Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Default tab - Search Results, LLC


  • Please log in to reply
15 replies to this topic

#1 Grid

Grid

  • Validating
  • 71 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:23 PM

Posted 02 March 2013 - 06:11 AM

  I've recently been noticing odd, tacky looking ads on sites I go to regularly that were never their before. I looked under My Control panel > Programs to see if any new unwanted programs had surfaced. Sure enough their is a new one that refuses to be uninstalled.


It's under the name: Default tab

By publisher: Search Results, LLC

 

  When I try uninstalling it, this message pops up: "Please close Chrome before uninstalling Default Tab"

 

 Also, when I open up a new tab off of Google now, a fake imitation Google page opens up in its place. All of my bookmarks are still their though.

 

The day I think this got onto my computer, I got a notification from my McAfee antivirus saying a Trojan Horse had been detected and blocked.

 

  Any assistance in removing it would be much appreciated.


Edited by Grid, 02 March 2013 - 06:35 AM.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:23 AM

Posted 02 March 2013 - 06:43 AM

  • Please download TDSSKiller from here and save it to your Desktop
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters




  • Check Loaded Modules  and Detect TDLFS file systemDo not check Verify file digital signatures (even though it is checked in the example)
  • If you are asked to reboot because an "Extended Monitoring Driver is required" please click Reboot now




  • Click Start Scan and allow the scan process to run

  • If threats are detected select Skip for all of them unless I instruct you otherwise
  • Click Continue




  • Click Reboot computer
  • Please post the contents of  TDSSKiller.[Version]_[Date]_[Time]_log.txt found in your root directory (typically c:\)in your reply


===================================================


aswMBR

--------------------

  • Download aswMBR and save it to your desktop.
  • Please disable your real time protection of any Antivirus, Antispyware or Antimalware programs temporarily. They will interfere and may cause unexpected results.
  • If you need help to disable your protection programs see here and here.
  • Double click the aswMBR.exe file to run it. Please allow when you are asked to download AVAST antivirus engine defs.
  • Wait until the AV update is done, then click on the Scan button to start. The program will launch a scan.



  • When done, you will see Scan finished successfully. Please click on Save log and save the file to your desktop.



  • Please post the contents of the log in your next reply.

NOTE:  aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.


===================================================


ESET Online Scanner

--------------------

I'd like us to scan your machine with ESET OnlineScan  This process may may take several hours, that is normal

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the   button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the icon on your desktop.

  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:

    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Copy and paste the information in your next reply.   Note:  If no malware was found you will not get a log.
  • Click the Back button.
  • Click the Finish button.


===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • TDSSKiller log
  • aswMBR log
  • ESET results


 



#3 Grid

Grid
  • Topic Starter

  • Validating
  • 71 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:23 PM

Posted 02 March 2013 - 04:27 PM

 Thank you BC, trying it now-



#4 Grid

Grid
  • Topic Starter

  • Validating
  • 71 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:23 PM

Posted 02 March 2013 - 04:50 PM

  The scan with the TDDSkiller found nothing at all. Moving onto the aswMBR now

 

 

 

 

