Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I downloaded the fake adobe flash update. How do I clean my computer?


  • Please log in to reply
12 replies to this topic

#1 grenada_chica

grenada_chica

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:12:32 AM

Posted 09 February 2013 - 02:49 PM

I downloaded the fake Adobe flash player update  and now my computer is infected.My Mcafee firewall wouldn't stay on.  I ran Malware-Bytes. I re-downloaded  Mcafee and it seems ok now. I deleted adobe from my computer and I redownloaded  it from Adobe website. I ran a few other virus scans as well. I don't think I got rid of the virus though. I am still getting pop-ups of the fake Adobe update.Please Help!!! Thanks!



BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:32 AM

Posted 09 February 2013 - 03:11 PM

  • Please download TDSSKiller from here and save it to your Desktop
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters




  • Check Loaded Modules  and Detect TDLFS file systemDo not check Verify file digital signatures (even though it is checked in the example)
  • If you are asked to reboot because an "Extended Monitoring Driver is required" please click Reboot now




  • Click Start Scan and allow the scan process to run

  • If threats are detected select Skip for all of them unless I instruct you otherwise
  • Click Continue




  • Click Reboot computer
  • Please post the contents of  TDSSKiller.[Version]_[Date]_[Time]_log.txt found in your root directory (typically c:\)in your reply


===================================================


aswMBR

--------------------

  • Download aswMBR and save it to your desktop.
  • Please disable your real time protection of any Antivirus, Antispyware or Antimalware programs temporarily. They will interfere and may cause unexpected results.
  • If you need help to disable your protection programs see here and here.
  • Double click the aswMBR.exe file to run it. Please allow when you are asked to download AVAST antivirus engine defs.
  • Wait until the AV update is done, then click on the Scan button to start. The program will launch a scan.



  • When done, you will see Scan finished successfully. Please click on Save log and save the file to your desktop.



  • Please post the contents of the log in your next reply.

NOTE:  aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.


===================================================


ESET Online Scanner

--------------------

I'd like us to scan your machine with ESET OnlineScan  This process may may take several hours, that is normal

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the   button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the icon on your desktop.

  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:

    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Copy and paste the information in your next reply.   Note:  If no malware was found you will not get a log.
  • Click the Back button.
  • Click the Finish button.


===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • TDSSKiller log
  • aswMBR log
  • ESET results

 



#3 grenada_chica

grenada_chica
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:12:32 AM

Posted 09 February 2013 - 04:19 PM

Thanks for your help!

 

I ran the TDSSkiller  and aswMBRa little while ago.I read it on a post somewhere before . I am not sure if i clicked on the loaded modules part on the TDSSkiller , but this is the result i got.....


 

13:52:11.0667 4936  TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35


 

13:52:12.0010 4936  ============================================================


 

13:52:12.0010 4936  Current date / time: 2013/02/09 13:52:12.0010


 

13:52:12.0010 4936  SystemInfo:


 

13:52:12.0010 4936 


 

13:52:12.0010 4936  OS Version: 6.1.7601 ServicePack: 1.0


 

13:52:12.0010 4936  Product type: Workstation


 

13:52:12.0010 4936  ComputerName: SAMMYG-PC


 

13:52:12.0010 4936  UserName: Sammy G


 

13:52:12.0010 4936  Windows directory: C:\windows


 

13:52:12.0010 4936  System windows directory: C:\windows


 

13:52:12.0010 4936  Running under WOW64


 

13:52:12.0010 4936  Processor architecture: Intel x64


 

13:52:12.0010 4936  Number of processors: 4


 

13:52:12.0010 4936  Page size: 0x1000


 

13:52:12.0010 4936  Boot type: Normal boot


 

13:52:12.0010 4936  ============================================================


 

13:52:14.0990 4936  Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040


 

13:52:14.0990 4936  ============================================================


 

13:52:14.0990 4936  \Device\Harddisk0\DR0:


 

13:52:14.0990 4936  MBR partitions:


 

13:52:14.0990 4936  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x43488800


 

13:52:14.0990 4936  ============================================================


 

13:52:15.0036 4936  C: <-> \Device\Harddisk0\DR0\Partition1


 

13:52:15.0036 4936  ============================================================


 

13:52:15.0036 4936  Initialize success


 

13:52:15.0036 4936  ============================================================


 

13:52:43.0382 1464  ============================================================


 

13:52:43.0382 1464  Scan started


 

13:52:43.0382 1464  Mode: Manual; TDLFS;


 

13:52:43.0382 1464  ============================================================


 

13:52:44.0037 1464  ================ Scan system memory ========================


 

13:52:44.0037 1464  System memory - ok


 

13:52:44.0037 1464  ================ Scan services =============================


 

13:52:44.0177 1464  [ 581D88B25C4D4121824FED2CA38E562F ] !SASCORE        C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE


 

13:52:44.0177 1464  !SASCORE - ok


 

13:52:44.0364 1464  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\windows\system32\drivers\1394ohci.sys


 

13:52:44.0380 1464  1394ohci - ok


 

13:52:44.0411 1464  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\windows\system32\drivers\ACPI.sys


 

13:52:44.0427 1464  ACPI - ok


 

13:52:44.0458 1464  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\windows\system32\drivers\acpipmi.sys


 

13:52:44.0458 1464  AcpiPmi - ok


 

13:52:44.0583 1464  [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe


 

13:52:44.0598 1464  AdobeARMservice - ok


 

13:52:44.0645 1464  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\windows\system32\drivers\adp94xx.sys


 

13:52:44.0661 1464  adp94xx - ok


 

13:52:44.0754 1464  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\windows\system32\drivers\adpahci.sys


 

13:52:44.0754 1464  adpahci - ok


 

13:52:44.0770 1464  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\windows\system32\drivers\adpu320.sys


 

13:52:44.0770 1464  adpu320 - ok


 

13:52:44.0801 1464  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\windows\System32\aelupsvc.dll


 

13:52:44.0801 1464  AeLookupSvc - ok


 

13:52:44.0832 1464  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\windows\system32\drivers\afd.sys


 

13:52:44.0848 1464  AFD - ok


 

13:52:44.0879 1464  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\windows\system32\drivers\agp440.sys


 

13:52:44.0879 1464  agp440 - ok


 

13:52:44.0942 1464  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\windows\System32\alg.exe


 

13:52:44.0942 1464  ALG - ok


 

13:52:44.0988 1464  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\windows\system32\drivers\aliide.sys


 

13:52:44.0988 1464  aliide - ok


 

13:52:45.0004 1464  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\windows\system32\drivers\amdide.sys


 

13:52:45.0004 1464  amdide - ok


 

13:52:45.0020 1464  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\windows\system32\drivers\amdk8.sys


 

13:52:45.0020 1464  AmdK8 - ok


 

13:52:45.0035 1464  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\windows\system32\drivers\amdppm.sys


 

13:52:45.0035 1464  AmdPPM - ok


 

13:52:45.0035 1464  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\windows\system32\drivers\amdsata.sys


 

13:52:45.0035 1464  amdsata - ok


 

13:52:45.0066 1464  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\windows\system32\drivers\amdsbs.sys


 

13:52:45.0082 1464  amdsbs - ok


 

13:52:45.0113 1464  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\windows\system32\drivers\amdxata.sys


 

13:52:45.0113 1464  amdxata - ok


 

13:52:45.0176 1464  [ 48CD7E6520D47D62EAB0E6CE3EC30C65 ] Andbus          C:\windows\system32\DRIVERS\lgandbus64.sys


 

13:52:45.0191 1464  Andbus - ok


 

13:52:45.0207 1464  [ 08CBACC00D15DCDBBAAE1A7C8F231C61 ] AndDiag         C:\windows\system32\DRIVERS\lganddiag64.sys


 

13:52:45.0207 1464  AndDiag - ok


 

13:52:45.0222 1464  [ CEA9A4CD6B3A83428CE8501240833668 ] AndGps          C:\windows\system32\DRIVERS\lgandgps64.sys


 

13:52:45.0222 1464  AndGps - ok


 

13:52:45.0222 1464  [ E2B5663E547FA5E756B253EFA8EC8286 ] ANDModem        C:\windows\system32\DRIVERS\lgandmodem64.sys


 

13:52:45.0238 1464  ANDModem - ok


 

13:52:45.0269 1464  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\windows\system32\drivers\appid.sys


 

13:52:45.0269 1464  AppID - ok


 

13:52:45.0316 1464  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\windows\System32\appidsvc.dll


 

13:52:45.0316 1464  AppIDSvc - ok


 

13:52:45.0347 1464  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\windows\System32\appinfo.dll


 

13:52:45.0347 1464  Appinfo - ok


 

13:52:45.0425 1464  [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe


 

13:52:45.0425 1464  Apple Mobile Device - ok


 

13:52:45.0456 1464  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\windows\system32\drivers\arc.sys


 

13:52:45.0456 1464  arc - ok


 

13:52:45.0472 1464  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\windows\system32\drivers\arcsas.sys


 

13:52:45.0472 1464  arcsas - ok


 

13:52:45.0519 1464  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\windows\system32\DRIVERS\asyncmac.sys


 

13:52:45.0519 1464  AsyncMac - ok


 

13:52:45.0550 1464  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\windows\system32\drivers\atapi.sys


 

13:52:45.0550 1464  atapi - ok


 

13:52:45.0597 1464  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll


 

13:52:45.0612 1464  AudioEndpointBuilder - ok


 

13:52:45.0628 1464  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\windows\System32\Audiosrv.dll


 

13:52:45.0628 1464  AudioSrv - ok


 

13:52:45.0675 1464  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\windows\System32\AxInstSV.dll


 

13:52:45.0675 1464  AxInstSV - ok


 

13:52:45.0753 1464  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\windows\system32\drivers\bxvbda.sys


 

13:52:45.0784 1464  b06bdrv - ok


 

13:52:45.0815 1464  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\windows\system32\DRIVERS\b57nd60a.sys


 

13:52:45.0815 1464  b57nd60a - ok


 

13:52:45.0878 1464  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\windows\System32\bdesvc.dll


 

13:52:45.0878 1464  BDESVC - ok


 

13:52:45.0924 1464  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\windows\system32\drivers\Beep.sys


 

13:52:45.0924 1464  Beep - ok


 

13:52:45.0971 1464  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\windows\System32\qmgr.dll


 

13:52:45.0987 1464  BITS - ok


 

13:52:46.0018 1464  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\windows\system32\DRIVERS\blbdrive.sys


 

13:52:46.0018 1464  blbdrive - ok


 

13:52:46.0080 1464  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe


 

13:52:46.0080 1464  Bonjour Service - ok


 

13:52:46.0127 1464  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\windows\system32\DRIVERS\bowser.sys


 

13:52:46.0127 1464  bowser - ok


 

13:52:46.0158 1464  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\windows\system32\drivers\BrFiltLo.sys


 

13:52:46.0158 1464  BrFiltLo - ok


 

13:52:46.0174 1464  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\windows\system32\drivers\BrFiltUp.sys


 

13:52:46.0174 1464  BrFiltUp - ok


 

13:52:46.0221 1464  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\windows\System32\browser.dll


 

13:52:46.0221 1464  Browser - ok


 

13:52:46.0252 1464  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\windows\System32\Drivers\Brserid.sys


 

13:52:46.0268 1464  Brserid - ok


 

13:52:46.0283 1464  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\windows\System32\Drivers\BrSerWdm.sys


 

13:52:46.0283 1464  BrSerWdm - ok


 

13:52:46.0299 1464  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\windows\System32\Drivers\BrUsbMdm.sys


 

13:52:46.0314 1464  BrUsbMdm - ok


 

13:52:46.0314 1464  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\windows\System32\Drivers\BrUsbSer.sys


 

13:52:46.0314 1464  BrUsbSer - ok


 

13:52:46.0314 1464  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\windows\system32\drivers\bthmodem.sys


 

13:52:46.0330 1464  BTHMODEM - ok


 

13:52:46.0361 1464  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\windows\system32\bthserv.dll


 

13:52:46.0361 1464  bthserv - ok


 

13:52:46.0377 1464  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\windows\system32\DRIVERS\cdfs.sys


 

13:52:46.0377 1464  cdfs - ok


 

13:52:46.0408 1464  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\windows\system32\DRIVERS\cdrom.sys


 

13:52:46.0424 1464  cdrom - ok


 

13:52:46.0455 1464  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\windows\System32\certprop.dll


 

13:52:46.0455 1464  CertPropSvc - ok


 

13:52:46.0502 1464  [ A73276435F75025DA6E67B2470E1FE16 ] cfwids          C:\windows\system32\drivers\cfwids.sys


 

13:52:46.0502 1464  cfwids - ok


 

13:52:46.0580 1464  [ 41E7C4FA6491747402CFCA77CC1C7AAB ] cfWiMAXService  C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe


 

13:52:46.0580 1464  cfWiMAXService - ok


 

13:52:46.0626 1464  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\windows\system32\drivers\circlass.sys


 

13:52:46.0626 1464  circlass - ok


 

13:52:46.0673 1464  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\windows\system32\CLFS.sys


 

13:52:46.0689 1464  CLFS - ok


 

13:52:46.0767 1464  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe


 

13:52:46.0767 1464  clr_optimization_v2.0.50727_32 - ok


 

13:52:46.0829 1464  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe


 

13:52:46.0845 1464  clr_optimization_v2.0.50727_64 - ok


 

13:52:46.0907 1464  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe


 

13:52:46.0907 1464  clr_optimization_v4.0.30319_32 - ok


 

13:52:46.0970 1464  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe


 

13:52:46.0970 1464  clr_optimization_v4.0.30319_64 - ok


 

13:52:46.0985 1464  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\windows\system32\DRIVERS\CmBatt.sys


 

13:52:46.0985 1464  CmBatt - ok


 

13:52:47.0016 1464  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\windows\system32\drivers\cmdide.sys


 

13:52:47.0032 1464  cmdide - ok


 

13:52:47.0079 1464  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\windows\system32\Drivers\cng.sys


 

13:52:47.0079 1464  CNG - ok


 

13:52:47.0110 1464  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\windows\system32\drivers\compbatt.sys


 

13:52:47.0110 1464  Compbatt - ok


 

13:52:47.0141 1464  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\windows\system32\DRIVERS\CompositeBus.sys


 

13:52:47.0141 1464  CompositeBus - ok


 

13:52:47.0157 1464  COMSysApp - ok


 

13:52:47.0188 1464  [ CAB0EEAF5295FC96DDD3E19DCE27E131 ] ConfigFree Service C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe


 

13:52:47.0188 1464  ConfigFree Service - ok


 

13:52:47.0204 1464  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\windows\system32\drivers\crcdisk.sys


 

13:52:47.0204 1464  crcdisk - ok


 

13:52:47.0250 1464  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\windows\system32\cryptsvc.dll


 

13:52:47.0250 1464  CryptSvc - ok


 

13:52:47.0328 1464  [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc          C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE


 

13:52:47.0344 1464  cvhsvc - ok


 

13:52:47.0406 1464  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\windows\system32\rpcss.dll


 

13:52:47.0406 1464  DcomLaunch - ok


 

13:52:47.0438 1464  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\windows\System32\defragsvc.dll


 

13:52:47.0453 1464  defragsvc - ok


 

13:52:47.0484 1464  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\windows\system32\Drivers\dfsc.sys


 

13:52:47.0484 1464  DfsC - ok


 

13:52:47.0516 1464  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\windows\system32\dhcpcore.dll


 

13:52:47.0516 1464  Dhcp - ok


 

13:52:47.0531 1464  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\windows\system32\drivers\discache.sys


 

13:52:47.0531 1464  discache - ok


 

13:52:47.0562 1464  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\windows\system32\drivers\disk.sys


 

13:52:47.0562 1464  Disk - ok


 

13:52:47.0594 1464  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\windows\System32\dnsrslvr.dll


 

13:52:47.0594 1464  Dnscache - ok


 

13:52:47.0625 1464  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\windows\System32\dot3svc.dll


 

13:52:47.0625 1464  dot3svc - ok


 

13:52:47.0672 1464  [ B42ED0320C6E41102FDE0005154849BB ] Dot4            C:\windows\system32\DRIVERS\Dot4.sys


 

13:52:47.0672 1464  Dot4 - ok


 

13:52:47.0687 1464  [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print       C:\windows\system32\DRIVERS\Dot4Prt.sys


 

13:52:47.0687 1464  Dot4Print - ok


 

13:52:47.0703 1464  [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb         C:\windows\system32\DRIVERS\dot4usb.sys


 

13:52:47.0703 1464  dot4usb - ok


 

13:52:47.0734 1464  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\windows\system32\dps.dll


 

13:52:47.0734 1464  DPS - ok


 

