052.dll
Failed to delete: [FILE-LOCKED!] C:\install.res.3082.dll



*** Folders:

Successfully deleted: [FOLDER] "C:\Users\sfoege\appdata\local\conduit"
Successfully deleted: [FOLDER] "C:\Users\sfoege\appdata\locallow\conduit"
Successfully deleted: [FOLDER] "C:\Users\sfoege\appdata\locallow\pricegong"
Failed to delete: [FOLDER-LOCKED!] "C:\Program Files (x86)\conduit"
Failed to delete: [FOLDER-LOCKED!] "C:\Program Files (x86)\conduit\community alerts"
Failed to delete: [FOLDER-LOCKED!] "C:\Program Files (x86)\optimizer pro"
Failed to delete: [FOLDER-LOCKED!] "C:\Program Files (x86)\conduit"
Failed to delete: [FOLDER-LOCKED!] "C:\Program Files (x86)\conduit\community alerts"
Failed to delete: [FOLDER-LOCKED!] "C:\Program Files (x86)\optimizer pro"



*** Ask Toolbar: - Remnants removed

Successfully deleted: [VALUE] {00000000-6e41-4fd3-8538-502f5495e5fc} from: hkey_current_user\software\microsoft\internet explorer\urlsearchhooks
ERROR: Access is denied.

Failed to delete: [VALUE-LOCKED!] {d4027c7f-154a-4066-a1ad-4243d8127440} from: hkey_local_machine\software\microsoft\internet explorer\toolbar
ERROR: Access is denied.

Failed to delete: [KEY-LOCKED!] hkey_classes_root\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}
ERROR: Access is denied.

Failed to delete: [KEY-LOCKED!] hkey_classes_root\wow6432node\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}
Successfully deleted: [KEY] hkey_current_user\software\microsoft\windows\currentversion\ext\stats\{00000000-6e41-4fd3-8538-502f5495e5fc}
ERROR: Access is denied.

Failed to delete: [KEY-LOCKED!] hkey_local_machine\software\classes\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}
ERROR: Access is denied.

Failed to delete: [KEY-LOCKED!] hkey_local_machine\software\classes\wow6432node\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}
ERROR: Access is denied.

Failed to delete: [KEY-LOCKED!] hkey_local_machine\software\wow6432node\classes\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}
ERROR: Access is denied.

Failed to delete: [KEY-LOCKED!] hkey_classes_root\interface\{6c434537-053e-486d-b62a-160059d9d456}
ERROR: Access is denied.

Failed to delete: [KEY-LOCKED!] hkey_classes_root\wow6432node\interface\{6c434537-053e-486d-b62a-160059d9d456}
ERROR: Access is denied.

Failed to delete: [KEY-LOCKED!] hkey_local_machine\software\classes\interface\{6c434537-053e-486d-b62a-160059d9d456}
ERROR: Access is denied.

Failed to delete: [KEY-LOCKED!] hkey_local_machine\software\classes\wow6432node\interface\{6c434537-053e-486d-b62a-160059d9d456}
ERROR: Access is denied.

Failed to delete: [KEY-LOCKED!] hkey_classes_root\appid\{9b0cb95c-933a-4b8c-b6d4-edcd19a43874}
ERROR: Access is denied.

Failed to delete: [KEY-LOCKED!] hkey_classes_root\wow6432node\appid\{9b0cb95c-933a-4b8c-b6d4-edcd19a43874}
ERROR: Access is denied.

Failed to delete: [KEY-LOCKED!] hkey_local_machine\software\classes\appid\{9b0cb95c-933a-4b8c-b6d4-edcd19a43874}
ERROR: Access is denied.

Failed to delete: [KEY-LOCKED!] hkey_local_machine\software\classes\wow6432node\appid\{9b0cb95c-933a-4b8c-b6d4-edcd19a43874}
ERROR: Access is denied.

Failed to delete: [KEY-LOCKED!] hkey_local_machine\software\wow6432node\classes\appid\{9b0cb95c-933a-4b8c-b6d4-edcd19a43874}
ERROR: Access is denied.

Failed to delete: [KEY-LOCKED!] hkey_classes_root\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}
ERROR: Access is denied.

Failed to delete: [KEY-LOCKED!] hkey_classes_root\wow6432node\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}
Successfully deleted: [KEY] hkey_current_user\software\microsoft\windows\currentversion\ext\settings\{d4027c7f-154a-4066-a1ad-4243d8127440}
Successfully deleted: [KEY] hkey_current_user\software\microsoft\windows\currentversion\ext\stats\{d4027c7f-154a-4066-a1ad-4243d8127440}
ERROR: Access is denied.

Failed to delete: [KEY-LOCKED!] hkey_local_machine\software\classes\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}
ERROR: Access is denied.

Failed to delete: [KEY-LOCKED!] hkey_local_machine\software\classes\wow6432node\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}
ERROR: Access is denied.

Failed to delete: [KEY-LOCKED!] hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{d4027c7f-154a-4066-a1ad-4243d8127440}
ERROR: Access is denied.

Failed to delete: [KEY-LOCKED!] hkey_local_machine\software\wow6432node\classes\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}
ERROR: Access is denied.

Failed to delete: [KEY-LOCKED!] hkey_local_machine\software\wow6432node\microsoft\windows\currentversion\explorer\browser helper objects\{d4027c7f-154a-4066-a1ad-4243d8127440}
ERROR: Access is denied.

Failed to delete: [KEY-LOCKED!] "hkey_classes_root\genericasktoolbar.toolbarwnd"
ERROR: Access is denied.

Failed to delete: [KEY-LOCKED!] "hkey_classes_root\genericasktoolbar.toolbarwnd.1"
ERROR: Access is denied.

Failed to delete: [KEY-LOCKED!] "hkey_local_machine\software\classes\appid\genericasktoolbar.dll"
ERROR: Access is denied.

Failed to delete: [KEY-LOCKED!] "hkey_local_machine\software\classes\genericasktoolbar.toolbarwnd"
ERROR: Access is denied.