11:50:40.0847 3788  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
11:50:41.0476 3788  ============================================================
11:50:41.0476 3788  Current date / time: 2013/03/02 11:50:41.0476
11:50:41.0477 3788  SystemInfo:
11:50:41.0477 3788  
11:50:41.0477 3788  OS Version: 6.1.7601 ServicePack: 1.0
11:50:41.0477 3788  Product type: Workstation
11:50:41.0477 3788  ComputerName: ANTHONY-PC
11:50:41.0477 3788  UserName: Anthony
11:50:41.0478 3788  Windows directory: C:\Windows
11:50:41.0478 3788  System windows directory: C:\Windows
11:50:41.0478 3788  Running under WOW64
11:50:41.0478 3788  Processor architecture: Intel x64
11:50:41.0478 3788  Number of processors: 2
11:50:41.0478 3788  Page size: 0x1000
11:50:41.0478 3788  Boot type: Normal boot
11:50:41.0478 3788  ============================================================
11:50:42.0311 3788  BG loaded
11:50:42.0699 3788  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:50:42.0706 3788  ============================================================
11:50:42.0706 3788  \Device\Harddisk0\DR0:
11:50:42.0706 3788  MBR partitions:
11:50:42.0707 3788  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
11:50:42.0707 3788  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x23CEA800
11:50:42.0707 3788  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x23D1D000, BlocksNum 0x1711000
11:50:42.0707 3788  ============================================================
11:50:42.0744 3788  C: <-> \Device\Harddisk0\DR0\Partition2
11:50:42.0793 3788  D: <-> \Device\Harddisk0\DR0\Partition3
11:50:42.0793 3788  ============================================================
11:50:42.0793 3788  Initialize success
11:50:42.0793 3788  ============================================================
11:50:44.0321 3084  ============================================================
11:50:44.0321 3084  Scan started
11:50:44.0321 3084  Mode: Manual; 
11:50:44.0321 3084  ============================================================
11:50:44.0877 3084  ================ Scan system memory ========================
11:50:44.0877 3084  System memory - ok
11:50:44.0878 3084  ================ Scan services =============================
11:50:45.0035 3084  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
11:50:45.0039 3084  1394ohci - ok
11:50:45.0089 3084  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
11:50:45.0094 3084  ACPI - ok
11:50:45.0120 3084  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
11:50:45.0121 3084  AcpiPmi - ok
11:50:45.0164 3084  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
11:50:45.0170 3084  adp94xx - ok
11:50:45.0185 3084  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
11:50:45.0191 3084  adpahci - ok
11:50:45.0213 3084  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
11:50:45.0216 3084  adpu320 - ok
11:50:45.0249 3084  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
11:50:45.0252 3084  AeLookupSvc - ok
11:50:45.0312 3084  [ 3AC22A3DFA8A050E35F0E3CD99D0CDF2 ] AERTFilters     C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE
11:50:45.0314 3084  AERTFilters - ok
11:50:45.0366 3084  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
11:50:45.0373 3084  AFD - ok
11:50:45.0417 3084  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
11:50:45.0419 3084  agp440 - ok
11:50:45.0439 3084  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
11:50:45.0442 3084  ALG - ok
11:50:45.0463 3084  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
11:50:45.0464 3084  aliide - ok
11:50:45.0484 3084  [ FC07CEAF07E33344628C4415FAAE3469 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
11:50:45.0487 3084  AMD External Events Utility - ok
11:50:45.0495 3084  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
11:50:45.0497 3084  amdide - ok
11:50:45.0540 3084  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
11:50:45.0541 3084  AmdK8 - ok
11:50:45.0550 3084  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
11:50:45.0552 3084  AmdPPM - ok
11:50:45.0582 3084  [ F747497A0EE5498F79B207F215B3D2D8 ] amdsata         C:\Windows\system32\DRIVERS\amdsata.sys
11:50:45.0584 3084  amdsata - ok
11:50:45.0603 3084  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
11:50:45.0606 3084  amdsbs - ok
11:50:45.0614 3084  [ 2946D695E158615BAAA16248E63C7ADB ] amdxata         C:\Windows\system32\DRIVERS\amdxata.sys
11:50:45.0616 3084  amdxata - ok
11:50:45.0657 3084  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
11:50:45.0659 3084  AppID - ok
11:50:45.0695 3084  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
11:50:45.0697 3084  AppIDSvc - ok
11:50:45.0737 3084  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
11:50:45.0739 3084  Appinfo - ok
11:50:45.0840 3084  [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
11:50:45.0842 3084  Apple Mobile Device - ok
11:50:45.0880 3084  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
11:50:45.0882 3084  arc - ok
11:50:45.0893 3084  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
11:50:45.0895 3084  arcsas - ok
11:50:45.0921 3084  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
11:50:45.0922 3084  AsyncMac - ok
11:50:45.0954 3084  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
11:50:45.0955 3084  atapi - ok
11:50:46.0010 3084  [ E0FABC10635C670BD7D89FD214A405D7 ] athr            C:\Windows\system32\DRIVERS\athrx.sys
11:50:46.0025 3084  athr - ok
11:50:46.0161 3084  [ 80793852021864A9ED344843EEBA5FDB ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
11:50:46.0217 3084  atikmdag - ok
11:50:46.0247 3084  [ 7C5D273E29DCC5505469B299C6F29163 ] AtiPcie         C:\Windows\system32\DRIVERS\AtiPcie.sys
11:50:46.0248 3084  AtiPcie - ok
11:50:46.0310 3084  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:50:46.0318 3084  AudioEndpointBuilder - ok
11:50:46.0344 3084  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
11:50:46.0352 3084  AudioSrv - ok
11:50:46.0411 3084  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
11:50:46.0413 3084  AxInstSV - ok
11:50:46.0460 3084  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
11:50:46.0466 3084  b06bdrv - ok
11:50:46.0497 3084  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
11:50:46.0501 3084  b57nd60a - ok
11:50:46.0533 3084  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
11:50:46.0535 3084  BDESVC - ok
11:50:46.0545 3084  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
11:50:46.0546 3084  Beep - ok
11:50:46.0597 3084  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
11:50:46.0605 3084  BFE - ok
11:50:46.0653 3084  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
11:50:46.0664 3084  BITS - ok
11:50:46.0683 3084  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
11:50:46.0685 3084  blbdrive - ok
11:50:46.0734 3084  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
11:50:46.0740 3084  Bonjour Service - ok
11:50:46.0779 3084  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
11:50:46.0782 3084  bowser - ok
11:50:46.0814 3084  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
11:50:46.0815 3084  BrFiltLo - ok
11:50:46.0823 3084  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
11:50:46.0824 3084  BrFiltUp - ok
11:50:46.0847 3084  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
11:50:46.0850 3084  Browser - ok
11:50:46.0873 3084  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
11:50:46.0877 3084  Brserid - ok
11:50:46.0886 3084  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
11:50:46.0888 3084  BrSerWdm - ok
11:50:46.0897 3084  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
11:50:46.0898 3084  BrUsbMdm - ok
11:50:46.0909 3084  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
11:50:46.0911 3084  BrUsbSer - ok
11:50:46.0928 3084  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
11:50:46.0930 3084  BTHMODEM - ok
11:50:46.0964 3084  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
11:50:46.0967 3084  bthserv - ok
11:50:46.0983 3084  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
11:50:46.0985 3084  cdfs - ok
11:50:47.0022 3084  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\drivers\cdrom.sys
11:50:47.0024 3084  cdrom - ok
11:50:47.0077 3084  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
11:50:47.0079 3084  CertPropSvc - ok
11:50:47.0139 3084  [ A73276435F75025DA6E67B2470E1FE16 ] cfwids          C:\Windows\system32\drivers\cfwids.sys
11:50:47.0141 3084  cfwids - ok
11:50:47.0174 3084  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
11:50:47.0176 3084  circlass - ok
11:50:47.0205 3084  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
11:50:47.0210 3084  CLFS - ok
11:50:47.0269 3084  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:50:47.0271 3084  clr_optimization_v2.0.50727_32 - ok
11:50:47.0308 3084  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:50:47.0310 3084  clr_optimization_v2.0.50727_64 - ok
11:50:47.0479 3084  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:50:47.0482 3084  clr_optimization_v4.0.30319_32 - ok
11:50:47.0587 3084  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:50:47.0590 3084  clr_optimization_v4.0.30319_64 - ok
11:50:47.0622 3084  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
11:50:47.0623 3084  CmBatt - ok
11:50:47.0646 3084  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
11:50:47.0647 3084  cmdide - ok
11:50:47.0691 3084  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
11:50:47.0697 3084  CNG - ok
11:50:47.0721 3084  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
11:50:47.0723 3084  Compbatt - ok
11:50:47.0748 3084  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
11:50:47.0749 3084  CompositeBus - ok
11:50:47.0760 3084  COMSysApp - ok
11:50:47.0773 3084  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
11:50:47.0775 3084  crcdisk - ok
11:50:47.0810 3084  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
11:50:47.0813 3084  CryptSvc - ok
11:50:47.0861 3084  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
11:50:47.0870 3084  DcomLaunch - ok
11:50:47.0974 3084  [ 2D7C1661961CE19085B6A968B1B293D4 ] DefaultTabSearch C:\Program Files (x86)\DefaultTab\DefaultTabSearch.exe
11:50:47.0980 3084  DefaultTabSearch - ok
11:50:48.0090 3084  [ 34AE0DFA3EE3B5B9975042D87332D0B7 ] DefaultTabUpdate C:\Users\Anthony\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe
11:50:48.0092 3084  DefaultTabUpdate - ok
11:50:48.0138 3084  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
11:50:48.0143 3084  defragsvc - ok
11:50:48.0186 3084  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
11:50:48.0188 3084  DfsC - ok
11:50:48.0235 3084  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
11:50:48.0240 3084  Dhcp - ok
11:50:48.0276 3084  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
11:50:48.0277 3084  discache - ok
11:50:48.0298 3084  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
11:50:48.0300 3084  Disk - ok
11:50:48.0329 3084  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
11:50:48.0333 3084  Dnscache - ok
11:50:48.0389 3084  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
11:50:48.0394 3084  dot3svc - ok
11:50:48.0433 3084  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
11:50:48.0436 3084  DPS - ok
11:50:48.0465 3084  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
11:50:48.0466 3084  drmkaud - ok
11:50:48.0530 3084  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
11:50:48.0540 3084  DXGKrnl - ok
11:50:48.0568 3084  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
11:50:48.0571 3084  EapHost - ok
11:50:48.0644 3084  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
11:50:48.0675 3084  ebdrv - ok
11:50:48.0704 3084  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
11:50:48.0707 3084  EFS - ok
11:50:48.0773 3084  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
11:50:48.0780 3084  ehRecvr - ok
11:50:48.0816 3084  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
11:50:48.0819 3084  ehSched - ok
11:50:48.0849 3084  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
11:50:48.0856 3084  elxstor - ok
11:50:48.0869 3084  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
11:50:48.0870 3084  ErrDev - ok
11:50:48.0919 3084  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
11:50:48.0925 3084  EventSystem - ok
11:50:48.0947 3084  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
11:50:48.0951 3084  exfat - ok
11:50:48.0961 3084  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
11:50:48.0965 3084  fastfat - ok
11:50:49.0029 3084  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
11:50:49.0037 3084  Fax - ok
11:50:49.0058 3084  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
11:50:49.0060 3084  fdc - ok
11:50:49.0077 3084  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
11:50:49.0079 3084  fdPHost - ok
11:50:49.0086 3084  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
11:50:49.0089 3084  FDResPub - ok
11:50:49.0098 3084  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
11:50:49.0101 3084  FileInfo - ok
11:50:49.0110 3084  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
11:50:49.0112 3084  Filetrace - ok
11:50:49.0129 3084  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
11:50:49.0130 3084  flpydisk - ok
11:50:49.0160 3084  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
11:50:49.0164 3084  FltMgr - ok
11:50:49.0227 3084  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
11:50:49.0240 3084  FontCache - ok
11:50:49.0310 3084  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:50:49.0312 3084  FontCache3.0.0.0 - ok
11:50:49.0332 3084  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
11:50:49.0334 3084  FsDepends - ok
11:50:49.0368 3084  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
11:50:49.0369 3084  Fs_Rec - ok
11:50:49.0441 3084  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
11:50:49.0445 3084  fvevol - ok
11:50:49.0466 3084  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
11:50:49.0468 3084  gagp30kx - ok
11:50:49.0527 3084  [ C44D560E441F091EA3B72F778EC60DE2 ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
11:50:49.0531 3084  GameConsoleService - ok
11:50:49.0563 3084  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
11:50:49.0564 3084  GEARAspiWDM - ok
11:50:49.0620 3084  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
11:50:49.0629 3084  gpsvc - ok
11:50:49.0674 3084  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:50:49.0676 3084  gupdate - ok
11:50:49.0696 3084  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:50:49.0699 3084  gupdatem - ok
11:50:49.0734 3084  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
11:50:49.0735 3084  hcw85cir - ok
11:50:49.0785 3084  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
11:50:49.0787 3084  HDAudBus - ok
11:50:49.0796 3084  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
11:50:49.0798 3084  HidBatt - ok
11:50:49.0810 3084  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
11:50:49.0812 3084  HidBth - ok
11:50:49.0832 3084  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
11:50:49.0834 3084  HidIr - ok
11:50:49.0857 3084  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
11:50:49.0860 3084  hidserv - ok
11:50:49.0880 3084  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
11:50:49.0882 3084  HidUsb - ok
11:50:49.0936 3084  [ A894FB2CAE6A29F5D9C8EDA47B074623 ] HipShieldK      C:\Windows\system32\drivers\HipShieldK.sys
11:50:49.0939 3084  HipShieldK - ok
11:50:49.0971 3084  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
11:50:49.0974 3084  hkmsvc - ok
11:50:50.0009 3084  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
11:50:50.0013 3084  HomeGroupListener - ok
11:50:50.0057 3084  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
11:50:50.0062 3084  HomeGroupProvider - ok
11:50:50.0123 3084  [ 0141816A095A3F5A83FFA5B4A47B8023 ] HP Health Check Service C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
11:50:50.0125 3084  HP Health Check Service - ok
11:50:50.0179 3084  [ FDF273A845F1FFCCEADF363AAF47582F ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
11:50:50.0183 3084  hpqwmiex - ok
11:50:50.0220 3084  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
11:50:50.0221 3084  HpSAMD - ok
11:50:50.0289 3084  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
11:50:50.0298 3084  HTTP - ok
11:50:50.0346 3084  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
11:50:50.0348 3084  hwpolicy - ok
11:50:50.0393 3084  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
11:50:50.0395 3084  i8042prt - ok
11:50:50.0437 3084  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
11:50:50.0443 3084  iaStorV - ok
11:50:50.0510 3084  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:50:50.0519 3084  idsvc - ok
11:50:50.0560 3084  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
11:50:50.0561 3084  iirsp - ok
11:50:50.0623 3084  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
11:50:50.0633 3084  IKEEXT - ok
11:50:50.0702 3084  [ BC64B75E8E0A0B8982AB773483164E72 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
11:50:50.0720 3084  IntcAzAudAddService - ok
11:50:50.0742 3084  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
11:50:50.0743 3084  intelide - ok
11:50:50.0761 3084  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
11:50:50.0763 3084  intelppm - ok
11:50:50.0789 3084  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
11:50:50.0792 3084  IPBusEnum - ok
11:50:50.0831 3084  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:50:50.0833 3084  IpFilterDriver - ok
11:50:50.0902 3084  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
11:50:50.0910 3084  iphlpsvc - ok
11:50:50.0937 3084  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
11:50:50.0938 3084  IPMIDRV - ok
11:50:50.0981 3084  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
11:50:50.0983 3084  IPNAT - ok
11:50:51.0034 3084  [ 4EFFC8FF6D349E971E94B1C670C0C66A ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
11:50:51.0043 3084  iPod Service - ok
11:50:51.0064 3084  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
11:50:51.0066 3084  IRENUM - ok
11:50:51.0084 3084  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
11:50:51.0086 3084  isapnp - ok
11:50:51.0121 3084  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
11:50:51.0125 3084  iScsiPrt - ok
11:50:51.0166 3084  [ 41E6C1F0F85F6F75E53A56DD6BF809AB ] JMCR            C:\Windows\system32\DRIVERS\jmcr.sys
11:50:51.0169 3084  JMCR - ok
11:50:51.0190 3084  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
11:50:51.0192 3084  kbdclass - ok
11:50:51.0218 3084  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
11:50:51.0219 3084  kbdhid - ok
11:50:51.0246 3084  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
11:50:51.0249 3084  KeyIso - ok
11:50:51.0291 3084  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
11:50:51.0294 3084  KSecDD - ok
11:50:51.0316 3084  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
11:50:51.0318 3084  KSecPkg - ok
11:50:51.0352 3084  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
11:50:51.0354 3084  ksthunk - ok
11:50:51.0376 3084  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
11:50:51.0382 3084  KtmRm - ok
11:50:51.0445 3084  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
11:50:51.0450 3084  LanmanServer - ok
11:50:51.0496 3084  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:50:51.0501 3084  LanmanWorkstation - ok
11:50:51.0561 3084  [ 108333981C841EB0FF198AA5DFCF3D3B ] LightScribeService c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
11:50:51.0563 3084  LightScribeService - ok
11:50:51.0594 3084  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
11:50:51.0596 3084  lltdio - ok
11:50:51.0631 3084  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
11:50:51.0637 3084  lltdsvc - ok
11:50:51.0645 3084  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
11:50:51.0648 3084  lmhosts - ok
11:50:51.0666 3084  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
11:50:51.0669 3084  LSI_FC - ok
11:50:51.0679 3084  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
11:50:51.0681 3084  LSI_SAS - ok
11:50:51.0699 3084  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
11:50:51.0700 3084  LSI_SAS2 - ok
11:50:51.0716 3084  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
11:50:51.0718 3084  LSI_SCSI - ok
11:50:51.0728 3084  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
11:50:51.0731 3084  luafv - ok
11:50:51.0835 3084  [ F928E5E72BBA15DD0CE9A26E0413D236 ] McAfee SiteAdvisor Service C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
11:50:51.0838 3084  McAfee SiteAdvisor Service - ok
11:50:51.0979 3084  [ F48571922079BBAB289C57BAFEFE88F3 ] McAWFwk         c:\PROGRA~1\mcafee\msc\mcawfwk.exe
11:50:51.0982 3084  McAWFwk - ok
11:50:52.0006 3084  [ F928E5E72BBA15DD0CE9A26E0413D236 ] McMPFSvc        C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
11:50:52.0011 3084  McMPFSvc - ok
11:50:52.0022 3084  [ F928E5E72BBA15DD0CE9A26E0413D236 ] mcmscsvc        C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
11:50:52.0027 3084  mcmscsvc - ok
11:50:52.0036 3084  [ F928E5E72BBA15DD0CE9A26E0413D236 ] McNaiAnn        C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
11:50:52.0041 3084  McNaiAnn - ok
11:50:52.0061 3084  [ F928E5E72BBA15DD0CE9A26E0413D236 ] McNASvc         C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
11:50:52.0065 3084  McNASvc - ok
11:50:52.0185 3084  [ 1814532DB0404C5FB65AA3EB051B2BE5 ] McODS           C:\Program Files\McAfee\VirusScan\mcods.exe
11:50:52.0190 3084  McODS - ok
11:50:52.0199 3084  [ F928E5E72BBA15DD0CE9A26E0413D236 ] McOobeSv        C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
11:50:52.0202 3084  McOobeSv - ok
11:50:52.0236 3084  [ F928E5E72BBA15DD0CE9A26E0413D236 ] McProxy         C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
11:50:52.0239 3084  McProxy - ok
11:50:52.0294 3084  [ 23EA22ACADD66D7F1E18A4AA72BE6158 ] McShield        C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
11:50:52.0298 3084  McShield - ok
11:50:52.0345 3084  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
11:50:52.0348 3084  Mcx2Svc - ok
11:50:52.0370 3084  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
11:50:52.0372 3084  megasas - ok
11:50:52.0394 3084  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
11:50:52.0398 3084  MegaSR - ok
11:50:52.0424 3084  [ 19323081FA4018C9C1AEBF08114BEA11 ] mfeapfk         C:\Windows\system32\drivers\mfeapfk.sys
11:50:52.0427 3084  mfeapfk - ok
11:50:52.0480 3084  [ EF1D39A70CAD1B7BEDC220480F26815C ] mfeavfk         C:\Windows\system32\drivers\mfeavfk.sys
11:50:52.0484 3084  mfeavfk - ok
11:50:52.0492 3084  mfeavfk01 - ok
11:50:52.0545 3084  [ 3CBBB569730EFD069B4BD253DDD4AD58 ] mfefire         C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
11:50:52.0548 3084  mfefire - ok
11:50:52.0599 3084  [ 67972BFC8F23054BD23E1DE1450E40BD ] mfefirek        C:\Windows\system32\drivers\mfefirek.sys
11:50:52.0606 3084  mfefirek - ok
11:50:52.0650 3084  [ 5C0EE849C03C37071FABDAA6B58D3D94 ] mfehidk         C:\Windows\system32\drivers\mfehidk.sys
11:50:52.0658 3084  mfehidk - ok
11:50:52.0688 3084  mfehidk02 - ok
11:50:52.0719 3084  [ 450B77CAC7384A9C1BAF476AC302CD4C ] mferkdet        C:\Windows\system32\drivers\mferkdet.sys
11:50:52.0721 3084  mferkdet - ok
11:50:52.0766 3084  [ 74CE2EBE64AB78904E33DD4C5F21611F ] mfevtp          C:\Windows\system32\mfevtps.exe
11:50:52.0770 3084  mfevtp - ok
11:50:52.0798 3084  [ F55F9742BFA88D02F96516B80AB400EC ] mfewfpk         C:\Windows\system32\drivers\mfewfpk.sys
11:50:52.0803 3084  mfewfpk - ok
11:50:52.0840 3084  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
11:50:52.0843 3084  MMCSS - ok
11:50:52.0867 3084  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
11:50:52.0870 3084  Modem - ok
11:50:52.0894 3084  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
11:50:52.0895 3084  monitor - ok
11:50:52.0935 3084  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
11:50:52.0937 3084  mouclass - ok
11:50:52.0962 3084  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
11:50:52.0963 3084  mouhid - ok
11:50:53.0021 3084  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
11:50:53.0023 3084  mountmgr - ok
11:50:53.0057 3084  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
11:50:53.0061 3084  mpio - ok
11:50:53.0086 3084  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
11:50:53.0088 3084  mpsdrv - ok
11:50:53.0146 3084  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
11:50:53.0156 3084  MpsSvc - ok