13:52:47.0765 1464  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\windows\system32\drivers\drmkaud.sys


 

13:52:47.0765 1464  drmkaud - ok


 

13:52:47.0812 1464  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\windows\System32\drivers\dxgkrnl.sys


 

13:52:47.0812 1464  DXGKrnl - ok


 

13:52:47.0859 1464  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\windows\System32\eapsvc.dll


 

13:52:47.0859 1464  EapHost - ok


 

13:52:47.0968 1464  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\windows\system32\drivers\evbda.sys


 

13:52:48.0046 1464  ebdrv - ok


 

13:52:48.0077 1464  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\windows\System32\lsass.exe


 

13:52:48.0077 1464  EFS - ok


 

13:52:48.0140 1464  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\windows\ehome\ehRecvr.exe


 

13:52:48.0155 1464  ehRecvr - ok


 

13:52:48.0186 1464  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\windows\ehome\ehsched.exe


 

13:52:48.0186 1464  ehSched - ok


 

13:52:48.0233 1464  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\windows\system32\drivers\elxstor.sys


 

13:52:48.0249 1464  elxstor - ok


 

13:52:48.0249 1464  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\windows\system32\drivers\errdev.sys


 

13:52:48.0249 1464  ErrDev - ok


 

13:52:48.0311 1464  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\windows\system32\es.dll


 

13:52:48.0327 1464  EventSystem - ok


 

13:52:48.0358 1464  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\windows\system32\drivers\exfat.sys


 

13:52:48.0358 1464  exfat - ok


 

13:52:48.0389 1464  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\windows\system32\drivers\fastfat.sys


 

13:52:48.0405 1464  fastfat - ok


 

13:52:48.0452 1464  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\windows\system32\fxssvc.exe


 

13:52:48.0467 1464  Fax - ok


 

13:52:48.0483 1464  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\windows\system32\drivers\fdc.sys


 

13:52:48.0498 1464  fdc - ok


 

13:52:48.0545 1464  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\windows\system32\fdPHost.dll


 

13:52:48.0545 1464  fdPHost - ok


 

13:52:48.0561 1464  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\windows\system32\fdrespub.dll


 

13:52:48.0561 1464  FDResPub - ok


 

13:52:48.0592 1464  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\windows\system32\drivers\fileinfo.sys


 

13:52:48.0592 1464  FileInfo - ok


 

13:52:48.0639 1464  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\windows\system32\drivers\filetrace.sys


 

13:52:48.0639 1464  Filetrace - ok


 

13:52:48.0654 1464  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\windows\system32\drivers\flpydisk.sys


 

13:52:48.0654 1464  flpydisk - ok


 

13:52:48.0670 1464  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\windows\system32\drivers\fltmgr.sys


 

13:52:48.0670 1464  FltMgr - ok


 

13:52:48.0779 1464  [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache       C:\windows\system32\FntCache.dll


 

13:52:48.0779 1464  FontCache - ok


 

13:52:48.0826 1464  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe


 

13:52:48.0842 1464  FontCache3.0.0.0 - ok


 

13:52:48.0873 1464  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\windows\system32\drivers\FsDepends.sys


 

13:52:48.0873 1464  FsDepends - ok


 

13:52:48.0888 1464  [ 6C06701BF1DB05405804D7EB610991CE ] fssfltr         C:\windows\system32\DRIVERS\fssfltr.sys


 

13:52:48.0904 1464  fssfltr - ok


 

13:52:48.0998 1464  [ 4CE9DAC1518FF7E77BD213E6394B9D77 ] fsssvc          C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe


 

13:52:49.0029 1464  fsssvc - ok


 

13:52:49.0044 1464  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\windows\system32\drivers\Fs_Rec.sys


 

13:52:49.0044 1464  Fs_Rec - ok


 

13:52:49.0076 1464  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\windows\system32\DRIVERS\fvevol.sys


 

13:52:49.0076 1464  fvevol - ok


 

13:52:49.0122 1464  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\windows\system32\drivers\gagp30kx.sys


 

13:52:49.0122 1464  gagp30kx - ok


 

13:52:49.0169 1464  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\windows\system32\DRIVERS\GEARAspiWDM.sys


 

13:52:49.0169 1464  GEARAspiWDM - ok


 

13:52:49.0232 1464  [ C6B9F48D46C13389EA2AF2065AE66612 ] GoToAssist      C:\Program Files (x86)\Citrix\GoToAssist\896\g2aservice.exe


 

13:52:49.0247 1464  GoToAssist - ok


 

13:52:49.0294 1464  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\windows\System32\gpsvc.dll


 

13:52:49.0310 1464  gpsvc - ok


 

13:52:49.0356 1464  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\windows\system32\drivers\hcw85cir.sys


 

13:52:49.0356 1464  hcw85cir - ok


 

13:52:49.0388 1464  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys


 

13:52:49.0388 1464  HdAudAddService - ok


 

13:52:49.0419 1464  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\windows\system32\DRIVERS\HDAudBus.sys


 

13:52:49.0419 1464  HDAudBus - ok


 

13:52:49.0434 1464  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\windows\system32\drivers\HidBatt.sys


 

13:52:49.0434 1464  HidBatt - ok


 

13:52:49.0450 1464  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\windows\system32\drivers\hidbth.sys


 

13:52:49.0466 1464  HidBth - ok


 

13:52:49.0481 1464  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\windows\system32\drivers\hidir.sys


 

13:52:49.0481 1464  HidIr - ok


 

13:52:49.0497 1464  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\windows\system32\hidserv.dll


 

13:52:49.0512 1464  hidserv - ok


 

13:52:49.0544 1464  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\windows\system32\DRIVERS\hidusb.sys


 

13:52:49.0559 1464  HidUsb - ok


 

13:52:49.0622 1464  [ A894FB2CAE6A29F5D9C8EDA47B074623 ] HipShieldK      C:\windows\system32\drivers\HipShieldK.sys


 

13:52:49.0637 1464  HipShieldK - ok


 

13:52:49.0668 1464  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\windows\system32\kmsvc.dll


 

13:52:49.0668 1464  hkmsvc - ok


 

13:52:49.0715 1464  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll


 

13:52:49.0731 1464  HomeGroupListener - ok


 

13:52:49.0762 1464  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll


 

13:52:49.0778 1464  HomeGroupProvider - ok


 

13:52:49.0871 1464  [ 1DAE5C46D42B02A6D5862E1482EFB390 ] hpqcxs08        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll


 

13:52:49.0918 1464  hpqcxs08 - ok


 

13:52:49.0949 1464  [ 99E8EEF42FE2F4AF29B08C3355DD7685 ] hpqddsvc        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll


 

13:52:49.0949 1464  hpqddsvc - ok


 

13:52:49.0980 1464  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\windows\system32\drivers\HpSAMD.sys


 

13:52:49.0980 1464  HpSAMD - ok


 

13:52:50.0027 1464  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\windows\system32\drivers\HTTP.sys


 

13:52:50.0027 1464  HTTP - ok


 

13:52:50.0058 1464  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\windows\system32\drivers\hwpolicy.sys


 

13:52:50.0074 1464  hwpolicy - ok


 

13:52:50.0090 1464  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\windows\system32\DRIVERS\i8042prt.sys


 

13:52:50.0090 1464  i8042prt - ok


 

13:52:50.0121 1464  [ D469B77687E12FE43E344806740B624D ] iaStor          C:\windows\system32\DRIVERS\iaStor.sys


 

13:52:50.0121 1464  iaStor - ok


 

13:52:50.0168 1464  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\windows\system32\drivers\iaStorV.sys


 

13:52:50.0168 1464  iaStorV - ok


 

13:52:50.0261 1464  [ DAF66902F08796F9C694901660E5A64A ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe


 

13:52:50.0261 1464  IDriverT - ok


 

13:52:50.0324 1464  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe


 

13:52:50.0339 1464  idsvc - ok


 

13:52:50.0620 1464  [ 370C2A8629B30F910F740387795DDC6F ] igfx            C:\windows\system32\DRIVERS\igdkmd64.sys


 

13:52:50.0698 1464  igfx - ok


 

13:52:50.0745 1464  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\windows\system32\drivers\iirsp.sys


 

13:52:50.0745 1464  iirsp - ok


 

13:52:50.0807 1464  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\windows\System32\ikeext.dll


 

13:52:50.0823 1464  IKEEXT - ok


 

13:52:50.0948 1464  [ 16C324E22208E6E8336C3F2DA14CFE2D ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys


 

13:52:50.0963 1464  IntcAzAudAddService - ok


 

13:52:51.0010 1464  [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud        C:\windows\system32\DRIVERS\IntcDAud.sys


 

13:52:51.0010 1464  IntcDAud - ok


 

13:52:51.0041 1464  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\windows\system32\drivers\intelide.sys


 

13:52:51.0041 1464  intelide - ok


 

13:52:51.0088 1464  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\windows\system32\DRIVERS\intelppm.sys


 

13:52:51.0088 1464  intelppm - ok


 

13:52:51.0119 1464  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\windows\system32\ipbusenum.dll


 

13:52:51.0135 1464  IPBusEnum - ok


 

13:52:51.0150 1464  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\windows\system32\DRIVERS\ipfltdrv.sys


 

13:52:51.0150 1464  IpFilterDriver - ok


 

13:52:51.0166 1464  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\windows\system32\drivers\IPMIDrv.sys


 

13:52:51.0166 1464  IPMIDRV - ok


 

13:52:51.0213 1464  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\windows\system32\drivers\ipnat.sys


 

13:52:51.0228 1464  IPNAT - ok


 

13:52:51.0291 1464  [ 0F261EC4F514926177C70C1832374231 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe


 

13:52:51.0306 1464  iPod Service - ok


 

13:52:51.0338 1464  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\windows\system32\drivers\irenum.sys


 

13:52:51.0338 1464  IRENUM - ok


 

13:52:51.0338 1464  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\windows\system32\drivers\isapnp.sys


 

13:52:51.0338 1464  isapnp - ok


 

13:52:51.0384 1464  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\windows\system32\drivers\msiscsi.sys


 

13:52:51.0400 1464  iScsiPrt - ok


 

13:52:51.0416 1464  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\windows\system32\DRIVERS\kbdclass.sys


 

13:52:51.0416 1464  kbdclass - ok


 

13:52:51.0447 1464  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\windows\system32\drivers\kbdhid.sys


 

13:52:51.0462 1464  kbdhid - ok


 

13:52:51.0494 1464  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\windows\system32\lsass.exe


 

13:52:51.0494 1464  KeyIso - ok


 

13:52:51.0509 1464  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\windows\system32\Drivers\ksecdd.sys


 

13:52:51.0509 1464  KSecDD - ok


 

13:52:51.0525 1464  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\windows\system32\Drivers\ksecpkg.sys


 

13:52:51.0525 1464  KSecPkg - ok


 

13:52:51.0540 1464  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\windows\system32\drivers\ksthunk.sys


 

13:52:51.0556 1464  ksthunk - ok


 

13:52:51.0587 1464  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\windows\system32\msdtckrm.dll


 

13:52:51.0603 1464  KtmRm - ok


 

13:52:51.0650 1464  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\windows\system32\srvsvc.dll


 

13:52:51.0665 1464  LanmanServer - ok


 

13:52:51.0743 1464  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll


 

13:52:51.0743 1464  LanmanWorkstation - ok


 

13:52:51.0790 1464  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\windows\system32\DRIVERS\lltdio.sys


 

13:52:51.0790 1464  lltdio - ok


 

13:52:51.0852 1464  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\windows\System32\lltdsvc.dll


 

13:52:51.0852 1464  lltdsvc - ok


 

13:52:51.0884 1464  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\windows\System32\lmhsvc.dll


 

13:52:51.0884 1464  lmhosts - ok


 

13:52:51.0962 1464  [ 7F32D4C47A50E7223491E8FB9359907D ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe


 

13:52:51.0962 1464  LMS - ok


 

13:52:51.0993 1464  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\windows\system32\drivers\lsi_fc.sys


 

13:52:52.0008 1464  LSI_FC - ok


 

13:52:52.0024 1464  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\windows\system32\drivers\lsi_sas.sys


 

13:52:52.0024 1464  LSI_SAS - ok


 

13:52:52.0040 1464  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\windows\system32\drivers\lsi_sas2.sys


 

13:52:52.0040 1464  LSI_SAS2 - ok


 

13:52:52.0040 1464  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\windows\system32\drivers\lsi_scsi.sys


 

13:52:52.0040 1464  LSI_SCSI - ok


 

13:52:52.0071 1464  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\windows\system32\drivers\luafv.sys


 

13:52:52.0071 1464  luafv - ok


 

13:52:52.0164 1464  [ F928E5E72BBA15DD0CE9A26E0413D236 ] McAfee SiteAdvisor Service C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe


 

13:52:52.0180 1464  McAfee SiteAdvisor Service - ok


 

13:52:52.0196 1464  [ F928E5E72BBA15DD0CE9A26E0413D236 ] McMPFSvc        C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe


 

13:52:52.0196 1464  McMPFSvc - ok


 

13:52:52.0242 1464  [ F928E5E72BBA15DD0CE9A26E0413D236 ] mcmscsvc        C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe


 

13:52:52.0242 1464  mcmscsvc - ok


 

13:52:52.0258 1464  [ F928E5E72BBA15DD0CE9A26E0413D236 ] McNaiAnn        C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe


 

13:52:52.0258 1464  McNaiAnn - ok


 

13:52:52.0289 1464  [ F928E5E72BBA15DD0CE9A26E0413D236 ] McNASvc         C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe


 

13:52:52.0289 1464  McNASvc - ok


 

13:52:52.0430 1464  [ 1814532DB0404C5FB65AA3EB051B2BE5 ] McODS           C:\Program Files\McAfee\VirusScan\mcods.exe


 

13:52:52.0430 1464  McODS - ok


 

13:52:52.0492 1464  [ F928E5E72BBA15DD0CE9A26E0413D236 ] McProxy         C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe


 

13:52:52.0492 1464  McProxy - ok


 

13:52:52.0586 1464  [ 23EA22ACADD66D7F1E18A4AA72BE6158 ] McShield        C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe


 

13:52:52.0586 1464  McShield - ok


 

13:52:52.0617 1464  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\windows\system32\Mcx2Svc.dll


 

13:52:52.0632 1464  Mcx2Svc - ok


 

13:52:52.0664 1464  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\windows\system32\drivers\megasas.sys


 

13:52:52.0664 1464  megasas - ok


 

13:52:52.0695 1464  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\windows\system32\drivers\MegaSR.sys


 

13:52:52.0695 1464  MegaSR - ok


 

13:52:52.0742 1464  [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64          C:\windows\system32\DRIVERS\HECIx64.sys


 

13:52:52.0742 1464  MEIx64 - ok


 

13:52:52.0788 1464  [ 19323081FA4018C9C1AEBF08114BEA11 ] mfeapfk         C:\windows\system32\drivers\mfeapfk.sys


 

13:52:52.0788 1464  mfeapfk - ok


 

13:52:52.0851 1464  [ EF1D39A70CAD1B7BEDC220480F26815C ] mfeavfk         C:\windows\system32\drivers\mfeavfk.sys


 

13:52:52.0851 1464  mfeavfk - ok


 

13:52:52.0866 1464  mfeavfk01 - ok


 

13:52:52.0913 1464  [ 3CBBB569730EFD069B4BD253DDD4AD58 ] mfefire         C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe


 

13:52:52.0913 1464  mfefire - ok


 

13:52:52.0960 1464  [ 67972BFC8F23054BD23E1DE1450E40BD ] mfefirek        C:\windows\system32\drivers\mfefirek.sys


 

13:52:52.0960 1464  mfefirek - ok


 

13:52:53.0022 1464  [ 5C0EE849C03C37071FABDAA6B58D3D94 ] mfehidk         C:\windows\system32\drivers\mfehidk.sys


 

13:52:53.0038 1464  mfehidk - ok


 

13:52:53.0116 1464  [ 450B77CAC7384A9C1BAF476AC302CD4C ] mferkdet        C:\windows\system32\drivers\mferkdet.sys


 

13:52:53.0116 1464  mferkdet - ok


 

13:52:53.0178 1464  [ 74CE2EBE64AB78904E33DD4C5F21611F ] mfevtp          C:\windows\system32\mfevtps.exe


 

13:52:53.0194 1464  mfevtp - ok


 

13:52:53.0241 1464  [ F55F9742BFA88D02F96516B80AB400EC ] mfewfpk         C:\windows\system32\drivers\mfewfpk.sys


 

13:52:53.0241 1464  mfewfpk - ok


 

13:52:53.0272 1464  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\windows\system32\mmcss.dll


 

13:52:53.0288 1464  MMCSS - ok


 

