Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Firefox keeps opening tabs to spam sites on click


  • Please log in to reply
9 replies to this topic

#1 Eight_Six

Eight_Six

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:02:12 AM

Posted 19 November 2012 - 09:40 PM

I have this weird problem for a few days now.

I'll try to describe my problem is bullet points.

1. I was searching something on google, i missclicked on a link that looked questionable by mistake. A new tab opened to some spam ad site. I clicked to close as soon as possible.
New pop up with javascript appears and asks me something about Leave Page - Stay. I press leave. I think i noticed a hickup in the browser at the time and i thought to myself if something happened.

2. At a random time a new tab appears to an ad site as i kept using firefox. It started to annoy me as the a new tab kept opening with spam ad

3. I thought that something is bad and started looking up to forums and tried the following

a. I had Nod32 5 installed and still instanlled, it's not picking up anything.

b. I ran TDDSkiller from Kaspersky and it finds nothing.

c. I ran Gmer and it finds nothing.

d. I ran MalwareBytes and it finds nothing.

e. I ran SuperAntiSpyware and it only finds Tracking Cookies that i repeatedly deleted without result.

f. I have tried Nod32 online scanner in case my local scanner is compromised and it picks nothing.

g. I have formatted the hard drive that holds the OS and reinstalled everything from scratch and still the same problem!

~The potential virus/malware acts like this.~

I can browse any sites without limitations, it doesn't prohibit me from accesing any antivirus or anti-malware sites and nothing may happen for 2-3 hours but suddenly when i click on the browser (on a tab, on a link, or even in empty space it doesnt matter really) it opens a tab to a spam ad site, it's always the same site with a varation of the ad. i can open thousands of tabs by clicking. If i open a new firefox this behaviour stops and starts after another 2-3 hours again!

After the first tab opens it keeps opening tabs after i do 6 or 7 clicks precisely at any site, link, tab or whatever even in empty space in my browser.

I thought formatting would solve this problem but its still the same. I don't even know if it's a virus but the site that keeps opening seems too focused to be coincidencial
I am at a wit's ends, i don't know what else to do :(

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:12 AM

Posted 19 November 2012 - 09:44 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 Eight_Six