Failed to delete: [KEY-LOCKED!] "hkey_local_machine\software\classes\genericasktoolbar.toolbarwnd.1"
ERROR: Access is denied.

Failed to delete: [KEY-LOCKED!] "hkey_local_machine\software\classes\genericasktoolbar.toolbarwnd.1\clsid"
ERROR: Access is denied.

Failed to delete: [KEY-LOCKED!] "hkey_local_machine\software\classes\genericasktoolbar.toolbarwnd\clsid"
ERROR: Access is denied.

Failed to delete: [KEY-LOCKED!] "hkey_local_machine\software\classes\genericasktoolbar.toolbarwnd\curver"
Successfully deleted: [FILE] C:\Program Files (x86)\ask.com\cobrand.ico
Successfully deleted: [FILE] C:\Program Files (x86)\ask.com\config.xml
Successfully deleted: [FILE] C:\Program Files (x86)\ask.com\favicon.ico
Successfully deleted: [FILE] C:\Program Files (x86)\ask.com\fv_d8e1.ico
Successfully deleted: [FILE] C:\Program Files (x86)\ask.com\GenericAskToolbar.dll
Successfully deleted: [FILE] C:\Program Files (x86)\ask.com\mupcfg.xml
Successfully deleted: [FILE] C:\Program Files (x86)\ask.com\precache.exe
Successfully deleted: [FILE] C:\Program Files (x86)\ask.com\SaUpdate.exe
Successfully deleted: [FILE] C:\Program Files (x86)\ask.com\UpdateTask.exe
Successfully deleted: [FILE] C:\Program Files (x86)\ask.com\cobrand.ico
Successfully deleted: [FILE] C:\Program Files (x86)\ask.com\config.xml
Successfully deleted: [FILE] C:\Program Files (x86)\ask.com\favicon.ico
Successfully deleted: [FILE] C:\Program Files (x86)\ask.com\fv_d8e1.ico
Successfully deleted: [FILE] C:\Program Files (x86)\ask.com\GenericAskToolbar.dll
Successfully deleted: [FILE] C:\Program Files (x86)\ask.com\mupcfg.xml
Successfully deleted: [FILE] C:\Program Files (x86)\ask.com\precache.exe
Successfully deleted: [FILE] C:\Program Files (x86)\ask.com\SaUpdate.exe
Successfully deleted: [FILE] C:\Program Files (x86)\ask.com\UpdateTask.exe
Failed to delete: [FOLDER-LOCKED!] "C:\Program Files (x86)\ask.com"
Failed to delete: [FOLDER-LOCKED!] "C:\Program Files (x86)\ask.com"






*** Event Viewer Logs - Cleared





**************************************************************
Scan was completed on Thu 09/27/2012 at 22:55:51.64
End of Report

#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:17 PM

Posted 28 September 2012 - 08:34 AM

First, I could not find a program as "FSS" and you show "adware", is that the name of a program or should I use a program like NoAdware or SuperAntiSpyware?


Follow my instructions :)

#8 Jackman33

Jackman33
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:06:17 PM

Posted 28 September 2012 - 08:46 AM

I am trying to follow the instructions, but I need to know just what programs you are referring to. I have searched the net for "FSS" and find nothing that resembles this program name. Who is it written by, might give more of a clue as to what program you are referring to. Is "adware" the name a particular program and who is it written by?

Sorry I just don't understand!

#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:17 PM

Posted 28 September 2012 - 08:51 AM

FSS-Farbar service scanner

Adware cleaner-Author-Xplode

Right click on JUNKWARE tool-select-Run as administrator ,post the new log

Now post all the three logs in your reply

Edited by narenxp, 28 September 2012 - 08:52 AM.


#10 Jackman33

Jackman33
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:06:17 PM

Posted 28 September 2012 - 09:33 AM

Really sorry, but all I could find was FSS-Farber service scanner on the downloads at this website. Adware cleaner by Xplode and Junkware I could not find here or on the net.

I am sure you know what you are talking about because you work with it all the time. I have been working with computers since 1976 and once in awhile I still need directions.

#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:17 PM

Posted 28 September 2012 - 09:36 AM

I'm confused.Are you searching for download links? I have posted the link already.What other information do you need

http://general-changelog-team.fr/fr/downloads/finish/20-outils-de-xplode/2-adwcleaner

http://www.bleepingcomputer.com/download/farbar-service-scanner/dl/62/

Do you still need help?

Edited by narenxp, 28 September 2012 - 09:36 AM.


#12 Jackman33

Jackman33
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:06:17 PM

Posted 28 September 2012 - 10:20 AM

Sorry! I missed those links!!!

FSS file:

Farbar Service Scanner Version: 19-09-2012
Ran by sfoege (administrator) on 28-09-2012 at 09:46:32
Running from "C:\Users\sfoege\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
MpsSvc Service is not running. Checking service configuration:
The start type of MpsSvc service is OK.
The ImagePath of MpsSvc service is OK.
The ServiceDll of MpsSvc service is OK.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============
Checking Start type of SharedAccess: ATTENTION!=====> Unable to retrieve start type of SharedAccess. The value does not exist.
Checking ImagePath of SharedAccess: ATTENTION!=====> Unable to retrieve ImagePath of SharedAccess. The value does not exist.
Checking ServiceDll of SharedAccess: ATTENTION!=====> Unable to retrieve ServiceDll of SharedAccess. The value does not exist.