13:52:53.0319 1464  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\windows\system32\drivers\modem.sys


 

13:52:53.0319 1464  Modem - ok


 

13:52:53.0350 1464  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\windows\system32\DRIVERS\monitor.sys


 

13:52:53.0350 1464  monitor - ok


 

13:52:53.0366 1464  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\windows\system32\DRIVERS\mouclass.sys


 

13:52:53.0366 1464  mouclass - ok


 

13:52:53.0397 1464  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\windows\system32\DRIVERS\mouhid.sys


 

13:52:53.0397 1464  mouhid - ok


 

13:52:53.0428 1464  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\windows\system32\drivers\mountmgr.sys


 

13:52:53.0428 1464  mountmgr - ok


 

13:52:53.0537 1464  [ 51A84B690DF519DCF656F780243D953E ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe


 

13:52:53.0537 1464  MozillaMaintenance - ok


 

13:52:53.0568 1464  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\windows\system32\drivers\mpio.sys


 

13:52:53.0646 1464  mpio - ok


 

13:52:53.0662 1464  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\windows\system32\drivers\mpsdrv.sys


 

13:52:53.0662 1464  mpsdrv - ok


 

13:52:53.0678 1464  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\windows\system32\drivers\mrxdav.sys


 

13:52:53.0678 1464  MRxDAV - ok


 

13:52:53.0678 1464  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\windows\system32\DRIVERS\mrxsmb.sys


 

13:52:53.0678 1464  mrxsmb - ok


 

13:52:53.0693 1464  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\windows\system32\DRIVERS\mrxsmb10.sys


 

13:52:53.0693 1464  mrxsmb10 - ok


 

13:52:53.0693 1464  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\windows\system32\DRIVERS\mrxsmb20.sys


 

13:52:53.0693 1464  mrxsmb20 - ok


 

13:52:53.0693 1464  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\windows\system32\DRIVERS\msahci.sys


 

13:52:53.0693 1464  msahci - ok


 

13:52:53.0724 1464  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\windows\system32\drivers\msdsm.sys


 

13:52:53.0724 1464  msdsm - ok


 

13:52:53.0756 1464  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\windows\System32\msdtc.exe


 

13:52:53.0756 1464  MSDTC - ok


 

13:52:53.0771 1464  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\windows\system32\drivers\Msfs.sys


 

13:52:53.0771 1464  Msfs - ok


 

13:52:53.0787 1464  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\windows\System32\drivers\mshidkmdf.sys


 

13:52:53.0787 1464  mshidkmdf - ok


 

13:52:53.0802 1464  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\windows\system32\drivers\msisadrv.sys


 

13:52:53.0802 1464  msisadrv - ok


 

13:52:53.0834 1464  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\windows\system32\iscsiexe.dll


 

13:52:53.0834 1464  MSiSCSI - ok


 

13:52:53.0849 1464  msiserver - ok


 

13:52:53.0880 1464  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\windows\system32\drivers\MSKSSRV.sys


 

13:52:53.0880 1464  MSKSSRV - ok


 

13:52:53.0896 1464  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\windows\system32\drivers\MSPCLOCK.sys


 

13:52:53.0896 1464  MSPCLOCK - ok


 

13:52:53.0912 1464  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\windows\system32\drivers\MSPQM.sys


 

13:52:53.0912 1464  MSPQM - ok


 

13:52:53.0927 1464  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\windows\system32\drivers\MsRPC.sys


 

13:52:53.0943 1464  MsRPC - ok


 

13:52:53.0943 1464  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\windows\system32\DRIVERS\mssmbios.sys


 

13:52:53.0943 1464  mssmbios - ok


 

13:52:53.0974 1464  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\windows\system32\drivers\MSTEE.sys


 

13:52:53.0974 1464  MSTEE - ok


 

13:52:53.0974 1464  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\windows\system32\drivers\MTConfig.sys


 

13:52:53.0990 1464  MTConfig - ok


 

13:52:54.0005 1464  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\windows\system32\Drivers\mup.sys


 

13:52:54.0005 1464  Mup - ok


 

13:52:54.0036 1464  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\windows\system32\qagentRT.dll


 

13:52:54.0052 1464  napagent - ok


 

13:52:54.0099 1464  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\windows\system32\DRIVERS\nwifi.sys


 

13:52:54.0099 1464  NativeWifiP - ok


 

13:52:54.0146 1464  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\windows\system32\drivers\ndis.sys


 

13:52:54.0161 1464  NDIS - ok


 

13:52:54.0192 1464  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\windows\system32\DRIVERS\ndiscap.sys


 

13:52:54.0192 1464  NdisCap - ok


 

13:52:54.0208 1464  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\windows\system32\DRIVERS\ndistapi.sys


 

13:52:54.0208 1464  NdisTapi - ok


 

13:52:54.0239 1464  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\windows\system32\DRIVERS\ndisuio.sys


 

13:52:54.0239 1464  Ndisuio - ok


 

13:52:54.0255 1464  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\windows\system32\DRIVERS\ndiswan.sys


 

13:52:54.0255 1464  NdisWan - ok


 

13:52:54.0270 1464  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\windows\system32\drivers\NDProxy.sys


 

13:52:54.0270 1464  NDProxy - ok


 

13:52:54.0333 1464  [ 2334DC48997BA203B794DF3EE70521DB ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll


 

13:52:54.0333 1464  Net Driver HPZ12 - ok


 

13:52:54.0364 1464  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\windows\system32\DRIVERS\netbios.sys


 

13:52:54.0364 1464  NetBIOS - ok


 

13:52:54.0380 1464  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\windows\system32\DRIVERS\netbt.sys


 

13:52:54.0380 1464  NetBT - ok


 

13:52:54.0395 1464  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\windows\system32\lsass.exe


 

13:52:54.0395 1464  Netlogon - ok


 

13:52:54.0442 1464  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\windows\System32\netman.dll


 

13:52:54.0442 1464  Netman - ok


 

13:52:54.0458 1464  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\windows\System32\netprofm.dll


 

13:52:54.0458 1464  netprofm - ok


 

13:52:54.0473 1464  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe


 

13:52:54.0489 1464  NetTcpPortSharing - ok


 

13:52:54.0504 1464  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\windows\system32\drivers\nfrd960.sys


 

13:52:54.0520 1464  nfrd960 - ok


 

13:52:54.0567 1464  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\windows\System32\nlasvc.dll


 

13:52:54.0582 1464  NlaSvc - ok


 

13:52:54.0582 1464  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\windows\system32\drivers\Npfs.sys


 

13:52:54.0598 1464  Npfs - ok


 

13:52:54.0614 1464  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\windows\system32\nsisvc.dll


 

13:52:54.0614 1464  nsi - ok


 

13:52:54.0645 1464  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\windows\system32\drivers\nsiproxy.sys


 

13:52:54.0645 1464  nsiproxy - ok


 

13:52:54.0754 1464  [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs            C:\windows\system32\drivers\Ntfs.sys


 

13:52:54.0785 1464  Ntfs - ok


 

13:52:54.0801 1464  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\windows\system32\drivers\Null.sys


 

13:52:54.0801 1464  Null - ok


 

13:52:54.0832 1464  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\windows\system32\drivers\nvraid.sys


 

13:52:54.0832 1464  nvraid - ok


 

13:52:54.0848 1464  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\windows\system32\drivers\nvstor.sys


 

13:52:54.0848 1464  nvstor - ok


 

13:52:54.0863 1464  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\windows\system32\drivers\nv_agp.sys


 

13:52:54.0863 1464  nv_agp - ok


 

13:52:54.0894 1464  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\windows\system32\drivers\ohci1394.sys


 

13:52:54.0894 1464  ohci1394 - ok


 

13:52:54.0941 1464  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE


 

13:52:54.0941 1464  ose - ok


 

13:52:55.0113 1464  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE


 

13:52:55.0238 1464  osppsvc - ok


 

13:52:55.0269 1464  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\windows\system32\pnrpsvc.dll


 

13:52:55.0284 1464  p2pimsvc - ok


 

13:52:55.0300 1464  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\windows\system32\p2psvc.dll


 

13:52:55.0300 1464  p2psvc - ok


 

13:52:55.0316 1464  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\windows\system32\drivers\parport.sys


 

13:52:55.0331 1464  Parport - ok


 

13:52:55.0362 1464  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\windows\system32\drivers\partmgr.sys


 

13:52:55.0362 1464  partmgr - ok


 

13:52:55.0409 1464  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\windows\System32\pcasvc.dll


 

13:52:55.0409 1464  PcaSvc - ok


 

13:52:55.0440 1464  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\windows\system32\drivers\pci.sys


 

13:52:55.0440 1464  pci - ok


 

13:52:55.0456 1464  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\windows\system32\DRIVERS\pciide.sys


 

13:52:55.0456 1464  pciide - ok


 

13:52:55.0487 1464  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\windows\system32\drivers\pcmcia.sys


 

13:52:55.0503 1464  pcmcia - ok


 

13:52:55.0518 1464  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\windows\system32\drivers\pcw.sys


 

13:52:55.0518 1464  pcw - ok


 

13:52:55.0534 1464  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\windows\system32\drivers\peauth.sys


 

13:52:55.0550 1464  PEAUTH - ok


 

13:52:55.0643 1464  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\windows\SysWow64\perfhost.exe


 

13:52:55.0643 1464  PerfHost - ok


 

13:52:55.0784 1464  [ 91111CEBBDE8015E822C46120ED9537C ] PGEffect        C:\windows\system32\DRIVERS\pgeffect.sys


 

13:52:55.0784 1464  PGEffect - ok


 

13:52:55.0846 1464  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\windows\system32\pla.dll


 

13:52:55.0877 1464  pla - ok


 

13:52:55.0908 1464  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\windows\system32\umpnpmgr.dll


 

13:52:55.0924 1464  PlugPlay - ok


 

13:52:55.0971 1464  [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll


 

13:52:55.0971 1464  Pml Driver HPZ12 - ok


 

13:52:56.0002 1464  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\windows\system32\pnrpauto.dll


 

13:52:56.0018 1464  PNRPAutoReg - ok


 

13:52:56.0049 1464  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\windows\system32\pnrpsvc.dll


 

13:52:56.0049 1464  PNRPsvc - ok


 

13:52:56.0096 1464  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\windows\System32\ipsecsvc.dll


 

13:52:56.0096 1464  PolicyAgent - ok


 

13:52:56.0142 1464  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\windows\system32\umpo.dll


 

13:52:56.0142 1464  Power - ok


 

13:52:56.0174 1464  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\windows\system32\DRIVERS\raspptp.sys


 

13:52:56.0189 1464  PptpMiniport - ok


 

13:52:56.0205 1464  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\windows\system32\drivers\processr.sys


 

13:52:56.0205 1464  Processor - ok


 

13:52:56.0236 1464  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\windows\system32\profsvc.dll


 

13:52:56.0236 1464  ProfSvc - ok


 

13:52:56.0267 1464  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe


 

13:52:56.0267 1464  ProtectedStorage - ok


 

13:52:56.0314 1464  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\windows\system32\DRIVERS\pacer.sys


 

13:52:56.0314 1464  Psched - ok


 

13:52:56.0361 1464  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\windows\system32\drivers\ql2300.sys


 

13:52:56.0392 1464  ql2300 - ok


 

13:52:56.0392 1464  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\windows\system32\drivers\ql40xx.sys


 

13:52:56.0392 1464  ql40xx - ok


 

13:52:56.0423 1464  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\windows\system32\qwave.dll


 

13:52:56.0423 1464  QWAVE - ok


 

13:52:56.0454 1464  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\windows\system32\drivers\qwavedrv.sys


 

13:52:56.0454 1464  QWAVEdrv - ok


 

13:52:56.0470 1464  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\windows\system32\DRIVERS\rasacd.sys


 

13:52:56.0470 1464  RasAcd - ok


 

13:52:56.0517 1464  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\windows\system32\DRIVERS\AgileVpn.sys


 

13:52:56.0517 1464  RasAgileVpn - ok


 

13:52:56.0548 1464  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\windows\System32\rasauto.dll


 

13:52:56.0564 1464  RasAuto - ok


 

13:52:56.0595 1464  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\windows\system32\DRIVERS\rasl2tp.sys


 

13:52:56.0595 1464  Rasl2tp - ok


 

13:52:56.0626 1464  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\windows\System32\rasmans.dll


 

13:52:56.0626 1464  RasMan - ok


 

13:52:56.0642 1464  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\windows\system32\DRIVERS\raspppoe.sys


 

13:52:56.0642 1464  RasPppoe - ok


 

13:52:56.0657 1464  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\windows\system32\DRIVERS\rassstp.sys


 

13:52:56.0657 1464  RasSstp - ok


 

13:52:56.0673 1464  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\windows\system32\DRIVERS\rdbss.sys


 

13:52:56.0673 1464  rdbss - ok


 

13:52:56.0673 1464  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\windows\system32\drivers\rdpbus.sys


 

13:52:56.0673 1464  rdpbus - ok


 

13:52:56.0766 1464  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\windows\system32\DRIVERS\RDPCDD.sys


 

13:52:56.0766 1464  RDPCDD - ok


 

13:52:56.0782 1464  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\windows\system32\drivers\rdpencdd.sys


 

13:52:56.0782 1464  RDPENCDD - ok


 

13:52:56.0798 1464  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\windows\system32\drivers\rdprefmp.sys


 

13:52:56.0798 1464  RDPREFMP - ok


 

13:52:56.0829 1464  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\windows\system32\drivers\RDPWD.sys


 

13:52:56.0829 1464  RDPWD - ok


 

13:52:56.0860 1464  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\windows\system32\drivers\rdyboost.sys


 

13:52:56.0876 1464  rdyboost - ok


 

13:52:56.0907 1464  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\windows\System32\mprdim.dll


 

13:52:56.0922 1464  RemoteAccess - ok


 

13:52:56.0954 1464  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\windows\system32\regsvc.dll


 

13:52:56.0954 1464  RemoteRegistry - ok


 

13:52:57.0000 1464  [ AD42432D22940B4215177BE113E4919C ] RimUsb          C:\windows\system32\Drivers\RimUsb_AMD64.sys


 

13:52:57.0000 1464  RimUsb - ok


 

13:52:57.0047 1464  [ 4AAFFFA67AC4DFA3D9985D78573887E2 ] RimVSerPort     C:\windows\system32\DRIVERS\RimSerial_AMD64.sys


 

13:52:57.0047 1464  RimVSerPort - ok


 

13:52:57.0110 1464  [ 388D3DD1A6457280F3BADBA9F3ACD6B1 ] ROOTMODEM       C:\windows\system32\Drivers\RootMdm.sys


 

13:52:57.0110 1464  ROOTMODEM - ok


 

13:52:57.0125 1464  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\windows\System32\RpcEpMap.dll


 

13:52:57.0141 1464  RpcEptMapper - ok


 

13:52:57.0172 1464  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\windows\system32\locator.exe


 

13:52:57.0172 1464  RpcLocator - ok


 

13:52:57.0219 1464  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\windows\system32\rpcss.dll


 

13:52:57.0219 1464  RpcSs - ok


 

13:52:57.0250 1464  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\windows\system32\DRIVERS\rspndr.sys


 

13:52:57.0266 1464  rspndr - ok


 

13:52:57.0281 1464  [ BE29B0A3AC1E8BD02FFAB8CEE86BADFA ] RSUSBSTOR       C:\windows\system32\Drivers\RtsUStor.sys


 

13:52:57.0297 1464  RSUSBSTOR - ok


 

13:52:57.0312 1464  [ 6D3C7E7D82D3DC92DC2A8B0DF9F20F8A ] RTL8167         C:\windows\system32\DRIVERS\Rt64win7.sys


 

13:52:57.0312 1464  RTL8167 - ok


 

13:52:57.0390 1464  [ E7D79600575F755614DD5D79B044D588 ] RTL8192Ce       C:\windows\system32\DRIVERS\rtl8192Ce.sys


 

13:52:57.0406 1464  RTL8192Ce - ok


 

13:52:57.0422 1464  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\windows\system32\lsass.exe


 

13:52:57.0422 1464  SamSs - ok


 

13:52:57.0484 1464  [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV        C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS


 

13:52:57.0484 1464  SASDIFSV - ok


 

13:52:57.0515 1464  [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL        C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS


 

13:52:57.0515 1464  SASKUTIL - ok


 

13:52:57.0531 1464  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\windows\system32\drivers\sbp2port.sys


 

13:52:57.0609 1464  sbp2port - ok


 

13:52:57.0640 1464  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\windows\System32\SCardSvr.dll


 

13:52:57.0640 1464  SCardSvr - ok


 

13:52:57.0656 1464  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\windows\system32\DRIVERS\scfilter.sys