Eight_Six
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:02:12 AM

Posted 19 November 2012 - 10:51 PM

TDSSkiller

04:50:07.0594 5660 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
04:50:07.0970 5660 ============================================================
04:50:07.0970 5660 Current date / time: 2012/11/20 04:50:07.0970
04:50:07.0970 5660 SystemInfo:
04:50:07.0970 5660
04:50:07.0970 5660 OS Version: 6.1.7601 ServicePack: 1.0
04:50:07.0970 5660 Product type: Workstation
04:50:07.0971 5660 ComputerName: HAPPYPEOPLE-PC
04:50:07.0971 5660 UserName: happypeople
04:50:07.0971 5660 Windows directory: C:\Windows
04:50:07.0971 5660 System windows directory: C:\Windows
04:50:07.0971 5660 Running under WOW64
04:50:07.0971 5660 Processor architecture: Intel x64
04:50:07.0971 5660 Number of processors: 8
04:50:07.0971 5660 Page size: 0x1000
04:50:07.0971 5660 Boot type: Normal boot
04:50:07.0971 5660 ============================================================
04:50:14.0669 5660 Drive \Device\Harddisk0\DR0 - Size: 0xDF99E6000 (55.90 Gb), SectorSize: 0x200, Cylinders: 0x1C81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
04:50:14.0751 5660 Drive \Device\Harddisk1\DR1 - Size: 0x1D1C1116000 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
04:50:14.0763 5660 ============================================================
04:50:14.0763 5660 \Device\Harddisk0\DR0:
04:50:14.0764 5660 MBR partitions:
04:50:14.0764 5660 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
04:50:14.0764 5660 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x6F99800
04:50:14.0764 5660 \Device\Harddisk1\DR1:
04:50:14.0765 5660 MBR partitions:
04:50:14.0765 5660 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E07800
04:50:14.0765 5660 ============================================================
04:50:14.0766 5660 C: <-> \Device\Harddisk0\DR0\Partition2
04:50:14.0791 5660 D: <-> \Device\Harddisk1\DR1\Partition1
04:50:14.0791 5660 ============================================================
04:50:14.0791 5660 Initialize success
04:50:14.0791 5660 ============================================================
04:51:31.0128 7360 ============================================================
04:51:31.0128 7360 Scan started
04:51:31.0128 7360 Mode: Manual; TDLFS;
04:51:31.0128 7360 ============================================================
04:51:31.0543 7360 ================ Scan system memory ========================
04:51:31.0543 7360 System memory - ok
04:51:31.0544 7360 ================ Scan services =============================
04:51:31.0548 7360 [ 581D88B25C4D4121824FED2CA38E562F ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
04:51:31.0550 7360 !SASCORE - ok
04:51:31.0590 7360 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
04:51:31.0593 7360 1394ohci - ok
04:51:31.0599 7360 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
04:51:31.0602 7360 ACPI - ok
04:51:31.0605 7360 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
04:51:31.0605 7360 AcpiPmi - ok
04:51:31.0612 7360 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
04:51:31.0616 7360 adp94xx - ok
04:51:31.0621 7360 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
04:51:31.0624 7360 adpahci - ok
04:51:31.0628 7360 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
04:51:31.0630 7360 adpu320 - ok
04:51:31.0636 7360 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
04:51:31.0636 7360 AeLookupSvc - ok
04:51:31.0642 7360 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
04:51:31.0645 7360 AFD - ok
04:51:31.0647 7360 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
04:51:31.0648 7360 agp440 - ok
04:51:31.0650 7360 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
04:51:31.0651 7360 ALG - ok
04:51:31.0653 7360 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
04:51:31.0653 7360 aliide - ok
04:51:31.0656 7360 [ 9C616BA191B80F5CD1A1B9553E107100 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
04:51:31.0657 7360 AMD External Events Utility - ok
04:51:31.0659 7360 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
04:51:31.0659 7360 amdide - ok
04:51:31.0661 7360 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
04:51:31.0662 7360 AmdK8 - ok
04:51:31.0723 7360 [ 5165E83751B8FF40E5E4925996FCC506 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
04:51:31.0775 7360 amdkmdag - ok
04:51:31.0780 7360 [ 86AB3CF484260C4318F3A6E8B035F422 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
04:51:31.0782 7360 amdkmdap - ok
04:51:31.0784 7360 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
04:51:31.0785 7360 AmdPPM - ok
04:51:31.0787 7360 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
04:51:31.0788 7360 amdsata - ok
04:51:31.0791 7360 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
04:51:31.0792 7360 amdsbs - ok
04:51:31.0794 7360 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
04:51:31.0794 7360 amdxata - ok
04:51:31.0796 7360 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
04:51:31.0797 7360 AppID - ok
04:51:31.0799 7360 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
04:51:31.0800 7360 AppIDSvc - ok
04:51:31.0802 7360 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
04:51:31.0803 7360 Appinfo - ok
04:51:31.0805 7360 [ BA957E7ACD2B44FA3B01FAA64F6A9060 ] AppleCharger C:\Windows\system32\DRIVERS\AppleCharger.sys
04:51:31.0805 7360 AppleCharger - ok
04:51:31.0807 7360 [ 95EF7247C50C7241FDAE39A9B3AFF4AE ] AppleChargerSrv C:\Windows\system32\AppleChargerSrv.exe
04:51:31.0808 7360 AppleChargerSrv - ok
04:51:31.0812 7360 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
04:51:31.0813 7360 AppMgmt - ok
04:51:31.0815 7360 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
04:51:31.0816 7360 arc - ok
04:51:31.0818 7360 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
04:51:31.0819 7360 arcsas - ok
04:51:31.0830 7360 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
04:51:31.0830 7360 aspnet_state - ok
04:51:31.0833 7360 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
04:51:31.0833 7360 AsyncMac - ok
04:51:31.0835 7360 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
04:51:31.0836 7360 atapi - ok
04:51:31.0839 7360 [ 24464B908E143D2561E9E452FEE97309 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
04:51:31.0840 7360 AtiHDAudioService - ok
04:51:31.0846 7360 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
04:51:31.0848 7360 AudioEndpointBuilder - ok
04:51:31.0854 7360 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
04:51:31.0856 7360 AudioSrv - ok
04:51:31.0860 7360 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
04:51:31.0861 7360 AxInstSV - ok
04:51:31.0866 7360 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
04:51:31.0869 7360 b06bdrv - ok
04:51:31.0872 7360 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
04:51:31.0874 7360 b57nd60a - ok
04:51:31.0877 7360 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
04:51:31.0879 7360 BDESVC - ok
04:51:31.0881 7360 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
04:51:31.0881 7360 Beep - ok
04:51:31.0888 7360 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
04:51:31.0891 7360 BFE - ok
04:51:31.0899 7360 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
04:51:31.0903 7360 BITS - ok
04:51:31.0905 7360 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
04:51:31.0905 7360 blbdrive - ok
04:51:31.0908 7360 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
04:51:31.0908 7360 bowser - ok
04:51:31.0911 7360 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
04:51:31.0911 7360 BrFiltLo - ok
04:51:31.0913 7360 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
04:51:31.0913 7360 BrFiltUp - ok
04:51:31.0916 7360 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
04:51:31.0917 7360 Browser - ok
04:51:31.0920 7360 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
04:51:31.0922 7360 Brserid - ok
04:51:31.0924 7360 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
04:51:31.0924 7360 BrSerWdm - ok
04:51:31.0926 7360 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
04:51:31.0927 7360 BrUsbMdm - ok
04:51:31.0928 7360 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
04:51:31.0929 7360 BrUsbSer - ok
04:51:31.0931 7360 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
04:51:31.0931 7360 BTHMODEM - ok
04:51:31.0934 7360 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
04:51:31.0935 7360 bthserv - ok
04:51:31.0938 7360 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
04:51:31.0938 7360 cdfs - ok
04:51:31.0941 7360 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
04:51:31.0942 7360 cdrom - ok
04:51:31.0944 7360 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
04:51:31.0945 7360 CertPropSvc - ok
04:51:31.0947 7360 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
04:51:31.0948 7360 circlass - ok
04:51:31.0952 7360 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
04:51:31.0954 7360 CLFS - ok
04:51:31.0961 7360 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
04:51:31.0961 7360 clr_optimization_v2.0.50727_32 - ok
04:51:31.0966 7360 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
04:51:31.0967 7360 clr_optimization_v2.0.50727_64 - ok
04:51:31.0975 7360 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
04:51:31.0976 7360 clr_optimization_v4.0.30319_32 - ok
04:51:31.0978 7360 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
04:51:31.0979 7360 clr_optimization_v4.0.30319_64 - ok
04:51:31.0981 7360 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
04:51:31.0981 7360 CmBatt - ok
04:51:31.0983 7360 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
04:51:31.0984 7360 cmdide - ok
04:51:31.0988 7360 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
04:51:31.0991 7360 CNG - ok
04:51:31.0993 7360 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
04:51:31.0993 7360 Compbatt - ok
04:51:31.0995 7360 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
04:51:31.0996 7360 CompositeBus - ok
04:51:31.0997 7360 COMSysApp - ok
04:51:32.0000 7360 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
04:51:32.0000 7360 crcdisk - ok
04:51:32.0004 7360 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
04:51:32.0005 7360 CryptSvc - ok
04:51:32.0010 7360 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
04:51:32.0013 7360 CSC - ok
04:51:32.0019 7360 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
04:51:32.0022 7360 CscService - ok
04:51:32.0028 7360 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
04:51:32.0030 7360 DcomLaunch - ok
04:51:32.0035 7360 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
04:51:32.0037 7360 defragsvc - ok
04:51:32.0039 7360 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
04:51:32.0040 7360 DfsC - ok
04:51:32.0044 7360 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
04:51:32.0045 7360 Dhcp - ok
04:51:32.0047 7360 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
04:51:32.0048 7360 discache - ok
04:51:32.0051 7360 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
04:51:32.0051 7360 Disk - ok
04:51:32.0053 7360 [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
04:51:32.0054 7360 dmvsc - ok
04:51:32.0057 7360 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
04:51:32.0058 7360 Dnscache - ok
04:51:32.0061 7360 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
04:51:32.0063 7360 dot3svc - ok
04:51:32.0066 7360 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
04:51:32.0067 7360 DPS - ok
04:51:32.0069 7360 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
04:51:32.0070 7360 drmkaud - ok
04:51:32.0078 7360 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
04:51:32.0083 7360 DXGKrnl - ok
04:51:32.0086 7360 [ D00EAE9C735A7DEE8049E50D73D25434 ] eamonm C:\Windows\system32\DRIVERS\eamonm.sys
04:51:32.0088 7360 eamonm - ok
04:51:32.0090 7360 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
04:51:32.0091 7360 EapHost - ok
04:51:32.0112 7360 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
04:51:32.0129 7360 ebdrv - ok
04:51:32.0132 7360 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
04:51:32.0132 7360 EFS - ok
04:51:32.0135 7360 [ E5EDDE3C8158DD0CBC5812F201DCDED0 ] ehdrv C:\Windows\system32\DRIVERS\ehdrv.sys
04:51:32.0136 7360 ehdrv - ok
04:51:32.0144 7360 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
04:51:32.0148 7360 ehRecvr - ok
04:51:32.0150 7360 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
04:51:32.0152 7360 ehSched - ok
04:51:32.0160 7360 [ AD4FAADE819E0DA9933BEA7C01D2C763 ] ekrn C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
04:51:32.0163 7360 ekrn - ok
04:51:32.0165 7360 [ A05FC7ECA0966EBB70E4D17B855A853B ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys
04:51:32.0166 7360 ElbyCDIO - ok
04:51:32.0171 7360 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
04:51:32.0173 7360 elxstor - ok
04:51:32.0177 7360 [ 587F0F4145A1536A6E37EFD769B7665F ] epfw C:\Windows\system32\DRIVERS\epfw.sys
04:51:32.0178 7360 epfw - ok
04:51:32.0180 7360 [ D2F812358EE8EE23CBB5C4DAFFB5B819 ] EpfwLWF C:\Windows\system32\DRIVERS\EpfwLWF.sys
04:51:32.0180 7360 EpfwLWF - ok
04:51:32.0182 7360 [ 34BF55D69AB74D14C7E7A17259CB7DF8 ] epfwwfp C:\Windows\system32\DRIVERS\epfwwfp.sys
04:51:32.0183 7360 epfwwfp - ok
04:51:32.0185 7360 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
04:51:32.0185 7360 ErrDev - ok
04:51:32.0191 7360 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
04:51:32.0193 7360 EventSystem - ok
04:51:32.0196 7360 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
04:51:32.0198 7360 exfat - ok
04:51:32.0200 7360 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
04:51:32.0202 7360 fastfat - ok
04:51:32.0208 7360 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
04:51:32.0212 7360 Fax - ok
04:51:32.0214 7360 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
04:51:32.0215 7360 fdc - ok
04:51:32.0217 7360 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
04:51:32.0218 7360 fdPHost - ok
04:51:32.0220 7360 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
04:51:32.0220 7360 FDResPub - ok
04:51:32.0222 7360 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
04:51:32.0223 7360 FileInfo - ok
04:51:32.0225 7360 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
04:51:32.0225 7360 Filetrace - ok
04:51:32.0227 7360 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
04:51:32.0227 7360 flpydisk - ok
04:51:32.0230 7360 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
04:51:32.0232 7360 FltMgr - ok
04:51:32.0241 7360 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
04:51:32.0247 7360 FontCache - ok
04:51:32.0250 7360 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
04:51:32.0251 7360 FontCache3.0.0.0 - ok
04:51:32.0253 7360 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
04:51:32.0253 7360 FsDepends - ok
04:51:32.0255 7360 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
04:51:32.0256 7360 Fs_Rec - ok
04:51:32.0259 7360 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
04:51:32.0260 7360 fvevol - ok
04:51:32.0262 7360 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
04:51:32.0263 7360 gagp30kx - ok
04:51:32.0264 7360 gdrv - ok
04:51:32.0271 7360 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
04:51:32.0276 7360 gpsvc - ok
04:51:32.0279 7360 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
04:51:32.0281 7360 gupdate - ok
04:51:32.0282 7360 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
04:51:32.0283 7360 gupdatem - ok
04:51:32.0285 7360 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
04:51:32.0285 7360 hcw85cir - ok
04:51:32.0290 7360 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
04:51:32.0292 7360 HdAudAddService - ok
04:51:32.0295 7360 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
04:51:32.0296 7360 HDAudBus - ok
04:51:32.0297 7360 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
04:51:32.0298 7360 HidBatt - ok
04:51:32.0301 7360 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
04:51:32.0301 7360 HidBth - ok
04:51:32.0304 7360 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
04:51:32.0304 7360 HidIr - ok
04:51:32.0306 7360 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
04:51:32.0307 7360 hidserv - ok
04:51:32.0311 7360 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
04:51:32.0311 7360 HidUsb - ok
04:51:32.0315 7360 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
04:51:32.0316 7360 hkmsvc - ok
04:51:32.0320 7360 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
04:51:32.0322 7360 HomeGroupListener - ok
04:51:32.0326 7360 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
04:51:32.0328 7360 HomeGroupProvider - ok
04:51:32.0331 7360 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
04:51:32.0332 7360 HpSAMD - ok
04:51:32.0338 7360 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
04:51:32.0342 7360 HTTP - ok
04:51:32.0344 7360 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
04:51:32.0345 7360 hwpolicy - ok
04:51:32.0348 7360 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