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

AdWare file:

# AdwCleaner v2.003 - Logfile created 09/28/2012 at 09:54:52
# Updated 23/09/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : sfoege - SFOEGE-PC
# Boot Mode : Normal
# Running from : C:\Users\sfoege\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Users\Public\Desktop\eBay.lnk
File Deleted : C:\Users\Public\Desktop\RebateGiant.com.url
File Deleted : C:\Users\Public\Desktop\RebateInformer.lnk
File Deleted : C:\Users\sfoege\AppData\Local\Temp\Uninstall.exe
Folder Deleted : C:\Program Files (x86)\Ask.com
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\Inbox Toolbar
Folder Deleted : C:\Program Files (x86)\Inbox.com
Folder Deleted : C:\Program Files (x86)\RebateInformer
Folder Deleted : C:\Program Files (x86)\WhiteSmoke_US_New
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inbox Toolbar
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RebateInformer
Folder Deleted : C:\Users\Noah\AppData\Local\Temp\boost_interprocess
Folder Deleted : C:\Users\Noah\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\Noah\AppData\LocalLow\RebateInformer
Folder Deleted : C:\Users\sfoege\AppData\Local\Temp\AskSearch
Folder Deleted : C:\Users\sfoege\AppData\Local\Temp\avg@toolbar
Folder Deleted : C:\Users\sfoege\AppData\Local\Temp\boost_interprocess
Folder Deleted : C:\Users\sfoege\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\sfoege\AppData\LocalLow\Inbox Toolbar
Folder Deleted : C:\Users\sfoege\AppData\LocalLow\RebateInformer
Folder Deleted : C:\Users\sfoege\AppData\LocalLow\WhiteSmoke_US_New
Folder Deleted : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

***** [Registry] *****

Key Deleted : HKCU\Software\APN
Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\WhiteSmoke_US_New
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\Ask.com.tmp
Key Deleted : HKCU\Software\Cr_Installer
Key Deleted : HKCU\Software\CToolbar
Key Deleted : HKCU\Software\Inbox Toolbar
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{462BE121-2B54-4218-BF00-B9BF8135B23F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CCB69577-088B-4004-9ED8-FF5BCC83A039}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{042DA63B-0933-403D-9395-B49307691690}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{462BE121-2B54-4218-BF00-B9BF8135B23F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7748CAF2-26F7-4B07-91CB-2A51B5FF2764}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCB69577-088B-4004-9ED8-FF5BCC83A039}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}
Key Deleted : HKLM\Software\APN
Key Deleted : HKLM\Software\AskToolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0003491.Sandbox
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0003491.Sandbox.1
Key Deleted : HKLM\SOFTWARE\Classes\CShared.TB4Client
Key Deleted : HKLM\SOFTWARE\Classes\CShared.TB4Script
Key Deleted : HKLM\SOFTWARE\Classes\CShared.TB4Server
Key Deleted : HKLM\SOFTWARE\Classes\CShared.TB4Server2
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\inbox
Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\rebinfo
Key Deleted : HKLM\SOFTWARE\Classes\RebateI.Rebate Informer BHO
Key Deleted : HKLM\SOFTWARE\Classes\RebateI.RebateInformImageGen
Key Deleted : HKLM\SOFTWARE\Classes\RebateInf.RebateInfObj
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3244149
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{438B047C-C041-4D15-98CF-A97C6B366C28}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{506F578A-91E1-46CE-830F-E2F4268E9966}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{615E8AA1-6BB8-4A3D-A1CC-373194DB612C}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{CBEF8724-D080-4737-88DA-111EEC6651AA}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\CToolbar
Key Deleted : HKLM\Software\Freeze.com
Key Deleted : HKLM\Software\Inbox Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7748CAF2-26F7-4B07-91CB-2A51B5FF2764}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKLM\Software\WhiteSmoke_US_New
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{042DA63B-0933-403D-9395-B49307691690}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{183643C8-EE67-4574-9A38-927852E34163}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{37540F19-DD4C-478B-B2DF-C19281BCAF27}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{462BE121-2B54-4218-BF00-B9BF8135B23F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4EF645BD-65B0-4F98-AD56-D0437B7045F6}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{54ECA872-DB2A-4C6B-BBB2-F3777C6786CC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{612AD33D-9824-4E87-8396-92374E91C4BB}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7748CAF2-26F7-4B07-91CB-2A51B5FF2764}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{8736C681-37A0-40C6-A0F0-4C083409151C}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AF808758-C780-404C-A4EE-4526323FD9B6}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CCB69577-088B-4004-9ED8-FF5BCC83A039}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DB35C569-5624-4CFC-8043-E5139F55A073}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{01C78433-6FDF-4E5A-A82D-B535C32E03DF}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{28C3737A-32D1-492D-B76B-8D75EBBFB887}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{41349826-5C7F-4BF0-8279-5DAF1DE6E9AE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{604EA016-1EDE-41E6-A23E-76CF8F2A4808}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B3BA5582-79A9-464D-A7FA-711C5888C6E9}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{CE057E0D-2D7E-4DFF-A890-07BA69B8C762}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E9BBD270-4B87-4EE2-912F-6635674986C0}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{612AD33D-9824-4E87-8396-92374E91C4BB}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B5135F41-F446-41C6-B92C-FC6D0CB9EEF4}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E55A6EB3-BD48-4425-BC93-CC294920FB3D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{462BE121-2B54-4218-BF00-B9BF8135B23F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CCB69577-088B-4004-9ED8-FF5BCC83A039}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4EF645BD-65B0-4F98-AD56-D0437B7045F6}_is1
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{612AD33D-9824-4E87-8396-92374E91C4BB}_is1
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WhiteSmoke_US_New Toolbar
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01C78433-6FDF-4E5A-A82D-B535C32E03DF}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{28C3737A-32D1-492D-B76B-8D75EBBFB887}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{41349826-5C7F-4BF0-8279-5DAF1DE6E9AE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{604EA016-1EDE-41E6-A23E-76CF8F2A4808}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B3BA5582-79A9-464D-A7FA-711C5888C6E9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CE057E0D-2D7E-4DFF-A890-07BA69B8C762}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E9BBD270-4B87-4EE2-912F-6635674986C0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApnUpdater
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{462BE121-2B54-4218-BF00-B9BF8135B23F}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D7E97865-918F-41E4-9CD0-25AB1C574CE8}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{D3D233D5-9F6D-436C-B6C7-E63F77503B30}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{462BE121-2B54-4218-BF00-B9BF8135B23F}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{462BE121-2B54-4218-BF00-B9BF8135B23F}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{D7E97865-918F-41E4-9CD0-25AB1C574CE8}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