 

13:52:57.0656 1464  scfilter - ok


 

13:52:57.0687 1464  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\windows\system32\schedsvc.dll


 

13:52:57.0702 1464  Schedule - ok


 

13:52:57.0734 1464  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\windows\System32\certprop.dll


 

13:52:57.0734 1464  SCPolicySvc - ok


 

13:52:57.0765 1464  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\windows\System32\SDRSVC.dll


 

13:52:57.0765 1464  SDRSVC - ok


 

13:52:57.0796 1464  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\windows\system32\drivers\secdrv.sys


 

13:52:57.0796 1464  secdrv - ok


 

13:52:57.0827 1464  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\windows\system32\seclogon.dll


 

13:52:57.0827 1464  seclogon - ok


 

13:52:57.0843 1464  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\windows\System32\sens.dll


 

13:52:57.0843 1464  SENS - ok


 

13:52:57.0874 1464  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\windows\system32\sensrsvc.dll


 

13:52:57.0874 1464  SensrSvc - ok


 

13:52:57.0890 1464  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\windows\system32\drivers\serenum.sys


 

13:52:57.0890 1464  Serenum - ok


 

13:52:57.0921 1464  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\windows\system32\drivers\serial.sys


 

13:52:57.0921 1464  Serial - ok


 

13:52:57.0936 1464  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\windows\system32\drivers\sermouse.sys


 

13:52:57.0936 1464  sermouse - ok


 

13:52:57.0968 1464  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\windows\system32\sessenv.dll


 

13:52:57.0968 1464  SessionEnv - ok


 

13:52:57.0999 1464  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\windows\system32\drivers\sffdisk.sys


 

13:52:58.0014 1464  sffdisk - ok


 

13:52:58.0014 1464  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\windows\system32\drivers\sffp_mmc.sys


 

13:52:58.0014 1464  sffp_mmc - ok


 

13:52:58.0014 1464  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\windows\system32\drivers\sffp_sd.sys


 

13:52:58.0014 1464  sffp_sd - ok


 

13:52:58.0030 1464  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\windows\system32\drivers\sfloppy.sys


 

13:52:58.0030 1464  sfloppy - ok


 

13:52:58.0061 1464  [ C6CC9297BD53E5229653303E556AA539 ] Sftfs           C:\windows\system32\DRIVERS\Sftfslh.sys


 

13:52:58.0077 1464  Sftfs - ok


 

13:52:58.0155 1464  [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist         C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe


 

13:52:58.0170 1464  sftlist - ok


 

13:52:58.0186 1464  [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay         C:\windows\system32\DRIVERS\Sftplaylh.sys


 

13:52:58.0202 1464  Sftplay - ok


 

13:52:58.0217 1464  [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir        C:\windows\system32\DRIVERS\Sftredirlh.sys


 

13:52:58.0217 1464  Sftredir - ok


 

13:52:58.0233 1464  [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol          C:\windows\system32\DRIVERS\Sftvollh.sys


 

13:52:58.0233 1464  Sftvol - ok


 

13:52:58.0264 1464  [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa          C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe


 

13:52:58.0264 1464  sftvsa - ok


 

13:52:58.0311 1464  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll


 

13:52:58.0311 1464  ShellHWDetection - ok


 

13:52:58.0358 1464  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\windows\system32\drivers\SiSRaid2.sys


 

13:52:58.0358 1464  SiSRaid2 - ok


 

13:52:58.0373 1464  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\windows\system32\drivers\sisraid4.sys


 

13:52:58.0373 1464  SiSRaid4 - ok


 

13:52:58.0451 1464  [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe


 

13:52:58.0451 1464  SkypeUpdate - ok


 

13:52:58.0482 1464  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\windows\system32\DRIVERS\smb.sys


 

13:52:58.0498 1464  Smb - ok


 

13:52:58.0560 1464  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\windows\System32\snmptrap.exe


 

13:52:58.0560 1464  SNMPTRAP - ok


 

13:52:58.0592 1464  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\windows\system32\drivers\spldr.sys


 

13:52:58.0592 1464  spldr - ok


 

13:52:58.0638 1464  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\windows\System32\spoolsv.exe


 

13:52:58.0654 1464  Spooler - ok


 

13:52:58.0779 1464  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\windows\system32\sppsvc.exe


 

13:52:58.0794 1464  sppsvc - ok


 

13:52:58.0826 1464  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\windows\system32\sppuinotify.dll


 

13:52:58.0826 1464  sppuinotify - ok


 

13:52:58.0841 1464  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\windows\system32\DRIVERS\srv.sys


 

13:52:58.0841 1464  srv - ok


 

13:52:58.0872 1464  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\windows\system32\DRIVERS\srv2.sys


 

13:52:58.0872 1464  srv2 - ok


 

13:52:58.0888 1464  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\windows\system32\DRIVERS\srvnet.sys


 

13:52:58.0888 1464  srvnet - ok


 

13:52:58.0935 1464  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\windows\System32\ssdpsrv.dll


 

13:52:58.0935 1464  SSDPSRV - ok


 

13:52:58.0935 1464  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\windows\system32\sstpsvc.dll


 

13:52:58.0950 1464  SstpSvc - ok


 

13:52:58.0966 1464  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\windows\system32\drivers\stexstor.sys


 

13:52:58.0966 1464  stexstor - ok


 

13:52:59.0013 1464  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\windows\System32\wiaservc.dll


 

13:52:59.0028 1464  stisvc - ok


 

13:52:59.0044 1464  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\windows\system32\DRIVERS\swenum.sys


 

13:52:59.0044 1464  swenum - ok


 

13:52:59.0075 1464  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\windows\System32\swprv.dll


 

13:52:59.0075 1464  swprv - ok


 

13:52:59.0122 1464  [ F5B46DF59FEAA48A442AED7EEB754D4B ] SynTP           C:\windows\system32\DRIVERS\SynTP.sys


 

13:52:59.0138 1464  SynTP - ok


 

13:52:59.0200 1464  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\windows\system32\sysmain.dll


 

13:52:59.0200 1464  SysMain - ok


 

13:52:59.0231 1464  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll


 

13:52:59.0231 1464  TabletInputService - ok


 

13:52:59.0262 1464  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\windows\System32\tapisrv.dll


 

13:52:59.0262 1464  TapiSrv - ok


 

13:52:59.0294 1464  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\windows\System32\tbssvc.dll


 

13:52:59.0294 1464  TBS - ok


 

13:52:59.0372 1464  [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip           C:\windows\system32\drivers\tcpip.sys


 

13:52:59.0403 1464  Tcpip - ok


 

13:52:59.0481 1464  [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6          C:\windows\system32\DRIVERS\tcpip.sys


 

13:52:59.0496 1464  TCPIP6 - ok


 

13:52:59.0528 1464  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\windows\system32\drivers\tcpipreg.sys


 

13:52:59.0528 1464  tcpipreg - ok


 

13:52:59.0559 1464  [ FD542B661BD22FA69CA789AD0AC58C29 ] tdcmdpst        C:\windows\system32\DRIVERS\tdcmdpst.sys


 

13:52:59.0559 1464  tdcmdpst - ok


 

13:52:59.0590 1464  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\windows\system32\drivers\tdpipe.sys


 

13:52:59.0590 1464  TDPIPE - ok


 

13:52:59.0606 1464  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\windows\system32\drivers\tdtcp.sys


 

13:52:59.0606 1464  TDTCP - ok


 

13:52:59.0621 1464  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\windows\system32\DRIVERS\tdx.sys


 

13:52:59.0621 1464  tdx - ok


 

13:52:59.0621 1464  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\windows\system32\DRIVERS\termdd.sys


 

13:52:59.0621 1464  TermDD - ok


 

13:52:59.0668 1464  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\windows\System32\termsrv.dll


 

13:52:59.0668 1464  TermService - ok


 

13:52:59.0684 1464  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\windows\system32\themeservice.dll


 

13:52:59.0699 1464  Themes - ok


 

13:52:59.0730 1464  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\windows\system32\mmcss.dll


 

13:52:59.0730 1464  THREADORDER - ok


 

13:52:59.0808 1464  [ 83E91963C4452BE6899503CF9EBFD3ED ] TMachInfo       C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe


 

13:52:59.0808 1464  TMachInfo - ok


 

13:52:59.0840 1464  [ 8E2C799D3476EAC32C3BA0DF7CE6AF19 ] TODDSrv         C:\windows\system32\TODDSrv.exe


 

13:52:59.0840 1464  TODDSrv - ok


 

13:52:59.0933 1464  [ CDC97FA5C42B07FB0D4600E17C32F582 ] TosCoSrv        C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe


 

13:52:59.0949 1464  TosCoSrv - ok


 

13:52:59.0996 1464  [ D33D5588576B04FC489DCCC66E98F546 ] TOSHIBA eco Utility Service C:\Program Files\TOSHIBA\TECO\TecoService.exe


 

13:53:00.0011 1464  TOSHIBA eco Utility Service - ok


 

13:53:00.0074 1464  [ EDB4B432DB13EA3D1EB2356310D33263 ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe


 

13:53:00.0074 1464  TOSHIBA HDD SSD Alert Service - ok


 

13:53:00.0105 1464  [ 09FF7B0B1B5C3D225495CB6F5A9B39F8 ] tos_sps64       C:\windows\system32\DRIVERS\tos_sps64.sys


 

13:53:00.0120 1464  tos_sps64 - ok


 

13:53:00.0198 1464  [ D65C6B0C070534336B72005391B6168A ] TPCHSrv         C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe


 

13:53:00.0214 1464  TPCHSrv - ok


 

13:53:00.0261 1464  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\windows\System32\trkwks.dll


 

13:53:00.0261 1464  TrkWks - ok


 

13:53:00.0308 1464  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe


 

13:53:00.0308 1464  TrustedInstaller - ok


 

13:53:00.0339 1464  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\windows\system32\DRIVERS\tssecsrv.sys


 

13:53:00.0354 1464  tssecsrv - ok


 

13:53:00.0370 1464  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\windows\system32\drivers\tsusbflt.sys


 

13:53:00.0370 1464  TsUsbFlt - ok


 

13:53:00.0386 1464  [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD         C:\windows\system32\drivers\TsUsbGD.sys


 

13:53:00.0386 1464  TsUsbGD - ok


 

13:53:00.0432 1464  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\windows\system32\DRIVERS\tunnel.sys


 

13:53:00.0432 1464  tunnel - ok


 

13:53:00.0448 1464  [ 550B567F9364D8F7684C3FB3EA665A72 ] TVALZ           C:\windows\system32\DRIVERS\TVALZ_O.SYS


 

13:53:00.0448 1464  TVALZ - ok


 

13:53:00.0464 1464  [ 9C7191F4B2E49BFF47A6C1144B5923FA ] TVALZFL         C:\windows\system32\DRIVERS\TVALZFL.sys


 

13:53:00.0464 1464  TVALZFL - ok


 

13:53:00.0495 1464  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\windows\system32\drivers\uagp35.sys


 

13:53:00.0495 1464  uagp35 - ok


 

13:53:00.0510 1464  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\windows\system32\DRIVERS\udfs.sys


 

13:53:00.0526 1464  udfs - ok


 

13:53:00.0557 1464  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\windows\system32\UI0Detect.exe


 

13:53:00.0557 1464  UI0Detect - ok


 

13:53:00.0604 1464  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\windows\system32\drivers\uliagpkx.sys


 

13:53:00.0604 1464  uliagpkx - ok


 

13:53:00.0620 1464  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\windows\system32\DRIVERS\umbus.sys


 

13:53:00.0635 1464  umbus - ok


 

13:53:00.0666 1464  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\windows\system32\drivers\umpass.sys


 

13:53:00.0666 1464  UmPass - ok


 

13:53:00.0807 1464  [ 2C16648A12999AE69A9EBF41974B0BA2 ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe


 

13:53:00.0822 1464  UNS - ok


 

13:53:00.0854 1464  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\windows\System32\upnphost.dll


 

13:53:00.0854 1464  upnphost - ok


 

13:53:00.0900 1464  [ AA33FC47ED58C34E6E9261E4F850B7EB ] USBAAPL64       C:\windows\system32\Drivers\usbaapl64.sys


 

13:53:00.0900 1464  USBAAPL64 - ok


 

13:53:00.0932 1464  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\windows\system32\DRIVERS\usbccgp.sys


 

13:53:00.0947 1464  usbccgp - ok


 

13:53:00.0963 1464  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\windows\system32\drivers\usbcir.sys


 

13:53:00.0963 1464  usbcir - ok


 

13:53:00.0978 1464  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\windows\system32\drivers\usbehci.sys


 

13:53:00.0978 1464  usbehci - ok


 

13:53:00.0994 1464  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\windows\system32\DRIVERS\usbhub.sys


 

13:53:01.0010 1464  usbhub - ok


 

13:53:01.0025 1464  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\windows\system32\drivers\usbohci.sys


 

13:53:01.0025 1464  usbohci - ok


 

13:53:01.0056 1464  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\windows\system32\DRIVERS\usbprint.sys


 

13:53:01.0056 1464  usbprint - ok


 

13:53:01.0072 1464  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\windows\system32\DRIVERS\usbscan.sys


 

13:53:01.0072 1464  usbscan - ok


 

13:53:01.0103 1464  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\windows\system32\DRIVERS\USBSTOR.SYS


 

13:53:01.0103 1464  USBSTOR - ok


 

13:53:01.0134 1464  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\windows\system32\drivers\usbuhci.sys


 

13:53:01.0134 1464  usbuhci - ok


 

13:53:01.0166 1464  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\windows\system32\Drivers\usbvideo.sys


 

13:53:01.0166 1464  usbvideo - ok


 

13:53:01.0197 1464  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\windows\System32\uxsms.dll


 

13:53:01.0197 1464  UxSms - ok


 

13:53:01.0212 1464  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\windows\system32\lsass.exe


 

13:53:01.0212 1464  VaultSvc - ok


 

13:53:01.0244 1464  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\windows\system32\drivers\vdrvroot.sys


 

13:53:01.0244 1464  vdrvroot - ok


 

13:53:01.0290 1464  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\windows\System32\vds.exe


 

13:53:01.0306 1464  vds - ok


 

13:53:01.0337 1464  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\windows\system32\DRIVERS\vgapnp.sys


 

13:53:01.0337 1464  vga - ok


 

13:53:01.0353 1464  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\windows\System32\drivers\vga.sys


 

13:53:01.0353 1464  VgaSave - ok


 

13:53:01.0353 1464  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\windows\system32\drivers\vhdmp.sys


 

13:53:01.0353 1464  vhdmp - ok


 

13:53:01.0368 1464  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\windows\system32\drivers\viaide.sys


 

13:53:01.0368 1464  viaide - ok


 

13:53:01.0368 1464  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\windows\system32\drivers\volmgr.sys


 

13:53:01.0368 1464  volmgr - ok


 

13:53:01.0384 1464  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\windows\system32\drivers\volmgrx.sys


 

13:53:01.0384 1464  volmgrx - ok


 

13:53:01.0400 1464  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\windows\system32\drivers\volsnap.sys


 

13:53:01.0400 1464  volsnap - ok


 

13:53:01.0431 1464  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\windows\system32\drivers\vsmraid.sys


 

13:53:01.0446 1464  vsmraid - ok


 

13:53:01.0509 1464  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\windows\system32\vssvc.exe


 

13:53:01.0540 1464  VSS - ok


 

13:53:01.0571 1464  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\windows\system32\DRIVERS\vwifibus.sys


 

13:53:01.0571 1464  vwifibus - ok


 

13:53:01.0587 1464  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\windows\system32\DRIVERS\vwififlt.sys


 

13:53:01.0602 1464  vwififlt - ok


 

13:53:01.0634 1464  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\windows\system32\w32time.dll


 

13:53:01.0649 1464  W32Time - ok


 

13:53:01.0680 1464  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\windows\system32\drivers\wacompen.sys


 

13:53:01.0680 1464  WacomPen - ok


 

13:53:01.0727 1464  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\windows\system32\DRIVERS\wanarp.sys


 

13:53:01.0727 1464  WANARP - ok


 

13:53:01.0743 1464  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\windows\system32\DRIVERS\wanarp.sys


 

13:53:01.0743 1464  Wanarpv6 - ok


 

13:53:01.0805 1464  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\windows\system32\Wat\WatAdminSvc.exe


 

13:53:01.0821 1464  WatAdminSvc - ok


 

13:53:01.0899 1464  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\windows\system32\wbengine.exe


 

13:53:01.0961 1464  wbengine - ok


 

13:53:01.0977 1464  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\windows\System32\wbiosrvc.dll


 

13:53:01.0977 1464  WbioSrvc - ok


 