04:51:32.0348 7360 i8042prt - ok
04:51:32.0354 7360 [ C224331A54571C8C9162F7714400BBBD ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
04:51:32.0356 7360 iaStor - ok
04:51:32.0359 7360 [ 7D4B9A48430ED57ACA6373B71D5904CA ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
04:51:32.0360 7360 IAStorDataMgrSvc - ok
04:51:32.0364 7360 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
04:51:32.0367 7360 iaStorV - ok
04:51:32.0374 7360 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
04:51:32.0379 7360 idsvc - ok
04:51:32.0381 7360 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
04:51:32.0381 7360 iirsp - ok
04:51:32.0388 7360 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
04:51:32.0393 7360 IKEEXT - ok
04:51:32.0400 7360 [ 2D66067C7A8A0112156BCD1C0BAA7042 ] Intel® Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
04:51:32.0404 7360 Intel® Capability Licensing Service Interface - ok
04:51:32.0406 7360 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
04:51:32.0406 7360 intelide - ok
04:51:32.0409 7360 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
04:51:32.0409 7360 intelppm - ok
04:51:32.0411 7360 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
04:51:32.0413 7360 IPBusEnum - ok
04:51:32.0415 7360 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
04:51:32.0416 7360 IpFilterDriver - ok
04:51:32.0421 7360 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
04:51:32.0424 7360 iphlpsvc - ok
04:51:32.0427 7360 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
04:51:32.0428 7360 IPMIDRV - ok
04:51:32.0429 7360 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
04:51:32.0430 7360 IPNAT - ok
04:51:32.0432 7360 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
04:51:32.0433 7360 IRENUM - ok
04:51:32.0434 7360 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
04:51:32.0435 7360 isapnp - ok
04:51:32.0438 7360 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
04:51:32.0440 7360 iScsiPrt - ok
04:51:32.0442 7360 [ 6BCEF45131C8B8E1C558BE540B190B3C ] iusb3hcs C:\Windows\system32\DRIVERS\iusb3hcs.sys
04:51:32.0442 7360 iusb3hcs - ok
04:51:32.0446 7360 [ F080EADA8715F811B58BD35BB774F2F9 ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys
04:51:32.0448 7360 iusb3hub - ok
04:51:32.0455 7360 [ 0F1756D9396740F053221FA6260FCE66 ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys
04:51:32.0460 7360 iusb3xhc - ok
04:51:32.0463 7360 [ 166FC0B36842135BC2D3C32DF70ED0D6 ] jhi_service C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
04:51:32.0464 7360 jhi_service - ok
04:51:32.0466 7360 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
04:51:32.0466 7360 kbdclass - ok
04:51:32.0469 7360 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
04:51:32.0469 7360 kbdhid - ok
04:51:32.0471 7360 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
04:51:32.0471 7360 KeyIso - ok
04:51:32.0474 7360 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
04:51:32.0475 7360 KSecDD - ok
04:51:32.0478 7360 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
04:51:32.0479 7360 KSecPkg - ok
04:51:32.0481 7360 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
04:51:32.0481 7360 ksthunk - ok
04:51:32.0485 7360 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
04:51:32.0488 7360 KtmRm - ok
04:51:32.0490 7360 [ B8040D3B97B16B89701E31A17353856C ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
04:51:32.0491 7360 L1C - ok
04:51:32.0494 7360 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
04:51:32.0497 7360 LanmanServer - ok
04:51:32.0499 7360 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
04:51:32.0501 7360 LanmanWorkstation - ok
04:51:32.0504 7360 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
04:51:32.0505 7360 lltdio - ok
04:51:32.0509 7360 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
04:51:32.0511 7360 lltdsvc - ok
04:51:32.0513 7360 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
04:51:32.0514 7360 lmhosts - ok
04:51:32.0517 7360 [ C56E64BA70DC822B84D100A6F8D690D3 ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
04:51:32.0518 7360 LMS - ok
04:51:32.0522 7360 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
04:51:32.0523 7360 LSI_FC - ok
04:51:32.0525 7360 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
04:51:32.0526 7360 LSI_SAS - ok
04:51:32.0528 7360 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
04:51:32.0528 7360 LSI_SAS2 - ok
04:51:32.0531 7360 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
04:51:32.0532 7360 LSI_SCSI - ok
04:51:32.0534 7360 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
04:51:32.0535 7360 luafv - ok
04:51:32.0537 7360 [ B3B7C5F26F3F8C7992350B7EDE64F5C9 ] MagicTune C:\Windows\system32\drivers\MTiCtwl.sys
04:51:32.0538 7360 MagicTune - ok
04:51:32.0540 7360 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
04:51:32.0541 7360 Mcx2Svc - ok
04:51:32.0543 7360 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
04:51:32.0544 7360 megasas - ok
04:51:32.0547 7360 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
04:51:32.0549 7360 MegaSR - ok
04:51:32.0551 7360 [ 772A1DEEDFDBC244183B5C805D1B7D85 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
04:51:32.0552 7360 MEIx64 - ok
04:51:32.0557 7360 [ FAFE367D032ED82E9332B4C741A20216 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
04:51:32.0558 7360 Microsoft Office Groove Audit Service - ok
04:51:32.0560 7360 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
04:51:32.0562 7360 MMCSS - ok
04:51:32.0563 7360 [ BFFB0C93D9FB43CA42EF11C9240BFF7F ] Modem C:\Windows\system32\drivers\modem.sys
04:51:32.0564 7360 Modem - ok
04:51:32.0566 7360 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
04:51:32.0566 7360 monitor - ok
04:51:32.0568 7360 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
04:51:32.0569 7360 mouclass - ok
04:51:32.0571 7360 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
04:51:32.0571 7360 mouhid - ok
04:51:32.0573 7360 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
04:51:32.0574 7360 mountmgr - ok
04:51:32.0576 7360 [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
04:51:32.0578 7360 MozillaMaintenance - ok
04:51:32.0580 7360 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
04:51:32.0581 7360 mpio - ok
04:51:32.0584 7360 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
04:51:32.0585 7360 mpsdrv - ok
04:51:32.0592 7360 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
04:51:32.0596 7360 MpsSvc - ok
04:51:32.0599 7360 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
04:51:32.0600 7360 MRxDAV - ok
04:51:32.0603 7360 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
04:51:32.0604 7360 mrxsmb - ok
04:51:32.0607 7360 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
04:51:32.0609 7360 mrxsmb10 - ok
04:51:32.0612 7360 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
04:51:32.0613 7360 mrxsmb20 - ok
04:51:32.0614 7360 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
04:51:32.0615 7360 msahci - ok
04:51:32.0618 7360 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
04:51:32.0619 7360 msdsm - ok
04:51:32.0621 7360 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
04:51:32.0623 7360 MSDTC - ok
04:51:32.0626 7360 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
04:51:32.0626 7360 Msfs - ok
04:51:32.0628 7360 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
04:51:32.0629 7360 mshidkmdf - ok
04:51:32.0630 7360 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
04:51:32.0631 7360 msisadrv - ok
04:51:32.0634 7360 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
04:51:32.0635 7360 MSiSCSI - ok
04:51:32.0637 7360 msiserver - ok
04:51:32.0639 7360 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
04:51:32.0640 7360 MSKSSRV - ok
04:51:32.0641 7360 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
04:51:32.0642 7360 MSPCLOCK - ok
04:51:32.0643 7360 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
04:51:32.0644 7360 MSPQM - ok
04:51:32.0648 7360 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
04:51:32.0650 7360 MsRPC - ok
04:51:32.0653 7360 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
04:51:32.0654 7360 mssmbios - ok
04:51:32.0655 7360 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
04:51:32.0656 7360 MSTEE - ok
04:51:32.0657 7360 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
04:51:32.0658 7360 MTConfig - ok
04:51:32.0660 7360 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
04:51:32.0660 7360 Mup - ok
04:51:32.0665 7360 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
04:51:32.0669 7360 napagent - ok
04:51:32.0672 7360 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
04:51:32.0674 7360 NativeWifiP - ok
04:51:32.0682 7360 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
04:51:32.0687 7360 NDIS - ok
04:51:32.0689 7360 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
04:51:32.0690 7360 NdisCap - ok
04:51:32.0692 7360 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
04:51:32.0693 7360 NdisTapi - ok
04:51:32.0695 7360 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
04:51:32.0696 7360 Ndisuio - ok
04:51:32.0698 7360 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
04:51:32.0699 7360 NdisWan - ok
04:51:32.0701 7360 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
04:51:32.0702 7360 NDProxy - ok
04:51:32.0704 7360 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
04:51:32.0705 7360 NetBIOS - ok
04:51:32.0708 7360 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
04:51:32.0710 7360 NetBT - ok
04:51:32.0711 7360 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
04:51:32.0712 7360 Netlogon - ok
04:51:32.0716 7360 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
04:51:32.0719 7360 Netman - ok
04:51:32.0721 7360 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
04:51:32.0723 7360 NetMsmqActivator - ok
04:51:32.0725 7360 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
04:51:32.0725 7360 NetPipeActivator - ok
04:51:32.0730 7360 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
04:51:32.0732 7360 netprofm - ok
04:51:32.0734 7360 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
04:51:32.0735 7360 NetTcpActivator - ok
04:51:32.0737 7360 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
04:51:32.0737 7360 NetTcpPortSharing - ok
04:51:32.0740 7360 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
04:51:32.0740 7360 nfrd960 - ok
04:51:32.0744 7360 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
04:51:32.0747 7360 NlaSvc - ok
04:51:32.0748 7360 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
04:51:32.0749 7360 Npfs - ok
04:51:32.0751 7360 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
04:51:32.0752 7360 nsi - ok
04:51:32.0754 7360 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
04:51:32.0754 7360 nsiproxy - ok
04:51:32.0768 7360 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
04:51:32.0777 7360 Ntfs - ok
04:51:32.0779 7360 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
04:51:32.0779 7360 Null - ok
04:51:32.0782 7360 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
04:51:32.0783 7360 nvraid - ok
04:51:32.0786 7360 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
04:51:32.0787 7360 nvstor - ok
04:51:32.0790 7360 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
04:51:32.0791 7360 nv_agp - ok
04:51:32.0796 7360 [ 84DE1DD996B48B05ACE31AD015FA108A ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
04:51:32.0799 7360 odserv - ok
04:51:32.0802 7360 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
04:51:32.0802 7360 ohci1394 - ok
04:51:32.0805 7360 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
04:51:32.0806 7360 ose - ok
04:51:32.0811 7360 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
04:51:32.0814 7360 p2pimsvc - ok
04:51:32.0819 7360 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
04:51:32.0822 7360 p2psvc - ok
04:51:32.0824 7360 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
04:51:32.0825 7360 Parport - ok
04:51:32.0827 7360 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
04:51:32.0828 7360 partmgr - ok
04:51:32.0831 7360 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
04:51:32.0833 7360 PcaSvc - ok
04:51:32.0836 7360 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
04:51:32.0837 7360 pci - ok
04:51:32.0839 7360 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
04:51:32.0840 7360 pciide - ok
04:51:32.0843 7360 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
04:51:32.0844 7360 pcmcia - ok
04:51:32.0846 7360 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
04:51:32.0847 7360 pcw - ok
04:51:32.0852 7360 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
04:51:32.0856 7360 PEAUTH - ok
04:51:32.0867 7360 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
04:51:32.0874 7360 PeerDistSvc - ok
04:51:32.0894 7360 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
04:51:32.0895 7360 PerfHost - ok
04:51:32.0908 7360 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
04:51:32.0916 7360 pla - ok
04:51:32.0921 7360 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
04:51:32.0924 7360 PlugPlay - ok
04:51:32.0926 7360 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
04:51:32.0928 7360 PNRPAutoReg - ok
04:51:32.0931 7360 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
04:51:32.0933 7360 PNRPsvc - ok
04:51:32.0938 7360 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
04:51:32.0941 7360 PolicyAgent - ok
04:51:32.0945 7360 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
04:51:32.0947 7360 Power - ok
04:51:32.0950 7360 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
04:51:32.0951 7360 PptpMiniport - ok
04:51:32.0953 7360 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
04:51:32.0954 7360 Processor - ok
04:51:32.0957 7360 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
04:51:32.0959 7360 ProfSvc - ok
04:51:32.0961 7360 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
04:51:32.0961 7360 ProtectedStorage - ok
04:51:32.0964 7360 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
04:51:32.0965 7360 Psched - ok
04:51:32.0968 7360 [ BC08F7F3C53CBEE68670ED1314E290FD ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
04:51:32.0968 7360 PxHlpa64 - ok
04:51:32.0979 7360 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
04:51:32.0987 7360 ql2300 - ok
04:51:32.0990 7360 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
04:51:32.0991 7360 ql40xx - ok
04:51:32.0994 7360 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
04:51:32.0997 7360 QWAVE - ok
04:51:32.0999 7360 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
04:51:32.0999 7360 QWAVEdrv - ok
04:51:33.0001 7360 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
04:51:33.0002 7360 RasAcd - ok
04:51:33.0004 7360 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
04:51:33.0005 7360 RasAgileVpn - ok
04:51:33.0007 7360 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
04:51:33.0009 7360 RasAuto - ok
04:51:33.0011 7360 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
04:51:33.0012 7360 Rasl2tp - ok
04:51:33.0016 7360 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
04:51:33.0019 7360 RasMan - ok
04:51:33.0021 7360 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
04:51:33.0023 7360 RasPppoe - ok
04:51:33.0025 7360 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
04:51:33.0026 7360 RasSstp - ok
04:51:33.0029 7360 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
04:51:33.0031 7360 rdbss - ok
04:51:33.0033 7360 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
04:51:33.0033 7360 rdpbus - ok
04:51:33.0035 7360 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
04:51:33.0036 7360 RDPCDD - ok
04:51:33.0039 7360 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
04:51:33.0041 7360 RDPDR - ok
04:51:33.0043 7360 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
04:51:33.0043 7360 RDPENCDD - ok
04:51:33.0046 7360 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
04:51:33.0046 7360 RDPREFMP - ok
04:51:33.0049 7360 [ 70CBA1A0C98600A2AA1863479B35CB90 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
04:51:33.0049 7360 RdpVideoMiniport - ok
04:51:33.0053 7360 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
04:51:33.0054 7360 RDPWD - ok
04:51:33.0057 7360 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
04:51:33.0059 7360 rdyboost - ok
04:51:33.0061 7360 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
04:51:33.0063 7360 RemoteAccess - ok
04:51:33.0065 7360 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
04:51:33.0068 7360 RemoteRegistry - ok
04:51:33.0070 7360 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
04:51:33.0071 7360 RpcEptMapper - ok
04:51:33.0073 7360 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
04:51:33.0074 7360 RpcLocator - ok
04:51:33.0079 7360 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
04:51:33.0081 7360 RpcSs - ok
04:51:33.0084 7360 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
04:51:33.0085 7360 rspndr - ok