Restored : [HKCU\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - SearchAssistant] = hxxp://inboxtoolbar.com/search/ie.aspx?tbid=80105 --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - CustomizeSearch] = hxxp://inboxtoolbar.com/help/sa_customize.aspx?tbid=80105 --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://inboxtoolbar.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=%tb_id&%language --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://inboxtoolbar.com/search/ie.aspx?tbid=80105 --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - CustomizeSearch] = hxxp://inboxtoolbar.com/help/sa_customize.aspx?tbid=80105 --> hxxp://www.google.com

*************************

AdwCleaner[S1].txt - [14783 octets] - [28/09/2012 09:54:52]

########## EOF - C:\AdwCleaner[S1].txt - [14844 octets] ##########

JRT file:

Junkware Removal Tool (JRT) by Thisisu
Version: 1.1.2 (09.28.2012)
OS: Windows 7 Home Premium x64
Ran by sfoege on Fri 09/28/2012 at 10:10:50.97
Blog: http://thisisudax.blogspot.com
**************************************************************




*** Registry Values: 0 Detections



*** Registry Keys:

Successfully deleted: [KEY] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}
Successfully deleted: [KEY] hkey_classes_root\clsid\{3c471948-f874-49f5-b338-4f214a2ee0b1}



*** Files:

Successfully deleted: [FILE] C:\Program Files (x86)\optimizer pro\English.ini
Successfully deleted: [FILE] C:\Program Files (x86)\optimizer pro\file_id.diz
Successfully deleted: [FILE] C:\Program Files (x86)\optimizer pro\HomePage.url
Successfully deleted: [FILE] C:\Program Files (x86)\optimizer pro\OptimizerPro.chm
Successfully deleted: [FILE] C:\Program Files (x86)\optimizer pro\OptProGuard.exe
Successfully deleted: [FILE] C:\Program Files (x86)\optimizer pro\OptProLauncher.exe
Successfully deleted: [FILE] C:\Program Files (x86)\optimizer pro\OptProReminder.exe
Successfully deleted: [FILE] C:\Program Files (x86)\optimizer pro\OptProSchedule.exe
Successfully deleted: [FILE] C:\Program Files (x86)\optimizer pro\OptProSmartScan.exe
Successfully deleted: [FILE] C:\Program Files (x86)\optimizer pro\OptProUninstaller.exe
Successfully deleted: [FILE] C:\Program Files (x86)\optimizer pro\scan.gif
Successfully deleted: [FILE] C:\Program Files (x86)\optimizer pro\sqlite3.dll
Successfully deleted: [FILE] C:\Program Files (x86)\optimizer pro\unins000.dat
Successfully deleted: [FILE] C:\Program Files (x86)\optimizer pro\unins000.exe
Successfully deleted: [FILE] C:\Program Files (x86)\optimizer pro\English.ini
Successfully deleted: [FILE] C:\Program Files (x86)\optimizer pro\file_id.diz
Successfully deleted: [FILE] C:\Program Files (x86)\optimizer pro\HomePage.url
Successfully deleted: [FILE] C:\Program Files (x86)\optimizer pro\OptimizerPro.chm
Successfully deleted: [FILE] C:\Program Files (x86)\optimizer pro\OptProGuard.exe
Successfully deleted: [FILE] C:\Program Files (x86)\optimizer pro\OptProLauncher.exe
Successfully deleted: [FILE] C:\Program Files (x86)\optimizer pro\OptProReminder.exe
Successfully deleted: [FILE] C:\Program Files (x86)\optimizer pro\OptProSchedule.exe
Successfully deleted: [FILE] C:\Program Files (x86)\optimizer pro\OptProSmartScan.exe
Successfully deleted: [FILE] C:\Program Files (x86)\optimizer pro\OptProUninstaller.exe
Successfully deleted: [FILE] C:\Program Files (x86)\optimizer pro\scan.gif
Successfully deleted: [FILE] C:\Program Files (x86)\optimizer pro\sqlite3.dll
Successfully deleted: [FILE] C:\Program Files (x86)\optimizer pro\unins000.dat
Successfully deleted: [FILE] C:\Program Files (x86)\optimizer pro\unins000.exe
Successfully deleted: [FILE] C:\eula.1028.txt
Successfully deleted: [FILE] C:\eula.1031.txt
Successfully deleted: [FILE] C:\eula.1033.txt
Successfully deleted: [FILE] C:\eula.1036.txt
Successfully deleted: [FILE] C:\eula.1040.txt
Successfully deleted: [FILE] C:\eula.1041.txt
Successfully deleted: [FILE] C:\eula.1042.txt
Successfully deleted: [FILE] C:\eula.2052.txt
Successfully deleted: [FILE] C:\install.res.1028.dll
Successfully deleted: [FILE] C:\install.res.1031.dll
Successfully deleted: [FILE] C:\install.res.1033.dll
Successfully deleted: [FILE] C:\install.res.1036.dll
Successfully deleted: [FILE] C:\install.res.1040.dll
Successfully deleted: [FILE] C:\install.res.1041.dll
Successfully deleted: [FILE] C:\install.res.1042.dll
Successfully deleted: [FILE] C:\install.res.2052.dll
Successfully deleted: [FILE] C:\install.res.3082.dll



*** Folders:

Successfully deleted: [FOLDER] "C:\ProgramData\speedypc software"
Successfully deleted: [FOLDER] "C:\Program Files (x86)\optimizer pro"



Removed the following from [PREFS.JS] :



*** Event Viewer Logs - Cleared





**************************************************************
Scan was completed on Fri 09/28/2012 at 10:11:06.32
End of Report

#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:17 PM

Posted 28 September 2012 - 10:22 AM

Run the services repair tool

http://kb.eset.com/library/ESET/KB%20Team%20Only/Malware/ServicesRepair.exe

Run Farbar service scanner again and post the new log


Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#14 Jackman33

Jackman33
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:06:17 PM

Posted 28 September 2012 - 11:00 AM

FSS file:

Farbar Service Scanner Version: 19-09-2012
Ran by sfoege (administrator) on 28-09-2012 at 10:36:29
Running from "C:\Users\sfoege\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is OK.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is OK.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

RKill file:

Rkill 2.4.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 09/28/2012 10:38:52 AM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

* SMTMP folder detected. Please see this link for more information: http://www.bleepingcomputer.com/forums/topic405109.html

* ALERT: ZEROACCESS rootkit symptoms found!