13:53:01.0992 1464  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\windows\System32\wcncsvc.dll


 

13:53:01.0992 1464  wcncsvc - ok


 

13:53:02.0008 1464  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll


 

13:53:02.0008 1464  WcsPlugInService - ok


 

13:53:02.0024 1464  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\windows\system32\drivers\wd.sys


 

13:53:02.0024 1464  Wd - ok


 

13:53:02.0070 1464  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\windows\system32\drivers\Wdf01000.sys


 

13:53:02.0086 1464  Wdf01000 - ok


 

13:53:02.0117 1464  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\windows\system32\wdi.dll


 

13:53:02.0117 1464  WdiServiceHost - ok


 

13:53:02.0133 1464  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\windows\system32\wdi.dll


 

13:53:02.0133 1464  WdiSystemHost - ok


 

13:53:02.0133 1464  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\windows\System32\webclnt.dll


 

13:53:02.0148 1464  WebClient - ok


 

13:53:02.0164 1464  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\windows\system32\wecsvc.dll


 

13:53:02.0180 1464  Wecsvc - ok


 

13:53:02.0195 1464  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\windows\System32\wercplsupport.dll


 

13:53:02.0195 1464  wercplsupport - ok


 

13:53:02.0211 1464  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\windows\System32\WerSvc.dll


 

13:53:02.0211 1464  WerSvc - ok


 

13:53:02.0258 1464  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\windows\system32\DRIVERS\wfplwf.sys


 

13:53:02.0258 1464  WfpLwf - ok


 

13:53:02.0289 1464  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\windows\system32\drivers\wimmount.sys


 

13:53:02.0289 1464  WIMMount - ok


 

13:53:02.0289 1464  WinHttpAutoProxySvc - ok


 

13:53:02.0367 1464  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\windows\system32\wbem\WMIsvc.dll


 

13:53:02.0367 1464  Winmgmt - ok


 

13:53:02.0445 1464  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\windows\system32\WsmSvc.dll


 

13:53:02.0476 1464  WinRM - ok


 

13:53:02.0554 1464  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\windows\system32\DRIVERS\WinUsb.sys


 

13:53:02.0554 1464  WinUsb - ok


 

13:53:02.0616 1464  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\windows\System32\wlansvc.dll


 

13:53:02.0632 1464  Wlansvc - ok


 

13:53:02.0694 1464  [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe


 

13:53:02.0694 1464  wlcrasvc - ok


 

13:53:02.0804 1464  [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE


 

13:53:02.0819 1464  wlidsvc - ok


 

13:53:02.0850 1464  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\windows\system32\DRIVERS\wmiacpi.sys


 

13:53:02.0850 1464  WmiAcpi - ok


 

13:53:02.0882 1464  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\windows\system32\wbem\WmiApSrv.exe


 

13:53:02.0897 1464  wmiApSrv - ok


 

13:53:02.0913 1464  WMPNetworkSvc - ok


 

13:53:02.0960 1464  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\windows\System32\wpcsvc.dll


 

13:53:02.0975 1464  WPCSvc - ok


 

13:53:02.0991 1464  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\windows\system32\wpdbusenum.dll


 

13:53:03.0006 1464  WPDBusEnum - ok


 

13:53:03.0022 1464  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\windows\system32\drivers\ws2ifsl.sys


 

13:53:03.0022 1464  ws2ifsl - ok


 

13:53:03.0022 1464  WSearch - ok


 

13:53:03.0162 1464  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\windows\system32\wuaueng.dll


 

13:53:03.0194 1464  wuauserv - ok


 

13:53:03.0209 1464  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\windows\system32\drivers\WudfPf.sys


 

13:53:03.0209 1464  WudfPf - ok


 

13:53:03.0240 1464  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\windows\system32\DRIVERS\WUDFRd.sys


 

13:53:03.0240 1464  WUDFRd - ok


 

13:53:03.0287 1464  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\windows\System32\WUDFSvc.dll


 

13:53:03.0287 1464  wudfsvc - ok


 

13:53:03.0318 1464  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\windows\System32\wwansvc.dll


 

13:53:03.0334 1464  WwanSvc - ok


 

13:53:03.0350 1464  ================ Scan global ===============================


 

13:53:03.0381 1464  [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll


 

13:53:03.0412 1464  [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\windows\system32\winsrv.dll


 

13:53:03.0428 1464  [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\windows\system32\winsrv.dll


 

13:53:03.0459 1464  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll


 

13:53:03.0490 1464  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe


 

13:53:03.0506 1464  [Global] - ok


 

13:53:03.0506 1464  ================ Scan MBR ==================================


 

13:53:03.0521 1464  [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR0


 

13:53:03.0880 1464  \Device\Harddisk0\DR0 - ok


 

13:53:03.0880 1464  ================ Scan VBR ==================================


 

13:53:03.0911 1464  [ D100422019B6486EA04EEFEAF0898A22 ] \Device\Harddisk0\DR0\Partition1


 

13:53:03.0911 1464  \Device\Harddisk0\DR0\Partition1 - ok


 

13:53:03.0911 1464  ============================================================


 

13:53:03.0911 1464  Scan finished


 

13:53:03.0911 1464  ============================================================


 

13:53:03.0942 4504  Detected object count: 0


 

13:53:03.0942 4504  Actual detected object count: 0

 

 

 

 

aswMBR  result

 

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-02-09 13:59:04
-----------------------------
13:59:04.322    OS Version: Windows x64 6.1.7601 Service Pack 1
13:59:04.322    Number of processors: 4 586 0x2A07
13:59:04.322    ComputerName: SAMMYG-PC  UserName: Sammy G
13:59:05.617    Initialize success
14:00:54.782    AVAST engine defs: 13020900
14:01:13.533    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
14:01:13.533    Disk 0 Vendor: Hitachi_ JEDO Size: 610480MB BusType: 3
14:01:13.549    Disk 0 MBR read successfully
14:01:13.564    Disk 0 MBR scan
14:01:13.564    Disk 0 Windows VISTA default MBR code
14:01:13.580    Disk 0 Partition 1 80 (A) 27 Hidden NTFS WinRE NTFS         1500 MB offset 2048
14:01:13.611    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS       551185 MB offset 3074048
14:01:13.642    Disk 0 Partition 3 00     17 Hidd HPFS/NTFS NTFS        23225 MB offset 1131900928
14:01:13.674    Disk 0 Partition 4 00     17 Hidd HPFS/NTFS NTFS        34569 MB offset 1179465728
14:01:13.752    Disk 0 scanning C:\windows\system32\drivers
14:01:22.035    Service scanning
14:01:53.424    Modules scanning
14:01:53.440    Disk 0 trace - called modules:
14:01:53.534    ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll
14:01:53.549    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007919060]
14:01:53.549    3 CLASSPNP.SYS[fffff880012bb43f] -> nt!IofCallDriver -> [0xfffffa8005da9550]
14:01:53.549    5 ACPI.sys[fffff88000d697a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8005dac050]
14:01:54.750    AVAST engine scan C:\windows
14:01:58.527    AVAST engine scan C:\windows\system32
14:05:10.876    AVAST engine scan C:\windows\system32\drivers
14:05:21.625    AVAST engine scan C:\Users\Sammy G
14:25:45.416    AVAST engine scan C:\ProgramData
14:28:09.594    Scan finished successfully
14:28:23.603    Disk 0 MBR has been saved successfully to "C:\Users\Sammy G\Documents\MBR.dat"
14:28:23.618    The log file has been saved successfully to "C:\Users\Sammy G\Documents\aswMBR.txt"


 

  • ESET results

C:\Users\Sammy G\AppData\Local\Temp\013cc03d7c16.exe a variant of Win32/Kryptik.ATZP trojan cleaned by deleting - quarantined
C:\Users\Sammy G\AppData\Local\Temp\jar_cache6110949526317983876.tmp multiple threats deleted - quarantined
C:\Users\Sammy G\AppData\Local\Temp\msimg32.dll a variant of Win32/Kryptik.ATZP trojan cleaned by deleting - quarantined
C:\Users\Sammy G\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16\6db4dd50-3198517f probably a variant of Java/Exploit.CVE-2012-1723.EO trojan deleted - quarantined
C:\Users\Sammy G\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\78d31912-41732295 a variant of Win32/Kryptik.ATZP trojan cleaned by deleting - quarantined
C:\Users\Sammy G\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21\7de40895-71f9131d a variant of Java/Exploit.CVE-2012-1723.CF trojan deleted - quarantined
C:\Users\Sammy G\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27\1f5ae9b-47e56058 a variant of Java/TrojanDownloader.Agent.NFB trojan deleted - quarantined
C:\Users\Sammy G\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63\28a804ff-2b84369e Java/TrojanDownloader.OpenStream.NCX trojan deleted - quarantined
C:\Users\Sammy G\Desktop\Hirens.BootCD.15.0\BurnCDCC.exe Win32/Expiro.NAN virus deleted - quarantined
C:\Users\Sammy G\Desktop\Sams Stuff.part1\files\go.exe Win32/Expiro.NAN virus deleted - quarantined
 

 

 


 



#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:32 AM

Posted 09 February 2013 - 04:47 PM

Malwarebytes

--------------------

Please download Malwarebytes Anti-Malware and save it to your desktop.  If you already have it installed launch the program and update the database.

  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.  You can also right click on the link and select Save Link As

Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • Make sure you are connected to the Internet and double-click on the renamed file to install the application.
    For instructions with screenshots, please refer to this Guide.
  • When the installation begins, follow the prompts and do not make any changes to default settings except to uncheck any offer for a free Pro trial version
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.

Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.


===================================================


Farbar's MiniToolBox

--------------------

  • Please download MiniToolBox, save it to your desktop
  • Please close any Firefox browsers you may have open
  • Double click the icon to launch the program
  • Make sure the following options are checked:

    • Flush DNS
    • Report IE Proxy Settings
    • Reset IE Proxy Settings
    • Report FF Proxy Settings
    • Reset FF Proxy Settings
    • List content of Hosts
    • List IP configuration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List Installed Programs
    • List Devices
    • List Users, Partitions and Memory size.
  • Click Go and once the scan is completed a Result.txt Notepad document will open on your desktop
  • Please copy and paste the contents in your reply


===================================================


Farbar's Service Scanner

--------------------

Please download Farbar Service Scanner, save it to your desktop, and run it.

  • Make sure the following options are checked:

    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


===================================================


AdwCleaner by Xplode - Search for Adware

-------------------

  • Please download AdwCleaner by Xplode onto your desktop.
  • Double click on AdwCleaner.exe, select OK, then Run
  • Click on Search
  • A logfile will automatically open after the scan has finished
  • Copy and paste the contents in your reply
  • You can find the logfile at C:\AdwCleaner[R1].txt as well


===================================================


Junkware Removal Tooll by thisisu

-------------------

  • Please download Junkware Removal Tool and save it to your desktop.
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Right-mouse click JRT.exe and select Run as administrator (Windows XP double click the icon)
  • Please allow the program time to run
  • Once completed a Notepad document will open on your desktop
  • Copy and paste the contents in your reply


===================================================


Rkill

-------------------

Please download Rkill by Grinler from one of the 4 links below (if one of them does not work try another...) and save it to your desktop:


  • In order for Rkill to run properly you must disable your anti-malware software.  Please refer to this page if you are not sure how.
  • Double-click on Rkill. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
    • Note:  You may have to run Rkill a few times before it is successful.  You may also have to download Rkill from a different link which will save it as a different file name.
  • A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
  • An Rkill.log will appear.  Please copy and paste the contents in your reply (file also located at c:\rkill.log)
  • Do not reboot your computer after running Rkill as the malware programs will start again.  If your computer reboots, run Rkill again before continuing on to the next step.
  • If nothing happens or if the tool does not run, please let me know in your next reply.


===================================================


Autoruns

--------------------

  • Please download AutoRuns and save it to your desktop
  • Double click the AutoRuns.zip folder
  • Double click autoruns.exe (not autorunsc.exe), select Run, then Run again and allow the information to populate
  • Select File, Save, Desktop (in the left hand pane), then Save filename as Autoruns.txt and change Save as type to  Text(*.txt).
  • Double click on the text file,copy and paste the contents in your reply


===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • Malwarebytes log
  • MiniToolBox log
  • Farbar's Service Scanner log
  • AdwCleaner log
  • Junkware Removal Tool log
  • Rkill log
  • Autoruns log



#5 grenada_chica

grenada_chica
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:12:32 AM

Posted 09 February 2013 - 05:58 PM

HI!

  I am currently running the  Junkware Removal Tooll by thisisu  and i keep getting the following warining: Find string (QGREP) untility has stopped working. What do  i do?

 

 

This is the results of the scans i have done so far........

 


 

Malwarebytes Anti-Malware (Trial) 1.60.1.1000
www.malwarebytes.org


 


 


 

Database version: v2012.03.08.06


 


 


 

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Sammy G :: SAMMYG-PC [administrator]


 


 


 

Protection: Enabled


 


 


 

10/03/2012 5:55:09 PM
mbam-log-2012-03-10 (17-55-09).txt


 


 


 

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 325085
Time elapsed: 1 hour(s), 51 minute(s), 23 second(s)


 


 


 

Memory Processes Detected: 0
(No malicious items detected)


 


 


 

Memory Modules Detected: 0
(No malicious items detected)


 


 


 

Registry Keys Detected: 0
(No malicious items detected)


 


 


 

Registry Values Detected: 0
(No malicious items detected)


 


 


 

Registry Data Items Detected: 0
(No malicious items detected)


 


 


 

Folders Detected: 0
(No malicious items detected)


 


 


 

Files Detected: 0
(No malicious items detected)


 


 


 

(end)


 

 


 

MiniToolBox by Farbar  Version:10-01-2013
Ran by Sammy G (administrator) on 09-02-2013 at 17:14:40
Running from "C:\Users\Sammy G\Desktop"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************


 


 


 

========================= Flush DNS: ===================================


 


 


 

Windows IP Configuration


 


 


 

Successfully flushed the DNS Resolver Cache.


 


 


 

========================= IE Proxy Settings: ==============================


 


 


 

Proxy is not enabled.
No Proxy Server is set.


 


 


 

"Reset IE Proxy Settings": IE Proxy Settings were reset.


 


 


 

========================= FF Proxy Settings: ==============================


 


 


 


"Reset FF Proxy Settings": Firefox Proxy settings were reset.


 


 


 

========================= Hosts content: =================================


 


 


 


 


 

========================= IP Configuration: ================================


 


 


 

Realtek RTL8188CE Wireless LAN 802.11n PCI-E NIC = Wireless Network Connection (Connected)
Realtek PCIe FE Family Controller = Local Area Connection (Media disconnected)


 


 


 


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4


 


 


 

reset
set global icmpredirects=enabled


 


 


 


popd
# End of IPv4 configuration


 


 


 


 


 

Windows IP Configuration


 


 


 

   Host Name . . . . . . . . . . . . : SammyG-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Broadcast
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : cgocable.net


 


 


 

Ethernet adapter Local Area Connection:


 


 


 

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
   Physical Address. . . . . . . . . : 38-60-77-99-51-01
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes


 


 


 

Wireless LAN adapter Wireless Network Connection:


 


 


 

   Connection-specific DNS Suffix  . : cgocable.net
   Description . . . . . . . . . . . : Realtek RTL8188CE Wireless LAN 802.11n PCI-E NIC
   Physical Address. . . . . . . . . : 74-DE-2B-43-A8-6F
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::d9ff:502d:a275:262f%11(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.101(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : February-09-13 1:43:56 PM
   Lease Expires . . . . . . . . . . : February-16-13 1:43:55 PM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 242540075
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-2B-07-F4-74-DE-2B-43-A8-6F
   DNS Servers . . . . . . . . . . . : 192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled


 


 


 

Tunnel adapter 6TO4 Adapter:


 


 


 

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes


 


 


 

Tunnel adapter Teredo Tunneling Pseudo-Interface:


 


 


 

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes


 


 


 

Tunnel adapter Reusable ISATAP Interface {505F9606-6F80-41BF-9F02-4C71BAC5E337}:


 


 


 

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes


 


 


 

Tunnel adapter isatap.{91C3B433-4A37-4E36-BBCC-74F1E7F16491}:


 


 


 

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  UnKnown
Address:  192.168.1.1


 


 


 

Name:    google.com
Addresses:  2607:f8b0:400b:800::100e
   74.125.226.14
   74.125.226.9
   74.125.226.5
   74.125.226.3
   74.125.226.4
   74.125.226.8
   74.125.226.6
   74.125.226.1
   74.125.226.2
   74.125.226.7
   74.125.226.0


 


 


 


Pinging google.com [74.125.226.64] with 32 bytes of data:
Reply from 74.125.226.64: bytes=32 time=15ms TTL=57
Reply from 74.125.226.64: bytes=32 time=16ms TTL=57


 


 


 

Ping statistics for 74.125.226.64:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 15ms, Maximum = 16ms, Average = 15ms
Server:  UnKnown
Address:  192.168.1.1


 


 


 

Name:    yahoo.com
Addresses:  98.138.253.109
   206.190.36.45
   98.139.183.24


 


 


 


Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=118ms TTL=46
Reply from 206.190.36.45: bytes=32 time=145ms TTL=46


 


 


 

Ping statistics for 206.190.36.45:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 118ms, Maximum = 145ms, Average = 131ms


 


 


 

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128


 


 


 

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 12...38 60 77 99 51 01 ......Realtek PCIe FE Family Controller
 11...74 de 2b 43 a8 6f ......Realtek RTL8188CE Wireless LAN 802.11n PCI-E NIC
  1...........................Software Loopback Interface 1
 14...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
 13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
 17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
===========================================================================


 


 


 

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1    192.168.1.101     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link     192.168.1.101    281
    192.168.1.101  255.255.255.255         On-link     192.168.1.101    281
    192.168.1.255  255.255.255.255         On-link     192.168.1.101    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.1.101    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.1.101    281
===========================================================================
Persistent Routes:
  None


 


 


 

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 11    281 fe80::/64                On-link
 11    281 fe80::d9ff:502d:a275:262f/128
                                    On-link
  1    306 ff00::/8                 On-link
 11    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================


 


 


 

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)


 


 


 

========================= Event log errors: ===============================


 


 


 

Application errors:
==================
Error: (02/09/2013 02:28:59 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


 


 


 

Error: (02/09/2013 02:28:51 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


 


 


 

Error: (02/09/2013 01:45:33 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


 


 


 

Error: (02/09/2013 05:01:15 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


 


 


 

Error: (02/08/2013 10:42:38 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


 


 


 

Error: (02/08/2013 10:38:28 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


 


 


 

Error: (02/08/2013 09:45:42 PM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 8.0.7601.17514 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.