04:51:33.0087 7360 [ 407ACE94C8CE23871B630B9A17F92768 ] rzdaendpt C:\Windows\system32\DRIVERS\rzdaendpt.sys
04:51:33.0088 7360 rzdaendpt - ok
04:51:33.0090 7360 [ B047199A905DF30B69439C2703775978 ] rzudd C:\Windows\system32\DRIVERS\rzudd.sys
04:51:33.0091 7360 rzudd - ok
04:51:33.0093 7360 [ 6E79D499714DBC9792703ECDD664352F ] rzvkeyboard C:\Windows\system32\DRIVERS\rzvkeyboard.sys
04:51:33.0094 7360 rzvkeyboard - ok
04:51:33.0095 7360 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
04:51:33.0096 7360 s3cap - ok
04:51:33.0098 7360 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
04:51:33.0098 7360 SamSs - ok
04:51:33.0100 7360 [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
04:51:33.0101 7360 SASDIFSV - ok
04:51:33.0103 7360 [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
04:51:33.0103 7360 SASKUTIL - ok
04:51:33.0105 7360 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
04:51:33.0106 7360 sbp2port - ok
04:51:33.0109 7360 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
04:51:33.0111 7360 SCardSvr - ok
04:51:33.0114 7360 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
04:51:33.0115 7360 scfilter - ok
04:51:33.0123 7360 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
04:51:33.0130 7360 Schedule - ok
04:51:33.0132 7360 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
04:51:33.0133 7360 SCPolicySvc - ok
04:51:33.0136 7360 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
04:51:33.0138 7360 SDRSVC - ok
04:51:33.0140 7360 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
04:51:33.0140 7360 secdrv - ok
04:51:33.0142 7360 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
04:51:33.0144 7360 seclogon - ok
04:51:33.0146 7360 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
04:51:33.0147 7360 SENS - ok
04:51:33.0150 7360 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
04:51:33.0151 7360 SensrSvc - ok
04:51:33.0153 7360 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
04:51:33.0154 7360 Serenum - ok
04:51:33.0156 7360 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
04:51:33.0157 7360 Serial - ok
04:51:33.0164 7360 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
04:51:33.0164 7360 sermouse - ok
04:51:33.0170 7360 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
04:51:33.0172 7360 SessionEnv - ok
04:51:33.0174 7360 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
04:51:33.0174 7360 sffdisk - ok
04:51:33.0176 7360 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
04:51:33.0177 7360 sffp_mmc - ok
04:51:33.0178 7360 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
04:51:33.0179 7360 sffp_sd - ok
04:51:33.0180 7360 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
04:51:33.0181 7360 sfloppy - ok
04:51:33.0184 7360 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
04:51:33.0187 7360 SharedAccess - ok
04:51:33.0191 7360 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
04:51:33.0194 7360 ShellHWDetection - ok
04:51:33.0197 7360 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
04:51:33.0197 7360 SiSRaid2 - ok
04:51:33.0199 7360 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
04:51:33.0200 7360 SiSRaid4 - ok
04:51:33.0202 7360 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
04:51:33.0203 7360 Smb - ok
04:51:33.0207 7360 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
04:51:33.0208 7360 SNMPTRAP - ok
04:51:33.0210 7360 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
04:51:33.0211 7360 spldr - ok
04:51:33.0216 7360 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
04:51:33.0220 7360 Spooler - ok
04:51:33.0245 7360 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
04:51:33.0263 7360 sppsvc - ok
04:51:33.0266 7360 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
04:51:33.0268 7360 sppuinotify - ok
04:51:33.0272 7360 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
04:51:33.0275 7360 srv - ok
04:51:33.0279 7360 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
04:51:33.0282 7360 srv2 - ok
04:51:33.0285 7360 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
04:51:33.0286 7360 srvnet - ok
04:51:33.0289 7360 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
04:51:33.0291 7360 SSDPSRV - ok
04:51:33.0294 7360 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
04:51:33.0295 7360 SstpSvc - ok
04:51:33.0297 7360 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
04:51:33.0298 7360 stexstor - ok
04:51:33.0303 7360 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
04:51:33.0308 7360 stisvc - ok
04:51:33.0310 7360 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
04:51:33.0311 7360 storflt - ok
04:51:33.0313 7360 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
04:51:33.0314 7360 storvsc - ok
04:51:33.0316 7360 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
04:51:33.0316 7360 swenum - ok
04:51:33.0322 7360 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
04:51:33.0325 7360 SwitchBoard - ok
04:51:33.0331 7360 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
04:51:33.0335 7360 swprv - ok
04:51:33.0337 7360 [ C3A39C4079305480972D29C44B868C78 ] Synth3dVsc C:\Windows\system32\drivers\synth3dvsc.sys
04:51:33.0338 7360 Synth3dVsc - ok
04:51:33.0352 7360 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
04:51:33.0362 7360 SysMain - ok
04:51:33.0364 7360 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
04:51:33.0366 7360 TabletInputService - ok
04:51:33.0370 7360 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
04:51:33.0373 7360 TapiSrv - ok
04:51:33.0376 7360 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
04:51:33.0377 7360 TBS - ok
04:51:33.0391 7360 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
04:51:33.0401 7360 Tcpip - ok
04:51:33.0414 7360 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
04:51:33.0420 7360 TCPIP6 - ok
04:51:33.0423 7360 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
04:51:33.0424 7360 tcpipreg - ok
04:51:33.0427 7360 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
04:51:33.0428 7360 TDPIPE - ok
04:51:33.0430 7360 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
04:51:33.0430 7360 TDTCP - ok
04:51:33.0433 7360 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
04:51:33.0434 7360 tdx - ok
04:51:33.0436 7360 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
04:51:33.0436 7360 TermDD - ok
04:51:33.0438 7360 [ 2B5BDFF688EC9871D7EC5837833374E9 ] terminpt C:\Windows\system32\drivers\terminpt.sys
04:51:33.0439 7360 terminpt - ok
04:51:33.0445 7360 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
04:51:33.0450 7360 TermService - ok
04:51:33.0452 7360 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
04:51:33.0454 7360 Themes - ok
04:51:33.0456 7360 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
04:51:33.0457 7360 THREADORDER - ok
04:51:33.0460 7360 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
04:51:33.0461 7360 TrkWks - ok
04:51:33.0464 7360 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
04:51:33.0466 7360 TrustedInstaller - ok
04:51:33.0469 7360 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
04:51:33.0470 7360 tssecsrv - ok
04:51:33.0472 7360 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
04:51:33.0472 7360 TsUsbFlt - ok
04:51:33.0474 7360 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
04:51:33.0474 7360 TsUsbGD - ok
04:51:33.0477 7360 [ E1748D04AE40118B62BC18AC86032192 ] tsusbhub C:\Windows\system32\drivers\tsusbhub.sys
04:51:33.0478 7360 tsusbhub - ok
04:51:33.0481 7360 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
04:51:33.0482 7360 tunnel - ok
04:51:33.0484 7360 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
04:51:33.0485 7360 uagp35 - ok
04:51:33.0489 7360 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
04:51:33.0491 7360 udfs - ok
04:51:33.0495 7360 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
04:51:33.0497 7360 UI0Detect - ok
04:51:33.0499 7360 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
04:51:33.0500 7360 uliagpkx - ok
04:51:33.0502 7360 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
04:51:33.0503 7360 umbus - ok
04:51:33.0505 7360 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
04:51:33.0505 7360 UmPass - ok
04:51:33.0508 7360 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
04:51:33.0510 7360 UmRdpService - ok
04:51:33.0515 7360 [ 0F9E1BC7E2BEA1A4108EC9736CF0C2D9 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
04:51:33.0517 7360 UNS - ok
04:51:33.0521 7360 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
04:51:33.0524 7360 upnphost - ok
04:51:33.0527 7360 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
04:51:33.0528 7360 usbccgp - ok
04:51:33.0530 7360 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
04:51:33.0531 7360 usbcir - ok
04:51:33.0534 7360 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
04:51:33.0534 7360 usbehci - ok
04:51:33.0538 7360 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
04:51:33.0540 7360 usbhub - ok
04:51:33.0542 7360 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
04:51:33.0542 7360 usbohci - ok
04:51:33.0544 7360 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
04:51:33.0545 7360 usbprint - ok
04:51:33.0547 7360 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
04:51:33.0548 7360 USBSTOR - ok
04:51:33.0550 7360 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
04:51:33.0551 7360 usbuhci - ok
04:51:33.0553 7360 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
04:51:33.0554 7360 UxSms - ok
04:51:33.0556 7360 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
04:51:33.0557 7360 VaultSvc - ok
04:51:33.0560 7360 [ FD911873C0BB6945FA38C16E9A2B58F9 ] VClone C:\Windows\system32\DRIVERS\VClone.sys
04:51:33.0560 7360 VClone - ok
04:51:33.0563 7360 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
04:51:33.0563 7360 vdrvroot - ok
04:51:33.0568 7360 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
04:51:33.0572 7360 vds - ok
04:51:33.0575 7360 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
04:51:33.0575 7360 vga - ok
04:51:33.0577 7360 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
04:51:33.0578 7360 VgaSave - ok
04:51:33.0579 7360 VGPU - ok
04:51:33.0583 7360 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
04:51:33.0584 7360 vhdmp - ok
04:51:33.0602 7360 [ E8AF45C4FE2457D003E1842806F38748 ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
04:51:33.0613 7360 VIAHdAudAddService - ok
04:51:33.0615 7360 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
04:51:33.0616 7360 viaide - ok
04:51:33.0618 7360 [ 05D6657A9CCFD269D05D41BFFDCE9498 ] VIAKaraokeService C:\Windows\system32\viakaraokesrv.exe
04:51:33.0619 7360 VIAKaraokeService - ok
04:51:33.0622 7360 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
04:51:33.0624 7360 vmbus - ok
04:51:33.0626 7360 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
04:51:33.0626 7360 VMBusHID - ok
04:51:33.0629 7360 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
04:51:33.0629 7360 volmgr - ok
04:51:33.0633 7360 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
04:51:33.0635 7360 volmgrx - ok
04:51:33.0639 7360 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
04:51:33.0641 7360 volsnap - ok
04:51:33.0644 7360 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
04:51:33.0645 7360 vsmraid - ok
04:51:33.0657 7360 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
04:51:33.0666 7360 VSS - ok
04:51:33.0668 7360 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
04:51:33.0669 7360 vwifibus - ok
04:51:33.0673 7360 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
04:51:33.0676 7360 W32Time - ok
04:51:33.0679 7360 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
04:51:33.0680 7360 WacomPen - ok
04:51:33.0682 7360 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
04:51:33.0683 7360 WANARP - ok
04:51:33.0685 7360 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
04:51:33.0686 7360 Wanarpv6 - ok
04:51:33.0696 7360 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
04:51:33.0703 7360 WatAdminSvc - ok
04:51:33.0714 7360 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
04:51:33.0723 7360 wbengine - ok
04:51:33.0727 7360 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
04:51:33.0729 7360 WbioSrvc - ok
04:51:33.0733 7360 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
04:51:33.0736 7360 wcncsvc - ok
04:51:33.0739 7360 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
04:51:33.0740 7360 WcsPlugInService - ok
04:51:33.0742 7360 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
04:51:33.0743 7360 Wd - ok
04:51:33.0749 7360 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
04:51:33.0753 7360 Wdf01000 - ok
04:51:33.0756 7360 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
04:51:33.0758 7360 WdiServiceHost - ok
04:51:33.0760 7360 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
04:51:33.0761 7360 WdiSystemHost - ok
04:51:33.0765 7360 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
04:51:33.0768 7360 WebClient - ok
04:51:33.0771 7360 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
04:51:33.0774 7360 Wecsvc - ok
04:51:33.0776 7360 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
04:51:33.0778 7360 wercplsupport - ok
04:51:33.0780 7360 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
04:51:33.0782 7360 WerSvc - ok
04:51:33.0784 7360 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
04:51:33.0785 7360 WfpLwf - ok
04:51:33.0787 7360 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
04:51:33.0787 7360 WIMMount - ok
04:51:33.0788 7360 WinDefend - ok
04:51:33.0792 7360 WinHttpAutoProxySvc - ok
04:51:33.0799 7360 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
04:51:33.0801 7360 Winmgmt - ok
04:51:33.0816 7360 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
04:51:33.0828 7360 WinRM - ok
04:51:33.0837 7360 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
04:51:33.0843 7360 Wlansvc - ok
04:51:33.0845 7360 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
04:51:33.0846 7360 WmiAcpi - ok
04:51:33.0850 7360 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
04:51:33.0852 7360 wmiApSrv - ok
04:51:33.0853 7360 WMPNetworkSvc - ok
04:51:33.0856 7360 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
04:51:33.0857 7360 WPCSvc - ok
04:51:33.0860 7360 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
04:51:33.0862 7360 WPDBusEnum - ok
04:51:33.0864 7360 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
04:51:33.0864 7360 ws2ifsl - ok
04:51:33.0867 7360 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
04:51:33.0869 7360 wscsvc - ok
04:51:33.0871 7360 WSearch - ok
04:51:33.0890 7360 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
04:51:33.0903 7360 wuauserv - ok
04:51:33.0906 7360 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
04:51:33.0907 7360 WudfPf - ok
04:51:33.0910 7360 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
04:51:33.0912 7360 WUDFRd - ok
04:51:33.0914 7360 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
04:51:33.0916 7360 wudfsvc - ok
04:51:33.0919 7360 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
04:51:33.0922 7360 WwanSvc - ok
04:51:33.0929 7360 [ 4A5CE13408945E525503B5F73D29B9C5 ] xnacc C:\Windows\system32\DRIVERS\xnacc.sys
04:51:33.0933 7360 xnacc - ok
04:51:33.0936 7360 [ 2EE48CFCE7CA8E0DB4C44C7476C0943B ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys
04:51:33.0936 7360 xusb21 - ok
04:51:33.0938 7360 ================ Scan global ===============================
04:51:33.0940 7360 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
04:51:33.0943 7360 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
04:51:33.0947 7360 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
04:51:33.0950 7360 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
04:51:33.0955 7360 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
04:51:33.0957 7360 [Global] - ok
04:51:33.0957 7360 ================ Scan MBR ==================================
04:51:33.0958 7360 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
04:51:34.0121 7360 \Device\Harddisk0\DR0 - ok
04:51:34.0123 7360 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
04:51:34.0178 7360 \Device\Harddisk1\DR1 - ok
04:51:34.0179 7360 ================ Scan VBR ==================================
04:51:34.0183 7360 [ 2FD10083CBBE496967D762C2C8199F57 ] \Device\Harddisk0\DR0\Partition1
04:51:34.0184 7360 \Device\Harddisk0\DR0\Partition1 - ok
04:51:34.0187 7360 [ 19940F33EFBCF2559A497A07385162FF ] \Device\Harddisk0\DR0\Partition2
04:51:34.0188 7360 \Device\Harddisk0\DR0\Partition2 - ok
04:51:34.0191 7360 [ 389B658051874A6DC2C8CCD356DCEA7D ] \Device\Harddisk1\DR1\Partition1
04:51:34.0193 7360 \Device\Harddisk1\DR1\Partition1 - ok
04:51:34.0193 7360 ============================================================
04:51:34.0193 7360 Scan finished
04:51:34.0193 7360 ============================================================
04:51:34.0202 4808 Detected object count: 0
04:51:34.0202 4808 Actual detected object count: 0
04:58:13.0433 5648 Deinitialize success