11:50:53.0199 3084  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
11:50:53.0201 3084  MRxDAV - ok
11:50:53.0239 3084  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
11:50:53.0242 3084  mrxsmb - ok
11:50:53.0269 3084  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:50:53.0273 3084  mrxsmb10 - ok
11:50:53.0306 3084  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:50:53.0309 3084  mrxsmb20 - ok
11:50:53.0342 3084  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
11:50:53.0343 3084  msahci - ok
11:50:53.0381 3084  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
11:50:53.0383 3084  msdsm - ok
11:50:53.0404 3084  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
11:50:53.0408 3084  MSDTC - ok
11:50:53.0439 3084  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
11:50:53.0441 3084  Msfs - ok
11:50:53.0456 3084  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
11:50:53.0458 3084  mshidkmdf - ok
11:50:53.0477 3084  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
11:50:53.0479 3084  msisadrv - ok
11:50:53.0505 3084  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
11:50:53.0509 3084  MSiSCSI - ok
11:50:53.0516 3084  msiserver - ok
11:50:53.0539 3084  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
11:50:53.0541 3084  MSKSSRV - ok
11:50:53.0551 3084  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
11:50:53.0553 3084  MSPCLOCK - ok
11:50:53.0562 3084  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
11:50:53.0563 3084  MSPQM - ok
11:50:53.0596 3084  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
11:50:53.0601 3084  MsRPC - ok
11:50:53.0637 3084  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
11:50:53.0638 3084  mssmbios - ok
11:50:53.0650 3084  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
11:50:53.0652 3084  MSTEE - ok
11:50:53.0660 3084  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
11:50:53.0661 3084  MTConfig - ok
11:50:53.0672 3084  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
11:50:53.0674 3084  Mup - ok
11:50:53.0724 3084  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
11:50:53.0732 3084  napagent - ok
11:50:53.0787 3084  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
11:50:53.0791 3084  NativeWifiP - ok
11:50:53.0864 3084  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
11:50:53.0875 3084  NDIS - ok
11:50:53.0894 3084  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
11:50:53.0895 3084  NdisCap - ok
11:50:53.0910 3084  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
11:50:53.0912 3084  NdisTapi - ok
11:50:53.0953 3084  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
11:50:53.0955 3084  Ndisuio - ok
11:50:53.0997 3084  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
11:50:53.0999 3084  NdisWan - ok
11:50:54.0036 3084  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
11:50:54.0038 3084  NDProxy - ok
11:50:54.0057 3084  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
11:50:54.0059 3084  NetBIOS - ok
11:50:54.0108 3084  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
11:50:54.0112 3084  NetBT - ok
11:50:54.0129 3084  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
11:50:54.0132 3084  Netlogon - ok
11:50:54.0176 3084  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
11:50:54.0182 3084  Netman - ok
11:50:54.0204 3084  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
11:50:54.0212 3084  netprofm - ok
11:50:54.0236 3084  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:50:54.0239 3084  NetTcpPortSharing - ok
11:50:54.0262 3084  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
11:50:54.0263 3084  nfrd960 - ok
11:50:54.0294 3084  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
11:50:54.0299 3084  NlaSvc - ok
11:50:54.0308 3084  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
11:50:54.0310 3084  Npfs - ok
11:50:54.0337 3084  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
11:50:54.0340 3084  nsi - ok
11:50:54.0348 3084  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
11:50:54.0350 3084  nsiproxy - ok
11:50:54.0408 3084  [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
11:50:54.0425 3084  Ntfs - ok
11:50:54.0441 3084  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
11:50:54.0442 3084  Null - ok
11:50:54.0479 3084  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
11:50:54.0482 3084  nvraid - ok
11:50:54.0515 3084  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
11:50:54.0518 3084  nvstor - ok
11:50:54.0534 3084  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
11:50:54.0536 3084  nv_agp - ok
11:50:54.0579 3084  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
11:50:54.0581 3084  ohci1394 - ok
11:50:54.0617 3084  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
11:50:54.0623 3084  p2pimsvc - ok
11:50:54.0653 3084  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
11:50:54.0660 3084  p2psvc - ok
11:50:54.0682 3084  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
11:50:54.0684 3084  Parport - ok
11:50:54.0709 3084  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
11:50:54.0711 3084  partmgr - ok
11:50:54.0723 3084  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
11:50:54.0727 3084  PcaSvc - ok
11:50:54.0749 3084  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
11:50:54.0752 3084  pci - ok
11:50:54.0775 3084  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
11:50:54.0776 3084  pciide - ok
11:50:54.0800 3084  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
11:50:54.0803 3084  pcmcia - ok
11:50:54.0812 3084  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
11:50:54.0815 3084  pcw - ok
11:50:54.0831 3084  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
11:50:54.0838 3084  PEAUTH - ok
11:50:54.0914 3084  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
11:50:54.0917 3084  PerfHost - ok
11:50:54.0997 3084  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
11:50:55.0013 3084  pla - ok
11:50:55.0060 3084  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
11:50:55.0068 3084  PlugPlay - ok
11:50:55.0093 3084  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
11:50:55.0096 3084  PNRPAutoReg - ok
11:50:55.0115 3084  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
11:50:55.0122 3084  PNRPsvc - ok
11:50:55.0148 3084  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
11:50:55.0156 3084  PolicyAgent - ok
11:50:55.0198 3084  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
11:50:55.0203 3084  Power - ok
11:50:55.0234 3084  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
11:50:55.0236 3084  PptpMiniport - ok
11:50:55.0262 3084  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
11:50:55.0263 3084  Processor - ok
11:50:55.0299 3084  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
11:50:55.0303 3084  ProfSvc - ok
11:50:55.0321 3084  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
11:50:55.0324 3084  ProtectedStorage - ok
11:50:55.0366 3084  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
11:50:55.0368 3084  Psched - ok
11:50:55.0431 3084  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
11:50:55.0447 3084  ql2300 - ok
11:50:55.0457 3084  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
11:50:55.0460 3084  ql40xx - ok
11:50:55.0493 3084  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
11:50:55.0498 3084  QWAVE - ok
11:50:55.0506 3084  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
11:50:55.0509 3084  QWAVEdrv - ok
11:50:55.0518 3084  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
11:50:55.0520 3084  RasAcd - ok
11:50:55.0555 3084  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
11:50:55.0557 3084  RasAgileVpn - ok
11:50:55.0574 3084  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
11:50:55.0577 3084  RasAuto - ok
11:50:55.0628 3084  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
11:50:55.0631 3084  Rasl2tp - ok
11:50:55.0680 3084  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
11:50:55.0686 3084  RasMan - ok
11:50:55.0711 3084  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
11:50:55.0713 3084  RasPppoe - ok
11:50:55.0724 3084  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
11:50:55.0726 3084  RasSstp - ok
11:50:55.0761 3084  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
11:50:55.0766 3084  rdbss - ok
11:50:55.0786 3084  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
11:50:55.0788 3084  rdpbus - ok
11:50:55.0805 3084  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
11:50:55.0806 3084  RDPCDD - ok
11:50:55.0820 3084  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
11:50:55.0822 3084  RDPENCDD - ok
11:50:55.0837 3084  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
11:50:55.0839 3084  RDPREFMP - ok
11:50:55.0866 3084  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
11:50:55.0870 3084  RDPWD - ok
11:50:55.0913 3084  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
11:50:55.0917 3084  rdyboost - ok
11:50:55.0957 3084  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
11:50:55.0960 3084  RemoteAccess - ok
11:50:55.0986 3084  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
11:50:55.0990 3084  RemoteRegistry - ok
11:50:56.0016 3084  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
11:50:56.0019 3084  RpcEptMapper - ok
11:50:56.0048 3084  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
11:50:56.0050 3084  RpcLocator - ok
11:50:56.0086 3084  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
11:50:56.0094 3084  RpcSs - ok
11:50:56.0128 3084  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
11:50:56.0130 3084  rspndr - ok
11:50:56.0167 3084  [ 91296F0B2653281B2F11E0FCE56AA427 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
11:50:56.0171 3084  RTL8167 - ok
11:50:56.0187 3084  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
11:50:56.0190 3084  SamSs - ok
11:50:56.0221 3084  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
11:50:56.0223 3084  sbp2port - ok
11:50:56.0251 3084  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
11:50:56.0256 3084  SCardSvr - ok
11:50:56.0292 3084  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
11:50:56.0294 3084  scfilter - ok
11:50:56.0344 3084  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
11:50:56.0357 3084  Schedule - ok
11:50:56.0402 3084  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
11:50:56.0404 3084  SCPolicySvc - ok
11:50:56.0446 3084  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
11:50:56.0451 3084  SDRSVC - ok
11:50:56.0490 3084  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
11:50:56.0492 3084  secdrv - ok
11:50:56.0527 3084  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
11:50:56.0530 3084  seclogon - ok
11:50:56.0559 3084  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
11:50:56.0563 3084  SENS - ok
11:50:56.0573 3084  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
11:50:56.0577 3084  SensrSvc - ok
11:50:56.0588 3084  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
11:50:56.0590 3084  Serenum - ok
11:50:56.0599 3084  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
11:50:56.0602 3084  Serial - ok
11:50:56.0632 3084  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
11:50:56.0633 3084  sermouse - ok
11:50:56.0696 3084  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
11:50:56.0700 3084  SessionEnv - ok
11:50:56.0730 3084  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
11:50:56.0732 3084  sffdisk - ok
11:50:56.0746 3084  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
11:50:56.0748 3084  sffp_mmc - ok
11:50:56.0758 3084  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
11:50:56.0760 3084  sffp_sd - ok
11:50:56.0768 3084  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
11:50:56.0770 3084  sfloppy - ok
11:50:56.0809 3084  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
11:50:56.0814 3084  SharedAccess - ok
11:50:56.0867 3084  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:50:56.0874 3084  ShellHWDetection - ok
11:50:56.0904 3084  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
11:50:56.0906 3084  SiSRaid2 - ok
11:50:56.0915 3084  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
11:50:56.0918 3084  SiSRaid4 - ok
11:50:56.0934 3084  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
11:50:56.0936 3084  Smb - ok
11:50:56.0977 3084  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
11:50:56.0980 3084  SNMPTRAP - ok
11:50:56.0989 3084  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
11:50:56.0991 3084  spldr - ok
11:50:57.0035 3084  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
11:50:57.0043 3084  Spooler - ok
11:50:57.0146 3084  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
11:50:57.0181 3084  sppsvc - ok
11:50:57.0204 3084  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
11:50:57.0208 3084  sppuinotify - ok
11:50:57.0249 3084  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
11:50:57.0255 3084  srv - ok
11:50:57.0274 3084  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
11:50:57.0280 3084  srv2 - ok
11:50:57.0297 3084  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
11:50:57.0301 3084  srvnet - ok
11:50:57.0330 3084  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
11:50:57.0335 3084  SSDPSRV - ok
11:50:57.0346 3084  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
11:50:57.0350 3084  SstpSvc - ok
11:50:57.0374 3084  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
11:50:57.0376 3084  stexstor - ok
11:50:57.0430 3084  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
11:50:57.0439 3084  stisvc - ok
11:50:57.0464 3084  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
11:50:57.0465 3084  swenum - ok
11:50:57.0500 3084  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
11:50:57.0508 3084  swprv - ok
11:50:57.0586 3084  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
11:50:57.0605 3084  SysMain - ok
11:50:57.0642 3084  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
11:50:57.0646 3084  TabletInputService - ok
11:50:57.0690 3084  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
11:50:57.0696 3084  TapiSrv - ok
11:50:57.0720 3084  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
11:50:57.0723 3084  TBS - ok
11:50:57.0812 3084  [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
11:50:57.0831 3084  Tcpip - ok
11:50:57.0895 3084  [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
11:50:57.0914 3084  TCPIP6 - ok
11:50:57.0963 3084  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
11:50:57.0965 3084  tcpipreg - ok
11:50:58.0003 3084  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
11:50:58.0005 3084  TDPIPE - ok
11:50:58.0036 3084  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
11:50:58.0037 3084  TDTCP - ok
11:50:58.0084 3084  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
11:50:58.0086 3084  tdx - ok
11:50:58.0120 3084  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
11:50:58.0121 3084  TermDD - ok
11:50:58.0152 3084  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
11:50:58.0162 3084  TermService - ok
11:50:58.0190 3084  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
11:50:58.0193 3084  Themes - ok
11:50:58.0206 3084  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
11:50:58.0210 3084  THREADORDER - ok
11:50:58.0229 3084  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
11:50:58.0234 3084  TrkWks - ok
11:50:58.0295 3084  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:50:58.0298 3084  TrustedInstaller - ok
11:50:58.0344 3084  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
11:50:58.0346 3084  tssecsrv - ok
11:50:58.0398 3084  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
11:50:58.0400 3084  TsUsbFlt - ok
11:50:58.0452 3084  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
11:50:58.0455 3084  tunnel - ok
11:50:58.0494 3084  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
11:50:58.0496 3084  uagp35 - ok
11:50:58.0528 3084  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
11:50:58.0532 3084  udfs - ok
11:50:58.0564 3084  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
11:50:58.0568 3084  UI0Detect - ok
11:50:58.0592 3084  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
11:50:58.0594 3084  uliagpkx - ok
11:50:58.0644 3084  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
11:50:58.0646 3084  umbus - ok
11:50:58.0658 3084  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
11:50:58.0660 3084  UmPass - ok
11:50:58.0688 3084  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
11:50:58.0694 3084  upnphost - ok
11:50:58.0715 3084  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
11:50:58.0717 3084  usbccgp - ok
11:50:58.0762 3084  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
11:50:58.0764 3084  usbcir - ok
11:50:58.0780 3084  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
11:50:58.0783 3084  usbehci - ok
11:50:58.0812 3084  [ 6648C6D7323A2CE0C4776C36CEFBCB14 ] usbfilter       C:\Windows\system32\DRIVERS\usbfilter.sys
11:50:58.0814 3084  usbfilter - ok
11:50:58.0850 3084  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
11:50:58.0855 3084  usbhub - ok
11:50:58.0887 3084  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
11:50:58.0889 3084  usbohci - ok
11:50:58.0918 3084  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
11:50:58.0920 3084  usbprint - ok
11:50:58.0947 3084  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:50:58.0949 3084  USBSTOR - ok
11:50:58.0966 3084  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
11:50:58.0968 3084  usbuhci - ok
11:50:58.0996 3084  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
11:50:58.0999 3084  usbvideo - ok
11:50:59.0024 3084  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
11:50:59.0028 3084  UxSms - ok
11:50:59.0046 3084  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
11:50:59.0048 3084  VaultSvc - ok
11:50:59.0077 3084  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
11:50:59.0078 3084  vdrvroot - ok
11:50:59.0137 3084  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
11:50:59.0145 3084  vds - ok
11:50:59.0176 3084  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
11:50:59.0177 3084  vga - ok
11:50:59.0186 3084  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
11:50:59.0188 3084  VgaSave - ok
11:50:59.0210 3084  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
11:50:59.0214 3084  vhdmp - ok
11:50:59.0243 3084  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
11:50:59.0245 3084  viaide - ok
11:50:59.0262 3084  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
11:50:59.0264 3084  volmgr - ok
11:50:59.0303 3084  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
11:50:59.0308 3084  volmgrx - ok
11:50:59.0345 3084  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
11:50:59.0350 3084  volsnap - ok
11:50:59.0382 3084  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
11:50:59.0385 3084  vsmraid - ok
11:50:59.0449 3084  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
11:50:59.0467 3084  VSS - ok
11:50:59.0477 3084  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
11:50:59.0479 3084  vwifibus - ok
11:50:59.0497 3084  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
11:50:59.0501 3084  vwififlt - ok
11:50:59.0537 3084  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
11:50:59.0544 3084  W32Time - ok
11:50:59.0557 3084  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
11:50:59.0559 3084  WacomPen - ok
11:50:59.0606 3084  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
11:50:59.0608 3084  WANARP - ok
11:50:59.0616 3084  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
11:50:59.0618 3084  Wanarpv6 - ok
11:50:59.0702 3084  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
11:50:59.0717 3084  WatAdminSvc - ok
11:50:59.0775 3084  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
11:50:59.0792 3084  wbengine - ok
11:50:59.0823 3084  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
11:50:59.0829 3084  WbioSrvc - ok
11:50:59.0877 3084  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
11:50:59.0884 3084  wcncsvc - ok
11:50:59.0903 3084  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:50:59.0907 3084  WcsPlugInService - ok
11:50:59.0935 3084  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
11:50:59.0937 3084  Wd - ok
11:50:59.0991 3084  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
11:51:00.0000 3084  Wdf01000 - ok
11:51:00.0026 3084  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
11:51:00.0030 3084  WdiServiceHost - ok
11:51:00.0037 3084  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
11:51:00.0042 3084  WdiSystemHost - ok
11:51:00.0092 3084  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
11:51:00.0098 3084  WebClient - ok
11:51:00.0124 3084  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
11:51:00.0130 3084  Wecsvc - ok
11:51:00.0144 3084  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
11:51:00.0148 3084  wercplsupport - ok
11:51:00.0175 3084  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
11:51:00.0179 3084  WerSvc - ok
11:51:00.0207 3084  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
11:51:00.0209 3084  WfpLwf - ok
11:51:00.0219 3084  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
11:51:00.0220 3084  WIMMount - ok
11:51:00.0258 3084  WinDefend - ok
11:51:00.0268 3084  WinHttpAutoProxySvc - ok
11:51:00.0321 3084  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
11:51:00.0325 3084  Winmgmt - ok
11:51:00.0398 3084  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
11:51:00.0420 3084  WinRM - ok
11:51:00.0470 3084  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
11:51:00.0472 3084  WinUsb - ok
11:51:00.0515 3084  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
11:51:00.0527 3084  Wlansvc - ok
11:51:00.0546 3084  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
11:51:00.0548 3084  WmiAcpi - ok
11:51:00.0579 3084  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
11:51:00.0582 3084  wmiApSrv - ok
11:51:00.0603 3084  WMPNetworkSvc - ok
11:51:00.0622 3084  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
11:51:00.0625 3084  WPCSvc - ok
11:51:00.0664 3084  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
11:51:00.0669 3084  WPDBusEnum - ok
11:51:00.0700 3084  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
11:51:00.0702 3084  ws2ifsl - ok
11:51:00.0717 3084  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
11:51:00.0722 3084  wscsvc - ok
11:51:00.0730 3084  WSearch - ok
11:51:00.0812 3084  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
11:51:00.0838 3084  wuauserv - ok
11:51:00.0869 3084  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
11:51:00.0872 3084  WudfPf - ok
11:51:00.0926 3084  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
11:51:00.0929 3084  WUDFRd - ok
11:51:00.0953 3084  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
11:51:00.0957 3084  wudfsvc - ok
11:51:00.0993 3084  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
11:51:00.0999 3084  WwanSvc - ok
11:51:01.0026 3084  ================ Scan global ===============================
11:51:01.0049 3084  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
11:51:01.0090 3084  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
11:51:01.0115 3084  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
11:51:01.0147 3084  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
11:51:01.0173 3084  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
11:51:01.0179 3084  [Global] - ok
11:51:01.0180 3084  ================ Scan MBR ==================================
11:51:01.0190 3084  [ C9E74E7B33A8D7ECC51E783DF57B8349 ] \Device\Harddisk0\DR0
11:51:01.0473 3084  \Device\Harddisk0\DR0 - ok
11:51:01.0474 3084  ================ Scan VBR ==================================
11:51:01.0479 3084  [ 690D3827765370D0E6EB5516C5259852 ] \Device\Harddisk0\DR0\Partition1
11:51:01.0481 3084  \Device\Harddisk0\DR0\Partition1 - ok
11:51:01.0496 3084  [ 706B92A36AA9AB80BCF5D1C3577E223A ] \Device\Harddisk0\DR0\Partition2
11:51:01.0498 3084  \Device\Harddisk0\DR0\Partition2 - ok
11:51:01.0531 3084  [ F2A33A93365820071D55B7434B626199 ] \Device\Harddisk0\DR0\Partition3
11:51:01.0533 3084  \Device\Harddisk0\DR0\Partition3 - ok
11:51:01.0534 3084  ============================================================
11:51:01.0534 3084  Scan finished
11:51:01.0534 3084  ============================================================
11:51:01.0552 2776  Detected object count: 0
11:51:01.0552 2776  Actual detected object count: 0