 


 


 

Process ID: 1244


 


 


 

Start Time: 01ce0661be5b1a19


 


 


 

Termination Time: 0


 


 


 

Application Path: C:\Program Files (x86)\Internet Explorer\iexplore.exe


 


 


 

Report Id:


 


 


 

Error: (02/08/2013 08:07:58 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


 


 


 

Error: (02/08/2013 07:35:17 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


 


 


 

Error: (02/08/2013 07:12:54 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


 


 


 


System errors:
=============
Error: (02/09/2013 01:46:18 PM) (Source: Service Control Manager) (User: )
Description: The McAfee Personal Firewall Service service depends the following service: MpsSvc. This service might not be installed.


 


 


 

Error: (02/09/2013 01:46:18 PM) (Source: Service Control Manager) (User: )
Description: The McAfee Personal Firewall Service service depends the following service: MpsSvc. This service might not be installed.


 


 


 

Error: (02/09/2013 01:44:15 PM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891


 


 


 

Error: (02/09/2013 01:44:15 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891


 


 


 

Error: (02/09/2013 01:43:52 PM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.


 


 


 

Error: (02/09/2013 01:43:52 PM) (Source: Service Control Manager) (User: )
Description: The McAfee Personal Firewall Service service depends the following service: MpsSvc. This service might not be installed.


 


 


 

Error: (02/09/2013 01:43:51 PM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891


 


 


 

Error: (02/09/2013 01:43:51 PM) (Source: Service Control Manager) (User: )
Description: The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.


 


 


 

Error: (02/09/2013 01:43:50 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060


 


 


 

Error: (02/09/2013 00:10:53 PM) (Source: Service Control Manager) (User: )
Description: The McAfee Personal Firewall Service service depends the following service: MpsSvc. This service might not be installed.


 


 


 


Microsoft Office Sessions:
=========================
Error: (02/09/2013 02:28:59 PM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Sammy G\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QU33RSTP\esetsmartinstaller_enu[1].exe


 


 


 

Error: (02/09/2013 02:28:51 PM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Sammy G\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QU33RSTP\esetsmartinstaller_enu[1].exe


 


 


 

Error: (02/09/2013 01:45:33 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


 


 


 

Error: (02/09/2013 05:01:15 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


 


 


 

Error: (02/08/2013 10:42:38 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


 


 


 

Error: (02/08/2013 10:38:28 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


 


 


 

Error: (02/08/2013 09:45:42 PM) (Source: Application Hang)(User: )
Description: iexplore.exe8.0.7601.17514124401ce0661be5b1a190C:\Program Files (x86)\Internet Explorer\iexplore.exe


 


 


 

Error: (02/08/2013 08:07:58 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


 


 


 

Error: (02/08/2013 07:35:17 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


 


 


 

Error: (02/08/2013 07:12:54 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


 


 


 


CodeIntegrity Errors:
===================================
  Date: 2013-02-08 13:18:43.978
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\McAfee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.


 


 


 

  Date: 2013-02-08 13:18:43.822
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\McAfee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.


 


 


 

  Date: 2013-02-08 13:18:43.728
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\McAfee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.


 


 


 

  Date: 2013-02-08 13:18:43.666
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\McAfee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.


 


 


 

  Date: 2013-02-08 13:12:41.256
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\McAfee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.


 


 


 

  Date: 2013-02-08 13:12:41.256
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\McAfee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.


 


 


 

  Date: 2013-02-08 13:12:41.256
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\McAfee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.


 


 


 

  Date: 2013-02-08 13:12:41.240
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\McAfee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.


 


 


 

  Date: 2013-02-08 11:38:16.399
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\McAfee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.


 


 


 

  Date: 2013-02-08 11:38:16.399
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\McAfee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.


 


 


 


=========================== Installed Programs ============================


 


 


 

64 Bit HP CIO Components Installer (Version: 7.2.8)
Adobe Digital Editions 2.0 (Version: 2.0)
Adobe Flash Player 11 ActiveX (Version: 11.5.502.149)
Adobe Flash Player 11 Plugin (Version: 11.5.502.146)
Adobe Reader X (10.1.4) (Version: 10.1.4)
AIO_Scan (Version: 130.0.365.000)
Apple Application Support (Version: 2.3.2)
Apple Mobile Device Support (Version: 6.0.1.3)
Apple Software Update (Version: 2.1.3.127)
BlackBerry Desktop Software 7.1 (Version: 7.1.0.33)
BlackBerry Device Software Updater (Version: 7.1.0.34)
Bonjour (Version: 3.0.0.10)
BufferChm (Version: 130.0.331.000)
C4200 (Version: 130.0.365.000)
c4200_Help (Version: 82.0.210.000)
Canon MOV Decoder (Version: 1.7.0.6)
Canon MOV Encoder (Version: 1.5.0.3)
Canon MovieEdit Task for ZoomBrowser EX (Version: 3.6.0.5)
Canon Utilities ZoomBrowser EX (Version: 6.6.0.23)
Canon ZoomBrowser EX Memory Card Utility (Version: 1.4.0.4)
Copy (Version: 130.0.428.000)
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Destinations (Version: 130.0.0.0)
DeviceDiscovery (Version: 130.0.465.000)
DocProc (Version: 13.0.0.0)
ESET Online Scanner v3
GoToAssist Corporate (Version: 10.4.0.896)
GPBaseService2 (Version: 130.0.371.000)
HP Customer Participation Program 13.0 (Version: 13.0)
HP Imaging Device Functions 13.0 (Version: 13.0)
HP Photosmart C4200 All-In-One Driver Software 13.0 Rel. 1 (Version: 13.0)
HP Photosmart Essential 3.5 (Version: 3.5)
HP Smart Web Printing 4.51 (Version: 4.51)
HP Solution Center 13.0 (Version: 13.0)
HP Update (Version: 5.003.001.001)
HPPhotoGadget (Version: 130.0.282.000)
HPPhotoSmartDiscLabelContent1 (Version: 2.04.0000)
HPPhotosmartEssential (Version: 2.04.0000)
HPProductAssistant (Version: 130.0.371.000)
HPSSupply (Version: 130.0.371.000)
Intel® Management Engine Components (Version: 7.0.0.1144)
Intel® Processor Graphics (Version: 8.15.10.2353)
Intel® Rapid Storage Technology (Version: 10.1.2.1004)
iTunes (Version: 11.0.1.12)
Java Auto Updater (Version: 2.0.2.1)
Java™ 6 Update 20 (Version: 6.0.200)
Junk Mail filter update (Version: 15.4.3502.0922)
LG United Mobile Driver (Version: 3.7.2.0)
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
MarketResearch (Version: 130.0.374.000)
McAfee AntiVirus Plus (Version: 11.6.477)
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Home and Student 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft PowerPoint Viewer (Version: 14.0.6029.1000)
Microsoft Primary Interoperability Assemblies 2005 (Version: 9.0.21022)
Microsoft Publisher 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Mozilla Firefox 18.0.2 (x86 en-US) (Version: 18.0.2)
Mozilla Maintenance Service (Version: 18.0.2)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
OCR Software by I.R.I.S. 13.0 (Version: 13.0)
OverDrive Media Console (Version: 3.2.20)
PlayReady PC Runtime amd64 (Version: 1.3.0)
PS_AIO_Software_min (Version: 130.0.365.000)
Realtek Ethernet Controller Driver (Version: 7.38.113.2011)
Realtek High Definition Audio Driver (Version: 6.0.1.6289)
Realtek USB 2.0 Card Reader (Version: 6.1.7600.30126)
Realtek WLAN Driver (Version: 2.00.0013)
Scan (Version: 13.0.0.0)
Shared C Run-time for x64 (Version: 10.0.0)
Shop for HP Supplies (Version: 13.0)
Skype Toolbars (Version: 1.0.4051)
Skype™ 5.10 (Version: 5.10.116)
SmartWebPrinting (Version: 130.0.457.000)
SolutionCenter (Version: 130.0.373.000)
Status (Version: 130.0.469.000)
SUPERAntiSpyware (Version: 5.6.1014)
Synaptics Pointing Device Driver (Version: 15.2.11.1)
Toolbox (Version: 130.0.648.000)
TOSHIBA Assist (Version: 4.02.02)
TOSHIBA Bulletin Board (Version: 2.0.16.64)
TOSHIBA ConfigFree (Version: 8.0.37)
TOSHIBA Disc Creator (Version: 2.1.0.6 for x64)
TOSHIBA eco Utility (Version: 1.2.23.64)
TOSHIBA Face Recognition (Version: 3.1.8.64)
TOSHIBA Hardware Setup (Version: 2.00.0010)
TOSHIBA HDD/SSD Alert (Version: 3.1.64.7)
TOSHIBA Media Controller (Version: 1.0.86.2)
TOSHIBA Media Controller Plug-in (Version: 1.0.6.1)
TOSHIBA PC Health Monitor (Version: 1.7.4.64)
TOSHIBA Recovery Media Creator (Version: 2.1.3.5109)
TOSHIBA ReelTime (Version: 1.7.17.64)
TOSHIBA Resolution+ Plug-in for Windows Media Player (Version: 1.1.0)
TOSHIBA Service Station (Version: 2.1.52)
TOSHIBA Sleep Utility (Version: 1.4.2.7)
TOSHIBA Speech System Applications (Version: 1.00.2518)
TOSHIBA Speech System SR Engine(U.S.) Version1.0
TOSHIBA Speech System TTS Engine(U.S.) Version1.0
TOSHIBA Supervisor Password (Version: 2.00.0006)
TOSHIBA Value Added Package (Version: 1.5.4.64)
TOSHIBA Web Camera Application (Version: 2.0.0.13)
TOSHIBA Wireless LAN Indicator (Version: 1.0.2)
TrayApp (Version: 130.0.422.000)
UnloadSupport (Version: 11.0.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
WebReg (Version: 130.0.132.017)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Family Safety (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3502.0922)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)


 


 


 

========================= Devices: ================================


 


 


 


========================= Memory info: ===================================


 


 


 

Percentage of memory in use: 43%
Total physical RAM: 6055.98 MB
Available physical RAM: 3420.75 MB
Total Pagefile: 12110.14 MB
Available Pagefile: 8885.72 MB
Total Virtual: 4095.88 MB
Available Virtual: 3976.09 MB


 


 


 

========================= Partitions: =====================================


 


 


 

1 Drive c: (S3A9375D004) (Fixed) (Total:538.27 GB) (Free:442.35 GB) NTFS


 


 


 

========================= Users: ========================================


 


 


 

User accounts for \\SAMMYG-PC


 


 


 

Administrator            Guest                    Sammy G                 


 


 


 


**** End of log ****


 

 


 

 


 

 


 

Farbar Service Scanner Version: 30-01-2013
Ran by Sammy G (administrator) on 09-02-2013 at 17:18:45
Running from "C:\Users\Sammy G\Desktop"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************


 


 


 

Internet Services:
============


 


 


 

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error. Google IP is offline
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


 


 


 


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.


 


 


 

MpsSvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.


 


 


 

bfe Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.


 


 


 


Firewall Disabled Policy:
==================


 


 


 


System Restore:
============


 


 


 

System Restore Disabled Policy:
========================


 


 


 


Action Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.


 


 


 


Windows Update:
============


 


 


 

Windows Autoupdate Disabled Policy:
============================


 


 


 


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.


 


 


 


Other Services:
==============
Checking Start type of SharedAccess: ATTENTION!=====> Unable to retrieve start type of SharedAccess. The value does not exist.
Checking ImagePath of SharedAccess: ATTENTION!=====> Unable to retrieve ImagePath of SharedAccess. The value does not exist.
Checking ServiceDll of SharedAccess: ATTENTION!=====> Unable to retrieve ServiceDll of SharedAccess. The value does not exist.
Checking Start type of iphlpsvc: ATTENTION!=====> Unable to open iphlpsvc registry key. The service key does not exist.
Checking ImagePath of iphlpsvc: ATTENTION!=====> Unable to open iphlpsvc registry key. The service key does not exist.
Checking ServiceDll of iphlpsvc: ATTENTION!=====> Unable to open iphlpsvc registry key. The service key does not exist.


 


 


 


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


 


 


 


**** End of log ****


 

 


 

 


 

 


 

# AdwCleaner v2.111 - Logfile created 02/09/2013 at 17:22:44
# Updated 05/02/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Sammy G - SAMMYG-PC
# Boot Mode : Normal
# Running from : C:\Users\Sammy G\Desktop\AdwCleaner.exe
# Option [Search]


 


 


 


***** [Services] *****


 


 


 


***** [Files / Folders] *****


 


 


 

File Found : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml
File Found : C:\user.js
Folder Found : C:\Program Files (x86)\Free Offers from Freeze.com
Folder Found : C:\ProgramData\Babylon
Folder Found : C:\ProgramData\Browser Manager
Folder Found : C:\ProgramData\InstallMate
Folder Found : C:\ProgramData\Partner
Folder Found : C:\ProgramData\Premium
Folder Found : C:\ProgramData\Tarma Installer
Folder Found : C:\Users\Sammy G\AppData\LocalLow\incredibar.com
Folder Found : C:\Users\Sammy G\AppData\Roaming\Babylon
Folder Found : C:\Users\SAMMYG~1\AppData\Local\Temp\incredibar.com


 


 


 

***** [Registry] *****


 


 


 

Key Found : HKCU\Software\AppDataLow\Software\Crossrider
Key Found : HKCU\Software\AppDataLow\Software\PriceGong
Key Found : HKCU\Software\Cr_Installer
Key Found : HKCU\Software\IM
Key Found : HKCU\Software\ImInstaller
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1631550F-191D-4826-B069-D9439253D926}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5AB7104A-B71F-49AD-9154-F7F8806AE848}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E38FA08E-F56A-4169-ABF5-5C71E3C153A1}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1631550F-191D-4826-B069-D9439253D926}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5AB7104A-B71F-49AD-9154-F7F8806AE848}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E38FA08E-F56A-4169-ABF5-5C71E3C153A1}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Found : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Found : HKLM\SOFTWARE\Classes\Incredibar.IncredibarHlpr
Key Found : HKLM\SOFTWARE\Classes\Incredibar.IncredibarHlpr.1
Key Found : HKLM\Software\Freeze.com
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_install_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_install_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Software
Key Found : HKU\S-1-5-21-1562469077-2510594212-1280797877-1001\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Value Found : HKCU\Software\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{E38FA08E-F56A-4169-ABF5-5C71E3C153A1}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]


 


 


 

***** [Internet Browsers] *****


 


 


 

-\\ Internet Explorer v8.0.7601.17514


 


 


 

[OK] Registry is clean.