aswMBR

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2012-11-20 04:53:18
-----------------------------
04:53:18.851 OS Version: Windows x64 6.1.7601 Service Pack 1
04:53:18.851 Number of processors: 8 586 0x3A09
04:53:18.851 ComputerName: HAPPYPEOPLE-PC UserName: happypeople
04:53:19.057 Initialize success
04:55:12.754 AVAST engine defs: 12111901
04:55:51.851 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
04:55:51.853 Disk 0 Vendor: OCZ-VERT 2.22 Size: 57241MB BusType: 3
04:55:51.854 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IAAStorageDevice-2
04:55:51.855 Disk 1 Vendor: ST2000DM CC4H Size: 1907729MB BusType: 3
04:55:51.856 Disk 0 MBR read successfully
04:55:51.857 Disk 0 MBR scan
04:55:51.860 Disk 0 Windows 7 default MBR code
04:55:51.862 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
04:55:51.865 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 57139 MB offset 206848
04:55:51.870 Disk 0 scanning C:\Windows\system32\drivers
04:55:56.048 Service scanning
04:56:02.982 Modules scanning
04:56:02.989 Disk 0 trace - called modules:
04:56:03.322 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll
04:56:03.326 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8009a26790]
04:56:03.331 3 CLASSPNP.SYS[fffff88001ce743f] -> nt!IofCallDriver -> [0xfffffa800732fb70]
04:56:03.335 5 ACPI.sys[fffff8800100b7a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa800732e050]
04:56:03.530 AVAST engine scan C:\Windows
04:56:03.920 AVAST engine scan C:\Windows\system32
04:57:05.206 AVAST engine scan C:\Windows\system32\drivers
04:57:10.472 AVAST engine scan C:\Users\happypeople
04:57:20.516 AVAST engine scan C:\ProgramData
04:57:28.436 Scan finished successfully
04:57:54.113 Disk 0 MBR has been saved successfully to "C:\MBR.dat"
04:57:54.116 The log file has been saved successfully to "C:\aswMBR.txt"

ESET online scanner

No Threats Found - (i disabled my local eset and windows defender before i scan since it complained)

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:12 AM

Posted 19 November 2012 - 11:18 PM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.