Edited by Grid, 02 March 2013 - 04:53 PM.


#5 Grid

Grid
  • Topic Starter

  • Validating
  • 71 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:23 PM

Posted 02 March 2013 - 05:26 PM

 
 
 
aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-03-02 12:01:25
-----------------------------
12:01:25.972    OS Version: Windows x64 6.1.7601 Service Pack 1
12:01:25.972    Number of processors: 2 586 0x6B02
12:01:25.974    ComputerName: ANTHONY-PC  UserName: Anthony
12:01:27.044    Initialize success
12:02:38.625    AVAST engine defs: 13030201
12:03:31.896    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000054
12:03:31.900    Disk 0 Vendor: WDC_WD32 01.0 Size: 305245MB BusType: 11
12:03:31.915    Disk 0 MBR read successfully
12:03:31.918    Disk 0 MBR scan
12:03:31.926    Disk 0 unknown MBR code
12:03:31.938    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS          100 MB offset 2048
12:03:31.977    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS       293333 MB offset 206848
12:03:32.029    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS        11810 MB offset 600952832
12:03:32.072    Disk 0 scanning C:\Windows\system32\drivers
12:03:43.904    Service scanning
12:04:09.254    Modules scanning
12:04:09.266    Disk 0 trace - called modules:
12:04:09.279    ntoskrnl.exe CLASSPNP.SYS disk.sys amdxata.sys ACPI.sys storport.sys hal.dll amdsata.sys 
12:04:09.290    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8001ddf060]
12:04:09.298    3 CLASSPNP.SYS[fffff88001a7843f] -> nt!IofCallDriver -> [0xfffffa80015c6b80]
12:04:09.307    5 amdxata.sys[fffff880010757a8] -> nt!IofCallDriver -> [0xfffffa8001c945f0]
12:04:09.315    7 ACPI.sys[fffff88000f347a1] -> nt!IofCallDriver -> \Device\00000054[0xfffffa8001dc7060]
12:04:10.381    AVAST engine scan C:\Windows
12:04:12.759    AVAST engine scan C:\Windows\system32
12:09:08.927    AVAST engine scan C:\Windows\system32\drivers
12:09:37.174    AVAST engine scan C:\Users\Anthony
12:12:46.319    AVAST engine scan C:\ProgramData
12:12:53.208    File: C:\ProgramData\Browwsse2saVee\513061a2a8d9c.dll  **INFECTED** Win32:Adware-gen [Adw]
12:17:53.383    Scan finished successfully
12:23:34.297    Disk 0 MBR has been saved successfully to "C:\Users\Anthony\Desktop\MBR.dat"
12:23:34.328    The log file has been saved successfully to "C:\Users\Anthony\Desktop\aswMBR.txt"


#6 Grid

Grid
  • Topic Starter

  • Validating
  • 71 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:23 PM

Posted 02 March 2013 - 07:42 PM

  Here's the last of it:
 
C:\Users\All Users\Browwsse2saVee\513061a2a8d9c.dll    a variant of Win32/Adware.MultiPlug.I application    
 
C:\Users\All Users\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setupx.dll    a variant of Win32/Adware.Yontoo.B application    
 
C:\ProgramData\Browwsse2saVee\513061a2a8d9c.dll    a variant of Win32/Adware.MultiPlug.I application    cleaned by deleting - quarantined
 
C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setupx.dll    a variant of Win32/Adware.Yontoo.B application    cleaned by deleting - quarantined
 
C:\Users\Anthony\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8IHQLCRY\513061a2bfac1[1].exe    multiple threats    cleaned by deleting - quarantined


#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:23 AM

Posted 02 March 2013 - 07:46 PM


Malwarebytes

--------------------

Please download Malwarebytes Anti-Malware and save it to your desktop.  If you already have it installed launch the program and update the database.

  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.  You can also right click on the link and select Save Link As

Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • Make sure you are connected to the Internet and double-click on the renamed file to install the application.
    For instructions with screenshots, please refer to this Guide.
  • When the installation begins, follow the prompts and do not make any changes to default settings except to uncheck any offer for a free Pro trial version
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.

Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.


===================================================


Farbar's MiniToolBox

--------------------

  • Please download MiniToolBox, save it to your desktop
  • Please close any Firefox browsers you may have open
  • Double click the icon to launch the program
  • Make sure the following options are checked:

    • Flush DNS
    • Report IE Proxy Settings
    • Reset IE Proxy Settings
    • Report FF Proxy Settings
    • Reset FF Proxy Settings
    • List content of Hosts
    • List IP configuration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List Installed Programs
    • List Devices
    • List Users, Partitions and Memory size.
  • Click Go and once the scan is completed a Result.txt Notepad document will open on your desktop
  • Please copy and paste the contents in your reply


===================================================


Farbar's Service Scanner

--------------------

Please download Farbar Service Scanner, save it to your desktop, and run it.

  • Make sure the following options are checked:

    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


===================================================


AdwCleaner by Xplode - Search for Adware

-------------------

  • Please download AdwCleaner by Xplode onto your desktop.
  • Double click on AdwCleaner.exe, select OK, then Run
  • Click on DELETE
  • A logfile will automatically open after the scan has finished
  • Copy and paste the contents in your reply
  • You can find the logfile at C:\AdwCleaner[R1].txt as well


===================================================


Junkware Removal Tooll by thisisu

-------------------

  • Please download Junkware Removal Tool and save it to your desktop.
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Right-mouse click JRT.exe and select Run as administrator (Windows XP double click the icon)
  • Please allow the program time to run
  • Once completed a Notepad document will open on your desktop
  • Copy and paste the contents in your reply


===================================================


Rkill

-------------------

Please download Rkill by Grinler from one of the 4 links below (if one of them does not work try another...) and save it to your desktop:


  • In order for Rkill to run properly you must disable your anti-malware software.  Please refer to this page if you are not sure how.
  • Double-click on Rkill. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
    • Note:  You may have to run Rkill a few times before it is successful.  You may also have to download Rkill from a different link which will save it as a different file name.
  • A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
  • An Rkill.log will appear.  Please copy and paste the contents in your reply (file also located at c:\rkill.log)
  • Do not reboot your computer after running Rkill as the malware programs will start again.  If your computer reboots, run Rkill again before continuing on to the next step.
  • If nothing happens or if the tool does not run, please let me know in your next reply.


===================================================


Autoruns

--------------------

  • Please download AutoRuns and save it to your desktop
  • Double click the AutoRuns.zip folder
  • Double click autoruns.exe (not autorunsc.exe), select Run, then Run again and allow the information to populate
  • Select File, Save, Desktop (in the left hand pane), then Save filename as Autoruns.txt and change Save as type to  Text(*.txt).
  • Double click on the text file,copy and paste the contents in your reply


===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • Malwarebytes log
  • MiniToolBox log
  • Farbar's Service Scanner log
  • AdwCleaner log
  • Junkware Removal Tool log
  • Rkill log
  • Autoruns log



#8 Grid

Grid
  • Topic Starter

  • Validating
  • 71 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:23 PM

Posted 03 March 2013 - 06:31 PM

Malwarebytes Anti-Malware (Trial) 1.70.0.1100
www.malwarebytes.org
 
Database version: v2013.03.03.03
 
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Anthony :: ANTHONY-PC [administrator]
 
Protection: Enabled
 
3/2/2013 11:38:22 PM
mbam-log-2013-03-02 (23-38-22).txt
 
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 202519
Time elapsed: 5 minute(s), 19 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 4
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110111271159} (PUP.CrossRider) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110111271159} (PUP.CrossRider) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110111271159} (PUP.CrossRider) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110111271159} (PUP.CrossRider) -> Quarantined and deleted successfully.
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 1
C:\Users\Anthony\Documents\Downloads\TMUMFB271.wmv.exe (PUP.Offerware) -> Quarantined and deleted successfully.
 
(end)
 
 
 
MiniToolBox by Farbar  Version:01-03-2013
Ran by Anthony (administrator) on 03-03-2013 at 00:08:52
Running from "C:\Users\Anthony\Desktop"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
========================= Hosts content: =================================
 
 
 
========================= IP Configuration: ================================
 
Realtek PCIe FE Family Controller = Local Area Connection (Connected)
Atheros AR5007EG Wireless Network Adapter = Wireless Network Connection (Connected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : Anthony-PC
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : hawaii.rr.com
 
Wireless LAN adapter Wireless Network Connection:
 
   Connection-specific DNS Suffix  . : hawaii.rr.com
   Description . . . . . . . . . . . : Atheros AR5007EG Wireless Network Adapter
   Physical Address. . . . . . . . . : 00-17-C4-AB-A2-BD
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::75a2:a9dc:4fb8:d14d%11(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.0.11(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Saturday, March 02, 2013 11:54:13 PM
   Lease Expires . . . . . . . . . . : Saturday, March 09, 2013 11:54:12 PM
   Default Gateway . . . . . . . . . : fe80::218:e7ff:fedd:24c1%11
                                       192.168.0.1
   DHCP Server . . . . . . . . . . . : 192.168.0.1
   DNS Servers . . . . . . . . . . . : 192.168.0.1
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Ethernet adapter Local Area Connection:
 
   Connection-specific DNS Suffix  . : hawaii.rr.com
   Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
   Physical Address. . . . . . . . . : 00-23-8B-FA-68-ED
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::6d57:e843:b88c:1ca9%10(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.0.10(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Saturday, March 02, 2013 11:54:06 PM
   Lease Expires . . . . . . . . . . : Saturday, March 09, 2013 11:54:06 PM
   Default Gateway . . . . . . . . . : fe80::218:e7ff:fedd:24c1%10
                                       192.168.0.1
   DHCP Server . . . . . . . . . . . : 192.168.0.1
   DNS Servers . . . . . . . . . . . : 192.168.0.1
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Tunnel adapter isatap.hawaii.rr.com:
 
   Connection-specific DNS Suffix  . : hawaii.rr.com
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::5efe:192.168.0.10%12(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::5efe:192.168.0.11%12(Preferred) 
   Default Gateway . . . . . . . . . : 
   DNS Servers . . . . . . . . . . . : 192.168.0.1
   NetBIOS over Tcpip. . . . . . . . : Disabled
 
Tunnel adapter Local Area Connection* 12:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:24f9:19a7:bdf7:200f(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::24f9:19a7:bdf7:200f%14(Preferred) 
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
1.0.168.192.in-addr.arpa
    primary name server = localhost
    responsible mail addr = nobody.invalid
    serial  = 1
    refresh = 600 (10 mins)
    retry   = 1200 (20 mins)
    expire  = 604800 (7 days)
    default TTL = 10800 (3 hours)
(root)    ??? unknown type 41 ???
Server:  UnKnown
Address:  192.168.0.1
 
Name:    google.com.hawaii.rr.com
Address:  67.215.65.145
 
 
Pinging google.com [74.125.239.9] with 32 bytes of data:
Reply from 74.125.239.9: bytes=32 time=624ms TTL=54
Reply from 74.125.239.9: bytes=32 time=65ms TTL=54
 