 


 


 

-\\ Mozilla Firefox v18.0.2 (en-US)


 


 


 

File : C:\Users\Sammy G\AppData\Roaming\Mozilla\Firefox\Profiles\d07qnkg1.default\prefs.js


 


 


 

[OK] File is clean.


 


 


 

*************************


 


 


 

AdwCleaner[R1].txt - [4601 octets] - [09/02/2013 17:22:44]


 


 


 

########## EOF - C:\AdwCleaner[R1].txt - [4661 octets] ##########


 

 


 

 


 



#6 grenada_chica

grenada_chica
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:12:32 AM

Posted 09 February 2013 - 07:14 PM

In regards to the problem I am having with the  Junkware Removal Tool by thisisu

 

It seems  like the problem happens when on the checking registry section of Junkware Removal Tooll by thisisu. I have been running this particular program for over an hour and the warning keeps appearing and it hasn't moved beyond the checking registry section.



#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:32 AM

Posted 09 February 2013 - 08:13 PM

Move to RKILL and Autoruns



#8 grenada_chica

grenada_chica
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:12:32 AM

Posted 09 February 2013 - 08:32 PM

Here are the results from the RKILL AND Autoruns

 

 

Rkill 2.4.6 by Lawrence Abrams (Grinler)


 

http://www.bleepingcomputer.com/


 

Copyright 2008-2013 BleepingComputer.com


 

 

More Information about Rkill can be found at this link:


 

 http://www.bleepingcomputer.com/forums/topic308364.html


 

 


 

Program started at: 02/09/2013 08:18:30 PM in x64 mode.


 

Windows Version: Windows 7 Home Premium Service Pack 1


 

 


 

Checking for Windows services to stop:


 

 


 

 * No malware services found to stop.


 

 


 

Checking for processes to terminate:


 

 


 

 * No malware processes found to kill.


 

 


 

Checking Registry for malware related settings:


 

 


 

 * No issues found in the Registry.


 

 


 

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.


 

 


 

Performing miscellaneous checks:


 

 


 

 * No issues found.


 

 


 

Checking Windows Service Integrity:


 

 


 

 * Windows Firewall Authorization Driver (mpsdrv) is not Running.


 

   Startup Type set to: Manual


 

 


 

 * BFE [Missing Service]


 

 * iphlpsvc [Missing Service]


 

 * MpsSvc [Missing Service]


 

 * WinDefend [Missing Service]


 

 * wscsvc [Missing Service]


 

 


 

 * SharedAccess [Missing ImagePath]


 

 


 

Searching for Missing Digital Signatures:


 

 


 

 * No issues found.


 

 


 

Checking HOSTS File:


 

 


 

 * No issues found.


 

 


 

Program finished at: 02/09/2013 08:18:35 PM


 

Execution time: 0 hours(s), 0 minute(s), and 5 seconds(s)

 

 

 

 

AUTORUNS

"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" ""
+ "rdpclip" "" "" "File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "HotKeysCmds" "" "" "File not found: DOWS\SYSTEM32\HKCMD.EXE"
+ "HSON" "" "" "File not found: .EXE"
+ "IgfxTray" "" "" "File not found: DOWS\SYSTEM32\IGFXTRAY.EXE"
+ "Persistence" "" "" "File not found: DOWS\SYSTEM32\IGFXPERS.EXE"
+ "RtHDVBg" "HD Audio Background Process" "Realtek Semiconductor" "c:\program files\realtek\audio\hda\ravbg64.exe"
+ "RtHDVCpl" "Realtek HD Audio Manager" "Realtek Semiconductor" "c:\program files\realtek\audio\hda\ravcpl64.exe"
+ "SynTPEnh" "" "" "File not found: H.EXE"
+ "TCrdMain" "" "" "File not found: .EXE"
+ "Teco" "TOSHIBA eco Utility" "TOSHIBA Corporation" "c:\program files\toshiba\teco\teco.exe"
+ "TosNC" "" "" "File not found: CCORE.EXE"
+ "TosReelTimeMonitor" "" "" "File not found: ITOR.EXE"
+ "TosSENotify" "" "TOSHIBA Corporation" "c:\program files\toshiba\toshiba hdd ssd alert\toswaitsrv.exe"
+ "TosVolRegulator" " Toshiba Volume Regulator" "TOSHIBA Corporation" "c:\program files\toshiba\tosvolregulator\tosvolregulator.exe"
+ "TosWaitSrv" "" "TOSHIBA Corporation" "c:\program files\toshiba\tphm\toswaitsrv.exe"
+ "TPwrMain" "" "" "File not found: .EXE"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "APSDaemon" "Apple Push" "Apple Inc." "c:\program files (x86)\common files\apple\apple application support\apsdaemon.exe"
+ "HP Software Update" "hpwuSchd Application" "Hewlett-Packard" "c:\program files (x86)\hp\hp software update\hpwuschd2.exe"
+ "hpqSRMon" "HpqSRmon" "Hewlett-Packard" "c:\program files (x86)\hp\digital imaging\bin\hpqsrmon.exe"
+ "iTunesHelper" "iTunesHelper" "Apple Inc." "c:\program files (x86)\itunes\ituneshelper.exe"
+ "mcui_exe" "McAfee Security Center" "McAfee, Inc." "c:\program files\mcafee.com\agent\mcagent.exe"
+ "RIMBBLaunchAgent.exe" "Launch Agent Service" "Research In Motion Limited" "c:\program files (x86)\common files\research in motion\usb drivers\rimbblaunchagent.exe"
+ "ToshibaServiceStation" "TOSHIBA Service Station" "TOSHIBA Corporation" "c:\program files (x86)\toshiba\toshiba service station\toshibaservicestation.exe"
+ "TSleepSrv" "TOSHIBA Sleep Service" "TOSHIBA" "c:\program files (x86)\toshiba\toshiba sleep utility\tsleepsrv.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce" "" "" ""
+ "Malwarebytes Anti-Malware" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamgui.exe"
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "HP Digital Imaging Monitor.lnk" "HP Digital Imaging Monitor" "Hewlett-Packard Co." "c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe"
"C:\Users\Sammy G\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "OneNote 2010 Screen Clipper and Launcher.lnk" "Microsoft OneNote Quick Launcher" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\onenotem.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "RIMDeviceManager" "" "" "File not found: C:\Program Files (x86)\Common Files\Research In Motion\RIMDeviceManager\RIMDeviceManager.exe" -RunServer"
+ "Sidebar" "Windows Desktop Gadgets" "Microsoft Corporation" "c:\program files\windows sidebar\sidebar.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "application/x-mfe-ipt" "McAfee MSC IE plugin DLL" "McAfee, Inc." "c:\program files\mcafee\msc\mcsniepl64.dll"
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office14\msoxmlmf.dll"
"HKLM\SOFTWARE\Classes\Protocols\Handler" "" "" ""
+ "dssrequest" "SiteAdvisor" "McAfee, Inc." "c:\program files (x86)\mcafee\siteadvisor\x64\mcieplg.dll"
+ "sacore" "SiteAdvisor" "McAfee, Inc." "c:\program files (x86)\mcafee\siteadvisor\x64\mcieplg.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "McCtxMenuFrmWrk" "McAfee ContextMenu Framework" "McAfee, Inc." "c:\program files\mcafee\msc\mcctxmenufrmwrk.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
+ "igfxcui" "igfxpph Module" "Intel Corporation" "c:\windows\system32\igfxpph.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "McCtxMenuFrmWrk" "McAfee ContextMenu Framework" "McAfee, Inc." "c:\program files\mcafee\msc\mcctxmenufrmwrk.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "McAfee SiteAdvisor BHO" "SiteAdvisor" "McAfee, Inc." "c:\program files (x86)\mcafee\siteadvisor\x64\mcieplg.dll"
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files\microsoft office\office14\urlredir.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "HP Print Enhancer" "HP Smart Web Printing add-on for Internet Explorer" "Hewlett-Packard Co." "c:\program files (x86)\hp\digital imaging\smart web printing\hpswp_printenhancer.dll"
+ "HP Smart BHO Class" "HP Smart Web Printing add-on for Internet Explorer" "Hewlett-Packard Co." "c:\program files (x86)\hp\digital imaging\smart web printing\hpswp_bho.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files (x86)\java\jre6\bin\jp2ssv.dll"
+ "McAfee SiteAdvisor BHO" "SiteAdvisor" "McAfee, Inc." "c:\program files (x86)\mcafee\siteadvisor\mcieplg.dll"
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\urlredir.dll"
+ "Skype add-on for Internet Explorer" "Skype add-on for IE" "Skype Technologies S.A." "c:\program files (x86)\skype\toolbars\internet explorer\skypeieplugin.dll"
+ "TOSHIBA Media Controller Plug-in" "TOSHIBA Media Controller Plug-in " "<TOSHIBA>" "c:\program files (x86)\toshiba\toshiba media controller plug-in\toshibamediacontrollerie.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll"
+ "Windows Live Messenger Companion Helper" "Windows Live Messenger Companion Core" "Microsoft Corporation" "c:\program files (x86)\windows live\companion\companioncore.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "McAfee SiteAdvisor" "SiteAdvisor" "McAfee, Inc." "c:\program files (x86)\mcafee\siteadvisor\x64\mcieplg.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "McAfee SiteAdvisor" "SiteAdvisor" "McAfee, Inc." "c:\program files (x86)\mcafee\siteadvisor\mcieplg.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "Add to TOSHIBA Bulletin Board" "TODO: <ファイルの説明>" "TODO: <会社名>" "c:\program files\toshiba\bulletinboard\tosbbcom64.dll"
+ "OneNote Lin&ked Notes" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office14\onbttnielinkednotes.dll"
+ "Se&nd to OneNote" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office14\onbttnie.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "&Blog This in Windows Live Writer" "Windows Live Writer Blog This Extension" "Microsoft Corporation" "c:\program files (x86)\windows live\writer\writerbrowserextension.dll"
+ "Add to TOSHIBA Bulletin Board" "TODO: <ファイルの説明>" "TODO: <会社名>" "c:\program files\toshiba\bulletinboard\tosbbcom.dll"
+ "Messenger Companion (Ctrl+Shift+C)" "Windows Live Messenger Companion Core" "Microsoft Corporation" "c:\program files (x86)\windows live\companion\companioncore.dll"
+ "OneNote Lin&ked Notes" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\onbttnielinkednotes.dll"
+ "Se&nd to OneNote" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\onbttnie.dll"
+ "Show or hide HP Smart Web Printing" "HP Smart Web Printing add-on for Internet Explorer" "Hewlett-Packard Co." "c:\program files (x86)\hp\digital imaging\smart web printing\hpswp_bho.dll"
+ "Skype add-on for Internet Explorer" "Skype add-on for IE" "Skype Technologies S.A." "c:\program files (x86)\skype\toolbars\internet explorer\skypeieplugin.dll"
"Task Scheduler" "" "" ""
+ "\Apple\AppleSoftwareUpdate" "Apple Software Update" "Apple Inc." "c:\program files (x86)\apple software update\softwareupdate.exe"
+ "\ConfigFree Startup Programs" "ConfigFree Task Tray Menu" "TOSHIBA CORPORATION" "c:\program files (x86)\toshiba\configfree\ndstray.exe"
+ "\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan" "" "" "File not found: c:\Program Files\Microsoft Security Client\MpCmdRun.exe"
+ "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task" "Windows Live Social Object Extractor Engine" "Microsoft Corporation" "c:\program files (x86)\windows live\soxe\wlsoxe.dll"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
+ "\SidebarExecute" "Windows Desktop Gadgets" "Microsoft Corporation" "c:\program files\windows sidebar\sidebar.exe"
+ "\{07DA806E-5C95-4CB0-9052-D0A3630B8F11}" "Internet Explorer" "Microsoft Corporation" "c:\program files (x86)\internet explorer\iexplore.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files (x86)\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "Bonjour Service" "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence." "Apple Inc." "c:\program files\bonjour\mdnsresponder.exe"
+ "cfWiMAXService" "This is WiMAX Control Service of ConfigFree. Please do not stop this servce when you are using ConfigFree with Intel WiMAX device." "TOSHIBA CORPORATION" "c:\program files (x86)\toshiba\configfree\cfiwmxsvcs64.exe"
+ "ConfigFree Service" "You can't stop this service, if you want to keep ConfigFree functionality fine." "TOSHIBA CORPORATION" "c:\program files (x86)\toshiba\configfree\cfsvcs.exe"
+ "cvhsvc" "Client Virtualization Handler Service (unlocalized description)" "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\virtualization handler\cvhsvc.exe"
+ "fsssvc" "This service enables Family Safety on the computer. If this service is not running, Family Safety will not work." "Microsoft Corporation" "c:\program files (x86)\windows live\family safety\fsssvc.exe"
+ "GoToAssist" "Citrix GoToAssist provides remote help to this PC." "Citrix Online, a division of Citrix Systems, Inc." "c:\program files (x86)\citrix\gotoassist\896\g2aservice.exe"
+ "hpqcxs08" "HP CUE Context Manager Objects" "Hewlett-Packard Co." "c:\program files (x86)\hp\digital imaging\bin\hpqcxs08.dll"
+ "hpqddsvc" "This service detects and monitors CUE devices on the system." "Hewlett-Packard Co." "c:\program files (x86)\hp\digital imaging\bin\hpqddsvc.dll"
+ "IDriverT" "Provides support for the Running Object Table for InstallShield Drivers" "Macrovision Corporation" "c:\program files (x86)\common files\installshield\driver\1150\intel 32\idrivert.exe"
+ "iPod Service" "iPod hardware management services" "Apple Inc." "c:\program files\ipod\bin\ipodservice.exe"
+ "LMS" "Allows applications to access the local Intel® Management and Security Application using its locally-available selected network interfaces." "Intel Corporation" "c:\program files (x86)\intel\intel® management engine components\lms\lms.exe"
+ "McAfee SiteAdvisor Service" "McAfee SiteAdvisor Service" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McMPFSvc" "Helps protect your computer from intrusion and let's you manage your computer's trusted programs." "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "mcmscsvc" "McAfee Services" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McNaiAnn" "McAfee VirusScan Announcer" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McNASvc" "McAfee Network Agent" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McODS" "McAfee Scanner" "McAfee, Inc." "c:\program files\mcafee\virusscan\mcods.exe"
+ "McProxy" "McAfee Proxy Service" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McShield" "McAfee OnAccess Scanner" "McAfee, Inc." "c:\program files\common files\mcafee\systemcore\mcshield.exe"
+ "mfefire" "Provides firewall services to McAfee products" "McAfee, Inc." "c:\program files\common files\mcafee\systemcore\mfefire.exe"
+ "mfevtp" "Provides validation trust protection services" "McAfee, Inc." "c:\windows\system32\mfevtps.exe"
+ "MozillaMaintenance" "The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled." "Mozilla Foundation" "c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe"
+ "Net Driver HPZ12" "Dot4Net Module" "Hewlett-Packard" "c:\windows\system32\hpzinw12.dll"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"
+ "osppsvc" "Office Software Protection Platform Service (unlocalized description)" "Microsoft Corporation" "c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe"
+ "Pml Driver HPZ12" "PmlDrv Module" "Hewlett-Packard" "c:\windows\system32\hpzipm12.dll"
+ "sftlist" "Streams and manages applications." "Microsoft Corporation" "c:\program files (x86)\microsoft application virtualization client\sftlist.exe"
+ "sftvsa" "Monitors global service events and launches virtual services." "Microsoft Corporation" "c:\program files (x86)\microsoft application virtualization client\sftvsa.exe"
+ "SkypeUpdate" "Enables the detection, download and installation of updates for Skype." "Skype Technologies" "c:\program files (x86)\skype\updater\updater.exe"
+ "TMachInfo" "TOSHIBA Machine Information Service" "TOSHIBA Corporation" "c:\program files (x86)\toshiba\toshiba service station\tmachinfo.exe"
+ "TODDSrv" "TDCSrv Application" "TOSHIBA Corporation" "c:\windows\system32\toddsrv.exe"
+ "TosCoSrv" "TOSHIBA Power Saver manages power saving settings supported by TOSHIBA. These settings will not work if the service has stopped." "TOSHIBA Corporation" "c:\program files\toshiba\power saver\toscosrv.exe"
+ "TOSHIBA eco Utility Service" "TOSHIBA eco Utility Service" "TOSHIBA Corporation" "c:\program files\toshiba\teco\tecoservice.exe"
+ "TOSHIBA HDD SSD Alert Service" "TOSHIBA HDD SSD Alert" "TOSHIBA Corporation" "c:\program files\toshiba\toshiba hdd ssd alert\tossmartsrv.exe"
+ "TPCHSrv" "TOSHIBA PC Health Monitor" "TOSHIBA Corporation" "c:\program files\toshiba\tphm\tpchsrv.exe"
+ "UNS" "Intel® Management and Security Application User Notification Service - Updates the Windows Event Log with notifications of pre defined events received from the local Intel® Management and Security Application Device." "Intel Corporation" "c:\program files (x86)\intel\intel® management engine components\uns\uns.exe"
+ "wlidsvc" "Enables Windows Live ID authentication." "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "Andbus" "LGE Android Platform Driver" "LG Electronics Inc." "c:\windows\system32\drivers\lgandbus64.sys"
+ "AndDiag" "LGE Android Platform USB Serial Port" "LG Electronics Inc." "c:\windows\system32\drivers\lganddiag64.sys"
+ "AndGps" "LGE Android Platform USB GPS NMEA Port" "LG Electronics Inc." "c:\windows\system32\drivers\lgandgps64.sys"
+ "ANDModem" "LGE Android Platform Mobile Support" "LG Electronics Inc." "c:\windows\system32\drivers\lgandmodem64.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "aswMBR" "" "" "File not found: C:\Users\SAMMYG~1\AppData\Local\Temp\aswMBR.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "cfwids" "McAfee Personal Firewall IDS Plugin" "McAfee, Inc." "c:\windows\system32\drivers\cfwids.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HipShieldK" "McAfee HIP IPS Driver" "McAfee, Inc." "c:\windows\system32\drivers\hipshieldk.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStor" "Intel Rapid Storage Technology driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastor.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "igfx" "Intel Graphics Kernel Mode Driver" "Intel Corporation" "c:\windows\system32\drivers\igdkmd64.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "IntcAzAudAddService" "Realtek® High Definition Audio Function Driver" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtkvhd64.sys"
+ "IntcDAud" "Intel® Display Audio Driver" "Intel® Corporation" "c:\windows\system32\drivers\intcdaud.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "MEIx64" "Intel® Management Engine Interface" "Intel Corporation" "c:\windows\system32\drivers\hecix64.sys"
+ "mfeapfk" "Access Protection Filter Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfeapfk.sys"
+ "mfeavfk" "Anti-Virus File System Filter Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfeavfk.sys"
+ "mfeavfk01" "" "" "File not found: C:\windows\System32\Drivers\mfeavfk01.sys"
+ "mfefirek" "McAfee Core Firewall Engine Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfefirek.sys"
+ "mfehidk" "McAfee Link Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfehidk.sys"
+ "mferkdet" "McAfee Code Analysis Driver" "McAfee, Inc." "c:\windows\system32\drivers\mferkdet.sys"
+ "mfewfpk" "Anti-Virus Mini-Firewall Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfewfpk.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "PGEffect" "TOSHIBA Universal Camera Filter Driver" "TOSHIBA Corporation" "c:\windows\system32\drivers\pgeffect.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "RimUsb" "BlackBerry Device Driver" "Research In Motion Limited" "c:\windows\system32\drivers\rimusb_amd64.sys"
+ "RimVSerPort" "RIM Virtual Serial Driver" "Research in Motion Ltd" "c:\windows\system32\drivers\rimserial_amd64.sys"
+ "RSUSBSTOR" "Realtek USB Mass Storage Driver for 2K/XP/Vista/Win7" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtsustor.sys"
+ "RTL8167" "Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver                " "Realtek                                            " "c:\windows\system32\drivers\rt64win7.sys"
+ "RTL8192Ce" "Realtek RTL81892CE NDIS Driverr" "Realtek Semiconductor Corporation                           " "c:\windows\system32\drivers\rtl8192ce.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "stexstor" "Promise  SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "SynTP" "Synaptics Touchpad Driver" "Synaptics Incorporated" "c:\windows\system32\drivers\syntp.sys"
+ "tdcmdpst" "TOSHIBA ODD Writing Driver for x64." "TOSHIBA Corporation." "c:\windows\system32\drivers\tdcmdpst.sys"
+ "tos_sps64" "tos_sps64" "TOSHIBA Corporation" "c:\windows\system32\drivers\tos_sps64.sys"
+ "TVALZ" "TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver" "TOSHIBA Corporation" "c:\windows\system32\drivers\tvalz_o.sys"
+ "TVALZFL" "TOSHIBA TVALZ Filter Driver for x64" "TOSHIBA Corporation" "c:\windows\system32\drivers\tvalzfl.sys"
+ "USBAAPL64" "Apple Mobile Device USB Driver" "Apple, Inc." "c:\windows\system32\drivers\usbaapl64.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "MS PR Source Filter" "PlayReady DirectShow Source Filter DLL" "Microsoft Corporation" "c:\program files\playready\prsource.dll"
+ "PlayReady DMO Wrapper" "PlayReady DirectShow DMO Wrapper Filter DLL" "Microsoft Corporation" "c:\program files\playready\prdmowrapper.dll"
+ "SFVCaptureFilter" "SmartFaceVCapt" "TOSHIBA Corporation" "c:\program files\toshiba\smartfacev\smartfacevcapt.dll"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "Canon DES Resizer SaveMode" "CanonDESResizer" "Canon Inc." "c:\program files (x86)\canon\mdl30\canondesresizer.ax"
+ "Canon H.264 Decode Filter" "Canon H.264 Mov Filter" "Canon Inc." "c:\program files (x86)\canon\canon mov decoder170\canonh264filter.ax"
+ "Canon H.264 Encoder 1.5.0" "Canon H264 Encoder Filter" "CANON INC." "c:\program files (x86)\canon\canon mov encoder\canonh264encoder.ax"
+ "Canon Image Rotation Filter" "Canon Image Rotation Filter " "Canon Inc." "c:\program files (x86)\canon\mdp\canonrotatefilter.dll"
+ "Canon MDP Motion-JPEG Decoder" "Canon MDP Motion-JPEG Decoder Filter" "Canon Inc." "c:\program files (x86)\canon\mdp\canonmdpmjpegdecoder.ax"
+ "Canon Motion-JPEG Decoder" "Canon Motion-JPEG Decoder Filter" "Canon Inc." "c:\program files (x86)\canon\mdl30\canonmjpegdecoder.ax"
+ "Canon Motion-JPEG Encoder" "Motion-JPEG Encoder Filter" "Canon Inc." "c:\program files (x86)\canon\mdl30\canonmjpegencoder.ax"
+ "Canon Mov File Parser Filter" "Canon H.264 Mov Filter" "Canon Inc." "c:\program files (x86)\canon\canon mov decoder170\canonh264filter.ax"
+ "Canon Mov File Parser Filter2" "Canon H.264 Mov Filter" "Canon Inc." "c:\program files (x86)\canon\canon mov decoder170\canonh264filter.ax"
+ "Canon Resizer" "CanonResizer" "Canon Inc." "c:\program files (x86)\canon\mdl30\canonresizer.ax"
+ "Canon Text Source Filter" "Canon Text Source Filter" "Canon Inc." "c:\program files (x86)\canon\mdl30\canontextsourcefilter.ax"
+ "Canon WAV Dest" "CanonWavDest" "Canon Inc." "c:\program files (x86)\canon\mdl30\canonwavdest.ax"
+ "Canon-Actual-Data-Length-Setter" "CanonActualDataLengthSetter" "Canon Inc." "c:\program files (x86)\canon\mdl30\canonactualdatalengthsetter.ax"
+ "Capture File Writer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "Image Effects" "TimeStam Dynamic Link Library" "TOSHIBA CORPORATION." "c:\program files (x86)\toshiba\toshiba web camera application\pgtimefilter.dll"
+ "MainConcept AAC Decoder" "AAC audio decoder filter" "MainConcept GmbH" "c:\program files (x86)\research in motion\blackberry desktop\codecs\mc_dec_aac_ds.ax"
+ "MainConcept AMR Decoder" "AMR Decoder DirectShow Filter" "MainConcept GmbH" "c:\program files (x86)\research in motion\blackberry desktop\codecs\mc_dec_amr_ds.ax"
+ "MainConcept Audio Converter" "Audio Converter DirectShow Filter" "MainConcept GmbH" "c:\program files (x86)\research in motion\blackberry desktop\codecs\mc_trans_audio_converter_ds.ax"
+ "MainConcept Audio Resampler" "Audio Resampler Direct Show Filter" "MainConcept GmbH" "c:\program files (x86)\research in motion\blackberry desktop\codecs\mc_trans_audio_samplerate_ds.ax"
+ "MainConcept AVC/H.264 Video Decoder" "AVC/H.264 Decoder DirectShow Filter" "MainConcept GmbH" "c:\program files (x86)\research in motion\blackberry desktop\codecs\mc_dec_avc_ds.ax"
+ "MainConcept Color Space Converter" "Color Space Converter DirectShow Filter" "MainConcept GmbH" "c:\program files (x86)\research in motion\blackberry desktop\codecs\mc_trans_video_colorspace_ds.ax"
+ "MainConcept Frame Rate Converter" "Frame Rate Converter DS Filter" "MainConcept GmbH" "c:\program files (x86)\research in motion\blackberry desktop\codecs\mc_trans_video_framerate_ds.ax"
+ "MainConcept ImageScaler" "ImageScaler DS Filter" "MainConcept GmbH" "c:\program files (x86)\research in motion\blackberry desktop\codecs\mc_trans_video_imagescaler_ds.ax"
+ "MainConcept Layer II Audio Decoder" "Layer II Audio Decoder" "MainConcept GmbH" "c:\program files (x86)\research in motion\blackberry desktop\codecs\mc_dec_mpa_ds.ax"
+ "MainConcept MP4 Demultiplexer" "MP4 Demultiplexer Direct Show Filter" "MainConcept GmbH" "c:\program files (x86)\research in motion\blackberry desktop\codecs\mc_demux_mp4_ds.ax"
+ "MainConcept MPEG Demultiplexer" "MPEG-1/2 Demultiplexer" "MainConcept GmbH" "c:\program files (x86)\research in motion\blackberry desktop\codecs\mc_demux_mp2_ds.ax"
+ "MainConcept MPEG-2 Video Decoder" "MPEG-2 Video Decoder" "MainConcept GmbH" "c:\program files (x86)\research in motion\blackberry desktop\codecs\mc_dec_mp2v_ds.ax"
+ "MainConcept MPEG-4 Video Decoder" "MPEG-4 Video Decoder Direct Show Filter" "MainConcept GmbH" "c:\program files (x86)\research in motion\blackberry desktop\codecs\mc_dec_mp4v_ds.ax"
+ "MainConcept Sink Filter" "Sink DS Filter" "MainConcept GmbH" "c:\program files (x86)\research in motion\blackberry desktop\codecs\mc_render_fileindex_ds.ax"
+ "MainConcept Stream Parser" "MPEG-1/2 Demultiplexer" "MainConcept GmbH" "c:\program files (x86)\research in motion\blackberry desktop\codecs\mc_demux_mp2_ds.ax"
+ "psWav Dest" "Canon Utilities Support Library" "Canon Inc." "c:\program files (x86)\canon\zoombrowser ex mcu\pswavdes.ax"
+ "Record Queue" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "TOSHIBA Progress Monitor" "TOSHIBA Progress Monitor" "TOSHIBA Corporation" "c:\program files (x86)\toshiba\toshiba disc creator\tprogmon.ax"
+ "TOSHIBA WAV Converter" "TOSHIBA Wav Converter" "TOSHIBA Corporation" "c:\program files (x86)\toshiba\toshiba disc creator\twavconv.ax"
+ "WM VIH2 Fix" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT DV Extract Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" "" "" ""
+ "SmartFaceVCP" "SmartFaceVCP" "TOSHIBA Corporation" "c:\program files\toshiba\smartfacev\smartfacevcp.dll"
+ "tosWirelessLANIndicatorCP" "Credential Provider Dll for TOSHIBA Wireless LAN Indicator" "TOSHIBA CORPORATION" "c:\windows\system32\toswirelesslanindicatorcp.dll"
+ "WLIDCredentialProvider" "Microsoft® Windows Live ID Credential Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "GoToAssist" "Citrix Online GoToAssist Corporate" "Citrix Online, a division of Citrix Systems, Inc." "c:\program files (x86)\citrix\gotoassist\896\g2awinlogon_x64.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files (x86)\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "PCL hpz3lw71" "LanguageMonitor" "Hewlett-Packard Corporation" "c:\windows\system32\hpz3lw71.dll"
"C:\Users\Sammy G\AppData\Local\Microsoft\Windows Sidebar\Settings.ini" "" "" ""
+ "Calendar" "Browse the days of the calendar." "Microsoft Corporation" "C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\en-us\Gadget.xml"
+ "Weather" "See what the weather looks like around the world." "Microsoft Corporation" "C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-us\Gadget.xml"
 