* HKEY_CLASSES_ROOT\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InprocServer32 [ZA Reg Hijack]
* HKEY_CLASSES_ROOT\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InprocServer32 [ZA Reg Hijack]
* HKEY_CLASSES_ROOT\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InprocServer32 [ZA Reg Hijack]
* C:\$Recycle.Bin\S-1-5-18\$1a089457445991a745f9a170e5fb3e41\ [ZA Dir]
* C:\$Recycle.Bin\S-1-5-18\$1a089457445991a745f9a170e5fb3e41\L\ [ZA Dir]
* C:\$Recycle.Bin\S-1-5-18\$1a089457445991a745f9a170e5fb3e41\L\00000004.@ [ZA File]
* C:\$Recycle.Bin\S-1-5-18\$1a089457445991a745f9a170e5fb3e41\L\201d3dde [ZA File]
* C:\$Recycle.Bin\S-1-5-18\$1a089457445991a745f9a170e5fb3e41\U\ [ZA Dir]
* C:\Windows\assembly\GAC_32\Desktop.ini [ZA File]
* C:\Windows\assembly\GAC_64\Desktop.ini [ZA File]

Checking Windows Service Integrity:

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Manual

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 09/28/2012 10:39:10 AM
Execution time: 0 hours(s), 0 minute(s), and 17 seconds(s)

Autoruns file:

"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" ""
+ "rdpclip" "" "" "File not found: rdpclip"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "APSDaemon" "Apple Push" "Apple Inc." "c:\program files (x86)\common files\apple\apple application support\apsdaemon.exe"
+ "ConnectionCenter" "Citrix online plug-in Connection Center" "Citrix Systems, Inc." "c:\program files (x86)\citrix\ica client\concentr.exe"
+ "Garmin Lifetime Updater" "Garmin Lifetime Updater" "Garmin" "c:\program files (x86)\garmin\lifetime updater\garminlifetime.exe"
+ "iTunesHelper" "iTunesHelper" "Apple Inc." "c:\program files (x86)\itunes\ituneshelper.exe"
+ "mcui_exe" "McAfee Security Center" "McAfee, Inc." "c:\program files\mcafee.com\agent\mcagent.exe"
+ "QuickTime Task" "QuickTime Task" "Apple Inc." "c:\program files (x86)\quicktime\qttask.exe"
+ "ROC_ROC_NT" "" "" "File not found: C:\Program Files (x86)\AVG Secure Search\ROC_ROC_NT.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "ISUSPM" "" "" "File not found: C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe"
+ "SUPERAntiSpyware" "SUPERAntiSpyware Application" "SUPERAntiSpyware.com" "c:\program files\superantispyware\superantispyware.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "application/x-mfe-ipt" "McAfee MSC IE plugin DLL" "McAfee, Inc." "c:\program files\mcafee\msc\mcsniepl64.dll"
"HKLM\SOFTWARE\Classes\Protocols\Handler" "" "" ""
+ "dssrequest" "SiteAdvisor" "McAfee, Inc." "c:\program files (x86)\mcafee\siteadvisor\x64\mcieplg.dll"
+ "sacore" "SiteAdvisor" "McAfee, Inc." "c:\program files (x86)\mcafee\siteadvisor\x64\mcieplg.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks" "" "" ""
+ "SABShellExecuteHook Class" "ShellExecuteHook" "SuperAdBlocker.com" "c:\program files (x86)\superantispyware\sasseh.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "McCtxMenuFrmWrk" "McAfee ContextMenu Framework" "McAfee, Inc." "c:\program files\mcafee\msc\mcctxmenufrmwrk.dll"
+ "SASContextMenu Class" "SUPERAntiSpyware Context Menu Extension" "SUPERAntiSpyware.com" "c:\program files\superantispyware\sasctxmn64.dll"
+ "StuffItContextMenuHandler" "StuffIt Shell Extension DLL" "Smith Micro Software, Inc." "c:\program files (x86)\smith micro\stuffit 2010\sxshellextx64.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "SASContextMenu Class" "SUPERAntiSpyware Context Menu Extension" "SUPERAntiSpyware.com" "c:\program files (x86)\superantispyware\sasctxmn.dll"
"HKLM\Software\Classes\*\ShellEx\PropertySheetHandlers" "" "" ""
+ "StuffIt_Property_Sheet" "StuffIt Shell Extension DLL" "Smith Micro Software, Inc." "c:\program files (x86)\smith micro\stuffit 2010\sxshellextx64.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "MOBK" "McAfee Online Backup Shell Extensions" "McAfee, Inc." "c:\program files (x86)\mcafee online backup\mobkshell.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "MOBK" "McAfee Online Backup Shell Extensions" "McAfee, Inc." "c:\program files (x86)\mcafee online backup\mobkshell.dll"
+ "SASContextMenu Class" "SUPERAntiSpyware Context Menu Extension" "SUPERAntiSpyware.com" "c:\program files\superantispyware\sasctxmn64.dll"
+ "StuffItContextMenuHandler" "StuffIt Shell Extension DLL" "Smith Micro Software, Inc." "c:\program files (x86)\smith micro\stuffit 2010\sxshellextx64.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "SASContextMenu Class" "SUPERAntiSpyware Context Menu Extension" "SUPERAntiSpyware.com" "c:\program files (x86)\superantispyware\sasctxmn.dll"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "StuffItDropMenuHandler" "StuffIt Shell Extension DLL" "Smith Micro Software, Inc." "c:\program files (x86)\smith micro\stuffit 2010\sxshellextx64.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "ACE" "AMD Desktop Control Panel" "Advanced Micro Devices, Inc." "c:\program files (x86)\ati technologies\ati.ace\core-static\atiacm64.dll"
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
+ "MOBK" "McAfee Online Backup Shell Extensions" "McAfee, Inc." "c:\program files (x86)\mcafee online backup\mobkshell.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "McCtxMenuFrmWrk" "McAfee ContextMenu Framework" "McAfee, Inc." "c:\program files\mcafee\msc\mcctxmenufrmwrk.dll"
+ "MOBK" "McAfee Online Backup Shell Extensions" "McAfee, Inc." "c:\program files (x86)\mcafee online backup\mobkshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "StuffItDropMenuHandler" "StuffIt Shell Extension DLL" "Smith Micro Software, Inc." "c:\program files (x86)\smith micro\stuffit 2010\sxshellextx64.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "MOBK" "McAfee Online Backup Shell Extensions" "McAfee, Inc." "c:\program files (x86)\mcafee online backup\mobkshell.dll"
+ "MOBK2" "McAfee Online Backup Shell Extensions" "McAfee, Inc." "c:\program files (x86)\mcafee online backup\mobkshell.dll"
+ "MOBK3" "McAfee Online Backup Shell Extensions" "McAfee, Inc." "c:\program files (x86)\mcafee online backup\mobkshell.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "McAfee Phishing Filter" "" "" "File not found: c:\PROGRA~1\mcafee\msk\MSKAPB~1.DLL"
+ "McAfee SiteAdvisor BHO" "SiteAdvisor" "McAfee, Inc." "c:\program files (x86)\mcafee\siteadvisor\x64\mcieplg.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "ALOT Appbar Helper" "ALOT Helper Dll" "Vertro, Inc" "c:\program files (x86)\alotappbar\bin\bho\alothelperbho.dll"
+ "Bing Bar BHO" "Bing Bar" "Microsoft Corporation" "c:\program files (x86)\msn toolbar\platform\6.0.2282.0\npwinext.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files (x86)\java\jre6\bin\jp2ssv.dll"
+ "McAfee Phishing Filter" "" "" "File not found: c:\progra~1\mcafee\msk\mskapbho.dll"
+ "McAfee SiteAdvisor BHO" "SiteAdvisor" "McAfee, Inc." "c:\program files (x86)\mcafee\siteadvisor\mcieplg.dll"
+ "Search Helper" "Search Helper for Internet Explorer" "Microsoft Corporation" "c:\program files (x86)\microsoft\search enhancement pack\search helper\sepsearchhelperie.dll"
+ "Windows Live Sign-in Helper" "WindowsLiveLogin.dll" "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKCU\Software\Microsoft\Internet Explorer\UrlSearchHooks" "" "" ""
+ "McAfee SiteAdvisor Toolbar" "SiteAdvisor" "McAfee, Inc." "c:\program files (x86)\mcafee\siteadvisor\x64\mcieplg.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "McAfee SiteAdvisor" "SiteAdvisor" "McAfee, Inc." "c:\program files (x86)\mcafee\siteadvisor\x64\mcieplg.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "@C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll,-100" "Bing Bar" "Microsoft Corporation" "c:\program files (x86)\msn toolbar\platform\6.0.2282.0\npwinext.dll"
+ "ALOT Appbar" "ALOT Helper Dll" "Vertro, Inc" "c:\program files (x86)\alotappbar\bin\alothelper.dll"
+ "McAfee SiteAdvisor" "SiteAdvisor" "McAfee, Inc." "c:\program files (x86)\mcafee\siteadvisor\mcieplg.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "&Blog This in Windows Live Writer" "Windows Live Writer Blog This Extension" "Microsoft Corporation" "c:\program files (x86)\windows live\writer\writerbrowserextension.dll"
"Task Scheduler" "" "" ""
+ "\Apple\AppleSoftwareUpdate" "Apple Software Update" "Apple Inc." "c:\program files (x86)\apple software update\softwareupdate.exe"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