#5 Eight_Six

Eight_Six
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:02:12 AM

Posted 20 November 2012 - 12:14 AM

Malwarebytes

Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Database version: v2012.11.19.10

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
happypeople :: HAPPYPEOPLE-PC [administrator]

20/11/2012 6:07:03 πμ
mbam-log-2012-11-20 (06-07-03).txt

Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 740808
Time elapsed: 36 minute(s), 58 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

mini toolbox

MiniToolBox by Farbar Version: 10-11-2012 02
Ran by happypeople (administrator) on 20-11-2012 at 06:53:22
Windows 7 Ultimate Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20) = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : happypeople-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
Physical Address. . . . . . . . . : 90-2B-34-30-FB-19
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::912e:c410:ea73:8aeb%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.2.3(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : ƒœ¬«β¨˜, 19 Œ¦œ£™¨ε¦¬ 2012 11:53:36 ££
Lease Expires . . . . . . . . . . : ’œ«α¨«ž, 21 Œ¦œ£™¨ε¦¬ 2012 11:53:36 ££
Default Gateway . . . . . . . . . : 192.168.2.1
DHCP Server . . . . . . . . . . . : 192.168.2.1
DHCPv6 IAID . . . . . . . . . . . : 244329268
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-3C-C8-E8-90-2B-34-30-FB-19
DNS Servers . . . . . . . . . . . : 192.168.2.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{C0078A58-1156-4139-A71C-B22C6F9063A7}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fd:302d:2e1a:7212:79e1(Preferred)
Link-local IPv6 Address . . . . . : fe80::302d:2e1a:7212:79e1%13(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: netfaster.iad
Address: 192.168.2.1

Name: google.com
Addresses: 2a00:1450:4001:c01::8a
173.194.70.113
173.194.70.138
173.194.70.139
173.194.70.100
173.194.70.101
173.194.70.102


Pinging google.com [173.194.70.102] with 32 bytes of data:
Reply from 173.194.70.102: bytes=32 time=72ms TTL=46
Reply from 173.194.70.102: bytes=32 time=71ms TTL=46

Ping statistics for 173.194.70.102:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 71ms, Maximum = 72ms, Average = 71ms
Server: netfaster.iad
Address: 192.168.2.1

Name: yahoo.com
Addresses: 98.139.183.24
72.30.38.140
98.138.253.109


Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=202ms TTL=49
Reply from 98.138.253.109: bytes=32 time=254ms TTL=48

Ping statistics for 98.138.253.109:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 202ms, Maximum = 254ms, Average = 228ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
11...90 2b 34 30 fb 19 ......Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
1...........................Software Loopback Interface 1
12...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.2.1 192.168.2.3 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.2.0 255.255.255.0 On-link 192.168.2.3 276
192.168.2.3 255.255.255.255 On-link 192.168.2.3 276
192.168.2.255 255.255.255.255 On-link 192.168.2.3 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.2.3 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.2.3 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
13 58 ::/0 On-link
1 306 ::1/128 On-link
13 58 2001::/32 On-link
13 306 2001:0:5ef5:79fd:302d:2e1a:7212:79e1/128
On-link
11 276 fe80::/64 On-link
13 306 fe80::/64 On-link
13 306 fe80::302d:2e1a:7212:79e1/128
On-link
11 276 fe80::912e:c410:ea73:8aeb/128
On-link
1 306 ff00::/8 On-link
13 306 ff00::/8 On-link
11 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (11/20/2012 05:07:18 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/20/2012 05:07:17 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/20/2012 05:07:17 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/20/2012 05:00:33 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/20/2012 05:00:31 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/20/2012 05:00:31 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/20/2012 04:59:09 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/20/2012 04:58:56 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/20/2012 03:32:34 AM) (Source: Application Error) (User: )
Description: Faulting application name: RootkitRevealer.exe, version: 1.71.0.0, time stamp: 0x44e255aa
Faulting module name: RootkitRevealer.exe, version: 1.71.0.0, time stamp: 0x44e255aa
Exception code: 0xc0000005
Fault offset: 0x000040cd
Faulting process id: 0x1eec
Faulting application start time: 0xRootkitRevealer.exe0
Faulting application path: RootkitRevealer.exe1
Faulting module path: RootkitRevealer.exe2
Report Id: RootkitRevealer.exe3

Error: (11/20/2012 03:32:18 AM) (Source: Application Error) (User: )
Description: Faulting application name: RootkitRevealer.exe, version: 1.71.0.0, time stamp: 0x44e255aa
Faulting module name: RootkitRevealer.exe, version: 1.71.0.0, time stamp: 0x44e255aa
Exception code: 0xc0000005
Fault offset: 0x000040cd
Faulting process id: 0x1de0
Faulting application start time: 0xRootkitRevealer.exe0
Faulting application path: RootkitRevealer.exe1
Faulting module path: RootkitRevealer.exe2
Report Id: RootkitRevealer.exe3


System errors:
=============
Error: (11/20/2012 03:30:00 AM) (Source: Application Popup) (User: )
Description: \??\C:\Users\HAPPYP~1\AppData\Local\Temp\mbr.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (11/20/2012 03:01:45 AM) (Source: VDS Basic Provider) (User: )
Description: Unexpected failure. Error code: 490@01010004

Error: (11/19/2012 10:14:27 PM) (Source: VDS Basic Provider) (User: )
Description: Unexpected failure. Error code: 490@01010004

Error: (11/19/2012 09:42:52 PM) (Source: Service Control Manager) (User: )
Description: The Windows Modules Installer service terminated with the following error:
%%16405

Error: (11/20/2012 06:58:01 AM) (Source: Service Control Manager) (User: )
Description: The ESET Service service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

Error: (11/20/2012 06:43:28 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
AFD
CSC
DfsC
discache
NetBIOS
NetBT
nsiproxy
Psched
rdbss
spldr
tdx
Wanarpv6
WfpLwf

Error: (11/20/2012 06:43:28 AM) (Source: Service Control Manager) (User: )
Description: The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error:
%%1068

Error: (11/20/2012 06:43:28 AM) (Source: Service Control Manager) (User: )
Description: The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error:
%%1068

Error: (11/20/2012 06:43:28 AM) (Source: Service Control Manager) (User: )
Description: The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error:
%%1068

Error: (11/20/2012 06:43:28 AM) (Source: Service Control Manager) (User: )
Description: The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error:
%%31


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
Date: 2012-11-20 03:30:00.358
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\HAPPYP~1\AppData\Local\Temp\mbr.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-11-20 03:30:00.351
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\HAPPYP~1\AppData\Local\Temp\mbr.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


=========================== Installed Programs ============================

7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
ActiveState Komodo Edit 7.1.3 (Version: 7.1.3)
Adobe AIR (Version: 3.1.0.4880)
Adobe Creative Suite 6 Master Collection (Version: 6)
Adobe Flash Player 11 Plugin (Version: 11.5.502.110)
Adobe Help Manager (Version: 4.0.244)
Adobe Widget Browser (Version: 2.0 Build 348)
Adobe Widget Browser (Version: 2.0.348)
AMD Accelerated Video Transcoding (Version: 2.00.0002)
AMD APP SDK Runtime (Version: 10.0.938.1)
AMD Catalyst Install Manager (Version: 8.0.881.0)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Media Foundation Decoders (Version: 1.0.70611.1329)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (Version: 2.0.4.4)
bl (Version: 1.0.0)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center (Version: 2012.0611.1251.21046)
Catalyst Control Center Graphics Previews Common (Version: 2012.0611.1251.21046)
Catalyst Control Center InstallProxy (Version: 2012.0611.1251.21046)
Catalyst Control Center Localization All (Version: 2012.0611.1251.21046)
ccc-utility64 (Version: 2012.0611.1251.21046)
CCC Help Chinese Standard (Version: 2012.0611.1250.21046)
CCC Help Chinese Traditional (Version: 2012.0611.1250.21046)
CCC Help Czech (Version: 2012.0611.1250.21046)
CCC Help Danish (Version: 2012.0611.1250.21046)
CCC Help Dutch (Version: 2012.0611.1250.21046)
CCC Help English (Version: 2012.0611.1250.21046)
CCC Help Finnish (Version: 2012.0611.1250.21046)
CCC Help French (Version: 2012.0611.1250.21046)
CCC Help German (Version: 2012.0611.1250.21046)
CCC Help Greek (Version: 2012.0611.1250.21046)
CCC Help Hungarian (Version: 2012.0611.1250.21046)
CCC Help Italian (Version: 2012.0611.1250.21046)
CCC Help Japanese (Version: 2012.0611.1250.21046)
CCC Help Korean (Version: 2012.0611.1250.21046)
CCC Help Norwegian (Version: 2012.0611.1250.21046)
CCC Help Polish (Version: 2012.0611.1250.21046)
CCC Help Portuguese (Version: 2012.0611.1250.21046)
CCC Help Russian (Version: 2012.0611.1250.21046)
CCC Help Spanish (Version: 2012.0611.1250.21046)
CCC Help Swedish (Version: 2012.0611.1250.21046)
CCC Help Thai (Version: 2012.0611.1250.21046)
CCC Help Turkish (Version: 2012.0611.1250.21046)
ESET Online Scanner v3
ESET Smart Security (Version: 5.2.9.1)
FileZilla Client 3.6.0.1 (Version: 3.6.0.1)
Google Chrome (Version: 23.0.1271.64)
Google Update Helper (Version: 1.3.21.123)
Intel® Control Center (Version: 1.2.1.1007)
Intel® Management Engine Components (Version: 8.0.0.1351)
Intel® Rapid Storage Technology (Version: 11.0.0.1032)
Intel® USB 3.0 eXtensible Host Controller Driver (Version: 1.0.3.214)
Intel® Trusted Connect Service Client (Version: 1.23.216.0)
K-Lite Codec Pack 9.5.0 (Full) (Version: 9.5.0)
MagicTunePremium (Version: 4.0.14)
Malwarebytes Anti-Malware version 1.65.1.1000 (Version: 1.65.1.1000)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Enterprise 2007 (Version: 12.0.4518.1014)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.4518.1014)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (French) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Mozilla Firefox 16.0.2 (x86 en-US) (Version: 16.0.2)
Mozilla Maintenance Service (Version: 16.0.2)
ON_OFF Charge B11.1102.1 (Version: 1.00.0001)
PDF Settings CS6 (Version: 11.0)
ph (Version: 1.0.0)
Platform (Version: 1.39)
Razer Synapse 2.0 (Version: 1.6.1)
Samsung_MonSetup (Version: 1.00.0000)
SUPERAntiSpyware (Version: 5.6.1014)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
VIA Platform Device Manager (Version: 1.39)
VirtualCloneDrive
Windows Media Player Firefox Plugin (Version: 1.0.0.8)