#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:32 AM

Posted 09 February 2013 - 08:39 PM

Launch Adware cleaner and select DELETE,post the new log

 

Run the services repair tool

http://kb.eset.com/library/ESET/KB%20Team%20Only/Malware/ServicesRepair.exe

Run Farbar service scanner again and post the new log


Edited by narenxp, 09 February 2013 - 08:40 PM.


#10 grenada_chica

grenada_chica
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:12:32 AM

Posted 09 February 2013 - 09:14 PM

# AdwCleaner v2.111 - Logfile created 02/09/2013 at 20:48:24


 

# Updated 05/02/2013 by Xplode


 

# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)


 

# User : Sammy G - SAMMYG-PC


 

# Boot Mode : Normal


 

# Running from : C:\Users\Sammy G\Desktop\AdwCleaner.exe


 

# Option [Delete]


 

 


 

 


 

***** [Services] *****


 

 


 

 


 

***** [Files / Folders] *****


 

 


 

File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml


 

File Deleted : C:\user.js


 

Folder Deleted : C:\Users\SAMMYG~1\AppData\Local\Temp\incredibar.com


 

 


 

***** [Registry] *****


 

 


 

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1631550F-191D-4826-B069-D9439253D926}


 

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5AB7104A-B71F-49AD-9154-F7F8806AE848}


 

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}


 

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}


 

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E38FA08E-F56A-4169-ABF5-5C71E3C153A1}


 

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9639E4A-801B-4843-AEE3-03D9DA199E77}


 

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}


 

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1631550F-191D-4826-B069-D9439253D926}


 

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5AB7104A-B71F-49AD-9154-F7F8806AE848}


 

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}


 

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}


 

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E38FA08E-F56A-4169-ABF5-5C71E3C153A1}


 

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9639E4A-801B-4843-AEE3-03D9DA199E77}


 

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}


 

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}


 

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}


 

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}


 

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}


 

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}


 

Key Deleted : HKLM\SOFTWARE\Software


 

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]


 

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{E38FA08E-F56A-4169-ABF5-5C71E3C153A1}]


 

Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]


 

 


 

***** [Internet Browsers] *****


 

 


 

-\\ Internet Explorer v8.0.7601.17514


 

 


 

[OK] Registry is clean.


 

 


 

-\\ Mozilla Firefox v18.0.2 (en-US)


 

 


 

File : C:\Users\Sammy G\AppData\Roaming\Mozilla\Firefox\Profiles\d07qnkg1.default\prefs.js


 

 


 

[OK] File is clean.


 

 


 

*************************


 

 


 

AdwCleaner[R1].txt - [4726 octets] - [09/02/2013 17:22:44]


 

AdwCleaner[R2].txt - [3579 octets] - [09/02/2013 20:46:00]


 

AdwCleaner[S1].txt - [323 octets] - [09/02/2013 20:47:52]


 

AdwCleaner[S2].txt - [3472 octets] - [09/02/2013 20:48:24]


 

 


 

########## EOF - C:\AdwCleaner[S2].txt - [3532 octets] ##########

 

 

Farbar Service Scanner Version: 30-01-2013
Ran by Sammy G (administrator) on 09-02-2013 at 21:11:49
Running from "C:\Users\Sammy G\Desktop"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************


 

Internet Services:
============


 

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error. Google IP is offline
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


 


Windows Firewall:
=============


 

Firewall Disabled Policy:
==================


 


System Restore:
============


 

System Restore Disabled Policy:
========================


 


Action Center:
============


 

Windows Update:
============


 

Windows Autoupdate Disabled Policy:
============================


 


Windows Defender:
==============


 

Other Services:
==============


 


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


 


**** End of log ****



#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:32 AM

Posted 09 February 2013 - 09:22 PM

That looks good

Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

XP- http://support.microsoft.com/kb/310405

Vista & windows 7- http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing :)
 



#12 grenada_chica

grenada_chica
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:12:32 AM

Posted 09 February 2013 - 10:07 PM

Thank you so much for your help! I am very grateful!

 

One last question....do i just delete all the programs I used to scan my computer off my laptop( rkill ,FSS,adwCleaner ,etc)?



#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:32 AM

Posted 09 February 2013 - 10:26 PM

You're welcome :)..Remove them except for malwarebytes






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users