Ping statistics for 74.125.239.9:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 65ms, Maximum = 624ms, Average = 344ms
Server:  UnKnown
Address:  192.168.0.1
 
Name:    yahoo.com.hawaii.rr.com
Address:  67.215.65.145
 
 
Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=500ms TTL=47
Reply from 98.139.183.24: bytes=32 time=310ms TTL=47
 
Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 310ms, Maximum = 500ms, Average = 405ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=34ms TTL=128
Reply from 127.0.0.1: bytes=32 time=10ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 10ms, Maximum = 34ms, Average = 22ms
===========================================================================
Interface List
 11...00 17 c4 ab a2 bd ......Atheros AR5007EG Wireless Network Adapter
 10...00 23 8b fa 68 ed ......Realtek PCIe FE Family Controller
  1...........................Software Loopback Interface 1
 12...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 14...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.0.1     192.168.0.10     20
          0.0.0.0          0.0.0.0      192.168.0.1     192.168.0.11     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.0.0    255.255.255.0         On-link      192.168.0.10    276
      192.168.0.0    255.255.255.0         On-link      192.168.0.11    281
     192.168.0.10  255.255.255.255         On-link      192.168.0.10    276
     192.168.0.11  255.255.255.255         On-link      192.168.0.11    281
    192.168.0.255  255.255.255.255         On-link      192.168.0.10    276
    192.168.0.255  255.255.255.255         On-link      192.168.0.11    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link      192.168.0.10    276
        224.0.0.0        240.0.0.0         On-link      192.168.0.11    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link      192.168.0.10    276
  255.255.255.255  255.255.255.255         On-link      192.168.0.11    281
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 10    276 ::/0                     fe80::218:e7ff:fedd:24c1
 11    281 ::/0                     fe80::218:e7ff:fedd:24c1
 14     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 14     58 2001::/32                On-link
 14    306 2001:0:4137:9e76:24f9:19a7:bdf7:200f/128
                                    On-link
 10    276 fe80::/64                On-link
 11    281 fe80::/64                On-link
 14    306 fe80::/64                On-link
 12    286 fe80::5efe:192.168.0.10/128
                                    On-link
 12    286 fe80::5efe:192.168.0.11/128
                                    On-link
 14    306 fe80::24f9:19a7:bdf7:200f/128
                                    On-link
 10    276 fe80::6d57:e843:b88c:1ca9/128
                                    On-link
 11    281 fe80::75a2:a9dc:4fb8:d14d/128
                                    On-link
  1    306 ff00::/8                 On-link
 14    306 ff00::/8                 On-link
 10    276 ff00::/8                 On-link
 11    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog5 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (03/02/2013 11:54:43 PM) (Source: Application Error) (User: )
Description: Faulting application name: DefaultTabSearch.exe, version: 0.0.0.0, time stamp: 0x511246e7
Faulting module name: DefaultTabSearch.exe, version: 0.0.0.0, time stamp: 0x511246e7
Exception code: 0xc0000005
Fault offset: 0x00002c60
Faulting process id: 0x6e0
Faulting application start time: 0xDefaultTabSearch.exe0
Faulting application path: DefaultTabSearch.exe1
Faulting module path: DefaultTabSearch.exe2
Report Id: DefaultTabSearch.exe3
 
Error: (03/02/2013 11:20:06 PM) (Source: Application Error) (User: )
Description: Faulting application name: DefaultTabSearch.exe, version: 0.0.0.0, time stamp: 0x511246e7
Faulting module name: DefaultTabSearch.exe, version: 0.0.0.0, time stamp: 0x511246e7
Exception code: 0xc0000005
Fault offset: 0x00002c60
Faulting process id: 0x500
Faulting application start time: 0xDefaultTabSearch.exe0
Faulting application path: DefaultTabSearch.exe1
Faulting module path: DefaultTabSearch.exe2
Report Id: DefaultTabSearch.exe3
 
Error: (03/02/2013 11:10:38 PM) (Source: Application Error) (User: )
Description: Faulting application name: chrome.exe, version: 25.0.1364.97, time stamp: 0x51258756
Faulting module name: npDefaultTabSearch.dll_unloaded, version: 0.0.0.0, time stamp: 0x510b3ade
Exception code: 0xc0000005
Fault offset: 0x6f74bb90
Faulting process id: 0xf68
Faulting application start time: 0xchrome.exe0
Faulting application path: chrome.exe1
Faulting module path: chrome.exe2
Report Id: chrome.exe3
 
Error: (03/02/2013 08:04:12 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (03/02/2013 05:41:32 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6194
 
Error: (03/02/2013 05:41:32 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6194
 
Error: (03/02/2013 05:41:32 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (03/02/2013 05:41:31 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5149
 
Error: (03/02/2013 05:41:31 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5149
 
Error: (03/02/2013 05:41:31 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
 
System errors:
=============
Error: (03/02/2013 11:54:53 PM) (Source: Service Control Manager) (User: )
Description: The DefaultTabSearch service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (03/02/2013 11:54:51 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
mfeapfk
 
Error: (03/02/2013 11:20:24 PM) (Source: Service Control Manager) (User: )
Description: The DefaultTabSearch service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (03/02/2013 11:20:13 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
mfeapfk
 
Error: (03/02/2013 11:42:33 AM) (Source: Service Control Manager) (User: )
Description: The DefaultTabSearch service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (03/02/2013 11:42:24 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
mfeapfk
 
Error: (03/02/2013 11:13:50 AM) (Source: Service Control Manager) (User: )
Description: The DefaultTabSearch service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (03/02/2013 11:13:44 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
mfeapfk
 
Error: (03/02/2013 00:50:40 AM) (Source: Service Control Manager) (User: )
Description: The DefaultTabSearch service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (03/02/2013 00:50:35 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
mfeapfk
 
 
Microsoft Office Sessions:
=========================
Error: (03/02/2013 11:54:43 PM) (Source: Application Error)(User: )
Description: DefaultTabSearch.exe0.0.0.0511246e7DefaultTabSearch.exe0.0.0.0511246e7c000000500002c606e001ce17f51588bd4eC:\Program Files (x86)\DefaultTab\DefaultTabSearch.exeC:\Program Files (x86)\DefaultTab\DefaultTabSearch.exe5f06e339-83e8-11e2-b1ef-00238bfa68ed
 
Error: (03/02/2013 11:20:06 PM) (Source: Application Error)(User: )
Description: DefaultTabSearch.exe0.0.0.0511246e7DefaultTabSearch.exe0.0.0.0511246e7c000000500002c6050001ce17f03f02ba84C:\Program Files (x86)\DefaultTab\DefaultTabSearch.exeC:\Program Files (x86)\DefaultTab\DefaultTabSearch.exe890ac923-83e3-11e2-920a-00238bfa68ed
 
Error: (03/02/2013 11:10:38 PM) (Source: Application Error)(User: )
Description: chrome.exe25.0.1364.9751258756npDefaultTabSearch.dll_unloaded0.0.0.0510b3adec00000056f74bb90f6801ce17adf455cb6aC:\Program Files (x86)\Google\Chrome\Application\chrome.exenpDefaultTabSearch.dll3648de66-83e2-11e2-9dc0-00238bfa68ed
 
Error: (03/02/2013 08:04:12 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Anthony\Desktop\Desktop\esetsmartinstaller_enu.exe
 
Error: (03/02/2013 05:41:32 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6194
 
Error: (03/02/2013 05:41:32 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6194
 
Error: (03/02/2013 05:41:32 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (03/02/2013 05:41:31 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5149
 
Error: (03/02/2013 05:41:31 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5149
 
Error: (03/02/2013 05:41:31 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
 
CodeIntegrity Errors:
===================================
  Date: 2013-02-07 10:47:25.178
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\McAfee\VSCore\SETC9E3.tmp because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-02-07 10:47:25.175
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\McAfee\VSCore\SETC9E3.tmp because the set of per-page image hashes could not be found on the system.
 
 
=========================== Installed Programs ============================
 
7-Zip 9.20
 
Activate Norton Online Backup (Version: 1.1.20.0)
ActiveCheck component for HP Active Support Library (Version: 3.0.0.2)
Adobe Flash Player 10 ActiveX (Version: 10.0.22.87)
AMD USB Filter Driver (Version: 1.0.11.86)
Apple Application Support (Version: 2.3.3)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (Version: 2.1.3.127)
Applian FLV and Media Player 3.1.1.12 (Version: 3.1.1.12)
ATI Catalyst Install Manager (Version: 3.0.732.0)
Bonjour (Version: 3.0.0.10)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Core Implementation (Version: 2009.0614.2131.36800)
Catalyst Control Center Graphics Full Existing (Version: 2009.0614.2131.36800)
Catalyst Control Center Graphics Full New (Version: 2009.0614.2131.36800)
Catalyst Control Center Graphics Light (Version: 2009.0614.2131.36800)
Catalyst Control Center Graphics Previews Vista (Version: 2009.0614.2131.36800)
Catalyst Control Center InstallProxy (Version: 2009.0614.2131.36800)
Catalyst Control Center Localization All (Version: 2009.0614.2131.36800)
CCC Help Chinese Standard (Version: 2009.0614.2130.36800)
CCC Help Chinese Traditional (Version: 2009.0614.2130.36800)
CCC Help Czech (Version: 2009.0614.2130.36800)
CCC Help Danish (Version: 2009.0614.2130.36800)
CCC Help Dutch (Version: 2009.0614.2130.36800)
CCC Help English (Version: 2009.0614.2130.36800)
CCC Help Finnish (Version: 2009.0614.2130.36800)
CCC Help French (Version: 2009.0614.2130.36800)
CCC Help German (Version: 2009.0614.2130.36800)
CCC Help Greek (Version: 2009.0614.2130.36800)
CCC Help Hungarian (Version: 2009.0614.2130.36800)
CCC Help Italian (Version: 2009.0614.2130.36800)
CCC Help Japanese (Version: 2009.0614.2130.36800)
CCC Help Korean (Version: 2009.0614.2130.36800)
CCC Help Norwegian (Version: 2009.0614.2130.36800)
CCC Help Polish (Version: 2009.0614.2130.36800)
CCC Help Portuguese (Version: 2009.0614.2130.36800)
CCC Help Russian (Version: 2009.0614.2130.36800)
CCC Help Spanish (Version: 2009.0614.2130.36800)
CCC Help Swedish (Version: 2009.0614.2130.36800)
CCC Help Thai (Version: 2009.0614.2130.36800)
CCC Help Turkish (Version: 2009.0614.2130.36800)
ccc-core-static (Version: 2009.0614.2131.36800)
ccc-utility64 (Version: 2009.0614.2131.36800)
Compatibility Pack for the 2007 Office system (Version: 12.0.4518.1014)
CyberLink DVD Suite Deluxe (Version: 6.0.3101)
DefaultTab (Version: 2.2.3.0)
DirectX for Managed Code Update (Summer 2004) (Version: 9.02.2904)
ESET Online Scanner v3
Google Chrome (Version: 25.0.1364.97)
Google Update Helper (Version: 1.3.21.135)
HP Advisor (Version: 3.2.8946.3086)
HP Customer Experience Enhancements (Version: 5.7.0.3036)
HP Games (Version: 1.0.0.71)
HP MediaSmart Demo (Version: 1.00.0000)
HP MediaSmart DVD (Version: 3.0.3123)
HP MediaSmart Movie Themes (Version: 3.0.3102)
HP MediaSmart Music/Photo/Video (Version: 3.0.3205)
HP MediaSmart SmartMenu (Version: 3.0.28.2)
HP MediaSmart Webcam (Version: 3.0.1903)
HP Odometer (Version: 2.10.0000)
HP Remote Solution (Version: 1.1.9.0)
HP Setup (Version: 1.2.3220.3079)
HP Support Assistant (Version: 4.1.11.3)
HP Support Information (Version: 10.1.0002)
HP Update (Version: 5.001.000.014)
HPAsset component for HP Active Support Library (Version: 3.0.1.0)
iTunes (Version: 11.0.2.26)
Java 7 Update 9 (Version: 7.0.90)
Java Auto Updater (Version: 2.1.9.0)
LabelPrint (Version: 2.5.1901)
LightScribe System Software (Version: 1.18.5.1)
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
McAfee AntiVirus Plus (Version: 11.6.477)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Live Search Toolbar (Version: 3.0.560.0)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.4518.1014)
Microsoft Silverlight (Version: 2.0.31005.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Works (Version: 9.7.0621)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
PictureMover (Version: 3.3.1.19)
Pirate101 (Version: 1.0.0)
Power2Go (Version: 6.0.3101)
PowerDirector (Version: 7.0.3101)
PowerRecover (Version: 5.5.1923)
Realtek High Definition Audio Driver (Version: 6.0.1.5898)
Shared C Run-time for x64 (Version: 10.0.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
WinRAR 4.20 (32-bit) (Version: 4.20.0)
World of Warcraft (Version: 5.1.0.16357)
 
 
========================= Devices: ================================
 
Name: McAfee Inc. mfeapfk
Description: McAfee Inc. mfeapfk
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: mfeapfk
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 51%
Total physical RAM: 1790.43 MB
Available physical RAM: 873.27 MB
Total Pagefile: 3580.86 MB
Available Pagefile: 1986.71 MB
Total Virtual: 4095.88 MB
Available Virtual: 3964.09 MB
 
========================= Partitions: =====================================
 
1 Drive c: (HP) (Fixed) (Total:286.46 GB) (Free:177.49 GB) NTFS
2 Drive d: (FACTORY_IMAGE) (Fixed) (Total:11.53 GB) (Free:2.11 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\ANTHONY-PC
 
Administrator            Anthony                  Guest                    
 
 
**** End of log ****
 
 
 
Farbar Service Scanner Version: 20-02-2013
Ran by Anthony (administrator) on 03-03-2013 at 00:17:27
Running from "C:\Users\Anthony\Desktop"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************
 
Internet Services:
============
 
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.
 
 
Windows Firewall:
=============
 
Firewall Disabled Policy: 
==================
 
 
System Restore:
============
 
System Restore Disabled Policy: 
========================
 
 
Action Center:
============
 
Windows Update:
============
 
Windows Autoupdate Disabled Policy: 
============================
 
 
Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.
 