+ "\Norton Security Scan for sfoege" "Norton Security Scan" "Symantec Corporation" "c:\program files (x86)\norton security scan\engine\3.1.1.6\nss.exe"
+ "\Scheduled Update for Ask Toolbar" "" "" "File not found: C:\Program Files (x86)\Ask.com\UpdateTask.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "!SASCORE" "SUPERAntiSpyware Core Service" "SUPERAntiSpyware.com" "c:\program files\superantispyware\sascore64.exe"
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "AlotService" "Periodically updates ALOT products" "Vertro Inc." "c:\users\sfoege\appdata\locallow\alotservice\alotservice.exe"
+ "AMD External Events Utility" "AMD External Events Service Module" "AMD" "c:\windows\system32\atiesrxx.exe"
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files (x86)\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "Bonjour Service" "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence." "Apple Inc." "c:\program files\bonjour\mdnsresponder.exe"
+ "cvhsvc" "Client Virtualization Handler Service (unlocalized description)" "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\virtualization handler\cvhsvc.exe"
+ "DsiWMIService" "Dritek WMI Service" "Dritek System Inc." "c:\program files (x86)\launch manager\dsiwmis.exe"
+ "ePowerSvc" "Acer ePower Service" "Acer Incorporated" "c:\program files\gateway\gateway power management\epowersvc.exe"
+ "GamesAppService" "WT Games App Services" "WildTangent, Inc." "c:\program files (x86)\wildtangent games\app\gamesappservice.exe"
+ "GREGService" "Global Registration Service" "Acer Incorporated" "c:\program files (x86)\gateway\registration\gregsvc.exe"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "IDriverT" "Provides support for the Running Object Table for InstallShield Drivers" "Macrovision Corporation" "c:\program files (x86)\common files\installshield\driver\11\intel 32\idrivert.exe"
+ "iPod Service" "iPod hardware management services" "Apple Inc." "c:\program files\ipod\bin\ipodservice.exe"
+ "McAfee SiteAdvisor Service" "McAfee SiteAdvisor Service" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McMPFSvc" "Helps protect your computer from intrusion and let's you manage your computer's trusted programs." "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "mcmscsvc" "McAfee Services" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McNaiAnn" "McAfee VirusScan Announcer" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McNASvc" "McAfee Network Agent" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McODS" "McAfee Scanner" "McAfee, Inc." "c:\program files\mcafee\virusscan\mcods.exe"
+ "McProxy" "McAfee Proxy Service" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McShield" "McAfee OnAccess Scanner" "McAfee, Inc." "c:\program files\common files\mcafee\systemcore\mcshield.exe"
+ "mfefire" "Provides firewall services to McAfee products" "McAfee, Inc." "c:\program files\common files\mcafee\systemcore\mfefire.exe"
+ "mfevtp" "Provides validation trust protection services" "McAfee, Inc." "c:\windows\system32\mfevtps.exe"
+ "MOBKbackup" "Backs up configured files to the McAfee Online Backup servers. Please do not stop or restart this service - it could corrupt your McAfee Online Backup installation." "McAfee, Inc." "c:\program files (x86)\mcafee online backup\mobkbackup.exe"
+ "MSK80Service" "This service filters e-mail messages on your computer" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "Nero BackItUp Scheduler 4.0" "Nero BackItUp Scheduler 4.0 is responsible to control all jobs created using Nero BackItUp. These jobs can create backups of selected files/folders/partitions or complete hard disk to hard disk, network drive, disc or FTP." "Nero AG" "c:\program files (x86)\common files\nero\nero backitup 4\nbservice.exe"
+ "NTI IScheduleSvc" "NTI IShadow Manage backup/Sync jobs and etc..." "NewTech Infosystems, Inc." "c:\program files (x86)\newtech infosystems\gateway mybackup\ischedulesvc.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"
+ "osppsvc" "Office Software Protection Platform Service (unlocalized description)" "Microsoft Corporation" "c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe"
+ "SeaPort" "Enables the detection, download and installation of up-to-date configuration files for Microsoft Search Enhancement applications. Also provides server communication for the customer experience improvement program. If this service is disabled, search enhancement features such as search history may not work correctly." "Microsoft Corporation" "c:\program files (x86)\microsoft\search enhancement pack\seaport\seaport.exe"
+ "sftlist" "Streams and manages applications." "Microsoft Corporation" "c:\program files (x86)\microsoft application virtualization client\sftlist.exe"
+ "sftvsa" "Monitors global service events and launches virtual services." "Microsoft Corporation" "c:\program files (x86)\microsoft application virtualization client\sftvsa.exe"
+ "Stuffit Archive Name Service" "StuffIt monitor for archive files" "Smith Micro Software, Inc." "c:\program files (x86)\smith micro\stuffit 2010\arcnameservice.exe"
+ "Updater Service" "Updater Service" "Acer Group" "c:\program files\gateway\gateway updater\updaterservice.exe"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdkmdag" "ATI Radeon Kernel Mode Driver" "ATI Technologies Inc." "c:\windows\system32\drivers\atipmdag.sys"
+ "amdkmdap" "AMD multi-vendor Miniport Driver" "Advanced Micro Devices, Inc." "c:\windows\system32\drivers\atikmpag.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "athr" "Atheros Extensible Wireless LAN device driver" "Atheros Communications, Inc." "c:\windows\system32\drivers\athrx.sys"
+ "AtiPcie" "AMD PCIE Filter Driver for ATI PCIE chipset" "Advanced Micro Devices Inc." "c:\windows\system32\drivers\atipcie.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "cfwids" "McAfee Personal Firewall IDS Plugin" "McAfee, Inc." "c:\windows\system32\drivers\cfwids.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "ctxusbm" "Citrix USB Filter Driver" "Citrix Systems, Inc." "c:\windows\system32\drivers\ctxusbm.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "grmnusb" "grmnusb.sys" "GARMIN Corp." "c:\windows\system32\drivers\grmnusb.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HipShieldK" "McAfee HIP IPS Driver" "McAfee, Inc." "c:\windows\system32\drivers\hipshieldk.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "IntcAzAudAddService" "Realtek® High Definition Audio Function Driver" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtkvhd64.sys"
+ "k57nd60a" "Broadcom NetLink ™ Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\k57nd60a.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "McPvDrv" "McAfee AntiTheft Driver" "McAfee, Inc." "c:\windows\system32\drivers\mcpvdrv.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "mfeapfk" "Access Protection Filter Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfeapfk.sys"
+ "mfeavfk" "Anti-Virus File System Filter Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfeavfk.sys"
+ "mfeavfk01" "" "" "File not found: C:\Windows\System32\Drivers\mfeavfk01.sys"