========================= Memory info: ===================================

Percentage of memory in use: 64%
Total physical RAM: 8154.24 MB
Available physical RAM: 2886.69 MB
Total Pagefile: 16306.67 MB
Available Pagefile: 11028.21 MB
Total Virtual: 4095.88 MB
Available Virtual: 3967.64 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:55.8 GB) (Free:11.68 GB) NTFS
2 Drive d: () (Fixed) (Total:1863.01 GB) (Free:1449.54 GB) NTFS

========================= Users: ========================================

User accounts for \\HAPPYPEOPLE-PC

Administrator Guest happypeople

========================= Restore Points ==================================

19-11-2012 21:35:32 Installed Microsoft Office Enterprise 2007
19-11-2012 21:49:56 Installed ActiveState Komodo Edit 7.1.3
19-11-2012 22:03:59 Installed Windows Media Player Firefox Plugin

**** End of log ****

Farbar service scanner

Farbar Service Scanner Version: 09-11-2012
Ran by happypeople (administrator) on 20-11-2012 at 06:59:42
Running from "C:\Users\happypeople\Downloads"
Windows 7 Ultimate Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

adware cleaner

# AdwCleaner v2.008 - Logfile created 11/20/2012 at 07:03:09
# Updated 17/11/2012 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (64 bits)
# User : happypeople - HAPPYPEOPLE-PC
# Boot Mode : Normal
# Running from : C:\Users\happypeople\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****

Key Deleted : HKLM\SOFTWARE\Classes\S

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v16.0.2 (en-US)

Profile name : default
File : C:\Users\happypeople\AppData\Roaming\Mozilla\Firefox\Profiles\yfcgz6kr.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v [Unable to get version]

File : C:\Users\happypeople\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [914 octets] - [20/11/2012 07:03:09]

########## EOF - C:\AdwCleaner[S1].txt - [973 octets] ##########

Junkware Removal Tool

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 3.3.4 (11.19.2012)
OS: Windows 7 Ultimate x64
Ran by happypeople on ’¨  20/11/2012 at 7:09:55,83
Blog: http://thisisudax.blogspot.com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on ’¨  20/11/2012 at 7:12:17,12
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:12 AM

Posted 20 November 2012 - 12:17 AM

Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#7 Eight_Six

Eight_Six
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:02:12 AM

Posted 20 November 2012 - 12:29 AM

RKILL

Rkill 2.4.5 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 11/20/2012 07:20:39 AM in x64 mode.
Windows Version: Windows 7 Ultimate Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* Explorer Policy Removed: NoActiveDesktopChanges [HKLM]

Backup Registry file created at:
C:\Users\happypeople\Desktop\rkill\rkill-11-20-2012-07-20-40.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

* Windows Firewall Disabled

[HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = dword:00000000

Checking Windows Service Integrity:

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Manual

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 11/20/2012 07:20:43 AM
Execution time: 0 hours(s), 0 minute(s), and 3 seconds(s)