 
Windows Defender Disabled Policy: 
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1
 
 
Other Services:
==============
 
 
File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
 
 
**** End of log ****

 

 

 

 

# AdwCleaner v2.113 - Logfile created 03/03/2013 at 00:53:48
# Updated 23/02/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Anthony - ANTHONY-PC
# Boot Mode : Normal
# Running from : C:\Users\Anthony\Desktop\AdwCleaner.exe
# Option [Delete]
 
 
***** [Services] *****
 
Stopped & Deleted : DefaultTabSearch
Stopped & Deleted : DefaultTabUpdate
 
***** [Files / Folders] *****
 
File Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
Folder Deleted : C:\Program Files (x86)\DefaultTab
Folder Deleted : C:\ProgramData\APN
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\InstallMate
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\Users\Anthony\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
Folder Deleted : C:\Users\Anthony\AppData\Local\Lucky Savings
Folder Deleted : C:\Users\Anthony\AppData\Local\PutLockerDownloader
Folder Deleted : C:\Users\Anthony\AppData\Local\SwvUpdater
Folder Deleted : C:\Users\Anthony\AppData\Local\Temp\boost_interprocess
Folder Deleted : C:\Users\Anthony\AppData\Roaming\Babylon
Folder Deleted : C:\Users\Anthony\AppData\Roaming\DefaultTab
 
***** [Registry] *****
 
Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\DefaultTab
Key Deleted : HKCU\Software\AppDataLow\SProtector
Key Deleted : HKCU\Software\Cr_Installer
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\DataMngr_Toolbar
Key Deleted : HKCU\Software\Default Tab
Key Deleted : HKCU\Software\DefaultTab
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\5f55dc8bb134b841
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\Default Tab
Key Deleted : HKLM\Software\DefaultTab
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Lucky Savings_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Lucky Savings_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Lucky Savings-InternalInstaller_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Lucky Savings-InternalInstaller_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKLM\Software\SP Global
Key Deleted : HKLM\Software\SProtector
Key Deleted : HKLM\SOFTWARE\Wow6432Node\5f55dc8bb134b841
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab
Key Deleted : HKLM\SOFTWARE\Software
Key Deleted : HKLM\SOFTWARE\Tarma Installer
 
***** [Internet Browsers] *****
 
-\\ Internet Explorer v9.0.8112.16464
 
[OK] Registry is clean.
 
-\\ Google Chrome v25.0.1364.97
 
File : C:\Users\Anthony\AppData\Local\Google\Chrome\User Data\Default\Preferences
 
[OK] File is clean.
 
*************************
 
AdwCleaner[S1].txt - [5175 octets] - [03/03/2013 00:53:48]
 
########## EOF - C:\AdwCleaner[S1].txt - [5235 octets] ##########
 
 
 
  NOTE - I've checked my PC at this point, and the "Default tab - Search results, LLC program" is no longer there under Programs. Also, I was going to run the Junkware Removal program but my computer, even with Firewall and all turned off, advised that it appeared to be a malicious file and advised against downloading it, so I held off on it.  
 
 
 
 
  Rkill 2.4.7 by Lawrence Abrams (Grinler)
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
 
Program started at: 03/03/2013 01:06:58 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1
 
Checking for Windows services to stop:
 
 * No malware services found to stop.
 
Checking for processes to terminate:
 
 * No malware processes found to kill.
 
Checking Registry for malware related settings:
 
 * Explorer Policy Removed:  NoActiveDesktopChanges [HKLM]
 
Backup Registry file created at:
 C:\Users\Anthony\Desktop\rkill\rkill-03-03-2013-01-07-02.reg
 
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
 
Performing miscellaneous checks:
 
 * Windows Defender Disabled
 
   [HKLM\SOFTWARE\Microsoft\Windows Defender]
   "DisableAntiSpyware" = dword:00000001
 
Checking Windows Service Integrity: 
 
 * Windows Defender (WinDefend) is not Running.
   Startup Type set to: Manual
 
 * FontCache => %SystemRoot%\system32\svchost.exe -k LocalService [Incorrect ImagePath]
 
Searching for Missing Digital Signatures: 
 
 * No issues found.
 
Checking HOSTS File: 
 
 * No issues found.
 
Program finished at: 03/03/2013 01:07:16 PM
Execution time: 0 hours(s), 0 minute(s), and 18 seconds(s)
 
 
 