+ "mfefirek" "McAfee Core Firewall Engine Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfefirek.sys"
+ "mfehidk" "McAfee Link Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfehidk.sys"
+ "mferkdet" "McAfee Code Analysis Driver" "McAfee, Inc." "c:\windows\system32\drivers\mferkdet.sys"
+ "mfewfpk" "Anti-Virus Mini-Firewall Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfewfpk.sys"
+ "MOBKFilter" "McAfee Online Backup Change Monitor" "Mozy, Inc." "c:\windows\system32\drivers\mobk.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "NTIDrvr" "NTI CD-ROM Filter Driver" "NewTech Infosystems, Inc." "c:\windows\system32\drivers\ntidrvr.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "RSUSBSTOR" "Realtek USB Mass Storage Driver for 2K/XP/Vista/Win7" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtsustor.sys"
+ "RTHDMIAzAudService" "Realtek® High Definition Audio Function Driver" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rthdmivx.sys"
+ "SASDIFSV" "SASDIFSV64.SYS" "SUPERAdBlocker.com and SUPERAntiSpyware.com" "c:\program files\superantispyware\sasdifsv64.sys"
+ "SASENUM" "SASENUM.SYS" " SUPERAdBlocker.com and SUPERAntiSpyware.com" "c:\program files (x86)\superantispyware\sasenum.sys"
+ "SASKUTIL" "SASKUTIL64.SYS" "SUPERAdBlocker.com and SUPERAntiSpyware.com" "c:\program files\superantispyware\saskutil64.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "Ser2pl" "USB-to-Serial Cable Driver" "Prolific Technology Inc." "c:\windows\system32\drivers\ser2pl64.sys"
+ "Serial" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\serial.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "SynTP" "Synaptics Touchpad Driver" "Synaptics Incorporated" "c:\windows\system32\drivers\syntp.sys"
+ "UBHelper" "NTI CDROM Filter Driver" "NewTech Infosystems Corporation" "c:\windows\system32\drivers\ubhelper.sys"
+ "USBAAPL64" "Apple Mobile Device USB Driver" "Apple, Inc." "c:\windows\system32\drivers\usbaapl64.sys"
+ "usbfilter" "AMD USB Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\usbfilter.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "ATI Ticker" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\ticker.ax"
+ "Capture File Writer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "CyberLink Audio Decoder (PDVD9)" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd9\audiofilter\claud.ax"
+ "CyberLink Audio Effect (PDVD9)" "CyberLink Audio Effect Filter" "CyberLink Corporation" "c:\program files (x86)\cyberlink\powerdvd9\audiofilter\claudfx.ax"
+ "CyberLink Audio Spectrum Analyzer (PDVD9)" "CLAudSpa.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd9\audiofilter\claudspa.ax"
+ "CyberLink Audio Wizard" "CyberLink Audio Wizard Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd9\audiofilter\claudwizard.ax"
+ "CyberLink AudioCD Filter (PDVD9)" "CyberLink AudioCD Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd9\audiofilter\claudiocd.ax"
+ "Cyberlink Demuxer 2.0" "CLDemuxer2" "Cyberlink" "c:\program files (x86)\cyberlink\powerdvd9\navfilter\cldemuxer2.ax"
+ "CyberLink Digest Filter (PDVD9)" "DigestFilter Dynamic Link Library" "" "c:\program files (x86)\cyberlink\powerdvd9\digestfilter.dll"
+ "CyberLink DVD Navigator (PDVD9)" "CyberLink DVD Navigation Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd9\navfilter\clnavx.ax"
+ "CyberLink FLV Splitter (PDVD9)" "CyberLink FLV Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd9\navfilter\clflvsplitter.ax"
+ "CyberLink HD/BD Mixer (PDVD9)" "CLHBMixer" " " "c:\program files (x86)\cyberlink\powerdvd9\audiofilter\clhbmixer.ax"
+ "CyberLink Line21 Decoder (PDVD9)" "CyberLink Line21 Decoder Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd9\videofilter\clline21.ax"
+ "CyberLink Matroska Splitter (PDVD9)" "CyberLink Matroska Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd9\navfilter\clmkvsplter.ax"
+ "CyberLink MPEG-4 Splitter (PDVD9)" "CyberLink MPEG-4 Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd9\navfilter\clm4splt.ax"
+ "CyberLink RealAudio Decoder (PDVD9)" "CyberLink RealMedia Audio Decoder" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd9\audiofilter\clrmaud.ax"
+ "CyberLink RealMedia Splitter (PDVD9)" "CyberLink RealMedia Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd9\navfilter\clrmsplitter.ax"
+ "CyberLink RealVideo Decoder (PDVD9)" "CyberLink RealMedia Video Decoder" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd9\videofilter\clrmvd.ax"
+ "Cyberlink SubTitle Importor (PDVD9)" "CLSubTitle.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd9\videofilter\clsubtitle.ax"
+ "CyberLink TimeStretch Filter (PDVD9)" "CLAuTS.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd9\audiofilter\clauts.ax"
+ "CyberLink Tzan Filter (PDVD9)" "Cyberlink Tzan Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd9\videofilter\cltzan.ax"
+ "CyberLink Video/SP Decoder (PDVD9)" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd9\videofilter\clvsd.ax"
+ "MainConcept (Nikon) MPEG Audio Decoder" "MPEG Video and Audio Decoder" "MainConcept AG (Nikon)" "c:\program files (x86)\common files\nikon\mpeg\nikondsmpeg.ax"
+ "MainConcept (Nikon) MPEG Encoder" "MPEG Encoder and Muxer" "MainConcept AG (Nikon)" "c:\program files (x86)\common files\nikon\mpeg\nikonesmpeg.ax"
+ "MainConcept (Nikon) MPEG Video Decoder" "MPEG Video and Audio Decoder" "MainConcept AG (Nikon)" "c:\program files (x86)\common files\nikon\mpeg\nikondsmpeg.ax"
+ "MMACE Deinterlace" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "MMACE ProcAmp" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "MMACE SoftEmu" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "muvee Music Analyser" "Music Analyser Filter for muvee autoProducer" "muvee Technologies Pte Ltd" "c:\program files (x86)\common files\muvee technologies\030625\mvmanalyse.ax"
+ "muvee WAV Encoder" "mvWavEncoder Filter (Sample)" "Microsoft Corporation" "c:\program files (x86)\common files\muvee technologies\030625\mvwavenc.ax"
+ "QuickTime Source Filter" "QuickTimeSource Module" "" "c:\program files (x86)\common files\muvee technologies\030625\quicktimesource.dll"
+ "Record Queue" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WM VIH2 Fix" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT DV Extract Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
"HKCU\Control Panel\Desktop\Scrnsave.exe" "" "" ""
+ "C:\Windows\System32\Gateway.scr" "Screen Saver" "" "c:\windows\system32\gateway.scr"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files (x86)\bonjour\mdnsnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "HP A511 Status Monitor" "Print Status Language Monitor" "Hewlett-Packard Co." "c:\windows\system32\hpinkstsa511lm.dll"
+ "LIDIL hpzllwn7" "LanguageMonitor" "Hewlett-Packard Company" "c:\windows\system32\hpzllwn7.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order" "" "" ""
+ "PnSson" "Citrix Single Sign-on" "Citrix Systems, Inc." "c:\program files (x86)\citrix\ica client\x64\pnsson.dll"

#15 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:17 PM

Posted 28 September 2012 - 11:15 AM

Now run RKILL given in previous instructions and post the new log

Edited by narenxp, 28 September 2012 - 12:40 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users