Autoruns

"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "AdobeAAMUpdater-1.0" "Adobe Updater Startup Utility" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\oobe\pdapp\uwa\updaterstartuputility.exe"
+ "egui" "ESET GUI" "ESET" "c:\program files\eset\eset smart security\egui.exe"
+ "MagicTuneEngine" "" "" "c:\program files\magictune premium\magictunelauncher.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "AdobeCS6ServiceManager" "Adobe CS6 Service Manager" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\cs6servicemanager\cs6servicemanager.exe"
+ "AMD AVT" "" "" "File not found: start"
+ "GrooveMonitor" "GrooveMonitor Utility" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office12\groovemonitor.exe"
+ "HDAudDeck" "VIA HD Audio CPL" "VIA" "c:\program files (x86)\via\viaudioi\vdeck\vdeck.exe"
+ "IAStorIcon" "IAStorIcon" "Intel Corporation" "c:\program files (x86)\intel\intel® rapid storage technology\iastoricon.exe"
+ "Razer Synapse" "Razer Synapse" "Razer USA Ltd" "c:\program files (x86)\razer\synapse\rzsynapse.exe"
+ "StartCCC" "Catalyst® Control Center Launcher" "Advanced Micro Devices, Inc." "c:\program files (x86)\ati technologies\ati.ace\core-static\clistart.exe"
+ "SwitchBoard" "SwitchBoard Server (32 bit)" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\switchboard\switchboard.exe"
+ "USB3MON" "Intel® USB 3.0 Monitor" "Intel Corporation" "c:\program files (x86)\intel\intel® usb 3.0 extensible host controller driver\application\iusb3mon.exe"
+ "VirtualCloneDrive" "Virtual CloneDrive Daemon" "Elaborate Bytes AG" "c:\program files (x86)\elaborate bytes\virtualclonedrive\vcddaemon.exe"
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "GammaTray.exe.lnk" "GammaTray MFC ?? ????" "" "c:\program files\magictune premium\gammatray.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "SUPERAntiSpyware" "SUPERAntiSpyware Application" "SUPERAntiSpyware.com" "c:\program files\superantispyware\superantispyware.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office12\msoxmlmf.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks" "" "" ""
+ "Groove GFS Stub Execution Hook" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office12\grooveshellextensions.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\program files\7-zip\7-zip.dll"
+ "ESET Smart Security - Context Menu Shell Extension" "Shell Extension" "ESET" "c:\program files\eset\eset smart security\shellext.dll"
+ "SASContextMenu Class" "SUPERAntiSpyware Context Menu Extension" "SUPERAntiSpyware.com" "c:\program files\superantispyware\sasctxmn64.dll"
+ "VirtualCloneDrive" "CloseTray" "Elaborate Bytes AG" "c:\program files (x86)\elaborate bytes\virtualclonedrive\elbyvcdshell.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "ESET Smart Security - Context Menu Shell Extension" "Shell Extension" "ESET" "c:\program files\eset\eset smart security\x86\shellext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office12\grooveshellextensions.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Wow6432Node\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "XXX Groove GFS Context Menu Handler XXX" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office12\grooveshellextensions.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\program files\7-zip\7-zip.dll"
+ "SASContextMenu Class" "SUPERAntiSpyware Context Menu Extension" "SUPERAntiSpyware.com" "c:\program files\superantispyware\sasctxmn64.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "XXX Groove GFS Context Menu Handler XXX" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office12\grooveshellextensions.dll"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\program files\7-zip\7-zip.dll"
"HKLM\Software\Classes\Directory\Shellex\CopyHookHandlers" "" "" ""
+ "FileZilla3CopyHook" "fzshellext Dynamic Link Library" "" "c:\program files (x86)\filezilla ftp client\fzshellext_64.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Shellex\CopyHookHandlers" "" "" ""
+ "FileZilla3CopyHook" "fzshellext Dynamic Link Library" "" "c:\program files (x86)\filezilla ftp client\fzshellext.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "ACE" "AMD Desktop Control Panel" "Advanced Micro Devices, Inc." "c:\program files (x86)\ati technologies\ati.ace\core-static\atiacm64.dll"
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office12\grooveshellextensions.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "ESET Smart Security - Context Menu Shell Extension" "Shell Extension" "ESET" "c:\program files\eset\eset smart security\shellext.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "ESET Smart Security - Context Menu Shell Extension" "Shell Extension" "ESET" "c:\program files\eset\eset smart security\x86\shellext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office12\grooveshellextensions.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office12\grooveshellextensions.dll"
+ "Groove Explorer Icon Overlay 2 (GFS Stub)" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office12\grooveshellextensions.dll"
+ "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office12\grooveshellextensions.dll"
+ "Groove Explorer Icon Overlay 3 (GFS Folder)" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office12\grooveshellextensions.dll"
+ "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office12\grooveshellextensions.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Groove GFS Browser Helper" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office12\grooveshellextensions.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "S&end to OneNote" "Microsoft Office OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office12\onbttnie.dll"
"Task Scheduler" "" "" ""
+ "\elbyExecuteWithUAC" "ElbyCDIO install helper process" "" "c:\program files (x86)\elaborate bytes\virtualclonedrive\executewithuac.exe"
+ "\GoogleUpdateTaskMachineCore" "Google Installer" "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskMachineUA" "Google Installer" "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "!SASCORE" "SUPERAntiSpyware Core Service" "SUPERAntiSpyware.com" "c:\program files\superantispyware\sascore64.exe"
+ "AMD External Events Utility" "AMD External Events Service Module" "AMD" "c:\windows\system32\atiesrxx.exe"
+ "AppleChargerSrv" "Apple mobile devices charging service" "" "c:\windows\system32\applechargersrv.exe"
+ "ekrn" "ESET Service" "ESET" "c:\program files\eset\eset smart security\x86\ekrn.exe"
+ "gupdate" "Διατηρεί ενημερωμένο το λογισμικό Google που διαθέτετε. Αν αυτή η υπηρεσία είναι απενεργοποιημένη ή έχει διακοπεί, το λογισμικό Google δεν θα διατηρείται ενημερωμένο, πράγμα που σημαίνει ότι δεν θα είναι δυνατή η επιδιόρθωση αδυναμιών ασφαλείας που μπορεί να εμφανιστούν και μπορεί να μην λειτουργούν ορισμένα χαρακτηριστικά. Η εγκατάσταση της υπηρεσίας καταργείται αυτόματα όταν δεν υπάρχει λογισμικό Google που να τη χρησιμοποιεί." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "gupdatem" "Διατηρεί ενημερωμένο το λογισμικό Google που διαθέτετε. Αν αυτή η υπηρεσία είναι απενεργοποιημένη ή έχει διακοπεί, το λογισμικό Google δεν θα διατηρείται ενημερωμένο, πράγμα που σημαίνει ότι δεν θα είναι δυνατή η επιδιόρθωση αδυναμιών ασφαλείας που μπορεί να εμφανιστούν και μπορεί να μην λειτουργούν ορισμένα χαρακτηριστικά. Η εγκατάσταση της υπηρεσίας καταργείται αυτόματα όταν δεν υπάρχει λογισμικό Google που να τη χρησιμοποιεί." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "IAStorDataMgrSvc" "Provides storage event notification and manages communication between the storage driver and user space applications." "Intel Corporation" "c:\program files (x86)\intel\intel® rapid storage technology\iastordatamgrsvc.exe"
+ "Intel® Capability Licensing Service Interface" "Version: 1.23.216.0" "Intel® Corporation" "c:\program files\intel\icls client\heciserver.exe"
+ "jhi_service" "Intel® Dynamic Application Loader Host Interface Service - Allows applications to access the local Intel ® DAL" "Intel Corporation" "c:\program files (x86)\intel\intel® management engine components\dal\jhi_service.exe"
+ "LMS" "Allows applications to access the local Intel® Management and Security Application using its locally-available selected network interfaces." "Intel Corporation" "c:\program files (x86)\intel\intel® management engine components\lms\lms.exe"
+ "Microsoft Office Groove Audit Service" "Groove Audit Service" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office12\grooveauditservice.exe"
+ "MozillaMaintenance" "The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled." "Mozilla Foundation" "c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe"
+ "odserv" "Run portions of Microsoft Office Diagnostics." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\office12\odserv.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"
+ "SwitchBoard" "Adobe SwitchBoard" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\switchboard\switchboard.exe"
+ "UNS" "Intel® Management and Security Application User Notification Service - Updates the Windows Event Log with notifications of pre defined events received from the local Intel® Management and Security Application Device." "Intel Corporation" "c:\program files (x86)\intel\intel® management engine components\uns\uns.exe"
+ "VIAKaraokeService" "Service binary" "VIA Technologies, Inc." "c:\windows\system32\viakaraokesrv.exe"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdkmdag" "ATI Radeon Kernel Mode Driver" "Advanced Micro Devices, Inc." "c:\windows\system32\drivers\atikmdag.sys"
+ "amdkmdap" "AMD multi-vendor Miniport Driver" "Advanced Micro Devices, Inc." "c:\windows\system32\drivers\atikmpag.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "AppleCharger" "Apple mobile devices charging program" "" "c:\windows\system32\drivers\applecharger.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "AtiHDAudioService" "AMD High Definition Audio Function Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\atihdw76.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "eamonm" "Eset file on-access scanner" "ESET" "c:\windows\system32\drivers\eamonm.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "ehdrv" "Eset Helper driver" "ESET" "c:\windows\system32\drivers\ehdrv.sys"
+ "ElbyCDIO" "ElbyCD Windows x64 I/O driver" "Elaborate Bytes AG" "c:\windows\system32\drivers\elbycdio.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "epfw" "EPFW Filter Driver" "ESET" "c:\windows\system32\drivers\epfw.sys"
+ "EpfwLWF" "Epfw NDIS LightWeight Filter" "ESET" "c:\windows\system32\drivers\epfwlwf.sys"
+ "epfwwfp" "EPFW Filter Driver" "ESET" "c:\windows\system32\drivers\epfwwfp.sys"
+ "gdrv" "" "" "File not found: C:\Windows\gdrv.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStor" "Intel Rapid Storage Technology driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastor.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "iusb3hcs" "Intel® USB 3.0 Host Controller Switch Driver" "Intel Corporation" "c:\windows\system32\drivers\iusb3hcs.sys"
+ "iusb3hub" "Intel® USB 3.0 Hub Driver" "Intel Corporation" "c:\windows\system32\drivers\iusb3hub.sys"
+ "iusb3xhc" "Intel® USB 3.0 eXtensible Host Controller Driver" "Intel Corporation" "c:\windows\system32\drivers\iusb3xhc.sys"
+ "L1C" "Atheros Ar81xx series PCI-E Gigabit Ethernet Controller" "Atheros Communications, Inc." "c:\windows\system32\drivers\l1c62x64.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "MagicTune" "MagicTunePremium Driver" "Samsung Electronics, Inc. " "c:\windows\system32\drivers\mtictwl.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "MEIx64" "Intel® Management Engine Interface" "Intel Corporation" "c:\windows\system32\drivers\hecix64.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "PxHlpa64" "Px Engine Device Driver for 64-bit Windows" "Rovi Corporation" "c:\windows\system32\drivers\pxhlpa64.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "rzdaendpt" "Razer RzEndPt" "Razer USA Ltd" "c:\windows\system32\drivers\rzdaendpt.sys"
+ "rzudd" "Razer Rzudd Engine" "Razer USA Ltd" "c:\windows\system32\drivers\rzudd.sys"
+ "rzvkeyboard" "Razer Keyboard Device" "Razer USA Ltd" "c:\windows\system32\drivers\rzvkeyboard.sys"
+ "SASDIFSV" "SASDIFSV64.SYS" "SUPERAdBlocker.com and SUPERAntiSpyware.com" "c:\program files\superantispyware\sasdifsv64.sys"
+ "SASKUTIL" "SASKUTIL64.SYS" "SUPERAdBlocker.com and SUPERAntiSpyware.com" "c:\program files\superantispyware\saskutil64.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "VClone" "VirtualCloneCD Driver" "Elaborate Bytes AG" "c:\windows\system32\drivers\vclone.sys"
+ "VGPU" "" "" "File not found: System32\drivers\rdvgkmd.sys"
+ "VIAHdAudAddService" "VIA High Definition Audio Function Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viahduaa.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "AMD MJPEG Decoder" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI MPEG Audio Encoder" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI MPEG File Writer" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI MPEG Multiplexer" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI MPEG Video Decoder" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI MPEG Video Encoder" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI Video Rotation Filter" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI Video Scaler Filter" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "AC3File" "" "" "c:\program files (x86)\k-lite codec pack\filters\ac3file.ax"
+ "AMD MJPEG Decoder" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI MPEG Audio Encoder" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI MPEG File Writer" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI MPEG Multiplexer" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI MPEG Video Decoder" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI MPEG Video Encoder" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI Ticker" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\ticker.ax"
+ "ATI Video Rotation Filter" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI Video Scaler Filter" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll"
+ "DC-Bass Source" "BASS based DirectShow™ Audio Decoder" "http://www.dsp-worx.de" "c:\program files (x86)\k-lite codec pack\filters\dcbass\dcbasssourcemod.ax"
+ "DirectVobSub" "VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth" "xy-VSFilter Team" "c:\program files (x86)\k-lite codec pack\filters\vsfilter.dll"
+ "DirectVobSub (auto-loading version)" "VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth" "xy-VSFilter Team" "c:\program files (x86)\k-lite codec pack\filters\vsfilter.dll"
+ "ffdshow Audio Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\k-lite codec pack\filters\ffdshow\ffdshow.ax"
+ "ffdshow Audio Processor" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\k-lite codec pack\filters\ffdshow\ffdshow.ax"
+ "ffdshow raw video filter" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\k-lite codec pack\filters\ffdshow\ffdshow.ax"
+ "ffdshow subtitles filter" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\k-lite codec pack\filters\ffdshow\ffdshow.ax"
+ "ffdshow Video Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\k-lite codec pack\filters\ffdshow\ffdshow.ax"
+ "File Source (Monkey Audio)" "" "" "c:\program files (x86)\k-lite codec pack\filters\monkeysource.ax"
+ "Haali Matroska Muxer" "Haali Media Splitter" "" "c:\program files (x86)\k-lite codec pack\filters\haali\splitter.ax"
+ "Haali Media Splitter" "Haali Media Splitter" "" "c:\program files (x86)\k-lite codec pack\filters\haali\splitter.ax"
+ "Haali Media Splitter (AR)" "Haali Media Splitter" "" "c:\program files (x86)\k-lite codec pack\filters\haali\splitter.ax"
+ "Haali Simple Media Splitter" "Haali Media Splitter" "" "c:\program files (x86)\k-lite codec pack\filters\haali\splitter.ax"
+ "Haali Video Renderer" "" "" "c:\program files (x86)\k-lite codec pack\filters\haali\dxr.dll"
+ "Haali Video Sink" "Haali Media Splitter" "" "c:\program files (x86)\k-lite codec pack\filters\haali\splitter.ax"
+ "LAV Audio Decoder" "LAV Audio Decoder - DirectShow Audio Decoder" "1f0.de - Hendrik Leppkes" "c:\program files (x86)\k-lite codec pack\filters\lav\lavaudio.ax"
+ "LAV Splitter" "LAV Splitter - DirectShow Media Splitter" "1f0.de - Hendrik Leppkes" "c:\program files (x86)\k-lite codec pack\filters\lav\lavsplitter.ax"
+ "LAV Splitter Source" "LAV Splitter - DirectShow Media Splitter" "1f0.de - Hendrik Leppkes" "c:\program files (x86)\k-lite codec pack\filters\lav\lavsplitter.ax"
+ "LAV Video Decoder" "LAV Video Decoder - DirectShow Video Decoder" "1f0.de - Hendrik Leppkes" "c:\program files (x86)\k-lite codec pack\filters\lav\lavvideo.ax"
+ "madFlac Decoder" "DirectShow FLAC Decoder" "www.madshi.net" "c:\program files (x86)\k-lite codec pack\filters\madflac.ax"
+ "madFlac Source" "DirectShow FLAC Decoder" "www.madshi.net" "c:\program files (x86)\k-lite codec pack\filters\madflac.ax"
+ "madVR" "madshi's D3D9 based video renderer" "madshi.net" "c:\program files (x86)\k-lite codec pack\filters\madvr\madvr.ax"
+ "MMACE Deinterlace" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "MMACE ProcAmp" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "MMACE SoftEmu" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "T" "VP7 Decompression Filter" "On2.com Inc." "c:\program files (x86)\k-lite codec pack\filters\vp7dec.ax"

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:12 AM

Posted 20 November 2012 - 12:37 AM

Try this

Export your bookmarks from firefox

http://support.mozilla.org/en-US/kb/export-firefox-bookmarks-to-backup-or-transfer

After exporting it

Uninstall firefox

Makesure to checkmark Remove my personal data option

Reinstall firefox and import your bookmarks

Let me know if you still have spam ads.

#9 Legbiter

Legbiter

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:02:12 AM

Posted 23 January 2013 - 03:05 PM

@narenxp
Just cured a problem that sounds similar, but simpler. Clicking anywhere on browser, (URL bar, a tab, search parameters, buttons within page etc), would open a spam tab.
Running the program you suggested fixed it straight off, (the scan took almost two hours as it seems to almost stop in deference to other CPU demands).

ESET online scanner www.download.eset.com/special/eos/esetsmartinstaller_enu.exe

I thought I was looking at days of web trolling and hours of experimenting. Instead couple of clicks and we're done.

Thanks heaps.

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:12 AM

Posted 26 January 2013 - 11:26 AM

Legbiter

Thankyou for letting me know




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users