"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms"    ""    ""    ""
+ "rdpclip"    ""    ""    "File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run"    ""    ""    ""
+ "RtHDVCpl"    "HD Audio Control Panel"    "Realtek Semiconductor"    "c:\program files\realtek\audio\hda\ravcpl64.exe"
+ "SmartMenu"    "SmartMenu"    ""    "c:\program files\hewlett-packard\hp mediasmart\smartmenu.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run"    ""    ""    ""
+ "AnySend User Interface"    "AnySend User interface"    ""    "c:\program files (x86)\anysend\anysendui.exe"
+ "APSDaemon"    "Apple Push"    "Apple Inc."    "c:\program files (x86)\common files\apple\apple application support\apsdaemon.exe"
+ "HP Remote Solution"    "HP Remote Solution"    ""    "c:\program files (x86)\hewlett-packard\hp remote solution\hp_remote_solution.exe"
+ "HP Software Update"    "hpwuSchd Application"    "Hewlett-Packard"    "c:\program files (x86)\hp\hp software update\hpwuschd2.exe"
+ "HPCam_Menu"    "MUI StartMenu Application"    "CyberLink Corp."    "c:\program files (x86)\hewlett-packard\media\webcam\muitransfer\muistartmenu.exe"
+ "hpsysdrv"    "hpsysdrv"    "Hewlett-Packard"    "c:\program files (x86)\hewlett-packard\hp odometer\hpsysdrv.exe"
+ "iTunesHelper"    "iTunesHelper"    "Apple Inc."    "c:\program files (x86)\itunes\ituneshelper.exe"
+ "mcui_exe"    "McAfee Security Center"    "McAfee, Inc."    "c:\program files\mcafee.com\agent\mcagent.exe"
+ "NortonOnlineBackupReminder"    "Norton Online Backup Service"    "Symantec Corporation"    "c:\program files (x86)\symantec\norton online backup\activation\nobuactivation.exe"
+ "StartCCC"    "Catalyst® Control Center Launcher"    "Advanced Micro Devices, Inc."    "c:\program files (x86)\ati technologies\ati.ace\core-static\clistart.exe"
+ "SunJavaUpdateSched"    "Java™ Update Scheduler"    "Sun Microsystems, Inc."    "c:\program files (x86)\common files\java\java update\jusched.exe"
+ "UpdatePRCShortCut"    "MUI StartMenu Application"    "CyberLink Corp."    "c:\program files (x86)\hewlett-packard\recovery\muitransfer\muistartmenu.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce"    ""    ""    ""
+ "Del6596455"    ""    ""    "File not found: del"
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup"    ""    ""    ""
+ "PictureMover.lnk"    "PictureMover Application"    "Hewlett-Packard Company"    "c:\program files (x86)\picturemover\bin\picturemover.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components"    ""    ""    ""
+ "Microsoft Windows"    "Windows Mail"    "Microsoft Corporation"    "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components"    ""    ""    ""
+ "Google Chrome"    "Google Chrome"    "Google Inc."    "c:\program files (x86)\google\chrome\application\25.0.1364.97\installer\chrmstp.exe"
+ "Microsoft Windows"    "Windows Mail"    "Microsoft Corporation"    "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce"    ""    ""    ""
+ "Del6596455"    ""    ""    "File not found: del"
"HKLM\SOFTWARE\Classes\Protocols\Filter"    ""    ""    ""
+ "application/x-mfe-ipt"    "McAfee MSC IE plugin DLL"    "McAfee, Inc."    "c:\program files\mcafee\msc\mcsniepl64.dll"
"HKLM\SOFTWARE\Classes\Protocols\Handler"    ""    ""    ""
+ "dssrequest"    "SiteAdvisor"    "McAfee, Inc."    "c:\program files (x86)\mcafee\siteadvisor\x64\mcieplg.dll"
+ "sacore"    "SiteAdvisor"    "McAfee, Inc."    "c:\program files (x86)\mcafee\siteadvisor\x64\mcieplg.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "AnySend"    "AnySend"    "ClickMeIn Limited"    "c:\program files\anysend\anysendshellextension.dll"
+ "McCtxMenuFrmWrk"    "McAfee ContextMenu Framework"    "McAfee, Inc."    "c:\program files\mcafee\msc\mcctxmenufrmwrk.dll"
+ "WinRAR"    "WinRAR shell extension"    "Alexander Roshal"    "c:\program files (x86)\winrar\rarext64.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "7-Zip"    "7-Zip Shell Extension"    "Igor Pavlov"    "c:\program files (x86)\7-zip\7-zip.dll"
+ "WinRAR32"    "WinRAR shell extension"    "Alexander Roshal"    "c:\program files (x86)\winrar\rarext.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "MBAMShlExt"    "Malwarebytes Anti-Malware"    "Malwarebytes Corporation"    "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "AnySend"    "AnySend"    "ClickMeIn Limited"    "c:\program files\anysend\anysendshellextension.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "7-Zip"    "7-Zip Shell Extension"    "Igor Pavlov"    "c:\program files (x86)\7-zip\7-zip.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Shellex\DragDropHandlers"    ""    ""    ""
+ "7-Zip"    "7-Zip Shell Extension"    "Igor Pavlov"    "c:\program files (x86)\7-zip\7-zip.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "ACE"    "AMD Desktop Control Panel"    "Advanced Micro Devices, Inc."    "c:\program files (x86)\ati technologies\ati.ace\core-static\atiacm64.dll"
+ "Gadgets"    "Sidebar droptarget"    "Microsoft Corporation"    "c:\program files\windows sidebar\sbdrop.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "Gadgets"    "Sidebar droptarget"    "Microsoft Corporation"    "c:\program files (x86)\windows sidebar\sbdrop.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "MBAMShlExt"    "Malwarebytes Anti-Malware"    "Malwarebytes Corporation"    "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "McCtxMenuFrmWrk"    "McAfee ContextMenu Framework"    "McAfee, Inc."    "c:\program files\mcafee\msc\mcctxmenufrmwrk.dll"
+ "WinRAR"    "WinRAR shell extension"    "Alexander Roshal"    "c:\program files (x86)\winrar\rarext64.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "WinRAR32"    "WinRAR shell extension"    "Alexander Roshal"    "c:\program files (x86)\winrar\rarext.dll"
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers"    ""    ""    ""
+ "WinRAR"    "WinRAR shell extension"    "Alexander Roshal"    "c:\program files (x86)\winrar\rarext64.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\DragDropHandlers"    ""    ""    ""
+ "WinRAR32"    "WinRAR shell extension"    "Alexander Roshal"    "c:\program files (x86)\winrar\rarext.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects"    ""    ""    ""
+ "AnySend"    "AnySend"    "ClickMeIn Limited"    "c:\program files\anysend\anysendshellextension.dll"
+ "McAfee SiteAdvisor BHO"    "SiteAdvisor"    "McAfee, Inc."    "c:\program files (x86)\mcafee\siteadvisor\x64\mcieplg.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects"    ""    ""    ""
+ "Java™ Plug-In 2 SSV Helper"    "Java™ Platform SE binary"    "Oracle Corporation"    "c:\program files (x86)\java\jre7\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper"    "Java™ Platform SE binary"    "Oracle Corporation"    "c:\program files (x86)\java\jre7\bin\ssv.dll"
+ "McAfee SiteAdvisor BHO"    "SiteAdvisor"    "McAfee, Inc."    "c:\program files (x86)\mcafee\siteadvisor\mcieplg.dll"
+ "Microsoft Live Search Toolbar Helper"    "MSN® Shell Extender"    "Microsoft Corp."    "c:\program files (x86)\msn\toolbar\3.0.0560.0\msneshellx.dll"
"HKCU\Software\Microsoft\Internet Explorer\UrlSearchHooks"    ""    ""    ""
+ "McAfee SiteAdvisor Toolbar"    "SiteAdvisor"    "McAfee, Inc."    "c:\program files (x86)\mcafee\siteadvisor\x64\mcieplg.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar"    ""    ""    ""
+ "McAfee SiteAdvisor"    "SiteAdvisor"    "McAfee, Inc."    "c:\program files (x86)\mcafee\siteadvisor\x64\mcieplg.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar"    ""    ""    ""
+ "McAfee SiteAdvisor"    "SiteAdvisor"    "McAfee, Inc."    "c:\program files (x86)\mcafee\siteadvisor\mcieplg.dll"
+ "Microsoft Live Search Toolbar"    "MSN® Shell Extender"    "Microsoft Corp."    "c:\program files (x86)\msn\toolbar\3.0.0560.0\msneshellx.dll"
"Task Scheduler"    ""    ""    ""
+ "\Apple\AppleSoftwareUpdate"    "Apple Software Update"    "Apple Inc."    "c:\program files (x86)\apple software update\softwareupdate.exe"
+ "\CLMLSvc"    "CyberLink MediaLibray Service"    "CyberLink"    "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\clml\clmlsvc.exe"
+ "\DSite"    ""    ""    "c:\users\anthony\appdata\roaming\dsite\updateproc\updatetask.exe"
+ "\DVDAgent"    "HP DVDSmart Resident Program"    "CyberLink Corp."    "c:\program files (x86)\hewlett-packard\media\dvd\dvdagent.exe"
+ "\ExtendedServicePlan"    "ESAdvRemIntegrator"    ""    "c:\program files (x86)\hewlett-packard\hp tcs\remengine.exe"
+ "\HPCeeScheduleForAnthony"    "CEEment"    "Hewlett-Packard"    "c:\program files (x86)\hewlett-packard\sdp\ceement\hpcee.exe"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo"    ""    ""    "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary"    "Windows Media Player Network Sharing Service Configuration Application"    "Microsoft Corporation"    "c:\program files\windows media player\wmpnscfg.exe"
+ "\RecoveryCDWin7"    "ESAdvRemIntegrator"    ""    "c:\program files (x86)\hewlett-packard\hp tcs\remengine.exe"
+ "\ServicePlan"    "ESAdvRemIntegrator"    ""    "c:\program files (x86)\hewlett-packard\hp tcs\remengine.exe"
"HKLM\System\CurrentControlSet\Services"    ""    ""    ""
+ "AERTFilters"    "Andrea Service"    "Andrea Electronics Corporation"    "c:\program files\realtek\audio\hda\aertsr64.exe"
+ "AMD External Events Utility"    "AMD External Events Service Module"    "AMD"    "c:\windows\system32\atiesrxx.exe"
+ "AnySendService"    "AnySend Sender Service"    ""    "c:\program files (x86)\anysend\anysendsvc.exe"
+ "Apple Mobile Device"    "Provides the interface to Apple mobile devices."    "Apple Inc."    "c:\program files (x86)\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "Bonjour Service"    "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence."    "Apple Inc."    "c:\program files\bonjour\mdnsresponder.exe"
+ "GameConsoleService"    "GameConsole management services"    "WildTangent, Inc."    "c:\program files (x86)\hp games\hp game console\gameconsoleservice.exe"
+ "gupdate"    "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it."    "Google Inc."    "c:\program files (x86)\google\update\googleupdate.exe"
+ "gupdatem"    "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it."    "Google Inc."    "c:\program files (x86)\google\update\googleupdate.exe"
+ "HP Health Check Service"    "HP Health Check Service"    "Hewlett-Packard"    "c:\program files (x86)\hewlett-packard\hp health check\hphc_service.exe"
+ "hpqwmiex"    "hpqwmiex Module"    "Hewlett-Packard Development Company, L.P."    "c:\program files (x86)\hewlett-packard\shared\hpqwmiex.exe"
+ "iPod Service"    "iPod hardware management services"    "Apple Inc."    "c:\program files\ipod\bin\ipodservice.exe"
+ "LightScribeService"    "Used by the LightScribe software components to support 3rd party disc labeling applications using the LightScribe COM Application Programming Interface (LSCAPI). This service needs to run for LightScribe direct disc labeling to work."    "Hewlett-Packard Company"    "c:\program files (x86)\common files\lightscribe\lssrvc.exe"
+ "MBAMScheduler"    "Malwarebytes Anti-Malware scheduler"    "Malwarebytes Corporation"    "c:\program files (x86)\malwarebytes' anti-malware\mbamscheduler.exe"
+ "MBAMService"    "Malwarebytes Anti-Malware service"    "Malwarebytes Corporation"    "c:\program files (x86)\malwarebytes' anti-malware\mbamservice.exe"
+ "McAfee SiteAdvisor Service"    "McAfee SiteAdvisor Service"    "McAfee, Inc."    "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McAWFwk"    "McAfee Activation Service"    "McAfee, Inc."    "c:\program files\mcafee\msc\mcawfwk.exe"
+ "McMPFSvc"    "Helps protect your computer from intrusion and let's you manage your computer's trusted programs."    "McAfee, Inc."    "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "mcmscsvc"    "McAfee Services"    "McAfee, Inc."    "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McNaiAnn"    "McAfee VirusScan Announcer"    "McAfee, Inc."    "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McNASvc"    "McAfee Network Agent"    "McAfee, Inc."    "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McODS"    "McAfee Scanner"    "McAfee, Inc."    "c:\program files\mcafee\virusscan\mcods.exe"
+ "McProxy"    "McAfee Proxy Service"    "McAfee, Inc."    "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McShield"    "McAfee OnAccess Scanner"    "McAfee, Inc."    "c:\program files\common files\mcafee\systemcore\mcshield.exe"
+ "mfefire"    "Provides firewall services to McAfee products"    "McAfee, Inc."    "c:\program files\common files\mcafee\systemcore\mfefire.exe"
+ "mfevtp"    "Provides validation trust protection services"    "McAfee, Inc."    "c:\windows\system32\mfevtps.exe"
+ "WinDefend"    "Protection against spyware and potentially unwanted software"    "Microsoft Corporation"    "c:\program files\windows defender\mpsvc.dll"
+ "WMPNetworkSvc"    "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play"    "Microsoft Corporation"    "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services"    ""    ""    ""
+ "adp94xx"    "Adaptec Windows SAS/SATA Storport Driver"    "Adaptec, Inc."    "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci"    "Adaptec Windows SATA Storport Driver"    "Adaptec, Inc."    "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320"    "Adaptec StorPort Ultra320 SCSI Driver (X64)"    "Adaptec, Inc."    "c:\windows\system32\drivers\adpu320.sys"
+ "aliide"    "ALi mini IDE Driver"    "Acer Laboratories Inc."    "c:\windows\system32\drivers\aliide.sys"
+ "amdsata"    "AHCI 1.2 Device Driver"    "Advanced Micro Devices"    "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs"    "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform"    "AMD Technologies Inc."    "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata"    "Stor Filter Driver"    "Advanced Micro Devices"    "c:\windows\system32\drivers\amdxata.sys"
+ "arc"    "Adaptec RAID Storport Driver"    "Adaptec, Inc."    "c:\windows\system32\drivers\arc.sys"
+ "arcsas"    "Adaptec SAS RAID WS03 Driver"    "Adaptec, Inc."    "c:\windows\system32\drivers\arcsas.sys"
+ "athr"    "Atheros Extensible Wireless LAN device driver"    "Atheros Communications, Inc."    "c:\windows\system32\drivers\athrx.sys"
+ "atikmdag"    "ATI Radeon Kernel Mode Driver"    "ATI Technologies Inc."    "c:\windows\system32\drivers\atikmdag.sys"
+ "AtiPcie"    "AMD PCIE Filter Driver for ATI PCIE chipset"    "Advanced Micro Devices Inc."    "c:\windows\system32\drivers\atipcie.sys"
+ "b06bdrv"    "Broadcom NetXtreme II GigE VBD"    "Broadcom Corporation"    "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a"    "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver."    "Broadcom Corporation"    "c:\windows\system32\drivers\b57nd60a.sys"
+ "BrFiltLo"    "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver"    "Brother Industries, Ltd."    "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp"    "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver"    "Brother Industries, Ltd."    "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid"    "Brotehr Serial I/F Driver (WDM)"    "Brother Industries Ltd."    "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm"    "Brother Serial driver (WDM version)"    "Brother Industries Ltd."    "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm"    "Brother USB MDM Driver "    "Brother Industries Ltd."    "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer"    "Brother USB Serial Driver"    "Brother Industries Ltd."    "c:\windows\system32\drivers\brusbser.sys"
+ "cfwids"    "McAfee Personal Firewall IDS Plugin"    "McAfee, Inc."    "c:\windows\system32\drivers\cfwids.sys"
+ "cmdide"    "CMD PCI IDE Bus Driver"    "CMD Technology, Inc."    "c:\windows\system32\drivers\cmdide.sys"
+ "ebdrv"    "Broadcom NetXtreme II 10 GigE VBD"    "Broadcom Corporation"    "c:\windows\system32\drivers\evbda.sys"
+ "elxstor"    "Storport Miniport Driver for LightPulse HBAs"    "Emulex"    "c:\windows\system32\drivers\elxstor.sys"
+ "GEARAspiWDM"    "CD DVD Filter"    "GEAR Software Inc."    "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "hcw85cir"    "Hauppauge WinTV 885 Consumer IR Driver for eHome"    "Hauppauge Computer Works, Inc."    "c:\windows\system32\drivers\hcw85cir.sys"
+ "HipShieldK"    "McAfee HIP IPS Driver"    "McAfee, Inc."    "c:\windows\system32\drivers\hipshieldk.sys"
+ "HpSAMD"    "Smart Array SAS/SATA Controller Media Driver"    "Hewlett-Packard Company"    "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStorV"    "Intel Matrix Storage Manager driver - x64"    "Intel Corporation"    "c:\windows\system32\drivers\iastorv.sys"
+ "iirsp"    "Intel/ICP Raid Storport Driver"    "Intel Corp./ICP vortex GmbH"    "c:\windows\system32\drivers\iirsp.sys"
+ "IntcAzAudAddService"    "Realtek® High Definition Audio Function Driver"    "Realtek Semiconductor Corp."    "c:\windows\system32\drivers\rtkvhd64.sys"
+ "JMCR"    "JMicron JMB38X Flash Media Controller Driver"    "JMicron Technology Corporation"    "c:\windows\system32\drivers\jmcr.sys"
+ "LSI_FC"    "LSI Fusion-MPT FC Driver (StorPort)"    "LSI Corporation"    "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS"    "LSI Fusion-MPT SAS Driver (StorPort)"    "LSI Corporation"    "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2"    "LSI SAS Gen2 Driver (StorPort)"    "LSI Corporation"    "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI"    "LSI Fusion-MPT SCSI Driver (StorPort)"    "LSI Corporation"    "c:\windows\system32\drivers\lsi_scsi.sys"
+ "MBAMProtector"    "Malwarebytes Anti-Malware"    "Malwarebytes Corporation"    "c:\windows\system32\drivers\mbam.sys"
+ "megasas"    "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64"    "LSI Corporation"    "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR"    "LSI MegaRAID Software RAID Driver"    "LSI Corporation, Inc."    "c:\windows\system32\drivers\megasr.sys"
+ "mfeapfk"    "Access Protection Filter Driver"    "McAfee, Inc."    "c:\windows\system32\drivers\mfeapfk.sys"
+ "mfeavfk"    "Anti-Virus File System Filter Driver"    "McAfee, Inc."    "c:\windows\system32\drivers\mfeavfk.sys"
+ "mfeavfk01"    ""    ""    "File not found: C:\Windows\System32\Drivers\mfeavfk01.sys"
+ "mfefirek"    "McAfee Core Firewall Engine Driver"    "McAfee, Inc."    "c:\windows\system32\drivers\mfefirek.sys"
+ "mfehidk"    "McAfee Link Driver"    "McAfee, Inc."    "c:\windows\system32\drivers\mfehidk.sys"
+ "mfehidk02"    ""    ""    "File not found: \Device\mfehidk02.sys"
+ "mferkdet"    "McAfee Code Analysis Driver"    "McAfee, Inc."    "c:\windows\system32\drivers\mferkdet.sys"
+ "mfewfpk"    "Anti-Virus Mini-Firewall Driver"    "McAfee, Inc."    "c:\windows\system32\drivers\mfewfpk.sys"
+ "nfrd960"    "IBM ServeRAID Controller Driver"    "IBM Corporation"    "c:\windows\system32\drivers\nfrd960.sys"
+ "nvraid"    "NVIDIA® nForce™ RAID Driver"    "NVIDIA Corporation"    "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor"    "NVIDIA® nForce™ Sata Performance Driver"    "NVIDIA Corporation"    "c:\windows\system32\drivers\nvstor.sys"
+ "ql2300"    "QLogic Fibre Channel Stor Miniport Driver"    "QLogic Corporation"    "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx"    "QLogic iSCSI Storport Miniport Driver"    "QLogic Corporation"    "c:\windows\system32\drivers\ql40xx.sys"
+ "RTL8167"    "Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver                "    "Realtek                                            "    "c:\windows\system32\drivers\rt64win7.sys"
+ "secdrv"    "Macrovision SECURITY Driver"    "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K."    "c:\windows\system32\drivers\secdrv.sys"
+ "SiSRaid2"    "SiS RAID Stor Miniport Driver"    "Silicon Integrated Systems Corp."    "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4"    "SiS AHCI Stor-Miniport Driver"    "Silicon Integrated Systems"    "c:\windows\system32\drivers\sisraid4.sys"
+ "stexstor"    "Promise  SuperTrak EX Series Driver for Windows "    "Promise Technology"    "c:\windows\system32\drivers\stexstor.sys"
+ "usbfilter"    "AMD USB Filter Driver"    "Advanced Micro Devices"    "c:\windows\system32\drivers\usbfilter.sys"
+ "viaide"    "VIA Generic PCI IDE Bus Driver"    "VIA Technologies, Inc."    "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid"    "VIA RAID DRIVER FOR AMD-X86-64"    "VIA Technologies Inc.,Ltd"    "c:\windows\system32\drivers\vsmraid.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32"    ""    ""    ""
+ "msacm.l3acm"    "MPEG Layer-3 Audio Codec for MSACM"    "Fraunhofer Institut Integrierte Schaltungen IIS"    "c:\windows\system32\l3codeca.acm"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32"    ""    ""    ""
+ "msacm.l3acm"    "MPEG Layer-3 Audio Codec for MSACM"    "Fraunhofer Institut Integrierte Schaltungen IIS"    "c:\windows\syswow64\l3codeca.acm"
+ "msacm.l3codecp"    "MPEG Audio Layer-3 Codec for MSACM"    "Fraunhofer Institut Integrierte Schaltungen IIS"    "c:\windows\syswow64\l3codecp.acm"
+ "vidc.cvid"    "Cinepak® Codec"    "Radius Inc."    "c:\windows\syswow64\iccvid.dll"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance"    ""    ""    ""
+ "CL Dvb Subtitle Decoder"    "CLDvbSub"    "CyberLink_DE"    "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmrdvbsub.ax"
+ "CL_EVRWindow"    "CLEvr"    "CyberLink Corp."    "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmrevr.dll"
+ "CyberLink Audio Decoder (HP)"    "CyberLink Audio Decoder Filter"    "CyberLink Corp."    "c:\program files (x86)\hewlett-packard\media\dvd\kernel\movie\claud.ax"
+ "CyberLink Audio Decoder (HP)"    "CyberLink Audio Decoder Filter"    "CyberLink Corp."    "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\video\claud.ax"
+ "CyberLink Audio Effect"    "CyberLink Audio Effect Filter"    "CyberLink Corporation"    "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmraudfx.ax"
+ "CyberLink Audio Effect (HP)"    "CyberLink Audio Effect Filter"    "CyberLink Corporation"    "c:\program files (x86)\hewlett-packard\media\dvd\kernel\movie\claudfx.ax"
+ "CyberLink Audio Noise Reduction"    "CLAuNR"    "CyberLink Corp."    "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmraunrwrapper.ax"
+ "CyberLink Audio Noise Reduction"    "CLAuNR"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\power2go\p2gaunrwrapper.ax"
+ "CyberLink Audio Resampler"    "CLAuRsmpl.ax"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\power2go\p2gaursmpl.ax"
+ "CyberLink Audio Spectrum Analyzer (HP)"    "CLAudSpa.ax"    "CyberLink Corp."    "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\video\claudspa.ax"
+ "CyberLink Audio VolumeBooster"    "CyberLink Audio Volume Booster Filter"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\power2go\p2gvb.ax"
+ "CyberLink AudioCD Filter"    "CyberLink AudioCD Filter"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\power2go\p2gaudiocd.ax"
+ "CyberLink AudioCD Filter (HP)"    "CyberLink AudioCD Filter"    "CyberLink Corp."    "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\video\claudiocd.ax"
+ "CyberLink Demultiplexer"    "MPEG-2 Dempltiplexer"    "CyberLink Corp."    "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmrdemuxer.ax"
+ "CyberLink Demultiplexer (HP)"    "MPEG-2 Dempltiplexer"    "CyberLink Corp."    "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\video\cldemuxer.ax"
+ "Cyberlink Dump Dispatch Filter"    "Cyberlink File Dump Dispatch Filter"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\power2go\p2gdumpdispatch.ax"
+ "Cyberlink Dump Filter"    "Cyberlink File Dump Filter"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\power2go\p2gdump.ax"
+ "CyberLink DVD Navigator (HP)"    "CyberLink DVD Navigation Filter"    "CyberLink Corp."    "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\video\clnavx.ax"
+ "CyberLink DVD Navigator (HP)"    "CyberLink DVD Navigation Filter"    "CyberLink Corp."    "c:\program files (x86)\hewlett-packard\media\dvd\kernel\movie\clnavx.ax"
+ "CyberLink Editing Service 3.0 (Source)"    "CES Kernel"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\power2go\p2gedtkrn.dll"
+ "CyberLink EPG Decoder"    "EPGDec"    "CyberLink Corp."    "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmrepgdec.ax"
+ "CyberLink File Map Sink"    "CyberLink File Map Sink"    "Cyberlink Corporation."    "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmrfmsnk.ax"
+ "CyberLink File Map Source"    "CyberLink File Map Source"    "CyberLink File Map Source"    "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmrfmsrc.ax"
+ "Cyberlink File Reader (Async.)"    "Cyberlink MPEG File Reader"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\power2go\p2greader.ax"
+ "CyberLink Line21 Decoder Filter (HP)"    "CyberLink Line21 Decoder Filter"    "CyberLink Corp."    "c:\program files (x86)\hewlett-packard\media\dvd\kernel\movie\clline21.ax"
+ "CyberLink Line21 Decoder Filter (HP)"    "CyberLink Line21 Decoder Filter"    "CyberLink Corp."    "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\video\clline21.ax"
+ "CyberLink Load Image Filter"    "CLImage"    "CyberLink"    "c:\program files (x86)\cyberlink\shared files\climage.ax"
+ "CyberLink M2V Writer"    "CLM2VWriter"    "CyberLink"    "c:\program files (x86)\cyberlink\power2go\p2gm2vwriter.ax"
+ "CyberLink MP3 Wrapper-PCM"    "CyberLink MP3 Wrapper"    "CyberLink Corp."    "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmrmp3wrap.ax"
+ "CyberLink MP3/WAV Wrapper"    "CyberLink MP3 Wrapper"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\power2go\p2gmp3wrap.ax"
+ "CyberLink MPEG Decoder"    "CyberLink Video/SP Filter"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\power2go\p2gmvd.ax"
+ "CyberLink MPEG Muxer"    "MpgMux"    "CyberLink"    "c:\program files (x86)\cyberlink\power2go\p2gmpgmux.ax"
+ "CyberLink MPEG Splitter"    "CyberLink MPEG Splitter"    "CyberLink Corp."    "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\video\clsplter.ax"
+ "CyberLink MPEG Video Encoder"    "CyberLink MPEG Video Encoder                               "    "CyberLink Corp.                                            "    "c:\program files (x86)\cyberlink\power2go\p2gvidenc.ax"
+ "CyberLink MPEG Video Encoder"    "CyberLink MPEG Video Encoder                               "    "CyberLink Corp.                                            "    "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmrmpgvenc.ax"
+ "CyberLink MPEG-1 Splitter"    "CyberLink MPEG Splitter"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\power2go\p2gm1spliter.ax"
+ "CyberLink MPEG-2 Splitter"    "CyberLink MPEG Splitter"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\power2go\p2gm2spliter.ax"
+ "CyberLink MPEGV Analyzer"    "CLMPEGAnalysis"    "CyberLink"    "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmrmpegvanalyzer.ax"
+ "CyberLink PCM Wrapper"    "CyberLink PCM Wrapper"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\power2go\p2gpcmenc.ax"
+ "CyberLink Pipe Switch"    "CyberLink Pipe Switch"    "CyberLink Corp."    "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmrpipswch.ax"
+ "CyberLink PTS Regulator"    "CyberLink PTS Regulator "    "CyberLink Corp."    "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmptsreg.ax"
+ "CyberLink SBE Filter"    "CLSBE"    "CyberLink"    "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmrsbe.ax"
+ "CyberLink SBE Source Filter"    "CLSBESrc"    "CyberLink"    "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmrsbesrc.ax"
+ "Cyberlink SubTitle Importor (HP)"    "CLSubTitle.ax"    "CyberLink Corp."    "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\video\clsubtitle.ax"
+ "Cyberlink SubTitle(HP)"    "CLSubTitle.ax"    "CyberLink Corp."    "c:\program files (x86)\hewlett-packard\media\dvd\kernel\movie\clsubtitle.ax"
+ "CyberLink Teletext Decoder Filter"    "Teletext Renderer Filter"    "CyberLink Corp."    "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmrttxdec.ax"
+ "CyberLink TimeStretch Filter"    "CLAuTS.ax"    "CyberLink Corp."    "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmrauts.ax"
+ "CyberLink TimeStretch Filter (CES)"    "CLAuTS.ax"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\power2go\p2gauts.ax"
+ "CyberLink TimeStretch Filter (HP)"    "CLAuTS.ax"    "CyberLink Corp."    "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\video\clauts.ax"
+ "CyberLink TimeStretch Filter (HP)"    "CLAuTS.ax"    "CyberLink Corp."    "c:\program files (x86)\hewlett-packard\media\dvd\kernel\movie\clauts.ax"
+ "CyberLink TL MPEG Splitter"    "CyberLink MPEG Splitter"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\power2go\p2gtlmsplter.ax"
+ "Cyberlink Track Filter"    "Cyberlink Track Filter"    "CyberLink Corp."    "c:\program files (x86)\hewlett-packard\media\webcam\yctrack.ax"
+ "Cyberlink TS Filter Filter"    "TSFF"    "Cyberlink"    "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmrtsff.ax"
+ "Cyberlink TS Information"    "CLTSInfo"    "Cyberlink"    "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmrtsinfo.ax"
+ "CyberLink Tzan Filter (HP)"    "Cyberlink Tzan Filter"    "CyberLink Corp."    "c:\program files (x86)\hewlett-packard\media\dvd\kernel\movie\cltzan.ax"
+ "CyberLink Video Effect"    "CLVidFx"    "CyberLink"    "c:\program files (x86)\cyberlink\power2go\p2gvidfx.ax"
+ "CyberLink Video Effect (HP)"    "CLVidFx"    "CyberLink"    "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\video\clvidfx.ax"
+ "CyberLink Video Effect (HP)"    "CLVidFx"    "CyberLink"    "c:\program files (x86)\hewlett-packard\media\dvd\kernel\movie\clvidfx.ax"
+ "CyberLink Video Regulator"    "CLRGL"    "Cyberlink"    "c:\program files (x86)\cyberlink\power2go\p2grgl.ax"
+ "CyberLink Video Regulator"    "Video Regulator"    "Cyberlink"    "c:\program files (x86)\hewlett-packard\media\webcam\ycrgl.ax"
+ "CyberLink Video Stabilizer"    "CLVideoDeShaking"    "CyberLink"    "c:\program files (x86)\cyberlink\power2go\p2gvideostabilizer.ax"
+ "CyberLink Video/SP Decoder (HP)"    "CyberLink Video/SP Filter"    "CyberLink Corp."    "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\video\clvsd.ax"
+ "CyberLink Video/SP Decoder (HP)"    "CyberLink Video/SP Filter"    "CyberLink Corp."    "c:\program files (x86)\hewlett-packard\media\dvd\kernel\movie\clvsd.ax"
+ "CyberLink Volume Meter"    "CLVolumeMeter"    "CyberLink Corp."    "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\hpvolumemeter.ax"
+ "CyberLink WebCamera NULL Render"    "CLWEBCAMERARENDER"    "CyberLink"    "c:\program files (x86)\hewlett-packard\media\webcam\ycwebcamerarender.ax"
+ "CyberLink WMV Dumper"    "CLWMVDump Dynamic Link Library"    ""    "c:\program files (x86)\hewlett-packard\media\webcam\ycwmvdump.ax"
+ "CyberLink WMV Dumper(HP)"    "CLWMVDum Dynamic Link Library"    ""    "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmwmvdump.ax"
+ "MSDVD Audio Wizard (HP)"    "CyberLink Audio Wizard Filter"    "CyberLink Corp."    "c:\program files (x86)\hewlett-packard\media\dvd\kernel\movie\claudwizard.ax"
+ "P2G Audio Decoder"    "CyberLink Audio Decoder Filter"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\power2go\p2gaud.ax"
+ "P2G Audio Encoder"    "CyberLink Audio Encoder Filter"    "Cyberlink Corp."    "c:\program files (x86)\cyberlink\power2go\p2gaudenc.ax"
+ "P2G Video Decoder"    "CyberLink Video/SP Filter"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\power2go\p2gvsd.ax"
+ "P2G Video Regulator"    "CyberLink Video Regulator"    "CyberLink"    "c:\program files (x86)\cyberlink\power2go\p2gresample.ax"
+ "PCM Audio Decoder"    "CyberLink Audio Decoder Filter"    "CyberLink Corp."    "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmraud.ax"
+ "PCM Audio Encoder"    "CyberLink Audio Encoder Filter"    "Cyberlink Corp."    "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmraudenc.ax"
+ "PCM Audio Resampler"    "CLAuRsmpl.ax"    "CyberLink Corp."    "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmraursmpl.ax"
+ "PCM Dump Filter"    "Cyberlink File Dump Filter"    "CyberLink Corp."    "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmrdump.ax"
+ "PCM MPEG Muxer"    "MpgMux"    "CyberLink"    "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmrmpgmux.ax"
+ "PCM MPEG Video Encoder"    "CyberLink MPEG Video Encoder                               "    "CyberLink Corp.                                            "    "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmrmpgvenc2.ax"
+ "PCM MPEG-2 Splitter"    "CyberLink MPEG Splitter"    "CyberLink Corp."    "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmrm2splter.ax"
+ "PCM RTP Source Filter"    "RTP Source Filter"    "CyberLink Corp."    "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmrrtpsrc.ax"
+ "PCM SnapShotTIP Filter"    "CLSShot"    "CyberLink"    "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmrsshot.ax"
+ "PCM Video Effect"    "CLVidFx"    "CyberLink"    "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmrvidfx.ax"
+ "PCM Video Regulator"    "CyberLink Video Regulator"    "CyberLink"    "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmrresample.ax"
+ "PCM Video/SP Decoder"    "CyberLink Video/SP Filter"    "CyberLink Corp."    "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmrvsd.ax"
+ "Time Regulator"    "TimeRegulator"    "cyberlink"    "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmravi_audtr.ax"
+ "YC_EVRWindow"    "CLEvr"    "CyberLink Corp."    "c:\program files (x86)\hewlett-packard\media\webcam\ycevr.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries"    ""    ""    ""
+ "mdnsNSP"    "Bonjour Namespace Provider"    "Apple Inc."    "c:\program files (x86)\bonjour\mdnsnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64"    ""    ""    ""
+ "mdnsNSP"    "Bonjour Namespace Provider"    "Apple Inc."    "c:\program files\bonjour\mdnsnsp.dll"


#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:23 AM

Posted 03 March 2013 - 06:36 PM

Disable your antivirus and download junkware tool.

 

Please run malwarebytes again and post the clean log.



#10 Grid

Grid
  • Topic Starter

  • Validating
  • 71 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:23 PM

Posted 03 March 2013 - 07:27 PM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.6.6 (02.27.2013:1)
OS: Windows 7 Home Premium x64
Ran by Anthony on Sun 03/03/2013 at 13:45:40.06
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
Successfully repaired: [Registry Value] hkey_current_user\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\.default\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\s-1-5-18\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\s-1-5-19\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\s-1-5-20\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\S-1-5-21-2544779957-2373522371-3570960602-1001\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\main\\Start Page
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] hkey_current_user\software\sweetim
Successfully deleted: [Registry Key] hkey_local_machine\software\sweetim
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"
 
 
 
~~~ Chrome
 
Successfully deleted: [Registry Key] hkey_local_machine\software\policies\google\chrome\extensioninstallforcelist
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 03/03/2013 at 14:08:41.95
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
 
Malwarebytes Anti-Malware (Trial) 1.70.0.1100
www.malwarebytes.org
 
Database version: v2013.03.03.03
 
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Anthony :: ANTHONY-PC [administrator]
 
Protection: Enabled
 
3/3/2013 2:16:38 PM
mbam-log-2013-03-03 (14-16-38).txt
 
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 202607
Time elapsed: 5 minute(s), 22 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 0
(No malicious items detected)
 
(end)
 


#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:23 AM

Posted 03 March 2013 - 07:43 PM

That looks good

Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

XP- http://support.microsoft.com/kb/310405

Vista & windows 7- http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing :)



#12 Grid

Grid
  • Topic Starter

  • Validating
  • 71 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:23 PM

Posted 03 March 2013 - 08:59 PM

  Thank you very, very much BC.  I really appreciate it!   :thumbup2:



#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:23 AM

Posted 03 March 2013 - 09:20 PM

:welcome:



#14 altesol

altesol

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:01:23 AM

Posted 09 April 2013 - 11:05 PM

I tried most of the items here and no luck. TDSS, malwarebytes etc. I finally just opened the registry editor and did a search for Search Results, LLC and found the uninstall path, see below. I ran it and the program appears to be gone and I have not had any further issues with it. If it returns I will update my post.

 

Here is the string: "C:\Users\{user}\AppData\Roaming\DefaultTab\DefaultTab\uninstalldt.exe"



#15 piecyque

piecyque

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:09:23 AM

Posted 07 May 2013 - 10:00 AM

I proceeded the instructions above till the Farbar's Service Cleaner and AdwCleaner AND the problem disappeared only at this point, so perhaps one of these two programs are the best solution to this annoying guy ;)






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users